Sujet Précédent Sujet Suivant

HELP websearches!!!!

Fermé
trippymarry Messages postés 2 Date d'inscription mercredi 17 septembre 2014 Statut Membre Dernière intervention 17 septembre 2014 - 17 sept. 2014 à 20:19
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 17 sept. 2014 à 21:38
Bonjour,

j'ai vraiment besoin de quelqu'un qui m'aide a me debarasser de websearches ! j ai fait touts les choses que j ai lu sur les forums et il est tjs la!
j'ai mon rapport de ZHPdiag qui est ci dessous :

~ Rapport de ZHPDiag v2014.9.14.133 - Nicolas Coolman (10/09/2014)
~ Lancé par marie (17/09/2014 19:37:29)
~ Adresse du Site Web https://nicolascoolman.eu
~ Adresse du Forum https://nicolascoolman.eu
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17280

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : CGKHQ
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
Malwarebytes' Anti-Malware
Microsoft Security Client FR-FR Language Pack v2.1.1116.0
Windows Defender W7 (Deactivate)

---\\ Logiciels d'optimisation du système
CCleaner v2.35

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 15 Plugin
Adobe Reader X

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 37 Stepping 2, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3950 MB (44% free)
System Restore: Activé (Enable)
System drive C: has 64 GB (22%) free of 287 GB

---\\ Mode de connexion au système
~ Computer Name: THEVENIAU
~ User Name: marie
~ All Users Names: marie, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\marie\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\marie\AppData\Roaming\
~ %Desktop% : C:\Users\marie\Desktop\
~ %Favorites% : C:\Users\marie\Favorites\
~ %LocalAppData% : C:\Users\marie\AppData\Local\
~ %StartMenu% : C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 64 Go of 287 Go)
D: Floppy drive, Flash card reader, USB Key (Not Inserted)
E: Floppy drive, Flash card reader, USB Key (Not Inserted)
F: CD-ROM drive (Free 0 Go of 7 Go)
H: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 49 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.39EBB9708453036A74C30C9A294023FF] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.18/08/2014 - 22:15:13.) -- C:\Windows\System32\wininet.dll [2310656]
[MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.04/03/2014 - 10:43:50.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/4067
~ Mes musiques (My Musics) : 1/1874
~ Mes Videos (My Videos) : 1/3
~ Mes Favoris (My Favorites) : 1/162
~ Mes Documents (My Documents) : 1/16887
~ Mon Bureau (My Desktop) : 2/11937
~ Menu demarrer (Programs) : 1/102
~ Hidden Files: Scanned in 00mn 06s



---\\ Processus lancés
[MD5.112854FD524F472159E8F32548A7F62D] - (...) -- C:\Program Files (x86)\SupTab\HpUI.exe [733576] [PID.1964] =>PUP.SupTab
[MD5.2A68FABC6F7F5334690B185416651C08] - (...) -- C:\Program Files (x86)\ver0NewPlayer\C6NewPlayery.exe [255488] [PID.2156] =>Adware.NewPlayer
[MD5.D46415CD75DDA09F0A17D2FDA2235CB0] - (...) -- C:\Program Files (x86)\SupTab\Loader32.exe [64000] [PID.2880] =>PUP.SupTab
[MD5.AA0401A82399F18BFE0DD0672AC5AB01] - (.MediaFire LLC - systray.) -- C:\Users\marie\AppData\Local\MediaFire Express\mf_systray.exe [2349640] [PID.3880]
[MD5.7A6A4EDC0CEF9DE9CAFFDFE36D991FD4] - (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\marie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752] [PID.4088]
[MD5.5C34D25066BB1C424C8C5896C05657BE] - (...) -- C:\Users\marie\AppData\Local\Genesis_09151907\Genesis_09151907.exe [2707456] [PID.2528] =>PUP.Genesis
[MD5.5EA80B00E1F5931641E8B95A23B7342D] - (.Orbiscom Ltd. All rights reserved. - ECBL Client.) -- C:\Program Files (x86)\e-Carte Bleue LCL\ecbl-lcl.exe [278528] [PID.3532]
[MD5.E466354B25D53583E04BE278A8667415] - (.A Note - A Note.) -- C:\Program Files (x86)\A Note\A Note.exe [647168] [PID.3728]
[MD5.F81BB17F053CCF309C49107B0B09F2DA] - (.Sony Corporation - Media Check Tool.) -- C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe [597792] [PID.2272]
[MD5.6C72E91639AA9D190CDA13D389FE7827] - (.Sony Corporation - Pas de description.) -- C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe [320880] [PID.3472]
[MD5.EF4BF6AB09A06867104DAC48DF35E779] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696] [PID.1952]
[MD5.3EAE79F9C5FB21F0B4231832FA6FED28] - (.Evernote Corp., 305 Walnut Street, Redwood - Evernote Clipper.) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe [1107808] [PID.3456]
[MD5.A1ED44DABCD252B95CD09487B65F734C] - (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe [640376] [PID.3908]
[MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.exe [97680] [PID.3896]
[MD5.C7F05A3FD4A8DC4EE7A7866876E1534C] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968] [PID.2452]
[MD5.FFB2F4E0B28D40A726FC2159E1466C30] - (...) -- C:\Program Files (x86)\mbot_fr_91\mbot_fr_91.exe [3973576] [PID.1844] =>PUP.CrossRider
[MD5.7D6D3605CEB50D5DA275EDE9349F549F] - (.Sony Corporation - SHTtray.) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [99624] [PID.2008]
[MD5.0BB6A06204C0559BBD71BEFD5CD637ED] - (...) -- C:\Users\marie\AppData\Local\MediaFire Express\mf_daemon.exe [2433608] [PID.6848]
[MD5.A917431C32865D7E35DAFB5D8F556F60] - (...) -- C:\Users\marie\AppData\Local\MediaFire Express\mf_status.exe [2084424] [PID.3060]
[MD5.B08EDAF32A5C526BA52D3AFF9BFD37D1] - (.MediaFire - MediaFire Uploader.) -- C:\Users\marie\AppData\Local\MediaFire Express\mf_services.exe [3302984] [PID.6992]
[MD5.4D96F6F7508BDF46771262EEEA505F98] - (.Sony of America Corporation - VaioCare Window Listener Application.) -- C:\Program Files\Sony\VAIO Care\listener.exe [81016] [PID.7540]
[MD5.B05B0C00659D9342CCD23637E11CC8CA] - (...) -- C:\Users\marie\Downloads\Player Setup.exe [1055472] [PID.12476]
[MD5.F8BFA29D0F02CB800F48CD90091B95B8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8104448] [PID.22272]
[MD5.1D915D5E8E564B00C2AC53BE2805EB0B] - (...) -- C:\Users\marie\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe [113152] [PID.22480] =>Hijacker.DSite
[MD5.1938AF3906C6241CDB5BB14C417E9E15] - (.Microsoft Corporation - Microsoft Office Word.) -- C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.exe [409776] [PID.21480]
[MD5.AC08A03D7E579E2903925736E7AB48F2] - (.Google Inc. - Google Chrome.) -- C:\Users\marie\AppData\Local\Google\Chrome\Application\chrome.exe [852808] [PID.21672]
[MD5.5E0C29FCD859AB8D5B1C859F034D8F2F] - (.Cherished Technololgy LIMITED - IePlugin Service.) -- C:\ProgramData\IePluginServices\PluginService.exe [715656] [PID.1456] =>PUP.IePluginService
[MD5.397B966BBCA15D72AE702FDF31D02F99] - (.Fuyu LIMITED - WindowsProtectManger Service.) -- C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896] [PID.1612] =>PUP.Fuyu
[MD5.C5BAD28B0F6AB2C143BD253E5BAD8FA8] - (.app - Browser+ Apps+ exe.) -- C:\Program Files (x86)\Browser+ Apps+\e3ccad92-985e-4461-beca-6c8efa6945b5.exe [346528] [PID.2280]
[MD5.5460828F8951D310B42B442877603B8D] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [268824] [PID.3156]
[MD5.59ADC3A2C8BCFA67E78299869F1D48FC] - (...) -- C:\Program Files (x86)\ver0NewPlayer\L7NewPlayerHJ178.exe [291840] [PID.3216] =>Adware.NewPlayer
[MD5.627FA58ADC043704F9D14CA44340956F] - (.Sony Corporation - Device Information Provider.) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [360224] [PID.2092]
[MD5.1ABE08B289452D24884530C03839183A] - (...) -- C:\monitor.exe [487483] [PID.3828]
[MD5.5361FCBCC3F9BA07C852DEE963F1E1F4] - (...) -- C:\Windows\score.exe [4823040] [PID.4308]
[MD5.E5C796B621F6FBA8616511063D7F0FFE] - (.StarWind Software - StarWind iSCSI Target (Alcohol Edition).) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688] [PID.4408]
[MD5.747E60B773E95F6C93D5621B550D6865] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [92008] [PID.4468]
[MD5.63F6D08C54D5B3C1B12A6172032055C7] - (.ArcSoft, Inc. - MgiSvr.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960] [PID.4576]
[MD5.6B31C9CB94927DBEEB62E15275F4CC54] - (.Sony Corporation - VAIO Event Service (Service Module).) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe [205168] [PID.4604]
[MD5.6A740F5FF3246C3BE3DD317299EFC88E] - (.Sony Corporation - VAIO Content Folder Watcher.) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [642416] [PID.4648]
[MD5.10E212BFB7EAB152A64C1AAEC2F7F4E0] - (.Sony Corporation - VCM Intelligent Analyzing Manager.) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [529776] [PID.4684]
[MD5.D8BEF4AC1EAC809DBDBD441D6CFF6C4C] - (.Sony Corporation - VAIO Entertainment Database Service.) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [206336] [PID.4820]
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\SysWOW64\DllHost.exe [7168] [PID.4884]
[MD5.CC800D2D9FD467542BAC7C186C4774AD] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13336] [PID.4940]
[MD5.7CD368DFF5D7D4BA9F8F46F31EA8877D] - (.Sony Corporation - VAIO Event Service(Service Sub Module).) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe [112488] [PID.2952]
[MD5.411F9EEF72CACD4E76431B282099A3A6] - (.MyOSCompany - Pas de description.) -- C:\Program Files (x86)\PCTRunner\MyOSProtect.exe [1317096] [PID.7048]
[MD5.D347D3ABE070AA09C22FC37121555D52] - (.Sony Corporation - VAIOCare.) -- C:\Program Files\Sony\VAIO Care\VCService.exe [44736] [PID.2820]
[MD5.C5679E5186B2FC95BC76A8A9870D5456] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [64704] [PID.5212]
[MD5.9E89C2D6945389270DE067CE51FF7425] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2320920] [PID.7628]
~ Processes Running: Scanned in 00mn 02s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][StartupURLs] http://www.webpageing.com/?type=hp&ts=1410808124&from=tugs&uid=TOSHIBAXMK3265GSX_40BJSED5SXX40BJSED5S =>Hijacker.WebsSearches
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Docs v.0.7 (Activé)
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activé)
G2 - GCE: Preference [User Data\Default] [bepbmhgboaologfdajaanbcjmnhjmhfn] Google Voice Search Hotword (Beta) v.0.1.1.5023, (Désactivé)
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé)
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activé)
G2 - GCE: Preference [User Data\Default] [dnhpdliibojhegemfjheidglijccjfmc] hotword helper v.0.0.2.0 (Activé)
G2 - GCE: Preference [User Data\Default] [eeibjhjmddgcdbniedjoghdgbofbecad] Plus-HD-5.7 v.1.26.12, (Activé) =>Adware.PlusHD
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [fnefekibahpibgnllfjpckodgobkpije] ObviousIdea v.2.0 (Désactivé)
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [kmendfapggjehodndflmmgagdbamhnfd] CryptoTokenExtension v.0.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Skype Click to Call v.7.3.16540.9015, (Désactivé)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mfffpogegjflfpflabcdkioaeobkgjik] GaiaAuthExtension v.0.0.1, (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pelmeidfhdlhlbjimpabfcbnnojbboma] Quick start v.4.5.7, (Désactivé) =>PUP.QuickStart
G2 - GCE: Preference [User Data\Default] [pflphaooapbgpeakohlggbpidpppgdff] MySearchDial v.9.4.10.0 (Désactivé) =>Adware.MyWebSearch
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activé)

---\\ Liste des dossiers d'extension Google Chrome
G2 - EXT: C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [Google Docs]
G2 - EXT: C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [Google Drive]
G2 - EXT: C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [Google Voice Search Hotword (Beta)]
G2 - EXT: C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [YouTube]
G2 - EXT: C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [Recherche Google]
G2 - EXT: C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeibjhjmddgcdbniedjoghdgbofbecad [Plus-HD-5.7] =>Adware.PlusHD
G2 - EXT: C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [Skype Click to Call]
G2 - EXT: C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [Google Wallet]
G2 - EXT: C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [Gmail]
~ Google Lines Browser: 101 Scanned in 00mn 07s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M3 - MFPP: Plugins - [marie] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo.xml
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll
P2 - FPN: [HKLM] [@divx.com/DivX VOD Helper,version=1.0.0] - (.DivX, LLC. - DivX VOD Helper Plug-in.) -- C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30514.0.) -- c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\marie\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\marie\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll
~ Firefox Browser: 8 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com =>Hijacker.WebsSearches
R0 - HKCU\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.rpidity.com =>Adware.Boxore
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) [64Bits] - {ef79f67a-6ad7-4715-a0f8-932fca442023} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
~ IE Browser: 22 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:14192;https=127.0.0.1:14192 =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (38)
~ Hosts File: Scanned in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: IETabPage Class [64Bits] - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} . (.Thinknice Co. Limited - SupTab setup package.) -- C:\Program Files (x86)\SupTab\SupTab.dll =>PUP.SupTab
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Evernote extension [64Bits] - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} . (.Evernote Corp., 305 Walnut Street, Redwood - Evernote Clipper for Microsoft Internet Exp.) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Windows Live Messenger Companion Helper [64Bits] - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper [64Bits] - {AE7CD045-E861-484f-8273-0445EE161910} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect [64Bits] - {F4971EE7-DAA0-4053-9964-665D8EE6A077} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
~ BHO: 27 Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{47833539-D0C5-4125-9FA8-0819E2EAAC93} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{EF79F67A-6AD7-4715-A0F8-932FCA442023} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [Apoint] C:\Program Files (x86)\Apoint\Apoint.exe (.not file.)
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\marie\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [MediaFire Tray] . (.MediaFire LLC - systray.) -- C:\Users\marie\AppData\Local\MediaFire Express\mf_systray.exe
O4 - HKCU\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virual Drive Auto-mount Service.) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\marie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
O4 - HKCU\..\Run: [genesis_09151907] . (...) -- c:\users\marie\appdata\local\genesis_09151907\genesis_09151907.exe =>PUP.Genesis
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [PMBVolumeWatcher] . (.Sony Corporation - Media Check Tool.) -- C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Wow6432Node\Run: [McENUI] C:\Program Files (x86)\McAfee\MHN\McENUI.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [mcagent_exe] C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [ISBMgr.exe] . (.Sony Corporation - Pas de description.) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Wow6432Node\Run: [Acrobat Assistant 8.0] . (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [Nikon Message Center 2] . (.Nikon Corporation - Nikon Message Center 2.) -- C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Acrobat Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [DivXMediaServer] . (.DivX, LLC - DivX DLNA Media Server.) -- C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Wow6432Node\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [mbot_fr_91] . (...) -- C:\Program Files (x86)\mbot_fr_91\mbot_fr_91.exe =>PUP.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [SHTtray.exe] . (.Sony Corporation - SHTtray.) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3139943461-1601743475-248666631-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\marie\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKUS\S-1-5-21-3139943461-1601743475-248666631-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-3139943461-1601743475-248666631-1000\..\Run: [MediaFire Tray] . (.MediaFire LLC - systray.) -- C:\Users\marie\AppData\Local\MediaFire Express\mf_systray.exe
O4 - HKUS\S-1-5-21-3139943461-1601743475-248666631-1000\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virual Drive Auto-mount Service.) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe
O4 - HKUS\S-1-5-21-3139943461-1601743475-248666631-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3139943461-1601743475-248666631-1000\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\marie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
O4 - HKUS\S-1-5-21-3139943461-1601743475-248666631-1000\..\Run: [genesis_09151907] . (...) -- c:\users\marie\appdata\local\genesis_09151907\genesis_09151907.exe =>PUP.Genesis
~ Application: Scanned in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 [64Bits] - {A95fe080-8f5d-11d2-a20b-00aa003c157a} . (.Evernote Corp., 305 Walnut Street, Redwood - Evernote Clipper for Microsoft Internet Explorer.) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteIEx64.dll
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 [64Bits] - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 9 Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A708873B-716A-44B3-B1C9-47A070C18931}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 =>.Google DNS Redirections
O17 - HKLM\System\CCS\Services\Tcpip\..\{BB704E9C-4CBC-4B7F-96A0-AED759373D1A}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\..\{EE3BB949-9377-4704-8BAB-2354FCAAE36F}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS1\Services\Tcpip\..\{A708873B-716A-44B3-B1C9-47A070C18931}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 =>.Google DNS Redirections
O17 - HKLM\System\CS1\Services\Tcpip\..\{BB704E9C-4CBC-4B7F-96A0-AED759373D1A}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CS1\Services\Tcpip\..\{EE3BB949-9377-4704-8BAB-2354FCAAE36F}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS2\Services\Tcpip\..\{A708873B-716A-44B3-B1C9-47A070C18931}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 =>.Google DNS Redirections
O17 - HKLM\System\CS2\Services\Tcpip\..\{2662349C-CB43-4175-BE45-A996701B0AC8}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{BB704E9C-4CBC-4B7F-96A0-AED759373D1A}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CS2\Services\Tcpip\..\{EE3BB949-9377-4704-8BAB-2354FCAAE36F}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Optimizer Pro Crash Monitor (70e6ca8c) . (...) - c:\Program Files (x86)\Optimizer Pro\OptProCrash.dll (.not file.) =>PUP.OptimizerPro
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe
O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) . (.globalUpdate - globalUpdate Update.) - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IePlugin Services (IePluginServices) . (.Cherished Technololgy LIMITED - IePlugin Service.) - C:\ProgramData\IePluginServices\PluginService.exe =>PUP.IePluginService
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: NewPlayer (NewPlayer) . (...) - C:\Program Files (x86)\ver0NewPlayer\L7NewPlayerHJ178.exe =>Adware.NewPlayer
O23 - Service: NewVideoPlayer Updater Service (NewVideoPlayerUpdaterService) . (.Pas de propriétaire - NewVideoPlayerUpdaterService.) - C:\Program Files (x86)\NewPlayer\NewVideoPlayerUpdaterService.exe =>Adware.NewPlayer
O23 - Service: PMBDeviceInfoProvider (PMBDeviceInfoProvider) . (.Sony Corporation - Device Information Provider.) - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: Protect Monitor (ProtectMonitor) . (...) - C:\monitorsvc.exe
O23 - Service: Roxio Upnp Server 10 (Roxio Upnp Server 10) . (.Sonic Solutions - RoxioUpnpService10 Module.) - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: VAIO Care Performance Service (SampleCollector) . (.Sony Corporation - VAIO Care Performance Service.) - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
O23 - Service: scores (scores) . (...) - C:\Windows\score.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) . (.StarWind Software - StarWind iSCSI Target (Alcohol Edition).) - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: TomTomHOMEService (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: CamMonitor (uCamMonitor) . (.ArcSoft, Inc. - MgiSvr.) - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: Intel(R) Management & Security Application User Notificatio (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: VAIO Event Service (VAIO Event Service) . (.Sony Corporation - VAIO Event Service (Service Module).) - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Content Folder Watcher (VCFw) . (.Sony Corporation - VAIO Content Folder Watcher.) - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) . (.Sony Corporation - VCM Intelligent Analyzing Manager.) - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VSNService (VSNService) . (.Sony Corporation - VAIO Smart Network Service.) - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) . (.Sony Corporation - VAIO Entertainment Database Service.) - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) . (.Fuyu LIMITED - WindowsProtectManger Service.) - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Fuyu
~ Services: 26 Scanned in 00mn 10s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.0309013B9EC230AA6F4B8528277C761E] [APT] [1a10f082-58f5-4e2e-867a-bf33edb84ad8] (...) -- C:\Program Files (x86)\Browser+ Apps+\1a10f082-58f5-4e2e-867a-bf33edb84ad8.exe [32160]
[MD5.75A148DB0BA384F14DDECFB52A4D8F95] [APT] [364a3a11-805d-4044-ac37-3e2df9dbfbbe-1] (.app.) -- C:\Program Files (x86)\Browser+ Apps+\Browser+ Apps+-codedownloader.exe [1080736]
[MD5.68B06D268F80EE8BB71BF0720CF3C1AC] [APT] [364a3a11-805d-4044-ac37-3e2df9dbfbbe-11] (.app.) -- C:\Program Files (x86)\Browser+ Apps+\364a3a11-805d-4044-ac37-3e2df9dbfbbe-11.exe [1929120]
[MD5.4E644E373E06A69715D508264ECC08F3] [APT] [364a3a11-805d-4044-ac37-3e2df9dbfbbe-2] (.app.) -- C:\Program Files (x86)\Browser+ Apps+\364a3a11-805d-4044-ac37-3e2df9dbfbbe-2.exe [908704]
[MD5.68B06D268F80EE8BB71BF0720CF3C1AC] [APT] [364a3a11-805d-4044-ac37-3e2df9dbfbbe-3] (.app.) -- C:\Program Files (x86)\Browser+ Apps+\364a3a11-805d-4044-ac37-3e2df9dbfbbe-3.exe [1929120]
[MD5.5D9D2A011C496F360F146D434D7322B9] [APT] [364a3a11-805d-4044-ac37-3e2df9dbfbbe-4] (.app.) -- C:\Program Files (x86)\Browser+ Apps+\364a3a11-805d-4044-ac37-3e2df9dbfbbe-4.exe [1484704]
[MD5.2F08053B17A49EF40754EC44D54D12F5] [APT] [364a3a11-805d-4044-ac37-3e2df9dbfbbe-5] (.app.) -- C:\Program Files (x86)\Browser+ Apps+\364a3a11-805d-4044-ac37-3e2df9dbfbbe-5.exe [987040]
[MD5.2F08053B17A49EF40754EC44D54D12F5] [APT] [364a3a11-805d-4044-ac37-3e2df9dbfbbe-5_user] (.app.) -- C:\Program Files (x86)\Browser+ Apps+\364a3a11-805d-4044-ac37-3e2df9dbfbbe-5.exe [987040]
[MD5.BDC8838A03CDF69D00DBDC5A00866D53] [APT] [364a3a11-805d-4044-ac37-3e2df9dbfbbe-6] (.app.) -- C:\Program Files (x86)\Browser+ Apps+\364a3a11-805d-4044-ac37-3e2df9dbfbbe-6.exe [1229216]
[MD5.75A148DB0BA384F14DDECFB52A4D8F95] [APT] [364a3a11-805d-4044-ac37-3e2df9dbfbbe-7] (.app.) -- C:\Program Files (x86)\Browser+ Apps+\364a3a11-805d-4044-ac37-3e2df9dbfbbe-7.exe [1080736]
[MD5.FBB312C9DA3863673EC18F4AE4101778] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [267440]
[MD5.1D915D5E8E564B00C2AC53BE2805EB0B] [APT] [Digital Sites] (...) -- C:\Users\marie\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.exe [113152] =>Hijacker.DSite
[MD5.C5BAD28B0F6AB2C143BD253E5BAD8FA8] [APT] [e3ccad92-985e-4461-beca-6c8efa6945b5] (.app.) -- C:\Program Files (x86)\Browser+ Apps+\e3ccad92-985e-4461-beca-6c8efa6945b5.exe [346528]
[MD5.68B06D268F80EE8BB71BF0720CF3C1AC] [APT] [FZADMC] (.app.) -- C:\Users\marie\AppData\Roaming\FZADMC.exe [1929120]
[MD5.D858BA2EE718B1DB1CED20646E641D08] [APT] [globalUpdateUpdateTaskMachineCore] (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608]
[MD5.D858BA2EE718B1DB1CED20646E641D08] [APT] [globalUpdateUpdateTaskMachineUA] (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-3139943461-1601743475-248666631-1000Core] (.Google Inc..) -- C:\Users\marie\AppData\Local\Google\Update\GoogleUpdate.exe [136176]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-3139943461-1601743475-248666631-1000UA] (.Google Inc..) -- C:\Users\marie\AppData\Local\Google\Update\GoogleUpdate.exe [136176]
[MD5.00000000000000000000000000000000] [APT] [LaunchSignup] (...) -- C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe (.not file.) [0] =>PUP.JDIBackup
[MD5.BE3304B75DDD265279FF15D3A8513B40] [APT] [NewPlayer Update] (...) -- C:\Program Files (x86)\ver0NewPlayer\x9NewPlayerz40.exe [490496] =>Adware.NewPlayer
[MD5.2A68FABC6F7F5334690B185416651C08] [APT] [NewPlayer_wd] (...) -- C:\Program Files (x86)\ver0NewPlayer\C6NewPlayery.exe [255488] =>Adware.NewPlayer
[MD5.00000000000000000000000000000000] [APT] [Optimizer Pro Schedule] (...) -- C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe (.not file.) [0] =>PUP.OptimizerPro
[MD5.5D9D2A011C496F360F146D434D7322B9] [APT] [TQSP] (.app.) -- C:\Users\marie\AppData\Roaming\TQSP.exe [1484704]
[MD5.00000000000000000000000000000000] [APT] [{2B87FD9F-C03E-4119-80B0-CA42179D9BCA}] (...) -- F:\autorun\install.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{49E0863A-D8DC-43BA-8230-783DC6FCE85F}] (...) -- c:\program files (x86)\mozilla firefox\firefox.exe (.not file.) [0]
[MD5.58920E6A409046BA06548D9D139CE0F0] [APT] [{65D421A3-CE60-40E0-90CB-4A166C774348}] (.Skype Technologies S.A..) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608]
[MD5.00000000000000000000000000000000] [APT] [{6886030C-C721-493C-92ED-311FBDD5CAA0}] (...) -- C:\Users\marie\AppData\Roaming\webssearches\UninstallManager.exe (.not file.) [0] =>Hijacker.WebsSearches
[MD5.00000000000000000000000000000000] [APT] [{6A35874C-0322-4BB8-A22E-55D9A2F2C28A}] (...) -- C:\Users\marie\Desktop\FIXIO_PC_Cleaner_2010_Installer.exe (.not file.) [0]
[MD5.1FF033E93713C97593280B3B9537318D] [APT] [{E46FA74A-B3F3-4D16-96EF-E2B722D499DD}] (...) -- C:\Users\marie\Downloads\RegCleaner.exe [553687]
[MD5.00000000000000000000000000000000] [APT] [{EE2F2338-39EC-4CC2-A20A-732168D068D9}] (...) -- C:\Users\marie\Downloads\FIXIO_PC_Cleaner_2010_Installer.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F9A5D01B-AA74-4628-91E2-904963666CDA}] (...) -- C:\misezajour\Adobe Photoshop CS2 (9.0) Fr\Crack et Keygen\Crack Activation Photoshop CS2 Fr.exe (.not file.) [0]
[MD5.5111C2975C5FB818EF6CA7EC36BF818E] [APT] [Level4Daily] (.Sony Corporation.) -- C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2557296]
[MD5.5111C2975C5FB818EF6CA7EC36BF818E] [APT] [Level4Month] (.Sony Corporation.) -- C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2557296]
[MD5.48C4D7AAB7DEF7C825B78FD3A03561BE] [APT] [VAIO Gate] (.Sony Corporation.) -- C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [1364480]
[MD5.DE855170C93C70921021F0C949B70CFF] [APT] [VPM Logon Start] (.Sony Corporation.) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [480624]
[MD5.DE855170C93C70921021F0C949B70CFF] [APT] [VPM Session Change] (.Sony Corporation.) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [480624]
[MD5.DE855170C93C70921021F0C949B70CFF] [APT] [VPM Unlock] (.Sony Corporation.) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [480624]
O39 - APT: 1a10f082-58f5-4e2e-867a-bf33edb84ad8 - (...) -- C:\Windows\Tasks\1a10f082-58f5-4e2e-867a-bf33edb84ad8.job [620]
O39 - APT: 1a10f082-58f5-4e2e-867a-bf33edb84ad8 - (...) -- C:\Windows\System32\Tasks\1a10f082-58f5-4e2e-867a-bf33edb84ad8 [620]
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-1 - (.app.) -- C:\Windows\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-1.job [2758] =>PUP.CrossRider
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-1 - (.app.) -- C:\Windows\System32\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-1 [2758] =>PUP.CrossRider
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-11 - (.app.) -- C:\Windows\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-11.job [4482] =>PUP.CrossRider
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-11 - (.app.) -- C:\Windows\System32\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-11 [4482] =>PUP.CrossRider
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-2 - (.app.) -- C:\Windows\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-2.job [2096] =>PUP.CrossRider
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-2 - (.app.) -- C:\Windows\System32\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-2 [2096] =>PUP.CrossRider
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-3 - (.app.) -- C:\Windows\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-3.job [3120] =>PUP.CrossRider
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-3 - (.app.) -- C:\Windows\System32\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-3 [3120] =>PUP.CrossRider
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-4 - (.app.) -- C:\Windows\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-4.job [3800] =>PUP.CrossRider
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-4 - (.app.) -- C:\Windows\System32\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-4 [3800] =>PUP.CrossRider
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-5 - (.app.) -- C:\Windows\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-5.job [2432] =>PUP.CrossRider
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-5 - (.app.) -- C:\Windows\System32\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-5 [2432] =>PUP.CrossRider
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-5_user - (.app.) -- C:\Windows\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-5_user.job [2432] =>PUP.CrossRider
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-5_user - (.app.) -- C:\Windows\System32\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-5_user [2432] =>PUP.CrossRider
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-6 - (.app.) -- C:\Windows\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-6.job [3456] =>PUP.CrossRider
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-6 - (.app.) -- C:\Windows\System32\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-6 [3456] =>PUP.CrossRider
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-7 - (.app.) -- C:\Windows\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-7.job [3456] =>PUP.CrossRider
O39 - APT: 364a3a11-805d-4044-ac37-3e2df9dbfbbe-7 - (.app.) -- C:\Windows\System32\Tasks\364a3a11-805d-4044-ac37-3e2df9dbfbbe-7 [3456] =>PUP.CrossRider
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: Digital Sites - (...) -- C:\Windows\Tasks\Digital Sites.job [292] =>Hijacker.DSite
O39 - APT: Digital Sites - (...) -- C:\Windows\System32\Tasks\Digital Sites [292] =>Hijacker.DSite
O39 - APT: e3ccad92-985e-4461-beca-6c8efa6945b5 - (.app.) -- C:\Windows\Tasks\e3ccad92-985e-4461-beca-6c8efa6945b5.job [1472] =>PUP.CrossRider
O39 - APT: e3ccad92-985e-4461-beca-6c8efa6945b5 - (.app.) -- C:\Windows\System32\Tasks\e3ccad92-985e-4461-beca-6c8efa6945b5 [1472] =>PUP.CrossRider
O39 - APT: FZADMC - (.app.) -- C:\Windows\Tasks\FZADMC.job [1338] =>PUP.CrossRider
O39 - APT: FZADMC - (.app.) -- C:\Windows\System32\Tasks\FZADMC [1338] =>PUP.CrossRider
O39 - APT: globalUpdateUpdateTaskMachineCore - (.globalUpdate.) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job [886]
O39 - APT: globalUpdateUpdateTaskMachineCore - (.globalUpdate.) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore [886]
O39 - APT: globalUpdateUpdateTaskMachineUA - (.globalUpdate.) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job [890]
O39 - APT: globalUpdateUpdateTaskMachineUA - (.globalUpdate.) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA [890]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1062]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1062]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1066]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1066]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-3139943461-1601743475-248666631-1000Core - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3139943461-1601743475-248666631-1000Core.job [1026]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-3139943461-1601743475-248666631-1000Core - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3139943461-1601743475-248666631-1000Core [1026]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-3139943461-1601743475-248666631-1000UA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3139943461-1601743475-248666631-1000UA.job [1078]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-3139943461-1601743475-248666631-1000UA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3139943461-1601743475-248666631-1000UA [1078]
O39 - APT: NewPlayer Update - (...) -- C:\Windows\Tasks\NewPlayer Update.job [406] =>Adware.NewPlayer
O39 - APT: NewPlayer Update - (...) -- C:\Windows\System32\Tasks\NewPlayer Update [406] =>Adware.NewPlayer
O39 - APT: NewPlayer_wd - (...) -- C:\Windows\Tasks\NewPlayer_wd.job [386] =>Adware.NewPlayer
O39 - APT: NewPlayer_wd - (...) -- C:\Windows\System32\Tasks\NewPlayer_wd [386] =>Adware.NewPlayer
O39 - APT: TQSP - (.app.) -- C:\Windows\Tasks\TQSP.job [1334] =>PUP.CrossRider
O39 - APT: TQSP - (.app.) -- C:\Windows\System32\Tasks\TQSP [1334] =>PUP.CrossRider
~ Scheduled Task: 237 Scanned in 00mn 06s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Java (Sun) [64Bits] - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 11 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\drivers\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (egyjvdfh) . (. - .) - C:\Windows\system32\drivers\egyjvdfh.sys (.not file.)
O41 - Driver: (kasepkan) . (. - .) - C:\Windows\system32\drivers\kasepkan.sys (.not file.)
O41 - Driver: McAfee Inc. mfehidk (mfehidk) . (.McAfee, Inc. - Host Intrusion Detection Link Driver.) - C:\Windows\System32\drivers\mfehidk.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - D

3 réponses

Réponse 1 / 3
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 658
17 sept. 2014 à 20:20
Salut,

Tu as installé des adwares et programmes parasites sur ton PC qui ouvrent des publicités et ralentissent l'ordinateur et les navigateurs WEB.
Voici la procédure à suivre pour les supprimer :

Télécharge https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start= AdwCleaner ( d'Xplode ) sur ton bureau.
Sur la page d'AdwCleaner, à droite, clic sur la disquette grise avec la flèche verte pour lancer le téléchargement.
Lance AdwCleaner, clique sur [Scanner].
Le scan peux durer plusieurs minutes, patienter.
Une fois le scan terminé, clique sur [Nettoyer]

Une fois le nettoyage terminé, un rapport s'ouvrira. Copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller.
Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message.

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt



puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
* Internet Explorer et modules complémentaires / moteurs de recherche : https://forum.malekal.com/viewtopic.php?t=41399&start=
* Firefox : https://www.malekal.com/reparer-firefox/?t=36057&start=
* Google Chrome : https://www.malekal.com/reparer-google-chrome/?t=35837&start=

0
Réponse 2 / 3
trippymarry Messages postés 2 Date d'inscription mercredi 17 septembre 2014 Statut Membre Dernière intervention 17 septembre 2014
17 sept. 2014 à 20:35
j ai effectué ce logiciel, ca m a redemarré mon pc et j ai google...
le rapport s est affiché, tiens :

# AdwCleaner v3.310 - Rapport créé le 17/09/2014 à 20:27:29
# Mis à jour le 12/09/2014 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : marie - THEVENIAU
# Exécuté depuis : C:\Users\marie\Downloads\adwcleaner_3.310.exe
# Option : Nettoyer

***** [ Services ] *****

[#] Service Supprimé : 70e6ca8c
[#] Service Supprimé : globalUpdate
[#] Service Supprimé : globalUpdatem
Service Supprimé : IePluginServices
Service Supprimé : MyOSProtect
Service Supprimé : NewPlayer
Service Supprimé : NewVideoPlayerUpdaterService
[#] Service Supprimé : ProtectMonitor
Service Supprimé : Scores
Service Supprimé : WindowsMangerProtect

***** [ Fichiers / Dossiers ] *****

Dossier Supprimé : C:\ProgramData\IePluginServices
Dossier Supprimé : C:\ProgramData\WindowsMangerProtect
Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyBestOffersToday
Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewPlayer
Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
Dossier Supprimé : C:\Program Files (x86)\globalUpdate
Dossier Supprimé : C:\Program Files (x86)\NewPlayer
Dossier Supprimé : C:\Program Files (x86)\PCTRunner
Dossier Supprimé : C:\Program Files (x86)\PepperZip
Dossier Supprimé : C:\Program Files (x86)\SupTab
Dossier Supprimé : C:\Program Files (x86)\mbot_fr_91
Dossier Supprimé : C:\Program Files (x86)\Browser+ Apps+
Dossier Supprimé : C:\Program Files (x86)\ver0NewPlayer
Dossier Supprimé : C:\Users\marie\AppData\Local\globalUpdate
Dossier Supprimé : C:\Users\marie\AppData\Local\NewPlayer
Dossier Supprimé : C:\Users\marie\AppData\Local\mbot_fr_91
Dossier Supprimé : C:\Users\marie\AppData\Local\Genesis_09151907
Dossier Supprimé : C:\Users\marie\AppData\Roaming\DigitalSites
Dossier Supprimé : C:\Users\marie\AppData\Roaming\VOPackage
Dossier Supprimé : C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PepperZip
Dossier Supprimé : C:\Users\marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
Dossier Supprimé : C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeibjhjmddgcdbniedjoghdgbofbecad
Fichier Supprimé : C:\monitor.exe
Fichier Supprimé : C:\monitorsvc.exe
Fichier Supprimé : C:\Windows\score.exe
Fichier Supprimé : C:\Windows\SysWOW64\MyOSProtect.dll
Fichier Supprimé : C:\Windows\SysWOW64\MyOSProtect.ini
Fichier Supprimé : C:\Windows\SysWOW64\MyOSProtectOff.ini
Fichier Supprimé : C:\Windows\System32\MyOSProtect64.dll
Fichier Supprimé : C:\Windows\System32\MyOSProtectOff.ini
Fichier Supprimé : C:\Users\marie\AppData\Local\mysearchdial-speeddial.crx
Fichier Supprimé : C:\Users\Public\Documents\rpidity.crx
Fichier Supprimé : C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx
Fichier Supprimé : C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_istart.webssearches.com_0.localstorage
Fichier Supprimé : C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_istart.webssearches.com_0.localstorage-journal
Fichier Supprimé : C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.betterdeals00.betterdeals.co_0.localstorage
Fichier Supprimé : C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.betterdeals00.betterdeals.co_0.localstorage-journal
Fichier Supprimé : C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Fichier Supprimé : C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Tâches planifiées ] *****

Tâche Supprimée : BitGuard
Tâche Supprimée : Digital Sites
Tâche Supprimée : globalUpdateUpdateTaskMachineCore
Tâche Supprimée : globalUpdateUpdateTaskMachineUA
Tâche Supprimée : LaunchSignup
Tâche Supprimée : NewPlayer Update
Tâche Supprimée : NewPlayer_wd
Tâche Supprimée : Optimizer Pro Schedule
Tâche Supprimée : 1a10f082-58f5-4e2e-867a-bf33edb84ad8
Tâche Supprimée : 364a3a11-805d-4044-ac37-3e2df9dbfbbe-1
Tâche Supprimée : 364a3a11-805d-4044-ac37-3e2df9dbfbbe-11
Tâche Supprimée : 364a3a11-805d-4044-ac37-3e2df9dbfbbe-2
Tâche Supprimée : 364a3a11-805d-4044-ac37-3e2df9dbfbbe-3
Tâche Supprimée : 364a3a11-805d-4044-ac37-3e2df9dbfbbe-4
Tâche Supprimée : 364a3a11-805d-4044-ac37-3e2df9dbfbbe-5
Tâche Supprimée : 364a3a11-805d-4044-ac37-3e2df9dbfbbe-5_user
Tâche Supprimée : 364a3a11-805d-4044-ac37-3e2df9dbfbbe-6
Tâche Supprimée : 364a3a11-805d-4044-ac37-3e2df9dbfbbe-7
Tâche Supprimée : e3ccad92-985e-4461-beca-6c8efa6945b5

***** [ Raccourcis ] *****


***** [ Registre ] *****

Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Clé Supprimée : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Clé Supprimée : HKLM\SOFTWARE\Classes\*\shell\filescout
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Clé Supprimée : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\pdfforgeToolbar-stub-1_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\pdfforgeToolbar-stub-1_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Clé Supprimée : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Clé Supprimée : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mbot_fr_91]
Valeur Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Genesis_09151907]
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422902282}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622442249}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422902282}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622442249}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
Donnée Restaurée : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Clé Supprimée : HKCU\Software\FIXIO PC Utilities
Clé Supprimée : HKCU\Software\genesis
Clé Supprimée : HKCU\Software\GlobalUpdate
Clé Supprimée : HKCU\Software\PepperZip
Clé Supprimée : HKCU\Software\SupHpUISoft
Clé Supprimée : HKCU\Software\AppDataLow\Software\Browser+ Apps+
Clé Supprimée : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Clé Supprimée : HKLM\SOFTWARE\GlobalUpdate
Clé Supprimée : HKLM\SOFTWARE\MyBestOffersToday
Clé Supprimée : HKLM\SOFTWARE\NewPlayer
Clé Supprimée : HKLM\SOFTWARE\SupDp
Clé Supprimée : HKLM\SOFTWARE\SupTab
Clé Supprimée : HKLM\SOFTWARE\supWindowsMangerProtect
Clé Supprimée : HKLM\SOFTWARE\supWPM
Clé Supprimée : HKLM\SOFTWARE\webssearchesSoftware
Clé Supprimée : HKLM\SOFTWARE\Browser+ Apps+
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Genesis_09151907
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NewPlayer
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PepperZip
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mbot_fr_91_is1
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Browser+ Apps+
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\280441B1-8ECF-C313-9D9C-944B5FF30E30
Clé Supprimée : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF

***** [ Navigateurs ] *****

-\\ Internet Explorer v11.0.9600.17280

Paramètre Restauré : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Paramètre Restauré : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Paramètre Restauré : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Paramètre Restauré : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Paramètre Restauré : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v

[ Fichier : C:\Users\marie\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Supprimée [Startup_urls] : hxxp://istart.webssearches.com/?type=hp&ts=1410808124&from=tugs&uid=TOSHIBAXMK3265GSX_40BJSED5SXX40BJSED5S
Supprimée [Extension] : eeibjhjmddgcdbniedjoghdgbofbecad
Supprimée [Extension] : pelmeidfhdlhlbjimpabfcbnnojbboma
Supprimée [Extension] : pflphaooapbgpeakohlggbpidpppgdff

*************************

AdwCleaner[R0].txt - [23323 octets] - [29/01/2014 21:31:08]
AdwCleaner[R1].txt - [26998 octets] - [16/09/2014 21:07:41]
AdwCleaner[R2].txt - [4756 octets] - [16/09/2014 21:20:57]
AdwCleaner[R3].txt - [21460 octets] - [17/09/2014 20:23:46]
AdwCleaner[S0].txt - [21873 octets] - [29/01/2014 21:37:04]
AdwCleaner[S1].txt - [4264 octets] - [16/09/2014 21:27:03]
AdwCleaner[S2].txt - [19687 octets] - [17/09/2014 20:27:29]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [19748 octets] ##########


que dois je fait maintenant? en tout cas merci beaucoup :)
0
Réponse 3 / 3
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 658
17 sept. 2014 à 21:38
ok, voici la suite :


Scan Malwarebytes (temps : environ 40min de scan):
==================================================
Télécharge et installe Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Mets le à jour puis lance un examen.

A la fin du scan, clic sur "Mettre tout en quarantaine" en bas à gauche.
Redémarre l'ordinateur si besoin.
Après redémarrage, relance Malwarebytes.
Vas chercher le rapport dans l'onglet Historique.
A gauche Journal des examens.
Doube-clic sur l'examen dans la liste.
Puis en bas Copier dans le presse papier
Vas sur http://pjjoint.malekal.com et en bas, clic droit / coller pour coller le rapport du scan Malwarebytes.
Clic sur envoyer.
Dans un nouveau message ici en réponse, donne le lien pjjoint afin de pouvoir consulter le rapport.



puis :


Faire un Scan OTL - Temps : Environ 40min
=====================
OTL permet de diagnostiquer les programmes qui tournent et déceler des infections - Le programme va générer deux rapports OTL.txt et Extras.txt
Fournir les deux rapports :

Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/

* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)


* Lance OTL
* En haut à droite de Analyse rapide, coche "tous les utilisateurs"
* Sur OTL, sous Personnalisation, copie-colle le script ci-dessous :



netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%ALLUSERSPROFILE%\Application Data\*.dll /s
%APPDATA%\*.
%PROGRAMFILES%\*.
%PROGRAMDATA%\*.
%APPDATA%\*.exe /s
%temp%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\consrv.dll
%systemroot%\system32\*.dll /lockedfiles
%windir%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
services.exe
wininit.exe
/md5stop
HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32 /s
HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList /s
HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor /s
HKEY_CURRENT_USER\Software\Microsoft\Command Processor /s
CREATERESTOREPOINT
nslookup www.google.fr /c
ping www.google.fr /c
ipconfig /all /c
SAVEMBR:0
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs



* Clique sur le bouton Analyse.

**** Si durant le scan - OTL ne répond pas, ne touche à rien et laisse le scan se poursuivre ****

* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer le rapport OTL.txt (et Extra.txt si présent).
Donne le ou les liens pjjoint qui pointent vers ces rapports ici dans une réponse.
Je répète : donne le lien du rapport pjjoint ici en réponse.

NE PAS COPIER/COLLER LE RAPPORT ICI - DONNER LE LIEN PJJOINT DANS UN NOUVEAU MESSAGE


0