HELP websearches!!!!

trippymarry Messages postés 2 Date d'inscription   Statut Membre Dernière intervention   -  
Malekal_morte- Messages postés 180304 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   -
Bonjour,

j'ai vraiment besoin de quelqu'un qui m'aide a me debarasser de websearches ! j ai fait touts les choses que j ai lu sur les forums et il est tjs la!
j'ai mon rapport de ZHPdiag qui est ci dessous :

~ Rapport de ZHPDiag v2014.9.14.133 - Nicolas Coolman (10/09/2014)
~ Lancé par marie (17/09/2014 19:37:29)
~ Adresse du Site Web https://nicolascoolman.eu
~ Adresse du Forum https://nicolascoolman.eu
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17280

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : CGKHQ
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
Malwarebytes' Anti-Malware
Microsoft Security Client FR-FR Language Pack v2.1.1116.0
Windows Defender W7 (Deactivate)

---\\ Logiciels d'optimisation du système
CCleaner v2.35

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 15 Plugin
Adobe Reader X

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 37 Stepping 2, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3950 MB (44% free)
System Restore: Activé (Enable)
System drive C: has 64 GB (22%) free of 287 GB

---\\ Mode de connexion au système
~ Computer Name: THEVENIAU
~ User Name: marie
~ All Users Names: marie, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\marie\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\marie\AppData\Roaming\
~ %Desktop% : C:\Users\marie\Desktop\
~ %Favorites% : C:\Users\marie\Favorites\
~ %LocalAppData% : C:\Users\marie\AppData\Local\
~ %StartMenu% : C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 64 Go of 287 Go)
D: Floppy drive, Flash card reader, USB Key (Not Inserted)
E: Floppy drive, Flash card reader, USB Key (Not Inserted)
F: CD-ROM drive (Free 0 Go of 7 Go)
H: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 49 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.39EBB9708453036A74C30C9A294023FF] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.18/08/2014 - 22:15:13.) -- C:\Windows\System32\wininet.dll [2310656]
[MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.04/03/2014 - 10:43:50.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/4067
~ Mes musiques (My Musics) : 1/1874
~ Mes Videos (My Videos) : 1/3
~ Mes Favoris (My Favorites) : 1/162
~ Mes Documents (My Documents) : 1/16887
~ Mon Bureau (My Desktop) : 2/11937
~ Menu demarrer (Programs) : 1/102
~ Hidden Files: Scanned in 00mn 06s



---\\ Processus lancés
[MD5.112854FD524F472159E8F32548A7F62D] - (...) -- C:\Program Files (x86)\SupTab\HpUI.exe [733576] [PID.1964] =>PUP.SupTab
[MD5.2A68FABC6F7F5334690B185416651C08] - (...) -- C:\Program Files (x86)\ver0NewPlayer\C6NewPlayery.exe [255488] [PID.2156] =>Adware.NewPlayer
[MD5.D46415CD75DDA09F0A17D2FDA2235CB0] - (...) -- C:\Program Files (x86)\SupTab\Loader32.exe [64000] [PID.2880] =>PUP.SupTab
[MD5.AA0401A82399F18BFE0DD0672AC5AB01] - (.MediaFire LLC - systray.) -- C:\Users\marie\AppData\Local\MediaFire Express\mf_systray.exe [2349640] [PID.3880]
[MD5.7A6A4EDC0CEF9DE9CAFFDFE36D991FD4] - (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\marie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752] [PID.4088]
[MD5.5C34D25066BB1C424C8C5896C05657BE] - (...) -- C:\Users\marie\AppData\Local\Genesis_09151907\Genesis_09151907.exe [2707456] [PID.2528] =>PUP.Genesis
[MD5.5EA80B00E1F5931641E8B95A23B7342D] - (.Orbiscom Ltd. All rights reserved. - ECBL Client.) -- C:\Program Files (x86)\e-Carte Bleue LCL\ecbl-lcl.exe [278528] [PID.3532]
[MD5.E466354B25D53583E04BE278A8667415] - (.A Note - A Note.) -- C:\Program Files (x86)\A Note\A Note.exe [647168] [PID.3728]
[MD5.F81BB17F053CCF309C49107B0B09F2DA] - (.Sony Corporation - Media Check Tool.) -- C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe [597792] [PID.2272]
[MD5.6C72E91639AA9D190CDA13D389FE7827] - (.Sony Corporation - Pas de description.) -- C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe [320880] [PID.3472]
[MD5.EF4BF6AB09A06867104DAC48DF35E779] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696] [PID.1952]
[MD5.3EAE79F9C5FB21F0B4231832FA6FED28] - (.Evernote Corp., 305 Walnut Street, Redwood - Evernote Clipper.) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe [1107808] [PID.3456]
[MD5.A1ED44DABCD252B95CD09487B65F734C] - (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe [640376] [PID.3908]
[MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.exe [97680] [PID.3896]
[MD5.C7F05A3FD4A8DC4EE7A7866876E1534C] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968] [PID.2452]
[MD5.FFB2F4E0B28D40A726FC2159E1466C30] - (...) -- C:\Program Files (x86)\mbot_fr_91\mbot_fr_91.exe [3973576] [PID.1844] =>PUP.CrossRider
[MD5.7D6D3605CEB50D5DA275EDE9349F549F] - (.Sony Corporation - SHTtray.) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [99624] [PID.2008]
[MD5.0BB6A06204C0559BBD71BEFD5CD637ED] - (...) -- C:\Users\marie\AppData\Local\MediaFire Express\mf_daemon.exe [2433608] [PID.6848]
[MD5.A917431C32865D7E35DAFB5D8F556F60] - (...) -- C:\Users\marie\AppData\Local\MediaFire Express\mf_status.exe [2084424] [PID.3060]
[MD5.B08EDAF32A5C526BA52D3AFF9BFD37D1] - (.MediaFire - MediaFire Uploader.) -- C:\Users\marie\AppData\Local\MediaFire Express\mf_services.exe [3302984] [PID.6992]
[MD5.4D96F6F7508BDF46771262EEEA505F98] - (.Sony of America Corporation - VaioCare Window Listener Application.) -- C:\Program Files\Sony\VAIO Care\listener.exe [81016] [PID.7540]
[MD5.B05B0C00659D9342CCD23637E11CC8CA] - (...) -- C:\Users\marie\Downloads\Player Setup.exe [1055472] [PID.12476]
[MD5.F8BFA29D0F02CB800F48CD90091B95B8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8104448] [PID.22272]
[MD5.1D915D5E8E564B00C2AC53BE2805EB0B] - (...) -- C:\Users\marie\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe [113152] [PID.22480] =>Hijacker.DSite
[MD5.1938AF3906C6241CDB5BB14C417E9E15] - (.Microsoft Corporation - Microsoft Office Word.) -- C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.exe [409776] [PID.21480]
[MD5.AC08A03D7E579E2903925736E7AB48F2] - (.Google Inc. - Google Chrome.) -- C:\Users\marie\AppData\Local\Google\Chrome\Application\chrome.exe [852808] [PID.21672]
[MD5.5E0C29FCD859AB8D5B1C859F034D8F2F] - (.Cherished Technololgy LIMITED - IePlugin Service.) -- C:\ProgramData\IePluginServices\PluginService.exe [715656] [PID.1456] =>PUP.IePluginService
[MD5.397B966BBCA15D72AE702FDF31D02F99] - (.Fuyu LIMITED - WindowsProtectManger Service.) -- C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896] [PID.1612] =>PUP.Fuyu
[MD5.C5BAD28B0F6AB2C143BD253E5BAD8FA8] - (.app - Browser+ Apps+ exe.) -- C:\Program Files (x86)\Browser+ Apps+\e3ccad92-985e-4461-beca-6c8efa6945b5.exe [346528] [PID.2280]
[MD5.5460828F8951D310B42B442877603B8D] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [268824] [PID.3156]
[MD5.59ADC3A2C8BCFA67E78299869F1D48FC] - (...) -- C:\Program Files (x86)\ver0NewPlayer\L7NewPlayerHJ178.exe [291840] [PID.3216] =>Adware.NewPlayer
[MD5.627FA58ADC043704F9D14CA44340956F] - (.Sony Corporation - Device Information Provider.) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [360224] [PID.2092]
[MD5.1ABE08B289452D24884530C03839183A] - (...) -- C:\monitor.exe [487483] [PID.3828]
[MD5.5361FCBCC3F9BA07C852DEE963F1E1F4] - (...) -- C:\Windows\score.exe [4823040] [PID.4308]
[MD5.E5C796B621F6FBA8616511063D7F0FFE] - (.StarWind Software - StarWind iSCSI Target (Alcohol Edition).) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688] [PID.4408]
[MD5.747E60B773E95F6C93D5621B550D6865] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [92008] [PID.4468]
[MD5.63F6D08C54D5B3C1B12A6172032055C7] - (.ArcSoft, Inc. - MgiSvr.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960] [PID.4576]
[MD5.6B31C9CB94927DBEEB62E15275F4CC54] - (.Sony Corporation - VAIO Event Service (Service Module).) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe [205168] [PID.4604]
[MD5.6A740F5FF3246C3BE3DD317299EFC88E] - (.Sony Corporation - VAIO Content Folder Watcher.) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [642416] [PID.4648]
[MD5.10E212BFB7EAB152A64C1AAEC2F7F4E0] - (.Sony Corporation - VCM Intelligent Analyzing Manager.) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [529776] [PID.4684]
[MD5.D8BEF4AC1EAC809DBDBD441D6CFF6C4C] - (.Sony Corporation - VAIO Entertainment Database Service.) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [206336] [PID.4820]
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\SysWOW64\DllHost.exe [7168] [PID.4884]
[MD5.CC800D2D9FD467542BAC7C186C4774AD] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13336] [PID.4940]
[MD5.7CD368DFF5D7D4BA9F8F46F31EA8877D] - (.Sony Corporation - VAIO Event Service(Service Sub Module).) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe [112488] [PID.2952]
[MD5.411F9EEF72CACD4E76431B282099A3A6] - (.MyOSCompany - Pas de description.) -- C:\Program Files (x86)\PCTRunner\MyOSProtect.exe [1317096] [PID.7048]
[MD5.D347D3ABE070AA09C22FC37121555D52] - (.Sony Corporation - VAIOCare.) -- C:\Program Files\Sony\VAIO Care\VCService.exe [44736] [PID.2820]
[MD5.C5679E5186B2FC95BC76A8A9870D5456] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [64704] [PID.5212]
[MD5.9E89C2D6945389270DE067CE51FF7425] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2320920] [PID.7628]
~ Processes Running: Scanned in 00mn 02s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][StartupURLs] http://www.webpageing.com/?type=hp&ts=1410808124&from=tugs&uid=TOSHIBAXMK3265GSX_40BJSED5SXX40BJSED5S =>Hijacker.WebsSearches
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Docs v.0.7 (Activé)
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activé)
G2 - GCE: Preference [User Data\Default] [bepbmhgboaologfdajaanbcjmnhjmhfn] Google Voice Search Hotword (Beta) v.0.1.1.5023, (Désactivé)
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé)
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activé)
G2 - GCE: Preference [User Data\Default] [dnhpdliibojhegemfjheidglijccjfmc] hotword helper v.0.0.2.0 (Activé)
G2 - GCE: Preference [User Data\Default] [eeibjhjmddgcdbniedjoghdgbofbecad] Plus-HD-5.7 v.1.26.12, (Activé) =>Adware.PlusHD
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [fnefekibahpibgnllfjpckodgobkpije] ObviousIdea v.2.0 (Désactivé)
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [kmendfapggjehodndflmmgagdbamhnfd] CryptoTokenExtension v.0.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Skype Click to Call v.7.3.16540.9015, (Désactivé)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mfffpogegjflfpflabcdkioaeobkgjik] GaiaAuthExtension v.0.0.1, (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pelmeidfhdlhlbjimpabfcbnnojbboma] Quick start v.4.5.7, (Désactivé) =>PUP.QuickStart
G2 - GCE: Preference [User Data\Default] [pflphaooapbgpeakohlggbpidpppgdff] MySearchDial v.9.4.10.0 (Désactivé) =>Adware.MyWebSearch
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activé)

---\\ Liste des dossiers d'extension Google Chrome
G2 - EXT: C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [Google Docs]
G2 - EXT: C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [Google Drive]
G2 - EXT: C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [Google Voice Search Hotword (Beta)]
G2 - EXT: C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [YouTube]
G2 - EXT: C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [Recherche Google]
G2 - EXT: C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeibjhjmddgcdbniedjoghdgbofbecad [Plus-HD-5.7] =>Adware.PlusHD
G2 - EXT: C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [Skype Click to Call]
G2 - EXT: C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [Google Wallet]
G2 - EXT: C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [Gmail]
~ Google Lines Browser: 101 Scanned in 00mn 07s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M3 - MFPP: Plugins - [marie] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo.xml
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll
P2 - FPN: [HKLM] [@divx.com/DivX VOD Helper,version=1.0.0] - (.DivX, LLC. - DivX VOD Helper Plug-in.) -- C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30514.0.) -- c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\marie\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\marie\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll
~ Firefox Browser: 8 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com =>Hijacker.WebsSearches
R0 - HKCU\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.rpidity.com =>Adware.Boxore
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) [64Bits] - {ef79f67a-6ad7-4715-a0f8-932fca442023} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
~ IE Browser: 22 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:14192;https=127.0.0.1:14192 =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (38)
~ Hosts File: Scanned in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: IETabPage Class [64Bits] - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} . (.Thinknice Co. Limited - SupTab setup package.) -- C:\Program Files (x86)\SupTab\SupTab.dll =>PUP.SupTab
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Evernote extension [64Bits] - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} . (.Evernote Corp., 305 Walnut Street, Redwood - Evernote Clipper for Microsoft Internet Exp.) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Windows Live Messenger Companion Helper [64Bits] - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper [64Bits] - {AE7CD045-E861-484f-8273-0445EE161910} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect [64Bits] - {F4971EE7-DAA0-4053-9964-665D8EE6A077} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
~ BHO: 27 Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{47833539-D0C5-4125-9FA8-0819E2EAAC93} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{EF79F67A-6AD7-4715-A0F8-932FCA442023} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [Apoint] C:\Program Files (x86)\Apoint\Apoint.exe (.not file.)
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\marie\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [MediaFire Tray] . (.MediaFire LLC - systray.) -- C:\Users\marie\AppData\Local\MediaFire Express\mf_systray.exe
O4 - HKCU\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virual Drive Auto-mount Service.) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\marie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
O4 - HKCU\..\Run: [genesis_09151907] . (...) -- c:\users\marie\appdata\local\genesis_09151907\genesis_09151907.exe =>PUP.Genesis
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [PMBVolumeWatcher] . (.Sony Corporation - Media Check Tool.) -- C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Wow6432Node\Run: [McENUI] C:\Program Files (x86)\McAfee\MHN\McENUI.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [mcagent_exe] C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [ISBMgr.exe] . (.Sony Corporation - Pas de description.) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Wow6432Node\Run: [Acrobat Assistant 8.0] . (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [Nikon Message Center 2] . (.Nikon Corporation - Nikon Message Center 2.) -- C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Acrobat Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [DivXMediaServer] . (.DivX, LLC - DivX DLNA Media Server.) -- C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Wow6432Node\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [mbot_fr_91] . (...) -- C:\Program Files (x86)\mbot_fr_91\mbot_fr_91.exe =>PUP.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [SHTtray.exe] . (.Sony Corporation - SHTtray.) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3139943461-1601743475-248666631-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\marie\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKUS\S-1-5-21-3139943461-1601743475-248666631-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-3139943461-1601743475-248666631-1000\..\Run: [MediaFire Tray] . (.MediaFire LLC - systray.) -- C:\Users\marie\AppData\Local\MediaFire Express\mf_systray.exe
O4 - HKUS\S-1-5-21-3139943461-1601743475-248666631-1000\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virual Drive Auto-mount Service.) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe
O4 - HKUS\S-1-5-21-3139943461-1601743475-248666631-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3139943461-1601743475-248666631-1000\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\marie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
O4 - HKUS\S-1-5-21-3139943461-1601743475-248666631-1000\..\Run: [genesis_09151907] . (...) -- c:\users\marie\appdata\local\genesis_09151907\genesis_09151907.exe =>PUP.Genesis
~ Application: Scanned in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 [64Bits] - {A95fe080-8f5d-11d2-a20b-00aa003c157a} . (.Evernote Corp., 305 Walnut Street, Redwood - Evernote Clipper for Microsoft Internet Explorer.) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteIEx64.dll
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 [64Bits] - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 9 Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A708873B-716A-44B3-B1C9-47A070C18931}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 =>.Google DNS Redirections
O17 - HKLM\System\CCS\Services\Tcpip\..\{BB704E9C-4CBC-4B7F-96A0-AED759373D1A}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\..\{EE3BB949-9377-4704-8BAB-2354FCAAE36F}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS1\Services\Tcpip\..\{A708873B-716A-44B3-B1C9-47A070C18931}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 =>.Google DNS Redirections
O17 - HKLM\System\CS1\Services\Tcpip\..\{BB704E9C-4CBC-4B7F-96A0-AED759373D1A}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CS1\Services\Tcpip\..\{EE3BB949-9377-4704-8BAB-2354FCAAE36F}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS2\Services\Tcpip\..\{A708873B-716A-44B3-B1C9-47A070C18931}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 =>.Google DNS Redirections
O17 - HKLM\System\CS2\Services\Tcpip\..\{2662349C-CB43-4175-BE45-A996701B0AC8}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{BB704E9C-4CBC-4B7F-96A0-AED759373D1A}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CS2\Services\Tcpip\..\{EE3BB949-9377-4704-8BAB-2354FCAAE36F}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Optimizer Pro Crash Monitor (70e6ca8c) . (...) - c:\Program Files (x86)\Optimizer Pro\OptProCrash.dll (.not file.) =>PUP.OptimizerPro
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe
O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) . (.globalUpdate - globalUpdate Update.) - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IePlugin Services (IePluginServices) . (.Cherished Technololgy LIMITED - IePlugin Service.) - C:\ProgramData\IePluginServices\PluginService.exe =>PUP.IePluginService
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: NewPlayer (NewPlayer) . (...) - C:\Program Files (x86)\ver0NewPlayer\L7NewPlayerHJ178.exe =>Adware.NewPlayer
O23 - Service: NewVideoPlayer Updater Service (NewVideoPlayerUpdaterService) . (.Pas de propriétaire - NewVideoPlayerUpdaterService.) - C:\Program Files (x86)\NewPlayer\NewVideoPlayerUpdaterService.exe =>Adware.NewPlayer
O23 - Service: PMBDeviceInfoProvider (PMBDeviceInfoProvider) . (.Sony Corporation - Device Information Provider.) - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: Protect Monitor (ProtectMonitor) . (...) - C:\monitorsvc.exe
O23 - Service: Roxio Upnp Server 10 (Roxio Upnp Server 10) . (.Sonic Solutions - RoxioUpnpService10 Module.) - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: VAIO Care Performance Service (SampleCollector) . (.Sony Corporation - VAIO Care Performance Service.) - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
O23 - Service: scores (scores) . (...) - C:\Windows\score.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) . (.StarWind Software - StarWind iSCSI Target (Alcohol Edition).) - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: TomTomHOMEService (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: CamMonitor (uCamMonitor) . (.ArcSoft, Inc. - MgiSvr.) - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: Intel(R) Management & Security Application User Notificatio (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: VAIO Event Service (VAIO Event Service) . (.Sony Corporation - VAIO Event Service (Service Module).) - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Content Folder Watcher (VCFw) . (.Sony Corporation - VAIO Content Folder Watcher.) - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) . (.Sony Corporation - VCM Intelligent Analyzing Manager.) - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VSNService (VSNService) . (.Sony Corporation - VAIO Smart Network Service.) - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) . (.Sony Corporation - VAIO Entertainment Database Service.) - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) . (.Fuyu LIMITED - WindowsProtectManger Service.) - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Fuyu
~ Services: 26 Scanned in 00mn 10s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.0309013B9EC230AA6F4B8528277C761E] [APT] [1a10f082-58f5-4e2e-867a-bf33edb84ad8] (...) -- C:\Program Files (x86)\Browser+ Apps+\1a10f082-58f5-4e2e-867a-bf33edb84ad8.exe [32160]
[MD5.75A148DB0BA384F14DDECFB52A4D8F95] [APT] [364a3a11-805d-4044-ac37-3e2df9dbfbbe-1] (.app.) -- C:\Program Files (x86)\Browser+ Apps+\Browser+ Apps+-codedownloader.exe [1080736]
[MD5.68B06D268F80EE8BB71BF0720CF3C1AC] [APT] [364a3a11-805d-4044-ac37-3e2df9dbfbbe-11] (.app.) -- C:\Program Files (x86)\Browser+ Apps+\364a3a11-805d-4044-ac37-3e2df9dbfbbe-11.exe [1929120]
[MD5.4E644E373E06A69715D508264ECC08F3] [APT] [364a3a11-805d-4044-ac37-3e2df9dbfbbe-2] (.app.) -- C:\Program Files (x86)\Browser+ Apps+\364a3a11-805d-4044-ac37-3e2df9dbfbbe-2.exe [908704]
[MD5.68B06D268F80EE8BB71BF0720CF3C1AC] [APT] [364a3a11-805d-4044-ac37-3e2df9dbfbbe-3] (.app.) -- C:\Program Files (x86)\Browser+ Apps+\364a3a11-805d-4044-ac37-3e2df9dbfbbe-3.exe [1929120]
[MD5.5D9D2A011C496F360F146D434D7322B9] [APT] [364a3a11-805d-4044-ac37-3e2df9dbfbbe-4] (.app.) -- C:\Program Files (x86)\Browser+ Apps+\364a3a11-805d-4044-ac37-3e2df9dbfbbe-4.exe [1484704]
[MD5.2F08053B17A49EF40754EC44D54D12F5] [APT] [364a3a11-805d-4044-ac37-3e2df9dbfbbe-5] (.app.) -- C:\Program Files (x86)\Browser+ Apps+\364a3a11-805d-4044-ac37-3e2df9dbfbbe-5.exe [987040]
[MD5.2F08053B17A49EF40754EC44D54D12F5] [APT] [364a3a11-805d-4044-ac37-3e2df9dbfbbe-5_user] (.app.) -- C:\Program Files (x86)\Browser+ Apps+\364a3a11-805d-4044-ac37-3e2df9dbfbbe-5.exe [987040]
[MD5.BDC8838A03CDF69D00DBDC5A00866D53] [APT] [364a3a11-805d-4044-ac37-3e2df9dbfbbe-6] (.app.) -- C:\Program Files (x86)\Browser+ Apps+\364a3a11-805d-4044-ac37-3e2df9dbfbbe-6.exe [1229216]
[MD5.75A148DB0BA384F14DDECFB52A4D8F95] [APT] [364a3a11-805d-4044-ac37-3e2df9dbfbbe-7] (.app.) -- C:\Program Files (x86)\Browser+ Apps+\364a3a11-805d-4044-ac37-3e2df9dbfbbe-7.exe [1080736]
[MD5.FBB312C9DA3863673EC18F4AE4101778] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [267440]
[MD5.1D915D5E8E564B00C2AC53BE2805EB0B] [APT] [Digital Sites] (...) -- C:\Users\marie\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.exe [113152] =>Hijacker.DSite
[MD5.C5BAD28B0F6AB2C143BD253E5BAD8FA8] [APT] [e3ccad92-985e-4461-beca-6c8efa6945b5] (.app.) -- C:\Program Files (x86)\Browser+ Apps+\e3ccad92-985e-4461-beca-6c8efa6945b5.exe [346528]
[MD5.68B06D268F80EE8BB71BF0720CF3C1AC] [APT] [FZADMC] (.app.) -- C:\Users\marie\AppData\Roaming\FZADMC.exe [1929120]
[MD5.D858BA2EE718B1DB1CED20646E641D08] [APT] [globalUpdateUpdateTaskMachineCore] (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608]
[MD5.D858BA2EE718B1DB1CED20646E641D08] [APT] [globalUpdateUpdateTaskMachineUA] (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-3139943461-1601743475-248666631-1000Core] (.Google Inc..) -- C:\Users\marie\AppData\Local\Google\Update\GoogleUpdate.exe [136176]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-3139943461-1601743475-248666631-1000UA] (.Google Inc..) -- C:\Users\marie\AppData\Local\Google\Update\GoogleUpdate.exe [136176]
[MD5.00000000000000000000000000000000] [APT] [LaunchSignup] (...) -- C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe (.not file.) [0] =>PUP.JDIBackup
[MD5.BE3304B75DDD265279FF15D3A8513B40] [APT] [NewPlayer Update] (...) -- C:\Program Files (x86)\ver0NewPlayer\x9NewPlayerz40.exe [490496] =>Adware.NewPlayer
[MD5.2A68FABC6F7F5334690B185416651C08] [APT] [NewPlayer_wd] (...) -- C:\Program Files (x86)\ver0NewPlayer\C6NewPlayery.exe [255488] =>Adware.NewPlayer
[MD5.00000000000000000000000000000000] [APT] [Optimizer Pro Schedule] (...) -- C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe (.not file.) [0] =>PUP.OptimizerPro
[MD5.5D9D2A011C496F360F146D434D7322B9] [APT] [TQSP] (.app.) -- C:\Users\marie\AppData\Roaming\TQSP.exe [1484704]
[MD5.00000000000000000000000000000000] [APT] [{2B87FD9F-C03E-4119-80B0-CA42179D9BCA}] (...) -- F:\autorun\install.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{49E0863A-D8DC-43BA-8230-783DC6FCE85F}] (...) -- c:\program files (x86)\mozilla firefox\firefox.exe (.not file.) [0]
[MD5.58920E6A409046BA06548D9D139CE0F0] [APT] [{65D421A3-CE60-40E0-90CB-4A166C774348}] (.Skype Technologies S.A..) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608]
[MD5.00000000000000000000000000000000] [APT] [{6886030C-C721-493C-92ED-311FBDD5CAA0}] (...) -- C:\Users\marie\AppData\Roaming\webssearches\UninstallManager.exe (.not file.) [0] =>Hijacker.WebsSearches
[MD5.00000000000000000000000000000000] [APT] [{6A35874C-0322-4BB8-A22E-55D9A2F2C28A}] (...) -- C:\Users\marie\Desktop\FIXIO_PC_Cleaner_2010_Installer.exe (.not file.) [0]
[MD5.1FF033E93713C97593280B3B9537318D] [APT] [{E46FA74A-B3F3-4D16-96EF-E2B722D499DD}] (...) -- C:\Users\marie\Downloads\RegCleaner.exe [553687]
[MD5.00000000000000000000000000000000] [APT] [{EE2F2338-39EC-4CC2-A20A-732168D068D9}] (...) -- C:\Users\marie\Downloads\FIXIO_PC_Cleaner_2010_Installer.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F9A5D01B-AA74-4628-91E2-904963666CDA}] (...) -- C:\misezajour\Adobe Photoshop CS2 (9.0) Fr\Crack et Keygen\Crack Activation Photoshop CS2 Fr.exe (.not file.) [0]
[MD5.5111C2975C5FB818EF6CA7EC36BF818E] [APT] [Level4Daily] (.Sony Corporation.) -- C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2557296]
[MD5.5111C2975C5FB818EF6CA7EC36BF818E] [APT] [Level4Month] (.Sony Corporation.) -- C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2557296]
[MD5.48C4D7AAB7DEF7C825B78FD3A03561BE] [APT] [VAIO Gate] (.Sony Corporation.) -- C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [1364480]
[MD5.DE855170C93C70921021F0C949B70CFF] [APT] [VPM Logon Start] (.Sony Corporation.) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [480624]
[MD5.DE855170C93C70921021F0C949B70CFF] [APT] [VPM Session Change] (.Sony Corporation.) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [480624]
[MD5.DE855170C93C70921021F0C949B70CFF] [APT] [VPM Unlock] (.Sony Corporation.) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [480624]
O39 - APT: 1a10f082-58f5-4e2e-867a-bf33edb84ad8 - (...) -- C:\Windows\Tasks\1a10f082-58f5-4e2e-867a-bf33edb84ad8.job [620]
O39 - APT: 1a10f082-58f5-4e2e-867a-bf33edb84ad8 - (...) -- C:\Windows\System32\Tasks\1a10f082-58f5-4e2e-867a-bf33edb84ad8 [620]
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-1 - (.app.) -- C:\Windows\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-1.job [2758] =>PUP.CrossRider
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-1 - (.app.) -- C:\Windows\System32\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-1 [2758] =>PUP.CrossRider
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-11 - (.app.) -- C:\Windows\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-11.job [4482] =>PUP.CrossRider
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-11 - (.app.) -- C:\Windows\System32\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-11 [4482] =>PUP.CrossRider
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-2 - (.app.) -- C:\Windows\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-2.job [2096] =>PUP.CrossRider
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-2 - (.app.) -- C:\Windows\System32\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-2 [2096] =>PUP.CrossRider
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-3 - (.app.) -- C:\Windows\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-3.job [3120] =>PUP.CrossRider
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-3 - (.app.) -- C:\Windows\System32\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-3 [3120] =>PUP.CrossRider
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-4 - (.app.) -- C:\Windows\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-4.job [3800] =>PUP.CrossRider
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-4 - (.app.) -- C:\Windows\System32\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-4 [3800] =>PUP.CrossRider
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-5 - (.app.) -- C:\Windows\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-5.job [2432] =>PUP.CrossRider
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-5 - (.app.) -- C:\Windows\System32\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-5 [2432] =>PUP.CrossRider
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-5_user - (.app.) -- C:\Windows\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-5_user.job [2432] =>PUP.CrossRider
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-5_user - (.app.) -- C:\Windows\System32\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-5_user [2432] =>PUP.CrossRider
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-6 - (.app.) -- C:\Windows\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-6.job [3456] =>PUP.CrossRider
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-6 - (.app.) -- C:\Windows\System32\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-6 [3456] =>PUP.CrossRider
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-7 - (.app.) -- C:\Windows\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-7.job [3456] =>PUP.CrossRider
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-7 - (.app.) -- C:\Windows\System32\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-7 [3456] =>PUP.CrossRider
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: Digital Sites - (...) -- C:\Windows\Tasks\Digital Sites.job [292] =>Hijacker.DSite
O39 - APT: Digital Sites - (...) -- C:\Windows\System32\Tasks\Digital Sites [292] =>Hijacker.DSite
O39 - APT: e3ccad92-985e-4461-beca-6c8efa6945b5 - (.app.) -- C:\Windows\Tasks\e3ccad92-985e-4461-beca-6c8efa6945b5.job [1472] =>PUP.CrossRider
O39 - APT: e3ccad92-985e-4461-beca-6c8efa6945b5 - (.app.) -- C:\Windows\System32\Tasks\e3ccad92-985e-4461-beca-6c8efa6945b5 [1472] =>PUP.CrossRider
O39 - APT: FZADMC - (.app.) -- C:\Windows\Tasks\FZADMC.job [1338] =>PUP.CrossRider
O39 - APT: FZADMC - (.app.) -- C:\Windows\System32\Tasks\FZADMC [1338] =>PUP.CrossRider
O39 - APT: globalUpdateUpdateTaskMachineCore - (.globalUpdate.) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job [886]
O39 - APT: globalUpdateUpdateTaskMachineCore - (.globalUpdate.) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore [886]
O39 - APT: globalUpdateUpdateTaskMachineUA - (.globalUpdate.) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job [890]
O39 - APT: globalUpdateUpdateTaskMachineUA - (.globalUpdate.) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA [890]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1062]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1062]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1066]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1066]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-3139943461-1601743475-248666631-1000Core - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3139943461-1601743475-248666631-1000Core.job [1026]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-3139943461-1601743475-248666631-1000Core - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3139943461-1601743475-248666631-1000Core [1026]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-3139943461-1601743475-248666631-1000UA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3139943461-1601743475-248666631-1000UA.job [1078]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-3139943461-1601743475-248666631-1000UA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3139943461-1601743475-248666631-1000UA [1078]
O39 - APT: NewPlayer Update - (...) -- C:\Windows\Tasks\NewPlayer Update.job [406] =>Adware.NewPlayer
O39 - APT: NewPlayer Update - (...) -- C:\Windows\System32\Tasks\NewPlayer Update [406] =>Adware.NewPlayer
O39 - APT: NewPlayer_wd - (...) -- C:\Windows\Tasks\NewPlayer_wd.job [386] =>Adware.NewPlayer
O39 - APT: NewPlayer_wd - (...) -- C:\Windows\System32\Tasks\NewPlayer_wd [386] =>Adware.NewPlayer
O39 - APT: TQSP - (.app.) -- C:\Windows\Tasks\TQSP.job [1334] =>PUP.CrossRider
O39 - APT: TQSP - (.app.) -- C:\Windows\System32\Tasks\TQSP [1334] =>PUP.CrossRider
~ Scheduled Task: 237 Scanned in 00mn 06s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Java (Sun) [64Bits] - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 11 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\drivers\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (egyjvdfh) . (. - .) - C:\Windows\system32\drivers\egyjvdfh.sys (.not file.)
O41 - Driver: (kasepkan) . (. - .) - C:\Windows\system32\drivers\kasepkan.sys (.not file.)
O41 - Driver: McAfee Inc. mfehidk (mfehidk) . (.McAfee, Inc. - Host Intrusion Detection Link Driver.) - C:\Windows\System32\drivers\mfehidk.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - D

3 réponses

Réponse 1 / 3
Malekal_morte- Messages postés 180304 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 685
 
Salut,

Tu as installé des adwares et programmes parasites sur ton PC qui ouvrent des publicités et ralentissent l'ordinateur et les navigateurs WEB.
Voici la procédure à suivre pour les supprimer :

Télécharge https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start= AdwCleaner ( d'Xplode ) sur ton bureau.
Sur la page d'AdwCleaner, à droite, clic sur la disquette grise avec la flèche verte pour lancer le téléchargement.
Lance AdwCleaner, clique sur [Scanner].
Le scan peux durer plusieurs minutes, patienter.
Une fois le scan terminé, clique sur [Nettoyer]

Une fois le nettoyage terminé, un rapport s'ouvrira. Copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller.
Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message.

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt



puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
* Internet Explorer et modules complémentaires / moteurs de recherche : https://forum.malekal.com/viewtopic.php?t=41399&start=
* Firefox : https://www.malekal.com/reparer-firefox/?t=36057&start=
* Google Chrome : https://www.malekal.com/reparer-google-chrome/?t=35837&start=

0
Réponse 2 / 3
trippymarry Messages postés 2 Date d'inscription   Statut Membre Dernière intervention  
 
j ai effectué ce logiciel, ca m a redemarré mon pc et j ai google...
le rapport s est affiché, tiens :

# AdwCleaner v3.310 - Rapport créé le 17/09/2014 à 20:27:29
# Mis à jour le 12/09/2014 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : marie - THEVENIAU
# Exécuté depuis : C:\Users\marie\Downloads\adwcleaner_3.310.exe
# Option : Nettoyer

***** [ Services ] *****

[#] Service Supprimé : 70e6ca8c
[#] Service Supprimé : globalUpdate
[#] Service Supprimé : globalUpdatem
Service Supprimé : IePluginServices
Service Supprimé : MyOSProtect
Service Supprimé : NewPlayer
Service Supprimé : NewVideoPlayerUpdaterService
[#] Service Supprimé : ProtectMonitor
Service Supprimé : Scores
Service Supprimé : WindowsMangerProtect

***** [ Fichiers / Dossiers ] *****

Dossier Supprimé : C:\ProgramData\IePluginServices
Dossier Supprimé : C:\ProgramData\WindowsMangerProtect
Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyBestOffersToday
Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewPlayer
Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
Dossier Supprimé : C:\Program Files (x86)\globalUpdate
Dossier Supprimé : C:\Program Files (x86)\NewPlayer
Dossier Supprimé : C:\Program Files (x86)\PCTRunner
Dossier Supprimé : C:\Program Files (x86)\PepperZip
Dossier Supprimé : C:\Program Files (x86)\SupTab
Dossier Supprimé : C:\Program Files (x86)\mbot_fr_91
Dossier Supprimé : C:\Program Files (x86)\Browser+ Apps+
Dossier Supprimé : C:\Program Files (x86)\ver0NewPlayer
Dossier Supprimé : C:\Users\marie\AppData\Local\globalUpdate
Dossier Supprimé : C:\Users\marie\AppData\Local\NewPlayer
Dossier Supprimé : C:\Users\marie\AppData\Local\mbot_fr_91
Dossier Supprimé : C:\Users\marie\AppData\Local\Genesis_09151907
Dossier Supprimé : C:\Users\marie\AppData\Roaming\DigitalSites
Dossier Supprimé : C:\Users\marie\AppData\Roaming\VOPackage
Dossier Supprimé : C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PepperZip
Dossier Supprimé : C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
Dossier Supprimé : C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeibjhjmddgcdbniedjoghdgbofbecad
Fichier Supprimé : C:\monitor.exe
Fichier Supprimé : C:\monitorsvc.exe
Fichier Supprimé : C:\Windows\score.exe
Fichier Supprimé : C:\Windows\SysWOW64\MyOSProtect.dll
Fichier Supprimé : C:\Windows\SysWOW64\MyOSProtect.ini
Fichier Supprimé : C:\Windows\SysWOW64\MyOSProtectOff.ini
Fichier Supprimé : C:\Windows\System32\MyOSProtect64.dll
Fichier Supprimé : C:\Windows\System32\MyOSProtectOff.ini
Fichier Supprimé : C:\Users\marie\AppData\Local\mysearchdial-speeddial.crx
Fichier Supprimé : C:\Users\Public\Documents\rpidity.crx
Fichier Supprimé : C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx
Fichier Supprimé : C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_istart.webssearches.com_0.localstorage
Fichier Supprimé : C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_istart.webssearches.com_0.localstorage-journal
Fichier Supprimé : C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.betterdeals00.betterdeals.co_0.localstorage
Fichier Supprimé : C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.betterdeals00.betterdeals.co_0.localstorage-journal
Fichier Supprimé : C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Fichier Supprimé : C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Tâches planifiées ] *****

Tâche Supprimée : BitGuard
Tâche Supprimée : Digital Sites
Tâche Supprimée : globalUpdateUpdateTaskMachineCore
Tâche Supprimée : globalUpdateUpdateTaskMachineUA
Tâche Supprimée : LaunchSignup
Tâche Supprimée : NewPlayer Update
Tâche Supprimée : NewPlayer_wd
Tâche Supprimée : Optimizer Pro Schedule
Tâche Supprimée : 1a10f082-58f5-4e2e-867a-bf33edb84ad8
Tâche Supprimée : 364a3a11-805d-4044-ac37-3e2df9dbfbbe-1
Tâche Supprimée : 364a3a11-805d-4044-ac37-3e2df9dbfbbe-11
Tâche Supprimée : 364a3a11-805d-4044-ac37-3e2df9dbfbbe-2
Tâche Supprimée : 364a3a11-805d-4044-ac37-3e2df9dbfbbe-3
Tâche Supprimée : 364a3a11-805d-4044-ac37-3e2df9dbfbbe-4
Tâche Supprimée : 364a3a11-805d-4044-ac37-3e2df9dbfbbe-5
Tâche Supprimée : 364a3a11-805d-4044-ac37-3e2df9dbfbbe-5_user
Tâche Supprimée : 364a3a11-805d-4044-ac37-3e2df9dbfbbe-6
Tâche Supprimée : 364a3a11-805d-4044-ac37-3e2df9dbfbbe-7
Tâche Supprimée : e3ccad92-985e-4461-beca-6c8efa6945b5

***** [ Raccourcis ] *****


***** [ Registre ] *****

Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Clé Supprimée : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Clé Supprimée : HKLM\SOFTWARE\Classes\*\shell\filescout
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Clé Supprimée : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\pdfforgeToolbar-stub-1_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\pdfforgeToolbar-stub-1_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Clé Supprimée : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Clé Supprimée : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mbot_fr_91]
Valeur Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Genesis_09151907]
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422902282}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622442249}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422902282}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622442249}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
Donnée Restaurée : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Clé Supprimée : HKCU\Software\FIXIO PC Utilities
Clé Supprimée : HKCU\Software\genesis
Clé Supprimée : HKCU\Software\GlobalUpdate
Clé Supprimée : HKCU\Software\PepperZip
Clé Supprimée : HKCU\Software\SupHpUISoft
Clé Supprimée : HKCU\Software\AppDataLow\Software\Browser+ Apps+
Clé Supprimée : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Clé Supprimée : HKLM\SOFTWARE\GlobalUpdate
Clé Supprimée : HKLM\SOFTWARE\MyBestOffersToday
Clé Supprimée : HKLM\SOFTWARE\NewPlayer
Clé Supprimée : HKLM\SOFTWARE\SupDp
Clé Supprimée : HKLM\SOFTWARE\SupTab
Clé Supprimée : HKLM\SOFTWARE\supWindowsMangerProtect
Clé Supprimée : HKLM\SOFTWARE\supWPM
Clé Supprimée : HKLM\SOFTWARE\webssearchesSoftware
Clé Supprimée : HKLM\SOFTWARE\Browser+ Apps+
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Genesis_09151907
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NewPlayer
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PepperZip
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mbot_fr_91_is1
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Browser+ Apps+
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\280441B1-8ECF-C313-9D9C-944B5FF30E30
Clé Supprimée : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF

***** [ Navigateurs ] *****

-\\ Internet Explorer v11.0.9600.17280

Paramètre Restauré : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Paramètre Restauré : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Paramètre Restauré : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Paramètre Restauré : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Paramètre Restauré : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v

[ Fichier : C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Supprimée [Startup_urls] : hxxp://istart.webssearches.com/?type=hp&ts=1410808124&from=tugs&uid=TOSHIBAXMK3265GSX_40BJSED5SXX40BJSED5S
Supprimée [Extension] : eeibjhjmddgcdbniedjoghdgbofbecad
Supprimée [Extension] : pelmeidfhdlhlbjimpabfcbnnojbboma
Supprimée [Extension] : pflphaooapbgpeakohlggbpidpppgdff

*************************

AdwCleaner[R0].txt - [23323 octets] - [29/01/2014 21:31:08]
AdwCleaner[R1].txt - [26998 octets] - [16/09/2014 21:07:41]
AdwCleaner[R2].txt - [4756 octets] - [16/09/2014 21:20:57]
AdwCleaner[R3].txt - [21460 octets] - [17/09/2014 20:23:46]
AdwCleaner[S0].txt - [21873 octets] - [29/01/2014 21:37:04]
AdwCleaner[S1].txt - [4264 octets] - [16/09/2014 21:27:03]
AdwCleaner[S2].txt - [19687 octets] - [17/09/2014 20:27:29]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [19748 octets] ##########


que dois je fait maintenant? en tout cas merci beaucoup :)
0
Réponse 3 / 3
Malekal_morte- Messages postés 180304 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 685
 
ok, voici la suite :


Scan Malwarebytes (temps : environ 40min de scan):
==================================================
Télécharge et installe Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Mets le à jour puis lance un examen.

A la fin du scan, clic sur "Mettre tout en quarantaine" en bas à gauche.
Redémarre l'ordinateur si besoin.
Après redémarrage, relance Malwarebytes.
Vas chercher le rapport dans l'onglet Historique.
A gauche Journal des examens.
Doube-clic sur l'examen dans la liste.
Puis en bas Copier dans le presse papier
Vas sur http://pjjoint.malekal.com et en bas, clic droit / coller pour coller le rapport du scan Malwarebytes.
Clic sur envoyer.
Dans un nouveau message ici en réponse, donne le lien pjjoint afin de pouvoir consulter le rapport.



puis :


Faire un Scan OTL - Temps : Environ 40min
=====================
OTL permet de diagnostiquer les programmes qui tournent et déceler des infections - Le programme va générer deux rapports OTL.txt et Extras.txt
Fournir les deux rapports :

Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/

* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)


* Lance OTL
* En haut à droite de Analyse rapide, coche "tous les utilisateurs"
* Sur OTL, sous Personnalisation, copie-colle le script ci-dessous :



netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%ALLUSERSPROFILE%\Application Data\*.dll /s
%APPDATA%\*.
%PROGRAMFILES%\*.
%PROGRAMDATA%\*.
%APPDATA%\*.exe /s
%temp%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\consrv.dll
%systemroot%\system32\*.dll /lockedfiles
%windir%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
services.exe
wininit.exe
/md5stop
HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32 /s
HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList /s
HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor /s
HKEY_CURRENT_USER\Software\Microsoft\Command Processor /s
CREATERESTOREPOINT
nslookup www.google.fr /c
ping www.google.fr /c
ipconfig /all /c
SAVEMBR:0
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs



* Clique sur le bouton Analyse.

**** Si durant le scan - OTL ne répond pas, ne touche à rien et laisse le scan se poursuivre ****

* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer le rapport OTL.txt (et Extra.txt si présent).
Donne le ou les liens pjjoint qui pointent vers ces rapports ici dans une réponse.
Je répète : donne le lien du rapport pjjoint ici en réponse.

NE PAS COPIER/COLLER LE RAPPORT ICI - DONNER LE LIEN PJJOINT DANS UN NOUVEAU MESSAGE


0