Virus Null
Résolu
ps3fan4ever
Messages postés
14
Date d'inscription
Statut
Membre
Dernière intervention
-
juju666 Messages postés 35446 Date d'inscription Statut Contributeur sécurité Dernière intervention -
juju666 Messages postés 35446 Date d'inscription Statut Contributeur sécurité Dernière intervention -
Bonjour,
J'ai un vaio de sony fonctionnant sous win7 et je crois être infecté par un virus appelé Null. Mon ordinateur est devenu très lent et lorsque je lance le gestionnaire de tache, un programme appelé Null fonctionne en arrière plan. Mon anti-virus (microsoft security enssential) ne le trouve pas. Que faire?( je voudrais une solution gratuite de préférence sans pour autant perdre mes donnés sur mon ordinateur).
J'ai un vaio de sony fonctionnant sous win7 et je crois être infecté par un virus appelé Null. Mon ordinateur est devenu très lent et lorsque je lance le gestionnaire de tache, un programme appelé Null fonctionne en arrière plan. Mon anti-virus (microsoft security enssential) ne le trouve pas. Que faire?( je voudrais une solution gratuite de préférence sans pour autant perdre mes donnés sur mon ordinateur).
A voir également:
- Virus Null
- Virus mcafee - Accueil - Piratage
- Virus facebook demande d'amis - Accueil - Facebook
- Undisclosed-recipients virus - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Altruistic virus ✓ - Forum Antivirus
22 réponses
Bonjour,
Il est "Null" ton antivirus ;o
Faire un scan OTL pour diagnostiquer les programmes qui tournent et déceler des infections :
▶ Télécharge ici :OTL
▶ Fais un double clic sur l'icône pour le lancer (clic droit executer en tant qu'administrateur sous Vista, Windows 7 ou Windows 8). Vérifier que toutes les autres fenêtres sont fermées afin qu'il s'exécute sans interruption. Dans le cas d'Avast!, ne pas lancer le programme dans la Sandbox
▶ Quand la fenêtre apparaît, sous Rapport en haut à droite, coche "Rapport minimal", ainsi que "Tous les utilisateurs"
Sous Registre: standard coche Tous.
Coche les cases à coté de Recherche Lop et Recherche Purity.
▶ Copie et colle le contenu de ce qui suit en gras dans la partie inférieure d'OTL "Personnalisation"
msconfig
netsvcs
/md5start
explorer.exe
winlogon.exe
userinit.exe
svchost.exe
services.exe
winsock.*
/md5stop
%temp%\*.exe /s
%ALLUSERSPROFILE%\Application Data\*.exe /s
%ALLUSERSPROFILE%\Application Data\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.*
BASESERVICES
CREATERESTOREPOINT
SAVEMBR:0
▶ Clic sur Analyse.
A la fin du scan, 2 Bloc-Notes vont s'ouvrir avec les rapports (OTL.txt et extras.txt).
NE PAS COPIER/COLLER LE RAPPORT ICI - LIRE JUSQU'AU BOUT
Ces fichiers se trouvent à côté de l'exécutable OTL.exe
héberge OTL.txt et extra.txt sur FEC Upload et donne les liens obtenus en échange
NE PAS COPIER/COLLER LE LIEN DE SUPPRESSION, CONSERVE-LE SI TU DESIRE ENSUITE SUPPRIMER LES RAPPORTS DE LA BASE DE DONNEES FEC
A+
Il est "Null" ton antivirus ;o
Faire un scan OTL pour diagnostiquer les programmes qui tournent et déceler des infections :
▶ Télécharge ici :OTL
▶ Fais un double clic sur l'icône pour le lancer (clic droit executer en tant qu'administrateur sous Vista, Windows 7 ou Windows 8). Vérifier que toutes les autres fenêtres sont fermées afin qu'il s'exécute sans interruption. Dans le cas d'Avast!, ne pas lancer le programme dans la Sandbox
▶ Quand la fenêtre apparaît, sous Rapport en haut à droite, coche "Rapport minimal", ainsi que "Tous les utilisateurs"
Sous Registre: standard coche Tous.
Coche les cases à coté de Recherche Lop et Recherche Purity.
▶ Copie et colle le contenu de ce qui suit en gras dans la partie inférieure d'OTL "Personnalisation"
msconfig
netsvcs
/md5start
explorer.exe
winlogon.exe
userinit.exe
svchost.exe
services.exe
winsock.*
/md5stop
%temp%\*.exe /s
%ALLUSERSPROFILE%\Application Data\*.exe /s
%ALLUSERSPROFILE%\Application Data\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.*
BASESERVICES
CREATERESTOREPOINT
SAVEMBR:0
▶ Clic sur Analyse.
A la fin du scan, 2 Bloc-Notes vont s'ouvrir avec les rapports (OTL.txt et extras.txt).
NE PAS COPIER/COLLER LE RAPPORT ICI - LIRE JUSQU'AU BOUT
Ces fichiers se trouvent à côté de l'exécutable OTL.exe
héberge OTL.txt et extra.txt sur FEC Upload et donne les liens obtenus en échange
NE PAS COPIER/COLLER LE LIEN DE SUPPRESSION, CONSERVE-LE SI TU DESIRE ENSUITE SUPPRIMER LES RAPPORTS DE LA BASE DE DONNEES FEC
A+
Ici scan extras : https://forums-fec.be/upload/www/?a=d&i=0140859800
Ici scan OTL : https://forums-fec.be/upload/www/?a=d&i=7987974712
PS: ''Null'' se lance lorsque je lance DOFUS et au démarage de l'ordinateuré.
Ici scan OTL : https://forums-fec.be/upload/www/?a=d&i=7987974712
PS: ''Null'' se lance lorsque je lance DOFUS et au démarage de l'ordinateuré.
Salut,
Il est tout moisis le PC !!
Les enfants ont une session admin ? Faudrait leur laisser une session limité parce que là .... :/
▶ Télécharge SystemLook sur ton Bureau.
▶ Si tu es sur XP : Double-clique sur SystemLook.exe pour le lancer.
▶ Si tu es sous Vista/7 : clic droit => exécuter en tant qu'administrateur sur SystemLook.exe pour le lancer.
▶ Copie-colle le texte en gras ci-dessous dans la zone texte de SystemLook :
:dir
C:\Windows\AxInstSV /S /MD5
▶ Clique sur le bouton Look pour démarrer l'examen.
▶ A la fin, le Bloc-notes s'ouvre avec le résultat de l'analyse. Copie-colle le rapport dans ta prochaine réponse.
Note : Le rapport peut aussi être trouvé sur ton Bureau sous le nom SystemLook.txt
====================================================
ensuite :
ATTENTION !!! : Script personnalisé pour cette machine uniquement , ne pas reproduire !!
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur OTL.exe pour le lancer.
▶Copie la liste qui se trouve en gras ci-dessous et colle-la dans la zone sous "Personnalisation" :
:OTL
SRV - (Web Assistant Updater) -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe ()
IE - HKU\.DEFAULT\..\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}: "URL" = http://www.basicscan.com/?prt=BASICSCAN115&keywords={searchTerms}
IE - HKU\S-1-5-18\..\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}: "URL" = http://www.basicscan.com/?prt=BASICSCAN115&keywords={searchTerms}
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2012/09/23 21:36:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012/09/23 21:36:34 | 000,000,000 | ---D | M]
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension64.dll ()
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll File not found
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll ()
O2 - BHO: (CheckPoints Toolbar BHO) - {AC3D03DA-7CC5-8BD4-C17E-B269D43EDBC5} - C:\Program Files (x86)\CheckPoints Toolbar\Toolbar.dll ()
O3 - HKLM\..\Toolbar: (CheckPoints Toolbar) - {14F5FC04-F6CB-E8C4-990C-58FF1448F475} - C:\Program Files (x86)\CheckPoints Toolbar\Toolbar.dll ()
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll File not found
O3 - HKU\S-1-5-21-2309252362-3260313743-4249410746-1000\..\Toolbar\WebBrowser: (CheckPoints Toolbar) - {14F5FC04-F6CB-E8C4-990C-58FF1448F475} - C:\Program Files (x86)\CheckPoints Toolbar\Toolbar.dll ()
O4 - HKLM\..\Run: [launcher] C:\Users\enfant\AppData\Local\launcher.exe (Microsoft)
O4 - HKLM\..\Run: [updater] C:\Users\enfant\AppData\Local\Temp\updater.exe (Redox)
O4 - HKU\S-1-5-21-2309252362-3260313743-4249410746-1000\..\Run: [launcher] C:\Users\enfant\AppData\Local\launcher.exe (Microsoft)
O4 - HKU\S-1-5-21-2309252362-3260313743-4249410746-1000\..\Run: [updater] C:\Users\enfant\AppData\Local\Temp\updater.exe (Redox)
:Files
C:\Users\enfant\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\launcher.exe (Microsoft)
C:\Users\enfant\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Generate-AlloPass v11.4.1.lnk
C:\Users\enfant\AppData\Local\launcher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\gentra
:Commands
[EMPTYTEMP]
▶ Clique sur "Correction" pour lancer la suppression.
▶ Poste le rapport qui logiquement s'ouvrira tout seul en fin de travail apres le redemarrage.
===================================================
Enfin :
▶ Télécharge sur cette page: AdwCleaner (de Xplode)
▶ Lance-le
clique sur Suppression et patiente le temps du nettoyage.
▶ Poste le contenu du rapport que tu trouveras dans ton disque dur c:\ADwcleaner[Sx].txt ou son contenu s'il s'ouvre.
Bonne soirée, bonne les rapports au fur et à mesure, merci ;)
Si tu as des questions n'hésite pas
A+
Il est tout moisis le PC !!
Les enfants ont une session admin ? Faudrait leur laisser une session limité parce que là .... :/
▶ Télécharge SystemLook sur ton Bureau.
▶ Si tu es sur XP : Double-clique sur SystemLook.exe pour le lancer.
▶ Si tu es sous Vista/7 : clic droit => exécuter en tant qu'administrateur sur SystemLook.exe pour le lancer.
▶ Copie-colle le texte en gras ci-dessous dans la zone texte de SystemLook :
:dir
C:\Windows\AxInstSV /S /MD5
▶ Clique sur le bouton Look pour démarrer l'examen.
▶ A la fin, le Bloc-notes s'ouvre avec le résultat de l'analyse. Copie-colle le rapport dans ta prochaine réponse.
Note : Le rapport peut aussi être trouvé sur ton Bureau sous le nom SystemLook.txt
====================================================
ensuite :
ATTENTION !!! : Script personnalisé pour cette machine uniquement , ne pas reproduire !!
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur OTL.exe pour le lancer.
▶Copie la liste qui se trouve en gras ci-dessous et colle-la dans la zone sous "Personnalisation" :
:OTL
SRV - (Web Assistant Updater) -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe ()
IE - HKU\.DEFAULT\..\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}: "URL" = http://www.basicscan.com/?prt=BASICSCAN115&keywords={searchTerms}
IE - HKU\S-1-5-18\..\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}: "URL" = http://www.basicscan.com/?prt=BASICSCAN115&keywords={searchTerms}
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2012/09/23 21:36:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012/09/23 21:36:34 | 000,000,000 | ---D | M]
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension64.dll ()
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll File not found
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll ()
O2 - BHO: (CheckPoints Toolbar BHO) - {AC3D03DA-7CC5-8BD4-C17E-B269D43EDBC5} - C:\Program Files (x86)\CheckPoints Toolbar\Toolbar.dll ()
O3 - HKLM\..\Toolbar: (CheckPoints Toolbar) - {14F5FC04-F6CB-E8C4-990C-58FF1448F475} - C:\Program Files (x86)\CheckPoints Toolbar\Toolbar.dll ()
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll File not found
O3 - HKU\S-1-5-21-2309252362-3260313743-4249410746-1000\..\Toolbar\WebBrowser: (CheckPoints Toolbar) - {14F5FC04-F6CB-E8C4-990C-58FF1448F475} - C:\Program Files (x86)\CheckPoints Toolbar\Toolbar.dll ()
O4 - HKLM\..\Run: [launcher] C:\Users\enfant\AppData\Local\launcher.exe (Microsoft)
O4 - HKLM\..\Run: [updater] C:\Users\enfant\AppData\Local\Temp\updater.exe (Redox)
O4 - HKU\S-1-5-21-2309252362-3260313743-4249410746-1000\..\Run: [launcher] C:\Users\enfant\AppData\Local\launcher.exe (Microsoft)
O4 - HKU\S-1-5-21-2309252362-3260313743-4249410746-1000\..\Run: [updater] C:\Users\enfant\AppData\Local\Temp\updater.exe (Redox)
:Files
C:\Users\enfant\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\launcher.exe (Microsoft)
C:\Users\enfant\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Generate-AlloPass v11.4.1.lnk
C:\Users\enfant\AppData\Local\launcher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\gentra
:Commands
[EMPTYTEMP]
▶ Clique sur "Correction" pour lancer la suppression.
▶ Poste le rapport qui logiquement s'ouvrira tout seul en fin de travail apres le redemarrage.
===================================================
Enfin :
▶ Télécharge sur cette page: AdwCleaner (de Xplode)
▶ Lance-le
clique sur Suppression et patiente le temps du nettoyage.
▶ Poste le contenu du rapport que tu trouveras dans ton disque dur c:\ADwcleaner[Sx].txt ou son contenu s'il s'ouvre.
Bonne soirée, bonne les rapports au fur et à mesure, merci ;)
Si tu as des questions n'hésite pas
A+
Je n'ai qu'une seul session qui s'appelle enfants.
Scan SystemLook:
SystemLook 30.07.11 by jpshortstuff
Log created at 16:29 on 08/04/2013 by enfant
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.
========== dir ==========
C:\Windows\AxInstSV - Parameters: "/S /MD5 "
---Files---
None found.
No folders found.
-= EOF =-
Scan de adwcleaner:
# AdwCleaner v2.200 - Logfile created 04/08/2013 at 16:50:53
# Updated 02/04/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : enfant - ENFANT-VAIO
# Boot Mode : Normal
# Running from : C:\Users\enfant\Desktop\adwcleaner.exe
# Option [Delete]
***** [Services] *****
Stopped & Deleted : Web Assistant Updater
***** [Files / Folders] *****
File Deleted : C:\END
File Deleted : C:\user.js
Folder Deleted : C:\Program Files (x86)\BasicScan
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files\Web Assistant
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Users\enfant\AppData\Local\Conduit
Folder Deleted : C:\Users\enfant\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\enfant\AppData\LocalLow\Claro LTD
Folder Deleted : C:\Users\enfant\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\enfant\AppData\Roaming\Babylon
Folder Deleted : C:\Users\enfant\AppData\Roaming\Media Finder
Folder Deleted : C:\Users\enfant\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Deleted : C:\Users\enfant\AppData\Roaming\OpenCandy
***** [Registry] *****
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\MediaFinder
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100363.FCTB000100363Pos
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100363.FCTB000100363Pos.1
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100363.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100363.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100363.JSOptionsImpl
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100363.JSOptionsImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1
Key Deleted : HKLM\SOFTWARE\Classes\MF
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3131886
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Key Deleted : HKLM\Software\Web Assistant
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\FCTB000100363
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Key Deleted : HKLM\SOFTWARE\Web Assistant
Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Media Finder]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16470
[OK] Registry is clean.
*************************
AdwCleaner[S1].txt - [11791 octets] - [08/04/2013 16:50:53]
########## EOF - C:\AdwCleaner[S1].txt - [11852 octets] ##########
Scan SystemLook:
SystemLook 30.07.11 by jpshortstuff
Log created at 16:29 on 08/04/2013 by enfant
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.
========== dir ==========
C:\Windows\AxInstSV - Parameters: "/S /MD5 "
---Files---
None found.
No folders found.
-= EOF =-
Scan de adwcleaner:
# AdwCleaner v2.200 - Logfile created 04/08/2013 at 16:50:53
# Updated 02/04/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : enfant - ENFANT-VAIO
# Boot Mode : Normal
# Running from : C:\Users\enfant\Desktop\adwcleaner.exe
# Option [Delete]
***** [Services] *****
Stopped & Deleted : Web Assistant Updater
***** [Files / Folders] *****
File Deleted : C:\END
File Deleted : C:\user.js
Folder Deleted : C:\Program Files (x86)\BasicScan
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files\Web Assistant
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Users\enfant\AppData\Local\Conduit
Folder Deleted : C:\Users\enfant\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\enfant\AppData\LocalLow\Claro LTD
Folder Deleted : C:\Users\enfant\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\enfant\AppData\Roaming\Babylon
Folder Deleted : C:\Users\enfant\AppData\Roaming\Media Finder
Folder Deleted : C:\Users\enfant\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Deleted : C:\Users\enfant\AppData\Roaming\OpenCandy
***** [Registry] *****
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\MediaFinder
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100363.FCTB000100363Pos
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100363.FCTB000100363Pos.1
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100363.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100363.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100363.JSOptionsImpl
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100363.JSOptionsImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1
Key Deleted : HKLM\SOFTWARE\Classes\MF
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3131886
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Key Deleted : HKLM\Software\Web Assistant
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\FCTB000100363
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Key Deleted : HKLM\SOFTWARE\Web Assistant
Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Media Finder]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16470
[OK] Registry is clean.
*************************
AdwCleaner[S1].txt - [11791 octets] - [08/04/2013 16:50:53]
########## EOF - C:\AdwCleaner[S1].txt - [11852 octets] ##########
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
alors dans l'ordre
SystemLook:
SystemLook 30.07.11 by jpshortstuff
Log created at 17:19 on 08/04/2013 by enfant
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.
========== dir ==========
C:\Windows\AxInstSV - Parameters: "/S /MD5 "
---Files---
None found.
No folders found.
-= EOF =-
SystemLook:
SystemLook 30.07.11 by jpshortstuff
Log created at 17:19 on 08/04/2013 by enfant
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.
========== dir ==========
C:\Windows\AxInstSV - Parameters: "/S /MD5 "
---Files---
None found.
No folders found.
-= EOF =-
J'ai fait OTL mais aucun raport au redémarage du PC
EDIT : J ai trouvé le problème je réessaye(mon olt est en anglais donc j'ai appuyer sur le mauvais bouton).
EDIT : J ai trouvé le problème je réessaye(mon olt est en anglais donc j'ai appuyer sur le mauvais bouton).
Voilà le scan de l'OTL:
All processes killed
========== OTL ==========
Error: No service named Web Assistant Updater was found to stop!
Service\Driver key Web Assistant Updater not found.
File C:\Program Files\Web Assistant\ExtensionUpdaterService.exe not found.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33524C00-63FB-43DB-A6BF-0A4E14B24649}\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33524C00-63FB-43DB-A6BF-0A4E14B24649}\ not found.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}\ not found.
File C:\Program Files\Web Assistant\Firefox not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}\ not found.
File C:\Program Files\Web Assistant\Extension64.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}\ not found.
File C:\Program Files\Web Assistant\Extension32.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AC3D03DA-7CC5-8BD4-C17E-B269D43EDBC5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AC3D03DA-7CC5-8BD4-C17E-B269D43EDBC5}\ deleted successfully.
C:\Program Files (x86)\CheckPoints Toolbar\Toolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{14F5FC04-F6CB-E8C4-990C-58FF1448F475} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{14F5FC04-F6CB-E8C4-990C-58FF1448F475}\ deleted successfully.
File C:\Program Files (x86)\CheckPoints Toolbar\Toolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ not found.
Registry value HKEY_USERS\S-1-5-21-2309252362-3260313743-4249410746-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{14F5FC04-F6CB-E8C4-990C-58FF1448F475} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{14F5FC04-F6CB-E8C4-990C-58FF1448F475}\ not found.
File C:\Program Files (x86)\CheckPoints Toolbar\Toolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
C:\Users\enfant\AppData\Local\launcher.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
C:\Users\enfant\AppData\Local\Temp\updater.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-2309252362-3260313743-4249410746-1000\\Software\Microsoft\Windows\CurrentVersion\Run\\launcher deleted successfully.
File C:\Users\enfant\AppData\Local\launcher.exe not found.
Registry value HKEY_USERS\S-1-5-21-2309252362-3260313743-4249410746-1000\\Software\Microsoft\Windows\CurrentVersion\Run\\updater deleted successfully.
File C:\Users\enfant\AppData\Local\Temp\updater.exe not found.
========== FILES ==========
File\Folder C:\Users\enfant\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\launcher.exe (Microsoft) not found.
C:\Users\enfant\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Generate-AlloPass v11.4.1.lnk moved successfully.
File\Folder C:\Users\enfant\AppData\Local\launcher.exe not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\gentra folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 57616 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: enfant
->Temp folder emptied: 741053693 bytes
->Temporary Internet Files folder emptied: 2096087104 bytes
->Java cache emptied: 438451 bytes
->Apple Safari cache emptied: 49361920 bytes
->Flash cache emptied: 58424 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 489511748 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 78911442 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 3,295.00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 04082013_173319
Files\Folders moved on Reboot...
File\Folder C:\Users\enfant\AppData\Local\Temp\flaC9C3.tmp not found!
File\Folder C:\Users\enfant\AppData\Local\Temp\flaC9C4.tmp not found!
C:\Users\enfant\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\enfant\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\enfant\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\II7W5LEY\ads[3].htm moved successfully.
C:\Users\enfant\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\II7W5LEY\ads[4].htm moved successfully.
C:\Users\enfant\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\II7W5LEY\zrt_lookup[1].htm moved successfully.
C:\Users\enfant\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DKSW0LVO\affich-27544040-virus-null[2].htm moved successfully.
C:\Users\enfant\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8F4XDNHV\v071000[1].htm moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
All processes killed
========== OTL ==========
Error: No service named Web Assistant Updater was found to stop!
Service\Driver key Web Assistant Updater not found.
File C:\Program Files\Web Assistant\ExtensionUpdaterService.exe not found.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33524C00-63FB-43DB-A6BF-0A4E14B24649}\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33524C00-63FB-43DB-A6BF-0A4E14B24649}\ not found.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}\ not found.
File C:\Program Files\Web Assistant\Firefox not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}\ not found.
File C:\Program Files\Web Assistant\Extension64.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}\ not found.
File C:\Program Files\Web Assistant\Extension32.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AC3D03DA-7CC5-8BD4-C17E-B269D43EDBC5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AC3D03DA-7CC5-8BD4-C17E-B269D43EDBC5}\ deleted successfully.
C:\Program Files (x86)\CheckPoints Toolbar\Toolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{14F5FC04-F6CB-E8C4-990C-58FF1448F475} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{14F5FC04-F6CB-E8C4-990C-58FF1448F475}\ deleted successfully.
File C:\Program Files (x86)\CheckPoints Toolbar\Toolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ not found.
Registry value HKEY_USERS\S-1-5-21-2309252362-3260313743-4249410746-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{14F5FC04-F6CB-E8C4-990C-58FF1448F475} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{14F5FC04-F6CB-E8C4-990C-58FF1448F475}\ not found.
File C:\Program Files (x86)\CheckPoints Toolbar\Toolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
C:\Users\enfant\AppData\Local\launcher.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
C:\Users\enfant\AppData\Local\Temp\updater.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-2309252362-3260313743-4249410746-1000\\Software\Microsoft\Windows\CurrentVersion\Run\\launcher deleted successfully.
File C:\Users\enfant\AppData\Local\launcher.exe not found.
Registry value HKEY_USERS\S-1-5-21-2309252362-3260313743-4249410746-1000\\Software\Microsoft\Windows\CurrentVersion\Run\\updater deleted successfully.
File C:\Users\enfant\AppData\Local\Temp\updater.exe not found.
========== FILES ==========
File\Folder C:\Users\enfant\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\launcher.exe (Microsoft) not found.
C:\Users\enfant\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Generate-AlloPass v11.4.1.lnk moved successfully.
File\Folder C:\Users\enfant\AppData\Local\launcher.exe not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\gentra folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 57616 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: enfant
->Temp folder emptied: 741053693 bytes
->Temporary Internet Files folder emptied: 2096087104 bytes
->Java cache emptied: 438451 bytes
->Apple Safari cache emptied: 49361920 bytes
->Flash cache emptied: 58424 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 489511748 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 78911442 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 3,295.00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 04082013_173319
Files\Folders moved on Reboot...
File\Folder C:\Users\enfant\AppData\Local\Temp\flaC9C3.tmp not found!
File\Folder C:\Users\enfant\AppData\Local\Temp\flaC9C4.tmp not found!
C:\Users\enfant\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\enfant\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\enfant\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\II7W5LEY\ads[3].htm moved successfully.
C:\Users\enfant\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\II7W5LEY\ads[4].htm moved successfully.
C:\Users\enfant\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\II7W5LEY\zrt_lookup[1].htm moved successfully.
C:\Users\enfant\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DKSW0LVO\affich-27544040-virus-null[2].htm moved successfully.
C:\Users\enfant\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8F4XDNHV\v071000[1].htm moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Ouais ben du coup tout est not found ^^
▶ Télécharge et installe Malwarebytes' Anti-Malware (MBAM).
▶ Exécute-le. Accepte la mise à jour.
▶ Sélectionne "Exécuter un examen complet"
▶ Clique sur "Rechercher"
▶ L'analyse démarre, le scan est relativement long, c'est normal.
A la fin de l'analyse, un message s'affiche :
Citation :
L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.
▶ Clique donc sur Afficher les résultats.
▶ Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse : ferme le.
Si MBAM demande à redémarrer le pc : ▶ fais-le.
Au redémarrage, relance MBAM, onglet "Rapport/Logs", copie/colle celui qui correspond à l'analyse effectuée.
▶ Télécharge et installe Malwarebytes' Anti-Malware (MBAM).
▶ Exécute-le. Accepte la mise à jour.
▶ Sélectionne "Exécuter un examen complet"
▶ Clique sur "Rechercher"
▶ L'analyse démarre, le scan est relativement long, c'est normal.
A la fin de l'analyse, un message s'affiche :
Citation :
L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.
▶ Clique donc sur Afficher les résultats.
▶ Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse : ferme le.
Si MBAM demande à redémarrer le pc : ▶ fais-le.
Au redémarrage, relance MBAM, onglet "Rapport/Logs", copie/colle celui qui correspond à l'analyse effectuée.
Je n'ai pas le temps de faire le scan aujourd'hui(voir même de la semaine) donc je redonne des nouvelles le plus tôt possible.
Merci encore
Merci encore
voilà scan:
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Version de la base de données: v2013.04.09.08
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
enfant :: ENFANT-VAIO [administrateur]
4/12/2013 3:36:46 PM
mbam-log-2013-04-12 (15-36-46).txt
Type d'examen: Examen complet (C:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 491085
Temps écoulé: 1 heure(s), 43 minute(s), 11 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 1
HKCU\Software\DC3_FEXEC (Malware.Trace) -> Mis en quarantaine et supprimé avec succès.
Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)
Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)
(fin)
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Version de la base de données: v2013.04.09.08
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
enfant :: ENFANT-VAIO [administrateur]
4/12/2013 3:36:46 PM
mbam-log-2013-04-12 (15-36-46).txt
Type d'examen: Examen complet (C:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 491085
Temps écoulé: 1 heure(s), 43 minute(s), 11 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 1
HKCU\Software\DC3_FEXEC (Malware.Trace) -> Mis en quarantaine et supprimé avec succès.
Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)
Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)
(fin)
Le programme que je pense qui est un virus réapparait quand je le supprime mais lorsque je le scan avec Malwarebytes Anti-Malware, il n'apparait pas commen un virus alors je le bloque avec process blocker
Il n'y a "que" ceci qui s'exécute seul au démarrage :
Après si tu cr@cke dofus c'est pas ma faute ...
O4:[b]64bit:[/b] - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4:[b]64bit:[/b] - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [launcher] C:\Users\enfant\AppData\Local\launcher.exe (Microsoft) O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation) O4 - HKLM..\Run: [ScanSnap WIA Service Checker] C:\Windows\SSDriver\fi5110\SsWiaChecker.exe (PFU LIMITED) O4 - HKLM..\Run: [SmartWiHelper] C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe (Sony Electronics Corporation) O4 - HKLM..\Run: [updater] C:\Users\enfant\AppData\Local\Temp\updater.exe (Redox) O4 - HKLM..\Run: [UVS10 Preload] C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe (Ulead Systems, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2309252362-3260313743-4249410746-1000..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.) O4 - HKU\S-1-5-21-2309252362-3260313743-4249410746-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-2309252362-3260313743-4249410746-1000..\Run: [DS3 Tool] C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe (www.motioninjoy.com) O4 - HKU\S-1-5-21-2309252362-3260313743-4249410746-1000..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent File not found O4 - HKU\S-1-5-21-2309252362-3260313743-4249410746-1000..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) O4 - HKU\S-1-5-21-2309252362-3260313743-4249410746-1000..\Run: [launcher] C:\Users\enfant\AppData\Local\launcher.exe (Microsoft) O4 - HKU\S-1-5-21-2309252362-3260313743-4249410746-1000..\Run: [Media Finder] "C:\Program Files (x86)\Media Finder\Media Finder.exe" /opentotray File not found O4 - HKU\S-1-5-21-2309252362-3260313743-4249410746-1000..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe File not found O4 - HKU\S-1-5-21-2309252362-3260313743-4249410746-1000..\Run: [updater] C:\Users\enfant\AppData\Local\Temp\updater.exe (Redox) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\enfant\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Generate-AlloPass v11.4.1.lnk = File not found O4 - Startup: C:\Users\enfant\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hauppauge Device Central Tray Tool.lnk = C:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDCTrayTool.exe (Hauppauge Computer Works, Inc.) O4 - Startup: C:\Users\enfant\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\launcher.exe (Microsoft)
Après si tu cr@cke dofus c'est pas ma faute ...
