Virus?
MadeByGod
Messages postés
111
Date d'inscription
Statut
Membre
Dernière intervention
-
artaban7 Messages postés 2204 Date d'inscription Statut Membre Dernière intervention -
artaban7 Messages postés 2204 Date d'inscription Statut Membre Dernière intervention -
Bonjour,
j'ai un soucis : quand je lance mon ordinateur en mode normal, l'écran se met à afficher de manière très floue, puis les commandes ne répondent plus. alors qu'en mode sans échec, aucun soucis. peut on faire un diagnostic rapide de mon problème?
Merci d'avance
j'ai un soucis : quand je lance mon ordinateur en mode normal, l'écran se met à afficher de manière très floue, puis les commandes ne répondent plus. alors qu'en mode sans échec, aucun soucis. peut on faire un diagnostic rapide de mon problème?
Merci d'avance
A voir également:
- Virus?
- Virus mcafee - Accueil - Piratage
- Virus facebook demande d'amis - Accueil - Facebook
- Undisclosed-recipients virus - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Altruistic virus ✓ - Forum Antivirus
2 réponses
Bonjour ,
Rapide n'est pas compatible avec ce type d'opération, par contre tu peux déjà faire ce nettoyage en mode sans échec avec prise en charge du réseau pour avoir une idée de ce qui peut trainer sur ton ordi ....
1)ZHP cleaner sur ce lien : https://nicolascoolman.eu
Faits un scan et un nettoyage ....
2) ADWcleaner , ici : https://nicolascoolman.eu
Là aussi scan et nettoyage et bien sur redémarrage.
tu peux également fournir les rapports , stp?
Rapide n'est pas compatible avec ce type d'opération, par contre tu peux déjà faire ce nettoyage en mode sans échec avec prise en charge du réseau pour avoir une idée de ce qui peut trainer sur ton ordi ....
1)ZHP cleaner sur ce lien : https://nicolascoolman.eu
Faits un scan et un nettoyage ....
2) ADWcleaner , ici : https://nicolascoolman.eu
Là aussi scan et nettoyage et bien sur redémarrage.
tu peux également fournir les rapports , stp?
~ ZHPCleaner v2015.7.14.296 by Nicolas Coolman (2015/07/14)
~ Run by Matthieu (Administrator) (14/07/2015 16:14:18)
~ Site : https://nicolascoolman.eu
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Scanner
~ Report : C:\Users\Matthieu\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Matthieu\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Sans échec avec prise en charge du réseau (Fail-safe with network boot)
~ Windows VISTA, 32-bit Service Pack 3 (Build 6000)
---\\ Service. (2)
[S] TROUVÉ : tStLib (PUP.Optional.LinkiDoo)
[S] TROUVÉ : PirritUpdater (PUP.Optional.Pirrit)
---\\ Navigateur internet. (36)
TROUVÉ: [jm642d9g.default] - user_pref("browser.search.defaultenginename", "webssearches"); (PUP.Optional.WebsSearches)
TROUVÉ: [jm642d9g.default] - user_pref("browser.search.order.1", "Mysearchdial"); (PUP.Optional.MySearchDial)
TROUVÉ: [jm642d9g.default] - user_pref("extensions.enabledItems", "{8eaa2500-4118-4c33-9927-988702ba63bd}:1.4,FFToolbar@bitdefend[...] (PUP.Optional.FFToolBar)
TROUVÉ: [jm642d9g.default] - user_pref("extensions.irmysearch.aflt", "dsites_14_12_ch"); (PUP.Optional.MyWebSearch)
TROUVÉ: [jm642d9g.default] - user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzutDtDtC0EzytDtD0F0C0FyDtDyBzztCzztN0D0Tzu0Czzt[...] (PUP.Optional.MyWebSearch)
TROUVÉ: [jm642d9g.default] - user_pref("extensions.irmysearch.cr", "995467403"); (PUP.Optional.MyWebSearch)
TROUVÉ: [jm642d9g.default] - user_pref("extensions.irmysearch.instlRef", "140305_a"); (PUP.Optional.MyWebSearch)
TROUVÉ: [jm642d9g.default] - user_pref("smartbar.machineId", "JPJ7OTPZUU1QXCS4IZ5MJVQNKTIKBH30U8SRSKUHUHRB8YGB69Q/YLRAKK8IOJY5T1L[...] (PUP.Optional.SmartBar)
TROUVÉ fichier: C:\Users\Matthieu\AppData\Roaming\Mozilla\Firefox\Profiles\jm642d9g.default\bProtector_extensions.rdf (PUP.Optional.BProtector) [04B666C0C71D4369464BB65F2572FC1E]
TROUVÉ Chrome Secure Preferences: "hxxp://istart.webssearches.com/?type=hppp&ts=1399312650&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229" (PUP.Optional.IsStart)
TROUVÉ Chrome Secure Preferences: "hxxp://istart.webssearches.com/?type=hppp&ts=1399313336&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229" (PUP.Optional.IsStart)
TROUVÉ Chrome Secure Preferences: "hxxp://istart.webssearches.com/?type=hppp&ts=1399453162&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229" (PUP.Optional.IsStart)
TROUVÉ Chrome Secure Preferences: "hxxp://istart.webssearches.com/?type=hppp&ts=1399656496&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229" (PUP.Optional.IsStart)
TROUVÉ Chrome Secure Preferences: "hxxp://istart.webssearches.com/?type=hppp&ts=1399710807&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229" (PUP.Optional.IsStart)
TROUVÉ Chrome Secure Preferences: "hxxp://istart.webssearches.com/?type=hppp&ts=1399795252&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229" (PUP.Optional.IsStart)
TROUVÉ Chrome Secure Preferences: "hxxp://istart.webssearches.com/?type=hppp&ts=1399922353&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229" (PUP.Optional.IsStart)
TROUVÉ Chrome Secure Preferences: "hxxp://istart.webssearches.com/?type=hppp&ts=1399986790&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229" (PUP.Optional.IsStart)
TROUVÉ Chrome Secure Preferences: "hxxp://istart.webssearches.com/?type=hppp&ts=1400399465&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229" (PUP.Optional.IsStart)
TROUVÉ Chrome Secure Preferences: "hxxp://istart.webssearches.com/?type=hppp&ts=1400575345&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229" (PUP.Optional.IsStart)
TROUVÉ Chrome Secure Preferences: "hxxp://istart.webssearches.com/?type=hppp&ts=1401014388&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229" (PUP.Optional.IsStart)
TROUVÉ Chrome Secure Preferences: "hxxp://istart.webssearches.com/?type=hppp&ts=1401020194&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229" (PUP.Optional.IsStart)
TROUVÉ Chrome Secure Preferences: "hxxp://istart.webssearches.com/?type=hppp&ts=1401020915&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229" (PUP.Optional.IsStart)
TROUVÉ Chrome Secure Preferences: "hxxp://istart.webssearches.com/?type=hppp&ts=1401124603&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229" (PUP.Optional.IsStart)
TROUVÉ Chrome Secure Preferences: "hxxp://istart.webssearches.com/?type=hppp&ts=1401363424&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229" (PUP.Optional.IsStart)
TROUVÉ Chrome Secure Preferences: "hxxp://istart.webssearches.com/?type=hppp&ts=1401642311&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229" (PUP.Optional.IsStart)
TROUVÉ Chrome Secure Preferences: "hxxp://istart.webssearches.com/?type=hppp&ts=1401735457&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229" (PUP.Optional.IsStart)
TROUVÉ donnée: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride [Bad : <local>] (PUP.Optional.Proxy)
TROUVÉ donnée: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer [Bad : http=http://127.0.0.1:9880] (PUP.Optional.Proxy)
TROUVÉ donnée: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable [Bad : 0] (PUP.Optional.Proxy)
TROUVÉ donnée: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings [Bad : Port=2F2F1272E02E02E13A9880070000003C6C6F6616C3E00000000020000000000000060BAF54F77C2C801000000000000000000000000050000001700000000000000FE800000000000002C0D27BD3F57FEEA0D00000000000000170000000000000020010000D5C7A2CA2C0D27BD3F57FEEA00000000000000001C000000000000000000000000000000000000000000000000000000000000001700000000000000FE800000000000002C44648AD44B023D08000000000000001700000000000000FE800000000000002C44648AD44B023D08000000000000001700000000000000FE8000000000000000005EFEC0A8011509000000000000001C000000000000000000000000000000000000000000000000000000000000001700000000000000FE800000000000002C0D27BD3F57FEEA0D000000000000001700000000000000FE8000000000000000005EFEC0A801150900000000000000170000000000000000000000000000000000FFFFC0A8011500000000000000001C000000000000000000000000000000000000000000000000000000000000005C00005C4A080B00069A4041892A10477006C0069006E006B002F000000100002000000C0A80115000000000000000000003F004C0069006E006B00490064003D0070060020070070000000C0000000A000000680074007400700000006400000074002E004F00004F5D080B00069A4041892A1046E006B002F003F004C0069006E006B00490064003D007006002007007000000060000002200170000000000000020010000D5C7A2CA2C0D27BD3F57FEEA000000006006F006D00000008000000120000002F00660077006C0069006E006B002F0000001000000004000000500000000A0000001C0000003F004C0069006E006B00490064003D0070060020070070000000C0000000A00000068007400740070000000] (PUP.Optional.Proxy)
TROUVÉ donnée: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings [Bad : Port=2F2F1272E02E02E13A9880070000003C6C6F6616C3E00000000020000000000000060BAF54F77C2C801000000000000000000000000050000001700000000000000FE800000000000002C0D27BD3F57FEEA0D00000000000000170000000000000020010000D5C7A2CA2C0D27BD3F57FEEA00000000000000001C000000000000000000000000000000000000000000000000000000000000001700000000000000FE800000000000002C44648AD44B023D08000000000000001700000000000000FE800000000000002C44648AD44B023D08000000000000001700000000000000FE8000000000000000005EFEC0A8011509000000000000001C000000000000000000000000000000000000000000000000000000000000001700000000000000FE800000000000002C0D27BD3F57FEEA0D000000000000001700000000000000FE8000000000000000005EFEC0A801150900000000000000170000000000000000000000000000000000FFFFC0A8011500000000000000001C000000000000000000000000000000000000000000000000000000000000005C00005C4A080B00069A4041892A10477006C0069006E006B002F000000100002000000C0A80115000000000000000000003F004C0069006E006B00490064003D0070060020070070000000C0000000A000000680074007400700000006400000074002E004F00004F5D080B00069A4041892A1046E006B002F003F004C0069006E006B00490064003D007006002007007000000060000002200170000000000000020010000D5C7A2CA2C0D27BD3F57FEEA000000006006F006D00000008000000120000002F00660077006C0069006E006B002F0000001000000004000000500000000A0000001C0000003F004C0069006E006B00490064003D0070060020070070000000C0000000A00000068007400740070000000] (PUP.Optional.Proxy)
TROUVÉ Desktop: C:\Users\Matthieu\Desktop\Google Chrome.lnk [Bad : http://www.webpageing.com/?type=sc&ts=1398019481&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229] (Hijacker.Browser)
TROUVÉ Quicklaunch: C:\Users\Matthieu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [Bad : http://www.webpageing.com/?type=sc&ts=1398019481&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229] (Hijacker.Browser)
TROUVÉ Quicklaunch: C:\Users\Matthieu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [Bad : http://www.webpageing.com/?type=sc&ts=1398019481&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229] (Hijacker.Browser)
TROUVÉ Quicklaunch: C:\Users\Matthieu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [Bad : http://www.webpageing.com/?type=sc&ts=1398019481&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229] (Hijacker.Browser)
TROUVÉ Desktop: C:\Users\Public\Desktop\Mozilla Firefox.lnk [Bad : http://www.webpageing.com/?type=sc&ts=1398019481&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229] (Hijacker.Browser)
---\\ Fichier hôte. (0)
~ Aucun élément malicieux trouvé.
---\\ Tâche planifiée. (4)
TROUVÉ tâche: [DSite] [C:\Windows\Tasks\DSite.job] (PUP.Optional.SimpleSearches)
TROUVÉ tâche: [Funmoods] [C:\Windows\Tasks\Funmoods.job] (PUP.Optional.Funmoods)
TROUVÉ tâche: [SpeedUpMyPC Maintenance] [C:\Windows\Tasks\SpeedUpMyPC Maintenance.job] (PUP.Optional.SpeedUpMyPC)
TROUVÉ tâche: [SpeedUpMyPC Startup] [C:\Windows\Tasks\SpeedUpMyPC Startup.job] (PUP.Optional.SpeedUpMyPC)
---\\ Explorateur ( Dossiers, Fichiers ). (43)
TROUVÉ fichier: C:\Windows\System32\drivers\tStLib.sys [StdLib - StdLib](PUP.Optional.LinkiDoo) [BB38EB5153924075CF2E0E2420D9A261]
TROUVÉ fichier: C:\Windows\Tasks\DSite.job (PUP.Optional.SimpleSearches) [CC1BCC6FB352BF22B6EFC8C4D45F52ED]
TROUVÉ fichier: C:\Windows\Tasks\Funmoods.job (PUP.Optional.Funmoods) [4563CBCC3899507688D937A2A01DD3CB]
TROUVÉ fichier: C:\Windows\Tasks\SpeedUpMyPC Maintenance.job (PUP.Optional.SpeedUpMyPC) [2A41859488E7140B2449E6BA74929BDC]
TROUVÉ fichier: C:\Windows\Tasks\SpeedUpMyPC Startup.job (PUP.Optional.SpeedUpMyPC) [295466EDB4BEEE2BAAB03A509DA9E965]
TROUVÉ fichier: C:\Program Files\Mozilla Firefox\searchplugins\StartWeb.xml (PUP.Optional.IMBooster) [ACB0C5E0CC572F7610DF61E3C0EA6170]
TROUVÉ fichier: C:\Program Files\Mozilla Firefox\searchplugins\webssearches.xml (PUP.Optional.WebsSearches) [1B7255CD76E30156823EBA687737ADD4]
TROUVÉ fichier: C:\END (PUP.Optional.Conduit) [A103FDF7348130EF3F3FEF56B1700A27]
TROUVÉ fichier: C:\Program Files\SupTab\DpInterface32.dll (PUP.Optional.SupTab) [FB244BC3CDAA63FF07CD08F812CB3FB5]
TROUVÉ dossier: C:\Program Files\PC Drivers HeadQuarters\Driver Detective (PUP.Optional)
TROUVÉ dossier: C:\Program Files\Pirrit\IEExtension (PUP.Optional.Pirrit)
TROUVÉ dossier: C:\Program Files\PC Drivers HeadQuarters (PUP.Optional)
TROUVÉ dossier: C:\Program Files\Pirrit (PUP.Optional.Pirrit)
TROUVÉ dossier: C:\Program Files\SupTab (PUP.Optional.SupTab)
TROUVÉ dossier: C:\ProgramData\WPM\log (PUP.Optional.WpManager)
TROUVÉ dossier: C:\ProgramData\WPM\update (PUP.Optional.WpManager)
TROUVÉ dossier: C:\ProgramData\3F21A466DC888F969D6449665E3887EF (PUP.Optional.CrossRider)
TROUVÉ dossier: C:\ProgramData\Babylon (PUP.Optional.Babylon)
TROUVÉ dossier: C:\ProgramData\Tarma Installer (PUP.Optional.Tarma)
TROUVÉ dossier: C:\ProgramData\WPM (PUP.Optional.WpManager)
TROUVÉ dossier: C:\ProgramData\PC Drivers HeadQuarters\Driver Detective (PUP.Optional)
TROUVÉ dossier: C:\ProgramData\PC Drivers HeadQuarters (PUP.Optional)
TROUVÉ fichier: C:\Users\Matthieu\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon) [587AE6C660F88790FD3224799A6686E2]
TROUVÉ fichier: C:\Users\Matthieu\AppData\Roaming\Pirrit\Config.json (PUP.Optional.Pirrit) [A3DAA096FD11C5EF9C755B04DFACD091]
TROUVÉ fichier: C:\Users\Matthieu\AppData\Roaming\Pirrit\Log.txt (PUP.Optional.Pirrit) [2C42C3A0D47A017AAC11B34DE8D60115]
TROUVÉ fichier: C:\Users\Matthieu\AppData\Roaming\Pirrit\Popups.json (PUP.Optional.Pirrit) [33ADBC606C602D11CFBFC9FE91A23D01]
TROUVÉ dossier: C:\Users\Matthieu\AppData\Roaming\0V1L2Z2Z1T1I1L1T\OpenOffice Packages (PUP.Optional.InstallCore)
TROUVÉ dossier: C:\Users\Matthieu\AppData\Roaming\1H1Q\Ultimate Codecs Packages (PUP.Optional.InstallCore)
TROUVÉ dossier: C:\Users\Matthieu\AppData\Roaming\DSite\UpdateProc (PUP.Optional.SimpleSearches)
TROUVÉ dossier: C:\Users\Matthieu\AppData\Roaming\Pirrit\Services (PUP.Optional.Pirrit)
TROUVÉ dossier: C:\Users\Matthieu\AppData\Roaming\0V1L2Z2Z1T1I1L1T (PUP.Optional.InstallCore)
TROUVÉ dossier: C:\Users\Matthieu\AppData\Roaming\1H1Q (PUP.Optional.InstallCore)
TROUVÉ dossier: C:\Users\Matthieu\AppData\Roaming\Babylon (PUP.Optional.Babylon)
TROUVÉ dossier: C:\Users\Matthieu\AppData\Roaming\DSite (PUP.Optional.SimpleSearches)
TROUVÉ dossier: C:\Users\Matthieu\AppData\Roaming\Pirrit (PUP.Optional.Pirrit)
TROUVÉ dossier: C:\Users\Matthieu\AppData\Roaming\SupTab (PUP.Optional.SupTab)
TROUVÉ dossier: C:\Users\Matthieu\AppData\Roaming\systweak (PUP.Optional.Systweak)
TROUVÉ dossier: C:\Users\Matthieu\AppData\LocalLow\mysearchdial\mysearchdial (PUP.Optional.MySearchDial)
TROUVÉ dossier: C:\Users\Matthieu\AppData\LocalLow\mysearchdial (PUP.Optional.MySearchDial)
TROUVÉ dossier: C:\Users\Matthieu\AppData\Local\WinRST (PUP.Optional.WinRST)
TROUVÉ dossier: C:\Users\Matthieu\AppData\LocalLow\Conduit (PUP.Optional.Conduit)
TROUVÉ dossier: C:\Users\Matthieu\AppData\Local\{2D929DB1-E359-49D5-BEF4-ECBC384733FE} (Empty)
TROUVÉ dossier: C:\Users\Matthieu\AppData\Local\{2DB95CC1-A6EE-4056-9BF2-422AF5C1ABB5} (Empty)
---\\ Base de Registres ( Clés, Valeurs, Données ). (13)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [http://www1.delta-search.com/?q={searchTerms}&affID=119357&tt=gc_&babsrc=SP_ss&mntrId=8892001E900FCF[...]] [Delta Search] (Toolbar.DeltaSearch)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1750559 [BS Player Customized Web Search] (PUP.Optional.Conduit)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} [http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites_14_12_ch&cd=2XzuyEtN2Y1L1Qzut[...]] [Mysearchdial] (PUP.Optional.MySearchDial)
TROUVÉ clé: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1750559 [BS Player Customized Web Search] (PUP.Optional.Conduit)
TROUVÉ clé: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} [http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites_14_12_ch&cd=2XzuyEtN2Y1L1Qzut[...]] [Mysearchdial] (PUP.Optional.MySearchDial)
TROUVÉ clé: HKLM\SOFTWARE\Classes\protector_dll.protectorbho [Google Toolbar Notifier BHO] (PUP.Optional.BProtector)
TROUVÉ clé: HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1 [Google Toolbar Notifier BHO] (PUP.Optional.BProtector)
TROUVÉ clé: HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0} [esrv] (PUP.Optional.MySearchDial)
TROUVÉ clé: HKLM\SOFTWARE\Classes\NMCoFoundation.NMCFEventManager [NMCFEventManager Class] (PUP.Optional.CrossRider)
TROUVÉ clé: HKLM\SOFTWARE\Classes\NMCoFoundation.NMCFEventManager.1 [NMCFEventManager Class] (PUP.Optional.CrossRider)
TROUVÉ clé: HKLM\SOFTWARE\Classes\Pirrit.PirritHelper [IEExtension.Extension] (PUP.Optional.Pirrit)
TROUVÉ clé: HKLM\SOFTWARE\Pirrit [] (PUP.Optional.Pirrit)
TROUVÉ clé: HKLM\SOFTWARE\RST [] (PUP.Optional.WinRST)
---\\ Bilan de la réparation
~ Aucune réparation effectuée.
~ Ce navigateur est absent (Opera Software)
---\\ Statistiques
~ Items scannés : 58902
~ Items trouvés : 124
~ Items annulés : 0
~ Items réparés : 0
End of clean at 16:24:55
===================
ZHPCleaner-[S]-14072015-16_24_55.txt
~ Run by Matthieu (Administrator) (14/07/2015 16:14:18)
~ Site : https://nicolascoolman.eu
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Scanner
~ Report : C:\Users\Matthieu\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Matthieu\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Sans échec avec prise en charge du réseau (Fail-safe with network boot)
~ Windows VISTA, 32-bit Service Pack 3 (Build 6000)
---\\ Service. (2)
[S] TROUVÉ : tStLib (PUP.Optional.LinkiDoo)
[S] TROUVÉ : PirritUpdater (PUP.Optional.Pirrit)
---\\ Navigateur internet. (36)
TROUVÉ: [jm642d9g.default] - user_pref("browser.search.defaultenginename", "webssearches"); (PUP.Optional.WebsSearches)
TROUVÉ: [jm642d9g.default] - user_pref("browser.search.order.1", "Mysearchdial"); (PUP.Optional.MySearchDial)
TROUVÉ: [jm642d9g.default] - user_pref("extensions.enabledItems", "{8eaa2500-4118-4c33-9927-988702ba63bd}:1.4,FFToolbar@bitdefend[...] (PUP.Optional.FFToolBar)
TROUVÉ: [jm642d9g.default] - user_pref("extensions.irmysearch.aflt", "dsites_14_12_ch"); (PUP.Optional.MyWebSearch)
TROUVÉ: [jm642d9g.default] - user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzutDtDtC0EzytDtD0F0C0FyDtDyBzztCzztN0D0Tzu0Czzt[...] (PUP.Optional.MyWebSearch)
TROUVÉ: [jm642d9g.default] - user_pref("extensions.irmysearch.cr", "995467403"); (PUP.Optional.MyWebSearch)
TROUVÉ: [jm642d9g.default] - user_pref("extensions.irmysearch.instlRef", "140305_a"); (PUP.Optional.MyWebSearch)
TROUVÉ: [jm642d9g.default] - user_pref("smartbar.machineId", "JPJ7OTPZUU1QXCS4IZ5MJVQNKTIKBH30U8SRSKUHUHRB8YGB69Q/YLRAKK8IOJY5T1L[...] (PUP.Optional.SmartBar)
TROUVÉ fichier: C:\Users\Matthieu\AppData\Roaming\Mozilla\Firefox\Profiles\jm642d9g.default\bProtector_extensions.rdf (PUP.Optional.BProtector) [04B666C0C71D4369464BB65F2572FC1E]
TROUVÉ Chrome Secure Preferences: "hxxp://istart.webssearches.com/?type=hppp&ts=1399312650&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229" (PUP.Optional.IsStart)
TROUVÉ Chrome Secure Preferences: "hxxp://istart.webssearches.com/?type=hppp&ts=1399313336&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229" (PUP.Optional.IsStart)
TROUVÉ Chrome Secure Preferences: "hxxp://istart.webssearches.com/?type=hppp&ts=1399453162&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229" (PUP.Optional.IsStart)
TROUVÉ Chrome Secure Preferences: "hxxp://istart.webssearches.com/?type=hppp&ts=1399656496&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229" (PUP.Optional.IsStart)
TROUVÉ Chrome Secure Preferences: "hxxp://istart.webssearches.com/?type=hppp&ts=1399710807&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229" (PUP.Optional.IsStart)
TROUVÉ Chrome Secure Preferences: "hxxp://istart.webssearches.com/?type=hppp&ts=1399795252&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229" (PUP.Optional.IsStart)
TROUVÉ Chrome Secure Preferences: "hxxp://istart.webssearches.com/?type=hppp&ts=1399922353&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229" (PUP.Optional.IsStart)
TROUVÉ Chrome Secure Preferences: "hxxp://istart.webssearches.com/?type=hppp&ts=1399986790&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229" (PUP.Optional.IsStart)
TROUVÉ Chrome Secure Preferences: "hxxp://istart.webssearches.com/?type=hppp&ts=1400399465&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229" (PUP.Optional.IsStart)
TROUVÉ Chrome Secure Preferences: "hxxp://istart.webssearches.com/?type=hppp&ts=1400575345&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229" (PUP.Optional.IsStart)
TROUVÉ Chrome Secure Preferences: "hxxp://istart.webssearches.com/?type=hppp&ts=1401014388&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229" (PUP.Optional.IsStart)
TROUVÉ Chrome Secure Preferences: "hxxp://istart.webssearches.com/?type=hppp&ts=1401020194&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229" (PUP.Optional.IsStart)
TROUVÉ Chrome Secure Preferences: "hxxp://istart.webssearches.com/?type=hppp&ts=1401020915&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229" (PUP.Optional.IsStart)
TROUVÉ Chrome Secure Preferences: "hxxp://istart.webssearches.com/?type=hppp&ts=1401124603&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229" (PUP.Optional.IsStart)
TROUVÉ Chrome Secure Preferences: "hxxp://istart.webssearches.com/?type=hppp&ts=1401363424&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229" (PUP.Optional.IsStart)
TROUVÉ Chrome Secure Preferences: "hxxp://istart.webssearches.com/?type=hppp&ts=1401642311&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229" (PUP.Optional.IsStart)
TROUVÉ Chrome Secure Preferences: "hxxp://istart.webssearches.com/?type=hppp&ts=1401735457&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229" (PUP.Optional.IsStart)
TROUVÉ donnée: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride [Bad : <local>] (PUP.Optional.Proxy)
TROUVÉ donnée: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer [Bad : http=http://127.0.0.1:9880] (PUP.Optional.Proxy)
TROUVÉ donnée: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable [Bad : 0] (PUP.Optional.Proxy)
TROUVÉ donnée: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings [Bad : Port=2F2F1272E02E02E13A9880070000003C6C6F6616C3E00000000020000000000000060BAF54F77C2C801000000000000000000000000050000001700000000000000FE800000000000002C0D27BD3F57FEEA0D00000000000000170000000000000020010000D5C7A2CA2C0D27BD3F57FEEA00000000000000001C000000000000000000000000000000000000000000000000000000000000001700000000000000FE800000000000002C44648AD44B023D08000000000000001700000000000000FE800000000000002C44648AD44B023D08000000000000001700000000000000FE8000000000000000005EFEC0A8011509000000000000001C000000000000000000000000000000000000000000000000000000000000001700000000000000FE800000000000002C0D27BD3F57FEEA0D000000000000001700000000000000FE8000000000000000005EFEC0A801150900000000000000170000000000000000000000000000000000FFFFC0A8011500000000000000001C000000000000000000000000000000000000000000000000000000000000005C00005C4A080B00069A4041892A10477006C0069006E006B002F000000100002000000C0A80115000000000000000000003F004C0069006E006B00490064003D0070060020070070000000C0000000A000000680074007400700000006400000074002E004F00004F5D080B00069A4041892A1046E006B002F003F004C0069006E006B00490064003D007006002007007000000060000002200170000000000000020010000D5C7A2CA2C0D27BD3F57FEEA000000006006F006D00000008000000120000002F00660077006C0069006E006B002F0000001000000004000000500000000A0000001C0000003F004C0069006E006B00490064003D0070060020070070000000C0000000A00000068007400740070000000] (PUP.Optional.Proxy)
TROUVÉ donnée: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings [Bad : Port=2F2F1272E02E02E13A9880070000003C6C6F6616C3E00000000020000000000000060BAF54F77C2C801000000000000000000000000050000001700000000000000FE800000000000002C0D27BD3F57FEEA0D00000000000000170000000000000020010000D5C7A2CA2C0D27BD3F57FEEA00000000000000001C000000000000000000000000000000000000000000000000000000000000001700000000000000FE800000000000002C44648AD44B023D08000000000000001700000000000000FE800000000000002C44648AD44B023D08000000000000001700000000000000FE8000000000000000005EFEC0A8011509000000000000001C000000000000000000000000000000000000000000000000000000000000001700000000000000FE800000000000002C0D27BD3F57FEEA0D000000000000001700000000000000FE8000000000000000005EFEC0A801150900000000000000170000000000000000000000000000000000FFFFC0A8011500000000000000001C000000000000000000000000000000000000000000000000000000000000005C00005C4A080B00069A4041892A10477006C0069006E006B002F000000100002000000C0A80115000000000000000000003F004C0069006E006B00490064003D0070060020070070000000C0000000A000000680074007400700000006400000074002E004F00004F5D080B00069A4041892A1046E006B002F003F004C0069006E006B00490064003D007006002007007000000060000002200170000000000000020010000D5C7A2CA2C0D27BD3F57FEEA000000006006F006D00000008000000120000002F00660077006C0069006E006B002F0000001000000004000000500000000A0000001C0000003F004C0069006E006B00490064003D0070060020070070000000C0000000A00000068007400740070000000] (PUP.Optional.Proxy)
TROUVÉ Desktop: C:\Users\Matthieu\Desktop\Google Chrome.lnk [Bad : http://www.webpageing.com/?type=sc&ts=1398019481&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229] (Hijacker.Browser)
TROUVÉ Quicklaunch: C:\Users\Matthieu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [Bad : http://www.webpageing.com/?type=sc&ts=1398019481&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229] (Hijacker.Browser)
TROUVÉ Quicklaunch: C:\Users\Matthieu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [Bad : http://www.webpageing.com/?type=sc&ts=1398019481&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229] (Hijacker.Browser)
TROUVÉ Quicklaunch: C:\Users\Matthieu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [Bad : http://www.webpageing.com/?type=sc&ts=1398019481&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229] (Hijacker.Browser)
TROUVÉ Desktop: C:\Users\Public\Desktop\Mozilla Firefox.lnk [Bad : http://www.webpageing.com/?type=sc&ts=1398019481&from=tugs&uid=WDCXWD5000AAKS-07YGA0_WD-WCAS8466122961229] (Hijacker.Browser)
---\\ Fichier hôte. (0)
~ Aucun élément malicieux trouvé.
---\\ Tâche planifiée. (4)
TROUVÉ tâche: [DSite] [C:\Windows\Tasks\DSite.job] (PUP.Optional.SimpleSearches)
TROUVÉ tâche: [Funmoods] [C:\Windows\Tasks\Funmoods.job] (PUP.Optional.Funmoods)
TROUVÉ tâche: [SpeedUpMyPC Maintenance] [C:\Windows\Tasks\SpeedUpMyPC Maintenance.job] (PUP.Optional.SpeedUpMyPC)
TROUVÉ tâche: [SpeedUpMyPC Startup] [C:\Windows\Tasks\SpeedUpMyPC Startup.job] (PUP.Optional.SpeedUpMyPC)
---\\ Explorateur ( Dossiers, Fichiers ). (43)
TROUVÉ fichier: C:\Windows\System32\drivers\tStLib.sys [StdLib - StdLib](PUP.Optional.LinkiDoo) [BB38EB5153924075CF2E0E2420D9A261]
TROUVÉ fichier: C:\Windows\Tasks\DSite.job (PUP.Optional.SimpleSearches) [CC1BCC6FB352BF22B6EFC8C4D45F52ED]
TROUVÉ fichier: C:\Windows\Tasks\Funmoods.job (PUP.Optional.Funmoods) [4563CBCC3899507688D937A2A01DD3CB]
TROUVÉ fichier: C:\Windows\Tasks\SpeedUpMyPC Maintenance.job (PUP.Optional.SpeedUpMyPC) [2A41859488E7140B2449E6BA74929BDC]
TROUVÉ fichier: C:\Windows\Tasks\SpeedUpMyPC Startup.job (PUP.Optional.SpeedUpMyPC) [295466EDB4BEEE2BAAB03A509DA9E965]
TROUVÉ fichier: C:\Program Files\Mozilla Firefox\searchplugins\StartWeb.xml (PUP.Optional.IMBooster) [ACB0C5E0CC572F7610DF61E3C0EA6170]
TROUVÉ fichier: C:\Program Files\Mozilla Firefox\searchplugins\webssearches.xml (PUP.Optional.WebsSearches) [1B7255CD76E30156823EBA687737ADD4]
TROUVÉ fichier: C:\END (PUP.Optional.Conduit) [A103FDF7348130EF3F3FEF56B1700A27]
TROUVÉ fichier: C:\Program Files\SupTab\DpInterface32.dll (PUP.Optional.SupTab) [FB244BC3CDAA63FF07CD08F812CB3FB5]
TROUVÉ dossier: C:\Program Files\PC Drivers HeadQuarters\Driver Detective (PUP.Optional)
TROUVÉ dossier: C:\Program Files\Pirrit\IEExtension (PUP.Optional.Pirrit)
TROUVÉ dossier: C:\Program Files\PC Drivers HeadQuarters (PUP.Optional)
TROUVÉ dossier: C:\Program Files\Pirrit (PUP.Optional.Pirrit)
TROUVÉ dossier: C:\Program Files\SupTab (PUP.Optional.SupTab)
TROUVÉ dossier: C:\ProgramData\WPM\log (PUP.Optional.WpManager)
TROUVÉ dossier: C:\ProgramData\WPM\update (PUP.Optional.WpManager)
TROUVÉ dossier: C:\ProgramData\3F21A466DC888F969D6449665E3887EF (PUP.Optional.CrossRider)
TROUVÉ dossier: C:\ProgramData\Babylon (PUP.Optional.Babylon)
TROUVÉ dossier: C:\ProgramData\Tarma Installer (PUP.Optional.Tarma)
TROUVÉ dossier: C:\ProgramData\WPM (PUP.Optional.WpManager)
TROUVÉ dossier: C:\ProgramData\PC Drivers HeadQuarters\Driver Detective (PUP.Optional)
TROUVÉ dossier: C:\ProgramData\PC Drivers HeadQuarters (PUP.Optional)
TROUVÉ fichier: C:\Users\Matthieu\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon) [587AE6C660F88790FD3224799A6686E2]
TROUVÉ fichier: C:\Users\Matthieu\AppData\Roaming\Pirrit\Config.json (PUP.Optional.Pirrit) [A3DAA096FD11C5EF9C755B04DFACD091]
TROUVÉ fichier: C:\Users\Matthieu\AppData\Roaming\Pirrit\Log.txt (PUP.Optional.Pirrit) [2C42C3A0D47A017AAC11B34DE8D60115]
TROUVÉ fichier: C:\Users\Matthieu\AppData\Roaming\Pirrit\Popups.json (PUP.Optional.Pirrit) [33ADBC606C602D11CFBFC9FE91A23D01]
TROUVÉ dossier: C:\Users\Matthieu\AppData\Roaming\0V1L2Z2Z1T1I1L1T\OpenOffice Packages (PUP.Optional.InstallCore)
TROUVÉ dossier: C:\Users\Matthieu\AppData\Roaming\1H1Q\Ultimate Codecs Packages (PUP.Optional.InstallCore)
TROUVÉ dossier: C:\Users\Matthieu\AppData\Roaming\DSite\UpdateProc (PUP.Optional.SimpleSearches)
TROUVÉ dossier: C:\Users\Matthieu\AppData\Roaming\Pirrit\Services (PUP.Optional.Pirrit)
TROUVÉ dossier: C:\Users\Matthieu\AppData\Roaming\0V1L2Z2Z1T1I1L1T (PUP.Optional.InstallCore)
TROUVÉ dossier: C:\Users\Matthieu\AppData\Roaming\1H1Q (PUP.Optional.InstallCore)
TROUVÉ dossier: C:\Users\Matthieu\AppData\Roaming\Babylon (PUP.Optional.Babylon)
TROUVÉ dossier: C:\Users\Matthieu\AppData\Roaming\DSite (PUP.Optional.SimpleSearches)
TROUVÉ dossier: C:\Users\Matthieu\AppData\Roaming\Pirrit (PUP.Optional.Pirrit)
TROUVÉ dossier: C:\Users\Matthieu\AppData\Roaming\SupTab (PUP.Optional.SupTab)
TROUVÉ dossier: C:\Users\Matthieu\AppData\Roaming\systweak (PUP.Optional.Systweak)
TROUVÉ dossier: C:\Users\Matthieu\AppData\LocalLow\mysearchdial\mysearchdial (PUP.Optional.MySearchDial)
TROUVÉ dossier: C:\Users\Matthieu\AppData\LocalLow\mysearchdial (PUP.Optional.MySearchDial)
TROUVÉ dossier: C:\Users\Matthieu\AppData\Local\WinRST (PUP.Optional.WinRST)
TROUVÉ dossier: C:\Users\Matthieu\AppData\LocalLow\Conduit (PUP.Optional.Conduit)
TROUVÉ dossier: C:\Users\Matthieu\AppData\Local\{2D929DB1-E359-49D5-BEF4-ECBC384733FE} (Empty)
TROUVÉ dossier: C:\Users\Matthieu\AppData\Local\{2DB95CC1-A6EE-4056-9BF2-422AF5C1ABB5} (Empty)
---\\ Base de Registres ( Clés, Valeurs, Données ). (13)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [http://www1.delta-search.com/?q={searchTerms}&affID=119357&tt=gc_&babsrc=SP_ss&mntrId=8892001E900FCF[...]] [Delta Search] (Toolbar.DeltaSearch)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1750559 [BS Player Customized Web Search] (PUP.Optional.Conduit)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} [http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites_14_12_ch&cd=2XzuyEtN2Y1L1Qzut[...]] [Mysearchdial] (PUP.Optional.MySearchDial)
TROUVÉ clé: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1750559 [BS Player Customized Web Search] (PUP.Optional.Conduit)
TROUVÉ clé: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} [http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites_14_12_ch&cd=2XzuyEtN2Y1L1Qzut[...]] [Mysearchdial] (PUP.Optional.MySearchDial)
TROUVÉ clé: HKLM\SOFTWARE\Classes\protector_dll.protectorbho [Google Toolbar Notifier BHO] (PUP.Optional.BProtector)
TROUVÉ clé: HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1 [Google Toolbar Notifier BHO] (PUP.Optional.BProtector)
TROUVÉ clé: HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0} [esrv] (PUP.Optional.MySearchDial)
TROUVÉ clé: HKLM\SOFTWARE\Classes\NMCoFoundation.NMCFEventManager [NMCFEventManager Class] (PUP.Optional.CrossRider)
TROUVÉ clé: HKLM\SOFTWARE\Classes\NMCoFoundation.NMCFEventManager.1 [NMCFEventManager Class] (PUP.Optional.CrossRider)
TROUVÉ clé: HKLM\SOFTWARE\Classes\Pirrit.PirritHelper [IEExtension.Extension] (PUP.Optional.Pirrit)
TROUVÉ clé: HKLM\SOFTWARE\Pirrit [] (PUP.Optional.Pirrit)
TROUVÉ clé: HKLM\SOFTWARE\RST [] (PUP.Optional.WinRST)
---\\ Bilan de la réparation
~ Aucune réparation effectuée.
~ Ce navigateur est absent (Opera Software)
---\\ Statistiques
~ Items scannés : 58902
~ Items trouvés : 124
~ Items annulés : 0
~ Items réparés : 0
End of clean at 16:24:55
===================
ZHPCleaner-[S]-14072015-16_24_55.txt
