Bug internet
Résolu
scalco
Messages postés
45
Date d'inscription
Statut
Membre
Dernière intervention
-
scalco Messages postés 45 Date d'inscription Statut Membre Dernière intervention -
scalco Messages postés 45 Date d'inscription Statut Membre Dernière intervention -
Bonjour,
J'ai un problème avec mon navigateur internet (Firefox). Soit internet ne s'ouvre pas, soit j'ai des pages de PUB qui apparaissent ou qui s'ouvrent toute seule. Ça devient très dur de naviguer sur le net.
Il me semble qu'il faut utiliser adwcleaner mais je ne sais pas la procédure à suivre.
Si quelqu'un sait ce qu'il faut faire je suis preneur.
Merci d'avance,
J'ai un problème avec mon navigateur internet (Firefox). Soit internet ne s'ouvre pas, soit j'ai des pages de PUB qui apparaissent ou qui s'ouvrent toute seule. Ça devient très dur de naviguer sur le net.
Il me semble qu'il faut utiliser adwcleaner mais je ne sais pas la procédure à suivre.
Si quelqu'un sait ce qu'il faut faire je suis preneur.
Merci d'avance,
A voir également:
- Bug internet
- Gps sans internet - Guide
- Complete internet repair - Télécharger - Web & Internet
- Pourquoi mon ordinateur rame quand je vais sur internet - Guide
- Internet fotose - Forum Vos droits sur internet
- Internet explorer 11 - Télécharger - Navigateurs
16 réponses
Bonsoir,
Tu peux suivre ces procédures :
1/
Tu as installé des adwares et programmes indésirables sur ton PC.
-------------------------------
Télécharge : AdwCleaner (merci à Xplode)
Lance AdwCleaner
Clique sur Scanner puis Nettoyer, et patiente le temps du nettoyage.
Poste le rapport qui apparait en fin de recherche.
(Le rapport est sauvegardé aussi sous C:\AdwCleaner\AdwCleaner[x].txt)
----------------------------
Pour éviter d'avoir des publicités et des toolbars, tu peux lire ceci : https://forum.malekal.com/viewtopic.php?t=33776&start=
2/
ZHPCleaner
[*] Télécharge et enregistre ZHPCleaner sur ton bureau à partir ce lien : https://nicolascoolman.eu
[*] Exécute le en cliquant sur le bouton droit de la souris et en choisissant "Exécuter en tant qu'administrateur"
[*]Accepte les conditions d'utilisation,
[*]Clique sur le bouton [Réparer]
[*]Accepte toutes les réparations proposées
[*]Un rapport ZHPCleaner.txt sera créé sur le bureau
[*]Clique sur Rapport si tu ne vois pas le rapport, une copie (%appdata%\ZHP\ZHPCleaner.txt) s'ouvrira,
[*]Héberge ce rapport sur : http://pjjoint.malekal.com/ ou https://www.cjoint.com/]cjoint.com
[*]Copie/Colle le lien généré dans ta réponse.
@+
¤¤¤ Le meilleur remède pour tous les problèmes, c'est la patience.... ¤¤¤
Il me semble qu'il faut utiliser adwcleaner mais je ne sais pas la procédure à suivre.
Tu peux suivre ces procédures :
1/
Tu as installé des adwares et programmes indésirables sur ton PC.
-------------------------------
Télécharge : AdwCleaner (merci à Xplode)
Lance AdwCleaner
Clique sur Scanner puis Nettoyer, et patiente le temps du nettoyage.
Poste le rapport qui apparait en fin de recherche.
(Le rapport est sauvegardé aussi sous C:\AdwCleaner\AdwCleaner[x].txt)
----------------------------
Pour éviter d'avoir des publicités et des toolbars, tu peux lire ceci : https://forum.malekal.com/viewtopic.php?t=33776&start=
2/
ZHPCleaner
[*] Télécharge et enregistre ZHPCleaner sur ton bureau à partir ce lien : https://nicolascoolman.eu
[*] Exécute le en cliquant sur le bouton droit de la souris et en choisissant "Exécuter en tant qu'administrateur"
[*]Accepte les conditions d'utilisation,
[*]Clique sur le bouton [Réparer]
[*]Accepte toutes les réparations proposées
[*]Un rapport ZHPCleaner.txt sera créé sur le bureau
[*]Clique sur Rapport si tu ne vois pas le rapport, une copie (%appdata%\ZHP\ZHPCleaner.txt) s'ouvrira,
[*]Héberge ce rapport sur : http://pjjoint.malekal.com/ ou https://www.cjoint.com/]cjoint.com
[*]Copie/Colle le lien généré dans ta réponse.
@+
¤¤¤ Le meilleur remède pour tous les problèmes, c'est la patience.... ¤¤¤
Bonsoir,
1/
Désinstallez Firefox en utilisant :
===> revo-uninstaller
---------------------
Réinstalle le à partir ce lien : https://www.mozilla.org/fr/firefox/new/
2/
[*] Télécharge :Farbar Recovery Scan Tool (FRST) à partir ce lien : https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/
[*] Enregistre le sur votre bureau ( Vous devez exécuter la version compatible avec votre système 32 bits ou 64 bits)
==> Comment savoir quelle version 32 bits ou 64 bits est exécutée sur mon système ?
[*] Lance FRST, exécuter en tant qu'administrateur sous Windows : 7/8 et Vista
[*] Sur le menu principal, vérifie que la case "Addition.txt" soit cochée puis clique sur "Scan" et patiente le temps de l'analyse
[*] Une fois le scan terminé rends toi sur le bureau, deux rapports FRST.txt et Addition.txt ont été créés.
[*] Héberge les rapports FRST.txt et Addition.txt présent sur ton bureau sur : malekal.com
[*] Fais copier/coller les liens fournis dans ta prochaine réponse.
==> Aide: <<<ICI>>>
@+
1/
Désinstallez Firefox en utilisant :
===> revo-uninstaller
---------------------
Réinstalle le à partir ce lien : https://www.mozilla.org/fr/firefox/new/
2/
[*] Télécharge :Farbar Recovery Scan Tool (FRST) à partir ce lien : https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/
[*] Enregistre le sur votre bureau ( Vous devez exécuter la version compatible avec votre système 32 bits ou 64 bits)
==> Comment savoir quelle version 32 bits ou 64 bits est exécutée sur mon système ?
[*] Lance FRST, exécuter en tant qu'administrateur sous Windows : 7/8 et Vista
[*] Sur le menu principal, vérifie que la case "Addition.txt" soit cochée puis clique sur "Scan" et patiente le temps de l'analyse
[*] Une fois le scan terminé rends toi sur le bureau, deux rapports FRST.txt et Addition.txt ont été créés.
[*] Héberge les rapports FRST.txt et Addition.txt présent sur ton bureau sur : malekal.com
[*] Fais copier/coller les liens fournis dans ta prochaine réponse.
==> Aide: <<<ICI>>>
@+
J'essaye mais le problème c'est que j'ai pas accès à internet avec mon PC, Internet Explorer ne s'ouvre pas non plus..
C'est le moteur de recherche "omniboxes" qui m'a planté mes navigateurs je crois. Je vais désinstaller Firefox avec ccleaner on verra bien
On va essayer une autre solution :
Tu vas restaurer ton windows à une date antérieure (avant l'apparition de ce problème) en suivant les procédures indiquées dans le Tutoriel ci-dessous
---------------
Tutoriel ===> : http://www.chantal11.com/2010/05/restauration-systeme-a-une-date-anterieure-windows-7-8-10/
@+
¤¤¤ Le meilleur remède pour tous les problèmes, c'est la patience.... ¤¤¤
Tu vas restaurer ton windows à une date antérieure (avant l'apparition de ce problème) en suivant les procédures indiquées dans le Tutoriel ci-dessous
---------------
Tutoriel ===> : http://www.chantal11.com/2010/05/restauration-systeme-a-une-date-anterieure-windows-7-8-10/
@+
¤¤¤ Le meilleur remède pour tous les problèmes, c'est la patience.... ¤¤¤
Bon voilà les news.
Ça fait 3x que je fais la restauration du système mais à l'arrivée un message s'affiche en me disant qu'elle n'a pas eu lieu. Dans l'article on indique de le faire en mode sans échec mais je ne sais pas comment faire. As-tu une idée ?
Ça fait 3x que je fais la restauration du système mais à l'arrivée un message s'affiche en me disant qu'elle n'a pas eu lieu. Dans l'article on indique de le faire en mode sans échec mais je ne sais pas comment faire. As-tu une idée ?
Est ce que tu as vérifié si le problème provient du modem, connexions, câbles,carte réseau,...
C'est un peu bizarre que tous les navigateurs ne marchent pas d'un seul coup ?
---------------------
Il faut taper en ligne de commande DOS Au dessus du bouton Démarrer - Tous les Programmes - Dossier Accessoires - Choix Invite de commande :
Dans l'invite de commande taper ces commandes et valider
ipconfig /all
Ensuite faire ces tests réseau en ligne de commande DOS aussi :
Ping www.google.fr
C'est un peu bizarre que tous les navigateurs ne marchent pas d'un seul coup ?
---------------------
Il faut taper en ligne de commande DOS Au dessus du bouton Démarrer - Tous les Programmes - Dossier Accessoires - Choix Invite de commande :
Dans l'invite de commande taper ces commandes et valider
ipconfig /all
Ensuite faire ces tests réseau en ligne de commande DOS aussi :
Ping www.google.fr
Voilà ce qui s'affiche quand je tape ipconfig /all dans l'invite de commande. Ça t'indique quelque chose ?
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Et la fin. Ce que je trouve bizarre c'est que c'est marqué que la connexion est sur "insep.fr" alors que je suis chez moi sur ma bbox
===> Le problème ne vient pas de la connexion!
----------------
1/
Démarre en Mode sans échec avec prise en charge réseau :
Pour cela, tu tapotes la touche F8 dès le début de l'allumage du pc sans t'arrêter
Une fenêtre va s'ouvrir tu te déplaces avec les flèches du clavier sur >> démarrer en Mode sans échec avec prise en charge réseau
puis tape entrée.
Une fois sur le bureau s'il n'y a pas toutes les couleurs et autres c'est normal !
(Si F8 ne marche pas utilise la touche F5)
----------------------------
Aide : https://www.commentcamarche.net/informatique/windows/113-demarrer-windows-10-en-mode-sans-echec/
===============
Dans ce mode est ce que tu peux te connecter ?
2/
Est ce que tu as changé des paramètres
3/
Tu vas réinitialiser les serveurs de noms/DNS comme expliqué
dans : tutoriel
4/
A demain et bonne nuit ! :-)
¤¤¤ Le meilleur remède pour tous les problèmes, c'est la patience.... ¤¤¤
----------------
1/
Démarre en Mode sans échec avec prise en charge réseau :
Pour cela, tu tapotes la touche F8 dès le début de l'allumage du pc sans t'arrêter
Une fenêtre va s'ouvrir tu te déplaces avec les flèches du clavier sur >> démarrer en Mode sans échec avec prise en charge réseau
puis tape entrée.
Une fois sur le bureau s'il n'y a pas toutes les couleurs et autres c'est normal !
(Si F8 ne marche pas utilise la touche F5)
----------------------------
Aide : https://www.commentcamarche.net/informatique/windows/113-demarrer-windows-10-en-mode-sans-echec/
===============
Dans ce mode est ce que tu peux te connecter ?
2/
Ce que je trouve bizarre c'est que c'est marqué que la connexion est sur "insep.fr" alors que je suis chez moi sur ma bbox
Est ce que tu as changé des paramètres
3/
Tu vas réinitialiser les serveurs de noms/DNS comme expliqué
dans : tutoriel
4/
A demain et bonne nuit ! :-)
¤¤¤ Le meilleur remède pour tous les problèmes, c'est la patience.... ¤¤¤
Oui ça marche !!! Je t'écris actuellement de IE de mon PC ;)
Non je ne pense pas avoir changer de paramètre. Après j'ai touché à beaucoup de choses, notamment les pare-feu..
Merci !!
Bonne nuit à toi
Non je ne pense pas avoir changer de paramètre. Après j'ai touché à beaucoup de choses, notamment les pare-feu..
Merci !!
Bonne nuit à toi
Pour avancer, tu peux faire la procédure de FRST, puis poste les deux rapports stp
---------------
===> https://forums.commentcamarche.net/forum/affich-31720925-bug-internet#8
---------------
===> https://forums.commentcamarche.net/forum/affich-31720925-bug-internet#8
Voilà le lien du rapport FRST : https://pjjoint.malekal.com/files.php?id=FRST_20150321_t14t8s15l12q11
Et celui du rapport Addition : https://pjjoint.malekal.com/files.php?id=20150321_e14m5o7n13v8
Et celui du rapport Addition : https://pjjoint.malekal.com/files.php?id=20150321_e14m5o7n13v8
Bonjour,
effectivement ton PC est bien infecté! :-)
--------------
Il est conseillé de sauvegarder les documents intéressants avant
d'utiliser cet outil! :-)
Aide combofix : https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
----------------------
[*]Fermez toutes les fenêtres de programme ouvertes, y compris celle-ci.
[*]Fermez ou désactivez tous les programmes Antivirus, Antispyware, ainsi que tout pare-feu en cours d'exécution car ils pourraient perturber le fonctionnement de ComboFix.
[*] Fais un clic droit et "Enregistrer la cible (du lien sous) -> tonprenom.exe -> destination ton bureau (ET PAS AILLEURS) sur le lien suivant : https://www.bleepingcomputer.com/download/combofix/dl/12/
Puis, clic droit "exécuter en tant qu'administrateur" sur combofix renommé
[*] Ne touche à rien durant le scan
ComboFix devrait redémarrer ton PC.
[*] Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
[*] Si, après le redémarrage de votre pc par combofix, vous avez des erreurs "Clé marquée pour suppression" ou des soucis de connexion internet, redémarrez à nouveau votre ordinateur
@+
effectivement ton PC est bien infecté! :-)
--------------
Il est conseillé de sauvegarder les documents intéressants avant
d'utiliser cet outil! :-)
Aide combofix : https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
----------------------
[*]Fermez toutes les fenêtres de programme ouvertes, y compris celle-ci.
[*]Fermez ou désactivez tous les programmes Antivirus, Antispyware, ainsi que tout pare-feu en cours d'exécution car ils pourraient perturber le fonctionnement de ComboFix.
[*] Fais un clic droit et "Enregistrer la cible (du lien sous) -> tonprenom.exe -> destination ton bureau (ET PAS AILLEURS) sur le lien suivant : https://www.bleepingcomputer.com/download/combofix/dl/12/
Puis, clic droit "exécuter en tant qu'administrateur" sur combofix renommé
[*] Ne touche à rien durant le scan
ComboFix devrait redémarrer ton PC.
[*] Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
[*] Si, après le redémarrage de votre pc par combofix, vous avez des erreurs "Clé marquée pour suppression" ou des soucis de connexion internet, redémarrez à nouveau votre ordinateur
@+
Tu as windows7 64 bit, c'est compatible.
Si, c'est le lien fournis par le site officiel! :-)
------------
===> Lien de téléchargement de ComboFix
------------
===> Aide : https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
@+
Ce n'est pas le bon lien ?
Si, c'est le lien fournis par le site officiel! :-)
------------
===> Lien de téléchargement de ComboFix
------------
===> Aide : https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
@+
ComboFix 15-03-14.03 - Lucas 22/03/2015 13:26:38.1.4 - x64 NETWORK
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.8085.6929 [GMT 1:00]
Lancé depuis: c:\users\Lucas\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\a9fb2d45-e2ce-4e46-acbf-64825b029422\5e188425-b66c-4f00-920c-ccd907b73487.dll
c:\program files (x86)\a9fb2d45-e2ce-4e46-acbf-64825b029422\939a2f08-d84d-4a3a-be15-6aace4eaece4.dll
c:\program files (x86)\a9fb2d45-e2ce-4e46-acbf-64825b029422\a9fb2d45-e2ce-4e46-acbf-64825b029422.dll
c:\program files (x86)\a9fb2d45-e2ce-4e46-acbf-64825b029422\b725160c-553a-4ed0-82ae-96ebeb5e5a88.dll
c:\program files (x86)\SearchProtect
c:\program files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
c:\program files (x86)\SearchProtect\Main\bin\SPTool.dll
c:\program files (x86)\SearchProtect\Main\bin\uninstall.exe
c:\program files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
c:\program files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe
c:\program files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll
c:\program files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
c:\program files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll
c:\program files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
c:\program files (x86)\SearchProtect\UI\bin\cltmngui.exe
c:\program files (x86)\SearchProtect\UI\dialogs\bubble\bubble.js
c:\program files (x86)\SearchProtect\UI\dialogs\bubble\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\main.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\SPDialogAPI.js
c:\program files (x86)\SearchProtect\UI\dialogs\protection\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.js
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.js
c:\program files (x86)\SearchProtect\UI\dialogs\settings\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\settings\settings.js
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js
c:\programdata\ntuser.pol
c:\programdata\Setup.exe
c:\users\Lucas\AppData\Local\dsisetup3875718472.exe
c:\users\Lucas\AppData\Local\dsisetup7338012622.exe
c:\users\Lucas\AppData\Local\nswDB53.tmp
c:\users\Lucas\AppData\Local\SmartWeb
c:\users\Lucas\AppData\Local\SmartWeb\__u.exe
c:\users\Lucas\AppData\Roaming\FMY.exe
c:\users\Lucas\AppData\Roaming\PKJOKZO.exe
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_CltMngSvc
-------\Service_globalUpdate
-------\Service_npf
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2015-02-22 au 2015-03-22 ))))))))))))))))))))))))))))))))))))
.
.
2015-03-21 22:32 . 2015-03-21 22:34 -------- d-----w- C:\FRST
2015-03-20 21:31 . 2015-03-14 13:59 50800 ----a-w- c:\windows\system32\drivers\webTinstMKTN.sys
2015-03-20 19:15 . 2015-01-29 09:07 11910896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{41A962D3-F865-46AF-A00D-7ACEC0EBD932}\mpengine.dll
2015-03-18 22:46 . 2015-03-19 13:04 -------- d-----w- c:\users\Lucas\AppData\Roaming\ZHP
2015-03-14 14:08 . 2015-03-20 19:04 -------- d-----w- c:\program files (x86)\AnyProtectEx
2015-03-14 14:08 . 2015-03-20 19:04 -------- d-----w- c:\program files\shopperz
2015-03-14 14:08 . 2015-01-06 11:38 60376 ----a-w- c:\windows\system32\drivers\cherimoya.sys
2015-03-14 14:00 . 2015-03-20 21:32 2225 ----a-w- c:\windows\patsearch.bin
2015-03-14 14:00 . 2015-03-20 19:04 -------- d-----w- c:\program files (x86)\ver5BlockAndSurf
2015-03-14 13:59 . 2015-03-12 08:59 319392 ----a-w- c:\windows\SysWow64\BDL.dll
2015-03-14 13:59 . 2015-03-20 19:04 -------- d-----w- c:\program files (x86)\IGS
2015-03-14 13:58 . 2015-03-20 19:04 -------- d-----w- c:\users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68
2015-03-14 13:58 . 2015-03-20 19:04 -------- d-----w- c:\program files (x86)\QuickRef_1.10.0.9
2015-03-14 13:57 . 2015-03-22 11:10 -------- d-----w- c:\users\Lucas\AppData\Local\gmsd_fr_315
2015-03-14 13:57 . 2015-03-20 19:04 -------- d-----w- c:\program files (x86)\gmsd_fr_315
2015-03-14 13:35 . 2015-03-14 13:39 -------- d-----w- c:\users\Lucas\AppData\Local\pangu
2015-03-14 13:19 . 2015-03-14 13:20 5 ----a-w- c:\windows\SysWow64\lMMLDeleteUserData42107612FX.tmp
2015-03-14 13:10 . 2015-03-14 13:10 -------- d-sh--w- c:\users\Lucas\AppData\Local\EmieBrowserModeList
2015-03-14 12:29 . 2015-03-22 11:10 -------- d-----w- c:\users\Lucas\AppData\Local\20A86E35-1426339770-E111-BEF1-9131AF183E68
2015-03-14 12:29 . 2015-03-14 12:29 -------- d-----w- c:\users\Lucas\AppData\Local\20A86E35-1426339754-E111-BEF1-9131AF183E68
2015-03-14 12:27 . 2015-03-20 19:04 -------- d-----w- c:\programdata\WindowsMangerProtect
2015-03-14 12:26 . 2015-03-20 19:04 -------- d-----w- c:\users\Lucas\AppData\Local\20A86E35-1426339612-E111-BEF1-9131AF183E68
2015-03-14 12:26 . 2015-03-20 19:04 -------- d-----w- c:\users\Lucas\AppData\Roaming\omniboxes
2015-03-14 12:26 . 2015-03-20 19:04 -------- d-----w- c:\users\Lucas\AppData\Local\Pro_PC_Cleaner
2015-03-14 12:25 . 2015-03-14 12:25 -------- d-----w- c:\users\Lucas\AppData\Roaming\20A86E35-1426335947-E111-BEF1-9131AF183E68
2015-03-14 12:25 . 2015-03-20 19:04 -------- d-----w- c:\users\Lucas\AppData\Roaming\VOPackage
2015-03-14 12:25 . 2015-03-14 16:49 -------- d-----w- c:\users\Lucas\AppData\Roaming\20A86E35-1426335937-E111-BEF1-9131AF183E68
2015-03-14 12:23 . 2015-03-22 12:36 -------- d-----w- c:\program files (x86)\a9fb2d45-e2ce-4e46-acbf-64825b029422
2015-03-14 12:23 . 2015-03-20 19:01 -------- d-----w- c:\program files (x86)\globalUpdate
2015-03-14 12:23 . 2015-03-20 19:04 -------- d-----w- c:\program files (x86)\HQCinema Pro 2.1V14.03
2015-03-14 12:02 . 2012-10-03 15:14 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2015-03-14 12:02 . 2015-03-14 12:02 -------- dc----w- c:\windows\system32\DRVSTORE
2015-03-14 12:01 . 2015-03-14 12:02 -------- d-----w- c:\programdata\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-03-14 12:01 . 2015-03-14 12:02 -------- d-----w- c:\program files\iTunes
2015-03-14 12:01 . 2015-03-14 12:01 -------- d-----w- c:\program files (x86)\iTunes
2015-03-14 12:01 . 2015-03-14 12:01 -------- d-----w- c:\programdata\Apple Computer
2015-03-14 12:01 . 2015-03-14 12:01 -------- d-----w- c:\program files\iPod
2015-03-14 11:59 . 2015-03-14 11:59 -------- d-----w- c:\users\Lucas\AppData\Local\Apple
2015-03-14 11:59 . 2015-03-20 19:04 -------- d-----w- c:\program files (x86)\Apple Software Update
2015-03-14 11:59 . 2015-03-14 11:59 -------- d-----w- c:\program files\Bonjour
2015-03-14 11:59 . 2015-03-14 11:59 -------- d-----w- c:\program files (x86)\Bonjour
2015-03-14 11:58 . 2015-03-14 12:01 -------- d-----w- c:\program files\Common Files\Apple
2015-03-14 11:58 . 2015-03-14 11:59 -------- d-----w- c:\programdata\Apple
2015-03-14 11:58 . 2015-03-14 11:59 -------- d-----w- c:\program files (x86)\Common Files\Apple
2015-03-11 23:22 . 2015-02-20 03:29 372224 ----a-w- c:\windows\system32\atmfd.dll
2015-03-11 23:22 . 2015-02-20 04:41 41984 ----a-w- c:\windows\system32\lpk.dll
2015-03-11 23:22 . 2015-02-20 04:40 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-03-11 23:22 . 2015-02-20 03:09 299008 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-03-11 23:22 . 2015-02-20 04:40 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-03-11 23:22 . 2015-02-20 04:40 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-03-11 23:22 . 2015-02-20 04:13 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-03-11 23:22 . 2015-02-20 04:13 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-03-11 23:22 . 2015-02-20 04:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-03-11 23:22 . 2015-02-20 04:12 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-03-11 23:20 . 2015-02-13 05:22 14177280 ----a-w- c:\windows\system32\shell32.dll
2015-03-11 23:17 . 2015-02-21 01:19 950784 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2015-03-11 23:17 . 2015-02-20 02:49 584192 ----a-w- c:\windows\system32\vbscript.dll
2015-03-11 23:17 . 2015-02-20 02:47 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2015-03-11 23:17 . 2015-02-20 01:28 2358784 ----a-w- c:\windows\system32\wininet.dll
2015-03-11 23:17 . 2015-02-20 01:09 382976 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2015-03-11 23:17 . 2015-02-24 03:15 293032 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2015-03-11 23:17 . 2015-02-21 01:16 25021440 ----a-w- c:\windows\system32\mshtml.dll
2015-03-11 23:17 . 2015-02-20 02:08 199680 ----a-w- c:\windows\system32\msrating.dll
2015-03-11 23:17 . 2015-02-20 02:08 1016832 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2015-03-11 23:16 . 2015-02-04 03:16 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2015-03-11 23:16 . 2015-02-04 02:54 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2015-03-04 07:43 . 2015-03-04 07:43 -------- d-----w- c:\program files (x86)\Common Files\Adobe Systems Shared
2015-03-04 07:30 . 2015-03-04 07:30 -------- d-----w- C:\PS_CS2_FR_NonRet
2015-03-04 07:03 . 2015-01-09 03:14 91136 ----a-w- c:\windows\system32\wdi.dll
2015-03-04 07:03 . 2015-01-09 03:14 950272 ----a-w- c:\windows\system32\perftrack.dll
2015-03-04 07:03 . 2015-01-09 03:14 29696 ----a-w- c:\windows\system32\powertracker.dll
2015-03-04 07:03 . 2015-01-09 02:48 76800 ----a-w- c:\windows\SysWow64\wdi.dll
2015-03-02 00:30 . 2015-03-02 00:30 -------- d-----w- c:\users\Lucas\AppData\Roaming\TuneUp Software
2015-03-02 00:30 . 2015-03-02 00:30 -------- d-----w- c:\users\Lucas\AppData\Local\TuneUp Software
2015-03-02 00:30 . 2015-03-02 00:31 -------- d-----w- c:\programdata\TuneUp Software
2015-03-02 00:30 . 2015-03-02 00:30 -------- d-sh--w- c:\programdata\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2015-03-02 00:30 . 2015-03-02 00:30 -------- d--h--w- c:\programdata\Common Files
2015-03-02 00:29 . 2015-03-02 00:29 -------- d-----w- c:\program files\WinPcap
2015-03-02 00:29 . 2015-03-22 10:30 -------- d-----w- c:\program files\WajaWebEnhancer
2015-03-02 00:29 . 2015-03-02 00:29 -------- d-----w- c:\programdata\Freemake
2015-03-02 00:28 . 2015-03-20 19:04 -------- d-----w- c:\users\Lucas\AppData\Roaming\RHEng
2015-03-02 00:28 . 2015-03-02 00:29 -------- d-----w- c:\program files (x86)\Freemake
2015-02-26 11:35 . 2015-02-26 11:35 -------- d-----w- c:\users\Lucas\AppData\Local\Steam
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-03-20 19:12 . 2012-09-17 06:26 1041168 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2015-03-20 19:12 . 2012-09-17 06:26 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2015-03-13 16:05 . 2012-08-20 04:28 122905848 ----a-w- c:\windows\system32\MRT.exe
2015-02-24 02:17 . 2010-11-21 03:27 295552 ------w- c:\windows\system32\MpSigStub.exe
2015-02-17 14:26 . 2015-02-17 14:26 1217184 ----a-w- c:\windows\SysWow64\FM20.DLL
2015-02-06 19:58 . 2015-02-06 19:58 58224 ----a-w- c:\windows\system32\drivers\qrnfd_1_10_0_9.sys
2015-02-04 20:45 . 2012-02-26 10:11 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-04 20:45 . 2012-02-26 10:11 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-02-04 03:16 . 2015-02-12 09:53 609280 ----a-w- c:\windows\system32\generaltel.dll
2015-02-04 03:16 . 2015-02-12 09:53 762368 ----a-w- c:\windows\system32\invagent.dll
2015-02-04 03:16 . 2015-02-12 09:53 414720 ----a-w- c:\windows\system32\devinv.dll
2015-02-04 03:16 . 2015-02-12 09:53 894976 ----a-w- c:\windows\system32\appraiser.dll
2015-02-04 03:16 . 2015-02-12 09:53 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-02-04 03:16 . 2015-02-12 09:53 192000 ----a-w- c:\windows\system32\aepic.dll
2015-02-04 03:13 . 2015-02-12 09:53 1098752 ----a-w- c:\windows\system32\aeinv.dll
2015-01-27 23:36 . 2015-02-12 09:53 1239720 ----a-w- c:\windows\system32\aitstatic.exe
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{45FE7DE3-60B5-7692-4294-A09C8F75D7B2}]
2015-03-14 13:59 495104 ----a-w- c:\program files (x86)\ver5BlockAndSurf\190.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}]
2014-05-06 16:56 279960 ----a-w- c:\program files (x86)\Mysearchdial\1.8.21.0\bh\mysearchdial.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{3004627E-F8E9-4E8B-909D-316753CBA923}"= "c:\program files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll" [2014-05-06 288664]
.
[HKEY_CLASSES_ROOT\clsid\{3004627e-f8e9-4e8b-909d-316753cba923}]
[HKEY_CLASSES_ROOT\mysearchdial.mysearchdialdskBnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[HKEY_CLASSES_ROOT\mysearchdial.mysearchdialdskBnd]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Xvid"="c:\program files (x86)\Xvid\CheckUpdate.exe" [2011-01-17 8192]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
"Spotify Web Helper"="c:\users\Lucas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-06-20 1104384]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2015-02-18 2874048]
"EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\x64\3\E_IATILFE.EXE" [2013-01-23 297024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2011-12-05 291096]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2011-09-15 61112]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2011-03-30 87336]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2011-09-28 75048]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-08-19 379960]
"HP CoolSense"="c:\program files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" [2012-11-05 1343904]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-03-05 578944]
"Magic Desktop for HP notification"="c:\programdata\Easybits Magic Desktop for HP\mdhpSUN.exe" [2013-12-11 1243656]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-03-20 4085896]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"WinCheck"="c:\users\Lucas\AppData\Local\20A86E35-1426339612-E111-BEF1-9131AF183E68\bnsm738F.exe" [2015-03-14 305152]
"gmsd_fr_315"="c:\program files (x86)\gmsd_fr_315\gmsd_fr_315.exe" [2015-03-13 3977896]
.
c:\users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
Dropbox.lnk - c:\users\Lucas\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-3-4 42560368]
OneNote 2010 - Capture d'écran et lancement.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-6-25 228552]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2012-12-6 1393528]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
.
R2 bohihozy;Field Flip;c:\users\Lucas\AppData\Roaming\20A86E35-1426335937-E111-BEF1-9131AF183E68\jnsr94B2.tmp;c:\users\Lucas\AppData\Roaming\20A86E35-1426335937-E111-BEF1-9131AF183E68\jnsr94B2.tmp [x]
R2 CLKMSVC10_38F51D56;CyberLink Product - 2012/04/09 19:02;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 dydodijo;Keypad Wireless;c:\users\Lucas\AppData\Local\20A86E35-1426339754-E111-BEF1-9131AF183E68\cnsnA125.tmp;c:\users\Lucas\AppData\Local\20A86E35-1426339754-E111-BEF1-9131AF183E68\cnsnA125.tmp [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 lxeaCATSCustConnectService;lxeaCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe;c:\windows\SYSNATIVE\spool\DRIVERS\x64\3\\lxeaserv.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\DRIVERS\btwdpan.sys;c:\windows\SYSNATIVE\DRIVERS\btwdpan.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 globalUpdatem;globalUpdate Update Service (globalUpdatem);c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe;c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;c:\windows\system32\DRIVERS\RtsP2Stor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsP2Stor.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TrueService;TrueAPI Service component;c:\program files\Common Files\AuthenTec\TrueService.exe;c:\program files\Common Files\AuthenTec\TrueService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iusb3hcs;Pilote de commutateur de contrôleur d'hôte Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 cherimoya;cherimoya;c:\windows\system32\drivers\cherimoya.sys;c:\windows\SYSNATIVE\drivers\cherimoya.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 qrnfd_1_10_0_9;qrnfd_1_10_0_9;c:\windows\system32\drivers\qrnfd_1_10_0_9.sys;c:\windows\SYSNATIVE\drivers\qrnfd_1_10_0_9.sys [x]
S2 70F4EEDB-1367-4b4f-8247-3133551A7415;70F4EEDB-1367-4b4f-8247-3133551A7415;c:\program files\shopperz\grunt.exe;c:\program files\shopperz\grunt.exe [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 BasementDuster;BasementDuster;c:\program files (x86)\IGS\BasementDuster.exe;c:\program files (x86)\IGS\BasementDuster.exe [x]
S2 csrcc;csrcc;c:\program files\shopperz\csrcc.exe;c:\program files\shopperz\csrcc.exe [x]
S2 EPSON_PM_RPCV4_06;EPSON V3 Service4(06);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [x]
S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe;c:\windows\SYSNATIVE\EscSvc64.exe [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass\TrueSuiteService.exe;c:\program files (x86)\HP SimplePass\TrueSuiteService.exe [x]
S2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe [x]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 lxea_device;lxea_device;c:\windows\system32\lxeacoms.exe;c:\windows\SYSNATIVE\lxeacoms.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 mupogifi;Broadcast Function Key;c:\users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68\insx6338.tmp;c:\users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68\insx6338.tmp [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 qrsvc_1.10.0.9;Quick Ref 1.10.0.9 Client Service;c:\program files (x86)\QuickRef_1.10.0.9\Service\qrsvc.exe;c:\program files (x86)\QuickRef_1.10.0.9\Service\qrsvc.exe [x]
S2 shopperz Updater;shopperz Updater;c:\program files\shopperz\nseven.exe;c:\program files\shopperz\nseven.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 Websteroids;Websteroids;c:\programdata\Websteroids\up\2.6.80\WebsteroidsService.exe;c:\programdata\Websteroids\up\2.6.80\WebsteroidsService.exe [x]
S2 webTinstMKTN;webTinstMKTN;c:\windows\system32\Drivers\webTinstMKTN.sys;c:\windows\SYSNATIVE\Drivers\webTinstMKTN.sys [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 IntcDAud;Son Intel(R) pour écrans;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Pilote de concentrateur Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]
S3 iusb3xhc;Pilote du contrôleur d'hôte extensible Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SmbDrv;SmbDrv;c:\windows\system32\drivers\Smb_driver.sys;c:\windows\SYSNATIVE\drivers\Smb_driver.sys [x]
.
.
--- Autres Services/Pilotes en mémoire ---
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-03-11 23:04 1061704 ----a-w- c:\program files (x86)\Google\Chrome\Application\41.0.2272.89\Installer\chrmstp.exe
.
Contenu du dossier 'Tâches planifiées'
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-6.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-6.exe [2015-03-14 12:24]
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-7.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-7.exe [2015-03-14 12:24]
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-10_user.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-10.exe [2015-03-14 12:23]
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-3.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-3.exe [2015-03-14 12:23]
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-4.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-4.exe [2015-03-14 12:24]
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-5.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-5.exe [2015-03-14 12:24]
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-5_user.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-5.exe [2015-03-14 12:24]
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-6.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-6.exe [2015-03-14 12:23]
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-7.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-7.exe [2015-03-14 12:23]
.
2015-03-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-02-26 20:45]
.
2015-03-14 c:\windows\Tasks\APSnotifierPP1.job
- c:\program files (x86)\AnyProtectEx\AnyProtect.exe [2015-03-14 14:14]
.
2015-03-14 c:\windows\Tasks\APSnotifierPP2.job
- c:\program files (x86)\AnyProtectEx\AnyProtect.exe [2015-03-14 14:14]
.
2015-03-14 c:\windows\Tasks\APSnotifierPP3.job
- c:\program files (x86)\AnyProtectEx\AnyProtect.exe [2015-03-14 14:14]
.
2015-03-22 c:\windows\Tasks\BlockAndSurf Update.job
- c:\program files (x86)\ver5BlockAndSurf\J4BlockAndSurfJ52.exe [2015-03-14 13:59]
.
2015-03-22 c:\windows\Tasks\EPSON XP-312 313 315 Series Invitation {EEC0BF53-0EAD-4FBC-B87D-CF4EF1BB2ED7}.job
- c:\windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [2014-08-24 16:20]
.
2015-03-22 c:\windows\Tasks\EPSON XP-312 313 315 Series Update {EEC0BF53-0EAD-4FBC-B87D-CF4EF1BB2ED7}.job
- c:\windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [2014-08-24 16:20]
.
2015-03-22 c:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job
- c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-03-14 12:23]
.
2015-03-15 c:\windows\Tasks\globalUpdateUpdateTaskMachineUA.job
- c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-03-14 12:23]
.
2015-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-12-22 22:30]
.
2015-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-12-22 22:30]
.
2015-03-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2400914848-400651550-2087204018-1002Core.job
- c:\users\Lucas\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-11 17:51]
.
2015-03-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2400914848-400651550-2087204018-1002UA.job
- c:\users\Lucas\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-11 17:51]
.
2015-03-11 c:\windows\Tasks\HPCeeScheduleForLUCAS-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 03:43]
.
2015-03-22 c:\windows\Tasks\HPCeeScheduleForLucas.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 03:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{45FE7DE3-60B5-7692-4294-A09C8F75D7B2}]
2015-03-14 13:59 237056 ----a-w- c:\program files (x86)\ver5BlockAndSurf\190_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-07 10:13 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-30 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-30 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-30 440600]
"SetDefault"="c:\program files\Hewlett-Packard\HP LaunchBox\SetDefault.exe" [2011-12-19 44880]
"lxeamon.exe"="c:\program files (x86)\Lexmark S300-S400 Series\lxeamon.exe" [2011-01-24 770728]
"EzPrint"="c:\program files (x86)\Lexmark S300-S400 Series\ezprint.exe" [2011-01-24 148280]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2013-09-16 1425408]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-02-13 169768]
"shopperz"="c:\program files\shopperz\wrex.exe" [2015-03-11 430456]
"shopperz64"="c:\program files\shopperz\wrex64.exe" [2015-03-11 461176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.omniboxes.com/?type=hp&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1426335965&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S&q={searchTerms}
mDefault_Search_URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S&q={searchTerms}
mDefault_Page_URL = hxxp://www.omniboxes.com/?type=hp&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S
mStart Page = hxxp://www.omniboxes.com/?type=hp&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.omniboxes.com/web/?type=ds&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S&q={searchTerms}
uInternet Settings,ProxyOverride = *.local
IE: &Envoyer à OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\
FF - prefs.js: browser.search.selectedEngine - omniboxes
FF - prefs.js: browser.startup.homepage - hxxp://www.omniboxes.com/?type=hp&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S
FF - prefs.js: keyword.URL -
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: network.http.spdy.enabled - false
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-BService - c:\program files (x86)\Bench\BService\bservice.exe
Wow6432Node-HKLM-Run-Wd - c:\program files (x86)\Bench\Wd\wd.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM_Wow6432Node-ActiveSetup-{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-38900_Discount Dragon - c:\users\Lucas\AppData\Local\Discount Dragon\uninstall.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-FileParade bundle uninstaller - c:\program files (x86)\sweetpacks bundle uninstaller\uninstaller.exe
AddRemove-MediaPlayerV1alpha208 - c:\program files (x86)\MediaPlayerV1\MediaPlayerV1alpha208\uninstall.exe
AddRemove-MediaViewerV1alpha167 - c:\program files (x86)\MediaViewerV1\MediaViewerV1alpha167\uninstall.exe
AddRemove-MediaViewV1alpha734 - c:\program files (x86)\MediaViewV1\MediaViewV1alpha734\uninstall.exe
AddRemove-SearchProtect - c:\progra~2\SearchProtect\Main\bin\uninstall.exe
AddRemove-SeeWeblists - c:\users\Lucas\AppData\Local\Temp\Zzoomit_uninstall.exe
AddRemove-Video Player - c:\program files (x86)\VideoPlayerV3\VideoPlayerV3beta939\uninstall.exe
AddRemove-VideoPad - c:\program files (x86)\NCH Software\VideoPad\videopad.exe
AddRemove-Webexp Enhanced - c:\program files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha917\uninstall.exe
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bohihozy]
"ImagePath"="c:\users\Lucas\AppData\Roaming\20A86E35-1426335937-E111-BEF1-9131AF183E68\jnsr94B2.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\dydodijo]
"ImagePath"="c:\users\Lucas\AppData\Local\20A86E35-1426339754-E111-BEF1-9131AF183E68\cnsnA125.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mupogifi]
"ImagePath"="c:\users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68\insx6338.tmp"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="BrowserHTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="BrowserHTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="BrowserHTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="BrowserHTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="BrowserHTM"
.
[HKEY_USERS\S-1-5-21-2400914848-400651550-2087204018-1002_Classes\Wow6432Node\CLSID\{1e672aed-bf1a-4969-9501-5847fd0bbb7c}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000121
"Therad"=dword:00000019
.
[HKEY_USERS\S-1-5-21-2400914848-400651550-2087204018-1002_Classes\Wow6432Node\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):b0,36,d2,d5,55,b7,ee,df,0c,c8,96,3e,c0,58,58,d7,c0,f8,31,c8,b7,
8c,da,82,9c,09,c0,c6,a9,1f,76,b4,92,95,27,63,e5,5b,e1,14,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
c:\programdata\Websteroids\up\2.6.80\Websteroids.exe
c:\program files (x86)\ver5BlockAndSurf\BlockAndSurf.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
.
Heure de fin: 2015-03-22 13:46:36 - La machine a redémarré
ComboFix-quarantined-files.txt 2015-03-22 12:46
.
Avant-CF: 469 656 002 560 octets libres
Après-CF: 469 084 491 776 octets libres
.
- - End Of File - - D9BE222DE4DC3F7F73B8FD6A3B2B7885
Voilà le rapport
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.8085.6929 [GMT 1:00]
Lancé depuis: c:\users\Lucas\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- Un nouveau point de restauration a été créé
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\a9fb2d45-e2ce-4e46-acbf-64825b029422\5e188425-b66c-4f00-920c-ccd907b73487.dll
c:\program files (x86)\a9fb2d45-e2ce-4e46-acbf-64825b029422\939a2f08-d84d-4a3a-be15-6aace4eaece4.dll
c:\program files (x86)\a9fb2d45-e2ce-4e46-acbf-64825b029422\a9fb2d45-e2ce-4e46-acbf-64825b029422.dll
c:\program files (x86)\a9fb2d45-e2ce-4e46-acbf-64825b029422\b725160c-553a-4ed0-82ae-96ebeb5e5a88.dll
c:\program files (x86)\SearchProtect
c:\program files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
c:\program files (x86)\SearchProtect\Main\bin\SPTool.dll
c:\program files (x86)\SearchProtect\Main\bin\uninstall.exe
c:\program files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
c:\program files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe
c:\program files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll
c:\program files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
c:\program files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll
c:\program files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
c:\program files (x86)\SearchProtect\UI\bin\cltmngui.exe
c:\program files (x86)\SearchProtect\UI\dialogs\bubble\bubble.js
c:\program files (x86)\SearchProtect\UI\dialogs\bubble\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\main.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\SPDialogAPI.js
c:\program files (x86)\SearchProtect\UI\dialogs\protection\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.js
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.js
c:\program files (x86)\SearchProtect\UI\dialogs\settings\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\settings\settings.js
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js
c:\programdata\ntuser.pol
c:\programdata\Setup.exe
c:\users\Lucas\AppData\Local\dsisetup3875718472.exe
c:\users\Lucas\AppData\Local\dsisetup7338012622.exe
c:\users\Lucas\AppData\Local\nswDB53.tmp
c:\users\Lucas\AppData\Local\SmartWeb
c:\users\Lucas\AppData\Local\SmartWeb\__u.exe
c:\users\Lucas\AppData\Roaming\FMY.exe
c:\users\Lucas\AppData\Roaming\PKJOKZO.exe
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_CltMngSvc
-------\Service_globalUpdate
-------\Service_npf
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2015-02-22 au 2015-03-22 ))))))))))))))))))))))))))))))))))))
.
.
2015-03-21 22:32 . 2015-03-21 22:34 -------- d-----w- C:\FRST
2015-03-20 21:31 . 2015-03-14 13:59 50800 ----a-w- c:\windows\system32\drivers\webTinstMKTN.sys
2015-03-20 19:15 . 2015-01-29 09:07 11910896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{41A962D3-F865-46AF-A00D-7ACEC0EBD932}\mpengine.dll
2015-03-18 22:46 . 2015-03-19 13:04 -------- d-----w- c:\users\Lucas\AppData\Roaming\ZHP
2015-03-14 14:08 . 2015-03-20 19:04 -------- d-----w- c:\program files (x86)\AnyProtectEx
2015-03-14 14:08 . 2015-03-20 19:04 -------- d-----w- c:\program files\shopperz
2015-03-14 14:08 . 2015-01-06 11:38 60376 ----a-w- c:\windows\system32\drivers\cherimoya.sys
2015-03-14 14:00 . 2015-03-20 21:32 2225 ----a-w- c:\windows\patsearch.bin
2015-03-14 14:00 . 2015-03-20 19:04 -------- d-----w- c:\program files (x86)\ver5BlockAndSurf
2015-03-14 13:59 . 2015-03-12 08:59 319392 ----a-w- c:\windows\SysWow64\BDL.dll
2015-03-14 13:59 . 2015-03-20 19:04 -------- d-----w- c:\program files (x86)\IGS
2015-03-14 13:58 . 2015-03-20 19:04 -------- d-----w- c:\users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68
2015-03-14 13:58 . 2015-03-20 19:04 -------- d-----w- c:\program files (x86)\QuickRef_1.10.0.9
2015-03-14 13:57 . 2015-03-22 11:10 -------- d-----w- c:\users\Lucas\AppData\Local\gmsd_fr_315
2015-03-14 13:57 . 2015-03-20 19:04 -------- d-----w- c:\program files (x86)\gmsd_fr_315
2015-03-14 13:35 . 2015-03-14 13:39 -------- d-----w- c:\users\Lucas\AppData\Local\pangu
2015-03-14 13:19 . 2015-03-14 13:20 5 ----a-w- c:\windows\SysWow64\lMMLDeleteUserData42107612FX.tmp
2015-03-14 13:10 . 2015-03-14 13:10 -------- d-sh--w- c:\users\Lucas\AppData\Local\EmieBrowserModeList
2015-03-14 12:29 . 2015-03-22 11:10 -------- d-----w- c:\users\Lucas\AppData\Local\20A86E35-1426339770-E111-BEF1-9131AF183E68
2015-03-14 12:29 . 2015-03-14 12:29 -------- d-----w- c:\users\Lucas\AppData\Local\20A86E35-1426339754-E111-BEF1-9131AF183E68
2015-03-14 12:27 . 2015-03-20 19:04 -------- d-----w- c:\programdata\WindowsMangerProtect
2015-03-14 12:26 . 2015-03-20 19:04 -------- d-----w- c:\users\Lucas\AppData\Local\20A86E35-1426339612-E111-BEF1-9131AF183E68
2015-03-14 12:26 . 2015-03-20 19:04 -------- d-----w- c:\users\Lucas\AppData\Roaming\omniboxes
2015-03-14 12:26 . 2015-03-20 19:04 -------- d-----w- c:\users\Lucas\AppData\Local\Pro_PC_Cleaner
2015-03-14 12:25 . 2015-03-14 12:25 -------- d-----w- c:\users\Lucas\AppData\Roaming\20A86E35-1426335947-E111-BEF1-9131AF183E68
2015-03-14 12:25 . 2015-03-20 19:04 -------- d-----w- c:\users\Lucas\AppData\Roaming\VOPackage
2015-03-14 12:25 . 2015-03-14 16:49 -------- d-----w- c:\users\Lucas\AppData\Roaming\20A86E35-1426335937-E111-BEF1-9131AF183E68
2015-03-14 12:23 . 2015-03-22 12:36 -------- d-----w- c:\program files (x86)\a9fb2d45-e2ce-4e46-acbf-64825b029422
2015-03-14 12:23 . 2015-03-20 19:01 -------- d-----w- c:\program files (x86)\globalUpdate
2015-03-14 12:23 . 2015-03-20 19:04 -------- d-----w- c:\program files (x86)\HQCinema Pro 2.1V14.03
2015-03-14 12:02 . 2012-10-03 15:14 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2015-03-14 12:02 . 2015-03-14 12:02 -------- dc----w- c:\windows\system32\DRVSTORE
2015-03-14 12:01 . 2015-03-14 12:02 -------- d-----w- c:\programdata\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-03-14 12:01 . 2015-03-14 12:02 -------- d-----w- c:\program files\iTunes
2015-03-14 12:01 . 2015-03-14 12:01 -------- d-----w- c:\program files (x86)\iTunes
2015-03-14 12:01 . 2015-03-14 12:01 -------- d-----w- c:\programdata\Apple Computer
2015-03-14 12:01 . 2015-03-14 12:01 -------- d-----w- c:\program files\iPod
2015-03-14 11:59 . 2015-03-14 11:59 -------- d-----w- c:\users\Lucas\AppData\Local\Apple
2015-03-14 11:59 . 2015-03-20 19:04 -------- d-----w- c:\program files (x86)\Apple Software Update
2015-03-14 11:59 . 2015-03-14 11:59 -------- d-----w- c:\program files\Bonjour
2015-03-14 11:59 . 2015-03-14 11:59 -------- d-----w- c:\program files (x86)\Bonjour
2015-03-14 11:58 . 2015-03-14 12:01 -------- d-----w- c:\program files\Common Files\Apple
2015-03-14 11:58 . 2015-03-14 11:59 -------- d-----w- c:\programdata\Apple
2015-03-14 11:58 . 2015-03-14 11:59 -------- d-----w- c:\program files (x86)\Common Files\Apple
2015-03-11 23:22 . 2015-02-20 03:29 372224 ----a-w- c:\windows\system32\atmfd.dll
2015-03-11 23:22 . 2015-02-20 04:41 41984 ----a-w- c:\windows\system32\lpk.dll
2015-03-11 23:22 . 2015-02-20 04:40 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-03-11 23:22 . 2015-02-20 03:09 299008 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-03-11 23:22 . 2015-02-20 04:40 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-03-11 23:22 . 2015-02-20 04:40 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-03-11 23:22 . 2015-02-20 04:13 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-03-11 23:22 . 2015-02-20 04:13 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-03-11 23:22 . 2015-02-20 04:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-03-11 23:22 . 2015-02-20 04:12 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-03-11 23:20 . 2015-02-13 05:22 14177280 ----a-w- c:\windows\system32\shell32.dll
2015-03-11 23:17 . 2015-02-21 01:19 950784 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2015-03-11 23:17 . 2015-02-20 02:49 584192 ----a-w- c:\windows\system32\vbscript.dll
2015-03-11 23:17 . 2015-02-20 02:47 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2015-03-11 23:17 . 2015-02-20 01:28 2358784 ----a-w- c:\windows\system32\wininet.dll
2015-03-11 23:17 . 2015-02-20 01:09 382976 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2015-03-11 23:17 . 2015-02-24 03:15 293032 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2015-03-11 23:17 . 2015-02-21 01:16 25021440 ----a-w- c:\windows\system32\mshtml.dll
2015-03-11 23:17 . 2015-02-20 02:08 199680 ----a-w- c:\windows\system32\msrating.dll
2015-03-11 23:17 . 2015-02-20 02:08 1016832 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2015-03-11 23:16 . 2015-02-04 03:16 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2015-03-11 23:16 . 2015-02-04 02:54 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2015-03-04 07:43 . 2015-03-04 07:43 -------- d-----w- c:\program files (x86)\Common Files\Adobe Systems Shared
2015-03-04 07:30 . 2015-03-04 07:30 -------- d-----w- C:\PS_CS2_FR_NonRet
2015-03-04 07:03 . 2015-01-09 03:14 91136 ----a-w- c:\windows\system32\wdi.dll
2015-03-04 07:03 . 2015-01-09 03:14 950272 ----a-w- c:\windows\system32\perftrack.dll
2015-03-04 07:03 . 2015-01-09 03:14 29696 ----a-w- c:\windows\system32\powertracker.dll
2015-03-04 07:03 . 2015-01-09 02:48 76800 ----a-w- c:\windows\SysWow64\wdi.dll
2015-03-02 00:30 . 2015-03-02 00:30 -------- d-----w- c:\users\Lucas\AppData\Roaming\TuneUp Software
2015-03-02 00:30 . 2015-03-02 00:30 -------- d-----w- c:\users\Lucas\AppData\Local\TuneUp Software
2015-03-02 00:30 . 2015-03-02 00:31 -------- d-----w- c:\programdata\TuneUp Software
2015-03-02 00:30 . 2015-03-02 00:30 -------- d-sh--w- c:\programdata\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2015-03-02 00:30 . 2015-03-02 00:30 -------- d--h--w- c:\programdata\Common Files
2015-03-02 00:29 . 2015-03-02 00:29 -------- d-----w- c:\program files\WinPcap
2015-03-02 00:29 . 2015-03-22 10:30 -------- d-----w- c:\program files\WajaWebEnhancer
2015-03-02 00:29 . 2015-03-02 00:29 -------- d-----w- c:\programdata\Freemake
2015-03-02 00:28 . 2015-03-20 19:04 -------- d-----w- c:\users\Lucas\AppData\Roaming\RHEng
2015-03-02 00:28 . 2015-03-02 00:29 -------- d-----w- c:\program files (x86)\Freemake
2015-02-26 11:35 . 2015-02-26 11:35 -------- d-----w- c:\users\Lucas\AppData\Local\Steam
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-03-20 19:12 . 2012-09-17 06:26 1041168 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2015-03-20 19:12 . 2012-09-17 06:26 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2015-03-13 16:05 . 2012-08-20 04:28 122905848 ----a-w- c:\windows\system32\MRT.exe
2015-02-24 02:17 . 2010-11-21 03:27 295552 ------w- c:\windows\system32\MpSigStub.exe
2015-02-17 14:26 . 2015-02-17 14:26 1217184 ----a-w- c:\windows\SysWow64\FM20.DLL
2015-02-06 19:58 . 2015-02-06 19:58 58224 ----a-w- c:\windows\system32\drivers\qrnfd_1_10_0_9.sys
2015-02-04 20:45 . 2012-02-26 10:11 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-04 20:45 . 2012-02-26 10:11 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-02-04 03:16 . 2015-02-12 09:53 609280 ----a-w- c:\windows\system32\generaltel.dll
2015-02-04 03:16 . 2015-02-12 09:53 762368 ----a-w- c:\windows\system32\invagent.dll
2015-02-04 03:16 . 2015-02-12 09:53 414720 ----a-w- c:\windows\system32\devinv.dll
2015-02-04 03:16 . 2015-02-12 09:53 894976 ----a-w- c:\windows\system32\appraiser.dll
2015-02-04 03:16 . 2015-02-12 09:53 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-02-04 03:16 . 2015-02-12 09:53 192000 ----a-w- c:\windows\system32\aepic.dll
2015-02-04 03:13 . 2015-02-12 09:53 1098752 ----a-w- c:\windows\system32\aeinv.dll
2015-01-27 23:36 . 2015-02-12 09:53 1239720 ----a-w- c:\windows\system32\aitstatic.exe
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
- Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{45FE7DE3-60B5-7692-4294-A09C8F75D7B2}]
2015-03-14 13:59 495104 ----a-w- c:\program files (x86)\ver5BlockAndSurf\190.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}]
2014-05-06 16:56 279960 ----a-w- c:\program files (x86)\Mysearchdial\1.8.21.0\bh\mysearchdial.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{3004627E-F8E9-4E8B-909D-316753CBA923}"= "c:\program files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll" [2014-05-06 288664]
.
[HKEY_CLASSES_ROOT\clsid\{3004627e-f8e9-4e8b-909d-316753cba923}]
[HKEY_CLASSES_ROOT\mysearchdial.mysearchdialdskBnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[HKEY_CLASSES_ROOT\mysearchdial.mysearchdialdskBnd]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Xvid"="c:\program files (x86)\Xvid\CheckUpdate.exe" [2011-01-17 8192]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
"Spotify Web Helper"="c:\users\Lucas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-06-20 1104384]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2015-02-18 2874048]
"EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\x64\3\E_IATILFE.EXE" [2013-01-23 297024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2011-12-05 291096]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2011-09-15 61112]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2011-03-30 87336]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2011-09-28 75048]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-08-19 379960]
"HP CoolSense"="c:\program files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" [2012-11-05 1343904]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-03-05 578944]
"Magic Desktop for HP notification"="c:\programdata\Easybits Magic Desktop for HP\mdhpSUN.exe" [2013-12-11 1243656]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-03-20 4085896]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"WinCheck"="c:\users\Lucas\AppData\Local\20A86E35-1426339612-E111-BEF1-9131AF183E68\bnsm738F.exe" [2015-03-14 305152]
"gmsd_fr_315"="c:\program files (x86)\gmsd_fr_315\gmsd_fr_315.exe" [2015-03-13 3977896]
.
c:\users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
Dropbox.lnk - c:\users\Lucas\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-3-4 42560368]
OneNote 2010 - Capture d'écran et lancement.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-6-25 228552]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2012-12-6 1393528]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
.
R2 bohihozy;Field Flip;c:\users\Lucas\AppData\Roaming\20A86E35-1426335937-E111-BEF1-9131AF183E68\jnsr94B2.tmp;c:\users\Lucas\AppData\Roaming\20A86E35-1426335937-E111-BEF1-9131AF183E68\jnsr94B2.tmp [x]
R2 CLKMSVC10_38F51D56;CyberLink Product - 2012/04/09 19:02;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 dydodijo;Keypad Wireless;c:\users\Lucas\AppData\Local\20A86E35-1426339754-E111-BEF1-9131AF183E68\cnsnA125.tmp;c:\users\Lucas\AppData\Local\20A86E35-1426339754-E111-BEF1-9131AF183E68\cnsnA125.tmp [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 lxeaCATSCustConnectService;lxeaCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe;c:\windows\SYSNATIVE\spool\DRIVERS\x64\3\\lxeaserv.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\DRIVERS\btwdpan.sys;c:\windows\SYSNATIVE\DRIVERS\btwdpan.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 globalUpdatem;globalUpdate Update Service (globalUpdatem);c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe;c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;c:\windows\system32\DRIVERS\RtsP2Stor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsP2Stor.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TrueService;TrueAPI Service component;c:\program files\Common Files\AuthenTec\TrueService.exe;c:\program files\Common Files\AuthenTec\TrueService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iusb3hcs;Pilote de commutateur de contrôleur d'hôte Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 cherimoya;cherimoya;c:\windows\system32\drivers\cherimoya.sys;c:\windows\SYSNATIVE\drivers\cherimoya.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 qrnfd_1_10_0_9;qrnfd_1_10_0_9;c:\windows\system32\drivers\qrnfd_1_10_0_9.sys;c:\windows\SYSNATIVE\drivers\qrnfd_1_10_0_9.sys [x]
S2 70F4EEDB-1367-4b4f-8247-3133551A7415;70F4EEDB-1367-4b4f-8247-3133551A7415;c:\program files\shopperz\grunt.exe;c:\program files\shopperz\grunt.exe [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 BasementDuster;BasementDuster;c:\program files (x86)\IGS\BasementDuster.exe;c:\program files (x86)\IGS\BasementDuster.exe [x]
S2 csrcc;csrcc;c:\program files\shopperz\csrcc.exe;c:\program files\shopperz\csrcc.exe [x]
S2 EPSON_PM_RPCV4_06;EPSON V3 Service4(06);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [x]
S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe;c:\windows\SYSNATIVE\EscSvc64.exe [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass\TrueSuiteService.exe;c:\program files (x86)\HP SimplePass\TrueSuiteService.exe [x]
S2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe [x]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 lxea_device;lxea_device;c:\windows\system32\lxeacoms.exe;c:\windows\SYSNATIVE\lxeacoms.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 mupogifi;Broadcast Function Key;c:\users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68\insx6338.tmp;c:\users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68\insx6338.tmp [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 qrsvc_1.10.0.9;Quick Ref 1.10.0.9 Client Service;c:\program files (x86)\QuickRef_1.10.0.9\Service\qrsvc.exe;c:\program files (x86)\QuickRef_1.10.0.9\Service\qrsvc.exe [x]
S2 shopperz Updater;shopperz Updater;c:\program files\shopperz\nseven.exe;c:\program files\shopperz\nseven.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 Websteroids;Websteroids;c:\programdata\Websteroids\up\2.6.80\WebsteroidsService.exe;c:\programdata\Websteroids\up\2.6.80\WebsteroidsService.exe [x]
S2 webTinstMKTN;webTinstMKTN;c:\windows\system32\Drivers\webTinstMKTN.sys;c:\windows\SYSNATIVE\Drivers\webTinstMKTN.sys [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 IntcDAud;Son Intel(R) pour écrans;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Pilote de concentrateur Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]
S3 iusb3xhc;Pilote du contrôleur d'hôte extensible Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SmbDrv;SmbDrv;c:\windows\system32\drivers\Smb_driver.sys;c:\windows\SYSNATIVE\drivers\Smb_driver.sys [x]
.
.
--- Autres Services/Pilotes en mémoire ---
.
- Deregistered* - CLKMDRV10_38F51D56
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-03-11 23:04 1061704 ----a-w- c:\program files (x86)\Google\Chrome\Application\41.0.2272.89\Installer\chrmstp.exe
.
Contenu du dossier 'Tâches planifiées'
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-6.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-6.exe [2015-03-14 12:24]
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-7.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-7.exe [2015-03-14 12:24]
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-10_user.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-10.exe [2015-03-14 12:23]
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-3.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-3.exe [2015-03-14 12:23]
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-4.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-4.exe [2015-03-14 12:24]
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-5.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-5.exe [2015-03-14 12:24]
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-5_user.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-5.exe [2015-03-14 12:24]
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-6.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-6.exe [2015-03-14 12:23]
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-7.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-7.exe [2015-03-14 12:23]
.
2015-03-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-02-26 20:45]
.
2015-03-14 c:\windows\Tasks\APSnotifierPP1.job
- c:\program files (x86)\AnyProtectEx\AnyProtect.exe [2015-03-14 14:14]
.
2015-03-14 c:\windows\Tasks\APSnotifierPP2.job
- c:\program files (x86)\AnyProtectEx\AnyProtect.exe [2015-03-14 14:14]
.
2015-03-14 c:\windows\Tasks\APSnotifierPP3.job
- c:\program files (x86)\AnyProtectEx\AnyProtect.exe [2015-03-14 14:14]
.
2015-03-22 c:\windows\Tasks\BlockAndSurf Update.job
- c:\program files (x86)\ver5BlockAndSurf\J4BlockAndSurfJ52.exe [2015-03-14 13:59]
.
2015-03-22 c:\windows\Tasks\EPSON XP-312 313 315 Series Invitation {EEC0BF53-0EAD-4FBC-B87D-CF4EF1BB2ED7}.job
- c:\windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [2014-08-24 16:20]
.
2015-03-22 c:\windows\Tasks\EPSON XP-312 313 315 Series Update {EEC0BF53-0EAD-4FBC-B87D-CF4EF1BB2ED7}.job
- c:\windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [2014-08-24 16:20]
.
2015-03-22 c:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job
- c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-03-14 12:23]
.
2015-03-15 c:\windows\Tasks\globalUpdateUpdateTaskMachineUA.job
- c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-03-14 12:23]
.
2015-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-12-22 22:30]
.
2015-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-12-22 22:30]
.
2015-03-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2400914848-400651550-2087204018-1002Core.job
- c:\users\Lucas\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-11 17:51]
.
2015-03-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2400914848-400651550-2087204018-1002UA.job
- c:\users\Lucas\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-11 17:51]
.
2015-03-11 c:\windows\Tasks\HPCeeScheduleForLUCAS-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 03:43]
.
2015-03-22 c:\windows\Tasks\HPCeeScheduleForLucas.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 03:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{45FE7DE3-60B5-7692-4294-A09C8F75D7B2}]
2015-03-14 13:59 237056 ----a-w- c:\program files (x86)\ver5BlockAndSurf\190_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-07 10:13 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-30 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-30 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-30 440600]
"SetDefault"="c:\program files\Hewlett-Packard\HP LaunchBox\SetDefault.exe" [2011-12-19 44880]
"lxeamon.exe"="c:\program files (x86)\Lexmark S300-S400 Series\lxeamon.exe" [2011-01-24 770728]
"EzPrint"="c:\program files (x86)\Lexmark S300-S400 Series\ezprint.exe" [2011-01-24 148280]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2013-09-16 1425408]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-02-13 169768]
"shopperz"="c:\program files\shopperz\wrex.exe" [2015-03-11 430456]
"shopperz64"="c:\program files\shopperz\wrex64.exe" [2015-03-11 461176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.omniboxes.com/?type=hp&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1426335965&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S&q={searchTerms}
mDefault_Search_URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S&q={searchTerms}
mDefault_Page_URL = hxxp://www.omniboxes.com/?type=hp&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S
mStart Page = hxxp://www.omniboxes.com/?type=hp&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.omniboxes.com/web/?type=ds&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S&q={searchTerms}
uInternet Settings,ProxyOverride = *.local
IE: &Envoyer à OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\
FF - prefs.js: browser.search.selectedEngine - omniboxes
FF - prefs.js: browser.startup.homepage - hxxp://www.omniboxes.com/?type=hp&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S
FF - prefs.js: keyword.URL -
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: network.http.spdy.enabled - false
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-BService - c:\program files (x86)\Bench\BService\bservice.exe
Wow6432Node-HKLM-Run-Wd - c:\program files (x86)\Bench\Wd\wd.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM_Wow6432Node-ActiveSetup-{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-38900_Discount Dragon - c:\users\Lucas\AppData\Local\Discount Dragon\uninstall.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-FileParade bundle uninstaller - c:\program files (x86)\sweetpacks bundle uninstaller\uninstaller.exe
AddRemove-MediaPlayerV1alpha208 - c:\program files (x86)\MediaPlayerV1\MediaPlayerV1alpha208\uninstall.exe
AddRemove-MediaViewerV1alpha167 - c:\program files (x86)\MediaViewerV1\MediaViewerV1alpha167\uninstall.exe
AddRemove-MediaViewV1alpha734 - c:\program files (x86)\MediaViewV1\MediaViewV1alpha734\uninstall.exe
AddRemove-SearchProtect - c:\progra~2\SearchProtect\Main\bin\uninstall.exe
AddRemove-SeeWeblists - c:\users\Lucas\AppData\Local\Temp\Zzoomit_uninstall.exe
AddRemove-Video Player - c:\program files (x86)\VideoPlayerV3\VideoPlayerV3beta939\uninstall.exe
AddRemove-VideoPad - c:\program files (x86)\NCH Software\VideoPad\videopad.exe
AddRemove-Webexp Enhanced - c:\program files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha917\uninstall.exe
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bohihozy]
"ImagePath"="c:\users\Lucas\AppData\Roaming\20A86E35-1426335937-E111-BEF1-9131AF183E68\jnsr94B2.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\dydodijo]
"ImagePath"="c:\users\Lucas\AppData\Local\20A86E35-1426339754-E111-BEF1-9131AF183E68\cnsnA125.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mupogifi]
"ImagePath"="c:\users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68\insx6338.tmp"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="BrowserHTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="BrowserHTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="BrowserHTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="BrowserHTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="BrowserHTM"
.
[HKEY_USERS\S-1-5-21-2400914848-400651550-2087204018-1002_Classes\Wow6432Node\CLSID\{1e672aed-bf1a-4969-9501-5847fd0bbb7c}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000121
"Therad"=dword:00000019
.
[HKEY_USERS\S-1-5-21-2400914848-400651550-2087204018-1002_Classes\Wow6432Node\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):b0,36,d2,d5,55,b7,ee,df,0c,c8,96,3e,c0,58,58,d7,c0,f8,31,c8,b7,
8c,da,82,9c,09,c0,c6,a9,1f,76,b4,92,95,27,63,e5,5b,e1,14,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
c:\programdata\Websteroids\up\2.6.80\Websteroids.exe
c:\program files (x86)\ver5BlockAndSurf\BlockAndSurf.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
.
Heure de fin: 2015-03-22 13:46:36 - La machine a redémarré
ComboFix-quarantined-files.txt 2015-03-22 12:46
.
Avant-CF: 469 656 002 560 octets libres
Après-CF: 469 084 491 776 octets libres
.
- - End Of File - - D9BE222DE4DC3F7F73B8FD6A3B2B7885
Voilà le rapport
Salut,
=>/!\Le script qui suit a été écrit spécialement cet ordinateur/!\ <=
=>il est fort déconseillé de le transposer sur un autre ordinateur !<=
-----------------------------------------------------------------------------------
Toujours avec toutes les protections désactivées, fais ceci :
__________________________________________________
KillAll::
ClearJavaCache::
Folder::
c:\program files (x86)\Mysearchdial
c:\program files (x86)\AnyProtectEx
c:\users\Lucas\AppData\Roaming\RHEng
c:\program files\WajaWebEnhancer
c:\program files (x86)\globalUpdate
c:\users\Lucas\AppData\Roaming\VOPackage
c:\users\Lucas\AppData\Roaming\omniboxes
c:\programdata\WindowsMangerProtect
c:\windows\patsearch.bin
c:\program files\shopperz
File::
c:\windows\Tasks\APSnotifierPP1.job
c:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job
c:\windows\Tasks\APSnotifierPP2.job
c:\windows\Tasks\APSnotifierPP3.job
c:\windows\Tasks\BlockAndSurf Update.job
Driver::
globalUpdatem
70F4EEDB-1367-4b4f-8247-3133551A7415
csrcc
shopperz Updater
DDS::
uStart Page = hxxp://www.omniboxes.com/?type=hp&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S [Pays US - 50.97.32.151]
Firefox::
FF - prefs.js: browser.startup.homepage - hxxp://www.omniboxes.com/?type=hp&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S [Pays US - 50.97.32.151]
RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
__________________________________________________
ComboFix.exe comme sur : cette capture
@+
=>/!\Le script qui suit a été écrit spécialement cet ordinateur/!\ <=
=>il est fort déconseillé de le transposer sur un autre ordinateur !<=
-----------------------------------------------------------------------------------
Toujours avec toutes les protections désactivées, fais ceci :
- Ouvre le bloc-notes (Menu démarrer --> programmes --> accessoires --> bloc-notes)
- Copie/colle dans le bloc-notes ce qui entre les lignes ci dessous (sans les lignes) :
- Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :
__________________________________________________
KillAll::
ClearJavaCache::
Folder::
c:\program files (x86)\Mysearchdial
c:\program files (x86)\AnyProtectEx
c:\users\Lucas\AppData\Roaming\RHEng
c:\program files\WajaWebEnhancer
c:\program files (x86)\globalUpdate
c:\users\Lucas\AppData\Roaming\VOPackage
c:\users\Lucas\AppData\Roaming\omniboxes
c:\programdata\WindowsMangerProtect
c:\windows\patsearch.bin
c:\program files\shopperz
File::
c:\windows\Tasks\APSnotifierPP1.job
c:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job
c:\windows\Tasks\APSnotifierPP2.job
c:\windows\Tasks\APSnotifierPP3.job
c:\windows\Tasks\BlockAndSurf Update.job
Driver::
globalUpdatem
70F4EEDB-1367-4b4f-8247-3133551A7415
csrcc
shopperz Updater
DDS::
uStart Page = hxxp://www.omniboxes.com/?type=hp&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S [Pays US - 50.97.32.151]
Firefox::
FF - prefs.js: browser.startup.homepage - hxxp://www.omniboxes.com/?type=hp&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S [Pays US - 50.97.32.151]
RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
__________________________________________________
- Enregistre ce fichier sous le nom CFScript
- Fait un glisser/déposer de ce fichier CFScript sur le fichier
ComboFix.exe comme sur : cette capture
- Combofix se lance, laisse toi guider..
- Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal!
- Ne touche à rien tant que le scan n'est pas terminé.
- Une fois le scan achevé, un rapport va s'afficher: poste son contenu, en précisant où en sont tes soucis
- Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt
@+
ComboFix 15-03-14.03 - Lucas 22/03/2015 15:22:49.2.4 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.8085.5850 [GMT 1:00]
Lancé depuis: c:\users\Lucas\Desktop\ComboFix.exe
Commutateurs utilisés :: c:\users\Lucas\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\APSnotifierPP1.job"
"c:\windows\Tasks\APSnotifierPP2.job"
"c:\windows\Tasks\APSnotifierPP3.job"
"c:\windows\Tasks\BlockAndSurf Update.job"
"c:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job"
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\AnyProtectEx
c:\program files (x86)\AnyProtectEx\AnyProtect.exe
c:\program files (x86)\AnyProtectEx\Uninstall.exe
c:\program files (x86)\globalUpdate
c:\program files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe
c:\program files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe
c:\program files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe
c:\program files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateHelper.msi
c:\program files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe
c:\program files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll
c:\program files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll
c:\program files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll
c:\program files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll
c:\program files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll
c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe
c:\program files (x86)\HQCinema Pro 2.1V14.03\07fd8417-1c2d-427f-a329-e9c4b566df7a.dll
c:\program files (x86)\HQCinema Pro 2.1V14.03\dc3d1229-40b4-460a-96fa-d71269b8c8cf.dll
c:\program files (x86)\Mysearchdial
c:\program files (x86)\Mysearchdial\1.8.21.0\bh\mysearchdial.dll
c:\program files (x86)\Mysearchdial\1.8.21.0\FavIcon.ico
c:\program files (x86)\Mysearchdial\1.8.21.0\mysearchdialApp.dll
c:\program files (x86)\Mysearchdial\1.8.21.0\mysearchdialEng.dll
c:\program files (x86)\Mysearchdial\1.8.21.0\mysearchdialsrv.exe
c:\program files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll
c:\program files (x86)\Mysearchdial\1.8.21.0\Sqlite3.dll
c:\program files (x86)\Mysearchdial\1.8.21.0\uninstall.exe
c:\program files\shopperz
c:\program files\shopperz\csrcc.exe
c:\program files\shopperz\Firefox\chrome.manifest
c:\program files\shopperz\Firefox\chrome\content\libraries\DataExchangeScript.js
c:\program files\shopperz\Firefox\chrome\content\main.js
c:\program files\shopperz\Firefox\chrome\content\resources\LocalScript.js
c:\program files\shopperz\Firefox\defaults\preferences\defaults.js
c:\program files\shopperz\garrus.dll
c:\program files\shopperz\grunt.exe
c:\program files\shopperz\kasumi32.dll
c:\program files\shopperz\kasumi64.dll
c:\program files\shopperz\krios.dll
c:\program files\shopperz\krios64.dll
c:\program files\shopperz\liara.dll
c:\program files\shopperz\liara64.dll
c:\program files\shopperz\libraries\DataExchangeScript.js
c:\program files\shopperz\nfregdrv64.exe
c:\program files\shopperz\nseven.exe
c:\program files\shopperz\resources\LocalScript.js
c:\program files\shopperz\tree.js
c:\program files\shopperz\tsoni.dll
c:\program files\shopperz\tsoni64.dll
c:\program files\shopperz\unins000.exe
c:\program files\shopperz\wrex.exe
c:\program files\shopperz\wrex64.exe
c:\program files\shopperz\zaeed.bat
c:\program files\WajaWebEnhancer
c:\program files\WajaWebEnhancer\dlls\pqxlptxrdbig.dll
c:\program files\WajaWebEnhancer\dlls\uhnesmwlydzopao.dll
c:\program files\WajaWebEnhancer\logos\amazon.ico
c:\program files\WajaWebEnhancer\logos\argos.ico
c:\program files\WajaWebEnhancer\logos\ask.ico
c:\program files\WajaWebEnhancer\logos\bestbuy.ico
c:\program files\WajaWebEnhancer\logos\ebay.ico
c:\program files\WajaWebEnhancer\logos\etsy.ico
c:\program files\WajaWebEnhancer\logos\facebook.ico
c:\program files\WajaWebEnhancer\logos\favicon.ico
c:\program files\WajaWebEnhancer\logos\google.ico
c:\program files\WajaWebEnhancer\logos\homedepot.ico
c:\program files\WajaWebEnhancer\logos\ikea.ico
c:\program files\WajaWebEnhancer\logos\imdb.ico
c:\program files\WajaWebEnhancer\logos\lowes.ico
c:\program files\WajaWebEnhancer\logos\mercado.ico
c:\program files\WajaWebEnhancer\logos\mysearchweb.ico
c:\program files\WajaWebEnhancer\logos\myshopping.ico
c:\program files\WajaWebEnhancer\logos\searchresult.ico
c:\program files\WajaWebEnhancer\logos\sears.ico
c:\program files\WajaWebEnhancer\logos\setting.ico
c:\program files\WajaWebEnhancer\logos\settings.ico
c:\program files\WajaWebEnhancer\logos\shopping.ico
c:\program files\WajaWebEnhancer\logos\target.ico
c:\program files\WajaWebEnhancer\logos\tesco.ico
c:\program files\WajaWebEnhancer\logos\tripadvisor.ico
c:\program files\WajaWebEnhancer\logos\twitter.ico
c:\program files\WajaWebEnhancer\logos\wajam.ico
c:\program files\WajaWebEnhancer\logos\walmart.ico
c:\program files\WajaWebEnhancer\logos\wiki.ico
c:\program files\WajaWebEnhancer\logos\yahoo.ico
c:\program files\WajaWebEnhancer\logos\zalando.ico
c:\program files\WajaWebEnhancer\snotlings
c:\program files\WajaWebEnhancer\waaaghs
c:\program files\WajaWebEnhancer\wajam.exe
c:\program files\WajaWebEnhancer\wajam.ico
c:\program files\WajaWebEnhancer\wajam_goblin.dll
c:\program files\WajaWebEnhancer\wajam_goblin_64.dll
c:\program files\WajaWebEnhancer\WWE_uninstall.exe
c:\programdata\WindowsMangerProtect
c:\programdata\WindowsMangerProtect\ProtectWindowsManager.exe
c:\users\Lucas\AppData\Roaming\omniboxes
c:\users\Lucas\AppData\Roaming\omniboxes\UninstallManager.exe
c:\users\Lucas\AppData\Roaming\RHEng
c:\users\Lucas\AppData\Roaming\RHEng\3A575B6EB8B045E8A175882B0508E7DB\TuneUpUtilities2014_fr-FR_2200565.exe
c:\users\Lucas\AppData\Roaming\RHEng\8FB0FC0E1F174328B070F1381DFC9D5A\WWE_1.2.0.53.exe
c:\users\Lucas\AppData\Roaming\VOPackage
c:\users\Lucas\AppData\Roaming\VOPackage\Uninstall.exe
c:\users\Lucas\AppData\Roaming\VOPackage\VOPackage.exe
c:\windows\Tasks\APSnotifierPP1.job
c:\windows\Tasks\APSnotifierPP2.job
c:\windows\Tasks\APSnotifierPP3.job
c:\windows\Tasks\BlockAndSurf Update.job
c:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_70F4EEDB-1367-4b4f-8247-3133551A7415
-------\Service_csrcc
-------\Service_globalUpdatem
-------\Service_shopperz Updater
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2015-02-22 au 2015-03-22 ))))))))))))))))))))))))))))))))))))
.
.
2015-03-22 14:35 . 2015-03-22 14:35 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2015-03-21 22:32 . 2015-03-21 22:34 -------- d-----w- C:\FRST
2015-03-20 21:31 . 2015-03-14 13:59 50800 ----a-w- c:\windows\system32\drivers\webTinstMKTN.sys
2015-03-20 19:15 . 2015-01-29 09:07 11910896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{41A962D3-F865-46AF-A00D-7ACEC0EBD932}\mpengine.dll
2015-03-18 22:46 . 2015-03-19 13:04 -------- d-----w- c:\users\Lucas\AppData\Roaming\ZHP
2015-03-14 14:08 . 2015-01-06 11:38 60376 ----a-w- c:\windows\system32\drivers\cherimoya.sys
2015-03-14 14:00 . 2015-03-20 21:32 2225 ----a-w- c:\windows\patsearch.bin
2015-03-14 14:00 . 2015-03-20 19:04 -------- d-----w- c:\program files (x86)\ver5BlockAndSurf
2015-03-14 13:59 . 2015-03-12 08:59 319392 ----a-w- c:\windows\SysWow64\BDL.dll
2015-03-14 13:59 . 2015-03-20 19:04 -------- d-----w- c:\program files (x86)\IGS
2015-03-14 13:58 . 2015-03-20 19:04 -------- d-----w- c:\users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68
2015-03-14 13:58 . 2015-03-20 19:04 -------- d-----w- c:\program files (x86)\QuickRef_1.10.0.9
2015-03-14 13:57 . 2015-03-22 11:10 -------- d-----w- c:\users\Lucas\AppData\Local\gmsd_fr_315
2015-03-14 13:57 . 2015-03-20 19:04 -------- d-----w- c:\program files (x86)\gmsd_fr_315
2015-03-14 13:35 . 2015-03-14 13:39 -------- d-----w- c:\users\Lucas\AppData\Local\pangu
2015-03-14 13:19 . 2015-03-14 13:20 5 ----a-w- c:\windows\SysWow64\lMMLDeleteUserData42107612FX.tmp
2015-03-14 13:10 . 2015-03-14 13:10 -------- d-sh--w- c:\users\Lucas\AppData\Local\EmieBrowserModeList
2015-03-14 12:29 . 2015-03-22 11:10 -------- d-----w- c:\users\Lucas\AppData\Local\20A86E35-1426339770-E111-BEF1-9131AF183E68
2015-03-14 12:29 . 2015-03-14 12:29 -------- d-----w- c:\users\Lucas\AppData\Local\20A86E35-1426339754-E111-BEF1-9131AF183E68
2015-03-14 12:26 . 2015-03-20 19:04 -------- d-----w- c:\users\Lucas\AppData\Local\20A86E35-1426339612-E111-BEF1-9131AF183E68
2015-03-14 12:26 . 2015-03-20 19:04 -------- d-----w- c:\users\Lucas\AppData\Local\Pro_PC_Cleaner
2015-03-14 12:25 . 2015-03-14 12:25 -------- d-----w- c:\users\Lucas\AppData\Roaming\20A86E35-1426335947-E111-BEF1-9131AF183E68
2015-03-14 12:25 . 2015-03-14 16:49 -------- d-----w- c:\users\Lucas\AppData\Roaming\20A86E35-1426335937-E111-BEF1-9131AF183E68
2015-03-14 12:23 . 2015-03-22 12:36 -------- d-----w- c:\program files (x86)\a9fb2d45-e2ce-4e46-acbf-64825b029422
2015-03-14 12:23 . 2015-03-22 14:34 -------- d-----w- c:\program files (x86)\HQCinema Pro 2.1V14.03
2015-03-14 12:02 . 2012-10-03 15:14 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2015-03-14 12:02 . 2015-03-14 12:02 -------- dc----w- c:\windows\system32\DRVSTORE
2015-03-14 12:01 . 2015-03-14 12:02 -------- d-----w- c:\programdata\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-03-14 12:01 . 2015-03-14 12:02 -------- d-----w- c:\program files\iTunes
2015-03-14 12:01 . 2015-03-14 12:01 -------- d-----w- c:\program files (x86)\iTunes
2015-03-14 12:01 . 2015-03-14 12:01 -------- d-----w- c:\programdata\Apple Computer
2015-03-14 12:01 . 2015-03-14 12:01 -------- d-----w- c:\program files\iPod
2015-03-14 11:59 . 2015-03-14 11:59 -------- d-----w- c:\users\Lucas\AppData\Local\Apple
2015-03-14 11:59 . 2015-03-20 19:04 -------- d-----w- c:\program files (x86)\Apple Software Update
2015-03-14 11:59 . 2015-03-14 11:59 -------- d-----w- c:\program files\Bonjour
2015-03-14 11:59 . 2015-03-14 11:59 -------- d-----w- c:\program files (x86)\Bonjour
2015-03-14 11:58 . 2015-03-14 12:01 -------- d-----w- c:\program files\Common Files\Apple
2015-03-14 11:58 . 2015-03-14 11:59 -------- d-----w- c:\programdata\Apple
2015-03-14 11:58 . 2015-03-14 11:59 -------- d-----w- c:\program files (x86)\Common Files\Apple
2015-03-11 23:22 . 2015-02-20 03:29 372224 ----a-w- c:\windows\system32\atmfd.dll
2015-03-11 23:22 . 2015-02-20 04:41 41984 ----a-w- c:\windows\system32\lpk.dll
2015-03-11 23:22 . 2015-02-20 04:40 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-03-11 23:22 . 2015-02-20 03:09 299008 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-03-11 23:22 . 2015-02-20 04:40 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-03-11 23:22 . 2015-02-20 04:40 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-03-11 23:22 . 2015-02-20 04:13 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-03-11 23:22 . 2015-02-20 04:13 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-03-11 23:22 . 2015-02-20 04:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-03-11 23:22 . 2015-02-20 04:12 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-03-11 23:20 . 2015-02-13 05:22 14177280 ----a-w- c:\windows\system32\shell32.dll
2015-03-11 23:17 . 2015-02-21 01:19 950784 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2015-03-11 23:17 . 2015-02-20 02:49 584192 ----a-w- c:\windows\system32\vbscript.dll
2015-03-11 23:17 . 2015-02-20 02:47 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2015-03-11 23:17 . 2015-02-20 01:28 2358784 ----a-w- c:\windows\system32\wininet.dll
2015-03-11 23:17 . 2015-02-20 01:09 382976 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2015-03-11 23:17 . 2015-02-24 03:15 293032 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2015-03-11 23:17 . 2015-02-21 01:16 25021440 ----a-w- c:\windows\system32\mshtml.dll
2015-03-11 23:17 . 2015-02-20 02:08 199680 ----a-w- c:\windows\system32\msrating.dll
2015-03-11 23:17 . 2015-02-20 02:08 1016832 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2015-03-11 23:16 . 2015-02-04 03:16 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2015-03-11 23:16 . 2015-02-04 02:54 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2015-03-04 07:43 . 2015-03-04 07:43 -------- d-----w- c:\program files (x86)\Common Files\Adobe Systems Shared
2015-03-04 07:30 . 2015-03-04 07:30 -------- d-----w- C:\PS_CS2_FR_NonRet
2015-03-04 07:03 . 2015-01-09 03:14 91136 ----a-w- c:\windows\system32\wdi.dll
2015-03-04 07:03 . 2015-01-09 03:14 950272 ----a-w- c:\windows\system32\perftrack.dll
2015-03-04 07:03 . 2015-01-09 03:14 29696 ----a-w- c:\windows\system32\powertracker.dll
2015-03-04 07:03 . 2015-01-09 02:48 76800 ----a-w- c:\windows\SysWow64\wdi.dll
2015-03-02 00:30 . 2015-03-02 00:30 -------- d-----w- c:\users\Lucas\AppData\Roaming\TuneUp Software
2015-03-02 00:30 . 2015-03-02 00:30 -------- d-----w- c:\users\Lucas\AppData\Local\TuneUp Software
2015-03-02 00:30 . 2015-03-02 00:31 -------- d-----w- c:\programdata\TuneUp Software
2015-03-02 00:30 . 2015-03-02 00:30 -------- d-sh--w- c:\programdata\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2015-03-02 00:30 . 2015-03-02 00:30 -------- d--h--w- c:\programdata\Common Files
2015-03-02 00:29 . 2015-03-02 00:29 -------- d-----w- c:\program files\WinPcap
2015-03-02 00:29 . 2015-03-02 00:29 -------- d-----w- c:\programdata\Freemake
2015-03-02 00:28 . 2015-03-02 00:29 -------- d-----w- c:\program files (x86)\Freemake
2015-02-26 11:35 . 2015-02-26 11:35 -------- d-----w- c:\users\Lucas\AppData\Local\Steam
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-03-20 19:12 . 2012-09-17 06:26 1041168 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2015-03-20 19:12 . 2012-09-17 06:26 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2015-03-13 16:05 . 2012-08-20 04:28 122905848 ----a-w- c:\windows\system32\MRT.exe
2015-02-24 02:17 . 2010-11-21 03:27 295552 ------w- c:\windows\system32\MpSigStub.exe
2015-02-17 14:26 . 2015-02-17 14:26 1217184 ----a-w- c:\windows\SysWow64\FM20.DLL
2015-02-06 19:58 . 2015-02-06 19:58 58224 ----a-w- c:\windows\system32\drivers\qrnfd_1_10_0_9.sys
2015-02-04 20:45 . 2012-02-26 10:11 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-04 20:45 . 2012-02-26 10:11 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-02-04 03:16 . 2015-02-12 09:53 609280 ----a-w- c:\windows\system32\generaltel.dll
2015-02-04 03:16 . 2015-02-12 09:53 762368 ----a-w- c:\windows\system32\invagent.dll
2015-02-04 03:16 . 2015-02-12 09:53 414720 ----a-w- c:\windows\system32\devinv.dll
2015-02-04 03:16 . 2015-02-12 09:53 894976 ----a-w- c:\windows\system32\appraiser.dll
2015-02-04 03:16 . 2015-02-12 09:53 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-02-04 03:16 . 2015-02-12 09:53 192000 ----a-w- c:\windows\system32\aepic.dll
2015-02-04 03:13 . 2015-02-12 09:53 1098752 ----a-w- c:\windows\system32\aeinv.dll
2015-01-27 23:36 . 2015-02-12 09:53 1239720 ----a-w- c:\windows\system32\aitstatic.exe
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{45FE7DE3-60B5-7692-4294-A09C8F75D7B2}]
2015-03-14 13:59 495104 ----a-w- c:\program files (x86)\ver5BlockAndSurf\190.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Xvid"="c:\program files (x86)\Xvid\CheckUpdate.exe" [2011-01-17 8192]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
"Spotify Web Helper"="c:\users\Lucas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-06-20 1104384]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2015-02-18 2874048]
"EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\x64\3\E_IATILFE.EXE" [2013-01-23 297024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2011-12-05 291096]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2011-09-15 61112]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2011-03-30 87336]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2011-09-28 75048]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-08-19 379960]
"HP CoolSense"="c:\program files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" [2012-11-05 1343904]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-03-05 578944]
"Magic Desktop for HP notification"="c:\programdata\Easybits Magic Desktop for HP\mdhpSUN.exe" [2013-12-11 1243656]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-03-20 4085896]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"WinCheck"="c:\users\Lucas\AppData\Local\20A86E35-1426339612-E111-BEF1-9131AF183E68\bnsm738F.exe" [2015-03-14 305152]
"gmsd_fr_315"="c:\program files (x86)\gmsd_fr_315\gmsd_fr_315.exe" [2015-03-13 3977896]
.
c:\users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
Dropbox.lnk - c:\users\Lucas\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-3-4 42560368]
OneNote 2010 - Capture d'écran et lancement.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-6-25 228552]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2012-12-6 1393528]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
.
R2 bohihozy;Field Flip;c:\users\Lucas\AppData\Roaming\20A86E35-1426335937-E111-BEF1-9131AF183E68\jnsr94B2.tmp;c:\users\Lucas\AppData\Roaming\20A86E35-1426335937-E111-BEF1-9131AF183E68\jnsr94B2.tmp [x]
R2 CLKMSVC10_38F51D56;CyberLink Product - 2012/04/09 19:02;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 dydodijo;Keypad Wireless;c:\users\Lucas\AppData\Local\20A86E35-1426339754-E111-BEF1-9131AF183E68\cnsnA125.tmp;c:\users\Lucas\AppData\Local\20A86E35-1426339754-E111-BEF1-9131AF183E68\cnsnA125.tmp [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 lxeaCATSCustConnectService;lxeaCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe;c:\windows\SYSNATIVE\spool\DRIVERS\x64\3\\lxeaserv.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\DRIVERS\btwdpan.sys;c:\windows\SYSNATIVE\DRIVERS\btwdpan.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;c:\windows\system32\DRIVERS\RtsP2Stor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsP2Stor.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TrueService;TrueAPI Service component;c:\program files\Common Files\AuthenTec\TrueService.exe;c:\program files\Common Files\AuthenTec\TrueService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iusb3hcs;Pilote de commutateur de contrôleur d'hôte Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 cherimoya;cherimoya;c:\windows\system32\drivers\cherimoya.sys;c:\windows\SYSNATIVE\drivers\cherimoya.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 qrnfd_1_10_0_9;qrnfd_1_10_0_9;c:\windows\system32\drivers\qrnfd_1_10_0_9.sys;c:\windows\SYSNATIVE\drivers\qrnfd_1_10_0_9.sys [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 BasementDuster;BasementDuster;c:\program files (x86)\IGS\BasementDuster.exe;c:\program files (x86)\IGS\BasementDuster.exe [x]
S2 EPSON_PM_RPCV4_06;EPSON V3 Service4(06);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [x]
S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe;c:\windows\SYSNATIVE\EscSvc64.exe [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass\TrueSuiteService.exe;c:\program files (x86)\HP SimplePass\TrueSuiteService.exe [x]
S2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe [x]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 lxea_device;lxea_device;c:\windows\system32\lxeacoms.exe;c:\windows\SYSNATIVE\lxeacoms.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 mupogifi;Broadcast Function Key;c:\users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68\insx6338.tmp;c:\users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68\insx6338.tmp [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 qrsvc_1.10.0.9;Quick Ref 1.10.0.9 Client Service;c:\program files (x86)\QuickRef_1.10.0.9\Service\qrsvc.exe;c:\program files (x86)\QuickRef_1.10.0.9\Service\qrsvc.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 Websteroids;Websteroids;c:\programdata\Websteroids\up\2.6.80\WebsteroidsService.exe;c:\programdata\Websteroids\up\2.6.80\WebsteroidsService.exe [x]
S2 webTinstMKTN;webTinstMKTN;c:\windows\system32\Drivers\webTinstMKTN.sys;c:\windows\SYSNATIVE\Drivers\webTinstMKTN.sys [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 IntcDAud;Son Intel(R) pour écrans;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Pilote de concentrateur Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]
S3 iusb3xhc;Pilote du contrôleur d'hôte extensible Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SmbDrv;SmbDrv;c:\windows\system32\drivers\Smb_driver.sys;c:\windows\SYSNATIVE\drivers\Smb_driver.sys [x]
.
.
--- Autres Services/Pilotes en mémoire ---
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-03-11 23:04 1061704 ----a-w- c:\program files (x86)\Google\Chrome\Application\41.0.2272.89\Installer\chrmstp.exe
.
Contenu du dossier 'Tâches planifiées'
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-6.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-6.exe [2015-03-14 12:24]
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-7.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-7.exe [2015-03-14 12:24]
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-10_user.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-10.exe [2015-03-14 12:23]
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-3.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-3.exe [2015-03-14 12:23]
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-4.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-4.exe [2015-03-14 12:24]
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-5.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-5.exe [2015-03-14 12:24]
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-5_user.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-5.exe [2015-03-14 12:24]
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-6.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-6.exe [2015-03-14 12:23]
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-7.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-7.exe [2015-03-14 12:23]
.
2015-03-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-02-26 20:45]
.
2015-03-22 c:\windows\Tasks\EPSON XP-312 313 315 Series Invitation {EEC0BF53-0EAD-4FBC-B87D-CF4EF1BB2ED7}.job
- c:\windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [2014-08-24 16:20]
.
2015-03-22 c:\windows\Tasks\EPSON XP-312 313 315 Series Update {EEC0BF53-0EAD-4FBC-B87D-CF4EF1BB2ED7}.job
- c:\windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [2014-08-24 16:20]
.
2015-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-12-22 22:30]
.
2015-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-12-22 22:30]
.
2015-03-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2400914848-400651550-2087204018-1002Core.job
- c:\users\Lucas\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-11 17:51]
.
2015-03-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2400914848-400651550-2087204018-1002UA.job
- c:\users\Lucas\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-11 17:51]
.
2015-03-11 c:\windows\Tasks\HPCeeScheduleForLUCAS-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 03:43]
.
2015-03-22 c:\windows\Tasks\HPCeeScheduleForLucas.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 03:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{45FE7DE3-60B5-7692-4294-A09C8F75D7B2}]
2015-03-14 13:59 237056 ----a-w- c:\program files (x86)\ver5BlockAndSurf\190_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-07 10:13 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-30 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-30 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-30 440600]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SetDefault"="c:\program files\Hewlett-Packard\HP LaunchBox\SetDefault.exe" [2011-12-19 44880]
"lxeamon.exe"="c:\program files (x86)\Lexmark S300-S400 Series\lxeamon.exe" [2011-01-24 770728]
"EzPrint"="c:\program files (x86)\Lexmark S300-S400 Series\ezprint.exe" [2011-01-24 148280]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2013-09-16 1425408]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-02-13 169768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1426335965&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S&q={searchTerms}
mDefault_Search_URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S&q={searchTerms}
mDefault_Page_URL = hxxp://www.omniboxes.com/?type=hp&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S
mStart Page = hxxp://www.omniboxes.com/?type=hp&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.omniboxes.com/web/?type=ds&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S&q={searchTerms}
uInternet Settings,ProxyOverride = *.local
IE: &Envoyer à OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\
FF - prefs.js: browser.search.selectedEngine - omniboxes
FF - prefs.js: browser.startup.homepage - hxxp://www.omniboxes.com/?type=hp&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S
FF - prefs.js: keyword.URL -
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: network.http.spdy.enabled - false
.
- - - - ORPHELINS SUPPRIMES - - - -
.
BHO-{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - c:\program files (x86)\Mysearchdial\1.8.21.0\bh\mysearchdial.dll
Toolbar-{3004627E-F8E9-4E8B-909D-316753CBA923} - c:\program files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM-Run-shopperz - c:\program files\shopperz\wrex.exe
HKLM-Run-shopperz64 - c:\program files\shopperz\wrex64.exe
AddRemove-38900_Discount Dragon - c:\users\Lucas\AppData\Local\Discount Dragon\uninstall.exe
AddRemove-AnyProtect - c:\program files (x86)\AnyProtectEx\uninstall.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-FileParade bundle uninstaller - c:\program files (x86)\sweetpacks bundle uninstaller\uninstaller.exe
AddRemove-MediaPlayerV1alpha208 - c:\program files (x86)\MediaPlayerV1\MediaPlayerV1alpha208\uninstall.exe
AddRemove-MediaViewerV1alpha167 - c:\program files (x86)\MediaViewerV1\MediaViewerV1alpha167\uninstall.exe
AddRemove-MediaViewV1alpha734 - c:\program files (x86)\MediaViewV1\MediaViewV1alpha734\uninstall.exe
AddRemove-mysearchdial - c:\program files (x86)\Mysearchdial\1.8.21.0\uninstall.exe
AddRemove-omniboxes uninstall - c:\users\Lucas\AppData\Roaming\omniboxes\UninstallManager.exe
AddRemove-SearchProtect - c:\progra~2\SearchProtect\Main\bin\uninstall.exe
AddRemove-SeeWeblists - c:\users\Lucas\AppData\Local\Temp\Zzoomit_uninstall.exe
AddRemove-Video Player - c:\program files (x86)\VideoPlayerV3\VideoPlayerV3beta939\uninstall.exe
AddRemove-VideoPad - c:\program files (x86)\NCH Software\VideoPad\videopad.exe
AddRemove-VOPackage - c:\users\Lucas\AppData\Roaming\VOPackage\Uninstall.exe
AddRemove-Wajam Web Enhancer - c:\program files\WajaWebEnhancer\WWE_uninstall.exe
AddRemove-Webexp Enhanced - c:\program files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha917\uninstall.exe
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bohihozy]
"ImagePath"="c:\users\Lucas\AppData\Roaming\20A86E35-1426335937-E111-BEF1-9131AF183E68\jnsr94B2.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\dydodijo]
"ImagePath"="c:\users\Lucas\AppData\Local\20A86E35-1426339754-E111-BEF1-9131AF183E68\cnsnA125.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mupogifi]
"ImagePath"="c:\users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68\insx6338.tmp"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="BrowserHTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="BrowserHTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="BrowserHTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="BrowserHTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="BrowserHTM"
.
[HKEY_USERS\S-1-5-21-2400914848-400651550-2087204018-1002_Classes\Wow6432Node\CLSID\{1e672aed-bf1a-4969-9501-5847fd0bbb7c}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000121
"Therad"=dword:00000019
.
[HKEY_USERS\S-1-5-21-2400914848-400651550-2087204018-1002_Classes\Wow6432Node\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):b0,36,d2,d5,55,b7,ee,df,0c,c8,96,3e,c0,58,58,d7,c0,f8,31,c8,b7,
8c,da,82,9c,09,c0,c6,a9,1f,76,b4,92,95,27,63,e5,5b,e1,14,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
Voilà le rapport.
Pour les changements on peut notamment noter que je peux naviguer sur IE
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.8085.5850 [GMT 1:00]
Lancé depuis: c:\users\Lucas\Desktop\ComboFix.exe
Commutateurs utilisés :: c:\users\Lucas\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- Un nouveau point de restauration a été créé
.
FILE ::
"c:\windows\Tasks\APSnotifierPP1.job"
"c:\windows\Tasks\APSnotifierPP2.job"
"c:\windows\Tasks\APSnotifierPP3.job"
"c:\windows\Tasks\BlockAndSurf Update.job"
"c:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job"
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\AnyProtectEx
c:\program files (x86)\AnyProtectEx\AnyProtect.exe
c:\program files (x86)\AnyProtectEx\Uninstall.exe
c:\program files (x86)\globalUpdate
c:\program files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe
c:\program files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe
c:\program files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe
c:\program files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateHelper.msi
c:\program files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe
c:\program files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll
c:\program files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll
c:\program files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll
c:\program files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll
c:\program files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll
c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe
c:\program files (x86)\HQCinema Pro 2.1V14.03\07fd8417-1c2d-427f-a329-e9c4b566df7a.dll
c:\program files (x86)\HQCinema Pro 2.1V14.03\dc3d1229-40b4-460a-96fa-d71269b8c8cf.dll
c:\program files (x86)\Mysearchdial
c:\program files (x86)\Mysearchdial\1.8.21.0\bh\mysearchdial.dll
c:\program files (x86)\Mysearchdial\1.8.21.0\FavIcon.ico
c:\program files (x86)\Mysearchdial\1.8.21.0\mysearchdialApp.dll
c:\program files (x86)\Mysearchdial\1.8.21.0\mysearchdialEng.dll
c:\program files (x86)\Mysearchdial\1.8.21.0\mysearchdialsrv.exe
c:\program files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll
c:\program files (x86)\Mysearchdial\1.8.21.0\Sqlite3.dll
c:\program files (x86)\Mysearchdial\1.8.21.0\uninstall.exe
c:\program files\shopperz
c:\program files\shopperz\csrcc.exe
c:\program files\shopperz\Firefox\chrome.manifest
c:\program files\shopperz\Firefox\chrome\content\libraries\DataExchangeScript.js
c:\program files\shopperz\Firefox\chrome\content\main.js
c:\program files\shopperz\Firefox\chrome\content\resources\LocalScript.js
c:\program files\shopperz\Firefox\defaults\preferences\defaults.js
c:\program files\shopperz\garrus.dll
c:\program files\shopperz\grunt.exe
c:\program files\shopperz\kasumi32.dll
c:\program files\shopperz\kasumi64.dll
c:\program files\shopperz\krios.dll
c:\program files\shopperz\krios64.dll
c:\program files\shopperz\liara.dll
c:\program files\shopperz\liara64.dll
c:\program files\shopperz\libraries\DataExchangeScript.js
c:\program files\shopperz\nfregdrv64.exe
c:\program files\shopperz\nseven.exe
c:\program files\shopperz\resources\LocalScript.js
c:\program files\shopperz\tree.js
c:\program files\shopperz\tsoni.dll
c:\program files\shopperz\tsoni64.dll
c:\program files\shopperz\unins000.exe
c:\program files\shopperz\wrex.exe
c:\program files\shopperz\wrex64.exe
c:\program files\shopperz\zaeed.bat
c:\program files\WajaWebEnhancer
c:\program files\WajaWebEnhancer\dlls\pqxlptxrdbig.dll
c:\program files\WajaWebEnhancer\dlls\uhnesmwlydzopao.dll
c:\program files\WajaWebEnhancer\logos\amazon.ico
c:\program files\WajaWebEnhancer\logos\argos.ico
c:\program files\WajaWebEnhancer\logos\ask.ico
c:\program files\WajaWebEnhancer\logos\bestbuy.ico
c:\program files\WajaWebEnhancer\logos\ebay.ico
c:\program files\WajaWebEnhancer\logos\etsy.ico
c:\program files\WajaWebEnhancer\logos\facebook.ico
c:\program files\WajaWebEnhancer\logos\favicon.ico
c:\program files\WajaWebEnhancer\logos\google.ico
c:\program files\WajaWebEnhancer\logos\homedepot.ico
c:\program files\WajaWebEnhancer\logos\ikea.ico
c:\program files\WajaWebEnhancer\logos\imdb.ico
c:\program files\WajaWebEnhancer\logos\lowes.ico
c:\program files\WajaWebEnhancer\logos\mercado.ico
c:\program files\WajaWebEnhancer\logos\mysearchweb.ico
c:\program files\WajaWebEnhancer\logos\myshopping.ico
c:\program files\WajaWebEnhancer\logos\searchresult.ico
c:\program files\WajaWebEnhancer\logos\sears.ico
c:\program files\WajaWebEnhancer\logos\setting.ico
c:\program files\WajaWebEnhancer\logos\settings.ico
c:\program files\WajaWebEnhancer\logos\shopping.ico
c:\program files\WajaWebEnhancer\logos\target.ico
c:\program files\WajaWebEnhancer\logos\tesco.ico
c:\program files\WajaWebEnhancer\logos\tripadvisor.ico
c:\program files\WajaWebEnhancer\logos\twitter.ico
c:\program files\WajaWebEnhancer\logos\wajam.ico
c:\program files\WajaWebEnhancer\logos\walmart.ico
c:\program files\WajaWebEnhancer\logos\wiki.ico
c:\program files\WajaWebEnhancer\logos\yahoo.ico
c:\program files\WajaWebEnhancer\logos\zalando.ico
c:\program files\WajaWebEnhancer\snotlings
c:\program files\WajaWebEnhancer\waaaghs
c:\program files\WajaWebEnhancer\wajam.exe
c:\program files\WajaWebEnhancer\wajam.ico
c:\program files\WajaWebEnhancer\wajam_goblin.dll
c:\program files\WajaWebEnhancer\wajam_goblin_64.dll
c:\program files\WajaWebEnhancer\WWE_uninstall.exe
c:\programdata\WindowsMangerProtect
c:\programdata\WindowsMangerProtect\ProtectWindowsManager.exe
c:\users\Lucas\AppData\Roaming\omniboxes
c:\users\Lucas\AppData\Roaming\omniboxes\UninstallManager.exe
c:\users\Lucas\AppData\Roaming\RHEng
c:\users\Lucas\AppData\Roaming\RHEng\3A575B6EB8B045E8A175882B0508E7DB\TuneUpUtilities2014_fr-FR_2200565.exe
c:\users\Lucas\AppData\Roaming\RHEng\8FB0FC0E1F174328B070F1381DFC9D5A\WWE_1.2.0.53.exe
c:\users\Lucas\AppData\Roaming\VOPackage
c:\users\Lucas\AppData\Roaming\VOPackage\Uninstall.exe
c:\users\Lucas\AppData\Roaming\VOPackage\VOPackage.exe
c:\windows\Tasks\APSnotifierPP1.job
c:\windows\Tasks\APSnotifierPP2.job
c:\windows\Tasks\APSnotifierPP3.job
c:\windows\Tasks\BlockAndSurf Update.job
c:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_70F4EEDB-1367-4b4f-8247-3133551A7415
-------\Service_csrcc
-------\Service_globalUpdatem
-------\Service_shopperz Updater
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2015-02-22 au 2015-03-22 ))))))))))))))))))))))))))))))))))))
.
.
2015-03-22 14:35 . 2015-03-22 14:35 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2015-03-21 22:32 . 2015-03-21 22:34 -------- d-----w- C:\FRST
2015-03-20 21:31 . 2015-03-14 13:59 50800 ----a-w- c:\windows\system32\drivers\webTinstMKTN.sys
2015-03-20 19:15 . 2015-01-29 09:07 11910896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{41A962D3-F865-46AF-A00D-7ACEC0EBD932}\mpengine.dll
2015-03-18 22:46 . 2015-03-19 13:04 -------- d-----w- c:\users\Lucas\AppData\Roaming\ZHP
2015-03-14 14:08 . 2015-01-06 11:38 60376 ----a-w- c:\windows\system32\drivers\cherimoya.sys
2015-03-14 14:00 . 2015-03-20 21:32 2225 ----a-w- c:\windows\patsearch.bin
2015-03-14 14:00 . 2015-03-20 19:04 -------- d-----w- c:\program files (x86)\ver5BlockAndSurf
2015-03-14 13:59 . 2015-03-12 08:59 319392 ----a-w- c:\windows\SysWow64\BDL.dll
2015-03-14 13:59 . 2015-03-20 19:04 -------- d-----w- c:\program files (x86)\IGS
2015-03-14 13:58 . 2015-03-20 19:04 -------- d-----w- c:\users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68
2015-03-14 13:58 . 2015-03-20 19:04 -------- d-----w- c:\program files (x86)\QuickRef_1.10.0.9
2015-03-14 13:57 . 2015-03-22 11:10 -------- d-----w- c:\users\Lucas\AppData\Local\gmsd_fr_315
2015-03-14 13:57 . 2015-03-20 19:04 -------- d-----w- c:\program files (x86)\gmsd_fr_315
2015-03-14 13:35 . 2015-03-14 13:39 -------- d-----w- c:\users\Lucas\AppData\Local\pangu
2015-03-14 13:19 . 2015-03-14 13:20 5 ----a-w- c:\windows\SysWow64\lMMLDeleteUserData42107612FX.tmp
2015-03-14 13:10 . 2015-03-14 13:10 -------- d-sh--w- c:\users\Lucas\AppData\Local\EmieBrowserModeList
2015-03-14 12:29 . 2015-03-22 11:10 -------- d-----w- c:\users\Lucas\AppData\Local\20A86E35-1426339770-E111-BEF1-9131AF183E68
2015-03-14 12:29 . 2015-03-14 12:29 -------- d-----w- c:\users\Lucas\AppData\Local\20A86E35-1426339754-E111-BEF1-9131AF183E68
2015-03-14 12:26 . 2015-03-20 19:04 -------- d-----w- c:\users\Lucas\AppData\Local\20A86E35-1426339612-E111-BEF1-9131AF183E68
2015-03-14 12:26 . 2015-03-20 19:04 -------- d-----w- c:\users\Lucas\AppData\Local\Pro_PC_Cleaner
2015-03-14 12:25 . 2015-03-14 12:25 -------- d-----w- c:\users\Lucas\AppData\Roaming\20A86E35-1426335947-E111-BEF1-9131AF183E68
2015-03-14 12:25 . 2015-03-14 16:49 -------- d-----w- c:\users\Lucas\AppData\Roaming\20A86E35-1426335937-E111-BEF1-9131AF183E68
2015-03-14 12:23 . 2015-03-22 12:36 -------- d-----w- c:\program files (x86)\a9fb2d45-e2ce-4e46-acbf-64825b029422
2015-03-14 12:23 . 2015-03-22 14:34 -------- d-----w- c:\program files (x86)\HQCinema Pro 2.1V14.03
2015-03-14 12:02 . 2012-10-03 15:14 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2015-03-14 12:02 . 2015-03-14 12:02 -------- dc----w- c:\windows\system32\DRVSTORE
2015-03-14 12:01 . 2015-03-14 12:02 -------- d-----w- c:\programdata\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-03-14 12:01 . 2015-03-14 12:02 -------- d-----w- c:\program files\iTunes
2015-03-14 12:01 . 2015-03-14 12:01 -------- d-----w- c:\program files (x86)\iTunes
2015-03-14 12:01 . 2015-03-14 12:01 -------- d-----w- c:\programdata\Apple Computer
2015-03-14 12:01 . 2015-03-14 12:01 -------- d-----w- c:\program files\iPod
2015-03-14 11:59 . 2015-03-14 11:59 -------- d-----w- c:\users\Lucas\AppData\Local\Apple
2015-03-14 11:59 . 2015-03-20 19:04 -------- d-----w- c:\program files (x86)\Apple Software Update
2015-03-14 11:59 . 2015-03-14 11:59 -------- d-----w- c:\program files\Bonjour
2015-03-14 11:59 . 2015-03-14 11:59 -------- d-----w- c:\program files (x86)\Bonjour
2015-03-14 11:58 . 2015-03-14 12:01 -------- d-----w- c:\program files\Common Files\Apple
2015-03-14 11:58 . 2015-03-14 11:59 -------- d-----w- c:\programdata\Apple
2015-03-14 11:58 . 2015-03-14 11:59 -------- d-----w- c:\program files (x86)\Common Files\Apple
2015-03-11 23:22 . 2015-02-20 03:29 372224 ----a-w- c:\windows\system32\atmfd.dll
2015-03-11 23:22 . 2015-02-20 04:41 41984 ----a-w- c:\windows\system32\lpk.dll
2015-03-11 23:22 . 2015-02-20 04:40 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-03-11 23:22 . 2015-02-20 03:09 299008 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-03-11 23:22 . 2015-02-20 04:40 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-03-11 23:22 . 2015-02-20 04:40 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-03-11 23:22 . 2015-02-20 04:13 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-03-11 23:22 . 2015-02-20 04:13 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-03-11 23:22 . 2015-02-20 04:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-03-11 23:22 . 2015-02-20 04:12 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-03-11 23:20 . 2015-02-13 05:22 14177280 ----a-w- c:\windows\system32\shell32.dll
2015-03-11 23:17 . 2015-02-21 01:19 950784 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2015-03-11 23:17 . 2015-02-20 02:49 584192 ----a-w- c:\windows\system32\vbscript.dll
2015-03-11 23:17 . 2015-02-20 02:47 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2015-03-11 23:17 . 2015-02-20 01:28 2358784 ----a-w- c:\windows\system32\wininet.dll
2015-03-11 23:17 . 2015-02-20 01:09 382976 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2015-03-11 23:17 . 2015-02-24 03:15 293032 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2015-03-11 23:17 . 2015-02-21 01:16 25021440 ----a-w- c:\windows\system32\mshtml.dll
2015-03-11 23:17 . 2015-02-20 02:08 199680 ----a-w- c:\windows\system32\msrating.dll
2015-03-11 23:17 . 2015-02-20 02:08 1016832 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2015-03-11 23:16 . 2015-02-04 03:16 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2015-03-11 23:16 . 2015-02-04 02:54 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2015-03-04 07:43 . 2015-03-04 07:43 -------- d-----w- c:\program files (x86)\Common Files\Adobe Systems Shared
2015-03-04 07:30 . 2015-03-04 07:30 -------- d-----w- C:\PS_CS2_FR_NonRet
2015-03-04 07:03 . 2015-01-09 03:14 91136 ----a-w- c:\windows\system32\wdi.dll
2015-03-04 07:03 . 2015-01-09 03:14 950272 ----a-w- c:\windows\system32\perftrack.dll
2015-03-04 07:03 . 2015-01-09 03:14 29696 ----a-w- c:\windows\system32\powertracker.dll
2015-03-04 07:03 . 2015-01-09 02:48 76800 ----a-w- c:\windows\SysWow64\wdi.dll
2015-03-02 00:30 . 2015-03-02 00:30 -------- d-----w- c:\users\Lucas\AppData\Roaming\TuneUp Software
2015-03-02 00:30 . 2015-03-02 00:30 -------- d-----w- c:\users\Lucas\AppData\Local\TuneUp Software
2015-03-02 00:30 . 2015-03-02 00:31 -------- d-----w- c:\programdata\TuneUp Software
2015-03-02 00:30 . 2015-03-02 00:30 -------- d-sh--w- c:\programdata\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2015-03-02 00:30 . 2015-03-02 00:30 -------- d--h--w- c:\programdata\Common Files
2015-03-02 00:29 . 2015-03-02 00:29 -------- d-----w- c:\program files\WinPcap
2015-03-02 00:29 . 2015-03-02 00:29 -------- d-----w- c:\programdata\Freemake
2015-03-02 00:28 . 2015-03-02 00:29 -------- d-----w- c:\program files (x86)\Freemake
2015-02-26 11:35 . 2015-02-26 11:35 -------- d-----w- c:\users\Lucas\AppData\Local\Steam
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-03-20 19:12 . 2012-09-17 06:26 1041168 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2015-03-20 19:12 . 2012-09-17 06:26 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2015-03-13 16:05 . 2012-08-20 04:28 122905848 ----a-w- c:\windows\system32\MRT.exe
2015-02-24 02:17 . 2010-11-21 03:27 295552 ------w- c:\windows\system32\MpSigStub.exe
2015-02-17 14:26 . 2015-02-17 14:26 1217184 ----a-w- c:\windows\SysWow64\FM20.DLL
2015-02-06 19:58 . 2015-02-06 19:58 58224 ----a-w- c:\windows\system32\drivers\qrnfd_1_10_0_9.sys
2015-02-04 20:45 . 2012-02-26 10:11 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-04 20:45 . 2012-02-26 10:11 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-02-04 03:16 . 2015-02-12 09:53 609280 ----a-w- c:\windows\system32\generaltel.dll
2015-02-04 03:16 . 2015-02-12 09:53 762368 ----a-w- c:\windows\system32\invagent.dll
2015-02-04 03:16 . 2015-02-12 09:53 414720 ----a-w- c:\windows\system32\devinv.dll
2015-02-04 03:16 . 2015-02-12 09:53 894976 ----a-w- c:\windows\system32\appraiser.dll
2015-02-04 03:16 . 2015-02-12 09:53 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-02-04 03:16 . 2015-02-12 09:53 192000 ----a-w- c:\windows\system32\aepic.dll
2015-02-04 03:13 . 2015-02-12 09:53 1098752 ----a-w- c:\windows\system32\aeinv.dll
2015-01-27 23:36 . 2015-02-12 09:53 1239720 ----a-w- c:\windows\system32\aitstatic.exe
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
- Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{45FE7DE3-60B5-7692-4294-A09C8F75D7B2}]
2015-03-14 13:59 495104 ----a-w- c:\program files (x86)\ver5BlockAndSurf\190.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Xvid"="c:\program files (x86)\Xvid\CheckUpdate.exe" [2011-01-17 8192]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
"Spotify Web Helper"="c:\users\Lucas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-06-20 1104384]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2015-02-18 2874048]
"EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\x64\3\E_IATILFE.EXE" [2013-01-23 297024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2011-12-05 291096]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2011-09-15 61112]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2011-03-30 87336]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2011-09-28 75048]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-08-19 379960]
"HP CoolSense"="c:\program files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" [2012-11-05 1343904]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-03-05 578944]
"Magic Desktop for HP notification"="c:\programdata\Easybits Magic Desktop for HP\mdhpSUN.exe" [2013-12-11 1243656]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-03-20 4085896]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"WinCheck"="c:\users\Lucas\AppData\Local\20A86E35-1426339612-E111-BEF1-9131AF183E68\bnsm738F.exe" [2015-03-14 305152]
"gmsd_fr_315"="c:\program files (x86)\gmsd_fr_315\gmsd_fr_315.exe" [2015-03-13 3977896]
.
c:\users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
Dropbox.lnk - c:\users\Lucas\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-3-4 42560368]
OneNote 2010 - Capture d'écran et lancement.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-6-25 228552]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2012-12-6 1393528]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
.
R2 bohihozy;Field Flip;c:\users\Lucas\AppData\Roaming\20A86E35-1426335937-E111-BEF1-9131AF183E68\jnsr94B2.tmp;c:\users\Lucas\AppData\Roaming\20A86E35-1426335937-E111-BEF1-9131AF183E68\jnsr94B2.tmp [x]
R2 CLKMSVC10_38F51D56;CyberLink Product - 2012/04/09 19:02;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 dydodijo;Keypad Wireless;c:\users\Lucas\AppData\Local\20A86E35-1426339754-E111-BEF1-9131AF183E68\cnsnA125.tmp;c:\users\Lucas\AppData\Local\20A86E35-1426339754-E111-BEF1-9131AF183E68\cnsnA125.tmp [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 lxeaCATSCustConnectService;lxeaCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe;c:\windows\SYSNATIVE\spool\DRIVERS\x64\3\\lxeaserv.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\DRIVERS\btwdpan.sys;c:\windows\SYSNATIVE\DRIVERS\btwdpan.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;c:\windows\system32\DRIVERS\RtsP2Stor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsP2Stor.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TrueService;TrueAPI Service component;c:\program files\Common Files\AuthenTec\TrueService.exe;c:\program files\Common Files\AuthenTec\TrueService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iusb3hcs;Pilote de commutateur de contrôleur d'hôte Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 cherimoya;cherimoya;c:\windows\system32\drivers\cherimoya.sys;c:\windows\SYSNATIVE\drivers\cherimoya.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 qrnfd_1_10_0_9;qrnfd_1_10_0_9;c:\windows\system32\drivers\qrnfd_1_10_0_9.sys;c:\windows\SYSNATIVE\drivers\qrnfd_1_10_0_9.sys [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 BasementDuster;BasementDuster;c:\program files (x86)\IGS\BasementDuster.exe;c:\program files (x86)\IGS\BasementDuster.exe [x]
S2 EPSON_PM_RPCV4_06;EPSON V3 Service4(06);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [x]
S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe;c:\windows\SYSNATIVE\EscSvc64.exe [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass\TrueSuiteService.exe;c:\program files (x86)\HP SimplePass\TrueSuiteService.exe [x]
S2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe [x]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 lxea_device;lxea_device;c:\windows\system32\lxeacoms.exe;c:\windows\SYSNATIVE\lxeacoms.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 mupogifi;Broadcast Function Key;c:\users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68\insx6338.tmp;c:\users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68\insx6338.tmp [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 qrsvc_1.10.0.9;Quick Ref 1.10.0.9 Client Service;c:\program files (x86)\QuickRef_1.10.0.9\Service\qrsvc.exe;c:\program files (x86)\QuickRef_1.10.0.9\Service\qrsvc.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 Websteroids;Websteroids;c:\programdata\Websteroids\up\2.6.80\WebsteroidsService.exe;c:\programdata\Websteroids\up\2.6.80\WebsteroidsService.exe [x]
S2 webTinstMKTN;webTinstMKTN;c:\windows\system32\Drivers\webTinstMKTN.sys;c:\windows\SYSNATIVE\Drivers\webTinstMKTN.sys [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 IntcDAud;Son Intel(R) pour écrans;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Pilote de concentrateur Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]
S3 iusb3xhc;Pilote du contrôleur d'hôte extensible Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SmbDrv;SmbDrv;c:\windows\system32\drivers\Smb_driver.sys;c:\windows\SYSNATIVE\drivers\Smb_driver.sys [x]
.
.
--- Autres Services/Pilotes en mémoire ---
.
- Deregistered* - CLKMDRV10_38F51D56
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-03-11 23:04 1061704 ----a-w- c:\program files (x86)\Google\Chrome\Application\41.0.2272.89\Installer\chrmstp.exe
.
Contenu du dossier 'Tâches planifiées'
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-6.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-6.exe [2015-03-14 12:24]
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-7.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-7.exe [2015-03-14 12:24]
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-10_user.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-10.exe [2015-03-14 12:23]
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-3.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-3.exe [2015-03-14 12:23]
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-4.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-4.exe [2015-03-14 12:24]
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-5.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-5.exe [2015-03-14 12:24]
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-5_user.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-5.exe [2015-03-14 12:24]
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-6.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-6.exe [2015-03-14 12:23]
.
2015-03-22 c:\windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-7.job
- c:\program files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-7.exe [2015-03-14 12:23]
.
2015-03-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-02-26 20:45]
.
2015-03-22 c:\windows\Tasks\EPSON XP-312 313 315 Series Invitation {EEC0BF53-0EAD-4FBC-B87D-CF4EF1BB2ED7}.job
- c:\windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [2014-08-24 16:20]
.
2015-03-22 c:\windows\Tasks\EPSON XP-312 313 315 Series Update {EEC0BF53-0EAD-4FBC-B87D-CF4EF1BB2ED7}.job
- c:\windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [2014-08-24 16:20]
.
2015-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-12-22 22:30]
.
2015-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-12-22 22:30]
.
2015-03-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2400914848-400651550-2087204018-1002Core.job
- c:\users\Lucas\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-11 17:51]
.
2015-03-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2400914848-400651550-2087204018-1002UA.job
- c:\users\Lucas\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-11 17:51]
.
2015-03-11 c:\windows\Tasks\HPCeeScheduleForLUCAS-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 03:43]
.
2015-03-22 c:\windows\Tasks\HPCeeScheduleForLucas.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 03:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{45FE7DE3-60B5-7692-4294-A09C8F75D7B2}]
2015-03-14 13:59 237056 ----a-w- c:\program files (x86)\ver5BlockAndSurf\190_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\Lucas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-07 10:13 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-30 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-30 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-30 440600]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SetDefault"="c:\program files\Hewlett-Packard\HP LaunchBox\SetDefault.exe" [2011-12-19 44880]
"lxeamon.exe"="c:\program files (x86)\Lexmark S300-S400 Series\lxeamon.exe" [2011-01-24 770728]
"EzPrint"="c:\program files (x86)\Lexmark S300-S400 Series\ezprint.exe" [2011-01-24 148280]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2013-09-16 1425408]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-02-13 169768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1426335965&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S&q={searchTerms}
mDefault_Search_URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S&q={searchTerms}
mDefault_Page_URL = hxxp://www.omniboxes.com/?type=hp&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S
mStart Page = hxxp://www.omniboxes.com/?type=hp&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.omniboxes.com/web/?type=ds&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S&q={searchTerms}
uInternet Settings,ProxyOverride = *.local
IE: &Envoyer à OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\
FF - prefs.js: browser.search.selectedEngine - omniboxes
FF - prefs.js: browser.startup.homepage - hxxp://www.omniboxes.com/?type=hp&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S
FF - prefs.js: keyword.URL -
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: network.http.spdy.enabled - false
.
- - - - ORPHELINS SUPPRIMES - - - -
.
BHO-{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - c:\program files (x86)\Mysearchdial\1.8.21.0\bh\mysearchdial.dll
Toolbar-{3004627E-F8E9-4E8B-909D-316753CBA923} - c:\program files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM-Run-shopperz - c:\program files\shopperz\wrex.exe
HKLM-Run-shopperz64 - c:\program files\shopperz\wrex64.exe
AddRemove-38900_Discount Dragon - c:\users\Lucas\AppData\Local\Discount Dragon\uninstall.exe
AddRemove-AnyProtect - c:\program files (x86)\AnyProtectEx\uninstall.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-FileParade bundle uninstaller - c:\program files (x86)\sweetpacks bundle uninstaller\uninstaller.exe
AddRemove-MediaPlayerV1alpha208 - c:\program files (x86)\MediaPlayerV1\MediaPlayerV1alpha208\uninstall.exe
AddRemove-MediaViewerV1alpha167 - c:\program files (x86)\MediaViewerV1\MediaViewerV1alpha167\uninstall.exe
AddRemove-MediaViewV1alpha734 - c:\program files (x86)\MediaViewV1\MediaViewV1alpha734\uninstall.exe
AddRemove-mysearchdial - c:\program files (x86)\Mysearchdial\1.8.21.0\uninstall.exe
AddRemove-omniboxes uninstall - c:\users\Lucas\AppData\Roaming\omniboxes\UninstallManager.exe
AddRemove-SearchProtect - c:\progra~2\SearchProtect\Main\bin\uninstall.exe
AddRemove-SeeWeblists - c:\users\Lucas\AppData\Local\Temp\Zzoomit_uninstall.exe
AddRemove-Video Player - c:\program files (x86)\VideoPlayerV3\VideoPlayerV3beta939\uninstall.exe
AddRemove-VideoPad - c:\program files (x86)\NCH Software\VideoPad\videopad.exe
AddRemove-VOPackage - c:\users\Lucas\AppData\Roaming\VOPackage\Uninstall.exe
AddRemove-Wajam Web Enhancer - c:\program files\WajaWebEnhancer\WWE_uninstall.exe
AddRemove-Webexp Enhanced - c:\program files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha917\uninstall.exe
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bohihozy]
"ImagePath"="c:\users\Lucas\AppData\Roaming\20A86E35-1426335937-E111-BEF1-9131AF183E68\jnsr94B2.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\dydodijo]
"ImagePath"="c:\users\Lucas\AppData\Local\20A86E35-1426339754-E111-BEF1-9131AF183E68\cnsnA125.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mupogifi]
"ImagePath"="c:\users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68\insx6338.tmp"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="BrowserHTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="BrowserHTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="BrowserHTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="BrowserHTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="BrowserHTM"
.
[HKEY_USERS\S-1-5-21-2400914848-400651550-2087204018-1002_Classes\Wow6432Node\CLSID\{1e672aed-bf1a-4969-9501-5847fd0bbb7c}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000121
"Therad"=dword:00000019
.
[HKEY_USERS\S-1-5-21-2400914848-400651550-2087204018-1002_Classes\Wow6432Node\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):b0,36,d2,d5,55,b7,ee,df,0c,c8,96,3e,c0,58,58,d7,c0,f8,31,c8,b7,
8c,da,82,9c,09,c0,c6,a9,1f,76,b4,92,95,27,63,e5,5b,e1,14,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
Voilà le rapport.
Pour les changements on peut notamment noter que je peux naviguer sur IE
Pour les changements on peut notamment noter que je peux naviguer sur IE
Déjà une bonne nouvelle! :-)
-----------
On va continuer alors :
Avant de lancer un script avec FRST, tu peux faire ceci :
1/
- Redémarre ton PC
- Lance Zhpcleaner puis poste le rapport stp
===> https://forums.commentcamarche.net/forum/affich-31720925-bug-internet#1
2/
- Lance FRST pour faire une analyse puis poste les 2 nouveaux rapports
@+
¤¤¤ Le meilleur remède pour tous les problèmes, c'est la patience.... ¤¤¤
~ ZHPCleaner v2015.3.21.134 by Nicolas Coolman (22/03/2015)
~ Run by Lucas (Administrator) (22/03/2015 17:18:38)
~ Forum : https://nicolascoolman.eu
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Réparer
~ Report : C:\Users\Lucas\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Lucas\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 7, 64-bit Service Pack 1 (Build 7601)
---\\ Service. (3)
ARRETÉ : qrsvc_1.10.0.9 (Heuristic.Optional)
ARRETÉ : Websteroids (PUP.InternetUpdater)
---\\ Navigateur internet. (23)
SUPPRIMÉ Firefox: [yj14nruh.default-1393767299553] URL HomePage : hxxp://www.omniboxes.com/?type=hp&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S [...] (PUP.Omniboxes)
DEPLACÉ fichier: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\Extensions\ffxtlbr@mysearchdial.com\chrome.manifest (PUP.MySearchDial)
DEPLACÉ fichier: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\Extensions\ffxtlbr@mysearchdial.com\components (PUP.MySearchDial)
DEPLACÉ fichier: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\Extensions\ffxtlbr@mysearchdial.com\content (PUP.MySearchDial)
DEPLACÉ fichier*: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\Extensions\searchengine@gmail.com\chrome (PUP.SearchEngine)
DEPLACÉ fichier: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\Extensions\searchengine@gmail.com\chrome.manifest (PUP.SearchEngine)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\Extensions\ffxtlbr@mysearchdial.com (PUP.MySearchDial)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\Extensions\searchengine@gmail.com (PUP.SearchEngine)
REMPLACÉ IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL [hxxp://www.omniboxes.com/web/?type=ds&ts=1426335965&from=obw&uid=TOSHIBAXMK1059G[...]] (PUP.Omniboxes)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Start Page [hxxp://www.omniboxes.com/?type=hp&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_[...]] (PUP.Omniboxes)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Default_Page_URL [hxxp://www.omniboxes.com/?type=hp&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_[...]] (PUP.Omniboxes)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Default_Search_URL [hxxp://www.omniboxes.com/web/?type=ds&ts=1426336014&from=obw&uid=TOSHIBAXMK1059G[...]] (PUP.Omniboxes)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Start Page [hxxp://www.omniboxes.com/?type=hp&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_[...]] (PUP.Omniboxes)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Search Page [hxxp://www.omniboxes.com/web/?type=ds&ts=1426336014&from=obw&uid=TOSHIBAXMK1059G[...]] (PUP.Omniboxes)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs\\Tabs [hxxp://start.mysearchdial.com/?f=2&a=wnzp_14_19_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzz[...]] (PUP.MySearchDial)
DEPLACÉ fichier: C:\Program Files (x86)\ver5BlockAndSurf\190_x64.dll (PUP.BlockAndSurf)
DEPLACÉ fichier: C:\Users\Lucas\Desktop\AnyProtect.lnk [Bad : C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe] (PUP.AnyProtect)
REMPLACÉ Desktop: C:\Users\Lucas\Desktop\Google Chrome.lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S --use-spdy=off --disable-quic] (Hijacker.Browser)
REMPLACÉ Quicklaunch: C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S --use-spdy=off --disable-quic] (Hijacker.Browser)
REMPLACÉ Quicklaunch: C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S] (Hijacker.Browser)
REMPLACÉ TaskBar: C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S] (Hijacker.Browser)
REMPLACÉ SystemTools: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S] (Hijacker.Browser)
REMPLACÉ Programs: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S] (Hijacker.Browser)
---\\ Fichier hôte. (1)
~ Le fichier hôte est légitime. (1)
---\\ Tâche planifiée. (30)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-6] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-6.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-6] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-6.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-7] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-7.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-7] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-7.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-10_user] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-10.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-10_user] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-10.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-3] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-3.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-3] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-3.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-4] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-4.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-4] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-4.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-5] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-5.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-5] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-5.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-5_user] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-5.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-5_user] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-5.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-6] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-6.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-6] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-6.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-7] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-7.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-7] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-7.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [APSnotifierPP1] [C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (Not File) ] (PUP.AnyProtect)
SUPPRIMÉ tâche: [APSnotifierPP2] [C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (Not File) ] (PUP.AnyProtect)
SUPPRIMÉ tâche: [APSnotifierPP3] [C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (Not File) ] (PUP.AnyProtect)
SUPPRIMÉ tâche: [BlockAndSurf Update] [C:\Program Files (x86)\ver5BlockAndSurf\J4BlockAndSurfJ52.exe] (PUP.BlockAndSurf)
SUPPRIMÉ tâche: [BlockAndSurf Update] [C:\Program Files (x86)\ver5BlockAndSurf\J4BlockAndSurfJ52.exe] (PUP.BlockAndSurf)
SUPPRIMÉ tâche: [gameo_update] [C:\Users\Lucas\AppData\Roaming\Gameo\gameo.exe (Not File) ] (PUP.Gameo)
SUPPRIMÉ tâche: [globalUpdateUpdateTaskMachineCore] [C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe (Not File) ] (PUP.GlobalUpdate)
SUPPRIMÉ tâche: [globalUpdateUpdateTaskMachineCore] [C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe (Not File) ] (PUP.GlobalUpdate)
SUPPRIMÉ tâche: [gtaUpt] [C:\Program Files\shopperz\zaeed.bat ,N/A,N/A,Activ'e,D'sactiv'e,Arrêter sur la batterie, Ne pas lancer sur batterie,Système,Activ'e,72:00:00,Les donn'es de planification ne sont pas disponibles dans ce format.,Tous les jours ,15:08:00,14/03/2015,N/A,Tous les (Not File) ] (PUP.Shopperz)
SUPPRIMÉ tâche: [ProPCCleaner_Popup] [C:\Program Files (x86)\Pro PC Cleaner\Splash.exe (Not File) ] (PUP.DoctorPC)
SUPPRIMÉ tâche: [ProPCCleaner_Start] [C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe (Not File) ] (PUP.DoctorPC)
SUPPRIMÉ tâche: [SmartWeb Upgrade Trigger Task] [C:\Users\Lucas\AppData\Local\SmartWeb\SmartWebHelper.exe (Not File) ] (PUP.SmartWebSearch)
---\\ Explorateur ( Dossiers, Fichiers ). (115)
DEPLACÉ fichier: C:\Program Files (x86)\IGS\BasementDuster.exe [BD Inc. - ] (PUP.BasementDuster)
DEPLACÉ dossier: C:\Program Files (x86)\a9fb2d45-e2ce-4e46-acbf-64825b029422 (PUP.CrossRider)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Roaming\mysearchdial (Heuristic.InstallCore)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Roaming\WSE_Vosteran (Heuristic.InstallCore)
DEPLACÉ fichier: C:\Users\Lucas\AppData\Roaming\20A86E35-1426335937-E111-BEF1-9131AF183E68\jnsr94B2.tmp (Generic.Trojan)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Roaming\20A86E35-1426335937-E111-BEF1-9131AF183E68 (Generic.Trojan)
DEPLACÉ fichier: C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-6.exe [HQ CinemaV14.03 - HQCinema Pro 2.1V14.03 exe] (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-7.exe [HQ CinemaV14.03 - HQCinema Pro 2.1V14.03 exe] (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-10.exe [HQ CinemaV14.03 - HQCinema Pro 2.1V14.03 exe] (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-3.exe [HQ CinemaV14.03 - HQCinema Pro 2.1V14.03 exe] (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-4.exe [HQ CinemaV14.03 - HQCinema Pro 2.1V14.03 exe] (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-5.exe [HQ CinemaV14.03 - HQCinema Pro 2.1V14.03 exe] (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-6.exe [HQ CinemaV14.03 - HQCinema Pro 2.1V14.03 exe] (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-7.exe [HQ CinemaV14.03 - HQCinema Pro 2.1V14.03 exe] (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\ver5BlockAndSurf\J4BlockAndSurfJ52.exe (PUP.BlockAndSurf)
DEPLACÉ fichier: C:\Windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-5_user.job (PUP.CrossRider)
DEPLACÉ fichier: C:\Windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-7.job (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-64.exe [HQ CinemaV14.03 - HQCinema Pro 2.1V14.03 exe] (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\gmsd_fr_315\gamesdesktop_widget.exe (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\gmsd_fr_315\gmsd_fr_315.exe (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\gmsd_fr_315\predm.exe [AA - AA Setup] (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\gmsd_fr_315\unins000.exe [ - Setup/Uninstall] (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087.xpi (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\HQCinema Pro 2.1V14.03\bgNova.html (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\HQCinema Pro 2.1V14.03\dc3d1229-40b4-460a-96fa-d71269b8c8cf.crx (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\HQCinema Pro 2.1V14.03\Uninstall.exe (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\HQCinema Pro 2.1V14.03\UninstallBrw.exe [HQ CinemaV14.03 - HQCinema Pro 2.1V14.03 exe] (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\HQCinema Pro 2.1V14.03\utils.exe [Lywxxeykkjtdev LTD - Ouaynlxadeh] (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\QuickRef_1.10.0.9\Uninstall.exe [Quick Ref - Quick Ref Setup] (PUP.QuickRef)
DEPLACÉ fichier: C:\Program Files (x86)\ver5BlockAndSurf\190.dll (PUP.BlockAndSurf)
DEPLACÉ fichier: C:\Program Files (x86)\ver5BlockAndSurf\BlockAndSurf.exe (PUP.BlockAndSurf)
DEPLACÉ fichier: C:\Program Files (x86)\ver5BlockAndSurf\J4BlockAndSurfJ52.dll (PUP.BlockAndSurf)
DEPLACÉ fichier: C:\Program Files (x86)\ver5BlockAndSurf\sqlite3.dll (PUP.BlockAndSurf)
DEPLACÉ fichier: C:\Program Files (x86)\ver5BlockAndSurf\Uninstall.exe [Copyright (c) 2014 - Just For Windows] (PUP.BlockAndSurf)
DEPLACÉ fichier: C:\Program Files (x86)\WSE_Vosteran\FavIcon.ico (PUP.Vosteran)
DEPLACÉ fichier: C:\Program Files (x86)\WSE_Vosteran\Sqlite3.dll (PUP.Vosteran)
DEPLACÉ fichier: C:\Program Files (x86)\WSE_Vosteran\uninstall.exe [Setup © - Setup] (PUP.Vosteran)
DEPLACÉ dossier: C:\Program Files (x86)\QuickRef_1.10.0.9\Service (PUP.QuickRef)
DEPLACÉ dossier: C:\Program Files (x86)\ver5BlockAndSurf\x64 (PUP.BlockAndSurf)
DEPLACÉ dossier: C:\Program Files (x86)\gmsd_fr_315 (PUP.CrossRider)
DEPLACÉ dossier: C:\Program Files (x86)\HQCinema Pro 2.1V14.03 (PUP.CrossRider)
DEPLACÉ dossier: C:\Program Files (x86)\QuickRef_1.10.0.9 (PUP.QuickRef)
DEPLACÉ dossier**: C:\Program Files (x86)\ver5BlockAndSurf (PUP.BlockAndSurf)
DEPLACÉ dossier: C:\Program Files (x86)\WSE_Vosteran (PUP.Vosteran)
DEPLACÉ fichier: C:\ProgramData\Browser\prompt.exe [Microsoft - SysWrapper] (PUP.SpeedBrowser)
DEPLACÉ fichier: C:\ProgramData\Browser\prompt.exe.config (PUP.SpeedBrowser)
DEPLACÉ dossier: C:\ProgramData\Browser (PUP.SpeedBrowser)
DEPLACÉ fichier: C:\ProgramData\Websteroids\Uninstall.exe (PUP.InternetUpdater)
DEPLACÉ fichier: C:\ProgramData\Websteroids\Websteroids.exe [Creative Island Media, LLC - Websteroids] (PUP.InternetUpdater)
DEPLACÉ fichier: C:\ProgramData\Websteroids\Websteroids.exe.config (PUP.InternetUpdater)
DEPLACÉ fichier: C:\ProgramData\Websteroids\Websteroids.ico (PUP.InternetUpdater)
DEPLACÉ fichier: C:\ProgramData\Websteroids\Websteroids64.exe [Creative Island Media, LLC - Websteroids] (PUP.InternetUpdater)
DEPLACÉ fichier: C:\ProgramData\Websteroids\Websteroids64.exe.config (PUP.InternetUpdater)
DEPLACÉ fichier: C:\ProgramData\Websteroids\WebsteroidsService.exe [Creative Island Media, LLC - Websteroids Service] (PUP.InternetUpdater)
DEPLACÉ fichier: C:\ProgramData\Websteroids\WebsteroidsService.exe.config (PUP.InternetUpdater)
DEPLACÉ dossier: C:\ProgramData\Websteroids\up (PUP.InternetUpdater)
DEPLACÉ dossier: C:\ProgramData\Websteroids (PUP.InternetUpdater)
DEPLACÉ fichier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileParade bundle uninstaller\FileParade bundle uninstaller.lnk (PUP.FileParadeBundle)
DEPLACÉ fichier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP\GamesDesktop.lnk (Adware.GamesDesktop)
DEPLACÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileParade bundle uninstaller (PUP.FileParadeBundle)
DEPLACÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP (Adware.GamesDesktop)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Roaming\0V1L2Z2Z1T1I1L1T\Songr Packages (Adware.InstallCore)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Roaming\0V1L2Z2Z1T1I1L1T (Adware.InstallCore)
DEPLACÉ fichier: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup\AnyProtect.lnk (PUP.AnyProtect)
DEPLACÉ fichier: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup\Uninstall.lnk (PUP.AnyProtect)
DEPLACÉ fichier: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage\Configure.lnk (Adware.Downware)
DEPLACÉ fichier: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam Web Enhancer\Settings.lnk (PUP.Wajam)
DEPLACÉ fichier: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam Web Enhancer\SignIn with Facebook.lnk (PUP.Wajam)
DEPLACÉ fichier: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam Web Enhancer\SignIn with Twitter.lnk (PUP.Wajam)
DEPLACÉ fichier: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam Web Enhancer\Wajam Website.lnk (PUP.Wajam)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam Web Enhancer\Explore Social Search (PUP.Wajam)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam Web Enhancer\Explore Social Shopping (PUP.Wajam)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam Web Enhancer\Uninstall Wajam (PUP.Wajam)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup (PUP.AnyProtect)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage (Adware.Downware)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam Web Enhancer (PUP.Wajam)
DEPLACÉ fichier: C:\Users\Lucas\AppData\Local\Gameo\website.ico (PUP.Gameo)
DEPLACÉ fichier: C:\Users\Lucas\AppData\Local\gmsd_fr_315\upgmsd_fr_315.cyl (PUP.CrossRider)
DEPLACÉ fichier: C:\Users\Lucas\AppData\Local\gmsd_fr_315\upgmsd_fr_315.exe (PUP.CrossRider)
DEPLACÉ fichier: C:\Users\Lucas\AppData\Local\gmsd_fr_315\user_profil.cyp (PUP.CrossRider)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Local\CleanerPro\CleanerPro.exe_Url_2ywbsr0nc5jafm1bmsfbjunq1nxuotjq (PUP.CleanerPro)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Local\Gameo\IndexedDB (PUP.Gameo)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Local\gmsd_fr_315\Download (PUP.CrossRider)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Local\gmsd_fr_315\gmsd_fr_315 (PUP.CrossRider)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Local\Pro_PC_Cleaner\ProPCCleaner.exe_Url_twd2ze3eaqaiwzlxig5riiby3fd4fyue (USP.PCCleaner)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Local\Software\CrashReports (Adware.Boxore)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Local\Vosteran\User Data (PUP.Vosteran)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Local\CleanerPro (PUP.CleanerPro)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Local\Gameo (PUP.Gameo)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Local\gmsd_fr_315 (PUP.CrossRider)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Local\Pro_PC_Cleaner (USP.PCCleaner)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Local\Software (Adware.Boxore)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Local\Vosteran (PUP.Vosteran)
DEPLACÉ fichier: C:\Windows\System32\Drivers\webTinstMKTN.sys (PUP.CorsicaTechnologies)
DEPLACÉ fichier: C:\Windows\System32\roboot64.exe [Copyright (C) 2013, All rights reserved. - Registry Optimizer] (PUP.Systweak)
DEPLACÉ fichier: C:\Windows\System32\BasementDusterOff.ini (PUP.BasementDuster)
DEPLACÉ fichier: C:\Windows\Installer\1d6388.msi [The Software Group - Windows Installer XML (3.6.3303.0)] (Adware.Boxore)
DEPLACÉ fichier: C:\Windows\Installer\5c9a9.msi [Boxore OU. - Windows Installer XML (3.5.2519.0)] (Adware.Boxore)
DEPLACÉ fichier: C:\Windows\Installer\891a9.msi [SweetIM Technologies Ltd. - InstallShield® 2008 - Professional Edition 14] (PUP.SweetIM)
DEPLACÉ fichier: C:\Windows\Installer\891af.msi [SweetIM Technologies Ltd. - InstallShield® 2008 - Professional Edition 14] (PUP.SweetIM)
DEPLACÉ fichier: C:\Windows\Installer\891b5.msi [SweetIM Technologies Ltd. - InstallShield® 2008 - Professional Edition 14] (PUP.SweetIM)
DEPLACÉ fichier: C:\Windows\Installer\891bb.msi [SweetIM Technologies Ltd. - InstallShield® 2008 - Professional Edition 14] (PUP.SweetIM)
DEPLACÉ fichier: C:\Windows\SysWOW64\BasementDusterOff.ini (PUP.BasementDuster)
DEPLACÉ fichier: C:\Windows\SysWOW64\Websteroids.B324755F3F87.2.6.80.dll (PUP.InternetUpdater)
DEPLACÉ fichier: C:\Windows\SysWOW64\Websteroids.B324755F3F87.dll (PUP.InternetUpdater)
DEPLACÉ fichier: C:\Users\Lucas\Desktop\Continue Live Installation.lnk (PUP.ContinueLiveInstallation)
DEPLACÉ fichier: C:\Users\Lucas\Desktop\Rasta_Rockett.avi (PUP.RockTurner)
DEPLACÉ fichier*: C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage (PUP.ShoppinGate)
DEPLACÉ fichier*: C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal (PUP.ShoppinGate)
DEPLACÉ fichier*: C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.boostsaves.com_0.localstorage (PUP.BoostSaves)
DEPLACÉ fichier*: C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.boostsaves.com_0.localstorage-journal (PUP.BoostSaves)
DEPLACÉ fichier*: C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage (PUP.Re-Markable)
DEPLACÉ fichier*: C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage-journal (PUP.Re-Markable)
DEPLACÉ fichier: C:\Windows\System32\log\iSafeKrnlCall.log (PUP.YetAnotherCleaner)
DEPLACÉ dossier: C:\Users\Lucas\Documents\Updater (PUP.Optional)
---\\ Base de Registres ( Clés, Valeurs, Données ). (242)
SUPPRIMÉ valeur: HKCU\Software\Mozilla\Firefox\Extensions\\{FC29F4B6-D8F4-2578-3F0C-9F9CE6E4F0F4} [C:\Program Files (x86)\ver5BlockAndSurf\190.xpi] (PUP.BlockAndSurf)
SUPPRIMÉ valeur: [X64] HKLM\SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions\\ext@WebexpEnhancedV1alpha917.net [C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha917\ff] (PUP.WebexpEnhanced)
SUPPRIMÉ valeur: [X64] HKLM\SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions\\ext@VideoPlayerV3beta939.net [C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta939\ff] (PUP.HDVidCodec)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10 [globalUpdate Update] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4 [globalUpdate Update] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45FE7DE3-60B5-7692-4294-A09C8F75D7B2} [BlockAndSurf] (PUP.BlockAndSurf)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{45FE7DE3-60B5-7692-4294-A09C8F75D7B2} [] (PUP.BlockAndSurf)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{45FE7DE3-60B5-7692-4294-A09C8F75D7B2} [] (PUP.BlockAndSurf)
SUPPRIMÉ clé: [X64] HKLM\Software\Classes\CLSID\{45FE7DE3-60B5-7692-4294-A09C8F75D7B2} [BlockAndSurf] (PUP.BlockAndSurf)
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{45FE7DE3-60B5-7692-4294-A09C8F75D7B2} [BlockAndSurf] (PUP.BlockAndSurf)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45FE7DE3-60B5-7692-4294-A09C8F75D7B2} [BlockAndSurf] (PUP.BlockAndSurf)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} [mysearchdial Helper Object] (PUP.MySearchDial)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} [] (PUP.MySearchDial)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} [] (PUP.MySearchDial)
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} [mysearchdial Helper Object] (PUP.MySearchDial)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} [http://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_tele_14_46_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzz[...]] [Vosteran] (PUP.Vosteran)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.omniboxes.com/web/?type=ds&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F[...]] [omniboxes] (PUP.Omniboxes)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6656C275-0555-4EA2-A7C3-85BF9A4C221D} http://search.softonic.com/INF00043/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=949 [Search the web (Softonic)] (PUP.Softonic)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} [http://search.conduit.com/?gd=&ctid=CT3323737&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&Search[...]] [Conduit Search] (Toolbar.Conduit)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} [http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=wnzp_14_19_ff&cd=2XzuyEtN2Y1L1Qzu0Ct[...]] [Mysearchdial] (PUP.MySearchDial)
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} [http://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_tele_14_46_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzz[...]] [Vosteran] (PUP.Vosteran)
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.omniboxes.com/web/?type=ds&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F[...]] [omniboxes] (PUP.Omniboxes)
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} [http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=wnzp_14_19_ff&cd=2XzuyEtN2Y1L1Qzu0Ct[...]] [Mysearchdial] (PUP.MySearchDial)
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.omniboxes.com/web/?type=ds&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F[...]] [omniboxes] (PUP.Omniboxes)
SUPPRIMÉ clé*: HKCU\Software\WajIEnhance [] (PUP.Wajam)
SUPPRIMÉ clé^: HKLM\SYSTEM\CurrentControlSet\Services\BasementDuster [C:\Program Files (x86)\IGS\BasementDuster.exe (Not File)] (PUP.BasementDuster)
SUPPRIMÉ clé*: HKCU\SOFTWARE\FindRight [] (PUP.FindRight)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\Currentversion\Uninstall\FindRight [] (PUP.FindRight)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\FindRight [] (PUP.FindRight)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\SearchProtect [] (PUP.SearchProtect)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Currentversion\Uninstall\SearchProtect [] (PUP.SearchProtect)
SUPPRIMÉ clé*: HKCU\Software\HQCinema Pro 2.1V14.03-nv [] (Heuristic.CrossRider)
SUPPRIMÉ clé*: HKCU\Software\HQCinema Pro 2.1V14.03-nv-ie [] (Heuristic.CrossRider)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\dc3d1229-40b4-460a-96fa-d71269b8c8cf [] (PUP.CrossRider)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\HQCinema Pro 2.1V14.03-nv [] (Heuristic.CrossRider)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\HQCinema Pro 2.1V14.03-nv-ie [] (Heuristic.CrossRider)
SUPPRIMÉ clé*: HKCU\Software\InstallCore\1I1T1Q1S [] (Heuristic.InstallCore)
SUPPRIMÉ clé*: HKCU\Software\InstallCore\mysearchdial [] (Heuristic.InstallCore)
SUPPRIMÉ clé*: HKCU\Software\InstallCore\Uninstall [] (Heuristic.InstallCore)
SUPPRIMÉ clé*: HKCU\Software\InstallCore\WSE_Vosteran [] (Heuristic.InstallCore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\InstallCore\mysearchdial [] (Heuristic.InstallCore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\InstallCore\WSE_Vosteran [] (Heuristic.InstallCore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}\1.0 [escortApp 1.0 Type Library] (PUP.MySearchDial)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} [] (PUP.MySearchDial)
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Classes\AppID\escortApp.DL [] (PUP.MySearchDial)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} [escortApp] (PUP.MySearchDial)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\escortApp.DLL\ [] (PUP.MySearchDial)
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} [escortApp] (PUP.MySearchDial)
SUPPRIMÉ clé^: [X64] HKLM\SYSTEM\CurrentControlSet\Services\bohihozy [C:\Users\Lucas\AppData\Roaming\20A86E35-1426335937-E111-BEF1-9131AF183E68\jnsr94B2.tmp (Not File)] (Generic.Trojan)
SUPPRIMÉ clé^: [X64] HKLM\SYSTEM\CurrentControlSet\Services\qrsvc_1.10.0.9 ["C:\Program Files (x86)\QuickRef_1.10.0.9\Service\qrsvc.exe" (Not File) (Not File)] (Heuristic.Optional)
SUPPRIMÉ clé^: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Websteroids ["C:\ProgramData\Websteroids\up\2.6.80\WebsteroidsService.exe" "C:\ProgramData\Websteroids\up\2.6.80\Websteroids.exe" (Not File) (Not File)] (PUP.InternetUpdater)
SUPPRIMÉ valeur: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\shopperz [C:\Program Files\shopperz\wrex.exe] (PUP.Shopperz)
SUPPRIMÉ valeur: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\shopperz64 [C:\Program Files\shopperz\wrex64.exe] (PUP.Shopperz)
SUPPRIMÉ clé*: HKCU\Software\AnyProtect [] (PUP.AnyProtect)
SUPPRIMÉ clé*: HKCU\Software\Conduit [] (Toolbar.Conduit)
SUPPRIMÉ clé*: HKCU\Software\Gameo [] (PUP.Gameo)
SUPPRIMÉ clé*: HKCU\Software\globalUpdate [] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: HKCU\Software\HQCinema Pro 2.1V14.03 [] (PUP.CrossRider)
SUPPRIMÉ clé*: HKCU\Software\InstallCore [] (Adware.InstallCore)
SUPPRIMÉ clé*: HKCU\Software\InstalledBrowserExtensions [] (PUP.BrowserExtensions)
SUPPRIMÉ clé*: HKCU\Software\mysearchdial [] (Adware.Hotbar)
SUPPRIMÉ clé*: HKCU\Software\mysearchdial.com [] (Adware.Hotbar)
SUPPRIMÉ clé*: HKCU\Software\ProPCCleanerConfig [] (PUP.ProPCCleaner)
SUPPRIMÉ clé*: HKCU\Software\ProPCCleanerLanguage [] (PUP.ProPCCleaner)
SUPPRIMÉ clé*: HKCU\Software\SweetIM [] (PUP.SweetIM)
SUPPRIMÉ clé*: HKCU\Software\systweak [] (PUP.Systweak)
SUPPRIMÉ clé*: HKCU\Software\Tutorials [] (PUP.AgenceExclusive)
SUPPRIMÉ clé*: HKCU\Software\TutoTag [] (PUP.AgenceExclusive)
SUPPRIMÉ clé*: HKCU\Software\Vosteran Browser [] (PUP.Vosteran)
SUPPRIMÉ clé*: HKCU\Software\wse_vosteran [] (PUP.Vosteran)
SUPPRIMÉ clé*: HKCU\Software\AppDataLow\Software\BlockAndSurf [] (PUP.BlockAndSurf)
SUPPRIMÉ clé*: HKCU\Software\AppDataLow\Software\DynConIE [] (PUP.DynConIE)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\inst.shoppingate.info [1292999] (PUP.ShoppinGate)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\omniboxes.com [] (PUP.Omniboxes)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\re-markable.net [] (PUP.Re-Markable)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\shoppingate.info [] (PUP.ShoppinGate)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\static.boostsaves.com [0] (PUP.BoostSaves)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\static.re-markable00.re-markable.net [2328] (PUP.Re-Markable)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\superfish.com [] (PUP.SpecialSavings)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com [72] (PUP.SpecialSavings)
SUPPRIMÉ clé*: HKCU\Software\Mozilla\Extends [] (PUP.FastStart)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\esrv.EXE [] (PUP.Funmoods)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\escort.dll [] (PUP.Babylon)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\escorteng.dll [] (PUP.Babylon)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8} [] (PUP.MySearchDial)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0} [esrv] (PUP.MySearchDial)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} [escortEng] (Adware.Funmoods)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\BasementDusterLib.DataContainer [DataContainer Class] (PUP.BasementDuster)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\BasementDusterLib.DataContainer.1 [DataContainer Class] (PUP.BasementDuster)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\BasementDusterLib.DataController [DataController Class] (PUP.BasementDuster)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\BasementDusterLib.DataController.1 [DataController Class] (PUP.BasementDuster)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\BasementDusterLib.DataTable [DataTable Class] (PUP.BasementDuster)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\BasementDusterLib.DataTable.1 [DataTable Class] (PUP.BasementDuster)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\BasementDusterLib.DataTableFields [DataTableFields Class] (PUP.BasementDuster)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\BasementDusterLib.DataTableFields.1 [DataTableFields Class] (PUP.BasementDuster)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\BasementDusterLib.DataTableHolder [DataTableHolder Class] (PUP.BasementDuster)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\BasementDusterLib.DataTableHolder.1 [DataTableHolder Class] (PUP.BasementDuster)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\BasementDusterLib.LSPLogic [LSPLogic Class] (PUP.BasementDuster)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\BasementDusterLib.LSPLogic.1 [LSPLogic Class] (PUP.BasementDuster)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\BasementDusterLib.ReadOnlyManager [ReadOnlyManager Class] (PUP.BasementDuster)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\BasementDusterLib.ReadOnlyManager.1 [ReadOnlyManager Class] (PUP.BasementDuster)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc [escrtSrvc Object] (PUP.MySearchDial)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc.1 [escrtSrvc Object] (PUP.MySearchDial)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10 [globalUpdate Update Plugin] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine [globalUpdate.OneClickProcessLauncher] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0 [globalUpdate.OneClickProcessLauncher] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4 [globalUpdate Update Plugin] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync [CoCreateAsync] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0 [CoCreateAsync] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass [Google Update Core Class] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1 [Google Update Core Class] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass [Google Update Core Class] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1 [Google Update Core Class] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine [GoogleUpdate CredentialDialog] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0 [GoogleUpdate CredentialDialog] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine [Google Update Broker Class Factory] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0 [Google Update Broker Class Factory] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback [Google Update Legacy On Demand] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0 [Google Update Legacy On Demand] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc [Google Update Legacy On Demand] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0 [Google Update Legacy On Demand] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher [Google Update Process Launcher Class] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0 [Google Update Process Launcher Class] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService [Update3COMClass] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0 [Update3COMClass] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine [Google Update Broker Class Factory] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0 [Google Update Broker Class Factory] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback [GoogleUpdate Update3Web] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0 [GoogleUpdate Update3Web] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc [GoogleUpdate Update3Web] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0 [GoogleUpdate Update3Web] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore [appCore Object] (PUP.MySearchDial)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore.1 [appCore Object] (PUP.MySearchDial)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Software.OneClickCtrl.9 [Software Update Plugin] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Software.OneClickProcessLauncherMachine [Software.OneClickProcessLauncher] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Software.OneClickProcessLauncherMachine.1.0 [Software.OneClickProcessLauncher] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Software.Update3WebControl.3 [Software Update Plugin] (PUP.Software.Updater)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.CoCreateAsync [CoCreateAsync] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.CoCreateAsync.1.0 [CoCreateAsync] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreMachineClass [Google Update Core Class] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreMachineClass.1 [Google Update Core Class] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.CredentialDialogMachine [SoftwareUpdate CredentialDialog] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.CredentialDialogMachine.1.0 [SoftwareUpdate CredentialDialog] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachineFallback [Google Update Legacy On Demand] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachineFallback.1.0 [Google Update Legacy On Demand] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassSvc [Google Update Legacy On Demand] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassSvc.1.0 [Google Update Legacy On Demand] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.ProcessLauncher [Google Update Process Launcher Class] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.ProcessLauncher.1.0 [Google Update Process Launcher Class] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3COMClassService [Update3COMClass] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3COMClassService.1.0 [Update3COMClass] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3WebMachine [Google Update Broker Class Factory] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3WebMachine.1.0 [Google Update Broker Class Factory] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3WebMachineFallback [SoftwareUpdate Update3Web] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3WebMachineFallback.1.0 [SoftwareUpdate Update3Web] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3WebSvc [SoftwareUpdate Update3Web] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3WebSvc.1.0 [SoftwareUpdate Update3Web] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\Software\Classes\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E [Software Update Helper] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update FindRight [] (PUP.FindRight)
SUPPRIMÉ clé*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util FindRight [] (PUP.FindRight)
SUPPRIMÉ clé*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect [] (PUP.Fuyu)
SUPPRIMÉ clé*: [X64] HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasementDuster [service] (PUP.BasementDuster)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\InstalledBrowserExtensions [] (PUP.BrowserExtensions)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\shopperz [] (PUP.Shopperz)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wajam Web Enhancer [] (PUP.Wajam)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 [] (PUP.MyPCBackup)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS [] (PUP.MyPCBackup)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\ProPCCleaner_RASAPI32 [] (PUP.ProPCCleaner)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\ProPCCleaner_RASMANCS [] (PUP.ProPCCleaner)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5081D2D4-1637-404c-B74F-50526718257D}_is1 [shopperz] (PUP.Shopperz)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Better Surf Plus [] (PUP.BetterSurfPlus)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Better-Surf [] (PUP.BetterSurf)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\GAMESDESKTOP [] (Adware.GamesDesktop)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\GlobalUpdate [] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\HQCinema Pro 2.1V14.03 [] (PUP.CrossRider)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\HQCinema Pro 2.1V14.03-nv-ie [] (PUP.CrossRider)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\InstallCore [] (Adware.InstallCore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\InstalledBrowserExtensions [] (PUP.BrowserExtensions)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\omniboxesSoftware [] (PUP.Omniboxes)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Pro PC Cleaner [] (PUP.DoctorPC)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\QuickRef_1.10.0.9 [] (PUP.QuickRef)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\shopperz [] (PUP.Shopperz)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\SweetIM [] (PUP.SweetIM)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Systweak [] (PUP.Systweak)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Tutorials [] (PUP.AgenceExclusive)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\VideoPlayerV3 [] (PUP.HDVidCodec)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Wajam Web Enhancer [] (PUP.Wajam)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\WebexpEnhancedV1 [] (PUP.WebexpEnhanced)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AnyProtect [CMI Limited] (PUP.CMILimited)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BA7A8C51-54E2-C3D4-B8B7-B56EAB1C003A [BlockAndSurf-software] (PUP.BlockAndSurf)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ConvertAd [Ring Topology Access] (Adware.Pirrit)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\gmsd_fr_315_is1 [GAMESDESKTOP] (PUP.CrossRider)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\HQCinema Pro 2.1V14.03 [HQ CinemaV14.03] (PUP.CrossRider)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial [Mysearchdial] (Adware.Hotbar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\omniboxes uninstall [omniboxes] (PUP.Omniboxes)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\QuickRef_1.10.0.9 [Quick Ref] (PUP.QuickRef)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SchedulingAgent [] (PUP.QuickRef)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage [CMI Limited] (PUP.CMILimited)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Wajam Web Enhancer [Wajam] (PUP.Wajam)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\wincheck [Graphics Header] (PUP.Wincheck)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WSE_Vosteran [WSE_Vosteran] (PUP.Vosteran)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [Software Update Helper] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32 [] (PUP.AdvancedSystemProtector)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS [] (PUP.AdvancedSystemProtector)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32 [] (Toolbar.BingBar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock BSetup_RASAPI32 [] (PUP.BubbleDock)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock BSetup_RASMANCS [] (PUP.BubbleDock)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock Update_RASAPI32 [] (PUP.BubbleDock)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock Update_RASMANCS [] (PUP.BubbleDock)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock_RASAPI32 [] (PUP.BubbleDock)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock_RASMANCS [] (PUP.BubbleDock)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ExtensionUpdaterService_RASAPI32 [] (Adware.Incredibar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ExtensionUpdaterService_RASMANCS [] (Adware.Incredibar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FindRight_RASAPI32 [] (PUP.FindRight)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FindRight_RASMANCS [] (PUP.FindRight)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Install_BubbleDock_RASAPI32 [] (PUP.BubbleDock)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Install_BubbleDock_RASMANCS [] (PUP.BubbleDock)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\majt4pcfr_RASAPI32 [] (PUP.EoRezo)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\majt4pcfr_RASMANCS [] (PUP.EoRezo)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PCPerformer_RASAPI32 [] (PUP.PerformerSoft)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PCPerformer_RASMANCS [] (PUP.PerformerSoft)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\pricepeep_RASAPI32 [] (Adware.PricePeep)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\pricepeep_RASMANCS [] (Adware.PricePeep)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\tuto4pc_fr_5_RASAPI32 [] (PUP.AgenceExclusive)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\tuto4pc_fr_5_RASMANCS [] (PUP.AgenceExclusive)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\umbrella_RASAPI32 [] (Adware.IMBooster)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\umbrella_RASMANCS [] (Adware.IMBooster)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateFindRight_RASAPI32 [] (PUP.FindRight)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateFindRight_RASMANCS [] (PUP.FindRight)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\upt4pc_fr_5_RASAPI32 [] (PUP.EoRezo)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\upt4pc_fr_5_RASMANCS [] (PUP.EoRezo)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilFindRight_RASAPI32 [] (PUP.FindRight)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilFindRight_RASMANCS [] (PUP.FindRight)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yontoo-C4-17D4_RASAPI32 [] (Adware.Yontoo)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yontoo-C4-17D4_RASMANCS [] (Adware.Yontoo)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yontoo-C4-1ADC_RASAPI32 [] (Adware.Yontoo)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yontoo-C4-1ADC_RASMANCS [] (Adware.Yontoo)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooDesktop_RASAPI32 [] (Adware.Yontoo)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooDesktop_RASMANCS [] (Adware.Yontoo)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8} [C:\Program Files (x86)\Mysearchdial\1.8.21.0\ (Not File)] (Adware.Hotbar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298} [C:\Program Files (x86)\globalUpdate\Update (Not File)] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A} [C:\Program Files (x86)\globalUpdate\Update\1.3.25.0 (Not File)] (PUP.GlobalUpdate)
---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
~ Ce navigateur est absent (Opera Software)
~ Le système a été redémarré.
---\\ Statistiques
~ Items scannés : 87713
~ Items trouvés : 0
~ Items réparés : 414
End of clean at 17:27:46
===================
ZHPCleaner-[R]-22032015-17_27_46.txt
ZHPCleaner-[S]-19032015-14_04_09.txt
Rapport ZHPcleaner
~ Run by Lucas (Administrator) (22/03/2015 17:18:38)
~ Forum : https://nicolascoolman.eu
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Réparer
~ Report : C:\Users\Lucas\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Lucas\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 7, 64-bit Service Pack 1 (Build 7601)
---\\ Service. (3)
ARRETÉ : qrsvc_1.10.0.9 (Heuristic.Optional)
ARRETÉ : Websteroids (PUP.InternetUpdater)
---\\ Navigateur internet. (23)
SUPPRIMÉ Firefox: [yj14nruh.default-1393767299553] URL HomePage : hxxp://www.omniboxes.com/?type=hp&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S [...] (PUP.Omniboxes)
DEPLACÉ fichier: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\Extensions\ffxtlbr@mysearchdial.com\chrome.manifest (PUP.MySearchDial)
DEPLACÉ fichier: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\Extensions\ffxtlbr@mysearchdial.com\components (PUP.MySearchDial)
DEPLACÉ fichier: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\Extensions\ffxtlbr@mysearchdial.com\content (PUP.MySearchDial)
DEPLACÉ fichier*: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\Extensions\searchengine@gmail.com\chrome (PUP.SearchEngine)
DEPLACÉ fichier: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\Extensions\searchengine@gmail.com\chrome.manifest (PUP.SearchEngine)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\Extensions\ffxtlbr@mysearchdial.com (PUP.MySearchDial)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\Extensions\searchengine@gmail.com (PUP.SearchEngine)
REMPLACÉ IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL [hxxp://www.omniboxes.com/web/?type=ds&ts=1426335965&from=obw&uid=TOSHIBAXMK1059G[...]] (PUP.Omniboxes)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Start Page [hxxp://www.omniboxes.com/?type=hp&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_[...]] (PUP.Omniboxes)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Default_Page_URL [hxxp://www.omniboxes.com/?type=hp&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_[...]] (PUP.Omniboxes)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Default_Search_URL [hxxp://www.omniboxes.com/web/?type=ds&ts=1426336014&from=obw&uid=TOSHIBAXMK1059G[...]] (PUP.Omniboxes)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Start Page [hxxp://www.omniboxes.com/?type=hp&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_[...]] (PUP.Omniboxes)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Search Page [hxxp://www.omniboxes.com/web/?type=ds&ts=1426336014&from=obw&uid=TOSHIBAXMK1059G[...]] (PUP.Omniboxes)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs\\Tabs [hxxp://start.mysearchdial.com/?f=2&a=wnzp_14_19_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzz[...]] (PUP.MySearchDial)
DEPLACÉ fichier: C:\Program Files (x86)\ver5BlockAndSurf\190_x64.dll (PUP.BlockAndSurf)
DEPLACÉ fichier: C:\Users\Lucas\Desktop\AnyProtect.lnk [Bad : C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe] (PUP.AnyProtect)
REMPLACÉ Desktop: C:\Users\Lucas\Desktop\Google Chrome.lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S --use-spdy=off --disable-quic] (Hijacker.Browser)
REMPLACÉ Quicklaunch: C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S --use-spdy=off --disable-quic] (Hijacker.Browser)
REMPLACÉ Quicklaunch: C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S] (Hijacker.Browser)
REMPLACÉ TaskBar: C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S] (Hijacker.Browser)
REMPLACÉ SystemTools: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S] (Hijacker.Browser)
REMPLACÉ Programs: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S] (Hijacker.Browser)
---\\ Fichier hôte. (1)
~ Le fichier hôte est légitime. (1)
---\\ Tâche planifiée. (30)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-6] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-6.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-6] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-6.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-7] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-7.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-7] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-7.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-10_user] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-10.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-10_user] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-10.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-3] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-3.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-3] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-3.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-4] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-4.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-4] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-4.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-5] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-5.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-5] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-5.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-5_user] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-5.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-5_user] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-5.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-6] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-6.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-6] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-6.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-7] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-7.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [4db25c96-3cbd-4bf2-8f3d-86f970c80087-7] [C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-7.exe] (PUP.CrossRider)
SUPPRIMÉ tâche: [APSnotifierPP1] [C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (Not File) ] (PUP.AnyProtect)
SUPPRIMÉ tâche: [APSnotifierPP2] [C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (Not File) ] (PUP.AnyProtect)
SUPPRIMÉ tâche: [APSnotifierPP3] [C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (Not File) ] (PUP.AnyProtect)
SUPPRIMÉ tâche: [BlockAndSurf Update] [C:\Program Files (x86)\ver5BlockAndSurf\J4BlockAndSurfJ52.exe] (PUP.BlockAndSurf)
SUPPRIMÉ tâche: [BlockAndSurf Update] [C:\Program Files (x86)\ver5BlockAndSurf\J4BlockAndSurfJ52.exe] (PUP.BlockAndSurf)
SUPPRIMÉ tâche: [gameo_update] [C:\Users\Lucas\AppData\Roaming\Gameo\gameo.exe (Not File) ] (PUP.Gameo)
SUPPRIMÉ tâche: [globalUpdateUpdateTaskMachineCore] [C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe (Not File) ] (PUP.GlobalUpdate)
SUPPRIMÉ tâche: [globalUpdateUpdateTaskMachineCore] [C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe (Not File) ] (PUP.GlobalUpdate)
SUPPRIMÉ tâche: [gtaUpt] [C:\Program Files\shopperz\zaeed.bat ,N/A,N/A,Activ'e,D'sactiv'e,Arrêter sur la batterie, Ne pas lancer sur batterie,Système,Activ'e,72:00:00,Les donn'es de planification ne sont pas disponibles dans ce format.,Tous les jours ,15:08:00,14/03/2015,N/A,Tous les (Not File) ] (PUP.Shopperz)
SUPPRIMÉ tâche: [ProPCCleaner_Popup] [C:\Program Files (x86)\Pro PC Cleaner\Splash.exe (Not File) ] (PUP.DoctorPC)
SUPPRIMÉ tâche: [ProPCCleaner_Start] [C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe (Not File) ] (PUP.DoctorPC)
SUPPRIMÉ tâche: [SmartWeb Upgrade Trigger Task] [C:\Users\Lucas\AppData\Local\SmartWeb\SmartWebHelper.exe (Not File) ] (PUP.SmartWebSearch)
---\\ Explorateur ( Dossiers, Fichiers ). (115)
DEPLACÉ fichier: C:\Program Files (x86)\IGS\BasementDuster.exe [BD Inc. - ] (PUP.BasementDuster)
DEPLACÉ dossier: C:\Program Files (x86)\a9fb2d45-e2ce-4e46-acbf-64825b029422 (PUP.CrossRider)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Roaming\mysearchdial (Heuristic.InstallCore)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Roaming\WSE_Vosteran (Heuristic.InstallCore)
DEPLACÉ fichier: C:\Users\Lucas\AppData\Roaming\20A86E35-1426335937-E111-BEF1-9131AF183E68\jnsr94B2.tmp (Generic.Trojan)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Roaming\20A86E35-1426335937-E111-BEF1-9131AF183E68 (Generic.Trojan)
DEPLACÉ fichier: C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-6.exe [HQ CinemaV14.03 - HQCinema Pro 2.1V14.03 exe] (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-1-7.exe [HQ CinemaV14.03 - HQCinema Pro 2.1V14.03 exe] (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-10.exe [HQ CinemaV14.03 - HQCinema Pro 2.1V14.03 exe] (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-3.exe [HQ CinemaV14.03 - HQCinema Pro 2.1V14.03 exe] (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-4.exe [HQ CinemaV14.03 - HQCinema Pro 2.1V14.03 exe] (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-5.exe [HQ CinemaV14.03 - HQCinema Pro 2.1V14.03 exe] (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-6.exe [HQ CinemaV14.03 - HQCinema Pro 2.1V14.03 exe] (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-7.exe [HQ CinemaV14.03 - HQCinema Pro 2.1V14.03 exe] (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\ver5BlockAndSurf\J4BlockAndSurfJ52.exe (PUP.BlockAndSurf)
DEPLACÉ fichier: C:\Windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-5_user.job (PUP.CrossRider)
DEPLACÉ fichier: C:\Windows\Tasks\4db25c96-3cbd-4bf2-8f3d-86f970c80087-7.job (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087-64.exe [HQ CinemaV14.03 - HQCinema Pro 2.1V14.03 exe] (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\gmsd_fr_315\gamesdesktop_widget.exe (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\gmsd_fr_315\gmsd_fr_315.exe (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\gmsd_fr_315\predm.exe [AA - AA Setup] (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\gmsd_fr_315\unins000.exe [ - Setup/Uninstall] (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\HQCinema Pro 2.1V14.03\4db25c96-3cbd-4bf2-8f3d-86f970c80087.xpi (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\HQCinema Pro 2.1V14.03\bgNova.html (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\HQCinema Pro 2.1V14.03\dc3d1229-40b4-460a-96fa-d71269b8c8cf.crx (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\HQCinema Pro 2.1V14.03\Uninstall.exe (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\HQCinema Pro 2.1V14.03\UninstallBrw.exe [HQ CinemaV14.03 - HQCinema Pro 2.1V14.03 exe] (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\HQCinema Pro 2.1V14.03\utils.exe [Lywxxeykkjtdev LTD - Ouaynlxadeh] (PUP.CrossRider)
DEPLACÉ fichier: C:\Program Files (x86)\QuickRef_1.10.0.9\Uninstall.exe [Quick Ref - Quick Ref Setup] (PUP.QuickRef)
DEPLACÉ fichier: C:\Program Files (x86)\ver5BlockAndSurf\190.dll (PUP.BlockAndSurf)
DEPLACÉ fichier: C:\Program Files (x86)\ver5BlockAndSurf\BlockAndSurf.exe (PUP.BlockAndSurf)
DEPLACÉ fichier: C:\Program Files (x86)\ver5BlockAndSurf\J4BlockAndSurfJ52.dll (PUP.BlockAndSurf)
DEPLACÉ fichier: C:\Program Files (x86)\ver5BlockAndSurf\sqlite3.dll (PUP.BlockAndSurf)
DEPLACÉ fichier: C:\Program Files (x86)\ver5BlockAndSurf\Uninstall.exe [Copyright (c) 2014 - Just For Windows] (PUP.BlockAndSurf)
DEPLACÉ fichier: C:\Program Files (x86)\WSE_Vosteran\FavIcon.ico (PUP.Vosteran)
DEPLACÉ fichier: C:\Program Files (x86)\WSE_Vosteran\Sqlite3.dll (PUP.Vosteran)
DEPLACÉ fichier: C:\Program Files (x86)\WSE_Vosteran\uninstall.exe [Setup © - Setup] (PUP.Vosteran)
DEPLACÉ dossier: C:\Program Files (x86)\QuickRef_1.10.0.9\Service (PUP.QuickRef)
DEPLACÉ dossier: C:\Program Files (x86)\ver5BlockAndSurf\x64 (PUP.BlockAndSurf)
DEPLACÉ dossier: C:\Program Files (x86)\gmsd_fr_315 (PUP.CrossRider)
DEPLACÉ dossier: C:\Program Files (x86)\HQCinema Pro 2.1V14.03 (PUP.CrossRider)
DEPLACÉ dossier: C:\Program Files (x86)\QuickRef_1.10.0.9 (PUP.QuickRef)
DEPLACÉ dossier**: C:\Program Files (x86)\ver5BlockAndSurf (PUP.BlockAndSurf)
DEPLACÉ dossier: C:\Program Files (x86)\WSE_Vosteran (PUP.Vosteran)
DEPLACÉ fichier: C:\ProgramData\Browser\prompt.exe [Microsoft - SysWrapper] (PUP.SpeedBrowser)
DEPLACÉ fichier: C:\ProgramData\Browser\prompt.exe.config (PUP.SpeedBrowser)
DEPLACÉ dossier: C:\ProgramData\Browser (PUP.SpeedBrowser)
DEPLACÉ fichier: C:\ProgramData\Websteroids\Uninstall.exe (PUP.InternetUpdater)
DEPLACÉ fichier: C:\ProgramData\Websteroids\Websteroids.exe [Creative Island Media, LLC - Websteroids] (PUP.InternetUpdater)
DEPLACÉ fichier: C:\ProgramData\Websteroids\Websteroids.exe.config (PUP.InternetUpdater)
DEPLACÉ fichier: C:\ProgramData\Websteroids\Websteroids.ico (PUP.InternetUpdater)
DEPLACÉ fichier: C:\ProgramData\Websteroids\Websteroids64.exe [Creative Island Media, LLC - Websteroids] (PUP.InternetUpdater)
DEPLACÉ fichier: C:\ProgramData\Websteroids\Websteroids64.exe.config (PUP.InternetUpdater)
DEPLACÉ fichier: C:\ProgramData\Websteroids\WebsteroidsService.exe [Creative Island Media, LLC - Websteroids Service] (PUP.InternetUpdater)
DEPLACÉ fichier: C:\ProgramData\Websteroids\WebsteroidsService.exe.config (PUP.InternetUpdater)
DEPLACÉ dossier: C:\ProgramData\Websteroids\up (PUP.InternetUpdater)
DEPLACÉ dossier: C:\ProgramData\Websteroids (PUP.InternetUpdater)
DEPLACÉ fichier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileParade bundle uninstaller\FileParade bundle uninstaller.lnk (PUP.FileParadeBundle)
DEPLACÉ fichier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP\GamesDesktop.lnk (Adware.GamesDesktop)
DEPLACÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileParade bundle uninstaller (PUP.FileParadeBundle)
DEPLACÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP (Adware.GamesDesktop)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Roaming\0V1L2Z2Z1T1I1L1T\Songr Packages (Adware.InstallCore)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Roaming\0V1L2Z2Z1T1I1L1T (Adware.InstallCore)
DEPLACÉ fichier: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup\AnyProtect.lnk (PUP.AnyProtect)
DEPLACÉ fichier: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup\Uninstall.lnk (PUP.AnyProtect)
DEPLACÉ fichier: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage\Configure.lnk (Adware.Downware)
DEPLACÉ fichier: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam Web Enhancer\Settings.lnk (PUP.Wajam)
DEPLACÉ fichier: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam Web Enhancer\SignIn with Facebook.lnk (PUP.Wajam)
DEPLACÉ fichier: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam Web Enhancer\SignIn with Twitter.lnk (PUP.Wajam)
DEPLACÉ fichier: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam Web Enhancer\Wajam Website.lnk (PUP.Wajam)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam Web Enhancer\Explore Social Search (PUP.Wajam)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam Web Enhancer\Explore Social Shopping (PUP.Wajam)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam Web Enhancer\Uninstall Wajam (PUP.Wajam)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup (PUP.AnyProtect)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage (Adware.Downware)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam Web Enhancer (PUP.Wajam)
DEPLACÉ fichier: C:\Users\Lucas\AppData\Local\Gameo\website.ico (PUP.Gameo)
DEPLACÉ fichier: C:\Users\Lucas\AppData\Local\gmsd_fr_315\upgmsd_fr_315.cyl (PUP.CrossRider)
DEPLACÉ fichier: C:\Users\Lucas\AppData\Local\gmsd_fr_315\upgmsd_fr_315.exe (PUP.CrossRider)
DEPLACÉ fichier: C:\Users\Lucas\AppData\Local\gmsd_fr_315\user_profil.cyp (PUP.CrossRider)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Local\CleanerPro\CleanerPro.exe_Url_2ywbsr0nc5jafm1bmsfbjunq1nxuotjq (PUP.CleanerPro)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Local\Gameo\IndexedDB (PUP.Gameo)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Local\gmsd_fr_315\Download (PUP.CrossRider)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Local\gmsd_fr_315\gmsd_fr_315 (PUP.CrossRider)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Local\Pro_PC_Cleaner\ProPCCleaner.exe_Url_twd2ze3eaqaiwzlxig5riiby3fd4fyue (USP.PCCleaner)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Local\Software\CrashReports (Adware.Boxore)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Local\Vosteran\User Data (PUP.Vosteran)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Local\CleanerPro (PUP.CleanerPro)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Local\Gameo (PUP.Gameo)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Local\gmsd_fr_315 (PUP.CrossRider)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Local\Pro_PC_Cleaner (USP.PCCleaner)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Local\Software (Adware.Boxore)
DEPLACÉ dossier: C:\Users\Lucas\AppData\Local\Vosteran (PUP.Vosteran)
DEPLACÉ fichier: C:\Windows\System32\Drivers\webTinstMKTN.sys (PUP.CorsicaTechnologies)
DEPLACÉ fichier: C:\Windows\System32\roboot64.exe [Copyright (C) 2013, All rights reserved. - Registry Optimizer] (PUP.Systweak)
DEPLACÉ fichier: C:\Windows\System32\BasementDusterOff.ini (PUP.BasementDuster)
DEPLACÉ fichier: C:\Windows\Installer\1d6388.msi [The Software Group - Windows Installer XML (3.6.3303.0)] (Adware.Boxore)
DEPLACÉ fichier: C:\Windows\Installer\5c9a9.msi [Boxore OU. - Windows Installer XML (3.5.2519.0)] (Adware.Boxore)
DEPLACÉ fichier: C:\Windows\Installer\891a9.msi [SweetIM Technologies Ltd. - InstallShield® 2008 - Professional Edition 14] (PUP.SweetIM)
DEPLACÉ fichier: C:\Windows\Installer\891af.msi [SweetIM Technologies Ltd. - InstallShield® 2008 - Professional Edition 14] (PUP.SweetIM)
DEPLACÉ fichier: C:\Windows\Installer\891b5.msi [SweetIM Technologies Ltd. - InstallShield® 2008 - Professional Edition 14] (PUP.SweetIM)
DEPLACÉ fichier: C:\Windows\Installer\891bb.msi [SweetIM Technologies Ltd. - InstallShield® 2008 - Professional Edition 14] (PUP.SweetIM)
DEPLACÉ fichier: C:\Windows\SysWOW64\BasementDusterOff.ini (PUP.BasementDuster)
DEPLACÉ fichier: C:\Windows\SysWOW64\Websteroids.B324755F3F87.2.6.80.dll (PUP.InternetUpdater)
DEPLACÉ fichier: C:\Windows\SysWOW64\Websteroids.B324755F3F87.dll (PUP.InternetUpdater)
DEPLACÉ fichier: C:\Users\Lucas\Desktop\Continue Live Installation.lnk (PUP.ContinueLiveInstallation)
DEPLACÉ fichier: C:\Users\Lucas\Desktop\Rasta_Rockett.avi (PUP.RockTurner)
DEPLACÉ fichier*: C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage (PUP.ShoppinGate)
DEPLACÉ fichier*: C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal (PUP.ShoppinGate)
DEPLACÉ fichier*: C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.boostsaves.com_0.localstorage (PUP.BoostSaves)
DEPLACÉ fichier*: C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.boostsaves.com_0.localstorage-journal (PUP.BoostSaves)
DEPLACÉ fichier*: C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage (PUP.Re-Markable)
DEPLACÉ fichier*: C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage-journal (PUP.Re-Markable)
DEPLACÉ fichier: C:\Windows\System32\log\iSafeKrnlCall.log (PUP.YetAnotherCleaner)
DEPLACÉ dossier: C:\Users\Lucas\Documents\Updater (PUP.Optional)
---\\ Base de Registres ( Clés, Valeurs, Données ). (242)
SUPPRIMÉ valeur: HKCU\Software\Mozilla\Firefox\Extensions\\{FC29F4B6-D8F4-2578-3F0C-9F9CE6E4F0F4} [C:\Program Files (x86)\ver5BlockAndSurf\190.xpi] (PUP.BlockAndSurf)
SUPPRIMÉ valeur: [X64] HKLM\SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions\\ext@WebexpEnhancedV1alpha917.net [C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha917\ff] (PUP.WebexpEnhanced)
SUPPRIMÉ valeur: [X64] HKLM\SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions\\ext@VideoPlayerV3beta939.net [C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta939\ff] (PUP.HDVidCodec)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10 [globalUpdate Update] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4 [globalUpdate Update] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45FE7DE3-60B5-7692-4294-A09C8F75D7B2} [BlockAndSurf] (PUP.BlockAndSurf)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{45FE7DE3-60B5-7692-4294-A09C8F75D7B2} [] (PUP.BlockAndSurf)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{45FE7DE3-60B5-7692-4294-A09C8F75D7B2} [] (PUP.BlockAndSurf)
SUPPRIMÉ clé: [X64] HKLM\Software\Classes\CLSID\{45FE7DE3-60B5-7692-4294-A09C8F75D7B2} [BlockAndSurf] (PUP.BlockAndSurf)
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{45FE7DE3-60B5-7692-4294-A09C8F75D7B2} [BlockAndSurf] (PUP.BlockAndSurf)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45FE7DE3-60B5-7692-4294-A09C8F75D7B2} [BlockAndSurf] (PUP.BlockAndSurf)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} [mysearchdial Helper Object] (PUP.MySearchDial)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} [] (PUP.MySearchDial)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} [] (PUP.MySearchDial)
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} [mysearchdial Helper Object] (PUP.MySearchDial)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} [http://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_tele_14_46_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzz[...]] [Vosteran] (PUP.Vosteran)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.omniboxes.com/web/?type=ds&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F[...]] [omniboxes] (PUP.Omniboxes)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6656C275-0555-4EA2-A7C3-85BF9A4C221D} http://search.softonic.com/INF00043/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=949 [Search the web (Softonic)] (PUP.Softonic)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} [http://search.conduit.com/?gd=&ctid=CT3323737&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&Search[...]] [Conduit Search] (Toolbar.Conduit)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} [http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=wnzp_14_19_ff&cd=2XzuyEtN2Y1L1Qzu0Ct[...]] [Mysearchdial] (PUP.MySearchDial)
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} [http://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_tele_14_46_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzz[...]] [Vosteran] (PUP.Vosteran)
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.omniboxes.com/web/?type=ds&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F[...]] [omniboxes] (PUP.Omniboxes)
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} [http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=wnzp_14_19_ff&cd=2XzuyEtN2Y1L1Qzu0Ct[...]] [Mysearchdial] (PUP.MySearchDial)
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.omniboxes.com/web/?type=ds&ts=1426336014&from=obw&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F[...]] [omniboxes] (PUP.Omniboxes)
SUPPRIMÉ clé*: HKCU\Software\WajIEnhance [] (PUP.Wajam)
SUPPRIMÉ clé^: HKLM\SYSTEM\CurrentControlSet\Services\BasementDuster [C:\Program Files (x86)\IGS\BasementDuster.exe (Not File)] (PUP.BasementDuster)
SUPPRIMÉ clé*: HKCU\SOFTWARE\FindRight [] (PUP.FindRight)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\Currentversion\Uninstall\FindRight [] (PUP.FindRight)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\FindRight [] (PUP.FindRight)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\SearchProtect [] (PUP.SearchProtect)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Currentversion\Uninstall\SearchProtect [] (PUP.SearchProtect)
SUPPRIMÉ clé*: HKCU\Software\HQCinema Pro 2.1V14.03-nv [] (Heuristic.CrossRider)
SUPPRIMÉ clé*: HKCU\Software\HQCinema Pro 2.1V14.03-nv-ie [] (Heuristic.CrossRider)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\dc3d1229-40b4-460a-96fa-d71269b8c8cf [] (PUP.CrossRider)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\HQCinema Pro 2.1V14.03-nv [] (Heuristic.CrossRider)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\HQCinema Pro 2.1V14.03-nv-ie [] (Heuristic.CrossRider)
SUPPRIMÉ clé*: HKCU\Software\InstallCore\1I1T1Q1S [] (Heuristic.InstallCore)
SUPPRIMÉ clé*: HKCU\Software\InstallCore\mysearchdial [] (Heuristic.InstallCore)
SUPPRIMÉ clé*: HKCU\Software\InstallCore\Uninstall [] (Heuristic.InstallCore)
SUPPRIMÉ clé*: HKCU\Software\InstallCore\WSE_Vosteran [] (Heuristic.InstallCore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\InstallCore\mysearchdial [] (Heuristic.InstallCore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\InstallCore\WSE_Vosteran [] (Heuristic.InstallCore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}\1.0 [escortApp 1.0 Type Library] (PUP.MySearchDial)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} [] (PUP.MySearchDial)
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Classes\AppID\escortApp.DL [] (PUP.MySearchDial)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} [escortApp] (PUP.MySearchDial)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\escortApp.DLL\ [] (PUP.MySearchDial)
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} [escortApp] (PUP.MySearchDial)
SUPPRIMÉ clé^: [X64] HKLM\SYSTEM\CurrentControlSet\Services\bohihozy [C:\Users\Lucas\AppData\Roaming\20A86E35-1426335937-E111-BEF1-9131AF183E68\jnsr94B2.tmp (Not File)] (Generic.Trojan)
SUPPRIMÉ clé^: [X64] HKLM\SYSTEM\CurrentControlSet\Services\qrsvc_1.10.0.9 ["C:\Program Files (x86)\QuickRef_1.10.0.9\Service\qrsvc.exe" (Not File) (Not File)] (Heuristic.Optional)
SUPPRIMÉ clé^: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Websteroids ["C:\ProgramData\Websteroids\up\2.6.80\WebsteroidsService.exe" "C:\ProgramData\Websteroids\up\2.6.80\Websteroids.exe" (Not File) (Not File)] (PUP.InternetUpdater)
SUPPRIMÉ valeur: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\shopperz [C:\Program Files\shopperz\wrex.exe] (PUP.Shopperz)
SUPPRIMÉ valeur: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\shopperz64 [C:\Program Files\shopperz\wrex64.exe] (PUP.Shopperz)
SUPPRIMÉ clé*: HKCU\Software\AnyProtect [] (PUP.AnyProtect)
SUPPRIMÉ clé*: HKCU\Software\Conduit [] (Toolbar.Conduit)
SUPPRIMÉ clé*: HKCU\Software\Gameo [] (PUP.Gameo)
SUPPRIMÉ clé*: HKCU\Software\globalUpdate [] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: HKCU\Software\HQCinema Pro 2.1V14.03 [] (PUP.CrossRider)
SUPPRIMÉ clé*: HKCU\Software\InstallCore [] (Adware.InstallCore)
SUPPRIMÉ clé*: HKCU\Software\InstalledBrowserExtensions [] (PUP.BrowserExtensions)
SUPPRIMÉ clé*: HKCU\Software\mysearchdial [] (Adware.Hotbar)
SUPPRIMÉ clé*: HKCU\Software\mysearchdial.com [] (Adware.Hotbar)
SUPPRIMÉ clé*: HKCU\Software\ProPCCleanerConfig [] (PUP.ProPCCleaner)
SUPPRIMÉ clé*: HKCU\Software\ProPCCleanerLanguage [] (PUP.ProPCCleaner)
SUPPRIMÉ clé*: HKCU\Software\SweetIM [] (PUP.SweetIM)
SUPPRIMÉ clé*: HKCU\Software\systweak [] (PUP.Systweak)
SUPPRIMÉ clé*: HKCU\Software\Tutorials [] (PUP.AgenceExclusive)
SUPPRIMÉ clé*: HKCU\Software\TutoTag [] (PUP.AgenceExclusive)
SUPPRIMÉ clé*: HKCU\Software\Vosteran Browser [] (PUP.Vosteran)
SUPPRIMÉ clé*: HKCU\Software\wse_vosteran [] (PUP.Vosteran)
SUPPRIMÉ clé*: HKCU\Software\AppDataLow\Software\BlockAndSurf [] (PUP.BlockAndSurf)
SUPPRIMÉ clé*: HKCU\Software\AppDataLow\Software\DynConIE [] (PUP.DynConIE)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\inst.shoppingate.info [1292999] (PUP.ShoppinGate)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\omniboxes.com [] (PUP.Omniboxes)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\re-markable.net [] (PUP.Re-Markable)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\shoppingate.info [] (PUP.ShoppinGate)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\static.boostsaves.com [0] (PUP.BoostSaves)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\static.re-markable00.re-markable.net [2328] (PUP.Re-Markable)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\superfish.com [] (PUP.SpecialSavings)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com [72] (PUP.SpecialSavings)
SUPPRIMÉ clé*: HKCU\Software\Mozilla\Extends [] (PUP.FastStart)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\esrv.EXE [] (PUP.Funmoods)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\escort.dll [] (PUP.Babylon)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\escorteng.dll [] (PUP.Babylon)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8} [] (PUP.MySearchDial)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0} [esrv] (PUP.MySearchDial)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} [escortEng] (Adware.Funmoods)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\BasementDusterLib.DataContainer [DataContainer Class] (PUP.BasementDuster)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\BasementDusterLib.DataContainer.1 [DataContainer Class] (PUP.BasementDuster)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\BasementDusterLib.DataController [DataController Class] (PUP.BasementDuster)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\BasementDusterLib.DataController.1 [DataController Class] (PUP.BasementDuster)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\BasementDusterLib.DataTable [DataTable Class] (PUP.BasementDuster)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\BasementDusterLib.DataTable.1 [DataTable Class] (PUP.BasementDuster)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\BasementDusterLib.DataTableFields [DataTableFields Class] (PUP.BasementDuster)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\BasementDusterLib.DataTableFields.1 [DataTableFields Class] (PUP.BasementDuster)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\BasementDusterLib.DataTableHolder [DataTableHolder Class] (PUP.BasementDuster)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\BasementDusterLib.DataTableHolder.1 [DataTableHolder Class] (PUP.BasementDuster)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\BasementDusterLib.LSPLogic [LSPLogic Class] (PUP.BasementDuster)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\BasementDusterLib.LSPLogic.1 [LSPLogic Class] (PUP.BasementDuster)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\BasementDusterLib.ReadOnlyManager [ReadOnlyManager Class] (PUP.BasementDuster)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\BasementDusterLib.ReadOnlyManager.1 [ReadOnlyManager Class] (PUP.BasementDuster)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc [escrtSrvc Object] (PUP.MySearchDial)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc.1 [escrtSrvc Object] (PUP.MySearchDial)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10 [globalUpdate Update Plugin] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine [globalUpdate.OneClickProcessLauncher] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0 [globalUpdate.OneClickProcessLauncher] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4 [globalUpdate Update Plugin] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync [CoCreateAsync] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0 [CoCreateAsync] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass [Google Update Core Class] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1 [Google Update Core Class] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass [Google Update Core Class] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1 [Google Update Core Class] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine [GoogleUpdate CredentialDialog] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0 [GoogleUpdate CredentialDialog] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine [Google Update Broker Class Factory] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0 [Google Update Broker Class Factory] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback [Google Update Legacy On Demand] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0 [Google Update Legacy On Demand] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc [Google Update Legacy On Demand] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0 [Google Update Legacy On Demand] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher [Google Update Process Launcher Class] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0 [Google Update Process Launcher Class] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService [Update3COMClass] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0 [Update3COMClass] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine [Google Update Broker Class Factory] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0 [Google Update Broker Class Factory] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback [GoogleUpdate Update3Web] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0 [GoogleUpdate Update3Web] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc [GoogleUpdate Update3Web] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0 [GoogleUpdate Update3Web] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore [appCore Object] (PUP.MySearchDial)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore.1 [appCore Object] (PUP.MySearchDial)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Software.OneClickCtrl.9 [Software Update Plugin] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Software.OneClickProcessLauncherMachine [Software.OneClickProcessLauncher] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Software.OneClickProcessLauncherMachine.1.0 [Software.OneClickProcessLauncher] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Software.Update3WebControl.3 [Software Update Plugin] (PUP.Software.Updater)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.CoCreateAsync [CoCreateAsync] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.CoCreateAsync.1.0 [CoCreateAsync] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreMachineClass [Google Update Core Class] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreMachineClass.1 [Google Update Core Class] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.CredentialDialogMachine [SoftwareUpdate CredentialDialog] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.CredentialDialogMachine.1.0 [SoftwareUpdate CredentialDialog] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachineFallback [Google Update Legacy On Demand] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachineFallback.1.0 [Google Update Legacy On Demand] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassSvc [Google Update Legacy On Demand] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassSvc.1.0 [Google Update Legacy On Demand] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.ProcessLauncher [Google Update Process Launcher Class] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.ProcessLauncher.1.0 [Google Update Process Launcher Class] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3COMClassService [Update3COMClass] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3COMClassService.1.0 [Update3COMClass] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3WebMachine [Google Update Broker Class Factory] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3WebMachine.1.0 [Google Update Broker Class Factory] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3WebMachineFallback [SoftwareUpdate Update3Web] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3WebMachineFallback.1.0 [SoftwareUpdate Update3Web] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3WebSvc [SoftwareUpdate Update3Web] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3WebSvc.1.0 [SoftwareUpdate Update3Web] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\Software\Classes\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E [Software Update Helper] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update FindRight [] (PUP.FindRight)
SUPPRIMÉ clé*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util FindRight [] (PUP.FindRight)
SUPPRIMÉ clé*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect [] (PUP.Fuyu)
SUPPRIMÉ clé*: [X64] HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasementDuster [service] (PUP.BasementDuster)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\InstalledBrowserExtensions [] (PUP.BrowserExtensions)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\shopperz [] (PUP.Shopperz)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wajam Web Enhancer [] (PUP.Wajam)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 [] (PUP.MyPCBackup)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS [] (PUP.MyPCBackup)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\ProPCCleaner_RASAPI32 [] (PUP.ProPCCleaner)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\ProPCCleaner_RASMANCS [] (PUP.ProPCCleaner)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5081D2D4-1637-404c-B74F-50526718257D}_is1 [shopperz] (PUP.Shopperz)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Better Surf Plus [] (PUP.BetterSurfPlus)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Better-Surf [] (PUP.BetterSurf)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\GAMESDESKTOP [] (Adware.GamesDesktop)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\GlobalUpdate [] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\HQCinema Pro 2.1V14.03 [] (PUP.CrossRider)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\HQCinema Pro 2.1V14.03-nv-ie [] (PUP.CrossRider)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\InstallCore [] (Adware.InstallCore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\InstalledBrowserExtensions [] (PUP.BrowserExtensions)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\omniboxesSoftware [] (PUP.Omniboxes)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Pro PC Cleaner [] (PUP.DoctorPC)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\QuickRef_1.10.0.9 [] (PUP.QuickRef)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\shopperz [] (PUP.Shopperz)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\SweetIM [] (PUP.SweetIM)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Systweak [] (PUP.Systweak)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Tutorials [] (PUP.AgenceExclusive)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\VideoPlayerV3 [] (PUP.HDVidCodec)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Wajam Web Enhancer [] (PUP.Wajam)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\WebexpEnhancedV1 [] (PUP.WebexpEnhanced)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AnyProtect [CMI Limited] (PUP.CMILimited)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BA7A8C51-54E2-C3D4-B8B7-B56EAB1C003A [BlockAndSurf-software] (PUP.BlockAndSurf)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ConvertAd [Ring Topology Access] (Adware.Pirrit)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\gmsd_fr_315_is1 [GAMESDESKTOP] (PUP.CrossRider)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\HQCinema Pro 2.1V14.03 [HQ CinemaV14.03] (PUP.CrossRider)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial [Mysearchdial] (Adware.Hotbar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\omniboxes uninstall [omniboxes] (PUP.Omniboxes)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\QuickRef_1.10.0.9 [Quick Ref] (PUP.QuickRef)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SchedulingAgent [] (PUP.QuickRef)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage [CMI Limited] (PUP.CMILimited)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Wajam Web Enhancer [Wajam] (PUP.Wajam)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\wincheck [Graphics Header] (PUP.Wincheck)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WSE_Vosteran [WSE_Vosteran] (PUP.Vosteran)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [Software Update Helper] (Adware.Boxore)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32 [] (PUP.AdvancedSystemProtector)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS [] (PUP.AdvancedSystemProtector)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32 [] (Toolbar.BingBar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock BSetup_RASAPI32 [] (PUP.BubbleDock)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock BSetup_RASMANCS [] (PUP.BubbleDock)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock Update_RASAPI32 [] (PUP.BubbleDock)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock Update_RASMANCS [] (PUP.BubbleDock)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock_RASAPI32 [] (PUP.BubbleDock)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock_RASMANCS [] (PUP.BubbleDock)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ExtensionUpdaterService_RASAPI32 [] (Adware.Incredibar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ExtensionUpdaterService_RASMANCS [] (Adware.Incredibar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FindRight_RASAPI32 [] (PUP.FindRight)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FindRight_RASMANCS [] (PUP.FindRight)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Install_BubbleDock_RASAPI32 [] (PUP.BubbleDock)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Install_BubbleDock_RASMANCS [] (PUP.BubbleDock)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\majt4pcfr_RASAPI32 [] (PUP.EoRezo)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\majt4pcfr_RASMANCS [] (PUP.EoRezo)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PCPerformer_RASAPI32 [] (PUP.PerformerSoft)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PCPerformer_RASMANCS [] (PUP.PerformerSoft)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\pricepeep_RASAPI32 [] (Adware.PricePeep)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\pricepeep_RASMANCS [] (Adware.PricePeep)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\tuto4pc_fr_5_RASAPI32 [] (PUP.AgenceExclusive)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\tuto4pc_fr_5_RASMANCS [] (PUP.AgenceExclusive)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\umbrella_RASAPI32 [] (Adware.IMBooster)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\umbrella_RASMANCS [] (Adware.IMBooster)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateFindRight_RASAPI32 [] (PUP.FindRight)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateFindRight_RASMANCS [] (PUP.FindRight)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\upt4pc_fr_5_RASAPI32 [] (PUP.EoRezo)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\upt4pc_fr_5_RASMANCS [] (PUP.EoRezo)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilFindRight_RASAPI32 [] (PUP.FindRight)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilFindRight_RASMANCS [] (PUP.FindRight)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yontoo-C4-17D4_RASAPI32 [] (Adware.Yontoo)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yontoo-C4-17D4_RASMANCS [] (Adware.Yontoo)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yontoo-C4-1ADC_RASAPI32 [] (Adware.Yontoo)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yontoo-C4-1ADC_RASMANCS [] (Adware.Yontoo)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooDesktop_RASAPI32 [] (Adware.Yontoo)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooDesktop_RASMANCS [] (Adware.Yontoo)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8} [C:\Program Files (x86)\Mysearchdial\1.8.21.0\ (Not File)] (Adware.Hotbar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298} [C:\Program Files (x86)\globalUpdate\Update (Not File)] (PUP.GlobalUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A} [C:\Program Files (x86)\globalUpdate\Update\1.3.25.0 (Not File)] (PUP.GlobalUpdate)
---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
~ Ce navigateur est absent (Opera Software)
~ Le système a été redémarré.
---\\ Statistiques
~ Items scannés : 87713
~ Items trouvés : 0
~ Items réparés : 414
End of clean at 17:27:46
===================
ZHPCleaner-[R]-22032015-17_27_46.txt
ZHPCleaner-[S]-19032015-14_04_09.txt
Rapport ZHPcleaner
Bonsoir,
Tu va faire maintenant l'étape de FRST indiqué ici en 2/ : https://forums.commentcamarche.net/forum/affich-31720925-bug-internet#8
Ensuite poste les deux rapports stp
Bonne soirée
Tu va faire maintenant l'étape de FRST indiqué ici en 2/ : https://forums.commentcamarche.net/forum/affich-31720925-bug-internet#8
Ensuite poste les deux rapports stp
Bonne soirée
On continue alors :
1/
Désinstallez depuis le panneau de configuration s'il est possible :
- Discount Dragon
- FileParade bundle uninstaller
- Webexp Enhanced
- Websteroids
2/
On va lancer maintenant un script :
[*] Appuies simultanément sur les touches Windows et R
[*] Une fenêtre va s'ouvrir, tape ceci : notepad
[*] Clic sur OK (Le bloc note va s'ouvrir)
[*] Coller le script en gras ci-dessous dans votre bloc-notes
start
CloseProcesses:
CreateRestorePoint:
() C:\Users\Lucas\AppData\Roaming\ZHP\Quarantine\J4BlockAndSurfJ52.exe
() C:\Users\Lucas\AppData\Roaming\ZHP\Quarantine\gmsd_fr_315.exe
() C:\Users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68\insx6338.tmp
() C:\ProgramData\Websteroids\up\2.6.80\Websteroids.exe
() C:\ProgramData\Websteroids\up\2.6.80\Websteroids64.exe
() C:\Users\Lucas\AppData\Roaming\ZHP\Quarantine\BlockAndSurf.exe
() C:\Users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68\jnsh61A2.exe
HKLM-x32\...\Run: [WinCheck] => C:\Users\Lucas\AppData\Local\20A86E35-1426339612-E111-BEF1-9131AF183E68\bnsm738F.exe [305152 2015-03-14] ()
HKLM-x32\...\Run: [gmsd_fr_315] => C:\Program Files (x86)\gmsd_fr_315\gmsd_fr_315.exe
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKU\S-1-5-21-2400914848-400651550-2087204018-1002 -> URL http://search.conduit.com/?gd=&ctid=CT3323737&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=58&CUI=&UM=5&UP=SP19CF1EE6-0685-41E9-AA1B-EE0AF71418C8&q={searchTerms}&SSPV= [Pays NL - 195.78.120.88]
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll No File
FF user.js: detected! => C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\user.js [2015-03-22]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\bknnumy0.default\extensions\quick_start@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [searchengine@gmail.com] - C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\extensions\searchengine@gmail.com
FF Extension: No Name - C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\extensions\info@webtosave.com.xpi [Not Found]
FF Extension: No Name - C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\extensions\searchengine@gmail.com [Not Found]
S2 dydodijo; C:\Users\Lucas\AppData\Local\20A86E35-1426339754-E111-BEF1-9131AF183E68\cnsnA125.tmp [94720 2015-03-18] () [File not signed]
R2 mupogifi; C:\Users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68\insx6338.tmp [103936 2015-03-14] () [File not signed]
R1 qrnfd_1_10_0_9; C:\Windows\System32\drivers\qrnfd_1_10_0_9.sys [58224 2015-02-06] (Quick Ref)
Task: {05A628C4-1FB2-46CC-AC12-E47595C2692C} - \bench-sys No Task File <==== ATTENTION
Task: {3FB58442-B06E-4ECC-A299-7D011BB8CF94} - \Feven 1.8-chromeinstaller No Task File <==== ATTENTION
Task: {516FB13D-F107-42C6-8A4E-EF6D2F884CB5} - \Feven 1.8-firefoxinstaller No Task File <==== ATTENTION
Task: {5A7B083E-36CB-459A-BDD3-FB1795B63808} - \DealPlyUpdate No Task File <==== ATTENTION
Task: {603D415B-8765-4A19-8CF9-8D7FF1BD62F5} - \AmiUpdXp No Task File <==== ATTENTION
Task: {6A3E7C0B-40C3-485D-8DBC-A6946282DE8B} - \BoxSoftwareUpdate No Task File <==== ATTENTION
Task: {8770DEAE-3536-4892-8009-8557969B8F24} - \Feven 1.8-codedownloader No Task File <==== ATTENTION
Task: {A8F4A01F-BFBD-4EF5-B6D0-3D65507B42D3} - \SoftwareUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {B187BCCE-6F80-4CCF-A622-33D5A3AB152C} - \UpdaterEX No Task File <==== ATTENTION
Task: {B2FCB7C0-740D-4BB1-8AD3-99FE4F6A1D0A} - \Feven 1.8-updater No Task File <==== ATTENTION
2015-03-14 15:00 - 2015-03-22 17:19 - 00000000 ____D () C:\Program Files (x86)\ver5BlockAndSurf
2015-03-14 14:59 - 2015-03-12 09:59 - 00319392 _____ (BD Inc.) C:\Windows\SysWOW64\BDL.dll
2015-03-14 14:58 - 2015-03-20 20:04 - 00000000 ____D () C:\Users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68
2015-03-14 13:29 - 2015-03-22 12:10 - 00000000 ____D () C:\Users\Lucas\AppData\Local\20A86E35-1426339770-E111-BEF1-9131AF183E68
2015-03-14 13:29 - 2015-03-14 13:29 - 00000000 ____D () C:\Users\Lucas\AppData\Local\20A86E35-1426339754-E111-BEF1-9131AF183E68
2015-03-14 13:26 - 2015-03-20 20:04 - 00000000 ____D () C:\Users\Lucas\AppData\Local\20A86E35-1426339612-E111-BEF1-9131AF183E68
2015-03-14 13:25 - 2015-03-14 13:25 - 00000000 ____D () C:\Users\Lucas\AppData\Roaming\20A86E35-1426335947-E111-BEF1-9131AF183E68
2015-03-14 13:01 - 2015-03-14 13:02 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
Task: {048A0269-4E64-45E4-8C94-E29FB51445E3} - System32\Tasks\RunAsStdUser Task => C:\Users\Lucas\AppData\Local\PlayVolcanoSA\bin\1.0.10.0\PlayVolcanoSA.exe
2015-03-14 14:58 - 2015-03-14 14:58 - 00103936 _____ () C:\Users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68\insx6338.tmp
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKU\S-1-5-21-2400914848-400651550-2087204018-1002\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2400914848-400651550-2087204018-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
EmptyTemp:
end
[*] Une fois, le texte coller dans le bloc-note.
[*] Cliquez sur "Fichier" puis dans le menu déroulant sur "Enregistrer sous"
[*] A cette fenêtre cliquez sur "Bureau"
[*] Dans la zone de "Nom de fichier" tapez : fixlist puis validez en cliquant sur Enregistrer
[*] Sur votre bureau vous avec le fichier texte (fixlist.txt & FRST.exe)
[*] Lancez FRST, "exécuter en tant qu'administrateur" sous Windows Vista, Windows Seven et Windows 8/8.1
[*] Cliquez sur "Fix"
[*] Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
[*] Redémarre l'ordinateur.
[*] ===> Aide : <<<ICI>>>
@+
1/
Désinstallez depuis le panneau de configuration s'il est possible :
- Discount Dragon
- FileParade bundle uninstaller
- Webexp Enhanced
- Websteroids
2/
On va lancer maintenant un script :
[*] Appuies simultanément sur les touches Windows et R
[*] Une fenêtre va s'ouvrir, tape ceci : notepad
[*] Clic sur OK (Le bloc note va s'ouvrir)
[*] Coller le script en gras ci-dessous dans votre bloc-notes
start
CloseProcesses:
CreateRestorePoint:
() C:\Users\Lucas\AppData\Roaming\ZHP\Quarantine\J4BlockAndSurfJ52.exe
() C:\Users\Lucas\AppData\Roaming\ZHP\Quarantine\gmsd_fr_315.exe
() C:\Users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68\insx6338.tmp
() C:\ProgramData\Websteroids\up\2.6.80\Websteroids.exe
() C:\ProgramData\Websteroids\up\2.6.80\Websteroids64.exe
() C:\Users\Lucas\AppData\Roaming\ZHP\Quarantine\BlockAndSurf.exe
() C:\Users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68\jnsh61A2.exe
HKLM-x32\...\Run: [WinCheck] => C:\Users\Lucas\AppData\Local\20A86E35-1426339612-E111-BEF1-9131AF183E68\bnsm738F.exe [305152 2015-03-14] ()
HKLM-x32\...\Run: [gmsd_fr_315] => C:\Program Files (x86)\gmsd_fr_315\gmsd_fr_315.exe
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKU\S-1-5-21-2400914848-400651550-2087204018-1002 -> URL http://search.conduit.com/?gd=&ctid=CT3323737&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=58&CUI=&UM=5&UP=SP19CF1EE6-0685-41E9-AA1B-EE0AF71418C8&q={searchTerms}&SSPV= [Pays NL - 195.78.120.88]
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll No File
FF user.js: detected! => C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\user.js [2015-03-22]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\bknnumy0.default\extensions\quick_start@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [searchengine@gmail.com] - C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\extensions\searchengine@gmail.com
FF Extension: No Name - C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\extensions\info@webtosave.com.xpi [Not Found]
FF Extension: No Name - C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\extensions\searchengine@gmail.com [Not Found]
S2 dydodijo; C:\Users\Lucas\AppData\Local\20A86E35-1426339754-E111-BEF1-9131AF183E68\cnsnA125.tmp [94720 2015-03-18] () [File not signed]
R2 mupogifi; C:\Users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68\insx6338.tmp [103936 2015-03-14] () [File not signed]
R1 qrnfd_1_10_0_9; C:\Windows\System32\drivers\qrnfd_1_10_0_9.sys [58224 2015-02-06] (Quick Ref)
Task: {05A628C4-1FB2-46CC-AC12-E47595C2692C} - \bench-sys No Task File <==== ATTENTION
Task: {3FB58442-B06E-4ECC-A299-7D011BB8CF94} - \Feven 1.8-chromeinstaller No Task File <==== ATTENTION
Task: {516FB13D-F107-42C6-8A4E-EF6D2F884CB5} - \Feven 1.8-firefoxinstaller No Task File <==== ATTENTION
Task: {5A7B083E-36CB-459A-BDD3-FB1795B63808} - \DealPlyUpdate No Task File <==== ATTENTION
Task: {603D415B-8765-4A19-8CF9-8D7FF1BD62F5} - \AmiUpdXp No Task File <==== ATTENTION
Task: {6A3E7C0B-40C3-485D-8DBC-A6946282DE8B} - \BoxSoftwareUpdate No Task File <==== ATTENTION
Task: {8770DEAE-3536-4892-8009-8557969B8F24} - \Feven 1.8-codedownloader No Task File <==== ATTENTION
Task: {A8F4A01F-BFBD-4EF5-B6D0-3D65507B42D3} - \SoftwareUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {B187BCCE-6F80-4CCF-A622-33D5A3AB152C} - \UpdaterEX No Task File <==== ATTENTION
Task: {B2FCB7C0-740D-4BB1-8AD3-99FE4F6A1D0A} - \Feven 1.8-updater No Task File <==== ATTENTION
2015-03-14 15:00 - 2015-03-22 17:19 - 00000000 ____D () C:\Program Files (x86)\ver5BlockAndSurf
2015-03-14 14:59 - 2015-03-12 09:59 - 00319392 _____ (BD Inc.) C:\Windows\SysWOW64\BDL.dll
2015-03-14 14:58 - 2015-03-20 20:04 - 00000000 ____D () C:\Users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68
2015-03-14 13:29 - 2015-03-22 12:10 - 00000000 ____D () C:\Users\Lucas\AppData\Local\20A86E35-1426339770-E111-BEF1-9131AF183E68
2015-03-14 13:29 - 2015-03-14 13:29 - 00000000 ____D () C:\Users\Lucas\AppData\Local\20A86E35-1426339754-E111-BEF1-9131AF183E68
2015-03-14 13:26 - 2015-03-20 20:04 - 00000000 ____D () C:\Users\Lucas\AppData\Local\20A86E35-1426339612-E111-BEF1-9131AF183E68
2015-03-14 13:25 - 2015-03-14 13:25 - 00000000 ____D () C:\Users\Lucas\AppData\Roaming\20A86E35-1426335947-E111-BEF1-9131AF183E68
2015-03-14 13:01 - 2015-03-14 13:02 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
Task: {048A0269-4E64-45E4-8C94-E29FB51445E3} - System32\Tasks\RunAsStdUser Task => C:\Users\Lucas\AppData\Local\PlayVolcanoSA\bin\1.0.10.0\PlayVolcanoSA.exe
2015-03-14 14:58 - 2015-03-14 14:58 - 00103936 _____ () C:\Users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68\insx6338.tmp
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKU\S-1-5-21-2400914848-400651550-2087204018-1002\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2400914848-400651550-2087204018-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
EmptyTemp:
end
[*] Une fois, le texte coller dans le bloc-note.
[*] Cliquez sur "Fichier" puis dans le menu déroulant sur "Enregistrer sous"
[*] A cette fenêtre cliquez sur "Bureau"
[*] Dans la zone de "Nom de fichier" tapez : fixlist puis validez en cliquant sur Enregistrer
[*] Sur votre bureau vous avec le fichier texte (fixlist.txt & FRST.exe)
[*] Lancez FRST, "exécuter en tant qu'administrateur" sous Windows Vista, Windows Seven et Windows 8/8.1
[*] Cliquez sur "Fix"
[*] Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
[*] Redémarre l'ordinateur.
[*] ===> Aide : <<<ICI>>>
@+
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Lucas at 2015-03-23 22:05:37 Run:1
Running from C:\Users\Lucas\Desktop
Loaded Profiles: UpdatusUser & Lucas (Available profiles: UpdatusUser & Lucas)
Boot Mode: Normal
==============================================
Content of fixlist:
start
CloseProcesses:
CreateRestorePoint:
() C:\Users\Lucas\AppData\Roaming\ZHP\Quarantine\J4BlockAndSurfJ52.exe
() C:\Users\Lucas\AppData\Roaming\ZHP\Quarantine\gmsd_fr_315.exe
() C:\Users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68\insx6338.tmp
() C:\ProgramData\Websteroids\up\2.6.80\Websteroids.exe
() C:\ProgramData\Websteroids\up\2.6.80\Websteroids64.exe
() C:\Users\Lucas\AppData\Roaming\ZHP\Quarantine\BlockAndSurf.exe
() C:\Users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68\jnsh61A2.exe
HKLM-x32\...\Run: [WinCheck] => C:\Users\Lucas\AppData\Local\20A86E35-1426339612-E111-BEF1-9131AF183E68\bnsm738F.exe [305152 2015-03-14] ()
HKLM-x32\...\Run: [gmsd_fr_315] => C:\Program Files (x86)\gmsd_fr_315\gmsd_fr_315.exe
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKU\S-1-5-21-2400914848-400651550-2087204018-1002 -> URL http://search.conduit.com/?gd=&ctid=CT3323737&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=58&CUI=&UM=5&UP=SP19CF1EE6-0685-41E9-AA1B-EE0AF71418C8&q={searchTerms}&SSPV= [Pays NL - 195.78.120.88]
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll No File
FF user.js: detected! => C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\user.js [2015-03-22]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\bknnumy0.default\extensions\quick_start@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [searchengine@gmail.com] - C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\extensions\searchengine@gmail.com
FF Extension: No Name - C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\extensions\info@webtosave.com.xpi [Not Found]
FF Extension: No Name - C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\extensions\searchengine@gmail.com [Not Found]
S2 dydodijo; C:\Users\Lucas\AppData\Local\20A86E35-1426339754-E111-BEF1-9131AF183E68\cnsnA125.tmp [94720 2015-03-18] () [File not signed]
R2 mupogifi; C:\Users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68\insx6338.tmp [103936 2015-03-14] () [File not signed]
R1 qrnfd_1_10_0_9; C:\Windows\System32\drivers\qrnfd_1_10_0_9.sys [58224 2015-02-06] (Quick Ref)
Task: {05A628C4-1FB2-46CC-AC12-E47595C2692C} - \bench-sys No Task File <==== ATTENTION
Task: {3FB58442-B06E-4ECC-A299-7D011BB8CF94} - \Feven 1.8-chromeinstaller No Task File <==== ATTENTION
Task: {516FB13D-F107-42C6-8A4E-EF6D2F884CB5} - \Feven 1.8-firefoxinstaller No Task File <==== ATTENTION
Task: {5A7B083E-36CB-459A-BDD3-FB1795B63808} - \DealPlyUpdate No Task File <==== ATTENTION
Task: {603D415B-8765-4A19-8CF9-8D7FF1BD62F5} - \AmiUpdXp No Task File <==== ATTENTION
Task: {6A3E7C0B-40C3-485D-8DBC-A6946282DE8B} - \BoxSoftwareUpdate No Task File <==== ATTENTION
Task: {8770DEAE-3536-4892-8009-8557969B8F24} - \Feven 1.8-codedownloader No Task File <==== ATTENTION
Task: {A8F4A01F-BFBD-4EF5-B6D0-3D65507B42D3} - \SoftwareUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {B187BCCE-6F80-4CCF-A622-33D5A3AB152C} - \UpdaterEX No Task File <==== ATTENTION
Task: {B2FCB7C0-740D-4BB1-8AD3-99FE4F6A1D0A} - \Feven 1.8-updater No Task File <==== ATTENTION
2015-03-14 15:00 - 2015-03-22 17:19 - 00000000 ____D () C:\Program Files (x86)\ver5BlockAndSurf
2015-03-14 14:59 - 2015-03-12 09:59 - 00319392 _____ (BD Inc.) C:\Windows\SysWOW64\BDL.dll
2015-03-14 14:58 - 2015-03-20 20:04 - 00000000 ____D () C:\Users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68
2015-03-14 13:29 - 2015-03-22 12:10 - 00000000 ____D () C:\Users\Lucas\AppData\Local\20A86E35-1426339770-E111-BEF1-9131AF183E68
2015-03-14 13:29 - 2015-03-14 13:29 - 00000000 ____D () C:\Users\Lucas\AppData\Local\20A86E35-1426339754-E111-BEF1-9131AF183E68
2015-03-14 13:26 - 2015-03-20 20:04 - 00000000 ____D () C:\Users\Lucas\AppData\Local\20A86E35-1426339612-E111-BEF1-9131AF183E68
2015-03-14 13:25 - 2015-03-14 13:25 - 00000000 ____D () C:\Users\Lucas\AppData\Roaming\20A86E35-1426335947-E111-BEF1-9131AF183E68
2015-03-14 13:01 - 2015-03-14 13:02 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
Task: {048A0269-4E64-45E4-8C94-E29FB51445E3} - System32\Tasks\RunAsStdUser Task => C:\Users\Lucas\AppData\Local\PlayVolcanoSA\bin\1.0.10.0\PlayVolcanoSA.exe
2015-03-14 14:58 - 2015-03-14 14:58 - 00103936 _____ () C:\Users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68\insx6338.tmp
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKU\S-1-5-21-2400914848-400651550-2087204018-1002\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2400914848-400651550-2087204018-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
EmptyTemp:
end
Processes closed successfully.
Restore point was successfully created.
C:\Users\Lucas\AppData\Roaming\ZHP\Quarantine\J4BlockAndSurfJ52.exe => No running process found
C:\Users\Lucas\AppData\Roaming\ZHP\Quarantine\gmsd_fr_315.exe => No running process found
C:\Users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68\insx6338.tmp => No running process found
C:\ProgramData\Websteroids\up\2.6.80\Websteroids.exe => No running process found
C:\ProgramData\Websteroids\up\2.6.80\Websteroids64.exe => No running process found
C:\Users\Lucas\AppData\Roaming\ZHP\Quarantine\BlockAndSurf.exe => No running process found
C:\Users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68\jnsh61A2.exe => No running process found
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\WinCheck => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_315 => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}" => Key deleted successfully.
HKCR\CLSID\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} => Key not found.
HKU\S-1-5-21-2400914848-400651550-2087204018-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\URL => value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{3004627E-F8E9-4E8B-909D-316753CBA923} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923}" => Key deleted successfully.
C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\user.js => Moved successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\quick_start@gmail.com => value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\searchengine@gmail.com => value deleted successfully.
C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\extensions\info@webtosave.com.xpi not found.
C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\extensions\searchengine@gmail.com not found.
dydodijo => Service deleted successfully.
mupogifi => Service deleted successfully.
qrnfd_1_10_0_9 => Unable to stop service
qrnfd_1_10_0_9 => Service deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{05A628C4-1FB2-46CC-AC12-E47595C2692C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05A628C4-1FB2-46CC-AC12-E47595C2692C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\bench-sys" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3FB58442-B06E-4ECC-A299-7D011BB8CF94}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3FB58442-B06E-4ECC-A299-7D011BB8CF94}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven 1.8-chromeinstaller" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{516FB13D-F107-42C6-8A4E-EF6D2F884CB5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{516FB13D-F107-42C6-8A4E-EF6D2F884CB5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven 1.8-firefoxinstaller" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5A7B083E-36CB-459A-BDD3-FB1795B63808}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A7B083E-36CB-459A-BDD3-FB1795B63808}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyUpdate" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{603D415B-8765-4A19-8CF9-8D7FF1BD62F5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{603D415B-8765-4A19-8CF9-8D7FF1BD62F5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AmiUpdXp" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6A3E7C0B-40C3-485D-8DBC-A6946282DE8B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A3E7C0B-40C3-485D-8DBC-A6946282DE8B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BoxSoftwareUpdate" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8770DEAE-3536-4892-8009-8557969B8F24}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8770DEAE-3536-4892-8009-8557969B8F24}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven 1.8-codedownloader" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A8F4A01F-BFBD-4EF5-B6D0-3D65507B42D3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A8F4A01F-BFBD-4EF5-B6D0-3D65507B42D3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SoftwareUpdateTaskMachineUA" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B187BCCE-6F80-4CCF-A622-33D5A3AB152C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B187BCCE-6F80-4CCF-A622-33D5A3AB152C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UpdaterEX" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B2FCB7C0-740D-4BB1-8AD3-99FE4F6A1D0A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B2FCB7C0-740D-4BB1-8AD3-99FE4F6A1D0A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven 1.8-updater" => Key deleted successfully.
C:\Program Files (x86)\ver5BlockAndSurf => Moved successfully.
C:\Windows\SysWOW64\BDL.dll => Moved successfully.
C:\Users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68 => Moved successfully.
C:\Users\Lucas\AppData\Local\20A86E35-1426339770-E111-BEF1-9131AF183E68 => Moved successfully.
C:\Users\Lucas\AppData\Local\20A86E35-1426339754-E111-BEF1-9131AF183E68 => Moved successfully.
C:\Users\Lucas\AppData\Local\20A86E35-1426339612-E111-BEF1-9131AF183E68 => Moved successfully.
C:\Users\Lucas\AppData\Roaming\20A86E35-1426335947-E111-BEF1-9131AF183E68 => Moved successfully.
C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{048A0269-4E64-45E4-8C94-E29FB51445E3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{048A0269-4E64-45E4-8C94-E29FB51445E3}" => Key deleted successfully.
C:\Windows\System32\Tasks\RunAsStdUser Task => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RunAsStdUser Task" => Key deleted successfully.
"C:\Users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68\insx6338.tmp" => File/Directory not found.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKU\S-1-5-21-2400914848-400651550-2087204018-1002\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-2400914848-400651550-2087204018-1002\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
EmptyTemp: => Removed 463.2 MB temporary data.
The system needed a reboot.
Ran by Lucas at 2015-03-23 22:05:37 Run:1
Running from C:\Users\Lucas\Desktop
Loaded Profiles: UpdatusUser & Lucas (Available profiles: UpdatusUser & Lucas)
Boot Mode: Normal
==============================================
Content of fixlist:
start
CloseProcesses:
CreateRestorePoint:
() C:\Users\Lucas\AppData\Roaming\ZHP\Quarantine\J4BlockAndSurfJ52.exe
() C:\Users\Lucas\AppData\Roaming\ZHP\Quarantine\gmsd_fr_315.exe
() C:\Users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68\insx6338.tmp
() C:\ProgramData\Websteroids\up\2.6.80\Websteroids.exe
() C:\ProgramData\Websteroids\up\2.6.80\Websteroids64.exe
() C:\Users\Lucas\AppData\Roaming\ZHP\Quarantine\BlockAndSurf.exe
() C:\Users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68\jnsh61A2.exe
HKLM-x32\...\Run: [WinCheck] => C:\Users\Lucas\AppData\Local\20A86E35-1426339612-E111-BEF1-9131AF183E68\bnsm738F.exe [305152 2015-03-14] ()
HKLM-x32\...\Run: [gmsd_fr_315] => C:\Program Files (x86)\gmsd_fr_315\gmsd_fr_315.exe
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKU\S-1-5-21-2400914848-400651550-2087204018-1002 -> URL http://search.conduit.com/?gd=&ctid=CT3323737&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=58&CUI=&UM=5&UP=SP19CF1EE6-0685-41E9-AA1B-EE0AF71418C8&q={searchTerms}&SSPV= [Pays NL - 195.78.120.88]
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll No File
FF user.js: detected! => C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\user.js [2015-03-22]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\bknnumy0.default\extensions\quick_start@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [searchengine@gmail.com] - C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\extensions\searchengine@gmail.com
FF Extension: No Name - C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\extensions\info@webtosave.com.xpi [Not Found]
FF Extension: No Name - C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\extensions\searchengine@gmail.com [Not Found]
S2 dydodijo; C:\Users\Lucas\AppData\Local\20A86E35-1426339754-E111-BEF1-9131AF183E68\cnsnA125.tmp [94720 2015-03-18] () [File not signed]
R2 mupogifi; C:\Users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68\insx6338.tmp [103936 2015-03-14] () [File not signed]
R1 qrnfd_1_10_0_9; C:\Windows\System32\drivers\qrnfd_1_10_0_9.sys [58224 2015-02-06] (Quick Ref)
Task: {05A628C4-1FB2-46CC-AC12-E47595C2692C} - \bench-sys No Task File <==== ATTENTION
Task: {3FB58442-B06E-4ECC-A299-7D011BB8CF94} - \Feven 1.8-chromeinstaller No Task File <==== ATTENTION
Task: {516FB13D-F107-42C6-8A4E-EF6D2F884CB5} - \Feven 1.8-firefoxinstaller No Task File <==== ATTENTION
Task: {5A7B083E-36CB-459A-BDD3-FB1795B63808} - \DealPlyUpdate No Task File <==== ATTENTION
Task: {603D415B-8765-4A19-8CF9-8D7FF1BD62F5} - \AmiUpdXp No Task File <==== ATTENTION
Task: {6A3E7C0B-40C3-485D-8DBC-A6946282DE8B} - \BoxSoftwareUpdate No Task File <==== ATTENTION
Task: {8770DEAE-3536-4892-8009-8557969B8F24} - \Feven 1.8-codedownloader No Task File <==== ATTENTION
Task: {A8F4A01F-BFBD-4EF5-B6D0-3D65507B42D3} - \SoftwareUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {B187BCCE-6F80-4CCF-A622-33D5A3AB152C} - \UpdaterEX No Task File <==== ATTENTION
Task: {B2FCB7C0-740D-4BB1-8AD3-99FE4F6A1D0A} - \Feven 1.8-updater No Task File <==== ATTENTION
2015-03-14 15:00 - 2015-03-22 17:19 - 00000000 ____D () C:\Program Files (x86)\ver5BlockAndSurf
2015-03-14 14:59 - 2015-03-12 09:59 - 00319392 _____ (BD Inc.) C:\Windows\SysWOW64\BDL.dll
2015-03-14 14:58 - 2015-03-20 20:04 - 00000000 ____D () C:\Users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68
2015-03-14 13:29 - 2015-03-22 12:10 - 00000000 ____D () C:\Users\Lucas\AppData\Local\20A86E35-1426339770-E111-BEF1-9131AF183E68
2015-03-14 13:29 - 2015-03-14 13:29 - 00000000 ____D () C:\Users\Lucas\AppData\Local\20A86E35-1426339754-E111-BEF1-9131AF183E68
2015-03-14 13:26 - 2015-03-20 20:04 - 00000000 ____D () C:\Users\Lucas\AppData\Local\20A86E35-1426339612-E111-BEF1-9131AF183E68
2015-03-14 13:25 - 2015-03-14 13:25 - 00000000 ____D () C:\Users\Lucas\AppData\Roaming\20A86E35-1426335947-E111-BEF1-9131AF183E68
2015-03-14 13:01 - 2015-03-14 13:02 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
Task: {048A0269-4E64-45E4-8C94-E29FB51445E3} - System32\Tasks\RunAsStdUser Task => C:\Users\Lucas\AppData\Local\PlayVolcanoSA\bin\1.0.10.0\PlayVolcanoSA.exe
2015-03-14 14:58 - 2015-03-14 14:58 - 00103936 _____ () C:\Users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68\insx6338.tmp
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKU\S-1-5-21-2400914848-400651550-2087204018-1002\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2400914848-400651550-2087204018-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
EmptyTemp:
end
Processes closed successfully.
Restore point was successfully created.
C:\Users\Lucas\AppData\Roaming\ZHP\Quarantine\J4BlockAndSurfJ52.exe => No running process found
C:\Users\Lucas\AppData\Roaming\ZHP\Quarantine\gmsd_fr_315.exe => No running process found
C:\Users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68\insx6338.tmp => No running process found
C:\ProgramData\Websteroids\up\2.6.80\Websteroids.exe => No running process found
C:\ProgramData\Websteroids\up\2.6.80\Websteroids64.exe => No running process found
C:\Users\Lucas\AppData\Roaming\ZHP\Quarantine\BlockAndSurf.exe => No running process found
C:\Users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68\jnsh61A2.exe => No running process found
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\WinCheck => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_315 => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}" => Key deleted successfully.
HKCR\CLSID\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} => Key not found.
HKU\S-1-5-21-2400914848-400651550-2087204018-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\URL => value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{3004627E-F8E9-4E8B-909D-316753CBA923} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923}" => Key deleted successfully.
C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\user.js => Moved successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\quick_start@gmail.com => value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\searchengine@gmail.com => value deleted successfully.
C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\extensions\info@webtosave.com.xpi not found.
C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\extensions\searchengine@gmail.com not found.
dydodijo => Service deleted successfully.
mupogifi => Service deleted successfully.
qrnfd_1_10_0_9 => Unable to stop service
qrnfd_1_10_0_9 => Service deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{05A628C4-1FB2-46CC-AC12-E47595C2692C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05A628C4-1FB2-46CC-AC12-E47595C2692C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\bench-sys" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3FB58442-B06E-4ECC-A299-7D011BB8CF94}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3FB58442-B06E-4ECC-A299-7D011BB8CF94}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven 1.8-chromeinstaller" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{516FB13D-F107-42C6-8A4E-EF6D2F884CB5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{516FB13D-F107-42C6-8A4E-EF6D2F884CB5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven 1.8-firefoxinstaller" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5A7B083E-36CB-459A-BDD3-FB1795B63808}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A7B083E-36CB-459A-BDD3-FB1795B63808}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyUpdate" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{603D415B-8765-4A19-8CF9-8D7FF1BD62F5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{603D415B-8765-4A19-8CF9-8D7FF1BD62F5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AmiUpdXp" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6A3E7C0B-40C3-485D-8DBC-A6946282DE8B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A3E7C0B-40C3-485D-8DBC-A6946282DE8B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BoxSoftwareUpdate" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8770DEAE-3536-4892-8009-8557969B8F24}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8770DEAE-3536-4892-8009-8557969B8F24}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven 1.8-codedownloader" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A8F4A01F-BFBD-4EF5-B6D0-3D65507B42D3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A8F4A01F-BFBD-4EF5-B6D0-3D65507B42D3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SoftwareUpdateTaskMachineUA" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B187BCCE-6F80-4CCF-A622-33D5A3AB152C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B187BCCE-6F80-4CCF-A622-33D5A3AB152C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UpdaterEX" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B2FCB7C0-740D-4BB1-8AD3-99FE4F6A1D0A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B2FCB7C0-740D-4BB1-8AD3-99FE4F6A1D0A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven 1.8-updater" => Key deleted successfully.
C:\Program Files (x86)\ver5BlockAndSurf => Moved successfully.
C:\Windows\SysWOW64\BDL.dll => Moved successfully.
C:\Users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68 => Moved successfully.
C:\Users\Lucas\AppData\Local\20A86E35-1426339770-E111-BEF1-9131AF183E68 => Moved successfully.
C:\Users\Lucas\AppData\Local\20A86E35-1426339754-E111-BEF1-9131AF183E68 => Moved successfully.
C:\Users\Lucas\AppData\Local\20A86E35-1426339612-E111-BEF1-9131AF183E68 => Moved successfully.
C:\Users\Lucas\AppData\Roaming\20A86E35-1426335947-E111-BEF1-9131AF183E68 => Moved successfully.
C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{048A0269-4E64-45E4-8C94-E29FB51445E3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{048A0269-4E64-45E4-8C94-E29FB51445E3}" => Key deleted successfully.
C:\Windows\System32\Tasks\RunAsStdUser Task => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RunAsStdUser Task" => Key deleted successfully.
"C:\Users\Lucas\AppData\Local\20A86E35-1426345108-E111-BEF1-9131AF183E68\insx6338.tmp" => File/Directory not found.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKU\S-1-5-21-2400914848-400651550-2087204018-1002\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-2400914848-400651550-2087204018-1002\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
EmptyTemp: => Removed 463.2 MB temporary data.
The system needed a reboot.
End of Fixlog 22:07:10
Voilà le rapport fixlog
Bonjour,
On a avancé un peu! :-)
------------
[*] Lance Malwarebytes.
[*] Mets le à jour puis lance un examen "Menaces".
[*] coche "Recherche de rootkits" (Paramètres -> Détection et protection)
[*] A la fin du scan, clic sur "Mettre tous en quarantaine" en bas à gauche.
[*] Redémarre l'ordinateur si besoin.
[*] Après redémarrage, relance Malwarebytes.
[*] Vas chercher le rapport dans l'onglet "Historique".
[*] Clic à gauche sur l'onglet Journaux de l'application.
[*] Double-clic sur le journal d'examen pour l'afficher.
[*] En bas à gauche choisis "Copier dans le presse papier"
[*] colle le rapport le contenu du journal ici
@+
On a avancé un peu! :-)
------------
[*] Lance Malwarebytes.
[*] Mets le à jour puis lance un examen "Menaces".
[*] coche "Recherche de rootkits" (Paramètres -> Détection et protection)
[*] A la fin du scan, clic sur "Mettre tous en quarantaine" en bas à gauche.
[*] Redémarre l'ordinateur si besoin.
[*] Après redémarrage, relance Malwarebytes.
[*] Vas chercher le rapport dans l'onglet "Historique".
[*] Clic à gauche sur l'onglet Journaux de l'application.
[*] Double-clic sur le journal d'examen pour l'afficher.
[*] En bas à gauche choisis "Copier dans le presse papier"
[*] colle le rapport le contenu du journal ici
@+
Malwarebytes Anti-Malware
www.malwarebytes.org
Date de l'examen: 24/03/2015
Heure de l'examen: 14:11:13
Fichier journal:
Administrateur: Oui
Version: 0.00.0.0000
Base de données Malveillants: v2015.03.24.04
Base de données Rootkits: v2015.02.25.01
Licence: Essai
Protection contre les malveillants: Activé(e)
Protection contre les sites Web malveillants: Activé(e)
Auto-protection: Désactivé(e)
Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Lucas
Type d'examen: Examen "Menaces"
Résultat: Terminé
Objets analysés: 412304
Temps écoulé: 4 h, 15 min, 13 sec
Mémoire: Activé(e)
Démarrage: Activé(e)
Système de fichiers: Activé(e)
Archives: Activé(e)
Rootkits: Désactivé(e)
Heuristique: Activé(e)
PUP: Avertir
PUM: Activé(e)
Processus: 0
(Aucun élément malicieux detecté)
Modules: 0
(Aucun élément malicieux detecté)
Clés du Registre: 0
(Aucun élément malicieux detecté)
Valeurs du Registre: 0
(Aucun élément malicieux detecté)
Données du Registre: 0
(Aucun élément malicieux detecté)
Dossiers: 0
(Aucun élément malicieux detecté)
Fichiers: 0
(Aucun élément malicieux detecté)
Secteurs physiques: 0
(Aucun élément malicieux detecté)
(end)
Salut :)
Voilà le rapport Malwarebytes. Je suis en train de le refaire car je n'avais pas sélectionner les rootkits. Je postes le 2e rapport dans le prochain message.
www.malwarebytes.org
Date de l'examen: 24/03/2015
Heure de l'examen: 14:11:13
Fichier journal:
Administrateur: Oui
Version: 0.00.0.0000
Base de données Malveillants: v2015.03.24.04
Base de données Rootkits: v2015.02.25.01
Licence: Essai
Protection contre les malveillants: Activé(e)
Protection contre les sites Web malveillants: Activé(e)
Auto-protection: Désactivé(e)
Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Lucas
Type d'examen: Examen "Menaces"
Résultat: Terminé
Objets analysés: 412304
Temps écoulé: 4 h, 15 min, 13 sec
Mémoire: Activé(e)
Démarrage: Activé(e)
Système de fichiers: Activé(e)
Archives: Activé(e)
Rootkits: Désactivé(e)
Heuristique: Activé(e)
PUP: Avertir
PUM: Activé(e)
Processus: 0
(Aucun élément malicieux detecté)
Modules: 0
(Aucun élément malicieux detecté)
Clés du Registre: 0
(Aucun élément malicieux detecté)
Valeurs du Registre: 0
(Aucun élément malicieux detecté)
Données du Registre: 0
(Aucun élément malicieux detecté)
Dossiers: 0
(Aucun élément malicieux detecté)
Fichiers: 0
(Aucun élément malicieux detecté)
Secteurs physiques: 0
(Aucun élément malicieux detecté)
(end)
Salut :)
Voilà le rapport Malwarebytes. Je suis en train de le refaire car je n'avais pas sélectionner les rootkits. Je postes le 2e rapport dans le prochain message.
Malwarebytes Anti-Malware
www.malwarebytes.org
Date de l'examen: 24/03/2015
Heure de l'examen: 14:11:13
Fichier journal:
Administrateur: Oui
Version: 0.00.0.0000
Base de données Malveillants: v2015.03.24.04
Base de données Rootkits: v2015.02.25.01
Licence: Essai
Protection contre les malveillants: Activé(e)
Protection contre les sites Web malveillants: Activé(e)
Auto-protection: Désactivé(e)
Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Lucas
Type d'examen: Examen "Menaces"
Résultat: Terminé
Objets analysés: 412304
Temps écoulé: 4 h, 15 min, 13 sec
Mémoire: Activé(e)
Démarrage: Activé(e)
Système de fichiers: Activé(e)
Archives: Activé(e)
Rootkits: Désactivé(e)
Heuristique: Activé(e)
PUP: Avertir
PUM: Activé(e)
Processus: 0
(Aucun élément malicieux detecté)
Modules: 0
(Aucun élément malicieux detecté)
Clés du Registre: 0
(Aucun élément malicieux detecté)
Valeurs du Registre: 0
(Aucun élément malicieux detecté)
Données du Registre: 0
(Aucun élément malicieux detecté)
Dossiers: 0
(Aucun élément malicieux detecté)
Fichiers: 0
(Aucun élément malicieux detecté)
Secteurs physiques: 0
(Aucun élément malicieux detecté)
(end)
Rapport avec les rootkits
www.malwarebytes.org
Date de l'examen: 24/03/2015
Heure de l'examen: 14:11:13
Fichier journal:
Administrateur: Oui
Version: 0.00.0.0000
Base de données Malveillants: v2015.03.24.04
Base de données Rootkits: v2015.02.25.01
Licence: Essai
Protection contre les malveillants: Activé(e)
Protection contre les sites Web malveillants: Activé(e)
Auto-protection: Désactivé(e)
Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Lucas
Type d'examen: Examen "Menaces"
Résultat: Terminé
Objets analysés: 412304
Temps écoulé: 4 h, 15 min, 13 sec
Mémoire: Activé(e)
Démarrage: Activé(e)
Système de fichiers: Activé(e)
Archives: Activé(e)
Rootkits: Désactivé(e)
Heuristique: Activé(e)
PUP: Avertir
PUM: Activé(e)
Processus: 0
(Aucun élément malicieux detecté)
Modules: 0
(Aucun élément malicieux detecté)
Clés du Registre: 0
(Aucun élément malicieux detecté)
Valeurs du Registre: 0
(Aucun élément malicieux detecté)
Données du Registre: 0
(Aucun élément malicieux detecté)
Dossiers: 0
(Aucun élément malicieux detecté)
Fichiers: 0
(Aucun élément malicieux detecté)
Secteurs physiques: 0
(Aucun élément malicieux detecté)
(end)
Rapport avec les rootkits
Mince désolé pour le triple post ... C'est celui-là avec les rootkits d'activés :
Malwarebytes Anti-Malware
www.malwarebytes.org
Date de l'examen: 24/03/2015
Heure de l'examen: 14:51:12
Fichier journal:
Administrateur: Oui
Version: 2.00.4.1028
Base de données Malveillants: v2015.03.24.04
Base de données Rootkits: v2015.02.25.01
Licence: Essai
Protection contre les malveillants: Activé(e)
Protection contre les sites Web malveillants: Activé(e)
Auto-protection: Désactivé(e)
Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Lucas
Type d'examen: Examen "Menaces"
Résultat: Terminé
Objets analysés: 414461
Temps écoulé: 32 min, 35 sec
Mémoire: Activé(e)
Démarrage: Activé(e)
Système de fichiers: Activé(e)
Archives: Activé(e)
Rootkits: Activé(e)
Heuristique: Activé(e)
PUP: Avertir
PUM: Activé(e)
Processus: 0
(Aucun élément malicieux detecté)
Modules: 0
(Aucun élément malicieux detecté)
Clés du Registre: 0
(Aucun élément malicieux detecté)
Valeurs du Registre: 0
(Aucun élément malicieux detecté)
Données du Registre: 0
(Aucun élément malicieux detecté)
Dossiers: 0
(Aucun élément malicieux detecté)
Fichiers: 31
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.aflt", "wnzp_14_19_ff");), Remplacé,[2c7dc35f28625cda5ba6f93a39cdf10f]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (his file while the application is runninpplication exits.
*
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (tion is runninpplication exits.
*
user_pref("accessibility.typeaheadfind.flashBar", 0);
user_pref("app.update.lastUpdateTime.addon), Remplacé,[8e1b4cd6206a1125d72a10232dd954ac]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (ccessibility.typeaheadfind.flashBar", 0);
user_p), Remplacé,[36730121d5b55ed847baf043cd397e82]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (anges to this file while the application is runninppli), Remplacé,[a603ac761e6cac8aee13c56eca3c45bb]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: ( to this file while the application is runninppli), Remplacé,[c5e446dc117994a28e731b18f4124fb1]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (anges to this file while the application is runninpp), Remplacé,[d9d09d853e4cdf57e41dfd368e7801ff]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (es to this file while the application is runninppl), Remplacé,[f0b91c0606840c2af20f4fe4f31316ea]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (nges to this file while the application is runninpplication exits.
*
user_pref("accessibility.typeaheadfind.flashBar", 0);
user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1426351145);
user_pref("app.update.lastUpdateTime.background-update-timer", 1426416963);
user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 1426349723);
user_pref("app1426420270);
user_pref("app.update.lastUpdateTime.experiments-update-timer", 1426416723);
user_pref("app.update.lastUpdateTime.search-engine-update-timer", 1426416843);
user_pref("app.update.migrated.updateDir", tru), Remplacé,[aefb01214743b68009f893a00bfb2ad6]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: ();
user_pref("app.update.migrated.updateDir", true)), Remplacé,[8d1cbd65d0ba2e08eb1646ed41c56e92]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (es to this file while the application is runninpplication exits.
*
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (plication is runninpplication exits.
*
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (hanges to this file while the application is runninpplication exits.
*
user_pref("accessibility.typeaheadfind.flashBar", 0);
user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1426351145);
), Remplacé,[c0e9041ed7b32e08a55c969d4bbba55b]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (me.addon-background-update-timer", 1426351145);
user_pref("), Remplacé,[f0b90c16b1d92412e61b88ab689eb44c]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (is file while the application is runninpplication exits), Remplacé,[3c6d56cc6d1d94a259a863d04fb7ab55]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (to this file while the application is runninpplica), Remplacé,[565390922a60df57f60b9a9933d3bd43]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (nges to this file while the application is runninpplication exits.
*
user_pref("accessibility.typeaheadfind.flashBar", 0);
user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1426351145);
), Remplacé,[3f6a2ef445452c0a44bd03307294e719]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (Time.addon-background-update-timer", 1426351145);
user_pref("app.up), Remplacé,[812846dc2c5e9d9957aa0033957108f8]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (while the application is runninpplication exits.
*
user_pref("accessibility.typeaheadfind.flashBar", 0);
user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1426351145);
user_pref("app.update), Remplacé,[57524fd3b6d470c6f70a72c1f41218e8]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (.addon-background-update-timer", 1426351145);
user_pref("app.update.lastUpdateTime.background-update-timer", 1426416963);
user_pref("app.update.lastUpdateTime.blocklist-background-upda), Remplacé,[6d3c5dc5d5b576c0e1201e15e91d1fe1]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (lashBar", 0);
user_pref("app.update.lastUpdateTime.addon-b), Remplacé,[b6f3dd45f49689ad6d94dd5633d331cf]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (his file while the application is runninpplication exits.
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (s file while the application is runninpplication), Remplacé,[cadfdf432e5c46f0629f61d239cd3cc4]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (hanges to this file while the application is runninpplication e), Remplacé,[aaffb66cd3b7b77f07fa6bc8f1158878]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (file while the application is runninpplication exits), Remplacé,[fbae8a981b6f82b4c839ce6565a160a0]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (es to this file while the application is runninpplication exits.
*
user_pref("accessibility.typeaheadfind.flashBar", 0);
user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1426351145);
user_pref(), Remplacé,[ecbdc45e1377fb3b11f062d1f80e0df3]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (n-background-update-timer", 1426351145);
user_pref("a), Remplacé,[2a7fec362664cc6ae8191a192dd9c43c]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: ( to this file while the application is runninpplication), Remplacé,[1a8f071b2268f73f4db473c0cc3a33cd]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (nges to this file while the application is runninppli), Remplacé,[575265bd4c3ee65069980f24a363f808]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (s to this file while the application is runninpplicatio), Remplacé,[d6d376ac444679bd53ae112254b23ac6]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (to this file while the application is runninpplication exits.
*
), Remplacé,[06a30a18d0ba251133ce211251b514ec]
Secteurs physiques: 0
(Aucun élément malicieux detecté)
(end)
Malwarebytes Anti-Malware
www.malwarebytes.org
Date de l'examen: 24/03/2015
Heure de l'examen: 14:51:12
Fichier journal:
Administrateur: Oui
Version: 2.00.4.1028
Base de données Malveillants: v2015.03.24.04
Base de données Rootkits: v2015.02.25.01
Licence: Essai
Protection contre les malveillants: Activé(e)
Protection contre les sites Web malveillants: Activé(e)
Auto-protection: Désactivé(e)
Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Lucas
Type d'examen: Examen "Menaces"
Résultat: Terminé
Objets analysés: 414461
Temps écoulé: 32 min, 35 sec
Mémoire: Activé(e)
Démarrage: Activé(e)
Système de fichiers: Activé(e)
Archives: Activé(e)
Rootkits: Activé(e)
Heuristique: Activé(e)
PUP: Avertir
PUM: Activé(e)
Processus: 0
(Aucun élément malicieux detecté)
Modules: 0
(Aucun élément malicieux detecté)
Clés du Registre: 0
(Aucun élément malicieux detecté)
Valeurs du Registre: 0
(Aucun élément malicieux detecté)
Données du Registre: 0
(Aucun élément malicieux detecté)
Dossiers: 0
(Aucun élément malicieux detecté)
Fichiers: 31
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.aflt", "wnzp_14_19_ff");), Remplacé,[2c7dc35f28625cda5ba6f93a39cdf10f]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (his file while the application is runninpplication exits.
*
- Toabout:config
- /), Remplacé,[63460220b2d8181e44bdd95ad6308a76]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (tion is runninpplication exits.
*
- Toabout:config
- /
user_pref("accessibility.typeaheadfind.flashBar", 0);
user_pref("app.update.lastUpdateTime.addon), Remplacé,[8e1b4cd6206a1125d72a10232dd954ac]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (ccessibility.typeaheadfind.flashBar", 0);
user_p), Remplacé,[36730121d5b55ed847baf043cd397e82]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (anges to this file while the application is runninppli), Remplacé,[a603ac761e6cac8aee13c56eca3c45bb]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: ( to this file while the application is runninppli), Remplacé,[c5e446dc117994a28e731b18f4124fb1]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (anges to this file while the application is runninpp), Remplacé,[d9d09d853e4cdf57e41dfd368e7801ff]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (es to this file while the application is runninppl), Remplacé,[f0b91c0606840c2af20f4fe4f31316ea]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (nges to this file while the application is runninpplication exits.
*
- Toabout:config
- /
user_pref("accessibility.typeaheadfind.flashBar", 0);
user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1426351145);
user_pref("app.update.lastUpdateTime.background-update-timer", 1426416963);
user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 1426349723);
user_pref("app1426420270);
user_pref("app.update.lastUpdateTime.experiments-update-timer", 1426416723);
user_pref("app.update.lastUpdateTime.search-engine-update-timer", 1426416843);
user_pref("app.update.migrated.updateDir", tru), Remplacé,[aefb01214743b68009f893a00bfb2ad6]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: ();
user_pref("app.update.migrated.updateDir", true)), Remplacé,[8d1cbd65d0ba2e08eb1646ed41c56e92]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (es to this file while the application is runninpplication exits.
*
- Toabout), Remplacé,[4168ef3327631c1a38c9f53e17effd03]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (plication is runninpplication exits.
*
- Toa), Remplacé,[04a5b270088296a02cd5e64da363e719]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (hanges to this file while the application is runninpplication exits.
*
- Toabout:config
- /
user_pref("accessibility.typeaheadfind.flashBar", 0);
user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1426351145);
), Remplacé,[c0e9041ed7b32e08a55c969d4bbba55b]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (me.addon-background-update-timer", 1426351145);
user_pref("), Remplacé,[f0b90c16b1d92412e61b88ab689eb44c]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (is file while the application is runninpplication exits), Remplacé,[3c6d56cc6d1d94a259a863d04fb7ab55]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (to this file while the application is runninpplica), Remplacé,[565390922a60df57f60b9a9933d3bd43]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (nges to this file while the application is runninpplication exits.
*
- Toabout:config
- /
user_pref("accessibility.typeaheadfind.flashBar", 0);
user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1426351145);
), Remplacé,[3f6a2ef445452c0a44bd03307294e719]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (Time.addon-background-update-timer", 1426351145);
user_pref("app.up), Remplacé,[812846dc2c5e9d9957aa0033957108f8]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (while the application is runninpplication exits.
*
- Toabout:config
- /
user_pref("accessibility.typeaheadfind.flashBar", 0);
user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1426351145);
user_pref("app.update), Remplacé,[57524fd3b6d470c6f70a72c1f41218e8]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (.addon-background-update-timer", 1426351145);
user_pref("app.update.lastUpdateTime.background-update-timer", 1426416963);
user_pref("app.update.lastUpdateTime.blocklist-background-upda), Remplacé,[6d3c5dc5d5b576c0e1201e15e91d1fe1]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (lashBar", 0);
user_pref("app.update.lastUpdateTime.addon-b), Remplacé,[b6f3dd45f49689ad6d94dd5633d331cf]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (his file while the application is runninpplication exits.
- ), Remplacé,[79300a182e5c072f6b96949f37cf09f7]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (s file while the application is runninpplication), Remplacé,[cadfdf432e5c46f0629f61d239cd3cc4]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (hanges to this file while the application is runninpplication e), Remplacé,[aaffb66cd3b7b77f07fa6bc8f1158878]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (file while the application is runninpplication exits), Remplacé,[fbae8a981b6f82b4c839ce6565a160a0]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (es to this file while the application is runninpplication exits.
*
- Toabout:config
- /
user_pref("accessibility.typeaheadfind.flashBar", 0);
user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1426351145);
user_pref(), Remplacé,[ecbdc45e1377fb3b11f062d1f80e0df3]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (n-background-update-timer", 1426351145);
user_pref("a), Remplacé,[2a7fec362664cc6ae8191a192dd9c43c]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: ( to this file while the application is runninpplication), Remplacé,[1a8f071b2268f73f4db473c0cc3a33cd]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (nges to this file while the application is runninppli), Remplacé,[575265bd4c3ee65069980f24a363f808]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (s to this file while the application is runninpplicatio), Remplacé,[d6d376ac444679bd53ae112254b23ac6]
PUP.Optional.MySearchDial.A, C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\prefs.js, Bon: (), Mauvais: (to this file while the application is runninpplication exits.
*
), Remplacé,[06a30a18d0ba251133ce211251b514ec]
Secteurs physiques: 0
(Aucun élément malicieux detecté)
(end)
Bonsoir,
Redémarre ton PC puis tiens moi au courant si tu as encore de soucis ! :-)
Bonne soirée
Redémarre ton PC puis tiens moi au courant si tu as encore de soucis ! :-)
Bonne soirée
Bonsoir,
ça m'a l'air plutôt pas mal du tout :))))) enfin :)
Je navigue actuellement sur IE mais j'aimerais revenir sur Firefox. Pour le moment quand je clique dessus ça me marque "couldn't load XPCOM" c'est que je dois le télécharger ? Je récupérerais mes favoris ?
J'ai une mise à jour Java à faire je le fais ?
Merci d'avance pour tes réponses et pour tout ce que tu as fais !! Sincèrement je ne pouvais pas tomber sur meilleur conseiller et réparateur je crois !!
ça m'a l'air plutôt pas mal du tout :))))) enfin :)
Je navigue actuellement sur IE mais j'aimerais revenir sur Firefox. Pour le moment quand je clique dessus ça me marque "couldn't load XPCOM" c'est que je dois le télécharger ? Je récupérerais mes favoris ?
J'ai une mise à jour Java à faire je le fais ?
Merci d'avance pour tes réponses et pour tout ce que tu as fais !! Sincèrement je ne pouvais pas tomber sur meilleur conseiller et réparateur je crois !!
On va essayer de régler Firefox!
Suivant l'ordre fais ceci stp :
1/
Tu vas enregistrer tes favoris comme expliqué ici : https://support.mozilla.org/fr/kb/exporter-marque-pages-firefox-fichier-html
2/
===> revo-uninstaller
3/
Tu peux importer tes favoris déjà enregistés en 1/
Bonne soirée
Suivant l'ordre fais ceci stp :
1/
Tu vas enregistrer tes favoris comme expliqué ici : https://support.mozilla.org/fr/kb/exporter-marque-pages-firefox-fichier-html
2/
- Désinstallez : Firefox en utilisant :
===> revo-uninstaller
- Télécharge Firefox <<<ici
- Enregistre le fichier téléchargé sur le bureau de ton PC
- Exécute ce fichier pour installation de la dernière version de Firefox
3/
Tu peux importer tes favoris déjà enregistés en 1/
Bonne soirée
Salut :)
Je n'avais pas vu que tu m'avais répondu :/
Le problème c'est que je ne peux plus ouvrir Firefox. Le message suivant apparait "couldn't load XPCOM"
Je viens de le réinstaller mais je n'ai plus mes favoris. Tant pis ;)
Un très grand merci pour tout !!
Je n'avais pas vu que tu m'avais répondu :/
Le problème c'est que je ne peux plus ouvrir Firefox. Le message suivant apparait "couldn't load XPCOM"
Je viens de le réinstaller mais je n'ai plus mes favoris. Tant pis ;)
Un très grand merci pour tout !!
Bonjour,
1/
- Télécharge SFTGC.exe : http://www.archive-host.com
- Enregistre le fichier sur le bureau.
- Ouvre SFTGC.exe et patiente durant l'initialisation du logiciel.
- Pour lancer le nettoyage, il suffit de cliquer sur Go.
- À la fin du nettoyage, un rapport (présent sur le bureau) va s'ouvrir. Pour le poster, héberge-le sur : malekal.com ou ci-joint.com
------------------
en cas de problème de téléchargement, désactivez temporairement ton antivirus ou utilisez le navigateur Internet explorer
2/
Pour finr :
Téléchargez Delfix sur ton bureau à partir l'un des deux liens :
https://toolslib.net/downloads/viewdownload/2-delfix/
ou
https://www.commentcamarche.net/telecharger/securite/7111-delfix/
Coche les cases suivantes :
[*] Réactive l'Uac (juste pour Vista, Seven et W8)
[*] Supprimer les outils de désinfection (coché par défaut)
[*] Purger la restauration système
Clique ensuite sur Exécuter puis patiente pendant le Télécharge processus de suppression.
Lorsque les procédures seront terminées, l'outil va se fermer et disparaître du bureau
Un rapport est sauvegardé dans le presse-papier : il te suffit de faire un clic droit et "coller" dans ta prochaine réponse pour me poster le rapport
le rapport est stocké à cet emplacement : C:\DelFix.txt
Attention : Le rapport est unique et est supprimé à chaque fois que l'on ré-exécute une ou plusieurs options de DelFix.
===========================================
Updatechecker :
Téléchage : updatechecker pour t'indiquer les logiciels qui ne sont pas à jour et te permet aussi d'effectuer ces mises à jour
Tu peux l'utiliser une fois par semaine
===========================================
Défragmentation :
Défragmente tes disques dur par : defraggler
Tu peux lutiliser une fois par trimestre
===========================================
Nettoyage des fichiers et des clés de registre
Télécharge et installe : CCleaner version Slim
Lance-le.(clic droit "en tant qu'administrateur" pour Vista et Seven) Va dans Options puis
Avancé et décoche la case Effacer uniquement les fichiers etc....
Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.
Ensuite, choisis Registre, puis Chercher des erreurs. Une fois terminé, répare toutes les erreurs tant de fois qu il en trouve a l analyse .
Aide ici : https://www.malekal.com/tutoriel-ccleaner/
Tu peux utiliser Ccleaner une fois par semaine
===========================================
Conseils :
1/ Je te conseille d'utiliser le navigateur Firefox ou Google chrome et d'installer les modules : WOT pour t'indiquer les fichiers douteux et Adblock plus pour bloquer les publicités...
Firefox :
==> WOT : https://addons.mozilla.org/fr/firefox/addon/wot-safe-browsing-tool/
==> Adblock plus : https://addons.mozilla.org/fr/firefox/addon/adblock-plus/
Google chrome :
==> WOT : https://chrome.google.com/webstore/detail/wot-web-of-trust-website/bhmmomiinigofkjcapegjjndpbikblnp?hl=fr
==> Adblock plus : https://chrome.google.com/webstore/detail/adblock-plus/nbiebjbkiionlickgdcjohfonfifmlin?hl=fr
2/Tu peux garder Malwarebytes et l'utiliser une fois par semaine.
3/ Un peu de lecture :
Les dangers du Peer-To-Peer, Emule etc..
Comment Sécuriser son ordinateur...
Pourquoi et comment je me fais infecter
pourquoi maintenir son navigateur à jour
Bonne journée
1/
- Télécharge SFTGC.exe : http://www.archive-host.com
- Enregistre le fichier sur le bureau.
- Ouvre SFTGC.exe et patiente durant l'initialisation du logiciel.
- Pour lancer le nettoyage, il suffit de cliquer sur Go.
- À la fin du nettoyage, un rapport (présent sur le bureau) va s'ouvrir. Pour le poster, héberge-le sur : malekal.com ou ci-joint.com
------------------
en cas de problème de téléchargement, désactivez temporairement ton antivirus ou utilisez le navigateur Internet explorer
2/
Pour finr :
Téléchargez Delfix sur ton bureau à partir l'un des deux liens :
https://toolslib.net/downloads/viewdownload/2-delfix/
ou
https://www.commentcamarche.net/telecharger/securite/7111-delfix/
Coche les cases suivantes :
[*] Réactive l'Uac (juste pour Vista, Seven et W8)
[*] Supprimer les outils de désinfection (coché par défaut)
[*] Purger la restauration système
Clique ensuite sur Exécuter puis patiente pendant le Télécharge processus de suppression.
Lorsque les procédures seront terminées, l'outil va se fermer et disparaître du bureau
Un rapport est sauvegardé dans le presse-papier : il te suffit de faire un clic droit et "coller" dans ta prochaine réponse pour me poster le rapport
le rapport est stocké à cet emplacement : C:\DelFix.txt
Attention : Le rapport est unique et est supprimé à chaque fois que l'on ré-exécute une ou plusieurs options de DelFix.
===========================================
Updatechecker :
Téléchage : updatechecker pour t'indiquer les logiciels qui ne sont pas à jour et te permet aussi d'effectuer ces mises à jour
Tu peux l'utiliser une fois par semaine
===========================================
Défragmentation :
Défragmente tes disques dur par : defraggler
Tu peux lutiliser une fois par trimestre
===========================================
Nettoyage des fichiers et des clés de registre
Télécharge et installe : CCleaner version Slim
Lance-le.(clic droit "en tant qu'administrateur" pour Vista et Seven) Va dans Options puis
Avancé et décoche la case Effacer uniquement les fichiers etc....
Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.
Ensuite, choisis Registre, puis Chercher des erreurs. Une fois terminé, répare toutes les erreurs tant de fois qu il en trouve a l analyse .
Aide ici : https://www.malekal.com/tutoriel-ccleaner/
Tu peux utiliser Ccleaner une fois par semaine
===========================================
Conseils :
1/ Je te conseille d'utiliser le navigateur Firefox ou Google chrome et d'installer les modules : WOT pour t'indiquer les fichiers douteux et Adblock plus pour bloquer les publicités...
Firefox :
==> WOT : https://addons.mozilla.org/fr/firefox/addon/wot-safe-browsing-tool/
==> Adblock plus : https://addons.mozilla.org/fr/firefox/addon/adblock-plus/
Google chrome :
==> WOT : https://chrome.google.com/webstore/detail/wot-web-of-trust-website/bhmmomiinigofkjcapegjjndpbikblnp?hl=fr
==> Adblock plus : https://chrome.google.com/webstore/detail/adblock-plus/nbiebjbkiionlickgdcjohfonfifmlin?hl=fr
2/Tu peux garder Malwarebytes et l'utiliser une fois par semaine.
3/ Un peu de lecture :
Les dangers du Peer-To-Peer, Emule etc..
Comment Sécuriser son ordinateur...
Pourquoi et comment je me fais infecter
pourquoi maintenir son navigateur à jour
Bonne journée
Et celui de delfix :
# DelFix v10.9 - Rapport créé le 30/03/2015 à 17:56:12
# Mis à jour le 27/02/2015 par Xplode
# Nom d'utilisateur : Lucas - LUCAS-HP
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
~ Activation de l'UAC ... OK
~ Suppression des outils de désinfection ...
Supprimé : C:\Qoobox
Supprimé : C:\_OTL
Supprimé : C:\FRST
Supprimé : C:\AdwCleaner
Supprimé : C:\ComboFix.txt
Supprimé : C:\Users\Lucas\Desktop\Addition.txt
Supprimé : C:\Users\Lucas\Desktop\AdwCleaner[S2].txt
Supprimé : C:\Users\Lucas\Desktop\ComboFix.exe
Supprimé : C:\Users\Lucas\Desktop\Extras.Txt
Supprimé : C:\Users\Lucas\Desktop\Fixlog.txt
Supprimé : C:\Users\Lucas\Desktop\FRST.txt
Supprimé : C:\Users\Lucas\Desktop\FRST64.exe
Supprimé : C:\Users\Lucas\Desktop\OTL rapport 2.txt
Supprimé : C:\Users\Lucas\Desktop\OTL.Txt
Supprimé : C:\Users\Lucas\Desktop\OTL.exe
Supprimé : C:\Users\Lucas\Desktop\ZHPCleaner rapport.txt
Supprimé : C:\Users\Lucas\Desktop\ZHPCleaner.lnk
Supprimé : C:\Users\Lucas\Desktop\ZHPCleaner.txt
Supprimé : C:\Users\Lucas\Downloads\Addition.txt
Supprimé : C:\Users\Lucas\Downloads\FRST.txt
Supprimé : C:\Users\Lucas\Downloads\ZHPCleaner.exe
Supprimé : C:\Windows\grep.exe
Supprimé : C:\Windows\PEV.exe
Supprimé : C:\Windows\NIRCMD.exe
Supprimé : C:\Windows\MBR.exe
Supprimé : C:\Windows\SED.exe
Supprimé : C:\Windows\SWREG.exe
Supprimé : C:\Windows\SWSC.exe
Supprimé : C:\Windows\SWXCACLS.exe
Supprimé : C:\Windows\Zip.exe
Supprimée : HKLM\SOFTWARE\OldTimer Tools
Supprimée : HKLM\SOFTWARE\AdwCleaner
Supprimée : HKLM\SOFTWARE\Swearware
Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe
~ Purge de la restauration système ...
Supprimé : RP #305 [Windows Update | 03/11/2015 23:01:30]
Supprimé : RP #306 [Windows Update | 03/13/2015 15:58:40]
Supprimé : RP #307 [Installed iTunes | 03/14/2015 12:00:09]
Supprimé : RP #308 [Removed HTC Sync Manager. | 03/14/2015 13:19:45]
Supprimé : RP #309 [Windows Update | 03/14/2015 16:25:06]
Supprimé : RP #310 [Removed Validity WBF DDK | 03/15/2015 11:46:18]
Supprimé : RP #311 [Removed Software Updater | 03/15/2015 11:47:41]
Supprimé : RP #312 [Removed Apple Software Update | 03/15/2015 13:12:07]
Supprimé : RP #313 [avast! antivirus system restore point | 03/16/2015 20:01:29]
Supprimé : RP #314 [Windows Update | 03/18/2015 11:38:40]
Supprimé : RP #315 [Opération de restauration | 03/20/2015 17:08:35]
Supprimé : RP #316 [avast! antivirus system restore point | 03/20/2015 17:19:05]
Supprimé : RP #317 [Windows Update | 03/20/2015 17:25:03]
Supprimé : RP #318 [Opération de restauration | 03/20/2015 17:26:50]
Supprimé : RP #319 [Windows Update | 03/20/2015 17:57:38]
Supprimé : RP #320 [Opération de restauration | 03/20/2015 18:26:14]
Supprimé : RP #321 [avast! antivirus system restore point | 03/20/2015 18:37:53]
Supprimé : RP #322 [Windows Update | 03/20/2015 18:43:36]
Supprimé : RP #323 [avast! antivirus system restore point | 03/20/2015 19:08:55]
Supprimé : RP #324 [Windows Update | 03/20/2015 19:14:37]
Supprimé : RP #325 [ComboFix created restore point | 03/22/2015 14:20:42]
Supprimé : RP #327 [Restore Point Created by FRST | 03/23/2015 21:05:47]
Supprimé : RP #328 [Windows Update | 03/24/2015 13:06:41]
Supprimé : RP #329 [Windows Update | 03/28/2015 09:37:31]
Nouveau point de restauration créé !
########## - EOF - ##########
# DelFix v10.9 - Rapport créé le 30/03/2015 à 17:56:12
# Mis à jour le 27/02/2015 par Xplode
# Nom d'utilisateur : Lucas - LUCAS-HP
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
~ Activation de l'UAC ... OK
~ Suppression des outils de désinfection ...
Supprimé : C:\Qoobox
Supprimé : C:\_OTL
Supprimé : C:\FRST
Supprimé : C:\AdwCleaner
Supprimé : C:\ComboFix.txt
Supprimé : C:\Users\Lucas\Desktop\Addition.txt
Supprimé : C:\Users\Lucas\Desktop\AdwCleaner[S2].txt
Supprimé : C:\Users\Lucas\Desktop\ComboFix.exe
Supprimé : C:\Users\Lucas\Desktop\Extras.Txt
Supprimé : C:\Users\Lucas\Desktop\Fixlog.txt
Supprimé : C:\Users\Lucas\Desktop\FRST.txt
Supprimé : C:\Users\Lucas\Desktop\FRST64.exe
Supprimé : C:\Users\Lucas\Desktop\OTL rapport 2.txt
Supprimé : C:\Users\Lucas\Desktop\OTL.Txt
Supprimé : C:\Users\Lucas\Desktop\OTL.exe
Supprimé : C:\Users\Lucas\Desktop\ZHPCleaner rapport.txt
Supprimé : C:\Users\Lucas\Desktop\ZHPCleaner.lnk
Supprimé : C:\Users\Lucas\Desktop\ZHPCleaner.txt
Supprimé : C:\Users\Lucas\Downloads\Addition.txt
Supprimé : C:\Users\Lucas\Downloads\FRST.txt
Supprimé : C:\Users\Lucas\Downloads\ZHPCleaner.exe
Supprimé : C:\Windows\grep.exe
Supprimé : C:\Windows\PEV.exe
Supprimé : C:\Windows\NIRCMD.exe
Supprimé : C:\Windows\MBR.exe
Supprimé : C:\Windows\SED.exe
Supprimé : C:\Windows\SWREG.exe
Supprimé : C:\Windows\SWSC.exe
Supprimé : C:\Windows\SWXCACLS.exe
Supprimé : C:\Windows\Zip.exe
Supprimée : HKLM\SOFTWARE\OldTimer Tools
Supprimée : HKLM\SOFTWARE\AdwCleaner
Supprimée : HKLM\SOFTWARE\Swearware
Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe
~ Purge de la restauration système ...
Supprimé : RP #305 [Windows Update | 03/11/2015 23:01:30]
Supprimé : RP #306 [Windows Update | 03/13/2015 15:58:40]
Supprimé : RP #307 [Installed iTunes | 03/14/2015 12:00:09]
Supprimé : RP #308 [Removed HTC Sync Manager. | 03/14/2015 13:19:45]
Supprimé : RP #309 [Windows Update | 03/14/2015 16:25:06]
Supprimé : RP #310 [Removed Validity WBF DDK | 03/15/2015 11:46:18]
Supprimé : RP #311 [Removed Software Updater | 03/15/2015 11:47:41]
Supprimé : RP #312 [Removed Apple Software Update | 03/15/2015 13:12:07]
Supprimé : RP #313 [avast! antivirus system restore point | 03/16/2015 20:01:29]
Supprimé : RP #314 [Windows Update | 03/18/2015 11:38:40]
Supprimé : RP #315 [Opération de restauration | 03/20/2015 17:08:35]
Supprimé : RP #316 [avast! antivirus system restore point | 03/20/2015 17:19:05]
Supprimé : RP #317 [Windows Update | 03/20/2015 17:25:03]
Supprimé : RP #318 [Opération de restauration | 03/20/2015 17:26:50]
Supprimé : RP #319 [Windows Update | 03/20/2015 17:57:38]
Supprimé : RP #320 [Opération de restauration | 03/20/2015 18:26:14]
Supprimé : RP #321 [avast! antivirus system restore point | 03/20/2015 18:37:53]
Supprimé : RP #322 [Windows Update | 03/20/2015 18:43:36]
Supprimé : RP #323 [avast! antivirus system restore point | 03/20/2015 19:08:55]
Supprimé : RP #324 [Windows Update | 03/20/2015 19:14:37]
Supprimé : RP #325 [ComboFix created restore point | 03/22/2015 14:20:42]
Supprimé : RP #327 [Restore Point Created by FRST | 03/23/2015 21:05:47]
Supprimé : RP #328 [Windows Update | 03/24/2015 13:06:41]
Supprimé : RP #329 [Windows Update | 03/28/2015 09:37:31]
Nouveau point de restauration créé !
########## - EOF - ##########
# Mis à jour le 09/03/2015 par Xplode
# Base de données : 2015-03-15.1 [Serveur]
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (x64)
# Nom d'utilisateur : Lucas - LUCAS-HP
# Exécuté depuis : C:\Users\Lucas\Downloads\adwcleaner_4.112.exe
# Option : Nettoyer
[#] Service Supprimé : globalUpdate
[#] Service Supprimé : globalUpdatem
Service Supprimé : Websteroids
Service Supprimé : Wajam Web Enhancer
Service Supprimé : shopperz Updater
Service Supprimé : cherimoya
Service Supprimé : csrcc
Service Supprimé : 70F4EEDB-1367-4b4f-8247-3133551A7415
[#] Service Supprimé : qrnfd_1_10_0_9
Service Supprimé : BasementDuster
Dossier Supprimé : C:\ProgramData\Browser
Dossier Supprimé : C:\ProgramData\Websteroids
Dossier Supprimé : C:\ProgramData\WindowsMangerProtect
Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP
Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileParade bundle uninstaller
Dossier Supprimé : C:\Program Files (x86)\AnyProtectEx
Dossier Supprimé : C:\Program Files (x86)\globalUpdate
Dossier Supprimé : C:\Program Files (x86)\Mysearchdial
Dossier Supprimé : C:\Program Files (x86)\SearchProtect
Dossier Supprimé : C:\Program Files (x86)\sweetpacks bundle uninstaller
Dossier Supprimé : C:\Program Files (x86)\WSE_Vosteran
Dossier Supprimé : C:\Program Files (x86)\igs
Dossier Supprimé : C:\Program Files (x86)\QuickRef_1.10.0.9
Dossier Supprimé : C:\Program Files (x86)\ver5BlockAndSurf
Dossier Supprimé : C:\Program Files (x86)\gmsd_fr_315
Dossier Supprimé : C:\Program Files\shopperz
Dossier Supprimé : C:\Program Files\WajaWebEnhancer
Dossier Supprimé : C:\Users\Lucas\AppData\Local\DirectDownloader
Dossier Supprimé : C:\Users\Lucas\AppData\Local\Gameo
Dossier Supprimé : C:\Users\Lucas\AppData\Local\globalUpdate
Dossier Supprimé : C:\Users\Lucas\AppData\Local\SearchProtect
Dossier Supprimé : C:\Users\Lucas\AppData\Local\Websteroids
Dossier Supprimé : C:\Users\Lucas\AppData\Local\SmartWeb
Dossier Supprimé : C:\Users\Lucas\AppData\Local\Vosteran
Dossier Supprimé : C:\Users\Lucas\AppData\Local\Pro_PC_Cleaner
Dossier Supprimé : C:\Users\Lucas\AppData\Local\CleanerPro
Dossier Supprimé : C:\Users\Lucas\AppData\Local\gmsd_fr_315
Dossier Supprimé : C:\Users\Lucas\AppData\Roaming\0V1L2Z2Z1T1I1L1T
Dossier Supprimé : C:\Users\Lucas\AppData\Roaming\AnyProtectEx
Dossier Supprimé : C:\Users\Lucas\AppData\Roaming\ASP
Dossier Supprimé : C:\Users\Lucas\AppData\Roaming\Mysearchdial
Dossier Supprimé : C:\Users\Lucas\AppData\Roaming\Systweak
Dossier Supprimé : C:\Users\Lucas\AppData\Roaming\VOPackage
Dossier Supprimé : C:\Users\Lucas\AppData\Roaming\RHEng
Dossier Supprimé : C:\Users\Lucas\AppData\Roaming\WSE_Vosteran
Dossier Supprimé : C:\Users\Lucas\AppData\Roaming\omniboxes
Dossier Supprimé : C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
Dossier Supprimé : C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
Dossier Supprimé : C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam Web Enhancer
Dossier Supprimé : C:\Users\Lucas\Documents\Updater
Dossier Supprimé : C:\Users\Lucas\Documents\ProPCCleaner
Dossier Supprimé : C:\Users\Lucas\Documents\CleanerPro
Dossier Supprimé : C:\Users\UpdatusUser\AppData\Local\speed browser
Dossier Supprimé : C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\Extensions\ffxtlbr@mysearchdial.com
Dossier Supprimé : C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\Extensions\searchengine@gmail.com
Dossier Supprimé : C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo
Dossier Supprimé : C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Fichier Supprimé : C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\Extensions\info@webtosave.com.xpi
Fichier Supprimé : C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\Extensions\{de1be284-67f6-4b2b-90e0-b38fb4af2ae1}.xpi
Fichier Supprimé : C:\Windows\patsearch.bin
Fichier Supprimé : C:\Windows\System32\log\iSafeKrnlCall.log
Fichier Supprimé : C:\Windows\System32\roboot64.exe
Fichier Supprimé : C:\Windows\System32\drivers\cherimoya.sys
Fichier Supprimé : C:\Windows\System32\Drivers\qrnfd_1_10_0_9.sys
Fichier Supprimé : C:\Users\Lucas\daemonprocess.txt
Fichier Supprimé : C:\Users\Lucas\AppData\Local\mysearchdial-speeddial.crx
Fichier Supprimé : C:\Users\Lucas\AppData\Roaming\Bubble Dock.boostrap.log
Fichier Supprimé : C:\Users\Lucas\AppData\Roaming\Bubble Dock.installation.log
Fichier Supprimé : C:\Users\Lucas\Desktop\AnyProtect.lnk
Fichier Supprimé : C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\searchplugins\Mysearchdial.xml
Fichier Supprimé : C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\searchplugins\search.xml
Fichier Supprimé : C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\user.js
Fichier Supprimé : C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\yj14nruh.default-1393767299553\searchplugins\Vosteran.xml
Fichier Supprimé : C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx
Fichier Supprimé : C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage
Tâche Supprimée : AmiUpdXp
Tâche Supprimée : APSnotifierPP1
Tâche Supprimée : APSnotifierPP2
Tâche Supprimée : APSnotifierPP3
Tâche Supprimée : bench-sys
Tâche Supprimée : BoxSoftwareUpdate
Tâche Supprimée : Browser Manager
Tâche Supprimée : DealPlyUpdate
Tâche Supprimée : globalUpdateUpdateTaskMachineCore
Tâche Supprimée : globalUpdateUpdateTaskMachineUA
Tâche Supprimée : MySearchDial
Tâche Supprimée : SoftwareUpdateTaskMachineCore
Tâche Supprimée : SoftwareUpdateTaskMachineUA
Tâche Supprimée : UpdaterEX
Tâche Supprimée : RunAsStdUser Task
Tâche Supprimée : SmartWeb Upgrade Trigger Task
Tâche Supprimée : ProPCCleaner_Start
Tâche Supprimée : ProPCCleaner_Popup
Tâche Supprimée : gameo_update
Tâche Supprimée : CleanerPro_Start
Tâche Supprimée : gtaUpt
Tâche Supprimée : bench-S-1-5-21-2400914848-400651550-2087204018-1002
Valeur Supprimée : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_start@gmail.com]
Valeur Supprimée : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [searchengine@gmail.com]
Valeur Supprimée : HKCU\Software\Mozilla\Firefox\Extensions [{FC29F4B6-D8F4-2578-3F0C-9F9CE6E4F0F4}]
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\kngjfmklipimnkegmcilmbhchklgjgfl
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo
Clé Supprimée : HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Clé Supprimée : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\mmifolfpllfdhilecpdpmemhelmanajl
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\hfikdpojhgckaejifppccjeedkjcndpp
Clé Supprimée : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Clé Supprimée : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc
Clé Supprimée : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc.1
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore
Clé Supprimée : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore.1
Clé Supprimée : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd
Clé Supprimée : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd.1
Clé Supprimée : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr
Clé Supprimée : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr.1
Clé Supprimée : HKLM\SOFTWARE\Classes\Software.OneClickCtrl.9
Clé Supprimée : HKLM\SOFTWARE\Classes\Software.OneClickProcessLauncherMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\Software.OneClickProcessLauncherMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\Software.Update3WebControl.3
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoCreateAsync
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoCreateAsync.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreMachineClass
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreMachineClass.1
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CredentialDialogMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CredentialDialogMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachineFallback
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachineFallback.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.ProcessLauncher
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.ProcessLauncher.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3WebMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3WebMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3WebMachineFallback
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3WebMachineFallback.1.0
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.bench.nmhost
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [BService]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Wd]
Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Clé Supprimée : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Clé Supprimée : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginService
Clé Supprimée : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
Clé Supprimée : HKCU\Software\Mozilla\Extends
Clé Supprimée : HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipper
Clé Supprimée : HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZipper
Clé Supprimée : HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [WinCheck]
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{08230486-CBAF-4000-8036-447C3852D034}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{13809C03-DE3B-47E5-96A3-2D8F83693A50}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3B96B5D3-4A8D-42DC-9CDE-E9B94B3CFE5D}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3D976BD4-0B6A-4757-9D2B-65AA20F4B4EA}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{413002E0-930D-4EF9-9803-FC4B3EA4181E}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{76894207-241A-473B-B111-FAA75608F1D9}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{7A7C8DA9-8660-460D-849F-01619B91C03F}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{ACCC747B-2A59-4F30-BA7C-D26333DE65F5}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AE2506E3-0F75-44EE-B552-CFF3BFF4D50F}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{B6CD3C31-ABF4-4C7A-8CB7-29960BC7017C}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C24C3824-63D8-42CD-BB5A-77631072FDB2}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{EB41B92A-3A76-4237-9E6B-A5DDC2EAA771}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{F9A8326E-9C90-4BF2-ACC7-D0883D16AA82}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{BE496A80-8F51-461F-B3D7-88A258A60541}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{45FE7DE3-60B5-7692-4294-A09C8F75D7B2}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{FBC322D5-407E-4854-8C0B-555B951FD8E3}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45FE7DE3-60B5-7692-4294-A09C8F75D7B2}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{45FE7DE3-60B5-7692-4294-A09C8F75D7B2}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{45FE7DE3-60B5-7692-4294-A09C8F75D7B2}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3B96B5D3-4A8D-42DC-9CDE-E9B94B3CFE5D}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ACCC747B-2A59-4F30-BA7C-D26333DE65F5}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3B96B5D3-4A8D-42DC-9CDE-E9B94B3CFE5D}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D976BD4-0B6A-4757-9D2B-65AA20F4B4EA}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ACCC747B-2A59-4F30-BA7C-D26333DE65F5}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3004627E-F8E9-4E8B-909D-316753CBA923}]
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{BE496A80-8F51-461F-B3D7-88A258A60541}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{45FE7DE3-60B5-7692-4294-A09C8F75D7B2}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45FE7DE3-60B5-7692-4294-A09C8F75D7B2}
Clé Supprimée : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Clé Supprimée : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6656C275-0555-4EA2-A7C3-85BF9A4C221D}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}
Clé Supprimée : HKCU\Software\AnyProtect
Clé Supprimée : HKCU\Software\Conduit
Clé Supprimée : HKCU\Software\FindRight
Clé Supprimée : HKCU\Software\GlobalUpdate
Clé Supprimée : HKCU\Software\IM
Clé Supprimée : HKCU\Software\InstallCore
Clé Supprimée : HKCU\Software\InstalledBrowserExtensions
Clé Supprimée : HKCU\Software\mysearchdial
Clé Supprimée : HKCU\Software\mysearchdial.com
Clé Supprimée : HKCU\Software\SweetIM
Clé Supprimée : HKCU\Software\systweak
Clé Supprimée : HKCU\Software\Tutorials
Clé Supprimée : HKCU\Software\TutoTag
Clé Supprimée : HKCU\Software\Vosteran Browser
Clé Supprimée : HKCU\Software\WSE_Vosteran
Clé Supprimée : HKCU\Software\gameo
Clé Supprimée : HKCU\Software\WajIEnhance
Clé Supprimée : HKCU\Software\ProPCCleanerLanguage
Clé Supprimée : HKCU\Software\ProPCCleanerConfig
Clé Supprimée : HKCU\Software\Condut
Clé Supprimée : HKCU\Software\AppDataLow\Software\BlockAndSurf
Clé Supprimée : HKCU\Software\AppDataLow\Software\Crossrider
Clé Supprimée : HKCU\Software\AppDataLow\Software\DynConIE
Clé Supprimée : HKLM\SOFTWARE\Discount Dragon
Clé Supprimée : HKLM\SOFTWARE\FindRight
Clé Supprimée : HKLM\SOFTWARE\GlobalUpdate
Clé Supprimée : HKLM\SOFTWARE\InstallCore
Clé Supprimée : HKLM\SOFTWARE\InstalledBrowserExtensions
Clé Supprimée : HKLM\SOFTWARE\MediaPlayerV1
Clé Supprimée : HKLM\SOFTWARE\MediaViewerV1
Clé Supprimée : HKLM\SOFTWARE\MediaViewV1
Clé Supprimée : HKLM\SOFTWARE\SearchProtect
Clé Supprimée : HKLM\SOFTWARE\SweetIM
Clé Supprimée : HKLM\SOFTWARE\systweak
Clé Supprimée : HKLM\SOFTWARE\Tutorials
Clé Supprimée : HKLM\SOFTWARE\Wajam Web Enhancer
Clé Supprimée : HKLM\SOFTWARE\Webexp Enhanced
Clé Supprimée : HKLM\SOFTWARE\WebexpEnhancedV1
Clé Supprimée : HKLM\SOFTWARE\GAMESDESKTOP
Clé Supprimée : HKLM\SOFTWARE\Video Player
Clé Supprimée : HKLM\SOFTWARE\VideoPlayerV3
Clé Supprimée : HKLM\SOFTWARE\shopperz
Clé Supprimée : HKLM\SOFTWARE\Pro PC Cleaner
Clé Supprimée : HKLM\SOFTWARE\Better-Surf
Clé Supprimée : HKLM\SOFTWARE\IGS
Clé Supprimée : HKLM\SOFTWARE\omniboxesSoftware
Clé Supprimée : HKLM\SOFTWARE\QuickRef_1.10.0.9
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AnyProtect
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileParade bundle uninstaller
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Websteroids
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ConvertAd
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam Web Enhancer
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WSE_Vosteran
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Webexp Enhanced
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video Player
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\wincheck
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\igsc
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IGS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\omniboxes uninstall
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuickRef_1.10.0.9
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BA7A8C51-54E2-C3D4-B8B7-B56EAB1C003A
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\gmsd_fr_315_is1
Clé Supprimée : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Clé Supprimée : [x64] HKLM\SOFTWARE\Wajam Web Enhancer
Clé Supprimée : [x64] HKLM\SOFTWARE\shopperz
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FindRight
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5081D2D4-1637-404c-B74F-50526718257D}_is1
Donnée Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - _C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\SPVC32~1.DLL
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38D5CDD0A851B3940A43CC50ABBA251C
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AAC05EAA51DC78A41A1DCE3B31038584
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F2E0D3DD9E5E4B74CA43BCE77815E287
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\237AA359BFA99C94484AF769ACA080AD
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DF42B2AC01EE9B240B94AA0862E8E712
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SoftwareUpdate.exe
Donnée Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
-\\ Internet Explorer v11.0.9600.17689
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
-\\ Mozilla Firefox v18.0 (fr)
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("browser.search.hiddenOneOffs", "Bing,eBay France,Portail Lexical - CNRTL,DuckDuckGo,Vosteran,omniboxes");
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("browser.search.order.1", "Mysearchdial");
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.ab8b24adfa10849babecf5bfb678b44471a3cb7cb954cd1b599b05acom71385.71385.internaldb.__ICM_LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.co.uk%22%2C[...]
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.ab8b24adfa10849babecf5bfb678b44471a3cb7cb954cd1b599b05acom71385.71385.internaldb.__ICM_LITE__fifty_test_rules.value", "%7B%22DE%22%3A%7B%22ALL%22%3A%5B%22anastasiadate.com%22%2C%[...]
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.ab8b24adfa10849babecf5bfb678b44471a3cb7cb954cd1b599b05acom71385.71385.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%2[...]
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.crossrider.bic", "14c1842fcf46823d47538c65bf36d590");
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.irmysearch.aflt", "wnzp_14_19_ff");
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1Qzu0CtDtCzzzzyD0FzytByDyC0B0EtDyBtAtN0D0Tzu0SzzyDyBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R");
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.irmysearch.cr", "1734524434");
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.irmysearch.instlRef", "");
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.mysearchdial.AL", 2);
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.mysearchdial.aflt", "wnzp_14_19_ff");
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1Qzu0CtDtCzzzzyD0FzytByDyC0B0EtDyBtAtN0D0Tzu0SzzyDyBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R");
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.mysearchdial.cntry", "FR");
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.mysearchdial.cr", "1734524434");
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.mysearchdial.dfltLng", "");
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.mysearchdial.dfltSrch", true);
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.mysearchdial.dnsErr", true);
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.mysearchdial.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497,426401714,3046281807,752626116,1657571787,3224935090,2597085128,18285[...]
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.mysearchdial.excTlbr", false);
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.mysearchdial.hdrMd5", "CB89B2B1A24301442819635C704142AE");
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.mysearchdial.hmpg", true);
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=wnzp_14_19_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyD0FzytByDyC0B0EtDyBtAtN0D0Tzu0SzzyDyBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1C[...]
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.mysearchdial.id", "C01885F9256BE073");
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.mysearchdial.instlDay", "16196");
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.mysearchdial.instlRef", "");
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.mysearchdial.lastB", "hxxp://start.mysearchdial.com/?f=1&a=wnzp_14_19_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyD0FzytByDyC0B0EtDyBtAtN0D0Tzu0SzzyDyBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1Czu[...]
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.mysearchdial.lastVrsnTs", "1.8.21.018:55:56");
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=wnzp_14_19_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyD0FzytByDyC0B0EtDyBtAtN0D0Tzu0SzzyDyBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L[...]
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.mysearchdial.pnu_base", "{\"newVrsn\":\"96\",\"lastVrsn\":\"96\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"false\",\"msgTs\":0,\"lstMsgTs\":\"0\"}");
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.mysearchdial.sg", "none");
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.mysearchdial.tlbrId", "base");
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=wnzp_14_19_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyD0FzytByDyC0B0EtDyBtAtN0D0Tzu0SzzyDyBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN[...]
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.mysearchdial.vrsn", "1.8.21.0");
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.mysearchdial.vrsni", "1.8.21.0");
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.mysearchdial_i.hmpg", true);
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.mysearchdial_i.newTab", false);
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.mysearchdial_i.smplGrp", "none");
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.21.018:55:56");
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.srchvstrn.hmpgUrl", "hxxp://Vosteran.com/?f=1&a=vst_tele_14_46_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyD0FzytByDyC0B0EtDyBtAtN0D0Tzu0CtCtDyDtCtN1L2XzutAtFyCtFtBtFtDtN1L1CzutCyEtBzytDyD1[...]
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.srchvstrn.newTabUrl", "hxxp://Vosteran.com/?f=2&a=vst_tele_14_46_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyD0FzytByDyC0B0EtDyBtAtN0D0Tzu0CtCtDyDtCtN1L2XzutAtFyCtFtBtFtDtN1L1CzutCyEtBzytDy[...]
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.srchvstrn.prtnrId", "WSE_Vosteran");
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.srchvstrn.srchPrvdr", "Vosteran");
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.srchvstrn.tlbrSrchUrl", "hxxp://Vosteran.com/?f=3&a=vst_tele_14_46_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyD0FzytByDyC0B0EtDyBtAtN0D0Tzu0CtCtDyDtCtN1L2XzutAtFyCtFtBtFtDtN1L1CzutCyEtBzyt[...]
[yj14nruh.default-1393767299553\prefs.js] - Ligne Supprimée : user_pref("extensions.xpiState", "{\"app-profile\":{\"b8b24adfa10849babecf5bfb678b44@471a3cb7cb954cd1b599b05a.com\":{\"d\":\"C:\\\\Users\\\\Lucas\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profile[...]
-\\ Google Chrome v41.0.2272.89
[C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Supprimée [Search Provider] : hxxp://www.nationzoom.com/web/?type=ds&ts=1389520243&from=tugs&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S&q={searchTerms}
[C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Supprimée [Search Provider] : hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=TOSHIBAXMK1059GSMP_12G5F2D9SXX12G5F2D9S&ts=1393460777&type=default&q={searchTerms}
[C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Supprimée [Search Provider] : hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3323737&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=58&CUI=&UM=5&UP=SP19CF1EE6-0685-41E9-AA1B-EE0AF71418C8&q={searchTerms}&SSPV=
[C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Supprimée [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=wnzp_14_19_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyD0FzytByDyC0B0EtDyBtAtN0D0Tzu0SzzyDyBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1734524434&ir=
AdwCleaner[R0].txt - [70675 octets] - [02/03/2014 11:22:19]
AdwCleaner[R1].txt - [1366 octets] - [02/03/2014 11:29:02]
AdwCleaner[R2].txt - [1237 octets] - [02/03/2014 14:25:18]
AdwCleaner[R3].txt - [52929 octets] - [18/03/2015 23:33:02]
AdwCleaner[S0].txt - [63640 octets] - [02/03/2014 11:23:46]
AdwCleaner[S1].txt - [1430 octets] - [02/03/2014 11:32:29]
AdwCleaner[S2].txt - [1300 octets] - [02/03/2014 14:25:58]
AdwCleaner[S3].txt - [51090 octets] - [18/03/2015 23:35:32]
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [51151 octets] ##########
Merci beaucoup pour ta réponse. Voici le rapport Adwcleaner. Je m'occupe de la 2e étape.
Il manque alors le rapport de ZHPCleaner! :-)
@+
J'ai le rapport zhpcleaner. Mon problème maintenant c'est que Firefox ne trouve plus rien "adresse introuvable". J'ai eu une mise à jour avast qui a duré toute la nuit et je suppose que ça vient de là. J'ai désactiver les pare-feu, et réactiver Firefox mais rien ne change. Aurais-tu une idée ?
A nouveau merci
* Internet Explorer : modules complémentaires / moteurs de recherche : https://forum.malekal.com/viewtopic.php?t=41399&start=
* Firefox : https://www.malekal.com/reparer-firefox/?t=36057&start=
* Google Chrome : https://www.malekal.com/reparer-google-chrome/?t=35837&start=