PORTABLE TROP LENT, FERMETURE INTERNET ET PORTABLE TRES FREQUENT
Fermé
croatie2000
Messages postés
10
Date d'inscription
samedi 17 novembre 2012
Statut
Membre
Dernière intervention
16 mars 2014
-
16 mars 2014 à 19:18
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 - 16 mars 2014 à 20:32
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 - 16 mars 2014 à 20:32
Bonjour,
Différents problèmes mais très fréquemment le message "internet a du fermer". Micro très très lent alors qu'il n'a même pas 2 ans.
Fin de la license kapersky en févier 2014. Que me conseillez-vous comme antivirus ?
pouvez-vs m'aider ? Merci.
J'ai réalisé un zhpdiag.
~ Rapport de ZHPDiag v2014.3.12.13 - Nicolas Coolman (12/03/2014)
~ Lancé par Marie-Ange (16/03/2014 18:22:44)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16521 (Defaut)
GCIE: Google Chrome v33.0.1750.154
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 9YQTR
Windows License : OK
~ Windows Remaining Initializations Number : 1
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
Trusteer Sécurité des points d'accès v3.5.1304.48
Kaspersky Anti-Virus 2013 v13.0.1.4190
Kaspersky Security Scan v12.0.1.117
Windows Defender W7
---\\ Logiciels d'optimisation du système
CCleaner v3.26 =>Piriform Ltd
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 10 Plugin
Adobe Reader X
Java 7 Update 7
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3982 MB (44% free)
System Restore: Activé (Enable)
System drive C: has 242 GB (60%) free of 401 GB
---\\ Mode de connexion au système
~ Computer Name: MARIE-ANGE-PC
~ User Name: Marie-Ange
~ All Users Names: UpdatusUser, Marie-Ange, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Marie-Ange\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Marie-Ange\AppData\Roaming\
~ %Desktop% : C:\Users\Marie-Ange\Desktop\
~ %Favorites% : C:\Users\Marie-Ange\Favorites\
~ %LocalAppData% : C:\Users\Marie-Ange\AppData\Local\
~ %StartMenu% : C:\Users\Marie-Ange\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 242 Go of 401 Go)
D: Hard drive, Flash drive, Thumb drive (Free 476 Go of 506 Go)
F: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.24/02/2012 - 01:55:29.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.DF79CE9B950C62677D232154E93A81C7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.01/03/2014 - 04:10:28.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:32.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:28.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:22.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:34.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.24/02/2012 - 02:02:21.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:22.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:36.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:58.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.DF8126BD41180351A093A3AD2FC8903B] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.24/02/2012 - 01:35:34.) -- C:\Windows\system32\Drivers\volsnap.sys [296320]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/6085
~ Mes musiques (My Musics) : 1/130
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/106
~ Mes Documents (My Documents) : 3/1194
~ Mon Bureau (My Desktop) : 1/54
~ Menu demarrer (Programs) : 1/76
~ Hidden Files: Scanned in 00mn 02s
---\\ Processus lancés
[MD5.2DC64A3446C8C6E020E781456B46573D] - (.Microsoft Corporation - Tablet PC Input Panel Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe [10240] [PID.3128]
[MD5.6B3BA5BB455D7A4FD16B697B8F73858F] - (.ASUSTek Computer Inc. - ASUS FaceLogon Application.) -- C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe [473728] [PID.2988]
[MD5.5AC92ABC3A201B79A73B1011B078EAE0] - (.ASUSTeK Computer Inc. - ASUS Quick Gesture Exe.) -- C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe [17872] [PID.2752]
[MD5.BB9ACD507A735FA9FE524FCE0AEBB493] - (.Trusteer Ltd. - RapportService.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe [2484504] [PID.2764]
[MD5.64A7C84C0A8C79B22033F92D43919062] - (.ASUS - ACMON.) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [102568] [PID.4124]
[MD5.D9AB754613208112B840C75B6762B909] - (.ASUSTek Computer Inc. - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322176] [PID.3552]
[MD5.ED759B7FD51466447CC31CBE79B99050] - (.ASUSTek Computer Inc. - ASUS USB Charger Plus.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [1121448] [PID.3964]
[MD5.98CADC34741738CFC24F5CDFDAA408FA] - (.ASUSTeK - ACEngSvr Module.) -- C:\Windows\SysWOW64\ACEngSvr.exe [162456] [PID.4960]
[MD5.37DEB76A2CF005841C4E45DE2B94D84F] - (.ASUS - AsScrPro.) -- C:\Windows\AsScrPro.exe [3058304] [PID.5724]
[MD5.6DCFADDA4F2A6D3396D13F0554D672E8] - (.Microsoft Corporation - Windows Live Family Safety Filter.) -- C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe [884584] [PID.5804]
[MD5.58920E6A409046BA06548D9D139CE0F0] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608] [PID.5872]
[MD5.FF786A74F62361A71AECDB8F8AC95D6F] - (.Somoto - FilesFrog.com Update Checker.) -- C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe [201808] [PID.5896] =>Adware.MegaSearch
[MD5.659474582C6E060DBD8FFFF97DC892C5] - (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968] [PID.5948]
[MD5.CA1DC0FFE7DD4D633421B8BC39ED5FFD] - (.Intel Corporation - Bluetooth Media Player Controller.) -- C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe [936272] [PID.5240]
[MD5.4F9236BE13917B89F7A03DEA85F220FA] - (.Pas de propriétaire - WebPlayer.) -- C:\Users\Marie-Ange\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe [202752] [PID.5232] =>Adware.SocialSkinz
[MD5.35048D8E8A0BF7A797CD5757ACD7EED0] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816] [PID.5628]
[MD5.829FC625A1012F86D18063DA2D247EBB] - (.ASUSTeK Computer Inc. - AsusVibe2.0.) -- C:\Program Files (x86)\Asus\AsusVibe\AsusVibe2.0.exe [924336] [PID.6192]
[MD5.4D1DA8CE5E364D22B4FF00F163194514] - (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608] [PID.6472]
[MD5.BC31B27061F27E8968CD0435C038F712] - (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174720] [PID.6820]
[MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] - (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016] [PID.6852]
[MD5.B9BF29CC884BDD499803C3ED1F97FA41] - (.ASUSTeK Computer Inc. - A program that manage wireless devices in s.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072] [PID.6936]
[MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848] [PID.6988]
[MD5.15D2DB9BFA8E833ED31FAB2BB088FDDA] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe [356128] [PID.1904]
[MD5.FDB2FB392B20797AF3F4ED9D7699938E] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152] [PID.6152]
[MD5.5DFE72B9F1FF669070FC032090B7B982] - (.Sun Microsystems, Inc. - Java(TM) Update Checker.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe [507312] [PID.9668]
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\SysWOW64\DllHost.exe [7168] [PID.10840]
[MD5.AAB979089E192ACC0FE1E3C018F8B591] - (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Marie-Ange\AppData\Local\Akamai\netsession_win.exe [4480768] [PID.5748]
[MD5.DC12AAAE925C0211E4668B9C90BDD2BA] - (.Systweak - Advanced System Protector.) -- C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe [6600048] [PID.9640] =>PUP.AdvancedSystemProtector
[MD5.64A2A75D8F4BD07BD0A0029AA8825BBF] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8353792] [PID.10084]
[MD5.FC0BF82B3968F1D8CD13B3F721668193] - (.Trusteer Ltd. - RapportMgmtService.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1444120] [PID.1068]
[MD5.A3626C6D3F2DC95497F3F61842D7FD89] - (.ASUS - ASLDR Service.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [80512] [PID.1652]
[MD5.DBC598E47E7A382E60E2A4745D41FEF9] - (.ASUS - GFNEXSrv.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896] [PID.1684]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1256]
[MD5.6A122B4F0E5293CACFA8A5F2CBA9B356] - (.ASUS - ASUS InstantOn Program.) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120] [PID.1484]
[MD5.A52EA1D8C2900055323C93DDB252A3DA] - (.Intel Corporation - Bluetooth Device Monitor.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [1014096] [PID.2056]
[MD5.34AE0DFA3EE3B5B9975042D87332D0B7] - (...) -- C:\Users\Marie-Ange\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [107520] [PID.2244] =>Adware.Bandoo
[MD5.28DDEEEC44E988657B732CF404D504CB] - (.Microsoft Corporation - Windows Live Family Safety Service.) -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [1492840] [PID.2384]
[MD5.896AA2F1D79662B17D5DBBE588E24E30] - (...) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280] [PID.2768]
[MD5.3C6630473DD42FFC57D9F5564F533127] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560] [PID.2792]
[MD5.573E26372B9FBC68E74EA1060CC8BE5D] - (...) -- C:\Users\Marie-Ange\AppData\Local\tuto4pc_fr_15\supt4pc_fr_15.exe [3057000] [PID.3004] =>PUP.Eorezo
[MD5.392450754E17FF778CBC5B9D20583AD1] - (.Intel Corporation - Bluetooth OBEX Service.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [1104208] [PID.2496]
[MD5.6239DD7975E92941241CABB704248A19] - (...) -- C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe [574464] [PID.3912] =>Adware.Bandoo
[MD5.C98ACDE22458C8F46FD0503CB9E2D01F] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe [223112] [PID.732]
[MD5.2B23FAA39D8F949ED5EEE03ECA50BCD5] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [277784] [PID.3824]
[MD5.08FF446D7E15B251431838E29E74DBB8] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2348864] [PID.2940]
[MD5.3C5405EF78576E8E4D791EB18F6856A8] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [363800] [PID.4172]
[MD5.20DDC9CED8BC8390138F3187E0FF7411] - (.ASUSTek Computer Inc. - HControl.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe [174720] [PID.4708]
[MD5.3CF87D0243C7D37FAA1A79C013FD3FB5] - (.ASUS - ASUS InstantOn Program.) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe [309888] [PID.4752]
[MD5.149126216A694E6BA84E92ECA77AAE3B] - (.ASUS - ATKOSD.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe [2488888] [PID.4976]
[MD5.AA11E1368EEB237DD100BAC6AFFE1C57] - (.ASUS - KBFiltr.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe [113208] [PID.2528]
[MD5.4A7C441D99D86704D194E7678873B95D] - (.ASUS - WDC.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe [174648] [PID.3476]
[MD5.091210450CA7CED08F360D9D7FEC5D11] - (.Intel Corporation - Bluetooth Media Service.) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1304912] [PID.5884]
~ Processes Running: Scanned in 00mn 02s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Marie-Ange\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 0 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mysearchresults.com =>Adware.MyWebSearch
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://search.safefinder.com/?q= =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://search.safefinder.com/?q= =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = https://search.safefinder.com/?q= =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://search.safefinder.com/?q= =>Hijacker.SmartBar
~ IE Browser: 25 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
O1 - Hosts: 54.204.28.26 pijgnnckopdlbejpjnmhebjpmdckdgik
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 23
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: CrossriderApp0012767 [64Bits] - {11111111-1111-1111-1111-110111271167} . (.215 Apps - Tiger Savings BHO.) -- C:\Program Files (x86)\Tiger Savings\Tiger Savings.dll =>PUP.SpecialSavings
O2 - BHO: Babylon toolbar helper [64Bits] - {2EECD738-5844-4a99-B4B6-146BF802613B} . (...) -- C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.11.10\bh\BabylonToolbar.dll (.not file.) =>PUP.Babylon
O2 - BHO: Internet Turbo SmartbarEngine [64Bits] - {31ad400d-1b06-4e33-a59a-90c2c140cba0} . (...) -- mscoree.dll (.not file.) =>Hijacker.SmartBar
O2 - BHO: AppGraffiti [64Bits] - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} . (.Omega Partners Ltd - AppGraffiti Browser Helper Object.) -- C:\Program Files (x86)\AppGraffiti\AppGraffiti.dll =>PUP.AppGraffiti
O2 - BHO: DefaultTabBHO [64Bits] - {7F6AFBF1-E065-4627-A2FD-810366367D01} . (.Search Results LLC. - Search Results.) -- C:\Users\Marie-Ange\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll =>Adware.Bandoo
O2 - BHO: DealPly Shopping [64Bits] - {a6c63b7f-2171-47fa-ab34-e64c4737169d} . (.DealPly - DealPly Shopping for Internet Explorer.) -- C:\Program Files (x86)\DealPly\DealPlyIE.dll =>PUP.DealPly
O2 - BHO: Yontoo Layers [64Bits] - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} . (.Yontoo LLC - Yontoo Runtime.) -- C:\Program Files (x86)\Yontoo\YontooIEClient.dll =>Adware.Yontoo
~ BHO: 48 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Internet Turbo Smartbar - [HKLM]{ae07101b-46d4-4a98-af68-0333ea26e113} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>Hijacker.SmartBar
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D7E97865-918F-41E4-9CD0-25AB1C574CE8} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Advanced System Protector.lnk . (.Systweak - Advanced System Protector.) -- C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe =>PUP.AdvancedSystemProtector
O4 - GS\Desktop [Public]: ASUS WebStorage.lnk . (.ecareme - AsusWebStorage.) -- C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe
O4 - GS\Desktop [Public]: Elsword.lnk . (...) -- C:\Program Files (x86)\Gameforge4D\Elsword_FR\elsword.exe
O4 - GS\Desktop [Public]: FLV Video Player.lnk . (.Somoto Ltd. - FLV Video Player Install.) -- C:\Users\Marie-Ange\AppData\Local\Temp\9253.tmp =>Adware.MegaSearch
O4 - GS\Desktop [Public]: Intel(R) WiDi.lnk . (.Intel Corporation - WiDiApp.) -- C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe
O4 - GS\Desktop [Public]: Kaspersky Anti-Virus 2013.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus Launcher.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\starter_avp.exe
O4 - GS\Desktop [Public]: RegClean Pro.lnk . (.Systweak Inc - RegClean Pro.) -- C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe =>Rogue.RegistryPowerCleaner
O4 - GS\Desktop [Public]: ScanWise.lnk . (.Agfa - Agfa ScanWise 2.0.) -- C:\Program Files (x86)\Agfa\ScanWise 2_00\scanwise.exe
O4 - GS\Program [Public]: Intel(R) WiDi.lnk . (.Intel Corporation - WiDiApp.) -- C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe
O4 - GS\QuickLaunch [UpdatusUser]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [UpdatusUser]: AGFAnet Print Service.lnk . (.FotoWire Development S.A. - fwPrint Application.) -- C:\Program Files (x86)\AGFAnet\Internet Print Service\fwPrint.exe
O4 - GS\Desktop [UpdatusUser]: Audible Manager.lnk . (.Audible Inc. - AudibleManager Application Executable.) -- C:\Program Files (x86)\Audible\Bin\Manager.exe
O4 - GS\QuickLaunch [Marie-Ange]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Marie-Ange]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Marie-Ange]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [Marie-Ange]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [Marie-Ange]: PlanetSide 2 PSG.lnk . (.Sony Online Entertainment - Sony Online Entertainment LaunchPad.) -- C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2 PSG\LaunchPad.exe
O4 - GS\Program [Marie-Ange]: Search.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe https://search.safefinder.com/?q= =>Hijacker.SmartBar
O4 - GS\SystemTools [Marie-Ange]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Marie-Ange]: AGFAnet Print Service.lnk . (.FotoWire Development S.A. - fwPrint Application.) -- C:\Program Files (x86)\AGFAnet\Internet Print Service\fwPrint.exe
O4 - GS\Desktop [Marie-Ange]: Audible Manager.lnk . (.Audible Inc. - AudibleManager Application Executable.) -- C:\Program Files (x86)\Audible\Bin\Manager.exe
O4 - GS\Desktop [Marie-Ange]: Continue Vid-Saver Installation.lnk . (...) -- C:\Users\Marie-Ange\AppData\Local\Temp\ICReinstall_setup.exe =>Adware.VidSaver
O4 - GS\Desktop [Marie-Ange]: Driver Pro.lnk . (.PC Utilities Pro - Update your drivers now!.) -- C:\Program Files (x86)\Driver Pro\DriverPro.exe
O4 - GS\Desktop [Marie-Ange]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Marie-Ange]: Kaspersky Security Scan.lnk . (.Kaspersky Lab ZAO - Kaspersky Security Scan.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
O4 - GS\Desktop [Marie-Ange]: RecentPlaces.lnk - Clé orpheline
O4 - GS\Desktop [Marie-Ange]: Search.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe https://search.safefinder.com/?q= =>Hijacker.SmartBar
O4 - GS\Desktop [Marie-Ange]: Terraria Server.lnk . (...) -- C:\Program Files (x86)\Terraria\start-server.bat
O4 - GS\Desktop [Marie-Ange]: Terraria.lnk . (.Re-Logic - Terraria.) -- C:\Program Files (x86)\Terraria\Terraria.exe
~ Global Startup: 97 Legitimates Filtered in 00mn 01s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: AsusVibeLauncher.lnk . (.ASUSTeK Computer Inc. - AsusVibe Application.) -- C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [BLEServicesCtrl] . (.Intel Corporation - Bluetooth LE Services Control Program.) -- C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
O4 - HKLM\..\Run: [BTMTrayAgent] . (.Intel Corporation - Bluetooth Shell Extension.) -- C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll
O4 - HKLM\..\Run: [fssui] . (.Microsoft Corporation - Windows Live Family Safety Filter.) -- C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.exe (.not file.)
O4 - HKCU\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (.not file.)
O4 - HKCU\..\Run: [KSS] . (.Kaspersky Lab ZAO - Kaspersky Security Scan.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [SDP] . (.Somoto - FilesFrog.com Update Checker.) -- C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe =>Adware.MegaSearch
O4 - HKCU\..\Run: [Driver Pro] . (.PC Utilities Pro - Driver Pro - Update your drivers now!.) -- C:\Program Files (x86)\Driver Pro\DPLauncher.exe
O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (.not file.)
O4 - HKCU\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Marie-Ange\AppData\Local\Akamai\netsession_win.exe
O4 - HKCU\..\Run: [FLV Player] . (.Pas de propriétaire - WebPlayer.) -- C:\Users\Marie-Ange\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe =>Adware.SocialSkinz
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [ASUSPRP] . (.ASUSTek Computer Inc. - ASUS Product Register Program.) -- C:\Program Files (x86)\ASUS\APRP\APRP.exe
O4 - HKLM\..\Wow6432Node\Run: [ASUSWebStorage] . (.ecareme - AsusWebStorage.) -- C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe
O4 - HKLM\..\Wow6432Node\Run: [USB3MON] . (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKOSD2] . (.ASUSTek Computer Inc. - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKMEDIA] . (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Wow6432Node\Run: [HControlUser] . (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Wow6432Node\Run: [Wireless Console 3] . (.ASUSTeK Computer Inc. - A program that manage wireless devices in s.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [AVP] . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
O4 - HKLM\..\Wow6432Node\Run: [InboxToolbar] C:\Program Files (x86)\Inbox Toolbar\Inbox.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics Co
O4 - HKLM\..\Wow6432Node\Run: [tuto4pc_fr_33] Clé orpheline =>PUP.AgenceExclusive
O4 - HKLM\..\Wow6432Node\RunOnce: [Tiger Savings-repairJob] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>PUP.SpecialSavings
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1698605871-1341096515-2510481856-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1698605871-1341096515-2510481856-1000\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Clavier virtuel [64Bits] - {0C4CC089-D306-440D-9772-464E226F6539} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\kbrd.ico
O9 - Extra button: Analyse des liens [64Bits] - {CCF151D8-D089-449F-A5A4-D9909053F20F} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\logo.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{BE22C20E-E167-4E0C-9DBA-838336C7823D}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\..\{E5BB8323-B9CA-4E26-87C5-9C868BA99374}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{BE22C20E-E167-4E0C-9DBA-838336C7823D}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{E5BB8323-B9CA-4E26-87C5-9C868BA99374}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{BE22C20E-E167-4E0C-9DBA-838336C7823D}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{E5BB8323-B9CA-4E26-87C5-9C868BA99374}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.NVIDIA Corporation - NVIDIA shim initialization dll, Version 290.) - C:\Windows\system32\nvinitx.dll
~ AppInit DLL: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: DefaultTabSearch (DefaultTabSearch) . (...) - C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe =>Adware.Bandoo
O23 - Service: DefaultTabUpdate (DefaultTabUpdate) . (...) - C:\Users\Marie-Ange\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe =>Adware.Bandoo
O23 - Service: supt4pc_fr_15 (supt4pc_fr_15) . (...) - C:\Users\Marie-Ange\AppData\Local\tuto4pc_fr_15\supt4pc_fr_15.exe =>PUP.Eorezo
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) . (.Intel® Corporation - Intel® PROSet/Wireless Zero Configure Servi.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
~ Services: 28 Legitimates Filtered in 00mn 45s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AmiUpdXp.job [376] =>PUP.Software.Updater
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\bench-S-1-5-21-1698605871-1341096515-2510481856-1001.job [354] =>PUP.GiganticSavings
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\bench-sys.job [354] =>PUP.GiganticSavings
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Dealply.job [306] =>PUP.DealPly
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\LyricsWoofer Update.job [414] =>Adware.AddLyrics
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RegClean Pro_DEFAULT.job [286] =>Rogue.RegistryPowerCleaner
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RegClean Pro_UPDATES.job [294] =>Rogue.RegistryPowerCleaner
[MD5.8FAACF0D634C999758A010F6D06D04BF] [APT] [Advanced System Protector] (.Systweak Inc.) -- C:\Program Files (x86)\RegClean Pro\SystweakASP.exe [610544] =>PUP.AdvancedSystemProtector
[MD5.DC12AAAE925C0211E4668B9C90BDD2BA] [APT] [Advanced System Protector_startup] (.Systweak.) -- C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe [6600048] =>PUP.AdvancedSystemProtector
[MD5.00000000000000000000000000000000] [APT] [AmiUpdXp] (...) -- C:\Users\Marie-Ange\AppData\Local\SwvUpdater\Updater.exe (.not file.) [0] =>PUP.Software.Updater
[MD5.83F9FD1FD4B72219901CD9004AD06804] [APT] [bench-S-1-5-21-1698605871-1341096515-2510481856-1001] (...) -- C:\Program Files (x86)\Bench\Updater\updater.exe [69120] =>PUP.GiganticSavings
[MD5.83F9FD1FD4B72219901CD9004AD06804] [APT] [bench-sys] (...) -- C:\Program Files (x86)\Bench\Updater\updater.exe [69120] =>PUP.GiganticSavings
[MD5.D2BCD7C1922E9A5205C0F6D86021FE3D] [APT] [Dealply] (...) -- C:\Users\Marie-Ange\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.exe [101992] =>PUP.DealPly
[MD5.D5EEF2373D25D355B8A45148758A4E07] [APT] [DealPlyUpdate] (.DealPly.) -- C:\Program Files (x86)\DealPly\DealPlyUpdate.exe [78424] =>PUP.DealPly
[MD5.3E8DCB18626B2D82E4010B3EAEAD4245] [APT] [DTReg] (.Search Results, LLC.) -- C:\Users\Marie-Ange\AppData\Roaming\DefaultTab\DefaultTab\DTReg.exe [58976] =>Adware.Bandoo
[MD5.00000000000000000000000000000000] [APT] [LyricsWoofer Update] (...) -- C:\Program Files (x86)\LyricsWoofer\LyricsWooferUPD.exe (.not file.) [0] =>Adware.AddLyrics
[MD5.52D2773D0FEE52BF8C47FCBBA628258A] [APT] [RegClean Pro] (.Systweak Inc.) -- C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [7751096] =>Rogue.RegistryPowerCleaner
[MD5.52D2773D0FEE52BF8C47FCBBA628258A] [APT] [RegClean Pro_DEFAULT] (.Systweak Inc.) -- C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [7751096] =>Rogue.RegistryPowerCleaner
[MD5.52D2773D0FEE52BF8C47FCBBA628258A] [APT] [RegClean Pro_UPDATES] (.Systweak Inc.) -- C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [7751096] =>Rogue.RegistryPowerCleaner
[MD5.A6476AE23CE456CD4F92C454BA141215] [APT] [{0C01B8FF-7E07-4C32-BD7B-32F5C32AB3A9}] (...) -- C:\ProgramData\Wizard101(FR)\Wizard101.exe [137384]
[MD5.A6476AE23CE456CD4F92C454BA141215] [APT] [{0C05501B-8C34-499B-875B-16B46345996B}] (...) -- C:\ProgramData\Wizard101(FR)\Wizard101.exe [137384]
~ Scheduled Task: 90 Legitimates Filtered in 00mn 08s
---\\ Logiciels installés (O42)
O42 - Logiciel: Advanced System Protector - (.Systweak Software.) [HKLM][64Bits] -- 00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1 =>PUP.AdvancedSystemProtector
O42 - Logiciel: DealPly (remove only) - (.DealPly Technologies Ltd..) [HKLM][64Bits] -- DealPly =>PUP.DealPly
O42 - Logiciel: Dealply - (...) [HKCU][64Bits] -- Dealply =>PUP.DealPly
O42 - Logiciel: DefaultTab - (.Search Results, LLC.) [HKLM][64Bits] -- DefaultTab =>Adware.Bandoo
O42 - Logiciel: Internet Turbo - (.ReSoft Ltd..) [HKLM][64Bits] -- {C4E25446-4162-44B8-821D-739B3ED9B130}
O42 - Logiciel: Internet Turbo Engine - (.ReSoft Ltd..) [HKCU][64Bits] -- {c5dba18f-8161-4039-b61c-31e52ee63868}
O42 - Logiciel: LyricsWoofer - (.Lyrics Woofer LTD.) [HKLM][64Bits] -- lwoofer@lyricswoofer.co =>Adware.AddLyrics
O42 - Logiciel: RegClean Pro - (.Systweak Inc.) [HKLM][64Bits] -- RegClean Pro_is1 =>Rogue.RegistryPowerCleaner
O42 - Logiciel: SweetIM for Messenger 3.7 - (.SweetIM Technologies Ltd..) [HKLM][64Bits] -- {7683B745-6060-41FD-AA75-0BBB383FEAD4} =>PUP.SweetIM
O42 - Logiciel: Tiger Savings - (.215 Apps.) [HKLM][64Bits] -- Tiger Savings =>PUP.SpecialSavings
O42 - Logiciel: Tiger Savings - (.Smart Apps.) [HKLM][64Bits] -- 12767_Tiger Savings =>PUP.SpecialSavings
O42 - Logiciel: Update Manager for SweetPacks 1.1 - (.SweetIM Technologies Ltd..) [HKLM][64Bits] -- {EA8FA6BE-29BE-4AF2-9352-841F83215EB0} =>PUP.SweetIM
O42 - Logiciel: Yontoo 1.12.02 - (.Yontoo LLC.) [HKLM][64Bits] -- {889DF117-14D1-44EE-9F31-C5FB5D47F68B} =>Adware.Yontoo
~ Logic: 33 Legitimates Filtered in 00mn 02s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Alexa Internet]
[HKCU\Software\BI]
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\BabylonToolbar] =>PUP.Babylon
[HKCU\Software\DataMngr] =>PUP.Datamngr
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\DealPly] =>PUP.DealPly
[HKCU\Software\Default Tab] =>Adware.Bandoo
[HKCU\Software\DefaultTab] =>Adware.Bandoo
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\Inbox Toolbar]
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKCU\Software\SmartbarBackup] =>Hijacker.SmartBar
[HKCU\Software\SmartbarLog] =>Hijacker.SmartBar
[HKCU\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\Somoto] =>Adware.MegaSearch
[HKCU\Software\TutoTag] =>Spyware.AgenceExclusive
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKCU\Software\de88d8e569bf10] =>PUP.Babylon
[HKCU\Software\wscontb]
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKLM\Software\Wow6432Node\BabylonToolbar] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Babylon] =>PUP.Babylon
[HKLM\Software\Wow6432Node\DataMngr] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\Default Tab] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Inbox Toolbar]
[HKLM\Software\Wow6432Node\TUTO4PC] =>PUP.AgenceExclusive
[HKLM\Software\Wow6432Node\de88d8e569bf10] =>PUP.Babylon
~ Key Software: 370 Legitimates Filtered in 00mn 02s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 01/11/2013 - 17:48:40 - [0] ----D C:\Program Files (x86)\24x7Help =>PUP.24x7Help
O43 - CFD: 16/03/2014 - 17:25:02 - [19,610] ----D C:\Program Files (x86)\Advanced System Protector =>PUP.AdvancedSystemProtector
O43 - CFD: 02/02/2013 - 16:47:54 - [0] ----D C:\Program Files (x86)\BabylonToolbar =>PUP.Babylon
O43 - CFD: 01/06/2013 - 14:11:41 - [1,236] ----D C:\Program Files (x86)\DealPly =>PUP.DealPly
O43 - CFD: 14/03/2014 - 09:54:49 - [0,983] ----D C:\Program Files (x86)\DefaultTab =>Adware.Bandoo
O43 - CFD: 01/06/2013 - 14:11:52 - [0] ----D C:\Program Files (x86)\FindLyrics =>Adware.AddLyrics
O43 - CFD: 15/02/2013 - 20:04:32 - [1,022] ----D C:\Program Files (x86)\Iminent =>Adware.IMBooster
O43 - CFD: 01/07/2013 - 20:17:40 - [0] ----D C:\Program Files (x86)\LyricsFan =>Adware.AddLyrics
O43 - CFD: 21/08/2013 - 18:07:17 - [0,869] ----D C:\Program Files (x86)\LyricsWoofer =>Adware.AddLyrics
O43 - CFD: 16/03/2014 - 17:18:26 - [14,137] ----D C:\Program Files (x86)\RegClean Pro =>Rogue.RegistryPowerCleaner
O43 - CFD: 08/03/2013 - 14:43:04 - [3,907] ----D C:\Program Files (x86)\Tiger Savings =>PUP.SpecialSavings
O43 - CFD: 15/02/2013 - 18:58:55 - [0,189] ----D C:\Program Files (x86)\Yontoo =>Adware.Yontoo
O43 - CFD: 11/11/2012 - 12:14:35 - [4,797] ----D C:\Program Files (x86)\~BabylonToolbar =>PUP.Babylon
O43 - CFD: 02/02/2013 - 16:47:20 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 15/02/2013 - 18:58:55 - [2,571] ----D C:\ProgramData\Tarma Installer =>PUP.Tarma
O43 - CFD: 11/11/2012 - 21:05:07 - [4,242] ----D C:\ProgramData\~Browser Manager
O43 - CFD: 01/06/2013 - 14:11:37 - [0,010] ----D C:\Users\Marie-Ange\AppData\Roaming\Babylon =>PUP.Babylon
O43 - CFD: 01/06/2013 - 14:11:43 - [0,097] ----D C:\Users\Marie-Ange\AppData\Roaming\Dealply =>PUP.DealPly
O43 - CFD: 15/02/2013 - 18:59:31 - [3,371] ----D C:\Users\Marie-Ange\AppData\Roaming\DefaultTab =>Adware.Bandoo
O43 - CFD: 19/05/2013 - 14:29:13 - [0] ----D C:\Users\Marie-Ange\AppData\Local\eorezo =>PUP.Eorezo
O43 - CFD: 16/02/2014 - 14:55:43 - [0,377] ----D C:\Users\Marie-Ange\AppData\Local\Tiger Savings =>PUP.SpecialSavings
O43 - CFD: 10/11/2012 - 18:15:59 - [2,916] ----D C:\Users\Marie-Ange\AppData\Local\tuto4pc_fr_15 =>PUP.AgenceExclusive
O43 - CFD: 08/03/2013 - 14:42:47 - [0,209] ----D C:\Users\Marie-Ange\AppData\Local\Updater12767 =>PUP.CrossRider
O43 - CFD: 01/06/2013 - 14:11:41 - [0,001] ----D C:\Users\Marie-Ange\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly =>PUP.DealPly
~ 92 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 282 Legitimates Filtered in 00mn 28s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.CE251790D21B525FE220CAF49EBDB356] - 16/03/2014 - 17:18:28 ---A- . (.Systweak Inc., (www.systweak.com) - Regclean Pro.) -- C:\Windows\System32\roboot64.exe [19896] =>Rogue.RegistryPowerCleaner
O44 - LFC:[MD5.CB8572E790FCE09714143741C20E9934] - 16/03/2014 - 17:24:59 ---A- . (...) -- C:\Windows\System32\sasnative64.exe [16896]
~ Files: 40 Legitimates Filtered in 00mn 04s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.8CADE8F5AB46398AA89C40349744C951] - 14/03/2014 - 09:43:11 ---A- - C:\Windows\Prefetch\TIGER SAVINGS.EXE-B360520A.pf =>PUP.SpecialSavings
O45 - LFCP:[MD5.7457D183B2ECF1FFCE3C71ED8AC11D50] - 14/03/2014 - 09:55:17 ---A- - C:\Windows\Prefetch\RAPPORTMGMTSERVICE.EXE-94A196FF.pf
O45 - LFCP:[MD5.C6203C87AED0E5D8674F06D75EB3D0A6] - 16/03/2014 - 17:26:27 ---A- - C:\Windows\Prefetch\TIGER SAVINGS-BG.EXE-C655F148.pf =>PUP.SpecialSavings
O45 - LFCP:[MD5.77B6168A379374FBE5855F24DF949303] - 16/03/2014 - 17:29:30 ---A- - C:\Windows\Prefetch\DEFAULTTABSTART64.EXE-7FAE50A8.pf =>Adware.Bandoo
O45 - LFCP:[MD5.B4F3901A5C4A608A884367472ACD24D9] - 16/03/2014 - 17:41:48 ---A- - C:\Windows\Prefetch\DEFAULTTABSTART.EXE-1DE6AC26.pf =>Adware.Bandoo
O45 - LFCP:[MD5.E73C89EE7482FD53D0CFFA5F22B5D6C1] - 16/03/2014 - 18:11:00 ---A- - C:\Windows\Prefetch\UPDATE~1.EXE-7FB90E93.pf
~ Prefetcher: 141 Legitimates Filtered in 00mn 00s
---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{9b38e31b-3f1e-11e3-83c3-685d43708cca}\AutoRun\command. (...) -- E:\OpenSecureFiles.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 20 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 16 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.1C591C1A0CB8ABE215FF66F9A1D8E955] - 09/01/2012 - 13:13:12 ---A- . (.Windows (R) Win 7 DDK provider - Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapt.) -- C:\Windows\System32\Drivers\AmpPal.sys [195584]
O58 - SDL:[MD5.CBF4C9263F35A9E80E4AD5CBBAE6049C] - 11/04/2012 - 23:49:00 ---A- . (.Windows (R) Win 7 DDK provider - ASUS Virtual Bus.) -- C:\Windows\System32\Drivers\AsusVBus.sys [35968]
O58 - SDL:[MD5.C951F6F1D909E1AAD7160D9EE860A3F1] - 11/04/2012 - 23:48:58 ---A- . (.Windows (R) Win 7 DDK provider - ASUS HID mini driver for Virtual Touch Device.) -- C:\Windows\System32\Drivers\AsusVTouch.sys [16512]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.42B4D3D746B3625EF42233C3897E1F68] - 19/02/2012 - 19:16:24 ---A- . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\Drivers\ETD.sys [200488]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.E63EF8C3271D014F14E2469CE75FECB4] - 20/07/2009 - 10:29:40 ---A- . (.Pas de propriétaire - Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\kbfiltr.sys [15416]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
~ Drivers: 20 Legitimates Filtered in 00mn 02s
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 14/03/2014 - 18:24:53 -SHA- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\Microsoft\Credentials\8F84B88ECF71B3FF6A47F5C6D5C43F02 [816]
O61 - LFC: 14/03/2014 - 18:24:54 RSHA- . (...) -- C:\Users\Marie-Ange\ntuser.pol [664]
O61 - LFC: 16/03/2014 - 18:24:52 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\ASUS WebStorage\Logs\AWS-explorer.txt [3044]
O61 - LFC: 16/03/2014 - 18:24:52 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\ASUS WebStorage\Logs\AWS-rundll32.txt [0]
O61 - LFC: 16/03/2014 - 18:24:52 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\Dealply\UpdateProc\TTL.DAT [4] =>PUP.DealPly
O61 - LFC: 16/03/2014 - 18:24:52 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\Dealply\UpdateProc\info.dat [58] =>PUP.DealPly
O61 - LFC: 16/03/2014 - 18:24:52 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.cfg [15338] =>Adware.Bandoo
O61 - LFC: 16/03/2014 - 18:24:52 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\DefaultTab\DefaultTab\amazon_ie.ico [1150] =>Adware.Bandoo
O61 - LFC: 16/03/2014 - 18:24:52 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\DefaultTab\DefaultTab\ebay_ie.ico [1406] =>Adware.Bandoo
O61 - LFC: 16/03/2014 - 18:24:52 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\DefaultTab\DefaultTab\search_here_ie.ico [1406] =>Adware.Bandoo
O61 - LFC: 16/03/2014 - 18:24:53 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\DefaultTab\DefaultTab\twitter_ie.ico [1150] =>Adware.Bandoo
O61 - LFC: 16/03/2014 - 18:24:53 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\DefaultTab\DefaultTab\wikipedia_ie.ico [318] =>Adware.Bandoo
O61 - LFC: 16/03/2014 - 18:24:53 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\Systweak\Advanced System Protector\2.1.1000.12594\ASPLog.txt [3952] =>PUP.AdvancedSystemProtector
O61 - LFC: 16/03/2014 - 18:24:53 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\sp_data.sys [127]
O61 - LFC: 16/03/2014 - 18:24:54 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\Systweak\Advanced System Protector\ASPStartupManagerErrorLog.txt [226] =>PUP.AdvancedSystemProtector
O61 - LFC: 16/03/2014 - 18:24:54 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\Systweak\Advanced System Protector\Logs\SMLog.xml [14577] =>PUP.AdvancedSystemProtector
O61 - LFC: 16/03/2014 - 18:24:54 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\Systweak\Advanced System Protector\Logs\log_16-03-14_05-58-52.xml [357703] =>PUP.AdvancedSystemProtector
O61 - LFC: 16/03/2014 - 18:24:54 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\Systweak\Advanced System Protector\QDetail.db [4096] =>PUP.AdvancedSystemProtector
O61 - LFC: 16/03/2014 - 18:24:54 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\Systweak\Advanced System Protector\Settings.db [12288] =>PUP.AdvancedSystemProtector
O61 - LFC: 16/03/2014 - 18:24:54 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\ExcludeList.rcp [6] =>Rogue.RegistryPowerCleaner
O61 - LFC: 16/03/2014 - 18:24:54 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\French_rcp.dat [58022] =>Rogue.RegistryPowerCleaner
O61 - LFC: 16/03/2014 - 18:24:54 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rmx [192] =>Rogue.RegistryPowerCleaner
O61 - LFC: 16/03/2014 - 18:24:54 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rxb [1794] =>Rogue.RegistryPowerCleaner
O61 - LFC: 16/03/2014 - 18:24:54 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\TempHLList.rcp [6] =>Rogue.RegistryPowerCleaner
O61 - LFC: 16/03/2014 - 18:24:54 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\results.rcp [307906] =>Rogue.RegistryPowerCleaner
O61 - LFC: 16/03/2014 - 18:24:54 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\WB.CFG [84]
O61 - LFC: 16/03/2014 - 18:24:54 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\ZHP\Log.txt [72650] =>.Nicolas Coolman
O61 - LFC: 16/03/2014 - 18:24:54 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\ZHP\TestsZHPDiag.txt [2982] =>.Nicolas Coolman
O61 - LFC: 16/03/2014 - 18:24:54 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\ZHP\ZHPADSReport.txt [351] =>.Nicolas Coolman
O61 - LFC: 16/03/2014 - 18:24:54 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\ZHP\ZHPDiag.txt [120993] =>.Nicolas Coolman
~ 18 Fichiers temporaires (Temporary files)
~ Files: 108 Legitimates Filtered in 00mn 07s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.exe> <exefile>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {006ee092-9658-4fd6-bd8e-a21a348e59f5} [DefaultScope] - (Web Search) - https://search.safefinder.com/?q= =>Hijacker.SmartBar
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Delta Search) - http://search.babylon.com =>PUP.Babylon
O69 - SBI: SearchScopes [HKCU] {2EC4F35E-9434-4129-99BE-C585F95647CF} - (Search Here) - http://www.mysearchresults.com =>Adware.MyWebSearch
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.0D3B680986310AE5540578C0E481C6A0] [SPRF][06/10/2010] (...) -- C:\ProgramData\FullRemove.exe [131984]
[MD5.FDEB48B5877ED05D55166212CCDF251F] [SPRF][31/01/2013] (...) -- C:\ProgramData\ntuser.dat [262144]
[MD5.7549FFC58C6EACDAA5C39284311EEA43] [SPRF][16/03/2014] (...) -- C:\Users\Marie-Ange\AppData\Roaming\sp_data.sys [127]
[MD5.E1033F4610579A2411FA46F38302997D] [SPRF][13/06/2013] (...) -- C:\Users\Marie-Ange\Desktop\setup.exe [609336]
[MD5.911F4943852278A59895FE2B4C45A0BB] [SPRF][12/04/2013] (.Re-Logic - Terraria 1.1.2 Installation.) -- C:\Users\Marie-Ange\Desktop\Terrariav1.1.2.exe [16444572]
[MD5.F8898E517B34B069D55592CB99EF43DA] [SPRF][13/09/2012] (.Conduit - WiseConvert_1.5 Toolbar.) -- C:\Users\Marie-Ange\Desktop\WiseConvert_1.5.exe [2155528] =>Toolbar.Conduit
~ Files: 8 Legitimates Filtered in 00mn 00s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "7E685771E24E83F4381D1DB5A45F7B41" . (.Delta Chrome Toolbar.) -- C:\Windows\Installer\{177586E7-E42E-4F38-83D1-D15B4AF5B714}\Delta.ico =>Toolbar.DeltaSearch
O90 - PUC: "9EE58E3C298524145B73CBBED3CAC4D3" . (.Internet Explorer Toolbar 4.6 by SweetPacks.) -- C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}\ARPPRODUCTICON.exe =>PUP.SweetIM
O90 - PUC: "AF2CF8FE20EBB4443855807CA5D6E7A3" . (.Boxore Client.) -- C:\Windows\Installer\{EF8FC2FA-BE02-444B-8355-08C75A6D7E3A}\boxore.ico =>Adware.Boxore
~ Update Products: 260 Legitimates Filtered in 00mn 00s
---\\ Export de clés de registre aléatoires (O91)
[HKCU\Software\de88d8e569bf10\history\{16cdff19-861d-48e3-a751-d99a27784753}2.2.630.40]:guid="{16cdff19-861d-48e3-a751-d99a27784753}" =>PUP.Babylon
[HKCU\Software\de88d8e569bf10\history\{16cdff19-861d-48e3-a751-d99a27784753}2.2.630.40]:version="2.2.630.40" =>PUP.Babylon
[HKCU\Software\de88d8e569bf10\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.787.43]:guid="{16cdff19-861d-48e3-a751-d99a27784753}" =>PUP.Babylon
[HKCU\Software\de88d8e569bf10\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.787.43]:version="2.3.787.43" =>PUP.Babylon
[HKCU\Software\de88d8e569bf10\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.3.811.154]:guid="{61d8b74e-8d89-46ff-afa6-33382c54ac73}" =>PUP.Babylon
[HKCU\Software\de88d8e569bf10\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.3.811.154]:version="2.3.811.154" =>PUP.Babylon
[HKCU\Software\de88d8e569bf10\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.4.897.175]:guid="{61d8b74e-8d89-46ff-afa6-33382c54ac73}" =>PUP.Babylon
[HKCU\Software\de88d8e569bf10\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.4.897.175]:version="2.4.897.175" =>PUP.Babylon
[HKCU\Software\de88d8e569bf10\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Hijacker.Eazel
[HKCU\Software\de88d8e569bf10\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:version="2.6.1095.52" =>Hijacker.Hijacker.Eazel
[HKCU\Software\de88d8e569bf10] =>PUP.Babylon^
[HKLM\Software\Wow6432Node\de88d8e569bf10] => Clé orpheline
~ Export Key Software: Scanned in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.B144B2E367FC30C5020085DABB617B82] [WIS][02/11/2012] (.SweetIM Technologies Ltd. - SweetIM for Messenger 3.7.) -- C:\Windows\Installer\13738743.msi [3704832] =>PUP.SweetIM
[MD5.EDD21B7C504C7E3F36DE766B31BD3178] [WIS][02/11/2012] (.SweetIM Technologies Ltd. - SweetPacks Toolbar for Internet Explorer 4.0.) -- C:\Windows\Installer\13738749.msi [3304960] =>PUP.SweetIM
[MD5.3CD19859CD377AD00B30E4BEE49D374E] [WIS][02/11/2012] (.SweetIM Technologies Ltd. - Sweetpacks Communicator 1.1.) -- C:\Windows\Installer\1373874f.msi [2997248] =>PUP.SweetIM
[MD5.8825FC48BD37615FAFF318A26A684709] [WIS][11/09/2012] (.Boxore OU - Boxore Client Installer.) -- C:\Windows\Installer\19696b3.msi [1511424] =>Adware.Boxore
[MD5.35C918348CBB0877BCD5A3CF24C13761] [WIS][25/11/2012] (.DeltaInstaller - Delta Chrome Toolbar.) -- C:\Windows\Installer\2022e897.msi [573440] =>Toolbar.DeltaSearch
[MD5.B67811645C5A3B8E4E4B1A1DB1EE271C] [WIS][19/09/2012] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\3683d7.msi [45056] =>Adware.Boxore
[MD5.A25D73A4A45222261189F86AA392EAEB] [WIS][06/11/2012] (.IMinent - IMinent Toolbar.) -- C:\Windows\Installer\d9fcc6.msi [1025536] =>Adware.IMBooster
~ WIS: 263 Legitimates Filtered in 00mn 15s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 11/03/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 06/03/2012 276248 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 24/02/2012 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 24/02/2012 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 09/05/2011 136120 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Auto 25/04/2012 202296 | (KSS) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
SS - | Demand 08/12/2011 273168 | (MyWiFiDHCPDNS) . (...) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 18/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 04/03/2011 379520 | (AFBAgent) . (.ASUSTeK Computer Inc..) - C:\Windows\system32\FBAgent.exe
SR - | Auto 09/01/2012 659968 | (AMPPALR3) . (.Intel Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
SR - | Auto 21/11/2011 80512 | (ASLDRService) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
SR - | Auto 13/04/2012 277120 | (ASUS InstantOn) . (.ASUS.) - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
SR - | Auto 21/11/2011 96896 | (ATKGFNEXSrv) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
SR - | Auto 10/10/2013 356128 | (AVP) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
SR - | Auto 22/02/2012 1014096 | (Bluetooth Device Monitor) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
SR - | Demand 22/02/2012 1304912 | (Bluetooth Media Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
SR - | Auto 22/02/2012 1104208 | (Bluetooth OBEX Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
SR - | Auto 12/01/2012 135952 | (BTHSSecurityMgr) . (.Intel(R) Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
SR - | Auto 20/12/2013 574464 | (DefaultTabSearch) . (...) - C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe =>Adware.Bandoo
SR - | Auto 15/02/2013 107520 | (DefaultTabUpdate) . (...) - C:\Users\Marie-Ange\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe =>Adware.Bandoo
SR - | Auto 08/12/2011 618256 | (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SR - | Auto 08/02/2013 8704 | (HiPat
Différents problèmes mais très fréquemment le message "internet a du fermer". Micro très très lent alors qu'il n'a même pas 2 ans.
Fin de la license kapersky en févier 2014. Que me conseillez-vous comme antivirus ?
pouvez-vs m'aider ? Merci.
J'ai réalisé un zhpdiag.
~ Rapport de ZHPDiag v2014.3.12.13 - Nicolas Coolman (12/03/2014)
~ Lancé par Marie-Ange (16/03/2014 18:22:44)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16521 (Defaut)
GCIE: Google Chrome v33.0.1750.154
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 9YQTR
Windows License : OK
~ Windows Remaining Initializations Number : 1
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
Trusteer Sécurité des points d'accès v3.5.1304.48
Kaspersky Anti-Virus 2013 v13.0.1.4190
Kaspersky Security Scan v12.0.1.117
Windows Defender W7
---\\ Logiciels d'optimisation du système
CCleaner v3.26 =>Piriform Ltd
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 10 Plugin
Adobe Reader X
Java 7 Update 7
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3982 MB (44% free)
System Restore: Activé (Enable)
System drive C: has 242 GB (60%) free of 401 GB
---\\ Mode de connexion au système
~ Computer Name: MARIE-ANGE-PC
~ User Name: Marie-Ange
~ All Users Names: UpdatusUser, Marie-Ange, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Marie-Ange\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Marie-Ange\AppData\Roaming\
~ %Desktop% : C:\Users\Marie-Ange\Desktop\
~ %Favorites% : C:\Users\Marie-Ange\Favorites\
~ %LocalAppData% : C:\Users\Marie-Ange\AppData\Local\
~ %StartMenu% : C:\Users\Marie-Ange\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 242 Go of 401 Go)
D: Hard drive, Flash drive, Thumb drive (Free 476 Go of 506 Go)
F: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.24/02/2012 - 01:55:29.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.DF79CE9B950C62677D232154E93A81C7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.01/03/2014 - 04:10:28.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:32.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:28.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:22.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:34.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.24/02/2012 - 02:02:21.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:22.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:36.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:58.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.DF8126BD41180351A093A3AD2FC8903B] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.24/02/2012 - 01:35:34.) -- C:\Windows\system32\Drivers\volsnap.sys [296320]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/6085
~ Mes musiques (My Musics) : 1/130
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/106
~ Mes Documents (My Documents) : 3/1194
~ Mon Bureau (My Desktop) : 1/54
~ Menu demarrer (Programs) : 1/76
~ Hidden Files: Scanned in 00mn 02s
---\\ Processus lancés
[MD5.2DC64A3446C8C6E020E781456B46573D] - (.Microsoft Corporation - Tablet PC Input Panel Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe [10240] [PID.3128]
[MD5.6B3BA5BB455D7A4FD16B697B8F73858F] - (.ASUSTek Computer Inc. - ASUS FaceLogon Application.) -- C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe [473728] [PID.2988]
[MD5.5AC92ABC3A201B79A73B1011B078EAE0] - (.ASUSTeK Computer Inc. - ASUS Quick Gesture Exe.) -- C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe [17872] [PID.2752]
[MD5.BB9ACD507A735FA9FE524FCE0AEBB493] - (.Trusteer Ltd. - RapportService.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe [2484504] [PID.2764]
[MD5.64A7C84C0A8C79B22033F92D43919062] - (.ASUS - ACMON.) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [102568] [PID.4124]
[MD5.D9AB754613208112B840C75B6762B909] - (.ASUSTek Computer Inc. - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322176] [PID.3552]
[MD5.ED759B7FD51466447CC31CBE79B99050] - (.ASUSTek Computer Inc. - ASUS USB Charger Plus.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [1121448] [PID.3964]
[MD5.98CADC34741738CFC24F5CDFDAA408FA] - (.ASUSTeK - ACEngSvr Module.) -- C:\Windows\SysWOW64\ACEngSvr.exe [162456] [PID.4960]
[MD5.37DEB76A2CF005841C4E45DE2B94D84F] - (.ASUS - AsScrPro.) -- C:\Windows\AsScrPro.exe [3058304] [PID.5724]
[MD5.6DCFADDA4F2A6D3396D13F0554D672E8] - (.Microsoft Corporation - Windows Live Family Safety Filter.) -- C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe [884584] [PID.5804]
[MD5.58920E6A409046BA06548D9D139CE0F0] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608] [PID.5872]
[MD5.FF786A74F62361A71AECDB8F8AC95D6F] - (.Somoto - FilesFrog.com Update Checker.) -- C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe [201808] [PID.5896] =>Adware.MegaSearch
[MD5.659474582C6E060DBD8FFFF97DC892C5] - (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968] [PID.5948]
[MD5.CA1DC0FFE7DD4D633421B8BC39ED5FFD] - (.Intel Corporation - Bluetooth Media Player Controller.) -- C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe [936272] [PID.5240]
[MD5.4F9236BE13917B89F7A03DEA85F220FA] - (.Pas de propriétaire - WebPlayer.) -- C:\Users\Marie-Ange\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe [202752] [PID.5232] =>Adware.SocialSkinz
[MD5.35048D8E8A0BF7A797CD5757ACD7EED0] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816] [PID.5628]
[MD5.829FC625A1012F86D18063DA2D247EBB] - (.ASUSTeK Computer Inc. - AsusVibe2.0.) -- C:\Program Files (x86)\Asus\AsusVibe\AsusVibe2.0.exe [924336] [PID.6192]
[MD5.4D1DA8CE5E364D22B4FF00F163194514] - (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608] [PID.6472]
[MD5.BC31B27061F27E8968CD0435C038F712] - (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174720] [PID.6820]
[MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] - (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016] [PID.6852]
[MD5.B9BF29CC884BDD499803C3ED1F97FA41] - (.ASUSTeK Computer Inc. - A program that manage wireless devices in s.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072] [PID.6936]
[MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848] [PID.6988]
[MD5.15D2DB9BFA8E833ED31FAB2BB088FDDA] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe [356128] [PID.1904]
[MD5.FDB2FB392B20797AF3F4ED9D7699938E] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152] [PID.6152]
[MD5.5DFE72B9F1FF669070FC032090B7B982] - (.Sun Microsystems, Inc. - Java(TM) Update Checker.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe [507312] [PID.9668]
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\SysWOW64\DllHost.exe [7168] [PID.10840]
[MD5.AAB979089E192ACC0FE1E3C018F8B591] - (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Marie-Ange\AppData\Local\Akamai\netsession_win.exe [4480768] [PID.5748]
[MD5.DC12AAAE925C0211E4668B9C90BDD2BA] - (.Systweak - Advanced System Protector.) -- C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe [6600048] [PID.9640] =>PUP.AdvancedSystemProtector
[MD5.64A2A75D8F4BD07BD0A0029AA8825BBF] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8353792] [PID.10084]
[MD5.FC0BF82B3968F1D8CD13B3F721668193] - (.Trusteer Ltd. - RapportMgmtService.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1444120] [PID.1068]
[MD5.A3626C6D3F2DC95497F3F61842D7FD89] - (.ASUS - ASLDR Service.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [80512] [PID.1652]
[MD5.DBC598E47E7A382E60E2A4745D41FEF9] - (.ASUS - GFNEXSrv.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896] [PID.1684]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1256]
[MD5.6A122B4F0E5293CACFA8A5F2CBA9B356] - (.ASUS - ASUS InstantOn Program.) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120] [PID.1484]
[MD5.A52EA1D8C2900055323C93DDB252A3DA] - (.Intel Corporation - Bluetooth Device Monitor.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [1014096] [PID.2056]
[MD5.34AE0DFA3EE3B5B9975042D87332D0B7] - (...) -- C:\Users\Marie-Ange\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [107520] [PID.2244] =>Adware.Bandoo
[MD5.28DDEEEC44E988657B732CF404D504CB] - (.Microsoft Corporation - Windows Live Family Safety Service.) -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [1492840] [PID.2384]
[MD5.896AA2F1D79662B17D5DBBE588E24E30] - (...) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280] [PID.2768]
[MD5.3C6630473DD42FFC57D9F5564F533127] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560] [PID.2792]
[MD5.573E26372B9FBC68E74EA1060CC8BE5D] - (...) -- C:\Users\Marie-Ange\AppData\Local\tuto4pc_fr_15\supt4pc_fr_15.exe [3057000] [PID.3004] =>PUP.Eorezo
[MD5.392450754E17FF778CBC5B9D20583AD1] - (.Intel Corporation - Bluetooth OBEX Service.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [1104208] [PID.2496]
[MD5.6239DD7975E92941241CABB704248A19] - (...) -- C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe [574464] [PID.3912] =>Adware.Bandoo
[MD5.C98ACDE22458C8F46FD0503CB9E2D01F] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe [223112] [PID.732]
[MD5.2B23FAA39D8F949ED5EEE03ECA50BCD5] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [277784] [PID.3824]
[MD5.08FF446D7E15B251431838E29E74DBB8] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2348864] [PID.2940]
[MD5.3C5405EF78576E8E4D791EB18F6856A8] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [363800] [PID.4172]
[MD5.20DDC9CED8BC8390138F3187E0FF7411] - (.ASUSTek Computer Inc. - HControl.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe [174720] [PID.4708]
[MD5.3CF87D0243C7D37FAA1A79C013FD3FB5] - (.ASUS - ASUS InstantOn Program.) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe [309888] [PID.4752]
[MD5.149126216A694E6BA84E92ECA77AAE3B] - (.ASUS - ATKOSD.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe [2488888] [PID.4976]
[MD5.AA11E1368EEB237DD100BAC6AFFE1C57] - (.ASUS - KBFiltr.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe [113208] [PID.2528]
[MD5.4A7C441D99D86704D194E7678873B95D] - (.ASUS - WDC.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe [174648] [PID.3476]
[MD5.091210450CA7CED08F360D9D7FEC5D11] - (.Intel Corporation - Bluetooth Media Service.) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1304912] [PID.5884]
~ Processes Running: Scanned in 00mn 02s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Marie-Ange\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 0 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mysearchresults.com =>Adware.MyWebSearch
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://search.safefinder.com/?q= =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://search.safefinder.com/?q= =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = https://search.safefinder.com/?q= =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://search.safefinder.com/?q= =>Hijacker.SmartBar
~ IE Browser: 25 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
O1 - Hosts: 54.204.28.26 pijgnnckopdlbejpjnmhebjpmdckdgik
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 23
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: CrossriderApp0012767 [64Bits] - {11111111-1111-1111-1111-110111271167} . (.215 Apps - Tiger Savings BHO.) -- C:\Program Files (x86)\Tiger Savings\Tiger Savings.dll =>PUP.SpecialSavings
O2 - BHO: Babylon toolbar helper [64Bits] - {2EECD738-5844-4a99-B4B6-146BF802613B} . (...) -- C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.11.10\bh\BabylonToolbar.dll (.not file.) =>PUP.Babylon
O2 - BHO: Internet Turbo SmartbarEngine [64Bits] - {31ad400d-1b06-4e33-a59a-90c2c140cba0} . (...) -- mscoree.dll (.not file.) =>Hijacker.SmartBar
O2 - BHO: AppGraffiti [64Bits] - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} . (.Omega Partners Ltd - AppGraffiti Browser Helper Object.) -- C:\Program Files (x86)\AppGraffiti\AppGraffiti.dll =>PUP.AppGraffiti
O2 - BHO: DefaultTabBHO [64Bits] - {7F6AFBF1-E065-4627-A2FD-810366367D01} . (.Search Results LLC. - Search Results.) -- C:\Users\Marie-Ange\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll =>Adware.Bandoo
O2 - BHO: DealPly Shopping [64Bits] - {a6c63b7f-2171-47fa-ab34-e64c4737169d} . (.DealPly - DealPly Shopping for Internet Explorer.) -- C:\Program Files (x86)\DealPly\DealPlyIE.dll =>PUP.DealPly
O2 - BHO: Yontoo Layers [64Bits] - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} . (.Yontoo LLC - Yontoo Runtime.) -- C:\Program Files (x86)\Yontoo\YontooIEClient.dll =>Adware.Yontoo
~ BHO: 48 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Internet Turbo Smartbar - [HKLM]{ae07101b-46d4-4a98-af68-0333ea26e113} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>Hijacker.SmartBar
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D7E97865-918F-41E4-9CD0-25AB1C574CE8} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Advanced System Protector.lnk . (.Systweak - Advanced System Protector.) -- C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe =>PUP.AdvancedSystemProtector
O4 - GS\Desktop [Public]: ASUS WebStorage.lnk . (.ecareme - AsusWebStorage.) -- C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe
O4 - GS\Desktop [Public]: Elsword.lnk . (...) -- C:\Program Files (x86)\Gameforge4D\Elsword_FR\elsword.exe
O4 - GS\Desktop [Public]: FLV Video Player.lnk . (.Somoto Ltd. - FLV Video Player Install.) -- C:\Users\Marie-Ange\AppData\Local\Temp\9253.tmp =>Adware.MegaSearch
O4 - GS\Desktop [Public]: Intel(R) WiDi.lnk . (.Intel Corporation - WiDiApp.) -- C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe
O4 - GS\Desktop [Public]: Kaspersky Anti-Virus 2013.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus Launcher.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\starter_avp.exe
O4 - GS\Desktop [Public]: RegClean Pro.lnk . (.Systweak Inc - RegClean Pro.) -- C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe =>Rogue.RegistryPowerCleaner
O4 - GS\Desktop [Public]: ScanWise.lnk . (.Agfa - Agfa ScanWise 2.0.) -- C:\Program Files (x86)\Agfa\ScanWise 2_00\scanwise.exe
O4 - GS\Program [Public]: Intel(R) WiDi.lnk . (.Intel Corporation - WiDiApp.) -- C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe
O4 - GS\QuickLaunch [UpdatusUser]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [UpdatusUser]: AGFAnet Print Service.lnk . (.FotoWire Development S.A. - fwPrint Application.) -- C:\Program Files (x86)\AGFAnet\Internet Print Service\fwPrint.exe
O4 - GS\Desktop [UpdatusUser]: Audible Manager.lnk . (.Audible Inc. - AudibleManager Application Executable.) -- C:\Program Files (x86)\Audible\Bin\Manager.exe
O4 - GS\QuickLaunch [Marie-Ange]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Marie-Ange]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Marie-Ange]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [Marie-Ange]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [Marie-Ange]: PlanetSide 2 PSG.lnk . (.Sony Online Entertainment - Sony Online Entertainment LaunchPad.) -- C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2 PSG\LaunchPad.exe
O4 - GS\Program [Marie-Ange]: Search.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe https://search.safefinder.com/?q= =>Hijacker.SmartBar
O4 - GS\SystemTools [Marie-Ange]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Marie-Ange]: AGFAnet Print Service.lnk . (.FotoWire Development S.A. - fwPrint Application.) -- C:\Program Files (x86)\AGFAnet\Internet Print Service\fwPrint.exe
O4 - GS\Desktop [Marie-Ange]: Audible Manager.lnk . (.Audible Inc. - AudibleManager Application Executable.) -- C:\Program Files (x86)\Audible\Bin\Manager.exe
O4 - GS\Desktop [Marie-Ange]: Continue Vid-Saver Installation.lnk . (...) -- C:\Users\Marie-Ange\AppData\Local\Temp\ICReinstall_setup.exe =>Adware.VidSaver
O4 - GS\Desktop [Marie-Ange]: Driver Pro.lnk . (.PC Utilities Pro - Update your drivers now!.) -- C:\Program Files (x86)\Driver Pro\DriverPro.exe
O4 - GS\Desktop [Marie-Ange]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Marie-Ange]: Kaspersky Security Scan.lnk . (.Kaspersky Lab ZAO - Kaspersky Security Scan.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
O4 - GS\Desktop [Marie-Ange]: RecentPlaces.lnk - Clé orpheline
O4 - GS\Desktop [Marie-Ange]: Search.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe https://search.safefinder.com/?q= =>Hijacker.SmartBar
O4 - GS\Desktop [Marie-Ange]: Terraria Server.lnk . (...) -- C:\Program Files (x86)\Terraria\start-server.bat
O4 - GS\Desktop [Marie-Ange]: Terraria.lnk . (.Re-Logic - Terraria.) -- C:\Program Files (x86)\Terraria\Terraria.exe
~ Global Startup: 97 Legitimates Filtered in 00mn 01s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: AsusVibeLauncher.lnk . (.ASUSTeK Computer Inc. - AsusVibe Application.) -- C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [BLEServicesCtrl] . (.Intel Corporation - Bluetooth LE Services Control Program.) -- C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
O4 - HKLM\..\Run: [BTMTrayAgent] . (.Intel Corporation - Bluetooth Shell Extension.) -- C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll
O4 - HKLM\..\Run: [fssui] . (.Microsoft Corporation - Windows Live Family Safety Filter.) -- C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.exe (.not file.)
O4 - HKCU\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (.not file.)
O4 - HKCU\..\Run: [KSS] . (.Kaspersky Lab ZAO - Kaspersky Security Scan.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [SDP] . (.Somoto - FilesFrog.com Update Checker.) -- C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe =>Adware.MegaSearch
O4 - HKCU\..\Run: [Driver Pro] . (.PC Utilities Pro - Driver Pro - Update your drivers now!.) -- C:\Program Files (x86)\Driver Pro\DPLauncher.exe
O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (.not file.)
O4 - HKCU\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Marie-Ange\AppData\Local\Akamai\netsession_win.exe
O4 - HKCU\..\Run: [FLV Player] . (.Pas de propriétaire - WebPlayer.) -- C:\Users\Marie-Ange\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe =>Adware.SocialSkinz
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [ASUSPRP] . (.ASUSTek Computer Inc. - ASUS Product Register Program.) -- C:\Program Files (x86)\ASUS\APRP\APRP.exe
O4 - HKLM\..\Wow6432Node\Run: [ASUSWebStorage] . (.ecareme - AsusWebStorage.) -- C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe
O4 - HKLM\..\Wow6432Node\Run: [USB3MON] . (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKOSD2] . (.ASUSTek Computer Inc. - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKMEDIA] . (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Wow6432Node\Run: [HControlUser] . (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Wow6432Node\Run: [Wireless Console 3] . (.ASUSTeK Computer Inc. - A program that manage wireless devices in s.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [AVP] . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
O4 - HKLM\..\Wow6432Node\Run: [InboxToolbar] C:\Program Files (x86)\Inbox Toolbar\Inbox.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics Co
O4 - HKLM\..\Wow6432Node\Run: [tuto4pc_fr_33] Clé orpheline =>PUP.AgenceExclusive
O4 - HKLM\..\Wow6432Node\RunOnce: [Tiger Savings-repairJob] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>PUP.SpecialSavings
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1698605871-1341096515-2510481856-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1698605871-1341096515-2510481856-1000\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Clavier virtuel [64Bits] - {0C4CC089-D306-440D-9772-464E226F6539} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\kbrd.ico
O9 - Extra button: Analyse des liens [64Bits] - {CCF151D8-D089-449F-A5A4-D9909053F20F} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\logo.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{BE22C20E-E167-4E0C-9DBA-838336C7823D}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\..\{E5BB8323-B9CA-4E26-87C5-9C868BA99374}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{BE22C20E-E167-4E0C-9DBA-838336C7823D}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{E5BB8323-B9CA-4E26-87C5-9C868BA99374}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{BE22C20E-E167-4E0C-9DBA-838336C7823D}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{E5BB8323-B9CA-4E26-87C5-9C868BA99374}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.NVIDIA Corporation - NVIDIA shim initialization dll, Version 290.) - C:\Windows\system32\nvinitx.dll
~ AppInit DLL: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: DefaultTabSearch (DefaultTabSearch) . (...) - C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe =>Adware.Bandoo
O23 - Service: DefaultTabUpdate (DefaultTabUpdate) . (...) - C:\Users\Marie-Ange\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe =>Adware.Bandoo
O23 - Service: supt4pc_fr_15 (supt4pc_fr_15) . (...) - C:\Users\Marie-Ange\AppData\Local\tuto4pc_fr_15\supt4pc_fr_15.exe =>PUP.Eorezo
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) . (.Intel® Corporation - Intel® PROSet/Wireless Zero Configure Servi.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
~ Services: 28 Legitimates Filtered in 00mn 45s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AmiUpdXp.job [376] =>PUP.Software.Updater
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\bench-S-1-5-21-1698605871-1341096515-2510481856-1001.job [354] =>PUP.GiganticSavings
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\bench-sys.job [354] =>PUP.GiganticSavings
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Dealply.job [306] =>PUP.DealPly
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\LyricsWoofer Update.job [414] =>Adware.AddLyrics
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RegClean Pro_DEFAULT.job [286] =>Rogue.RegistryPowerCleaner
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RegClean Pro_UPDATES.job [294] =>Rogue.RegistryPowerCleaner
[MD5.8FAACF0D634C999758A010F6D06D04BF] [APT] [Advanced System Protector] (.Systweak Inc.) -- C:\Program Files (x86)\RegClean Pro\SystweakASP.exe [610544] =>PUP.AdvancedSystemProtector
[MD5.DC12AAAE925C0211E4668B9C90BDD2BA] [APT] [Advanced System Protector_startup] (.Systweak.) -- C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe [6600048] =>PUP.AdvancedSystemProtector
[MD5.00000000000000000000000000000000] [APT] [AmiUpdXp] (...) -- C:\Users\Marie-Ange\AppData\Local\SwvUpdater\Updater.exe (.not file.) [0] =>PUP.Software.Updater
[MD5.83F9FD1FD4B72219901CD9004AD06804] [APT] [bench-S-1-5-21-1698605871-1341096515-2510481856-1001] (...) -- C:\Program Files (x86)\Bench\Updater\updater.exe [69120] =>PUP.GiganticSavings
[MD5.83F9FD1FD4B72219901CD9004AD06804] [APT] [bench-sys] (...) -- C:\Program Files (x86)\Bench\Updater\updater.exe [69120] =>PUP.GiganticSavings
[MD5.D2BCD7C1922E9A5205C0F6D86021FE3D] [APT] [Dealply] (...) -- C:\Users\Marie-Ange\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.exe [101992] =>PUP.DealPly
[MD5.D5EEF2373D25D355B8A45148758A4E07] [APT] [DealPlyUpdate] (.DealPly.) -- C:\Program Files (x86)\DealPly\DealPlyUpdate.exe [78424] =>PUP.DealPly
[MD5.3E8DCB18626B2D82E4010B3EAEAD4245] [APT] [DTReg] (.Search Results, LLC.) -- C:\Users\Marie-Ange\AppData\Roaming\DefaultTab\DefaultTab\DTReg.exe [58976] =>Adware.Bandoo
[MD5.00000000000000000000000000000000] [APT] [LyricsWoofer Update] (...) -- C:\Program Files (x86)\LyricsWoofer\LyricsWooferUPD.exe (.not file.) [0] =>Adware.AddLyrics
[MD5.52D2773D0FEE52BF8C47FCBBA628258A] [APT] [RegClean Pro] (.Systweak Inc.) -- C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [7751096] =>Rogue.RegistryPowerCleaner
[MD5.52D2773D0FEE52BF8C47FCBBA628258A] [APT] [RegClean Pro_DEFAULT] (.Systweak Inc.) -- C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [7751096] =>Rogue.RegistryPowerCleaner
[MD5.52D2773D0FEE52BF8C47FCBBA628258A] [APT] [RegClean Pro_UPDATES] (.Systweak Inc.) -- C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [7751096] =>Rogue.RegistryPowerCleaner
[MD5.A6476AE23CE456CD4F92C454BA141215] [APT] [{0C01B8FF-7E07-4C32-BD7B-32F5C32AB3A9}] (...) -- C:\ProgramData\Wizard101(FR)\Wizard101.exe [137384]
[MD5.A6476AE23CE456CD4F92C454BA141215] [APT] [{0C05501B-8C34-499B-875B-16B46345996B}] (...) -- C:\ProgramData\Wizard101(FR)\Wizard101.exe [137384]
~ Scheduled Task: 90 Legitimates Filtered in 00mn 08s
---\\ Logiciels installés (O42)
O42 - Logiciel: Advanced System Protector - (.Systweak Software.) [HKLM][64Bits] -- 00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1 =>PUP.AdvancedSystemProtector
O42 - Logiciel: DealPly (remove only) - (.DealPly Technologies Ltd..) [HKLM][64Bits] -- DealPly =>PUP.DealPly
O42 - Logiciel: Dealply - (...) [HKCU][64Bits] -- Dealply =>PUP.DealPly
O42 - Logiciel: DefaultTab - (.Search Results, LLC.) [HKLM][64Bits] -- DefaultTab =>Adware.Bandoo
O42 - Logiciel: Internet Turbo - (.ReSoft Ltd..) [HKLM][64Bits] -- {C4E25446-4162-44B8-821D-739B3ED9B130}
O42 - Logiciel: Internet Turbo Engine - (.ReSoft Ltd..) [HKCU][64Bits] -- {c5dba18f-8161-4039-b61c-31e52ee63868}
O42 - Logiciel: LyricsWoofer - (.Lyrics Woofer LTD.) [HKLM][64Bits] -- lwoofer@lyricswoofer.co =>Adware.AddLyrics
O42 - Logiciel: RegClean Pro - (.Systweak Inc.) [HKLM][64Bits] -- RegClean Pro_is1 =>Rogue.RegistryPowerCleaner
O42 - Logiciel: SweetIM for Messenger 3.7 - (.SweetIM Technologies Ltd..) [HKLM][64Bits] -- {7683B745-6060-41FD-AA75-0BBB383FEAD4} =>PUP.SweetIM
O42 - Logiciel: Tiger Savings - (.215 Apps.) [HKLM][64Bits] -- Tiger Savings =>PUP.SpecialSavings
O42 - Logiciel: Tiger Savings - (.Smart Apps.) [HKLM][64Bits] -- 12767_Tiger Savings =>PUP.SpecialSavings
O42 - Logiciel: Update Manager for SweetPacks 1.1 - (.SweetIM Technologies Ltd..) [HKLM][64Bits] -- {EA8FA6BE-29BE-4AF2-9352-841F83215EB0} =>PUP.SweetIM
O42 - Logiciel: Yontoo 1.12.02 - (.Yontoo LLC.) [HKLM][64Bits] -- {889DF117-14D1-44EE-9F31-C5FB5D47F68B} =>Adware.Yontoo
~ Logic: 33 Legitimates Filtered in 00mn 02s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Alexa Internet]
[HKCU\Software\BI]
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\BabylonToolbar] =>PUP.Babylon
[HKCU\Software\DataMngr] =>PUP.Datamngr
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\DealPly] =>PUP.DealPly
[HKCU\Software\Default Tab] =>Adware.Bandoo
[HKCU\Software\DefaultTab] =>Adware.Bandoo
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\Inbox Toolbar]
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKCU\Software\SmartbarBackup] =>Hijacker.SmartBar
[HKCU\Software\SmartbarLog] =>Hijacker.SmartBar
[HKCU\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\Somoto] =>Adware.MegaSearch
[HKCU\Software\TutoTag] =>Spyware.AgenceExclusive
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKCU\Software\de88d8e569bf10] =>PUP.Babylon
[HKCU\Software\wscontb]
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKLM\Software\Wow6432Node\BabylonToolbar] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Babylon] =>PUP.Babylon
[HKLM\Software\Wow6432Node\DataMngr] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\Default Tab] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Inbox Toolbar]
[HKLM\Software\Wow6432Node\TUTO4PC] =>PUP.AgenceExclusive
[HKLM\Software\Wow6432Node\de88d8e569bf10] =>PUP.Babylon
~ Key Software: 370 Legitimates Filtered in 00mn 02s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 01/11/2013 - 17:48:40 - [0] ----D C:\Program Files (x86)\24x7Help =>PUP.24x7Help
O43 - CFD: 16/03/2014 - 17:25:02 - [19,610] ----D C:\Program Files (x86)\Advanced System Protector =>PUP.AdvancedSystemProtector
O43 - CFD: 02/02/2013 - 16:47:54 - [0] ----D C:\Program Files (x86)\BabylonToolbar =>PUP.Babylon
O43 - CFD: 01/06/2013 - 14:11:41 - [1,236] ----D C:\Program Files (x86)\DealPly =>PUP.DealPly
O43 - CFD: 14/03/2014 - 09:54:49 - [0,983] ----D C:\Program Files (x86)\DefaultTab =>Adware.Bandoo
O43 - CFD: 01/06/2013 - 14:11:52 - [0] ----D C:\Program Files (x86)\FindLyrics =>Adware.AddLyrics
O43 - CFD: 15/02/2013 - 20:04:32 - [1,022] ----D C:\Program Files (x86)\Iminent =>Adware.IMBooster
O43 - CFD: 01/07/2013 - 20:17:40 - [0] ----D C:\Program Files (x86)\LyricsFan =>Adware.AddLyrics
O43 - CFD: 21/08/2013 - 18:07:17 - [0,869] ----D C:\Program Files (x86)\LyricsWoofer =>Adware.AddLyrics
O43 - CFD: 16/03/2014 - 17:18:26 - [14,137] ----D C:\Program Files (x86)\RegClean Pro =>Rogue.RegistryPowerCleaner
O43 - CFD: 08/03/2013 - 14:43:04 - [3,907] ----D C:\Program Files (x86)\Tiger Savings =>PUP.SpecialSavings
O43 - CFD: 15/02/2013 - 18:58:55 - [0,189] ----D C:\Program Files (x86)\Yontoo =>Adware.Yontoo
O43 - CFD: 11/11/2012 - 12:14:35 - [4,797] ----D C:\Program Files (x86)\~BabylonToolbar =>PUP.Babylon
O43 - CFD: 02/02/2013 - 16:47:20 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 15/02/2013 - 18:58:55 - [2,571] ----D C:\ProgramData\Tarma Installer =>PUP.Tarma
O43 - CFD: 11/11/2012 - 21:05:07 - [4,242] ----D C:\ProgramData\~Browser Manager
O43 - CFD: 01/06/2013 - 14:11:37 - [0,010] ----D C:\Users\Marie-Ange\AppData\Roaming\Babylon =>PUP.Babylon
O43 - CFD: 01/06/2013 - 14:11:43 - [0,097] ----D C:\Users\Marie-Ange\AppData\Roaming\Dealply =>PUP.DealPly
O43 - CFD: 15/02/2013 - 18:59:31 - [3,371] ----D C:\Users\Marie-Ange\AppData\Roaming\DefaultTab =>Adware.Bandoo
O43 - CFD: 19/05/2013 - 14:29:13 - [0] ----D C:\Users\Marie-Ange\AppData\Local\eorezo =>PUP.Eorezo
O43 - CFD: 16/02/2014 - 14:55:43 - [0,377] ----D C:\Users\Marie-Ange\AppData\Local\Tiger Savings =>PUP.SpecialSavings
O43 - CFD: 10/11/2012 - 18:15:59 - [2,916] ----D C:\Users\Marie-Ange\AppData\Local\tuto4pc_fr_15 =>PUP.AgenceExclusive
O43 - CFD: 08/03/2013 - 14:42:47 - [0,209] ----D C:\Users\Marie-Ange\AppData\Local\Updater12767 =>PUP.CrossRider
O43 - CFD: 01/06/2013 - 14:11:41 - [0,001] ----D C:\Users\Marie-Ange\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly =>PUP.DealPly
~ 92 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 282 Legitimates Filtered in 00mn 28s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.CE251790D21B525FE220CAF49EBDB356] - 16/03/2014 - 17:18:28 ---A- . (.Systweak Inc., (www.systweak.com) - Regclean Pro.) -- C:\Windows\System32\roboot64.exe [19896] =>Rogue.RegistryPowerCleaner
O44 - LFC:[MD5.CB8572E790FCE09714143741C20E9934] - 16/03/2014 - 17:24:59 ---A- . (...) -- C:\Windows\System32\sasnative64.exe [16896]
~ Files: 40 Legitimates Filtered in 00mn 04s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.8CADE8F5AB46398AA89C40349744C951] - 14/03/2014 - 09:43:11 ---A- - C:\Windows\Prefetch\TIGER SAVINGS.EXE-B360520A.pf =>PUP.SpecialSavings
O45 - LFCP:[MD5.7457D183B2ECF1FFCE3C71ED8AC11D50] - 14/03/2014 - 09:55:17 ---A- - C:\Windows\Prefetch\RAPPORTMGMTSERVICE.EXE-94A196FF.pf
O45 - LFCP:[MD5.C6203C87AED0E5D8674F06D75EB3D0A6] - 16/03/2014 - 17:26:27 ---A- - C:\Windows\Prefetch\TIGER SAVINGS-BG.EXE-C655F148.pf =>PUP.SpecialSavings
O45 - LFCP:[MD5.77B6168A379374FBE5855F24DF949303] - 16/03/2014 - 17:29:30 ---A- - C:\Windows\Prefetch\DEFAULTTABSTART64.EXE-7FAE50A8.pf =>Adware.Bandoo
O45 - LFCP:[MD5.B4F3901A5C4A608A884367472ACD24D9] - 16/03/2014 - 17:41:48 ---A- - C:\Windows\Prefetch\DEFAULTTABSTART.EXE-1DE6AC26.pf =>Adware.Bandoo
O45 - LFCP:[MD5.E73C89EE7482FD53D0CFFA5F22B5D6C1] - 16/03/2014 - 18:11:00 ---A- - C:\Windows\Prefetch\UPDATE~1.EXE-7FB90E93.pf
~ Prefetcher: 141 Legitimates Filtered in 00mn 00s
---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{9b38e31b-3f1e-11e3-83c3-685d43708cca}\AutoRun\command. (...) -- E:\OpenSecureFiles.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 20 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 16 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.1C591C1A0CB8ABE215FF66F9A1D8E955] - 09/01/2012 - 13:13:12 ---A- . (.Windows (R) Win 7 DDK provider - Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapt.) -- C:\Windows\System32\Drivers\AmpPal.sys [195584]
O58 - SDL:[MD5.CBF4C9263F35A9E80E4AD5CBBAE6049C] - 11/04/2012 - 23:49:00 ---A- . (.Windows (R) Win 7 DDK provider - ASUS Virtual Bus.) -- C:\Windows\System32\Drivers\AsusVBus.sys [35968]
O58 - SDL:[MD5.C951F6F1D909E1AAD7160D9EE860A3F1] - 11/04/2012 - 23:48:58 ---A- . (.Windows (R) Win 7 DDK provider - ASUS HID mini driver for Virtual Touch Device.) -- C:\Windows\System32\Drivers\AsusVTouch.sys [16512]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.42B4D3D746B3625EF42233C3897E1F68] - 19/02/2012 - 19:16:24 ---A- . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\Drivers\ETD.sys [200488]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.E63EF8C3271D014F14E2469CE75FECB4] - 20/07/2009 - 10:29:40 ---A- . (.Pas de propriétaire - Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\kbfiltr.sys [15416]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
~ Drivers: 20 Legitimates Filtered in 00mn 02s
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 14/03/2014 - 18:24:53 -SHA- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\Microsoft\Credentials\8F84B88ECF71B3FF6A47F5C6D5C43F02 [816]
O61 - LFC: 14/03/2014 - 18:24:54 RSHA- . (...) -- C:\Users\Marie-Ange\ntuser.pol [664]
O61 - LFC: 16/03/2014 - 18:24:52 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\ASUS WebStorage\Logs\AWS-explorer.txt [3044]
O61 - LFC: 16/03/2014 - 18:24:52 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\ASUS WebStorage\Logs\AWS-rundll32.txt [0]
O61 - LFC: 16/03/2014 - 18:24:52 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\Dealply\UpdateProc\TTL.DAT [4] =>PUP.DealPly
O61 - LFC: 16/03/2014 - 18:24:52 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\Dealply\UpdateProc\info.dat [58] =>PUP.DealPly
O61 - LFC: 16/03/2014 - 18:24:52 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.cfg [15338] =>Adware.Bandoo
O61 - LFC: 16/03/2014 - 18:24:52 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\DefaultTab\DefaultTab\amazon_ie.ico [1150] =>Adware.Bandoo
O61 - LFC: 16/03/2014 - 18:24:52 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\DefaultTab\DefaultTab\ebay_ie.ico [1406] =>Adware.Bandoo
O61 - LFC: 16/03/2014 - 18:24:52 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\DefaultTab\DefaultTab\search_here_ie.ico [1406] =>Adware.Bandoo
O61 - LFC: 16/03/2014 - 18:24:53 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\DefaultTab\DefaultTab\twitter_ie.ico [1150] =>Adware.Bandoo
O61 - LFC: 16/03/2014 - 18:24:53 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\DefaultTab\DefaultTab\wikipedia_ie.ico [318] =>Adware.Bandoo
O61 - LFC: 16/03/2014 - 18:24:53 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\Systweak\Advanced System Protector\2.1.1000.12594\ASPLog.txt [3952] =>PUP.AdvancedSystemProtector
O61 - LFC: 16/03/2014 - 18:24:53 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\sp_data.sys [127]
O61 - LFC: 16/03/2014 - 18:24:54 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\Systweak\Advanced System Protector\ASPStartupManagerErrorLog.txt [226] =>PUP.AdvancedSystemProtector
O61 - LFC: 16/03/2014 - 18:24:54 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\Systweak\Advanced System Protector\Logs\SMLog.xml [14577] =>PUP.AdvancedSystemProtector
O61 - LFC: 16/03/2014 - 18:24:54 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\Systweak\Advanced System Protector\Logs\log_16-03-14_05-58-52.xml [357703] =>PUP.AdvancedSystemProtector
O61 - LFC: 16/03/2014 - 18:24:54 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\Systweak\Advanced System Protector\QDetail.db [4096] =>PUP.AdvancedSystemProtector
O61 - LFC: 16/03/2014 - 18:24:54 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\Systweak\Advanced System Protector\Settings.db [12288] =>PUP.AdvancedSystemProtector
O61 - LFC: 16/03/2014 - 18:24:54 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\ExcludeList.rcp [6] =>Rogue.RegistryPowerCleaner
O61 - LFC: 16/03/2014 - 18:24:54 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\French_rcp.dat [58022] =>Rogue.RegistryPowerCleaner
O61 - LFC: 16/03/2014 - 18:24:54 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rmx [192] =>Rogue.RegistryPowerCleaner
O61 - LFC: 16/03/2014 - 18:24:54 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rxb [1794] =>Rogue.RegistryPowerCleaner
O61 - LFC: 16/03/2014 - 18:24:54 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\TempHLList.rcp [6] =>Rogue.RegistryPowerCleaner
O61 - LFC: 16/03/2014 - 18:24:54 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\results.rcp [307906] =>Rogue.RegistryPowerCleaner
O61 - LFC: 16/03/2014 - 18:24:54 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\WB.CFG [84]
O61 - LFC: 16/03/2014 - 18:24:54 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\ZHP\Log.txt [72650] =>.Nicolas Coolman
O61 - LFC: 16/03/2014 - 18:24:54 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\ZHP\TestsZHPDiag.txt [2982] =>.Nicolas Coolman
O61 - LFC: 16/03/2014 - 18:24:54 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\ZHP\ZHPADSReport.txt [351] =>.Nicolas Coolman
O61 - LFC: 16/03/2014 - 18:24:54 ---A- . (...) -- C:\Users\Marie-Ange\AppData\Roaming\ZHP\ZHPDiag.txt [120993] =>.Nicolas Coolman
~ 18 Fichiers temporaires (Temporary files)
~ Files: 108 Legitimates Filtered in 00mn 07s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.exe> <exefile>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {006ee092-9658-4fd6-bd8e-a21a348e59f5} [DefaultScope] - (Web Search) - https://search.safefinder.com/?q= =>Hijacker.SmartBar
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Delta Search) - http://search.babylon.com =>PUP.Babylon
O69 - SBI: SearchScopes [HKCU] {2EC4F35E-9434-4129-99BE-C585F95647CF} - (Search Here) - http://www.mysearchresults.com =>Adware.MyWebSearch
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.0D3B680986310AE5540578C0E481C6A0] [SPRF][06/10/2010] (...) -- C:\ProgramData\FullRemove.exe [131984]
[MD5.FDEB48B5877ED05D55166212CCDF251F] [SPRF][31/01/2013] (...) -- C:\ProgramData\ntuser.dat [262144]
[MD5.7549FFC58C6EACDAA5C39284311EEA43] [SPRF][16/03/2014] (...) -- C:\Users\Marie-Ange\AppData\Roaming\sp_data.sys [127]
[MD5.E1033F4610579A2411FA46F38302997D] [SPRF][13/06/2013] (...) -- C:\Users\Marie-Ange\Desktop\setup.exe [609336]
[MD5.911F4943852278A59895FE2B4C45A0BB] [SPRF][12/04/2013] (.Re-Logic - Terraria 1.1.2 Installation.) -- C:\Users\Marie-Ange\Desktop\Terrariav1.1.2.exe [16444572]
[MD5.F8898E517B34B069D55592CB99EF43DA] [SPRF][13/09/2012] (.Conduit - WiseConvert_1.5 Toolbar.) -- C:\Users\Marie-Ange\Desktop\WiseConvert_1.5.exe [2155528] =>Toolbar.Conduit
~ Files: 8 Legitimates Filtered in 00mn 00s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "7E685771E24E83F4381D1DB5A45F7B41" . (.Delta Chrome Toolbar.) -- C:\Windows\Installer\{177586E7-E42E-4F38-83D1-D15B4AF5B714}\Delta.ico =>Toolbar.DeltaSearch
O90 - PUC: "9EE58E3C298524145B73CBBED3CAC4D3" . (.Internet Explorer Toolbar 4.6 by SweetPacks.) -- C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}\ARPPRODUCTICON.exe =>PUP.SweetIM
O90 - PUC: "AF2CF8FE20EBB4443855807CA5D6E7A3" . (.Boxore Client.) -- C:\Windows\Installer\{EF8FC2FA-BE02-444B-8355-08C75A6D7E3A}\boxore.ico =>Adware.Boxore
~ Update Products: 260 Legitimates Filtered in 00mn 00s
---\\ Export de clés de registre aléatoires (O91)
[HKCU\Software\de88d8e569bf10\history\{16cdff19-861d-48e3-a751-d99a27784753}2.2.630.40]:guid="{16cdff19-861d-48e3-a751-d99a27784753}" =>PUP.Babylon
[HKCU\Software\de88d8e569bf10\history\{16cdff19-861d-48e3-a751-d99a27784753}2.2.630.40]:version="2.2.630.40" =>PUP.Babylon
[HKCU\Software\de88d8e569bf10\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.787.43]:guid="{16cdff19-861d-48e3-a751-d99a27784753}" =>PUP.Babylon
[HKCU\Software\de88d8e569bf10\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.787.43]:version="2.3.787.43" =>PUP.Babylon
[HKCU\Software\de88d8e569bf10\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.3.811.154]:guid="{61d8b74e-8d89-46ff-afa6-33382c54ac73}" =>PUP.Babylon
[HKCU\Software\de88d8e569bf10\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.3.811.154]:version="2.3.811.154" =>PUP.Babylon
[HKCU\Software\de88d8e569bf10\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.4.897.175]:guid="{61d8b74e-8d89-46ff-afa6-33382c54ac73}" =>PUP.Babylon
[HKCU\Software\de88d8e569bf10\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.4.897.175]:version="2.4.897.175" =>PUP.Babylon
[HKCU\Software\de88d8e569bf10\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Hijacker.Eazel
[HKCU\Software\de88d8e569bf10\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:version="2.6.1095.52" =>Hijacker.Hijacker.Eazel
[HKCU\Software\de88d8e569bf10] =>PUP.Babylon^
[HKLM\Software\Wow6432Node\de88d8e569bf10] => Clé orpheline
~ Export Key Software: Scanned in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.B144B2E367FC30C5020085DABB617B82] [WIS][02/11/2012] (.SweetIM Technologies Ltd. - SweetIM for Messenger 3.7.) -- C:\Windows\Installer\13738743.msi [3704832] =>PUP.SweetIM
[MD5.EDD21B7C504C7E3F36DE766B31BD3178] [WIS][02/11/2012] (.SweetIM Technologies Ltd. - SweetPacks Toolbar for Internet Explorer 4.0.) -- C:\Windows\Installer\13738749.msi [3304960] =>PUP.SweetIM
[MD5.3CD19859CD377AD00B30E4BEE49D374E] [WIS][02/11/2012] (.SweetIM Technologies Ltd. - Sweetpacks Communicator 1.1.) -- C:\Windows\Installer\1373874f.msi [2997248] =>PUP.SweetIM
[MD5.8825FC48BD37615FAFF318A26A684709] [WIS][11/09/2012] (.Boxore OU - Boxore Client Installer.) -- C:\Windows\Installer\19696b3.msi [1511424] =>Adware.Boxore
[MD5.35C918348CBB0877BCD5A3CF24C13761] [WIS][25/11/2012] (.DeltaInstaller - Delta Chrome Toolbar.) -- C:\Windows\Installer\2022e897.msi [573440] =>Toolbar.DeltaSearch
[MD5.B67811645C5A3B8E4E4B1A1DB1EE271C] [WIS][19/09/2012] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\3683d7.msi [45056] =>Adware.Boxore
[MD5.A25D73A4A45222261189F86AA392EAEB] [WIS][06/11/2012] (.IMinent - IMinent Toolbar.) -- C:\Windows\Installer\d9fcc6.msi [1025536] =>Adware.IMBooster
~ WIS: 263 Legitimates Filtered in 00mn 15s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 11/03/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 06/03/2012 276248 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 24/02/2012 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 24/02/2012 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 09/05/2011 136120 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Auto 25/04/2012 202296 | (KSS) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
SS - | Demand 08/12/2011 273168 | (MyWiFiDHCPDNS) . (...) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 18/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 04/03/2011 379520 | (AFBAgent) . (.ASUSTeK Computer Inc..) - C:\Windows\system32\FBAgent.exe
SR - | Auto 09/01/2012 659968 | (AMPPALR3) . (.Intel Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
SR - | Auto 21/11/2011 80512 | (ASLDRService) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
SR - | Auto 13/04/2012 277120 | (ASUS InstantOn) . (.ASUS.) - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
SR - | Auto 21/11/2011 96896 | (ATKGFNEXSrv) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
SR - | Auto 10/10/2013 356128 | (AVP) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
SR - | Auto 22/02/2012 1014096 | (Bluetooth Device Monitor) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
SR - | Demand 22/02/2012 1304912 | (Bluetooth Media Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
SR - | Auto 22/02/2012 1104208 | (Bluetooth OBEX Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
SR - | Auto 12/01/2012 135952 | (BTHSSecurityMgr) . (.Intel(R) Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
SR - | Auto 20/12/2013 574464 | (DefaultTabSearch) . (...) - C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe =>Adware.Bandoo
SR - | Auto 15/02/2013 107520 | (DefaultTabUpdate) . (...) - C:\Users\Marie-Ange\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe =>Adware.Bandoo
SR - | Auto 08/12/2011 618256 | (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SR - | Auto 08/02/2013 8704 | (HiPat
A voir également:
- PORTABLE TROP LENT, FERMETURE INTERNET ET PORTABLE TRES FREQUENT
- Nettoyer ordinateur portable lent - Guide
- Écran noir pc portable - Guide
- Réinitialiser pc portable - Guide
- Vidéoprojecteur portable - Guide
- Activer pavé tactile pc portable - Guide
1 réponse
Fish66
Messages postés
17505
Date d'inscription
dimanche 24 juillet 2011
Statut
Contributeur sécurité
Dernière intervention
16 juin 2021
1 318
Modifié par Fish66 le 16/03/2014 à 20:34
Modifié par Fish66 le 16/03/2014 à 20:34
Bonsoir,
1/
Télécharge : AdwCleaner (merci à Xplode)
Lance AdwCleaner
Clique sur Scanner puis Nettoyer, et patiente le temps du nettoyage.
Poste le rapport qui apparait en fin de recherche.
(Le rapport est sauvegardé aussi sous C:\AdwCleaner\AdwCleaner[x].txt)
----------------------------
Pour éviter d'avoir des publicités et des toolbars, tu peux lire <<< ceci >>>
2/
Télécharge: Junkware Removal Tool à partir ce lien : https://www.bleepingcomputer.com/download/junkware-removal-tool/dl/131/
!!! Ne clique pas sur Download !!! , attends simplement que la fenetre de telechargement arrive pour confirmation
* Enregistre ce fichier sur le bureau.
* Ferme tout tes navigateurs
Sous XP, double-clique sur l'icône et presse une touche lorsque cela sera demandé.
Sous Vista/7/8, clic droit et Exécuter en temps qu'administrateur.
* NB: Le bureau disparaitra un instant, c'est normal.
* Laisse le programme travailler ne touche plus à rien
* Poste le rapport généré à la fin de l'analyse.
Tuto : http://hackinginterdit.blogspot.fr/2013/02/junkware-removal-tool.html
3/
/!\ ATTENTION : cette analyse peut durer quelques heures /!\
* Télécharge MBAM et installe le selon l'emplacement par défaut
https://www.malwarebytes.com/mwb-download/
* Installe-le puis configure-le comme indiqué : <<< ICI >>>
* si tu n'as rien modifié fais directement quitter sinon enregistrer
* Lance Malwarebytes' Anti-Malware
=================================
Si MBAM est déjà installé, aller directement à la mise à jour puis à l'analyse.
==> Ce logiciel gratuit est à garder.
=================================
* Fais la mise à jour
* Clique dans l'onglet "Recherche"
* Coche l'option "Exécuter un examen complet" puis sur le bouton "Rechercher"
* Choisis de scanner tous tes disques durs, puis clique sur 'Lancer l'examen"
A la fin de l'analyse, si MBAM n'a rien trouvé :
* Clique sur OK, le rapport s'ouvre spontanément
Si des menaces ont été détectées :
* Clique sur OK puis "Afficher les résultats"
*Vérifie que toutes les lignes sont cochées
* Choisis l'option "Supprimer la sélection"
* Si MBAM demande le redémarrage de Windows : Clique sur "Oui"
* Le rapport s'ouvre automatiquement après la suppression, il se trouve aussi dans l'onglet "Rapports/Logs"
* Copie/colle le rapport dans le prochain message
Remarque :
- S'il y'a un problème de mise à jour de mbam, tu peux la faire manuellement en téléchargeant ce fichier puis en l'exécutant.
=================================
Si tu as besoin d'aide tu peux voir ce tutoriel : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Bonne soirée
¤¤¤ Le meilleur remède pour tous les problèmes, c'est la patience.... ¤¤¤
1/
Télécharge : AdwCleaner (merci à Xplode)
Lance AdwCleaner
Clique sur Scanner puis Nettoyer, et patiente le temps du nettoyage.
Poste le rapport qui apparait en fin de recherche.
(Le rapport est sauvegardé aussi sous C:\AdwCleaner\AdwCleaner[x].txt)
----------------------------
Pour éviter d'avoir des publicités et des toolbars, tu peux lire <<< ceci >>>
2/
Télécharge: Junkware Removal Tool à partir ce lien : https://www.bleepingcomputer.com/download/junkware-removal-tool/dl/131/
!!! Ne clique pas sur Download !!! , attends simplement que la fenetre de telechargement arrive pour confirmation
* Enregistre ce fichier sur le bureau.
* Ferme tout tes navigateurs
Sous XP, double-clique sur l'icône et presse une touche lorsque cela sera demandé.
Sous Vista/7/8, clic droit et Exécuter en temps qu'administrateur.
* NB: Le bureau disparaitra un instant, c'est normal.
* Laisse le programme travailler ne touche plus à rien
* Poste le rapport généré à la fin de l'analyse.
Tuto : http://hackinginterdit.blogspot.fr/2013/02/junkware-removal-tool.html
3/
/!\ ATTENTION : cette analyse peut durer quelques heures /!\
* Télécharge MBAM et installe le selon l'emplacement par défaut
https://www.malwarebytes.com/mwb-download/
* Installe-le puis configure-le comme indiqué : <<< ICI >>>
* si tu n'as rien modifié fais directement quitter sinon enregistrer
* Lance Malwarebytes' Anti-Malware
=================================
Si MBAM est déjà installé, aller directement à la mise à jour puis à l'analyse.
==> Ce logiciel gratuit est à garder.
=================================
* Fais la mise à jour
* Clique dans l'onglet "Recherche"
* Coche l'option "Exécuter un examen complet" puis sur le bouton "Rechercher"
* Choisis de scanner tous tes disques durs, puis clique sur 'Lancer l'examen"
A la fin de l'analyse, si MBAM n'a rien trouvé :
* Clique sur OK, le rapport s'ouvre spontanément
Si des menaces ont été détectées :
* Clique sur OK puis "Afficher les résultats"
*Vérifie que toutes les lignes sont cochées
* Choisis l'option "Supprimer la sélection"
* Si MBAM demande le redémarrage de Windows : Clique sur "Oui"
* Le rapport s'ouvre automatiquement après la suppression, il se trouve aussi dans l'onglet "Rapports/Logs"
* Copie/colle le rapport dans le prochain message
Remarque :
- S'il y'a un problème de mise à jour de mbam, tu peux la faire manuellement en téléchargeant ce fichier puis en l'exécutant.
=================================
Si tu as besoin d'aide tu peux voir ce tutoriel : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Bonne soirée
¤¤¤ Le meilleur remède pour tous les problèmes, c'est la patience.... ¤¤¤
