Babsolution/shared/NTRedirect.dll
ghyslain311
Messages postés
18
Statut
Membre
-
2011N2 Messages postés 13379 Date d'inscription Statut Contributeur sécurité Dernière intervention -
2011N2 Messages postés 13379 Date d'inscription Statut Contributeur sécurité Dernière intervention -
depuis un certain temps j'ai un message qui s'affiche sur l'écran de mon ordinateur lorsque je l'allume(C:/user/toshiba/appdata/roaming/babsolution/shared/NTredirect.dll. je ne sais pas comment faire pour que je message cesse d'apparaitre sur mon écran quand je démarre mon ordinateur.s'il vous plait aidez moi. Merci d'avance.
24 réponses
- 1
- 2
Suivant
-
Bonsoir,
Fais un diagnostic de ton PC avec ZHPDiag comme ceci et poste moi le rapport précédemment hébergé sur cjoint.
Gabriel. -
j'ai telecharger le logiciel mais je ne suis pas tres calé en informatique donc
ss'il te plait explique moi comment proceder pour faire le dignostic? -
Re,
C'est expliqué dans le tutoriel afin de faire le diagnostic, à parti du point 3 : http://www.forum-entraide-informatique.com/support/zhpdiag-tutoriel-t4831.html
Si tu as des questions, dis moi exactement où. :)
Je repasserai demain pour la suite, je vais pas tarder à aller me coucher.
Bonne soirée,
Gabriel. -
merci d'avance pour ton aide je compte vraiment sur toi car je suis vraiment angoissé par ce probleme aide moi s'il te plait. a demain et bonsoir.
Ghyslain311. -
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question -
---\\ Sharing software PeerToPeer
---\\ Surveillance software
Adobe Flash Player 11 Plugin
Adobe Reader X
---\\ Information on the system
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3985 MB (59% free)
System Restore: Activé (Enable)
System drive C: has 405 GB (86%) free of 465 GB
---\\ Connection to the system mode
~ Computer Name: TOSHIBA-PC
~ User Name: toshiba
~ All Users Names: toshiba, Guest, Bloquer l'ordonateur, Administrator,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environment variables
~ System Unit : C:\
~ %AppData% : C:\Users\toshiba\AppData\Roaming\
~ %Desktop% : C:\Users\toshiba\Desktop\
~ %Favorites% : C:\Users\toshiba\Favorites\
~ %LocalAppData% : C:\Users\toshiba\AppData\Local\
~ %StartMenu% : C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeration of the disk units
C:\ Hard drive, Flash drive, Thumb drive (Free 405 Go of 465 Go)
D:\ CD-ROM drive (Not Inserted)
E:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
F:\ CD-ROM drive (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ State of the Windows Security Center
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 29 Legitimates Filtered in 00mn 00s
---\\ Search Generic System Files
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 01:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.69F1D418B4C4EC23033D598E4CBC6B73] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.06/08/2013 - 12:00:59.) -- C:\Windows\System32\wininet.dll [2240512]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.21/11/2010 - 03:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 03:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 03:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 01:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 23:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 03:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 03:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 03:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.13/07/2009 - 23:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 02:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 03:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 14:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 03:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 03:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 03:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 1/29
~ Mes musiques (My Musics) : 7/437
~ Mes Favoris (My Favorites) : 1/23
~ Mes Documents (My Documents) : 2/63
~ Mon Bureau (My Desktop) : 1/5401
~ Menu demarrer (Programs) : 1/46
~ Hidden Files: Scanned in 00mn 04s
---\\ Running Processes at system startup
[MD5.F7128E5772F9312F0D111A5FA5D41773] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [20684656] [PID.3164]
[MD5.D5D73AC93A4C5A09638CEEAC5A80D293] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3528128] [PID.3348]
[MD5.84092B60AA6DAB3B5E0C646AAE862A46] - (...) -- C:\Program Files (x86)\InternetEverywhere\InternetEverywhere_Launcher.exe [637936] [PID.3408]
[MD5.29FB6EF1EFB1357E2883FE297F1EBC31] - (.AVG Technologies CZ, s.r.o. - AVG Tray Monitor.) -- C:\Program Files (x86)\AVG\AVG9\avgtray.exe [2077536] [PID.3532]
[MD5.B2B39A866E42937E4FA071B9E12EEA4C] - (.No owner - VProtect Application.) -- C:\Program Files (x86)\AVG Secure Search\vprot.exe [827232] [PID.3612] =>Toolbar.AVGSearch
[MD5.7027F35E3AA472EC230DBCF19E4165E6] - (.PowerISO Computing, Inc. - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.exe [200704] [PID.3844]
[MD5.207B16FA69F61D1895F8D8532F587E4B] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe [263600] [PID.3900]
[MD5.82E0EA0C23F556FB17ADB98E8E7F594E] - (...) -- C:\Program Files (x86)\InternetEverywhere\InternetEverywhere.exe [1739760] [PID.4568]
[MD5.8ADB34CD7E2536C08C8EE41EC5C2B0BC] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\15.0.1147.153\opera.exe [39483232] [PID.3952]
[MD5.23354229546ACE18AFABDC334698D4BB] - (...) -- C:\Program Files (x86)\Opera\15.0.1147.153\opera_crashreporter.exe [1376608] [PID.4424]
[MD5.4ADCFEE16EE9978F06157634669D36FB] - (.OldTimer Tools - No Comment.) -- C:\Users\toshiba\Downloads\Programs\OTL.exe [602112] [PID.4852]
[MD5.4ADFF37E77F0ABD1D886B07F3A021C5A] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7857664] [PID.3872]
[MD5.11A52CF7B265631DEEB24C6149309EFF] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [64952] [PID.1984]
[MD5.C4D15594DB5BE042D3346EA58DF87D89] - (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe [308136] [PID.1028]
[MD5.65608C44E71D7BA056C9EFCD8A00A7FE] - (.Microsoft Corp. - Bing Desktop updating service.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192] [PID.1176]
[MD5.64C64E7268887F661B911DEED945B898] - (.Bandoo Media Inc. - Datamngr Coordinator.) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [3360256] [PID.1224] =>Adware.Bandoo
[MD5.309CCA3861F1A2E1ABD23843532A9837] - (...) -- C:\Program Files (x86)\InternetEverywhere\InternetEverywhere_Service.exe [347120] [PID.1564]
[MD5.3C23AE0B05DF45CE256E94D6F5CEDF50] - (.AVG Technologies CZ, s.r.o. - AVG Alert Manager.) -- C:\Program Files (x86)\AVG\AVG9\avgam.exe [842592] [PID.1996]
[MD5.AE40D1BC6FB02A5625516AD74CA9A309] - (.Skype Technologies S.A. - Skype C2C Service.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3289472] [PID.2072]
[MD5.942E7D304E70630CFE4FC1EDDCFC1CDB] - (.TorchMedia Inc. - TorchCrashHandler.) -- C:\Users\toshiba\AppData\Local\Torch\Update\TorchCrashHandler.exe [1206624] [PID.2228]
[MD5.8A603DABD6A7FA5F31E2B6E562E0EBDF] - (.No owner - ToolbarU Application.) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe [855904] [PID.2792] =>Toolbar.AVGSearch
[MD5.F4938525565B6AFD0F547934F20754E4] - (.Bandoo Media Inc. - Data Manager.) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe [3534848] [PID.3384] =>Adware.Bandoo
~ Processes Running: Scanned in 00mn 03s
---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2)
C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 0 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.myplaycity.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://my.myplaycity.com
R3 - URLSearchHook: uTorrentBar_FR Toolbar [64Bits] - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (.Conduit Ltd. - Conduit Toolbar.) (6.14.0.28) -- C:\Program Files (x86)\uTorrentBar_FR\prxtbuTor.dll =>Toolbar.Conduit
~ IE Browser: 17 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects (O2)
O2 - BHO: uTorrentBar_FR [64Bits] - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\uTorrentBar_FR\prxtbuTor.dll =>Toolbar.Conduit
O2 - BHO: AVG Security Toolbar [64Bits] - {95B7759C-8C7F-4BF1-B163-73684A933233} . (.No owner - AVG Secure Search.) -- C:\Program Files (x86)\AVG Secure Search\9.0.0.18\AVG Secure Search_toolbar.dll =>Toolbar.AVGSearch
O2 - BHO: delta Helper Object [64Bits] - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} . (.Delta-search.com - No Comment.) -- C:\Program Files (x86)\Delta\delta\1.8.22.0\bh\delta.dll =>Toolbar.DeltaSearch
O2 - BHO: Movies Toolbar (Dist. by Bandoo Media, Inc.) [64Bits] - {ec2bae47-25af-4ce9-9e78-10627a49c9ea} . (.No owner - dtx Dynamic Link Library.) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\searchresultsDx.dll =>Adware.Bandoo
~ BHO: 11 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Orphan key
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} Orphan key
~ Toolbar: Scanned in 00mn 00s
---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\toshiba\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [NTRedirect] C:\Users\toshiba\AppData\Roaming\BabSolution\Shared\NTRedirect.dll (.not file.) =>Hijacker.BabSolution
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
O4 - HKLM\..\Wow6432Node\Run: [UCam_Menu] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [AVG9_TRAY] . (.AVG Technologies CZ, s.r.o. - AVG Tray Monitor.) -- C:\Program Files (x86)\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Wow6432Node\Run: [vProt] . (.No owner - VProtect Application.) -- C:\Program Files (x86)\AVG Secure Search\vprot.exe =>Toolbar.AVGSearch
O4 - HKLM\..\Wow6432Node\Run: [PWRISOVM.EXE] . (.PowerISO Computing, Inc. - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Wow6432Node\Run: [BingDesktop] . (.Microsoft Corp. - Bing Desktop Application.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
O4 - HKLM\..\Wow6432Node\Run: [ITSecMng] . (.TOSHIBA CORPORATION - IT Security Manager for Toshiba Stack.) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-2034115077-1308621816-2593219460-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-21-2034115077-1308621816-2593219460-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\toshiba\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-2034115077-1308621816-2593219460-1000\..\Run: [NTRedirect] C:\Users\toshiba\AppData\Roaming\BabSolution\Shared\NTRedirect.dll (.not file.) =>Hijacker.BabSolution
O4 - HKUS\S-1-5-21-2034115077-1308621816-2593219460-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-2034115077-1308621816-2593219460-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
~ Application: Scanned in 00mn 00s
---\\ Other User Links (O4)
O4 - GS\TaskBar: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Opera.lnk . (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O4 - GS\Programs: iLivid.lnk . (.Bandoo Media Inc. - iLivid Download Manager.) -- C:\Users\toshiba\AppData\Local\iLivid\iLivid.exe =>Adware.Bandoo
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch: iLivid.lnk . (.Bandoo Media Inc. - iLivid Download Manager.) -- C:\Users\toshiba\AppData\Local\iLivid\iLivid.exe =>Adware.Bandoo
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Marco Polo Turbo Français Anglais.lnk . (...) -- C:\Marco Polo Turbo Vocabulary Tutor\Marco Polo Français Anglais 4.2\Marco Anglais 420.exe
O4 - GS\QuickLaunch: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\toshiba\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.µTorrent
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\Windows\system32\eudcedit.exe
O4 - GS\SendTo: Bluetooth File Transfer.LNK . (.Microsoft Corporation - No Comment.) -- C:\Windows\System32\fsquirt.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - GS\Desktop: Conjugaison.lnk . (...) -- C:\Users\toshiba\AppData\Roaming\Microsoft\Installer\{057AA4D8-559F-42B1-98A0-508303834B2E}\_696c15b3.exe
O4 - GS\Desktop: CyberLink YouCam.lnk . (.CyberLink Corp. - CyberLink YouCam.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe
O4 - GS\Desktop: Encyclopaedia Universalis 2012.lnk . (...) -- C:\Program Files (x86)\Encyclopaedia Universalis 2012\Encyclopaedia Universalis 2012\Universalis.exe
O4 - GS\Desktop: iLivid.lnk . (.Bandoo Media Inc. - iLivid Download Manager.) -- C:\Users\toshiba\AppData\Local\iLivid\iLivid.exe =>Adware.Bandoo
O4 - GS\Desktop: Marco Polo Turbo Français Anglais.lnk . (...) -- C:\Marco Polo Turbo Vocabulary Tutor\Marco Polo Français Anglais 4.2\Marco Anglais 420.exe
O4 - GS\Desktop: Microsoft Office Excel 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe
O4 - GS\Desktop: Microsoft Office Word 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe
O4 - GS\SendTo: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - No Comment.) -- C:\Windows\System32\fsquirt.exe
O4 - GS\Desktop: The Logo Creator v5.exe.lnk . (...) -- C:\Program Files (x86)\The Logo Creator v5\The Logo Creator v5.exe
~ Global Startup: Scanned in 00mn 01s
---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{0C78B614-912F-4914-A51D-7A693E345E0E}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{EF4ADF79-69AD-4113-8A9D-3F9022A9F682}: DhcpNameServer = 213.136.96.157 213.136.96.37
O17 - HKLM\System\CCS\Services\Tcpip\..\{0C78B614-912F-4914-A51D-7A693E345E0E}: DhcpDomain = lan
O17 - HKLM\System\CS1\Services\Tcpip\..\{0C78B614-912F-4914-A51D-7A693E345E0E}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{EF4ADF79-69AD-4113-8A9D-3F9022A9F682}: DhcpNameServer = 213.136.96.157 213.136.96.37
O17 - HKLM\System\CS1\Services\Tcpip\..\{0C78B614-912F-4914-A51D-7A693E345E0E}: DhcpDomain = lan
O17 - HKLM\System\CS2\Services\Tcpip\..\{0C78B614-912F-4914-A51D-7A693E345E0E}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{EF4ADF79-69AD-4113-8A9D-3F9022A9F682}: DhcpNameServer = 213.136.96.157 213.136.96.37
O17 - HKLM\System\CS2\Services\Tcpip\..\{0C78B614-912F-4914-A51D-7A693E345E0E}: DhcpDomain = lan
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.136.96.157 213.136.96.37
~ Domain: Scanned in 00mn 00s
---\\ Extra protocols (O18)
O18 - Handler: viprotocol [64Bits] - {B658800C-F66E-4EF3-AB85-6C0C227862A9} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - AppInit_DLLs: . (...) - C:\PROGRA~3\Wincert\WIN64C~1.dll
~ AppInit DLL: Scanned in 00mn 00s
---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: Datamngr Coordinator (DatamngrCoordinator) . (.Bandoo Media Inc. - Datamngr Coordinator.) - C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe =>Adware.Bandoo
O23 - Service: Torch Crash Handler (TorchCrashHandler) . (.TorchMedia Inc. - TorchCrashHandler.) - C:\Users\toshiba\AppData\Local\Torch\Update\TorchCrashHandler.exe
O23 - Service: (vToolbarUpdater) . (.No owner - ToolbarU Application.) - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe =>Toolbar.AVGSearch
~ Services: 10 Legitimates Filtered in 00mn 09s
---\\ Session Manager Key (AppCertDlls,KnownDLLs) (O36)
O36 - AppCertDlls: (x86) . (...) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll =>Adware.Bandoo
O36 - AppCertDlls: (x64) . (...) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll =>Adware.Bandoo
~ Keys: Scanned in 00mn 00s
---\\ Task Planned Automatically (039)
[MD5.ADB62392BC0711707E58E70186CC4AC2] [APT] [EPUpdater] (...) -- C:\Users\toshiba\AppData\Roaming\BabSolution\Shared\BabMaint.exe [10224] =>Hijacker.BabSolution
[MD5.00000000000000000000000000000000] [APT] [{32678595-9F55-49F3-9DB0-94B93F736B52}] (...) -- C:\Users\toshiba\Downloads\Programs\aquitania_setup.exe (.not file.) [0]
~ Scheduled Task: 12 Legitimates Filtered in 00mn 03s
---\\ Software installed (O42)
O42 - Logiciel: BrowserDefender - (.Bit89 Inc.) [HKLM][64Bits] -- {15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} =>Hijacker.Eazel
O42 - Logiciel: Delta toolbar - (.Delta.) [HKLM][64Bits] -- delta =>Toolbar.DeltaSearch
O42 - Logiciel: Marco Polo Français Anglais 4.2 - (.Marco Polo Turbo Vocabulary Tutor.) [HKLM][64Bits] -- Marco_0
O42 - Logiciel: iLivid - (.Bandoo Media Inc.) [HKLM][64Bits] -- iLivid =>Adware.Bandoo
~ Logic: 63 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\5c48bdfb139ee15]
[HKCU\Software\APN DTX]
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes]
[HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\AppDataLow\Toolbar]
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\Delta]
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\Marco Polo Turbo Vocabulary Tutor]
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\ilivid] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\5c48bdfb139ee15]
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\DataMngr] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\Delta]
~ Key Software: 174 Legitimates Filtered in 00mn 00s
---\\ Contents of the Common Files folders (O43)
O43 - CFD: 06/08/2013 - 13:48:43 - [0,609] ----D C:\Program Files (x86)\Conduit
O43 - CFD: 06/08/2013 - 13:46:43 - [2,390] ----D C:\Program Files (x86)\Delta
O43 - CFD: 08/08/2013 - 18:21:24 - [157,451] ----D C:\Program Files (x86)\LHSP
O43 - CFD: 13/08/2013 - 10:28:10 - [22,958] ----D C:\Program Files (x86)\Movies Toolbar =>Adware.Bandoo
O43 - CFD: 06/08/2013 - 13:46:12 - [0] ----D C:\ProgramData\Babylon =>Toolbar.Babylon
O43 - CFD: 06/08/2013 - 13:46:41 - [8,084] ----D C:\ProgramData\BrowserDefender =>Hijacker.Eazel
O43 - CFD: 22/08/2013 - 22:42:19 - [0,011] ----D C:\ProgramData\Datamngr =>PUP.Datamngr
O43 - CFD: 22/08/2013 - 22:41:24 - [0,004] ----D C:\ProgramData\TorchCrashHandler
O43 - CFD: 06/08/2013 - 13:46:33 - [1,279] ----D C:\Users\toshiba\AppData\Roaming\BabSolution =>Hijacker.BabSolution
O43 - CFD: 06/08/2013 - 13:46:12 - [0,003] ----D C:\Users\toshiba\AppData\Roaming\Babylon =>Toolbar.Babylon
O43 - CFD: 06/08/2013 - 13:48:39 - [0,083] ----D C:\Users\toshiba\AppData\Local\Conduit
O43 - CFD: 13/08/2013 - 10:58:03 - [60,091] ----D C:\Users\toshiba\AppData\Local\iLivid =>Adware.Bandoo
O43 - CFD: 06/08/2013 - 13:46:51 - [0,001] ----D C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender =>Hijacker.Eazel
O43 - CFD: 08/08/2013 - 18:09:45 - [0,003] ----D C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Marco Polo Turbo Vocabulary Tutor
~ Program Folder: 124 Legitimates Filtered in 00mn 30s
---\\ Last modified or created files under Windows and System32 (O44)
O44 - LFC:[MD5.AAAEBBAE9B181771B6C1B27CDC3EAD2B] - 22/08/2013 - 14:07:50 ---A- . (...) -- C:\Windows\IE10_main.log [28118]
O44 - LFC:[MD5.3D9D1FAF25C9014438C8CB6897DD57E7] - 20/08/2013 - 11:55:17 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [20832]
O44 - LFC:[MD5.3D9D1FAF25C9014438C8CB6897DD57E7] - 20/08/2013 - 11:55:17 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [20832]
O44 - LFC:[MD5.3D9D1FAF25C9014438C8CB6897DD57E7] - 20/08/2013 - 11:55:17 RSHAD . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [20832]
O44 - LFC:[MD5.3D9D1FAF25C9014438C8CB6897DD57E7] - 20/08/2013 - 11:55:17 RSHAD . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [20832]
O44 - LFC:[MD5.2465EBC8CD6E412CDC1AB9FEF40BCAE6] - 09/08/2013 - 07:29:41 ---A- . (...) -- C:\Windows\win.ini [478]
~ Files: 298 Legitimates Filtered in 00mn 10s
---\\ MountPoints2 Shell Key (MPKS) (O51)
O51 - MPSK:{b206a1a8-fa43-11e2-9050-7c05079cde22}\AutoRun\command. (...) -- F:\.\Setup.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s
---\\ System Drivers List (SDL) (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 01:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:[MD5.F572B7467B5CB4FA8FB6319575902E41] - 31/07/2013 - 13:56:54 ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\SysWOW64\drivers\ewdcsc.sys [32768]
~ Drivers: Scanned in 00mn 00s
---\\ List all tools cleaner (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ List all legacy services(LALS) (O64)
O64 - Services: CurCS - 02/08/2012 - C:\Windows\System32\DRIVERS\idmwfp.sys (IDMWFP) .(.Tonec Inc. - Internet Download Manager WFP Driver.) - LEGACY_IDMWFP
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
~ Legacy: 108 Legitimates Filtered in 00mn 00s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <OperaStable>[HKLM\..\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Launcher.exe
O67 - Shell Spawning: <.html> <OperaStable>[HKCU\..\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Launcher.exe
O67 - Shell Spawning: <.html> <OperaStable>[HKCR\..\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Launcher.exe
~ FASS Keys: 19 Legitimates Filtered in 00mn 00s
---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <OperaStable> <Opera Stable>[HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Launcher.exe
O68 - StartMenuInternet: <Torch> <>[HKLM\..\Shell\open\Command] (.Not Key.)
~ Keys: Scanned in 00mn 00s
---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Delta Search) - http://www1.delta-search.com =>Toolbar.DeltaSearch
O69 - SBI: SearchScopes [HKCU] {94125E87-9EAF-4DE8-BF37-356F577C79A2} - (uTorrentBar_FR Customized Web Search) - http://search.conduit.com =>P2P.µTorrent
O69 - SBI: SearchScopes [HKCU] {95B7759C-8C7F-4BF1-B163-73684A933233} - (AVG Secure Search) - https://isearch.avg.com/ =>Toolbar.AVGSearch
O69 - SBI: SearchScopes [HKCU] {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} [DefaultScope] - (MyPlayCity) - http://my.myplaycity.com
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} - (Ask.com) - https://www.search.ask.com/web?l=dis&q=&o=APN10655A&apn_dtid=%5EBND101%5EYY%5EFR&shad=s_0048&gct=hp&apn_ptnrs=%5EAG5&d=101-0&lang=en&atb=sysid%3D101%3Auid%3De71e508e6f0b6f35%3Asrc%3Dhmp%3Ao%3DAPN10655A%3Atg%3D&p2=%5EAG5%5EBND101%5EYY%5EFR
~ Keys: Scanned in 00mn 00s
---\\ Search Particular Root Folder (SPRF) (O84)
[MD5.9421F1B2E6DDEEEBEA82516C5E9B4A4A] [SPRF][13/08/2013] (...) -- C:\Users\toshiba\AppData\Local\Temp\apnuserid.dat [16]
[MD5.85D8CE590AD8981CA2C8286F79F59954] [SPRF][13/08/2013] (...) -- C:\Users\toshiba\AppData\Local\Temp\appid.dat [3]
[MD5.F3C37E60733738EE1B5B85D02AE60B6B] [SPRF][16/08/2013] (...) -- C:\Users\toshiba\AppData\Local\Temp\defaultCache.reg [81526]
[MD5.04144F7159DBE2105DA27A824630819F] [SPRF][20/08/2013] (...) -- C:\Users\toshiba\AppData\Local\Temp\instloffer.exe [376296]
[MD5.DC29C682BAF5DB06E8F7860010442D3F] [SPRF][22/08/2013] (.TeamDev Ltd - JNIWrapper Native Library.) -- C:\Users\toshiba\AppData\Local\Temp\jniwrap.dll [45112]
[MD5.5A432A042DAE460ABE7199B758E8606C] [SPRF][28/10/2006] (.Microsoft Corporation - Office Source Engine.) -- C:\Users\toshiba\AppData\Local\Temp\ose00000.exe [145184]
[MD5.8CB22BDD0B7BA1AB13D742E22EED8DA2] [SPRF][13/08/2013] (...) -- C:\Users\toshiba\AppData\Local\Temp\sysid.dat [3]
[MD5.BDEE9D936EFB7C76DF778F45F1CF130D] [SPRF][13/08/2013] (...) -- C:\Users\toshiba\AppData\Local\Temp\trackid.dat [6]
[MD5.3D5B9EDB303C6D3D598B8D6C81A570E1] [SPRF][08/02/2013] (...) -- C:\Users\toshiba\AppData\Local\Temp\Uninstall.exe [104117]
[MD5.48A895570D7E3EB6150B1FC8F24843FE] [SPRF][06/08/2013] (...) -- C:\Users\toshiba\AppData\Local\Temp\uttD2AE.tmp.exe [8844800]
~ Files: Scanned in 00mn 01s
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{7DFE1E0F-2B4F-402E-8299-1D571EEF3F7F}" | In - Public - P6 - TRUE | .(.APN LLC - DtUser.) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe =>Adware.Bandoo
O87 - FAEL: "{F47C7110-6B3B-4176-BFA9-2140611F664D}" | In - Public - P17 - TRUE | .(.APN LLC - DtUser.) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe =>Adware.Bandoo
O87 - FAEL: "{5FAA9887-CF99-4FEE-9167-21250880EABA}" | In - None - P17 - TRUE | .(.Torch Media Inc. - Torch Torrent.) -- C:\Users\toshiba\AppData\Local\Torch\Plugins\Torrent\TorchTorrent.exe
O87 - FAEL: "{B0F42D79-B9D3-435B-8DD9-5DEE9CD3582A}" |In - None - P17 - TRUE | .(...) -- C:\Users\toshiba\AppData\Local\Torch\Plugins\Hola\hola_plugin.exe (.not file.)
O87 - FAEL: "{2759578E-722A-44DB-BE3E-C19E35B4535B}" |In - None - P17 - TRUE | .(...) -- C:\Users\toshiba\AppData\Local\Torch\Plugins\Hola\hola_plugin_x64.exe (.not file.)
~ Firewall: 196 Legitimates Filtered in 00mn 01s
---\\ Random Export Key (REK) (O91)
[HKCU\Software\5c48bdfb139ee15]:version="2.6.1519.190"
[HKLM\Software\Wow6432Node\5c48bdfb139ee15]:version="2.6.1519.190"
~ Export Key Software: Scanned in 00mn 00s
---\\ Windows Installer Scan (WIS) (O93) (NTFS)
[MD5.B1C861317B5A5D0755FBC53352C4B0A3] [WIS][06/08/2013] (.Skype Technologies S.A. - Skype.) -- C:\Windows\Installer\124a8b.msi [22614016]
[MD5.66697CC6FB5EE64EAE12EF48FAEF65C8] [WIS][04/10/2010] (.homework - Conjugaison.) -- C:\Windows\Installer\1bd657.msi [2266624]
~ WIS: 34 Legitimates Filtered in 00mn 03s
---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 06/06/2011 64952 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 10/11/2011 167264 | (AVG Security Toolbar Service) . (...) - C:\Program Files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe
SR - | Auto 31/07/2013 308136 | (avg9wd) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
SS - | Disabled 26/07/2013 2847696 | (BrowserDefendert) . (...) - C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe =>Hijacker.Eazel
SS - | Demand 25/08/2012 276288 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SR - | Auto 12/08/2013 3360256 | (DatamngrCoordinator) . (.Bandoo Media Inc..) - C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe =>Adware.Bandoo
SS - | Auto 06/08/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 06/08/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SR - | Auto 23/10/2012 347120 | (InternetEverywhere_Service) . (...) - C:\Program Files (x86)\InternetEverywhere\InternetEverywhere_Service.exe
SR - | Auto 12/07/2013 3289472 | (Skype C2C Service) . (.Skype Technologies S.A..) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
SS - | Auto 25/07/2013 162672 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 20/07/2013 1206624 | (TorchCrashHandler) . (.TorchMedia Inc..) - C:\Users\toshiba\AppData\Local\Torch\Update\TorchCrashHandler.exe
SR - | Auto 17/03/2009 189808 | (TOSHIBA Bluetooth Service) . (.TOSHIBA CORPORATION.) - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
SR - | Auto 31/07/2013 855904 | (vToolbarUpdater) . (...) - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe =>Toolbar.AVGSearch
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Demand 00\00\0000 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 04s
---\\ Scan Additionnel (O88)
Database Version : v2.12862 - (22/08/2013)
Clés trouvées (Keys found) : 131
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 20
Fichiers trouvés (Files found) : 19
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] =>Toolbar.AVGSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EC2BAE47-25AF-4CE9-9E78-10627A49C9EA}] =>Adware.Bandoo^
[HKLM\SYSTEM\CurrentControlSet\Services\DatamngrCoordinator] =>Adware.Bandoo^
[HKLM\SYSTEM\CurrentControlSet\Services\vToolbarUpdater] =>Toolbar.AVGSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}] =>Hijacker.Eazel^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\delta] =>Toolbar.DeltaSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\iLivid] =>Adware.Bandoo^
[HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Conduit
[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}] =>Adware.Bandoo
[HKLM\Software\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo
[HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits
[HKLM\Software\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}] =>Adware.Bandoo
[HKLM\Software\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}] =>Toolbar.Conduit
[HKLM\Software\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D6533F74-218B-41BE-9D91-5BD471FECFFD}] =>Toolbar.Conduit
[HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] =>Toolbar.AVGSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AppID\escort.dll] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\escortapp.dll] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\escorteng.dll] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\esrv.EXE] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\ScriptHelper.EXE] =>Toolbar.AVGSearch
[HKLM\Software\Classes\escort.escortIEPane] =>PUP.Funmoods
[HKLM\Software\Classes\escort.escortIEPane.1] =>PUP.Funmoods
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi] =>Toolbar.AVGSearch
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi.1] =>Toolbar.AVGSearch
[HKLM\Software\Classes\SearchQUIEHelper.DNSGuard] =>Adware.Bandoo
[HKLM\Software\Classes\SearchQUIEHelper.DNSGuard.1] =>Adware.Bandoo
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE] =>Toolbar.AVGSearch
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE.1] =>Toolbar.AVGSearch
[HKCU\Software\APN DTX] =>Toolbar.Ask
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\DataMngr] =>Adware.Bandoo
[HKCU\Software\ilivid] =>Adware.Bandoo
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\uTorrentBar_FR] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\uTorrentBar_FR] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\iLivid] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_FR Toolbar] =>Toolbar.Conduit
[HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}] =>Toolbar.Agent
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings] =>PUP.BProtector
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\delta.deltaappCore] =>PUP.Funmoods
[HKLM\Software\Classes\delta.deltaappCore.1] =>PUP.Funmoods
[HKLM\Software\Classes\delta.deltadskBnd] =>PUP.Funmoods
[HKLM\Software\Classes\delta.deltadskBnd.1] =>PUP.Funmoods
[HKLM\Software\Classes\delta.deltaHlpr] =>toolbar.DeltaSearch
[HKLM\Software\Classes\delta.deltaHlpr.1] =>toolbar.DeltaSearch
[HKLM\Software\Classes\esrv.deltaESrvc] =>toolbar.DeltaSearch
[HKLM\Software\Classes\esrv.deltaESrvc.1] =>toolbar.DeltaSearch
[HKLM\Software\Classes\Toolbar.CT2851639] =>Toolbar.Conduit
[HKLM\Software\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\delta.deltaappCore] =>toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\delta.deltaappCore.1] =>toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\delta.deltadskBnd] =>toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\delta.deltadskBnd.1] =>toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\delta.deltaHlpr] =>toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\delta.deltaHlpr.1] =>toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\esrv.deltaESrvc] =>toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\esrv.deltaESrvc.1] =>toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\escort.escortIEPane] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\escort.escortIEPane.1] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\SearchQUIEHelper.DNSGuard] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\SearchQUIEHelper.DNSGuard.1] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\Toolbar.CT2851639] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\AppID\escort.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escortApp.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escortEng.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}] =>Toolbar.Conduit^
[HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]:{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} =>Toolbar.Conduit^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:NTRedirect =>Hijacker.BabSolution^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:vProt =>Toolbar.AVGSearch^
C:\Program Files (x86)\Movies Toolbar =>Adware.Bandoo^
C:\ProgramData\Babylon =>Toolbar.Babylon^
C:\ProgramData\BrowserDefender =>Hijacker.Eazel^
C:\ProgramData\Datamngr =>PUP.Datamngr^
C:\Users\toshiba\AppData\Roaming\BabSolution =>Hijacker.BabSolution^
C:\Users\toshiba\AppData\Roaming\Babylon =>Toolbar.Babylon^
C:\Users\toshiba\AppData\Local\iLivid =>Adware.Bandoo^
C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender =>Hijacker.Eazel^
C:\Program Files (x86)\AVG Secure Search =>Toolbar.AVGSearch
C:\Program Files (x86)\Conduit =>Toolbar.Conduit
C:\Program Files (x86)\uTorrentBar_FR =>Toolbar.Conduit
C:\Program Files (x86)\Common Files\AVG Secure Search =>Toolbar.AVGSearch
C:\ProgramData\AVG Secure Search =>Toolbar.AVGSearch
C:\ProgramData\AVG Security Toolbar =>Toolbar.AVGSearch
C:\Users\toshiba\AppData\Local\Conduit =>Toolbar.Conduit
C:\Users\toshiba\AppData\LocalLow\AVG Secure Search =>Toolbar.AVGSearch
C:\Users\toshiba\AppData\LocalLow\Conduit =>Toolbar.Conduit
C:\Users\toshiba\AppData\LocalLow\PriceGong =>Adware.PriceGong
C:\Users\toshiba\AppData\LocalLow\uTorrentBar_FR =>Toolbar.Conduit
C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde =>Toolbar.DeltaSearch
C:\Program Files (x86)\AVG Secure Search\vprot.exe =>Toolbar.AVGSearch^
C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe =>Adware.Bandoo^
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe =>Toolbar.AVGSearch^
C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe =>Adware.Bandoo^
C:\Program Files (x86)\uTorrentBar_FR\prxtbuTor.dll =>Toolbar.Conduit^
C:\Program Files (x86)\AVG Secure Search\9.0.0.18\AVG Secure Search_toolbar.dll =>Toolbar.AVGSearch^
C:\Program Files (x86)\Delta\delta\1.8.22.0\bh\delta.dll =>Toolbar.DeltaSearch^
C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\searchresultsDx.dll =>Adware.Bandoo^
C:\Users\toshiba\AppData\Local\iLivid\iLivid.exe =>Adware.Bandoo^
C:\Users\toshiba\AppData\Roaming\BabSolution\Shared\BabMaint.exe =>Hijacker.BabSolution^
[HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit^
[HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar^
[HKCU\Software\BabSolution] =>Hijacker.BabSolution^
[HKCU\Software\Conduit] =>Toolbar.Conduit^
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr^
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit^
C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe =>Adware.Bandoo^
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe =>Hijacker.Eazel^
C:\Users\toshiba\AppData\Local\Temp\instloffer.exe =>PUP.OfferBox
~ Additionnel Scan: 200288 Items scanned in 00mn 18s
---\\ Summary of the detections found on your workstation
~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/26678994-hijacker-babsolution =>Hijacker.BabSolution
~ http://nicolascoolman.webs.com/apps/blog/show/27161672-hijacker-eazel =>Hijacker.Eazel
~ http://nicolascoolman.webs.com/apps/blog/show/26666995-adware-pricegong =>Adware.PriceGong
~ http://nicolascoolman.webs.com/apps/blog/show/26990375-hijacker-smartbar =>Hijacker.SmartBar
~ http://nicolascoolman.webs.com/apps/blog/show/27583992-pup-datamngr =>PUP.Datamngr
~ http://nicolascoolman.webs.com/apps/blog/show/29790567-adware-installcore =>Adware.InstallCore
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>Toolbar.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/30898245-toolbar-skype =>Toolbar.Skype
~ http://nicolascoolman.webs.com/apps/blog/show/30234464-pup-toparcadehits =>PUP.ToparcadeHits
~ http://nicolascoolman.webs.com/apps/blog/show/27630986-pup-funmoods =>PUP.Funmoods
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/28133096-pup-bprotector =>PUP.BProtector
~ http://nicolascoolman.webs.com/apps/blog/show/28606910-pup-offerbox =>PUP.OfferBox
~ MSI: 16 link(s) detected in 00mn 18s
~ 1200 Legitimates filtered by white list
End of the scan (716 lines in 01mn 38s)(0) -
ce qui précède est sans doute le resultat du diagnostic dont tu me parlais. le voici donc j'attend impatiemment ta solution.Merci d'avance.
-
Re,
Ne sois pas angoissé, tout va bien se passer. :)
Tu me diras où tu en es dans la procédure pour ZHPDiag.
À demain.
Gabriel. -
le diagnostic est beaucoup trop long pour <ue je te l'envoie par message sur ceux comment te l'envoyer par l'intermediaire d'un lien?
-
Salut,
Oui par un lien stp, car là il n'est pas tout à fait complet : suis ce tutoriel pour héberger le rapport : http://www.forum-entraide-informatique.com/support/cjoint-com-tutoriel-t2939.html
Gabriel. -
d'accord je bais essayer de te l'envoyer. Merci d'avance.
Ghyslain311 -
-
Re,
Ok, passe AdwCleaner comme ceci et poste moi le rapport : http://www.forum-entraide-informatique.com/support/adwcleaner-tutoriel-t875.html
Gabriel. -
-
Oui je l'ai reçu je t'ai demandé ceci : https://forums.commentcamarche.net/forum/affich-28565320-babsolution-shared-ntredirect-dll#15
-
-
ok. j'ai suivi tes instructions et voici le lien; https://www.cjoint.com/c/CHxntoYK1Sr
Merci pour tout ce que tu fais pour m'aider. Dieu te benisse.
encore Merci et j'attend impatiemment tes instructions.
Merci Ghyslain311. -
Re,
Très bien.
Passe Junkware Removal Tool comme ceci : http://www.forum-entraide-informatique.com/support/junkware-removal-tool-tutoriel-t8260.html
Gabriel. -
j'ai fini tout en suivant tes instructions à la lettre ainsi voici ce qui c'est affiché. voici le lien:https://www.cjoint.com/c/CHxnVpLqAqy
j'attend ta réponse et encore Merci. -
Si tu reçois le précedent lien; préviens moi stp!
Merci.
Ghyslain311. -
Re,
Parfait. :)
Fais moi un nouveau rapport ZHPDiag à présent.
Toujours en cliquant sur Configurer puis la loupe la plus à droite, et en hébergeant le rapport.
Gabriel. -
j'ai terminer voici le lien:https://www.cjoint.com/c/CHxooAU7iZg
j'attend ta reponse maintenant.
Merci.
Ghyslain311. -
c'est le rapport ZHPdiag que tu 'a demandé. suis le lien: https://www.cjoint.com/c/CHxou7Vo7xY
- 1
- 2
Suivant