Sujet Précédent Sujet Suivant

Suppression malware

Résolu/Fermé
sisijp74 Messages postés 37 Date d'inscription dimanche 11 novembre 2007 Statut Membre Dernière intervention 4 octobre 2019 - 28 déc. 2014 à 10:52
sisijp74 Messages postés 37 Date d'inscription dimanche 11 novembre 2007 Statut Membre Dernière intervention 4 octobre 2019 - 8 janv. 2015 à 09:29
Bonjour,

Le Pc de ma fille est infesté par "bestdiscountapp". Il semble que ce soit un malware récalcitrant. Le Pc est sous win7, avec Zonealarm et Avast à jour. Analyses faites et infections corrigées, le malware est encore là. Google propose bien quelques logiciels, mais il en parle autant en bien qu'en mal (arnaques). Quelqu'un aurait il une solution ?
Merci à tous
A voir également:

9 réponses

Réponse 1 / 9
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 660
28 déc. 2014 à 11:23
Salut,

Commence par un nettoyage adwcleaner : https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start=
Donne le rapport de nettoyage dans un nouveau message.

--
0
Réponse 2 / 9
sisijp74 Messages postés 37 Date d'inscription dimanche 11 novembre 2007 Statut Membre Dernière intervention 4 octobre 2019 33
28 déc. 2014 à 12:25
Merci pour la réponse rapide. Ci dessous le rapport dans une langue qui m'est inconnue:

# AdwCleaner v4.106 - Rapport crÈÈ le 28/12/2014 # 12:06:11
# Mis # jour le 21/12/2014 par Xplode
# Database : 2014-12-21.4 [Live]
# SystËme d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : manon - MANON-PC
# ExÈcutÈ depuis : F:\adwcleaner_4.106.exe
# Option : Scanner

***** [ Services ] *****

Service PrÈsent : WindowsMangerProtect

***** [ Fichiers / Dossiers ] *****

Dossier PrÈsent : C:\Program Files (x86)\Check Point Software Technologies LTD
Dossier PrÈsent : C:\Program Files (x86)\CooolSalleCoUpOn
Dossier PrÈsent : C:\Program Files (x86)\cosstminn
Dossier PrÈsent : C:\Program Files (x86)\di9BlockAndSurf
Dossier PrÈsent : C:\Program Files (x86)\globalUpdate
Dossier PrÈsent : C:\Program Files (x86)\Mysearchdial
Dossier PrÈsent : C:\Program Files (x86)\Nosibay
Dossier PrÈsent : C:\Program Files (x86)\Optimizer Pro
Dossier PrÈsent : C:\Program Files (x86)\PProoShopper
Dossier PrÈsent : C:\Program Files (x86)\predm
Dossier PrÈsent : C:\Program Files (x86)\savIIngtOyou
Dossier PrÈsent : C:\Program Files (x86)\SearchProtect
Dossier PrÈsent : C:\Program Files (x86)\sHopndrop
Dossier PrÈsent : C:\Program Files (x86)\shopndrop
Dossier PrÈsent : C:\Program Files (x86)\Software
Dossier PrÈsent : C:\Program Files (x86)\SupTab
Dossier PrÈsent : C:\Program Files (x86)\WinZipper
Dossier PrÈsent : C:\ProgramData\374311380
Dossier PrÈsent : C:\ProgramData\484e9ad73dc93fdb
Dossier PrÈsent : C:\ProgramData\BestDiscountApp
Dossier PrÈsent : C:\ProgramData\CooolSalleCoUpOn
Dossier PrÈsent : C:\ProgramData\cosstminn
Dossier PrÈsent : C:\ProgramData\IePluginServices
Dossier PrÈsent : C:\ProgramData\PProoShopper
Dossier PrÈsent : C:\ProgramData\savIIngtOyou
Dossier PrÈsent : C:\ProgramData\sHopndrop
Dossier PrÈsent : C:\ProgramData\shopndrop
Dossier PrÈsent : C:\ProgramData\Software
Dossier PrÈsent : C:\ProgramData\Systweak
Dossier PrÈsent : C:\ProgramData\WindowsMangerProtect
Dossier PrÈsent : C:\ProgramData\WindowsProtectManger
Dossier PrÈsent : C:\Users\Administrateur\AppData\Local\Chromatic Browser
Dossier PrÈsent : C:\Users\Administrateur\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ompdpiokojddapdejmepbeeljgaahbja
Dossier PrÈsent : C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ompdpiokojddapdejmepbeeljgaahbja
Dossier PrÈsent : C:\Users\Administrateur\AppData\Local\torch
Dossier PrÈsent : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Dossier PrÈsent : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ompdpiokojddapdejmepbeeljgaahbja
Dossier PrÈsent : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ompdpiokojddapdejmepbeeljgaahbja
Dossier PrÈsent : C:\Users\HomeGroupUser$\AppData\Local\torch
Dossier PrÈsent : C:\Users\InvitÈ\AppData\Local\Chromatic Browser
Dossier PrÈsent : C:\Users\InvitÈ\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ompdpiokojddapdejmepbeeljgaahbja
Dossier PrÈsent : C:\Users\InvitÈ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ompdpiokojddapdejmepbeeljgaahbja
Dossier PrÈsent : C:\Users\InvitÈ\AppData\Local\torch
Dossier PrÈsent : C:\Users\manon\AppData\Local\Chromatic Browser
Dossier PrÈsent : C:\Users\manon\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ompdpiokojddapdejmepbeeljgaahbja
Dossier PrÈsent : C:\Users\manon\AppData\Local\globalUpdate
Dossier PrÈsent : C:\Users\manon\AppData\Local\PriceMeter
Dossier PrÈsent : C:\Users\manon\AppData\Local\SearchProtect
Dossier PrÈsent : C:\Users\manon\AppData\Local\Temp\mt_ffx
Dossier PrÈsent : C:\Users\manon\AppData\Local\torch
Dossier PrÈsent : C:\Users\manon\AppData\Roaming\Check Point Software Technologies LTD
Dossier PrÈsent : C:\Users\manon\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar
Dossier PrÈsent : C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Dossier PrÈsent : C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\ffxtlbr@zonealarm.com
Dossier PrÈsent : C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\frba.0tae@ieeuthjk.net
Dossier PrÈsent : C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\mbs3za@iuoaey.org
Dossier PrÈsent : C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\qfaao@eyeeii.edu
Dossier PrÈsent : C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\r_oe@qsdcgxu.co.uk
Dossier PrÈsent : C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\z57koli@afzf.co.uk
Dossier PrÈsent : C:\Users\manon\AppData\Roaming\Nosibay
Dossier PrÈsent : C:\Users\manon\AppData\Roaming\Systweak
Dossier PrÈsent : C:\Users\manon\AppData\Roaming\winservices
Dossier PrÈsent : C:\Users\manon\Documents\Optimizer Pro
Dossier PrÈsent : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Systweak
Fichier PrÈsent : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\delta-homes.xml
Fichier PrÈsent : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
Fichier PrÈsent : C:\Users\manon\AppData\Roaming\aps.uninstall.scan.results
Fichier PrÈsent : C:\Users\manon\AppData\Roaming\Bubble Dock.boostrap.log
Fichier PrÈsent : C:\Users\manon\AppData\Roaming\Bubble Dock.installation.log
Fichier PrÈsent : C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\searchplugins\avg-secure-search.xml
Fichier PrÈsent : C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\searchplugins\Mysearchdial.xml
Fichier PrÈsent : C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\searchplugins\Web Search.xml
Fichier PrÈsent : C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\searchplugins\zonealarm.xml
Fichier PrÈsent : C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\user.js
Fichier PrÈsent : C:\Users\manon\Desktop\Continue VuuPC Installation.lnk
Fichier PrÈsent : C:\Users\manon\Desktop\Live PC Help.lnk
Fichier PrÈsent : C:\Windows\System32\roboot64.exe

***** [ T'ches planifiÈes ] *****

T'che PrÈsente : APSnotifierPP1
T'che PrÈsente : APSnotifierPP2
T'che PrÈsente : APSnotifierPP3
T'che PrÈsente : BackgroundContainer Startup Task
T'che PrÈsente : LaunchSignup
T'che PrÈsente : MySearchDial
T'che PrÈsente : pricemeterdownloader
T'che PrÈsente : wp_update
T'che PrÈsente : 4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-1
T'che PrÈsente : 4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-11
T'che PrÈsente : 4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-2
T'che PrÈsente : 4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-4
T'che PrÈsente : 4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-5
T'che PrÈsente : 4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-5_user

***** [ Raccourcis ] *****


***** [ Registre ] *****

ClÈ PrÈsente : HKCU\Software\AnyProtect
ClÈ PrÈsente : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
ClÈ PrÈsente : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
ClÈ PrÈsente : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
ClÈ PrÈsente : HKCU\Software\AppDataLow\Software\BlockAndSurf
ClÈ PrÈsente : HKCU\Software\AppDataLow\Software\Crossrider
ClÈ PrÈsente : HKCU\Software\Boxore
ClÈ PrÈsente : HKCU\Software\Conduit
ClÈ PrÈsente : HKCU\Software\FreeSoftToday
ClÈ PrÈsente : HKCU\Software\GlobalUpdate
ClÈ PrÈsente : HKCU\Software\IM
ClÈ PrÈsente : HKCU\Software\InstalledBrowserExtensions
ClÈ PrÈsente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
ClÈ PrÈsente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
ClÈ PrÈsente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
ClÈ PrÈsente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F}
ClÈ PrÈsente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
ClÈ PrÈsente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F}
ClÈ PrÈsente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
ClÈ PrÈsente : HKCU\Software\Mozilla\Extends
ClÈ PrÈsente : HKCU\Software\Nosibay
ClÈ PrÈsente : HKCU\Software\Optimizer Pro
ClÈ PrÈsente : HKCU\Software\powerpack
ClÈ PrÈsente : HKCU\Software\SmartBar
ClÈ PrÈsente : HKCU\Software\Smartbar
ClÈ PrÈsente : HKCU\Software\systweak
ClÈ PrÈsente : HKCU\Software\TutoTag
ClÈ PrÈsente : HKCU\Software\WEDLMNGR
ClÈ PrÈsente : [x64] HKCU\Software\AnyProtect
ClÈ PrÈsente : [x64] HKCU\Software\Boxore
ClÈ PrÈsente : [x64] HKCU\Software\Conduit
ClÈ PrÈsente : [x64] HKCU\Software\FreeSoftToday
ClÈ PrÈsente : [x64] HKCU\Software\GlobalUpdate
ClÈ PrÈsente : [x64] HKCU\Software\IM
ClÈ PrÈsente : [x64] HKCU\Software\InstalledBrowserExtensions
ClÈ PrÈsente : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
ClÈ PrÈsente : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
ClÈ PrÈsente : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
ClÈ PrÈsente : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
ClÈ PrÈsente : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
ClÈ PrÈsente : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
ClÈ PrÈsente : [x64] HKCU\Software\Nosibay
ClÈ PrÈsente : [x64] HKCU\Software\Optimizer Pro
ClÈ PrÈsente : [x64] HKCU\Software\powerpack
ClÈ PrÈsente : [x64] HKCU\Software\Smartbar
ClÈ PrÈsente : [x64] HKCU\Software\SmartBar
ClÈ PrÈsente : [x64] HKCU\Software\systweak
ClÈ PrÈsente : [x64] HKCU\Software\TutoTag
ClÈ PrÈsente : [x64] HKCU\Software\WEDLMNGR
ClÈ PrÈsente : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
ClÈ PrÈsente : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
ClÈ PrÈsente : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
ClÈ PrÈsente : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
ClÈ PrÈsente : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
ClÈ PrÈsente : HKLM\SOFTWARE\Boxore
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\AppID\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\AppID\BackgroundHost.EXE
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\CCooolSaLeCoUpon.CCooolSaLeCoUpon
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\CCooolSaLeCoUpon.CCooolSaLeCoUpon.3.95
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\CLSID\{54243DA3-AD66-359E-6B3E-DF283FC3586D}
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\CLSID\{6814A78D-8202-977E-C778-175C89CF9831}
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\CLSID\{861A4A3E-EC88-4BD1-B09E-C9DA95130969}
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\CLSID\{987D9269-F8A1-408F-BF62-4397D2F5363E}
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\CLSID\{A0517A46-63D8-7B40-F5E0-D61CA4DFC5D2}
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\CLSID\{A20EFABE-275B-DDA1-2185-EC37A020542C}
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\CLSID\{E0722BEB-FDA1-4AA1-A2A8-15A74A5B3F70}
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\ProSHopppeer.ProSHopppeer
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\ProSHopppeer.ProSHopppeer.4.87
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\sauvIngtoyou.sauvIngtoyou
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\sauvIngtoyou.sauvIngtoyou.2.1
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\ScriptHost.Tool
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\shoPndrooop.shoPndrooop
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\shoPndrooop.shoPndrooop.3.1
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\TypeLib\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\TypeLib\{97D91814-80A6-444F-AD27-551657E99C94}
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\TypeLib\{E00DE9B9-B128-4C39-B732-B5D85013FA48}
ClÈ PrÈsente : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
ClÈ PrÈsente : HKLM\SOFTWARE\DealPlyLive
ClÈ PrÈsente : HKLM\SOFTWARE\delta-homesSoftware
ClÈ PrÈsente : HKLM\SOFTWARE\free_softtoday
ClÈ PrÈsente : HKLM\SOFTWARE\GlobalUpdate
ClÈ PrÈsente : HKLM\SOFTWARE\hdcode
ClÈ PrÈsente : HKLM\SOFTWARE\InstalledBrowserExtensions
ClÈ PrÈsente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
ClÈ PrÈsente : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
ClÈ PrÈsente : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SoftwareUpdate.exe
ClÈ PrÈsente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
ClÈ PrÈsente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{54243DA3-AD66-359E-6B3E-DF283FC3586D}
ClÈ PrÈsente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6814A78D-8202-977E-C778-175C89CF9831}
ClÈ PrÈsente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A0517A46-63D8-7B40-F5E0-D61CA4DFC5D2}
ClÈ PrÈsente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A20EFABE-275B-DDA1-2185-EC37A020542C}
ClÈ PrÈsente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1
ClÈ PrÈsente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7E7FAE3D-3358-D280-8DBF-E8E2D94326D1}
ClÈ PrÈsente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
ClÈ PrÈsente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
ClÈ PrÈsente : HKLM\SOFTWARE\omiga-plusSoftware
ClÈ PrÈsente : HKLM\SOFTWARE\PriceMeterLiveUpdate
ClÈ PrÈsente : HKLM\SOFTWARE\SearchProtect
ClÈ PrÈsente : HKLM\SOFTWARE\SupDp
ClÈ PrÈsente : HKLM\SOFTWARE\SupTab
ClÈ PrÈsente : HKLM\SOFTWARE\supWindowsMangerProtect
ClÈ PrÈsente : HKLM\SOFTWARE\supWindowsProtectManger
ClÈ PrÈsente : HKLM\SOFTWARE\SweetIM
ClÈ PrÈsente : HKLM\SOFTWARE\systweak
ClÈ PrÈsente : HKLM\SOFTWARE\Tutorials
ClÈ PrÈsente : HKLM\SOFTWARE\V9
ClÈ PrÈsente : HKLM\SOFTWARE\winzipersvc
ClÈ PrÈsente : HKLM\SOFTWARE\Wpm
ClÈ PrÈsente : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
ClÈ PrÈsente : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
ClÈ PrÈsente : [x64] HKLM\SOFTWARE\Classes\CLSID\{54243DA3-AD66-359E-6B3E-DF283FC3586D}
ClÈ PrÈsente : [x64] HKLM\SOFTWARE\Classes\CLSID\{6814A78D-8202-977E-C778-175C89CF9831}
ClÈ PrÈsente : [x64] HKLM\SOFTWARE\Classes\CLSID\{A0517A46-63D8-7B40-F5E0-D61CA4DFC5D2}
ClÈ PrÈsente : [x64] HKLM\SOFTWARE\Classes\CLSID\{A20EFABE-275B-DDA1-2185-EC37A020542C}
ClÈ PrÈsente : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
ClÈ PrÈsente : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
ClÈ PrÈsente : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
ClÈ PrÈsente : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
ClÈ PrÈsente : [x64] HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
ClÈ PrÈsente : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
ClÈ PrÈsente : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
ClÈ PrÈsente : [x64] HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
ClÈ PrÈsente : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
ClÈ PrÈsente : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
ClÈ PrÈsente : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
ClÈ PrÈsente : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
ClÈ PrÈsente : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
ClÈ PrÈsente : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
ClÈ PrÈsente : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
ClÈ PrÈsente : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
ClÈ PrÈsente : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
ClÈ PrÈsente : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC
ClÈ PrÈsente : [x64] HKLM\SOFTWARE\Speedchecker Limited
DonnÈe PrÈsente : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command [(Default)] - "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.delta-homes.com/?type=sc&ts=1419594752&from=wpm12262&uid=ST320LT020-9YG142_W044WV44XXXXW044WV44
DonnÈe PrÈsente : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\suptab\search~1.dll
DonnÈe PrÈsente : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~2.DLL
Valeur PrÈsente : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [PriceMeterW]
Valeur PrÈsente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Valeur PrÈsente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [AnyProtect Scanner]
Valeur PrÈsente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [BlockAndSurf]
Valeur PrÈsente : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [ Navigateurs ] *****

-\\ Internet Explorer v11.0.9600.17496

ParamËtre PrÈsent : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMWnjfINoIA4sOKOHXxGkKl88ayHCsD4fA7c9MBopk242NZZn5k6BgR90sMIFFgeivPmqCt5i0AYX5Z_ihumrsBQ6FYuhNOGHm_zl-CRuM9VhmJ7Pxb5AAzdK2u4e9IDqbsSVBgzYatPgQNW2N3t8IeCDqBHP0H434_5EhOxwDYFddmT3Q,,&q={searchTerms}
ParamËtre PrÈsent : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.delta-homes.com/?type=hp&ts=1419594752&from=wpm12262&uid=ST320LT020-9YG142_W044WV44XXXXW044WV44
ParamËtre PrÈsent : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.delta-homes.com/?type=hp&ts=1419594752&from=wpm12262&uid=ST320LT020-9YG142_W044WV44XXXXW044WV44
ParamËtre PrÈsent : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMWnjfINoIA4sOKOHXxGkKl88ayHCsD4fA7c9MBopk242NZZn5k6BgR90sMIFFgeivPmqCt5i0AYX5Z_ihumrsBQ6FYuhNOGHm_zl-CRuM9VhmJ7Pxb5AAzdK2u4e9IDqbsSVBgzYatPgQNW2N3t8IeCDqBHP0H434_5EhOxwDYFddmT3Q,,&q={searchTerms}
ParamËtre PrÈsent : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1403859226&from=smt&uid=ST320LT020-9YG142_W044WV44XXXXW044WV44&q={searchTerms}
ParamËtre PrÈsent : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.delta-homes.com/?type=hp&ts=1419594752&from=wpm12262&uid=ST320LT020-9YG142_W044WV44XXXXW044WV44
ParamËtre PrÈsent : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.delta-homes.com/?type=hp&ts=1419594752&from=wpm12262&uid=ST320LT020-9YG142_W044WV44XXXXW044WV44
ParamËtre PrÈsent : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1403859226&from=smt&uid=ST320LT020-9YG142_W044WV44XXXXW044WV44&q={searchTerms}
ParamËtre PrÈsent : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMWnjfINoIA4sOKOHXxGkKl88ayHCsD4fA7c9MBopk242NZZn5k6BgR90sMIFFgeivPmqCt5i0AYX5Z_ihumrsBQ6FYuhNOGHm_zl-CRuM9VhmJ7Pxb5AAzdK2u4e9IDqbsSVBgzYatPgQNW2N3t8IeCDqBHP0H434_5EhOxwDYFddmT3Q,,&q={searchTerms}
ParamËtre PrÈsent : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMWnjfINoIA4sOKOHXxGkKl88ayHCsD4fA7c9MBopk242NZZn5k6BgR90sMIFFgeivPmqCt5i0AYX5Z_ihumrsBQ6FYuhNOGHm_zl-CRuM9VhmJ7Pxb5AAzdK2u4e9IDqbsSVBgzYatPgQNW2N3t8IeCDqBHP0H434_5EhOxwDYFddmT3Q,,&q={searchTerms}
ParamËtre PrÈsent : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMWnjfINoIA4sOKOHXxGkKl88ayHCsD4fA7c9MBopk242NZZn5k6BgR90sMIFFgeivPmqCt5i0AYX5Z_ihumrsBQ6FYuhNOGHm_zl-CRuM9VhmJ7Pxb5AAzdK2u4e9IDqbsSVBgzYatPgQNW2N3t8IeCDqBHP0H434_5EhOxwDYFddmT3Q,,&q={searchTerms}
ParamËtre PrÈsent : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMWnjfINoIA4sOKOHXxGkKl88ayHCsD4fA7c9MBopk242NZZn5k6BgR90sMIFFgeivPmqCt5i0AYX5Z_ihumrsBQ6FYuhNOGHm_zl-CRuM9VhmJ7Pxb5AAzdK2u4e9IDqbsSVBgzYatPgQNW2N3t8IeCDqBHP0H_p_G8rsrqG3cDr2AUqw,,&q={searchTerms}
ParamËtre PrÈsent : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1403859226&from=smt&uid=ST320LT020-9YG142_W044WV44XXXXW044WV44&q={searchTerms}
ParamËtre PrÈsent : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.delta-homes.com/?type=hp&ts=1419594752&from=wpm12262&uid=ST320LT020-9YG142_W044WV44XXXXW044WV44
ParamËtre PrÈsent : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.delta-homes.com/?type=hp&ts=1419594752&from=wpm12262&uid=ST320LT020-9YG142_W044WV44XXXXW044WV44
ParamËtre PrÈsent : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1403859226&from=smt&uid=ST320LT020-9YG142_W044WV44XXXXW044WV44&q={searchTerms}

-\\ Mozilla Firefox v34.0.5 (x86 fr)

[5wzvstvx.default] - Ligne TrouvÈe : user_pref("browser.startup.homepage", "hxxp://search.zonealarm.com/?src=hp&tbid=HFA5&Lan=FR&gu=119f0e3d5bb640fcb5408e716313db25&tu=10G9z00F74D20F0&sku=&tstsId=&ver=&");
[5wzvstvx.default] - Ligne TrouvÈe : user_pref("extensions.Jki8U2zK5ec6.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\[...]
[5wzvstvx.default] - Ligne TrouvÈe : user_pref("extensions.Tt6Nnv5.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumo[...]
[5wzvstvx.default] - Ligne TrouvÈe : user_pref("extensions.aquinnreillyaolcom61862.61862.cookie.CrossriderNotifier_channels.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
[5wzvstvx.default] - Ligne TrouvÈe : user_pref("extensions.aquinnreillyaolcom61862.61862.cookie.CrossriderNotifier_channels.value", "%7B%22app0%22%3A%22app0%22%2C%22app61862%22%3A%22app61862%22%2C%22FR%22%3A%22FR%22%7D");
[5wzvstvx.default] - Ligne TrouvÈe : user_pref("extensions.aquinnreillyaolcom61862.61862.cookie.CrossriderNotifier_geolocation.expiration", "Thu Jan 01 2015 12:34:25 GMT+0100");
[5wzvstvx.default] - Ligne TrouvÈe : user_pref("extensions.aquinnreillyaolcom61862.61862.cookie.CrossriderNotifier_geolocation.value", "%22FR%22");
[5wzvstvx.default] - Ligne TrouvÈe : user_pref("extensions.aquinnreillyaolcom61862.61862.cookie.CrossriderNotifier_metadata.expiration", "Sun Dec 28 2014 17:08:45 GMT+0100");
[5wzvstvx.default] - Ligne TrouvÈe : user_pref("extensions.aquinnreillyaolcom61862.61862.cookie.CrossriderNotifier_metadata.value", "%7B%22appId%22%3A61862%2C%22appName%22%3A%22The%20weDownload%20Pro%22%2C%22lastMessageId%22%3A0%2C%22nex[...]
[5wzvstvx.default] - Ligne TrouvÈe : user_pref("extensions.aquinnreillyaolcom61862.61862.cookie.InstallerParams.value", "%7B%22source_id%22%3A%22000898%22%2C%22sub_id%22%3A%22verticals-intext%2Cads%2Cpops%2Cshopping*bundledwith-wajam_s%3[...]
[5wzvstvx.default] - Ligne TrouvÈe : user_pref("extensions.aquinnreillyaolcom61862.61862.description", "Enhance your search results with direct download links and information for apps and games.");
[5wzvstvx.default] - Ligne TrouvÈe : user_pref("extensions.aquinnreillyaolcom61862.61862.internaldb.InstallerParams.value", "%7B%22source_id%22%3A%22000898%22%2C%22sub_id%22%3A%22verticals-intext%2Cads%2Cpops%2Cshopping*bundledwith-wajam[...]
[5wzvstvx.default] - Ligne TrouvÈe : user_pref("extensions.aquinnreillyaolcom61862.61862.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%22000898%22%2C%22sub_id%22%3A%22verticals-intext%2Cads%2Cpops%2Cshopping*bundledwith-[...]
[5wzvstvx.default] - Ligne TrouvÈe : user_pref("extensions.aquinnreillyaolcom61862.61862.internaldb.Resources_meta.value", "%7B%22extension.css%22%3A%7B%22id%22%3A751883%2C%22ver%22%3A1%2C%22status%22%3A1%2C%22name%22%3A%22extension.css%[...]
[5wzvstvx.default] - Ligne TrouvÈe : user_pref("extensions.aquinnreillyaolcom61862.61862.internaldb.Resources_resource_751883.value", "%22.crossrider-nofity-34345-body-theme-white-black%20a%2C%5Cn.crossrider-nofity-34344-body-theme-white[...]
[5wzvstvx.default] - Ligne TrouvÈe : user_pref("extensions.aquinnreillyaolcom61862.61862.internaldb.__ICM_LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.co.uk%22%2C%22amazon.com%22%2C%22anthropologie.com%[...]
[5wzvstvx.default] - Ligne TrouvÈe : user_pref("extensions.aquinnreillyaolcom61862.61862.internaldb.__ICM_LITE__fifty_test_rules.value", "%7B%22DE%22%3A%7B%22ALL%22%3A%5B%22anastasiadate.com%22%2C%22optionweb.com%22%2C%22pctools.com%22%2[...]
[5wzvstvx.default] - Ligne TrouvÈe : user_pref("extensions.aquinnreillyaolcom61862.61862.internaldb.monetization_plugin_notBundledArr_.value", "%5B%22wajam_s%22%5D");
[5wzvstvx.default] - Ligne TrouvÈe : user_pref("extensions.aquinnreillyaolcom61862.61862.internaldb.monetization_plugin_regBundledWithSoftware.value", "%7B%22wajam_s%22%3A1412696735431%7D");
[5wzvstvx.default] - Ligne TrouvÈe : user_pref("extensions.crossrider.bic", "148d6b254d0753a6e6a6aa149ff249a6");
[5wzvstvx.default] - Ligne TrouvÈe : user_pref("extensions.l1prxfdKo.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"su[...]
[5wzvstvx.default] - Ligne TrouvÈe : user_pref("extensions.rrwB8.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumoro[...]
[5wzvstvx.default] - Ligne TrouvÈe : user_pref("extensions.zRilS0d.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumo[...]
[5wzvstvx.default] - Ligne TrouvÈe : user_pref("extensions.zonealarm.dspFFXOld", "delta-homes");
[5wzvstvx.default] - Ligne TrouvÈe : user_pref("extensions.zonealarm.hmpgUrl", "hxxp://search.zonealarm.com/?src=hp&tbid=HFA5&Lan=FR&gu=119f0e3d5bb640fcb5408e716313db25&tu=10G9z00F74D20F0&sku=&tstsId=&ver=&");
[5wzvstvx.default] - Ligne TrouvÈe : user_pref("extensions.zonealarm.hpFFXOld", "hxxp://www.delta-homes.com/?type=hp&ts=1419594752&from=wpm12262&uid=ST320LT020-9YG142_W044WV44XXXXW044WV44");
[5wzvstvx.default] - Ligne TrouvÈe : user_pref("extensions.zonealarm.kw_url", "hxxp://search.zonealarm.com/search?src=sp&tbid=HFA5&Lan=FR&gu=119f0e3d5bb640fcb5408e716313db25&tu=10G9z00F74D20F0&sku=&tstsId=&ver=&&q=");
[5wzvstvx.default] - Ligne TrouvÈe : user_pref("extensions.zonealarm.newTabUrl", "hxxp://search.zonealarm.com/?src=nt&tbid=HFA5&Lan=FR&gu=119f0e3d5bb640fcb5408e716313db25&tu=10G9z00F74D20F0&sku=&tstsId=&ver=&");
[5wzvstvx.default] - Ligne TrouvÈe : user_pref("extensions.zonealarm.tlbrSrchUrl", "hxxp://search.zonealarm.com/search?src=tb&tbid=HFA5&Lan={dfltLng}&gu=358fa10e28ec4e96aed030a3d9059fe3&tu=10G9y00Hb4D33N0&sku=&tstsId=&ver=&&q=");

-\\ Google Chrome v39.0.2171.95


-\\ Comodo Dragon v


*************************

AdwCleaner[R0].txt - [56719 octets] - [26/05/2014 17:13:19]
AdwCleaner[R1].txt - [30634 octets] - [28/12/2014 12:06:11]
AdwCleaner[S0].txt - [54812 octets] - [26/05/2014 17:16:02]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [30756 octets] ##########
0
Réponse 3 / 9
sisijp74 Messages postés 37 Date d'inscription dimanche 11 novembre 2007 Statut Membre Dernière intervention 4 octobre 2019 33
6 janv. 2015 à 13:12
Il semble que personne ne parle cette langue.....
0
Réponse 4 / 9
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 660
6 janv. 2015 à 13:26
voici la suite :


Suis ce tutoriel FRST: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
Cela va générer trois rapports FRST :
* FRST.txt
* Shortcut.txt
* Additionnal.txt

Envoie comme expliqué, ces trois rapports sur le site pjjoint et donne les trois liens pjjoint de ces rapports afin qu'ils puissent être consultés.


0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 9
sisijp74 Messages postés 37 Date d'inscription dimanche 11 novembre 2007 Statut Membre Dernière intervention 4 octobre 2019 33
7 janv. 2015 à 10:31
Voilà, j'ai fait tout comme tu m'as dis
FRST.txt
https://pjjoint.malekal.com/files.php?id=20150107_u9j15y12f13o12
addition.txt
https://pjjoint.malekal.com/files.php?id=20150107_p66k8q8h5
shortcut.txt
https://pjjoint.malekal.com/files.php?id=20150107_z6w14s105s8

j'èspére que c'est bon

Merci
0
Réponse 6 / 9
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 660
Modifié par Malekal_morte- le 7/01/2015 à 10:52
Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix

Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit : 

HKLM-x32\...\Run: [fst_fr_105] => [X] 
HKLM-x32\...\Run: [fst_fr_254] => [X] 
 HKLM-x32\...\Run: [AnyProtect Scanner] => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe  
 HKLM-x32\...\Run: [AnyProtect Tray] => C:\Program Files (x86)\AnyProtectEx\AnyProtectTrayIcon.exe 
 HKLM-x32\...\Run: [BlockAndSurf] => C:\Program Files (x86)\di9BlockAndSurf\BlockAndSurf.exe 
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled. 
ProxyServer: [.DEFAULT] => http=127.0.0.1:51174;https=127.0.0.1:51174 [Attention - Possible Proxy Malicieux]
 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.isearch123.com/?type=hp&ts=1419594752&from=wpm12262&uid=ST320LT020-9YG142_W044WV44XXXXW044WV44 [Pays US - 108.168.166.57] 
 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.isearch123.com/?type=hp&ts=1419594752&from=wpm12262&uid=ST320LT020-9YG142_W044WV44XXXXW044WV44 [Pays US - 108.168.166.57] 
 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/webhp?gws_rd=ssl{searchTerms} [Pays US - 50.22.218.160] 
 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/webhp?gws_rd=ssl{searchTerms} [Pays US - 50.22.218.160] 
 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.isearch123.com/?type=hp&ts=1419594752&from=wpm12262&uid=ST320LT020-9YG142_W044WV44XXXXW044WV44 [Pays US - 108.168.166.57] 
 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.isearch123.com/?type=hp&ts=1419594752&from=wpm12262&uid=ST320LT020-9YG142_W044WV44XXXXW044WV44 [Pays US - 108.168.166.57] 
 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/webhp?gws_rd=ssl{searchTerms} [Pays US - 50.22.218.160] 
 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/webhp?gws_rd=ssl{searchTerms} [Pays US - 50.22.218.160] 
 HKU\S-1-5-21-2580590359-47628477-2238217109-1000\Software\Microsoft\Internet Explorer\Main,Search Page = https://search.safefinder.com/?st=ds&q={searchTerms} [Pays US - 65.52.144.16] 
 HKU\S-1-5-21-2580590359-47628477-2238217109-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.isearch123.com/?type=hp&ts=1419594752&from=wpm12262&uid=ST320LT020-9YG142_W044WV44XXXXW044WV44 [Pays US - 108.168.166.57] 
 HKU\S-1-5-21-2580590359-47628477-2238217109-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = https://www.msn.com/fr-fr?ocid=iehp [Pays BR - 191.235.212.170] 
 HKU\S-1-5-21-2580590359-47628477-2238217109-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.isearch123.com/?type=hp&ts=1419594752&from=wpm12262&uid=ST320LT020-9YG142_W044WV44XXXXW044WV44 [Pays US - 108.168.166.57] 
 HKU\S-1-5-21-2580590359-47628477-2238217109-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://search.safefinder.com/?st=ds&q={searchTerms} [Pays US - 65.52.144.16] 
StartMenuInternet: IEXPLORE.EXE - iexplore.exe 
 SearchScopes: HKLM -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =   
 SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = https://search.safefinder.com/?st=ds&q={searchTerms} [Pays US - 65.52.144.16] 
 SearchScopes: HKU\S-1-5-21-2580590359-47628477-2238217109-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = https://www.google.com/webhp?gws_rd=ssl{searchTerms} [Pays US - 108.168.166.57] 
 SearchScopes: HKU\S-1-5-21-2580590359-47628477-2238217109-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = https://search.safefinder.com/?st=ds&q={searchTerms} [Pays US - 65.52.144.16] 
 SearchScopes: HKU\S-1-5-21-2580590359-47628477-2238217109-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = https://www.google.com/webhp?gws_rd=ssl{searchTerms} [Pays US - 108.168.166.57] 
 SearchScopes: HKU\S-1-5-21-2580590359-47628477-2238217109-1000 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = https://search.safefinder.com/?st=ds&q={searchTerms} [Pays US - 65.52.144.16] 
 FF Extension: Security Protection - C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\detgdp@gmail.com [2014-12-26]  
FF Extension: CoolSaleCoUpONo - C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\frba.0tae@ieeuthjk.net [2014-07-26] 
 FF Extension: cosstminn - C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\mbs3za@iuoaey.org [2014-07-23] 
 FF Extension: saviingtoYoiu - C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\qfaao@eyeeii.edu [2014-09-03] 
 FF Extension: The weDownloads Manager+ - C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\quinnreilly@aol.com [2014-10-01] 
 FF Extension: ProShoppEre - C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\r_oe@qsdcgxu.co.uk [2014-09-06] 
 FF Extension: winservice86 - C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\taylorralston@hotmail.com [2014-11-22]  
 FF Extension: shoipnndroap - C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\z57koli@afzf.co.uk [2014-09-14] 
 FF Extension: Readability - C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\{6005d9b1-d115-485a-a92a-3f6453ca3fe2} [2013-03-14]  
 FF Extension: MySearchDial NewTab - C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8} [2014-07-01]  
 FF Extension: New Tab Homepage - C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi [2012-12-27] 
 FF HKLM-x32\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\extensions\detgdp@gmail.com  
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF 
 CHR Extension: (appbarioFR) - C:\Users\manon\AppData\Local\Google\Chrome\User Data\Default\Extensions\khopjgpjdhgdfjfcdbajjfpiadfamigc [2014-12-27]  
 CHR HKLM-x32\...\Chrome\Extension: [khopjgpjdhgdfjfcdbajjfpiadfamigc] - C:\Users\manon\AppData\Local\CRE\khopjgpjdhgdfjfcdbajjfpiadfamigc.crx [2013-12-13]  
 R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [473088 2014-12-26] (Fuyu LIMITED) [File not signed]  
 2014-12-25 12:49 - 2014-12-25 12:49 - 00003280 _____ () C:\Windows\System32\Tasks\dIZH8u9vzHay3BF 
 2014-12-25 12:49 - 2014-12-25 12:49 - 00003240 _____ () C:\Windows\System32\Tasks\DSCSvshonAPG4eP 
 2014-12-25 12:49 - 2014-12-25 12:49 - 00000000 ____D () C:\Users\manon\AppData\Roaming\lYEeIrK 
 2014-12-26 12:53 - 2014-12-27 00:46 - 00000000 ____D () C:\Program Files (x86)\WinZipper  
 2014-12-26 12:52 - 2014-12-26 12:52 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect  
 2014-12-25 12:41 - 2014-12-25 12:49 - 00000000 ____D () C:\Users\manon\AppData\Roaming\ybM44Ts 
 2015-01-07 10:11 - 2014-11-22 11:11 - 00002428 _____ () C:\Windows\Tasks\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-5_user.job  
 2015-01-07 10:11 - 2014-11-22 11:11 - 00002428 _____ () C:\Windows\Tasks\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-5.job  
 2015-01-07 10:11 - 2014-11-22 11:11 - 00002092 _____ () C:\Windows\Tasks\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-2.job  
 2015-01-07 10:11 - 2014-11-22 11:10 - 00003430 _____ () C:\Windows\Tasks\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-1.job  
 2015-01-07 10:11 - 2014-11-22 11:09 - 00005166 _____ () C:\Windows\Tasks\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-11.job  
 2015-01-07 10:11 - 2014-11-22 11:09 - 00004140 _____ () C:\Windows\Tasks\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-4.job  
 2015-01-07 10:11 - 2014-07-01 16:45 - 00000292 _____ () C:\Windows\Tasks\MySearchDial.job  
2014-12-27 22:54 - 2014-09-01 09:18 - 00000935 _____ () C:\Users\manon\AppData\Roaming\TIBMOE 
 2014-12-27 22:54 - 2014-06-27 09:55 - 00000000 ____D () C:\Program Files (x86)\SupTab  
 2014-12-27 17:59 - 2014-06-27 09:55 - 00000000 ____D () C:\ProgramData\IePluginServices  
2014-12-27 17:12 - 2014-11-15 09:25 - 00000000 ____D () C:\Users\manon\AppData\Roaming\winservices 
 2014-12-25 12:50 - 2014-11-27 17:41 - 00000000 ____D () C:\Users\manon\AppData\Roaming\Mi6qiOg 
 2014-12-25 12:49 - 2014-11-22 10:52 - 00000000 ____D () C:\Users\manon\AppData\Roaming\zcwDmHS 
 2014-12-25 12:46 - 2014-10-01 17:28 - 00000000 ____D () C:\Program Files (x86)\globalUpdate  
 2014-12-26 12:52 - 2014-07-26 10:38 - 00001378 _____ () C:\Users\manon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 
 2014-12-26 12:52 - 2014-06-27 10:05 - 00002316 _____ () C:\Users\manon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk  
 2014-12-26 12:52 - 2014-06-27 09:55 - 00000000 ____D () C:\ProgramData\WindowsProtectManger
Task: {0C0B9D51-095E-41C9-A71C-2BCE745E7130} - System32\Tasks\dIZH8u9vzHay3BF => C:\Users\manon\AppData\Roaming\lYEeIrK\9di7njW.exe [2014-12-25] ( )
Task: {1107FD30-3230-4644-B800-250264FC89CA} - System32\Tasks\pricemeterdownloader => C:\Users\manon\AppData\Local\PriceMeter\pricemeterd.exe <==== ATTENTION
Task: {1500D7E6-009C-4EDC-AC44-0E28D182F5E9} - System32\Tasks\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-2 => C:\Program Files (x86)\winservice86\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-2.exe <==== ATTENTION
Task: {1BE908B9-AF83-44FC-9426-AC906FCBE57B} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {42DCB545-FDAE-48DD-B8AD-74B21A0F5824} - System32\Tasks\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-1 => C:\Program Files (x86)\winservice86\winservice86-codedownloader.exe <==== ATTENTION
Task: {466A2F9D-3AC2-406A-A444-A80349D02072} - \BackgroundContainer Startup Task No Task File <==== ATTENTION
Task: {519E13D6-36E3-457B-9254-3F872E71CCC4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {562B2799-6754-45B9-A277-EC4DD65C7CDC} - System32\Tasks\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-5 => C:\Program Files (x86)\winservice86\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-5.exe <==== ATTENTION
Task: {6DFD0335-797C-40FC-8C81-2E034CD186BB} - System32\Tasks\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-11 => C:\Program Files (x86)\winservice86\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-11.exe <==== ATTENTION
Task: {830133D7-0DFA-4885-AF01-5D27D2A0B9CE} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {8CAF1713-1EC4-497E-B50A-3E7FC3BDA6AF} - System32\Tasks\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-4 => C:\Program Files (x86)\winservice86\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-4.exe <==== ATTENTION
Task: {941239CB-9031-4560-B236-C0ABA229CC94} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-27] (AVAST Software)
Task: {977138E6-88E1-4650-88E6-232E2C432282} - System32\Tasks\TXdZgnlEZOeNbM4 => C:\Users\manon\AppData\Roaming\zcwDmHS\7PQVWxe.exe [2014-11-22] ( )
Task: {996865F2-D2D0-45DF-BC3E-ECCA1E01184E} - System32\Tasks\DSCSvshonAPG4eP => C:\Users\manon\AppData\Roaming\ybM44Ts\yuP2Pn4.exe [2014-12-25] ( )
Task: {A3E42A33-F4E7-4BAC-A842-B67085887303} - \wp_update No Task File <==== ATTENTION
Task: {B3984A70-BFF1-409B-8DE2-0D7C3C7F4F0C} - System32\Tasks\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-5_user => C:\Program Files (x86)\winservice86\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-5.exe <==== ATTENTION
Task: {B94E4EB5-222A-48D1-A6B3-A3FBFAEB4678} - \WIN-statsAdmin No Task File <==== ATTENTION
Task: {D2B9C2F9-CED8-4548-B846-5534A2960F7F} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {DFEE8D27-B298-417E-B856-637E99467B39} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {FE7F67B5-3664-4C7C-8DE4-06B9AA514753} - System32\Tasks\MySearchDial => C:\Users\manon\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-1.job => C:\Program Files (x86)\winservice86\winservice86-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-11.job => C:\Program Files (x86)\winservice86\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-2.job => C:\Program Files (x86)\winservice86\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-4.job => C:\Program Files (x86)\winservice86\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-5.job => C:\Program Files (x86)\winservice86\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-5_user.job => C:\Program Files (x86)\winservice86\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\MySearchDial.job => C:\Users\manon\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION


Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.

Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.

Redémarre l'ordinateur


Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
0
Réponse 7 / 9
sisijp74 Messages postés 37 Date d'inscription dimanche 11 novembre 2007 Statut Membre Dernière intervention 4 octobre 2019 33
7 janv. 2015 à 13:08
Ci-dessous le fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-01-2015
Ran by manon at 2015-01-07 13:15:47 Run:1
Running from C:\Users\manon\Desktop
Loaded Profile: manon (Available profiles: manon)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM-x32\...\Run: [fst_fr_105] => [X]
HKLM-x32\...\Run: [fst_fr_254] => [X]
HKLM-x32\...\Run: [AnyProtect Scanner] => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
HKLM-x32\...\Run: [AnyProtect Tray] => C:\Program Files (x86)\AnyProtectEx\AnyProtectTrayIcon.exe
HKLM-x32\...\Run: [BlockAndSurf] => C:\Program Files (x86)\di9BlockAndSurf\BlockAndSurf.exe
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:51174;https=127.0.0.1:51174 [Attention - Possible Proxy Malicieux]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.isearch123.com/?type=hp&ts=1419594752&from=wpm12262&uid=ST320LT020-9YG142_W044WV44XXXXW044WV44 [Pays US - 108.168.166.57]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.isearch123.com/?type=hp&ts=1419594752&from=wpm12262&uid=ST320LT020-9YG142_W044WV44XXXXW044WV44 [Pays US - 108.168.166.57]
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/webhp?gws_rd=ssl{searchTerms} [Pays US - 50.22.218.160]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/webhp?gws_rd=ssl{searchTerms} [Pays US - 50.22.218.160]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.isearch123.com/?type=hp&ts=1419594752&from=wpm12262&uid=ST320LT020-9YG142_W044WV44XXXXW044WV44 [Pays US - 108.168.166.57]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.isearch123.com/?type=hp&ts=1419594752&from=wpm12262&uid=ST320LT020-9YG142_W044WV44XXXXW044WV44 [Pays US - 108.168.166.57]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/webhp?gws_rd=ssl{searchTerms} [Pays US - 50.22.218.160]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/webhp?gws_rd=ssl{searchTerms} [Pays US - 50.22.218.160]
HKU\S-1-5-21-2580590359-47628477-2238217109-1000\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/#u_ip=91.209.35.218{searchTerms} [Pays US - 65.52.144.16]
HKU\S-1-5-21-2580590359-47628477-2238217109-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.isearch123.com/?type=hp&ts=1419594752&from=wpm12262&uid=ST320LT020-9YG142_W044WV44XXXXW044WV44 [Pays US - 108.168.166.57]
HKU\S-1-5-21-2580590359-47628477-2238217109-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = https://www.msn.com/fr-fr?ocid=iehp [Pays BR - 191.235.212.170]
HKU\S-1-5-21-2580590359-47628477-2238217109-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.isearch123.com/?type=hp&ts=1419594752&from=wpm12262&uid=ST320LT020-9YG142_W044WV44XXXXW044WV44 [Pays US - 108.168.166.57]
HKU\S-1-5-21-2580590359-47628477-2238217109-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/#u_ip=91.209.35.218{searchTerms} [Pays US - 65.52.144.16]
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = https://www.google.com/#u_ip=91.209.35.218{searchTerms} [Pays US - 65.52.144.16]
SearchScopes: HKU\S-1-5-21-2580590359-47628477-2238217109-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = https://www.google.com/webhp?gws_rd=ssl{searchTerms} [Pays US - 108.168.166.57]
SearchScopes: HKU\S-1-5-21-2580590359-47628477-2238217109-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = https://www.google.com/#u_ip=91.209.35.218{searchTerms} [Pays US - 65.52.144.16]
SearchScopes: HKU\S-1-5-21-2580590359-47628477-2238217109-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = https://www.google.com/webhp?gws_rd=ssl{searchTerms} [Pays US - 108.168.166.57]
SearchScopes: HKU\S-1-5-21-2580590359-47628477-2238217109-1000 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = https://www.google.com/#u_ip=91.209.35.218{searchTerms} [Pays US - 65.52.144.16]
FF Extension: Security Protection - C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\detgdp@gmail.com [2014-12-26]
FF Extension: CoolSaleCoUpONo - C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\frba.0tae@ieeuthjk.net [2014-07-26]
FF Extension: cosstminn - C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\mbs3za@iuoaey.org [2014-07-23]
FF Extension: saviingtoYoiu - C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\qfaao@eyeeii.edu [2014-09-03]
FF Extension: The weDownloads Manager+ - C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\quinnreilly@aol.com [2014-10-01]
FF Extension: ProShoppEre - C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\r_oe@qsdcgxu.co.uk [2014-09-06]
FF Extension: winservice86 - C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\taylorralston@hotmail.com [2014-11-22]
FF Extension: shoipnndroap - C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\z57koli@afzf.co.uk [2014-09-14]
FF Extension: Readability - C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\{6005d9b1-d115-485a-a92a-3f6453ca3fe2} [2013-03-14]
FF Extension: MySearchDial NewTab - C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8} [2014-07-01]
FF Extension: New Tab Homepage - C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi [2012-12-27]
FF HKLM-x32\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\extensions\detgdp@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
CHR Extension: (appbarioFR) - C:\Users\manon\AppData\Local\Google\Chrome\User Data\Default\Extensions\khopjgpjdhgdfjfcdbajjfpiadfamigc [2014-12-27]
CHR HKLM-x32\...\Chrome\Extension: [khopjgpjdhgdfjfcdbajjfpiadfamigc] - C:\Users\manon\AppData\Local\CRE\khopjgpjdhgdfjfcdbajjfpiadfamigc.crx [2013-12-13]
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [473088 2014-12-26] (Fuyu LIMITED) [File not signed]
2014-12-25 12:49 - 2014-12-25 12:49 - 00003280 _____ () C:\Windows\System32\Tasks\dIZH8u9vzHay3BF
2014-12-25 12:49 - 2014-12-25 12:49 - 00003240 _____ () C:\Windows\System32\Tasks\DSCSvshonAPG4eP
2014-12-25 12:49 - 2014-12-25 12:49 - 00000000 ____D () C:\Users\manon\AppData\Roaming\lYEeIrK
2014-12-26 12:53 - 2014-12-27 00:46 - 00000000 ____D () C:\Program Files (x86)\WinZipper
2014-12-26 12:52 - 2014-12-26 12:52 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-12-25 12:41 - 2014-12-25 12:49 - 00000000 ____D () C:\Users\manon\AppData\Roaming\ybM44Ts
2015-01-07 10:11 - 2014-11-22 11:11 - 00002428 _____ () C:\Windows\Tasks\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-5_user.job
2015-01-07 10:11 - 2014-11-22 11:11 - 00002428 _____ () C:\Windows\Tasks\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-5.job
2015-01-07 10:11 - 2014-11-22 11:11 - 00002092 _____ () C:\Windows\Tasks\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-2.job
2015-01-07 10:11 - 2014-11-22 11:10 - 00003430 _____ () C:\Windows\Tasks\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-1.job
2015-01-07 10:11 - 2014-11-22 11:09 - 00005166 _____ () C:\Windows\Tasks\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-11.job
2015-01-07 10:11 - 2014-11-22 11:09 - 00004140 _____ () C:\Windows\Tasks\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-4.job
2015-01-07 10:11 - 2014-07-01 16:45 - 00000292 _____ () C:\Windows\Tasks\MySearchDial.job
2014-12-27 22:54 - 2014-09-01 09:18 - 00000935 _____ () C:\Users\manon\AppData\Roaming\TIBMOE
2014-12-27 22:54 - 2014-06-27 09:55 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-12-27 17:59 - 2014-06-27 09:55 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-12-27 17:12 - 2014-11-15 09:25 - 00000000 ____D () C:\Users\manon\AppData\Roaming\winservices
2014-12-25 12:50 - 2014-11-27 17:41 - 00000000 ____D () C:\Users\manon\AppData\Roaming\Mi6qiOg
2014-12-25 12:49 - 2014-11-22 10:52 - 00000000 ____D () C:\Users\manon\AppData\Roaming\zcwDmHS
2014-12-25 12:46 - 2014-10-01 17:28 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-12-26 12:52 - 2014-07-26 10:38 - 00001378 _____ () C:\Users\manon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-26 12:52 - 2014-06-27 10:05 - 00002316 _____ () C:\Users\manon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-12-26 12:52 - 2014-06-27 09:55 - 00000000 ____D () C:\ProgramData\WindowsProtectManger

*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\fst_fr_105 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\fst_fr_254 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AnyProtect Scanner => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AnyProtect Tray => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\BlockAndSurf => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\S-1-5-21-2580590359-47628477-2238217109-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKU\S-1-5-21-2580590359-47628477-2238217109-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-2580590359-47628477-2238217109-1000\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => value deleted successfully.
HKU\S-1-5-21-2580590359-47628477-2238217109-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKU\S-1-5-21-2580590359-47628477-2238217109-1000\Software\Microsoft\Internet Explorer\Main\\Search Bar => value deleted successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}" => Key deleted successfully.
HKCR\CLSID\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5} => Key not found.
HKU\S-1-5-21-2580590359-47628477-2238217109-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-2580590359-47628477-2238217109-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}" => Key deleted successfully.
HKCR\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5} => Key not found.
"HKU\S-1-5-21-2580590359-47628477-2238217109-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key deleted successfully.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
"HKU\S-1-5-21-2580590359-47628477-2238217109-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}" => Key deleted successfully.
HKCR\CLSID\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} => Key not found.
C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\detgdp@gmail.com => Moved successfully.
C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\frba.0tae@ieeuthjk.net => Moved successfully.
C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\mbs3za@iuoaey.org => Moved successfully.
C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\qfaao@eyeeii.edu => Moved successfully.
C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\quinnreilly@aol.com => Moved successfully.
C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\r_oe@qsdcgxu.co.uk => Moved successfully.
C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\taylorralston@hotmail.com => Moved successfully.
C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\z57koli@afzf.co.uk => Moved successfully.
C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\{6005d9b1-d115-485a-a92a-3f6453ca3fe2} => Moved successfully.
C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8} => Moved successfully.
C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\5wzvstvx.default\Extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi => Moved successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\detgdp@gmail.com => value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\wrc@avast.com => value deleted successfully.
C:\Users\manon\AppData\Local\Google\Chrome\User Data\Default\Extensions\khopjgpjdhgdfjfcdbajjfpiadfamigc => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\khopjgpjdhgdfjfcdbajjfpiadfamigc" => Key deleted successfully.
C:\Users\manon\AppData\Local\CRE\khopjgpjdhgdfjfcdbajjfpiadfamigc.crx => Moved successfully.
WindowsMangerProtect => Service stopped successfully.
WindowsMangerProtect => Service deleted successfully.
C:\Windows\System32\Tasks\dIZH8u9vzHay3BF => Moved successfully.
C:\Windows\System32\Tasks\DSCSvshonAPG4eP => Moved successfully.
C:\Users\manon\AppData\Roaming\lYEeIrK => Moved successfully.
C:\Program Files (x86)\WinZipper => Moved successfully.
C:\ProgramData\WindowsMangerProtect => Moved successfully.
C:\Users\manon\AppData\Roaming\ybM44Ts => Moved successfully.
C:\Windows\Tasks\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-5_user.job => Moved successfully.
C:\Windows\Tasks\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-5.job => Moved successfully.
C:\Windows\Tasks\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-2.job => Moved successfully.
C:\Windows\Tasks\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-1.job => Moved successfully.
C:\Windows\Tasks\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-11.job => Moved successfully.
C:\Windows\Tasks\4c4b89ed-7165-47e3-b00e-ff13f9b2f6c1-4.job => Moved successfully.
C:\Windows\Tasks\MySearchDial.job => Moved successfully.
C:\Users\manon\AppData\Roaming\TIBMOE => Moved successfully.
C:\Program Files (x86)\SupTab => Moved successfully.
C:\ProgramData\IePluginServices => Moved successfully.
C:\Users\manon\AppData\Roaming\winservices => Moved successfully.
C:\Users\manon\AppData\Roaming\Mi6qiOg => Moved successfully.
C:\Users\manon\AppData\Roaming\zcwDmHS => Moved successfully.
C:\Program Files (x86)\globalUpdate => Moved successfully.
C:\Users\manon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk => Moved successfully.
C:\Users\manon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk => Moved successfully.
C:\ProgramData\WindowsProtectManger => Moved successfully.

==== End of Fixlog 13:16:04 ====
0
Réponse 8 / 9
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 660
7 janv. 2015 à 13:13
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
* Firefox : https://www.malekal.com/reparer-firefox/?t=36057&start=
* Google Chrome : https://www.malekal.com/reparer-google-chrome/?t=35837&start=


et vois ce que cela donne pour les publicités.

0
Réponse 9 / 9
sisijp74 Messages postés 37 Date d'inscription dimanche 11 novembre 2007 Statut Membre Dernière intervention 4 octobre 2019 33
8 janv. 2015 à 09:29
Et bien je crois que c'est bon, le malware Bestdiscountapp a disparu et le moteur de recherche se comporte normalement, plus de pages de pub qui s'ouvrent au hasard.

MERCI Malekal_morte
0

Discussions similaires

Comment supprimer tor.jack sur Android
sabinelouisonbruno -
akaloupile -

4 réponses
Win64:Malware-gen
ptb35 -
MisteryBean -

3 réponses
Que se passe-t-il quand on supprime un ami sur snapchat
Lilob7 -
kemani06 -

1 réponse
win32:malware-gen bloqué par avast
ikkual -
Utilisateur anonyme -

69 réponses
Problème de malware
jbijp -
MisteryBean -

1 réponse