Popups mises à jour java plugins

Fermé
cuzco22 Messages postés 2 Date d'inscription samedi 17 mai 2014 Statut Membre Dernière intervention 18 mai 2014 - Modifié par Malekal_morte- le 17/05/2014 à 11:45
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 18 mai 2014 à 10:40
je n'arrête pas de télécharger des liens pour nettoyer mon pc mais les fausses mises à jour java reviennent et en plus, j'ai des pages de jeux -empire etc -mon pauvre ordi peine pour ouvrir les sites qui m'intéressent et mes "gamins" rouspètent parce que youtube bug.
Page de rapport du dernier nettoyage:~ Rapport de ZHPDiag v2014.5.16.65 - Nicolas Coolman (16/05/2014)
~ Lancé par maud (17/05/2014 11:14:21)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Blog d'analyse software : http://nicolascoolman.byethost7.com
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17107 (Defaut)
MFIE: Mozilla Firefox 29.0.1

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
System - Enable Open file C:\Users\maud\AppData\Roaming\ZHP\Licence.txt =>.Nicolas Coolman

---\\ Logiciels de protection du système
Kaspersky Internet Security v14.0.0.4651
Malwarebytes Anti-Malware version 2.0.1.1004
Windows Defender W7

---\\ Logiciels d'optimisation du système
CCleaner v4.12

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 13 Plugin
Adobe Reader X

---\\ Informations sur le système
~ Processor: AMD64 Family 20 Model 2 Stepping 0, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3576 MB (50% free)
System Restore: Activé (Enable)
System drive C: has 162 GB (73%) free of 222 GB

---\\ Mode de connexion au système
~ Computer Name: MAUD-PC
~ User Name: maud
~ All Users Names: maud, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\maud\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\maud\AppData\Roaming\
~ %Desktop% : C:\Users\maud\Desktop\
~ %Favorites% : C:\Users\maud\Favorites\
~ %LocalAppData% : C:\Users\maud\AppData\Local\
~ %StartMenu% : C:\Users\maud\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 162 Go of 222 Go)
D: Hard drive, Flash drive, Thumb drive (Free 223 Go of 223 Go)
E: CD-ROM drive (Free 0 Go of 3 Go)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)



---\\ Etat du Centre de Sécurité Windows
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.F220BA78AB542C70211D73AE4729B2CD] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.06/03/2014 - 07:22:40.) -- C:\Windows\System32\wininet.dll [2260480]
[MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.04/03/2014 - 10:43:50.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 01s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/536
~ Mes musiques (My Musics) : 1/704
~ Mes Videos (My Videos) : 1/29
~ Mes Favoris (My Favorites) : 1/19
~ Mes Documents (My Documents) : 1/688
~ Mon Bureau (My Desktop) : 3/44
~ Menu demarrer (Programs) : 1/8
~ Hidden Files: Scanned in 00mn 07s



---\\ Processus lancés
[MD5.177B43D22BF388B0D5ED8DD39D51604B] - (.Egis Technology Inc. - SuiteTray.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340848] [PID.2500]
[MD5.7540A112B052AC8DB4BC02F1039B235B] - (.Egis Technology Inc. - PMM Update Application.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [408432] [PID.2520]
[MD5.1AA5CE8A101B34121A50173F8A115D88] - (.CyberLink Corp. - clear.fi Movie Resident Program.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [185640] [PID.2676]
[MD5.278C64B644C224B28E601381103811A6] - (.Pas de propriétaire - Hotkey Utility.) -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [627304] [PID.2684]
[MD5.BF0EE37A14144C88A9F6FDA7B44981BB] - (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328] [PID.2724]
[MD5.048EA4B978851788E9F5E8E4F081DF7A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904] [PID.2904]
[MD5.AABF93F351E17EA4D42EE028A905AF45] - (.Wondershare - Wondershare Studio.) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824] [PID.1532]
[MD5.BAF535F843A3E790E04A7613811B55BC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.2360]
[MD5.327A10AFC14D13C6D3F731855801298C] - (.CyberLink Corp. - clear.fi Resident Program.) -- C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [218408] [PID.3640]
[MD5.6A8ABD13B2C30DED1125919576AA5E59] - (.Egis Technology Inc. - EgisUpdate Release Application.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202608] [PID.3720]
[MD5.BEA5FFED955674A89EAA44D93C7FE2ED] - (.CyberLink - CLMSService.) -- C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe [214312] [PID.4004]
[MD5.41AD6110110A2E89957F831DCBFAF892] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [6963512] [PID.4028]
[MD5.B03D7B041D077235226B184F2A4CAA0D] - (.CyberLink - DMREngine.) -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [321832] [PID.4088]
[MD5.B96D82EA7BC9A842028559968E9570D4] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe [1004864] [PID.4644]
[MD5.5AAA847845A6B3A547177325F4E1CCAA] - (.Advanced Micro Devices, Inc. - Load MMdriver application.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe [49664] [PID.5552]
[MD5.0DA891CB0703D912CEAFA072F54D002B] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.5864]
[MD5.4C820B50704EB1B259E63672EC55B122] - (.Kaspersky Lab ZAO - WebToolBar component.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\klwtblfs.exe [138944] [PID.1948]
[MD5.28B02EA673489A4EFBB20A9B302D523C] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [18544] [PID.4900]
[MD5.038053B5DB6B0DCFB32B7682334B7625] - (.Adobe Systems, Inc. - Adobe Flash Player 13.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe [1863856] [PID.1076]
[MD5.317235FAE521626B9EBED5F47A9ED75A] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7876096] [PID.1388]
[MD5.A3A35EE79C64A640152B3113E6E254E2] - (.Microsoft Corporation - Microsoft ® Console Based Script Host.) -- C:\Windows\SysWOW64\cscript.exe [126976] [PID.2832]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1476]
[MD5.30E3850F303EAE5C364782EA78579CC9] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624] [PID.1512]
[MD5.0D2F8F4055903A762AD46204E5A42E86] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512] [PID.1632]
[MD5.6BB516A31DE232DAB436FF3A117E1E80] - (.Acer Incorporated - Updater Service.) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe [255376] [PID.2100]
[MD5.0E08BDD7326E657D59DB40BAD23D8169] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720] [PID.2172]
[MD5.A8E7F3DB083EB0839DFC1C763CDD2594] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912] [PID.2404]
[MD5.0A3A25CFB3174E4D1E421D5CD52CA541] - (.Pas de propriétaire - Windows Update Service.) -- C:\Program Files (x86)\Security Updates Service\winupdsvc.exe [2019840] [PID.2864]
[MD5.39B1D0A636A400304565D4521FAD6D77] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [207528] [PID.3356]
[MD5.77C5A741A7452812F278EF2C18478862] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [523944] [PID.3924]
[MD5.FD557A50A65E44041CD2FCEF4BEB04DB] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822504] [PID.4788]
~ Processes Running: Scanned in 00mn 06s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\maud\AppData\Roaming\Mozilla\Firefox\Profiles\r1ncibdj.default-1378223951596\prefs.js
M3 - MFPP: Plugins - [maud] -- C:\Users\maud\AppData\Roaming\Mozilla\Firefox\Profiles\r1ncibdj.default-1378223951596\searchplugins\search_engine.xml
~ Firefox Browser: 6 Legitimates Filtered in 00mn 01s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 03s
~ Nombre de lignes (Lines number): 2023



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: EZ YouTube Video Downloader 1.0 [64Bits] - {FDBFEA30-EC51-4B8D-B4F0-8CA4F7253C0A} . (.XtensionPlus - Easy YouTube Video Downloader.) -- C:\Program Files (x86)\EZ YouTube Video Downloader\yvd.dll
O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} Clé orpheline
~ BHO: 17 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Easy Photo Print - [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL x64).) -- C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
~ Toolbar: Scanned in 00mn 00s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Wow6432Node\Run: [SuiteTray] . (.Egis Technology Inc. - SuiteTray.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
O4 - HKLM\..\Wow6432Node\Run: [EgisTecPMMUpdate] . (.Egis Technology Inc. - PMM Update Application.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [EgisUpdate] . (.Egis Technology Inc. - EgisUpdate Release Application.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [Norton Online Backup] . (.Symantec Corporation - Norton Online Backup Service.) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe =>.Symantec Corporation
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [ArcadeMovieService] . (.CyberLink Corp. - clear.fi Movie Resident Program.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
O4 - HKLM\..\Wow6432Node\Run: [Hotkey Utility] . (.Pas de propriétaire - Hotkey Utility.) -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
O4 - HKLM\..\Wow6432Node\Run: [EEventManager] . (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [Wondershare Helper Compact.exe] . (.Wondershare - Wondershare Studio.) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [stv_fr_4] Clé orpheline =>PUP.Eorezo
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\System32\msiexec.exe
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Clavier virtuel [64Bits] - {0C4CC089-D306-440D-9772-464E226F6539} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kbrd.ico
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\lync.exe (.not file.)
O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll =>.Microsoft Corporation
O9 - Extra button: Analyse des liens [64Bits] - {CCF151D8-D089-449F-A5A4-D9909053F20F} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\logo.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{8308353E-8AF6-41FA-B390-EDF742109D26}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{8308353E-8AF6-41FA-B390-EDF742109D26}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{8308353E-8AF6-41FA-B390-EDF742109D26}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Security Updates Service (Security Updates Service) . (.Pas de propriétaire - Windows Update Service.) - C:\Program Files (x86)\Security Updates Service\winupdsvc.exe
~ Services: 12 Legitimates Filtered in 01mn 06s



---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [{5D925405-772D-453C-A30A-5E24D7F2D84D}] (...) -- C:\Users\maud\AppData\Roaming\webssearches\UninstallManager.exe (.not file.) [0] =>Hijacker.WebsSearches
[MD5.00000000000000000000000000000000] [APT] [{6001AAE2-BED7-4602-B7BA-727F02B3A47F}] (...) -- C:\Users\maud\Downloads\epson377869eu.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{BF32A9DF-A523-4DBA-B22E-8F7486524FED}] (...) -- C:\Users\maud\AppData\Roaming\qone8\UninstallManager.exe (.not file.) [0] =>Hijacker.Qone8
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: - (..) -- C:\Windows\Tasks\updaterex.job.157480.gzquar [288] =>PUP.Dealply
~ Scheduled Task: 27 Legitimates Filtered in 00mn 14s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (wStLib64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\wStLib64.sys =>PUP.LinkiDoo
~ Drivers: 87 Legitimates Filtered in 00mn 04s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\IncrediMail]
[HKCU\Software\SecurityUpdatesService]
[HKLM\Software\SecurityUpdatesService]
[HKLM\Software\Wow6432Node\AdvertisingSupport] =>PUP.AdvertisingSupport
[HKLM\Software\Wow6432Node\SecurityUpdatesService]
[HKLM\Software\Wow6432Node\anset]
[HKLM\Software\Wow6432Node\wow search]
[HKLM\Software\wow search]
~ Key Software: 220 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 14/05/2014 - 14:44:36 - [] ----D C:\Program Files (x86)\Security Updates Service
O43 - CFD: 21/04/2014 - 19:45:03 - [] ----D C:\Program Files (x86)\wow search
O43 - CFD: 16/07/2013 - 03:35:58 - [] ----D C:\ProgramData\GZ
O43 - CFD: 12/04/2014 - 11:39:01 - [] ----D C:\Users\maud\AppData\Roaming\ driver
O43 - CFD: 29/04/2014 - 17:23:04 - [] ----D C:\Users\maud\AppData\Local\com
~ 18 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 207 Legitimates Filtered in 00mn 02s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.B46C52C845C8993E3CA697D98FEBB163] - 10/05/2014 - 16:41:30 ---A- . (...) -- C:\Windows\wininit.ini [124]
O44 - LFC:[MD5.2F9E1496274F132202D2EF6D896DB0B9] - 14/05/2014 - 13:38:02 ---A- . (...) -- C:\prefs.js [191]
O44 - LFC:[MD5.E40358F9DBF2B899B364C796BFAF3601] - 16/05/2014 - 12:12:39 ---A- . (...) -- C:\log.txt [560]
~ Files: 54 Legitimates Filtered in 00mn 20s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.D20109A3BA471B8F8E690ED039A91104] - 10/05/2014 - 16:25:28 ---A- - C:\Windows\Prefetch\ADVANCEDSYSTEMPROTECTOR.EXE-E642B018.pf =>PUP.AdvancedSystemProtector
O45 - LFCP:[MD5.B99FFCDAE672B6178943E807868EE75E] - 10/05/2014 - 16:24:12 ---A- - C:\Windows\Prefetch\MYSEARCHDIAL.EXE-367D70E7.pf =>Adware.MyWebSearch
O45 - LFCP:[MD5.9A31FA2DC164E25AA52F6496BF661471] - 10/05/2014 - 16:24:09 ---A- - C:\Windows\Prefetch\MYSEARCHDIALUPDATE.EXE-C6FE25CB.pf =>Adware.MyWebSearch
O45 - LFCP:[MD5.1C9E3A01D9A77E2B3FFEE6199D749E23] - 10/05/2014 - 16:26:22 ---A- - C:\Windows\Prefetch\UPDATEWEBGET.EXE-5DDB6481.pf =>PUP.WebGet
O45 - LFCP:[MD5.122DA985AD0C567CCDEF70CDBF442A6A] - 10/05/2014 - 16:41:38 ---A- - C:\Windows\Prefetch\WEBGET.FIRSTRUN.EXE-A3939A89.pf =>PUP.WebGet
O45 - LFCP:[MD5.41FDA811287E5331D22B6C719AA611ED] - 10/05/2014 - 16:22:32 ---A- - C:\Windows\Prefetch\WEBGET_SETUP.EXE-C256F72E.pf =>PUP.WebGet
O45 - LFCP:[MD5.B2E03F2BED0E18F1FF67E8B868EC032B] - 10/05/2014 - 16:25:10 ---A- - C:\Windows\Prefetch\WEBGET_SETUP.EXE-CD8DE8E9.pf =>PUP.WebGet
~ Prefetcher: 7 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:13/12/2012 - 13:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:30/03/2014 - 21:05:11 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\wStLib64.sys [61120] =>PUP.LinkiDoo
~ Drivers: 67 Legitimates Filtered in 00mn 06s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 10/05/2014 - 11:17:22 ---A- . (...) -- C:\Users\maud\Downloads\13-12_win7_win8_64_dd_ccc_whql.exe [49900]
O61 - LFC: 10/05/2014 - 11:17:22 ---A- . (...) -- C:\Users\maud\Downloads\adwcleaner(4).exe [1316991]
O61 - LFC: 10/05/2014 - 11:17:30 ---A- . (...) -- C:\Users\maud\Downloads\DriverTurboSetup.exe [231952]
O61 - LFC: 13/05/2014 - 11:17:22 ---A- . (...) -- C:\Users\maud\Downloads\adwcleaner(5).exe [1325827]
O61 - LFC: 14/05/2014 - 11:17:22 ---A- . (...) -- C:\Users\maud\Downloads\adwcleaner(3).exe [1325827]
O61 - LFC: 16/05/2014 - 11:17:30 ---A- . (...) -- C:\Users\maud\Downloads\adwcleaner-3.208.exe [1325827]
~ 42 Fichiers temporaires (Temporary files)
~ 9 Fichiers cookies (Cookies files)
~ Files: 23 Legitimates Filtered in 00mn 25s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 30/03/2014 - C:\Windows\System32\drivers\wStLib64.sys (wStLib64) .(.StdLib - StdLib.) - LEGACY_WSTLIB64 =>PUP.LinkiDoo
~ Legacy: 100 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] C7869757A867424CAEE407151F19275E - (Mysearchdial) - http://start.mysearchdial.com =>Adware.MyWebSearch
O69 - SBI: SearchScopes [HKCR] {9bb2c1cc-4a7d-4cd5-bce9-0ca5f9ff8391} [DefaultScope] - (wow search) - http://wow.utop.it =>PUP.WowSearch
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.E1382F2EA9423C03B1E58C08D6B7C9BE] [SPRF][03/05/2014] (...) -- C:\ProgramData\1399108382.bdinstall.bin [37000]
[MD5.D2D8722999A84CAC5E7C866DB01DCE9D] [SPRF][03/05/2014] (...) -- C:\ProgramData\1399108385.bdinstall.bin [100730]
[MD5.608208FEB1F223CDA528074085FC649E] [SPRF][02/07/2013] (...) -- C:\ProgramData\ntuser.dat [262144]
[MD5.111E839B1BBDB3A606A244A464C64557] [SPRF][27/04/2014] (...) -- C:\ProgramData\Setup_EZ_YouTube_Video_Downloader_v1.1.7.exe [2499605]
[MD5.428D04E6A598F1D99D303E2510550A64] [SPRF][13/05/2014] (...) -- C:\ProgramData\Setup_EZ_YouTube_Video_Downloader_v1.1.8.exe [2500744]
[MD5.27DA83887D879877BF5D55B6A9581F52] [SPRF][16/05/2014] (...) -- C:\ProgramData\Setup_EZ_YouTube_Video_Downloader_v1.1.9.exe [2501961]
[MD5.EB9CDFD9B0F9E0887A944330942143AB] [SPRF][27/04/2014] (...) -- C:\ProgramData\yvd_chrome_se.exe [2029908]
[MD5.3DA0526556D942CABE180397C9E3C0A7] [SPRF][27/04/2014] (...) -- C:\ProgramData\yvd_firefox_se.exe [1517522]
[MD5.47F2DCB9257A8CDB05CF1F5F1FE89988] [SPRF][27/04/2014] (...) -- C:\ProgramData\yvd_ie_se.exe [833638]
~ Files: 9 Legitimates Filtered in 00mn 00s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "279A5E3D51A9D724EA8718185ADF49C3" . (.eBay Worldwide.) -- c:\Windows\Installer\{D3E5A972-9A15-427D-AE78-8181A5FD943C}\_6FEFF9B68218417F98F549.exe =>Toolbar.eBay
~ Update Products: 1 Legitimates Filtered in 00mn 02s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.0E4185F75C1394897DB73CCC3368CA4B] [WIS][11/06/2012] (.Microsoft Corporation - Bing Bar.) -- C:\Windows\Installer\1777f.msi [475136] =>Toolbar.Bing
[MD5.0A517BFDBF16092D7D813FAA69BB7F65] [WIS][09/02/2014] (.LPT - LPT System Updater Service.) -- C:\Windows\Installer\9c8dcd.msi [1712128] =>Adware.IncrediBar
[MD5.0E4185F75C1394897DB73CCC3368CA4B] [WIS][11/06/2012] (.Microsoft Corporation - Bing Bar.) -- C:\Windows\Installer\a9a8.msi [475136] =>Toolbar.Bing
~ WIS: 3 Legitimates Filtered in 00mn 16s



---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASAPI32 =>Adware.NewPlayer
HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASMANCS =>Adware.NewPlayer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32 =>Toolbar.Bing
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\melondrea_RASAPI32 =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\melondrea_RASMANCS =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MovieModeService_RASAPI32 =>PUP.MovieMode
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MovieModeService_RASMANCS =>PUP.MovieMode
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MovieMode_RASAPI32 =>PUP.MovieMode
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MovieMode_RASMANCS =>PUP.MovieMode
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatemelondrea_RASAPI32 =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatemelondrea_RASMANCS =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatewebget_RASAPI32 =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatewebget_RASMANCS =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilJumpFlip_RASAPI32 =>PUP.JumpFlip
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilJumpFlip_RASMANCS =>PUP.JumpFlip
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilmelondrea_RASAPI32 =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilmelondrea_RASMANCS =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webget_RASAPI32 =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webget_RASMANCS =>PUP.WebGet
~ BTK: 201 Legitimates Filtered in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 14/05/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 11/06/2012 193616 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe =>Toolbar.Bing
SS - | Demand 11/06/2012 240208 | (BBUpdate) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe =>Toolbar.Bing
SS - | Demand 02/04/2011 173424 | (EgisTec Ticket Service) . (.Egis Technology Inc..) - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
SS - | Demand 10/05/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 25/11/2011 687400 | (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SR - | Auto 18/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 24/05/2011 204288 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 12/10/2013 214512 | (AVP) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 09/03/2014 151648 | (EPSON_PM_RPCV4_04) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.exe
SR - | Demand 02/11/2013 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 06/02/2012 255376 | (Live Updater Service) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
SR - | Auto 03/04/2014 1809720 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
SR - | Auto 03/04/2014 857912 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
SR - | Auto 01/06/2010 2804568 | (NOBU) . (.Symantec Corporation.) - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe =>.Symantec Corporation
SR - | Auto 11/06/2014 2019840 | (Security Updates Service) . (...) - C:\Program Files (x86)\Security Updates Service\winupdsvc.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 26s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by maud at 17/05/2014 11:20:29
~ OS 64 not supported by MBR tool
~ MBR: 0 Legitimates Filtered in 00mn 00s



---\\ Scan Additionnel (O88)
Database Version : 13045 - (16/05/2014)
Clés trouvées (Keys found) : 3
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 5

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\90C64EA18BA25EE488BF80DCF07F2FFD] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:stv_fr_4 =>PUP.Eorezo^
C:\Windows\Tasks\updaterex.job.157480.gzquar =>PUP.Dealply^
[HKLM\Software\Wow6432Node\AdvertisingSupport] =>PUP.AdvertisingSupport^
C:\Windows\Installer\1777f.msi =>Toolbar.Bing^
C:\Windows\Installer\9c8dcd.msi =>Adware.IncrediBar^
C:\Windows\Installer\a9a8.msi =>Toolbar.Bing^
~ Additionnel Scan: 317732 Items scanned in 01mn 24s



---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.byethost7.com/pup-eorezo =>PUP.Eorezo
http://nicolascoolman.byethost7.com/hijacker-webssearches =>Hijacker.WebsSearches
http://nicolascoolman.webs.com/apps/blog/show/33262880-hijacker-qone8 =>Hijacker.Qone8
http://nicolascoolman.byethost7.com/pup-dealply =>PUP.Dealply
http://nicolascoolman.byethost7.com/pup-linkidoo =>PUP.LinkiDoo
http://nicolascoolman.byethost7.com/pup-advancedsystemprotector =>PUP.AdvancedSystemProtector
http://nicolascoolman.byethost7.com/adware-mywebsearch =>Adware.MyWebSearch
http://nicolascoolman.byethost7.com/pup-webget =>PUP.WebGet
http://nicolascoolman.byethost7.com/pup-wowsearch =>PUP.WowSearch
http://nicolascoolman.byethost7.com/adware-incredibar =>Adware.IncrediBar
http://nicolascoolman.byethost7.com/pup-mypcbackup =>PUP.MyPCBackup
http://nicolascoolman.byethost7.com/pup-melondrea =>PUP.Melondrea
http://nicolascoolman.byethost7.com/pup-jumpflip =>PUP.JumpFlip
http://nicolascoolman.byethost7.com/adware-boxore =>Adware.Boxore
~ MSI: 14 link(s) detected in 00mn 00s



~ 918 Legitimates filtered by white list
End of the scan (493 lines in 07mn 38s)(0)




rien que pour écrire mon petit mot, il m'a fallu 10 mn !!! HELP !!!!
A voir également:

2 réponses

Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 660
17 mai 2014 à 11:45
Salut,

Tu as installé des adwares et programmes parasites sur ton PC qui ouvrent des publicités et ralentissent l'ordinateur et les navigateurs WEB.
Voici la procédure à suivre pour les supprimer :

Télécharge https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start= AdwCleaner ( d'Xplode ) sur ton bureau.
Sur la page d'AdwCleaner, à droite, clic sur la disquette grise avec la flèche verte pour lancer le téléchargement.
Lance AdwCleaner, clique sur [Scanner].
Le scan peux durer plusieurs minutes, patienter.
Une fois le scan terminé, clique sur [Nettoyer]

Une fois le nettoyage terminé, un rapport s'ouvrira. Copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller.
Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message.

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt



puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
* Internet Explorer et modules complémentaires / moteurs de recherche : https://forum.malekal.com/viewtopic.php?t=41399&start=
* Firefox : https://www.malekal.com/reparer-firefox/?t=36057&start=
* Google Chrome : https://www.malekal.com/reparer-google-chrome/?t=35837&start=


0
cuzco22 Messages postés 2 Date d'inscription samedi 17 mai 2014 Statut Membre Dernière intervention 18 mai 2014
18 mai 2014 à 10:40
merci; mais tout ça, je l'ai déjà fait et malheureusement, ça ne résoud rien; je vais envoyer ma tour à formater, plus simple et radical!
Bon we!
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 660
18 mai 2014 à 10:40
on n'a pas terminé....
donne les rapports.
0