Page http://d.7769domain.com/ qui s'ouvre toute seule
Résolu/Fermé
xMiya-chan
Messages postés
120
Date d'inscription
samedi 18 septembre 2010
Statut
Membre
Dernière intervention
15 septembre 2018
-
1 août 2015 à 18:05
xMiya-chan Messages postés 120 Date d'inscription samedi 18 septembre 2010 Statut Membre Dernière intervention 15 septembre 2018 - 1 août 2015 à 19:21
xMiya-chan Messages postés 120 Date d'inscription samedi 18 septembre 2010 Statut Membre Dernière intervention 15 septembre 2018 - 1 août 2015 à 19:21
A voir également:
- Page http://d.7769domain.com/ qui s'ouvre toute seule
- Supprimer une page word - Guide
- Protocole http - Guide
- Word numéro de page 1/2 - Guide
- Comment traduire une page - Guide
- Mettre google en page d'accueil - Guide
2 réponses
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 660
1 août 2015 à 18:10
1 août 2015 à 18:10
Salut,
Commence par un nettoyage adwcleaner : https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start=
Donne le rapport de nettoyage dans un nouveau message.
Salut,
Suis le tutoriel FRST https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
Cela va générer trois rapports FRST :
Envoie comme expliqué, ces trois rapports sur le site pjjoint et donne les trois liens pjjoint de ces rapports afin qu'ils puissent être consultés.
--
Commence par un nettoyage adwcleaner : https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start=
Donne le rapport de nettoyage dans un nouveau message.
Salut,
Suis le tutoriel FRST https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
Cela va générer trois rapports FRST :
- FRST.txt
- Shortcut.txt
- Additionnal.txt
Envoie comme expliqué, ces trois rapports sur le site pjjoint et donne les trois liens pjjoint de ces rapports afin qu'ils puissent être consultés.
--
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 660
1 août 2015 à 19:03
1 août 2015 à 19:03
Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
HKU\S-1-5-21-1952828977-576085348-507956990-1001\...\RunOnce: [Application Restart #3] => C:\Users\Alizée P\AppData\Local\Pokki\Engine\HostAppService.exe [7863808 2015-07-16] (Pokki)
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:50118;https=127.0.0.1:50118 [Attention - Possible Proxy Malicieux]
ProxyEnable: [S-1-5-21-1952828977-576085348-507956990-1001] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-1952828977-576085348-507956990-1001] => http=127.0.0.1:50118;https=127.0.0.1:50118 [Attention - Possible Proxy Malicieux]
S4 CltMngSvc; C:\Program Files (x86)\LenovoBrowserGuard\Main\bin\CltMngSvc.exe [2538824 2014-07-22] (ClientConnect LTD)
R2 GQnCKb; C:\ProgramData\tbLVWEy\GQnCKb.exe [2732024 2015-07-12] (Irrational Number Applications)
S4 IHProtect Service; C:\Program Files (x86)\MiuiTab\ProtectService.exe [125112 2015-06-24] (XTab system)
S4 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [707240 2015-07-12] () [File not signed] <==== ATTENTION
R2 WInterEnhancer Service; C:\Program Files (x86)\WInterEnhancer\WInterEnhancer Internet Enhancer\InternetEnhancerService.exe [1154560 2015-07-08] () [File not signed]
R2 lyrohyno; C:\Program Files (x86)\4B3388FF-1438020073-11E4-A961-68F7285F0905\knst6D6A.tmpfs [X]
2015-07-27 20:05 - 2015-07-27 20:05 - 00000000 ____D C:\Program Files (x86)\predm
2015-07-27 20:01 - 2015-07-30 20:27 - 00000000 ____D C:\Program Files (x86)\4B3388FF-1438020073-11E4-A961-68F7285F0905
2015-07-25 13:59 - 2015-07-27 22:26 - 00000000 ____D C:\Users\Sebastien Petit\AppData\Local\WebShield
2015-07-25 13:50 - 2015-07-29 13:24 - 00000000 ____D C:\Users\Sebastien Petit\AppData\Local\Pokki
2015-07-20 23:12 - 2015-07-20 23:12 - 00000000 ____D C:\WebShield
2015-07-20 01:52 - 2015-07-20 01:52 - 00000000 ____D C:\Users\Public\Documents\Baidu
2015-07-20 01:52 - 2015-07-20 01:52 - 00000000 ____D C:\ProgramData\Baidu
2015-07-20 01:39 - 2015-07-20 01:39 - 00000000 ____D C:\Users\Alizée P\AppData\Local\Setup387637812
2015-07-18 22:15 - 2015-07-18 22:15 - 00000000 ____D C:\Program Files (x86)\MyPCBU
2015-07-18 18:23 - 2015-07-18 18:23 - 00000000 ____D C:\Users\Alizée P\AppData\Local\speed browser
2015-07-18 17:58 - 2015-07-18 17:58 - 00000000 ____D C:\ProgramData\Browser
2015-07-13 17:50 - 2015-07-13 19:04 - 00000000 ____D C:\Users\Alizée P\SupTab
2015-07-13 01:46 - 2015-08-01 17:56 - 00000000 ____D C:\Users\Alizée P\AppData\Local\Pokki
2015-07-12 19:02 - 2015-08-01 00:14 - 00003440 _____ C:\WINDOWS\System32\Tasks\Ihuihpavoh
2015-07-12 19:01 - 2015-07-12 19:02 - 00000000 ____D C:\ProgramData\Ihuihpavoh
2015-07-12 18:58 - 2015-07-12 18:58 - 00000000 ____D C:\Users\Alizée P\AppData\Local\WebShield
2015-07-12 18:58 - 2015-07-12 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WInterEnhancer
2015-07-12 18:57 - 2015-07-12 18:58 - 00000000 ____D C:\Program Files (x86)\MiuiTab
2015-07-12 18:57 - 2015-07-12 18:57 - 00000000 ____D C:\ProgramData\WindowsMangerProtect
2015-07-12 18:57 - 2015-07-12 18:57 - 00000000 ____D C:\ProgramData\tbLVWEy
2015-07-12 18:58 - 2015-01-01 01:00 - 00000000 ____D C:\Program Files (x86)\WInterEnhancer
2015-07-12 18:57 - 2015-01-01 01:00 - 00000000 ____D C:\ProgramData\WebShield
Task: {2DF123A0-E864-4FB3-AB9A-D0C003ABDA31} - System32\Tasks\Ihuihpavoh => C:\ProgramData\Ihuihpavoh\1.0.4.1\uhenweik.exe [2015-07-12] ()
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
HKU\S-1-5-21-1952828977-576085348-507956990-1001\...\RunOnce: [Application Restart #3] => C:\Users\Alizée P\AppData\Local\Pokki\Engine\HostAppService.exe [7863808 2015-07-16] (Pokki)
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:50118;https=127.0.0.1:50118 [Attention - Possible Proxy Malicieux]
ProxyEnable: [S-1-5-21-1952828977-576085348-507956990-1001] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-1952828977-576085348-507956990-1001] => http=127.0.0.1:50118;https=127.0.0.1:50118 [Attention - Possible Proxy Malicieux]
S4 CltMngSvc; C:\Program Files (x86)\LenovoBrowserGuard\Main\bin\CltMngSvc.exe [2538824 2014-07-22] (ClientConnect LTD)
R2 GQnCKb; C:\ProgramData\tbLVWEy\GQnCKb.exe [2732024 2015-07-12] (Irrational Number Applications)
S4 IHProtect Service; C:\Program Files (x86)\MiuiTab\ProtectService.exe [125112 2015-06-24] (XTab system)
S4 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [707240 2015-07-12] () [File not signed] <==== ATTENTION
R2 WInterEnhancer Service; C:\Program Files (x86)\WInterEnhancer\WInterEnhancer Internet Enhancer\InternetEnhancerService.exe [1154560 2015-07-08] () [File not signed]
R2 lyrohyno; C:\Program Files (x86)\4B3388FF-1438020073-11E4-A961-68F7285F0905\knst6D6A.tmpfs [X]
2015-07-27 20:05 - 2015-07-27 20:05 - 00000000 ____D C:\Program Files (x86)\predm
2015-07-27 20:01 - 2015-07-30 20:27 - 00000000 ____D C:\Program Files (x86)\4B3388FF-1438020073-11E4-A961-68F7285F0905
2015-07-25 13:59 - 2015-07-27 22:26 - 00000000 ____D C:\Users\Sebastien Petit\AppData\Local\WebShield
2015-07-25 13:50 - 2015-07-29 13:24 - 00000000 ____D C:\Users\Sebastien Petit\AppData\Local\Pokki
2015-07-20 23:12 - 2015-07-20 23:12 - 00000000 ____D C:\WebShield
2015-07-20 01:52 - 2015-07-20 01:52 - 00000000 ____D C:\Users\Public\Documents\Baidu
2015-07-20 01:52 - 2015-07-20 01:52 - 00000000 ____D C:\ProgramData\Baidu
2015-07-20 01:39 - 2015-07-20 01:39 - 00000000 ____D C:\Users\Alizée P\AppData\Local\Setup387637812
2015-07-18 22:15 - 2015-07-18 22:15 - 00000000 ____D C:\Program Files (x86)\MyPCBU
2015-07-18 18:23 - 2015-07-18 18:23 - 00000000 ____D C:\Users\Alizée P\AppData\Local\speed browser
2015-07-18 17:58 - 2015-07-18 17:58 - 00000000 ____D C:\ProgramData\Browser
2015-07-13 17:50 - 2015-07-13 19:04 - 00000000 ____D C:\Users\Alizée P\SupTab
2015-07-13 01:46 - 2015-08-01 17:56 - 00000000 ____D C:\Users\Alizée P\AppData\Local\Pokki
2015-07-12 19:02 - 2015-08-01 00:14 - 00003440 _____ C:\WINDOWS\System32\Tasks\Ihuihpavoh
2015-07-12 19:01 - 2015-07-12 19:02 - 00000000 ____D C:\ProgramData\Ihuihpavoh
2015-07-12 18:58 - 2015-07-12 18:58 - 00000000 ____D C:\Users\Alizée P\AppData\Local\WebShield
2015-07-12 18:58 - 2015-07-12 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WInterEnhancer
2015-07-12 18:57 - 2015-07-12 18:58 - 00000000 ____D C:\Program Files (x86)\MiuiTab
2015-07-12 18:57 - 2015-07-12 18:57 - 00000000 ____D C:\ProgramData\WindowsMangerProtect
2015-07-12 18:57 - 2015-07-12 18:57 - 00000000 ____D C:\ProgramData\tbLVWEy
2015-07-12 18:58 - 2015-01-01 01:00 - 00000000 ____D C:\Program Files (x86)\WInterEnhancer
2015-07-12 18:57 - 2015-01-01 01:00 - 00000000 ____D C:\ProgramData\WebShield
Task: {2DF123A0-E864-4FB3-AB9A-D0C003ABDA31} - System32\Tasks\Ihuihpavoh => C:\ProgramData\Ihuihpavoh\1.0.4.1\uhenweik.exe [2015-07-12] ()
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
- Internet Explorer et modules complémentaires / moteurs de recherche : https://forum.malekal.com/viewtopic.php?t=41399&start=
- Firefox : https://www.malekal.com/reparer-firefox/?t=36057&start=
- Google Chrome : https://www.malekal.com/reparer-google-chrome/?t=35837&start=
xMiya-chan
Messages postés
120
Date d'inscription
samedi 18 septembre 2010
Statut
Membre
Dernière intervention
15 septembre 2018
5
1 août 2015 à 19:21
1 août 2015 à 19:21
Voici le fichier texte !
Fix result of Farbar Recovery Scan Tool (x64) Version:30-07-2015
Ran by Alizée P (2015-08-01 19:10:57) Run:1
Running from C:\Users\Alizée P\Desktop
Loaded Profiles: Alizée P (Available Profiles: Alizée P & Sebastien Petit)
Boot Mode: Normal
==============================================
fixlist content:
HKU\S-1-5-21-1952828977-576085348-507956990-1001\...\RunOnce: [Application Restart #3] => C:\Users\Alizée P\AppData\Local\Pokki\Engine\HostAppService.exe [7863808 2015-07-16] (Pokki)
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:50118;https=127.0.0.1:50118 [Attention - Possible Proxy Malicieux]
ProxyEnable: [S-1-5-21-1952828977-576085348-507956990-1001] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-1952828977-576085348-507956990-1001] => http=127.0.0.1:50118;https=127.0.0.1:50118 [Attention - Possible Proxy Malicieux]
S4 CltMngSvc; C:\Program Files (x86)\LenovoBrowserGuard\Main\bin\CltMngSvc.exe [2538824 2014-07-22] (ClientConnect LTD)
R2 GQnCKb; C:\ProgramData\tbLVWEy\GQnCKb.exe [2732024 2015-07-12] (Irrational Number Applications)
S4 IHProtect Service; C:\Program Files (x86)\MiuiTab\ProtectService.exe [125112 2015-06-24] (XTab system)
S4 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [707240 2015-07-12] () [File not signed] <==== ATTENTION
R2 WInterEnhancer Service; C:\Program Files (x86)\WInterEnhancer\WInterEnhancer Internet Enhancer\InternetEnhancerService.exe [1154560 2015-07-08] () [File not signed]
R2 lyrohyno; C:\Program Files (x86)\4B3388FF-1438020073-11E4-A961-68F7285F0905\knst6D6A.tmpfs [X]
2015-07-27 20:05 - 2015-07-27 20:05 - 00000000 ____D C:\Program Files (x86)\predm
2015-07-27 20:01 - 2015-07-30 20:27 - 00000000 ____D C:\Program Files (x86)\4B3388FF-1438020073-11E4-A961-68F7285F0905
2015-07-25 13:59 - 2015-07-27 22:26 - 00000000 ____D C:\Users\Sebastien Petit\AppData\Local\WebShield
2015-07-25 13:50 - 2015-07-29 13:24 - 00000000 ____D C:\Users\Sebastien Petit\AppData\Local\Pokki
2015-07-20 23:12 - 2015-07-20 23:12 - 00000000 ____D C:\WebShield
2015-07-20 01:52 - 2015-07-20 01:52 - 00000000 ____D C:\Users\Public\Documents\Baidu
2015-07-20 01:52 - 2015-07-20 01:52 - 00000000 ____D C:\ProgramData\Baidu
2015-07-20 01:39 - 2015-07-20 01:39 - 00000000 ____D C:\Users\Alizée P\AppData\Local\Setup387637812
2015-07-18 22:15 - 2015-07-18 22:15 - 00000000 ____D C:\Program Files (x86)\MyPCBU
2015-07-18 18:23 - 2015-07-18 18:23 - 00000000 ____D C:\Users\Alizée P\AppData\Local\speed browser
2015-07-18 17:58 - 2015-07-18 17:58 - 00000000 ____D C:\ProgramData\Browser
2015-07-13 17:50 - 2015-07-13 19:04 - 00000000 ____D C:\Users\Alizée P\SupTab
2015-07-13 01:46 - 2015-08-01 17:56 - 00000000 ____D C:\Users\Alizée P\AppData\Local\Pokki
2015-07-12 19:02 - 2015-08-01 00:14 - 00003440 _____ C:\WINDOWS\System32\Tasks\Ihuihpavoh
2015-07-12 19:01 - 2015-07-12 19:02 - 00000000 ____D C:\ProgramData\Ihuihpavoh
2015-07-12 18:58 - 2015-07-12 18:58 - 00000000 ____D C:\Users\Alizée P\AppData\Local\WebShield
2015-07-12 18:58 - 2015-07-12 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WInterEnhancer
2015-07-12 18:57 - 2015-07-12 18:58 - 00000000 ____D C:\Program Files (x86)\MiuiTab
2015-07-12 18:57 - 2015-07-12 18:57 - 00000000 ____D C:\ProgramData\WindowsMangerProtect
2015-07-12 18:57 - 2015-07-12 18:57 - 00000000 ____D C:\ProgramData\tbLVWEy
2015-07-12 18:58 - 2015-01-01 01:00 - 00000000 ____D C:\Program Files (x86)\WInterEnhancer
2015-07-12 18:57 - 2015-01-01 01:00 - 00000000 ____D C:\ProgramData\WebShield
Task: {2DF123A0-E864-4FB3-AB9A-D0C003ABDA31} - System32\Tasks\Ihuihpavoh => C:\ProgramData\Ihuihpavoh\1.0.4.1\uhenweik.exe [2015-07-12] ()
HKU\S-1-5-21-1952828977-576085348-507956990-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Application Restart #3 => value removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
HKU\S-1-5-21-1952828977-576085348-507956990-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value removed successfully
HKU\S-1-5-21-1952828977-576085348-507956990-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
CltMngSvc => service removed successfully
GQnCKb => Unable to stop service.
GQnCKb => service removed successfully
IHProtect Service => service removed successfully
WindowsMangerProtect => service removed successfully
WInterEnhancer Service => Unable to stop service.
WInterEnhancer Service => service removed successfully
lyrohyno => Unable to stop service.
lyrohyno => service removed successfully
C:\Program Files (x86)\predm => moved successfully.
C:\Program Files (x86)\4B3388FF-1438020073-11E4-A961-68F7285F0905 => moved successfully.
C:\Users\Sebastien Petit\AppData\Local\WebShield => moved successfully.
C:\Users\Sebastien Petit\AppData\Local\Pokki => moved successfully.
C:\WebShield => moved successfully.
C:\Users\Public\Documents\Baidu => moved successfully.
C:\ProgramData\Baidu => moved successfully.
C:\Users\Alizée P\AppData\Local\Setup387637812 => moved successfully.
C:\Program Files (x86)\MyPCBU => moved successfully.
C:\Users\Alizée P\AppData\Local\speed browser => moved successfully.
C:\ProgramData\Browser => moved successfully.
C:\Users\Alizée P\SupTab => moved successfully.
"C:\Users\Alizée P\AppData\Local\Pokki" folder move:
Could not move "C:\Users\Alizée P\AppData\Local\Pokki" => Scheduled to move on reboot.
C:\WINDOWS\System32\Tasks\Ihuihpavoh => moved successfully.
"C:\ProgramData\Ihuihpavoh" folder move:
Could not move "C:\ProgramData\Ihuihpavoh" => Scheduled to move on reboot.
C:\Users\Alizée P\AppData\Local\WebShield => moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WInterEnhancer => moved successfully.
C:\Program Files (x86)\MiuiTab => moved successfully.
C:\ProgramData\WindowsMangerProtect => moved successfully.
"C:\ProgramData\tbLVWEy" folder move:
Could not move "C:\ProgramData\tbLVWEy" => Scheduled to move on reboot.
"C:\Program Files (x86)\WInterEnhancer" folder move:
Could not move "C:\Program Files (x86)\WInterEnhancer" => Scheduled to move on reboot.
C:\ProgramData\WebShield => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{2DF123A0-E864-4FB3-AB9A-D0C003ABDA31}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2DF123A0-E864-4FB3-AB9A-D0C003ABDA31}" => key removed successfully
C:\Windows\System32\Tasks\Ihuihpavoh not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Ihuihpavoh" => key removed successfully
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-08-01 19:16:50)<=
C:\Users\Alizée P\AppData\Local\Pokki => Is moved successfully
C:\ProgramData\Ihuihpavoh => Is moved successfully
C:\ProgramData\tbLVWEy => Is moved successfully
C:\Program Files (x86)\WInterEnhancer => Is moved successfully
Fix result of Farbar Recovery Scan Tool (x64) Version:30-07-2015
Ran by Alizée P (2015-08-01 19:10:57) Run:1
Running from C:\Users\Alizée P\Desktop
Loaded Profiles: Alizée P (Available Profiles: Alizée P & Sebastien Petit)
Boot Mode: Normal
==============================================
fixlist content:
HKU\S-1-5-21-1952828977-576085348-507956990-1001\...\RunOnce: [Application Restart #3] => C:\Users\Alizée P\AppData\Local\Pokki\Engine\HostAppService.exe [7863808 2015-07-16] (Pokki)
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:50118;https=127.0.0.1:50118 [Attention - Possible Proxy Malicieux]
ProxyEnable: [S-1-5-21-1952828977-576085348-507956990-1001] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-1952828977-576085348-507956990-1001] => http=127.0.0.1:50118;https=127.0.0.1:50118 [Attention - Possible Proxy Malicieux]
S4 CltMngSvc; C:\Program Files (x86)\LenovoBrowserGuard\Main\bin\CltMngSvc.exe [2538824 2014-07-22] (ClientConnect LTD)
R2 GQnCKb; C:\ProgramData\tbLVWEy\GQnCKb.exe [2732024 2015-07-12] (Irrational Number Applications)
S4 IHProtect Service; C:\Program Files (x86)\MiuiTab\ProtectService.exe [125112 2015-06-24] (XTab system)
S4 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [707240 2015-07-12] () [File not signed] <==== ATTENTION
R2 WInterEnhancer Service; C:\Program Files (x86)\WInterEnhancer\WInterEnhancer Internet Enhancer\InternetEnhancerService.exe [1154560 2015-07-08] () [File not signed]
R2 lyrohyno; C:\Program Files (x86)\4B3388FF-1438020073-11E4-A961-68F7285F0905\knst6D6A.tmpfs [X]
2015-07-27 20:05 - 2015-07-27 20:05 - 00000000 ____D C:\Program Files (x86)\predm
2015-07-27 20:01 - 2015-07-30 20:27 - 00000000 ____D C:\Program Files (x86)\4B3388FF-1438020073-11E4-A961-68F7285F0905
2015-07-25 13:59 - 2015-07-27 22:26 - 00000000 ____D C:\Users\Sebastien Petit\AppData\Local\WebShield
2015-07-25 13:50 - 2015-07-29 13:24 - 00000000 ____D C:\Users\Sebastien Petit\AppData\Local\Pokki
2015-07-20 23:12 - 2015-07-20 23:12 - 00000000 ____D C:\WebShield
2015-07-20 01:52 - 2015-07-20 01:52 - 00000000 ____D C:\Users\Public\Documents\Baidu
2015-07-20 01:52 - 2015-07-20 01:52 - 00000000 ____D C:\ProgramData\Baidu
2015-07-20 01:39 - 2015-07-20 01:39 - 00000000 ____D C:\Users\Alizée P\AppData\Local\Setup387637812
2015-07-18 22:15 - 2015-07-18 22:15 - 00000000 ____D C:\Program Files (x86)\MyPCBU
2015-07-18 18:23 - 2015-07-18 18:23 - 00000000 ____D C:\Users\Alizée P\AppData\Local\speed browser
2015-07-18 17:58 - 2015-07-18 17:58 - 00000000 ____D C:\ProgramData\Browser
2015-07-13 17:50 - 2015-07-13 19:04 - 00000000 ____D C:\Users\Alizée P\SupTab
2015-07-13 01:46 - 2015-08-01 17:56 - 00000000 ____D C:\Users\Alizée P\AppData\Local\Pokki
2015-07-12 19:02 - 2015-08-01 00:14 - 00003440 _____ C:\WINDOWS\System32\Tasks\Ihuihpavoh
2015-07-12 19:01 - 2015-07-12 19:02 - 00000000 ____D C:\ProgramData\Ihuihpavoh
2015-07-12 18:58 - 2015-07-12 18:58 - 00000000 ____D C:\Users\Alizée P\AppData\Local\WebShield
2015-07-12 18:58 - 2015-07-12 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WInterEnhancer
2015-07-12 18:57 - 2015-07-12 18:58 - 00000000 ____D C:\Program Files (x86)\MiuiTab
2015-07-12 18:57 - 2015-07-12 18:57 - 00000000 ____D C:\ProgramData\WindowsMangerProtect
2015-07-12 18:57 - 2015-07-12 18:57 - 00000000 ____D C:\ProgramData\tbLVWEy
2015-07-12 18:58 - 2015-01-01 01:00 - 00000000 ____D C:\Program Files (x86)\WInterEnhancer
2015-07-12 18:57 - 2015-01-01 01:00 - 00000000 ____D C:\ProgramData\WebShield
Task: {2DF123A0-E864-4FB3-AB9A-D0C003ABDA31} - System32\Tasks\Ihuihpavoh => C:\ProgramData\Ihuihpavoh\1.0.4.1\uhenweik.exe [2015-07-12] ()
HKU\S-1-5-21-1952828977-576085348-507956990-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Application Restart #3 => value removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
HKU\S-1-5-21-1952828977-576085348-507956990-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value removed successfully
HKU\S-1-5-21-1952828977-576085348-507956990-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
CltMngSvc => service removed successfully
GQnCKb => Unable to stop service.
GQnCKb => service removed successfully
IHProtect Service => service removed successfully
WindowsMangerProtect => service removed successfully
WInterEnhancer Service => Unable to stop service.
WInterEnhancer Service => service removed successfully
lyrohyno => Unable to stop service.
lyrohyno => service removed successfully
C:\Program Files (x86)\predm => moved successfully.
C:\Program Files (x86)\4B3388FF-1438020073-11E4-A961-68F7285F0905 => moved successfully.
C:\Users\Sebastien Petit\AppData\Local\WebShield => moved successfully.
C:\Users\Sebastien Petit\AppData\Local\Pokki => moved successfully.
C:\WebShield => moved successfully.
C:\Users\Public\Documents\Baidu => moved successfully.
C:\ProgramData\Baidu => moved successfully.
C:\Users\Alizée P\AppData\Local\Setup387637812 => moved successfully.
C:\Program Files (x86)\MyPCBU => moved successfully.
C:\Users\Alizée P\AppData\Local\speed browser => moved successfully.
C:\ProgramData\Browser => moved successfully.
C:\Users\Alizée P\SupTab => moved successfully.
"C:\Users\Alizée P\AppData\Local\Pokki" folder move:
Could not move "C:\Users\Alizée P\AppData\Local\Pokki" => Scheduled to move on reboot.
C:\WINDOWS\System32\Tasks\Ihuihpavoh => moved successfully.
"C:\ProgramData\Ihuihpavoh" folder move:
Could not move "C:\ProgramData\Ihuihpavoh" => Scheduled to move on reboot.
C:\Users\Alizée P\AppData\Local\WebShield => moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WInterEnhancer => moved successfully.
C:\Program Files (x86)\MiuiTab => moved successfully.
C:\ProgramData\WindowsMangerProtect => moved successfully.
"C:\ProgramData\tbLVWEy" folder move:
Could not move "C:\ProgramData\tbLVWEy" => Scheduled to move on reboot.
"C:\Program Files (x86)\WInterEnhancer" folder move:
Could not move "C:\Program Files (x86)\WInterEnhancer" => Scheduled to move on reboot.
C:\ProgramData\WebShield => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{2DF123A0-E864-4FB3-AB9A-D0C003ABDA31}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2DF123A0-E864-4FB3-AB9A-D0C003ABDA31}" => key removed successfully
C:\Windows\System32\Tasks\Ihuihpavoh not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Ihuihpavoh" => key removed successfully
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-08-01 19:16:50)<=
C:\Users\Alizée P\AppData\Local\Pokki => Is moved successfully
C:\ProgramData\Ihuihpavoh => Is moved successfully
C:\ProgramData\tbLVWEy => Is moved successfully
C:\Program Files (x86)\WInterEnhancer => Is moved successfully
1 août 2015 à 18:29
voici le rapport de nettoyage adwcleaner (j'envoie la suite dans quelques minutes) ;
# AdwCleaner v4.208 - Rapport créé le 01/08/2015 à 18:23:33
# Mis à jour le 09/07/2015 par Xplode
# Base de données : 2015-08-01.1 [Serveur]
# Système d'exploitation : Windows 8.1 Connected (x64)
# Nom d'utilisateur : Alizée P - ALIZÉEPETIT
# Exécuté depuis : C:\Users\Alizée P\Downloads\adwcleaner_4.208.exe
# Option : Scanner
Service Trouvé : CltMngSvc
Service Trouvé : IHProtect Service
Service Trouvé : WindowsMangerProtect
Service Trouvé : WInterEnhancer Service
Dossier Trouvé : C:\Program Files (x86)\LenovoBrowserGuard
Dossier Trouvé : C:\Program Files (x86)\miuitab
Dossier Trouvé : C:\Program Files (x86)\MyPCBU
Dossier Trouvé : C:\Program Files (x86)\predm
Dossier Trouvé : C:\Program Files (x86)\Wajam
Dossier Trouvé : C:\Program Files (x86)\WInterEnhancer
Dossier Trouvé : C:\ProgramData\Browser
Dossier Trouvé : C:\ProgramData\IHProtectUpDate
Dossier Trouvé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WInterEnhancer
Dossier Trouvé : C:\ProgramData\pokki
Dossier Trouvé : C:\ProgramData\radio
Dossier Trouvé : C:\ProgramData\WebShield
Dossier Trouvé : C:\ProgramData\WindowsMangerProtect
Dossier Trouvé : C:\Users\Alizée P\AppData\Local\LenovoBrowserGuard
Dossier Trouvé : C:\Users\Alizée P\AppData\Local\Motion_Apps
Dossier Trouvé : C:\Users\Alizée P\AppData\Local\pokki
Dossier Trouvé : C:\Users\Alizée P\AppData\Local\speed browser
Dossier Trouvé : C:\Users\Alizée P\AppData\Local\WebShield
Dossier Trouvé : C:\Users\Alizée P\AppData\Roaming\istartsurf
Dossier Trouvé : C:\Users\Alizée P\SupTab
Dossier Trouvé : C:\Users\Sebastien Petit\AppData\Local\pokki
Dossier Trouvé : C:\Users\Sebastien Petit\AppData\Local\WebShield
Dossier Trouvé : C:\WebShield
Dossier Trouvé : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\speed browser
Fichier Trouvé : C:\Users\Alizée P\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
Fichier Trouvé : C:\Users\Alizée P\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
Fichier Trouvé : C:\Users\Alizée P\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage
Fichier Trouvé : C:\Users\Alizée P\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage-journal
Fichier Trouvé : C:\WINDOWS\System32\VisualDiscoveryOff.ini
Fichier Trouvé : C:\WINDOWS\SysWOW64\VisualDiscovery.ini
Fichier Trouvé : C:\WINDOWS\SysWOW64\VisualDiscoveryOff.ini
Raccourci Infecté : C:\Users\Alizée P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Raccourci Infecté : C:\Users\Alizée P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Clé Trouvée : HKCU\Software\AppDataLow\Software\DynConIE
Clé Trouvée : HKCU\Software\Browser
Clé Trouvée : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Clé Trouvée : HKCU\Software\Classes\Directory\shell\pokki
Clé Trouvée : HKCU\Software\Classes\Drive\shell\pokki
Clé Trouvée : HKCU\Software\Classes\lnkfile\shell\pokki
Clé Trouvée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Clé Trouvée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Clé Trouvée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}
Clé Trouvée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Clé Trouvée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3C100595-7FAC-4898-8388-D1A3824ED3E7}
Clé Trouvée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5C83A689-2A2D-11E5-8262-D053490B39C6}
Clé Trouvée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Clé Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Clé Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Clé Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Clé Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1
Clé Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_Start_Menu
Clé Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_Start_Menu
Clé Trouvée : HKCU\Software\Pokki
Clé Trouvée : HKCU\Software\PRODUCTSETUP
Clé Trouvée : HKCU\Software\speed browser
Clé Trouvée : HKCU\Software\WajIEnhance
Clé Trouvée : HKCU\Software\WInterEnhancer
Clé Trouvée : [x64] HKCU\Software\Browser
Clé Trouvée : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Clé Trouvée : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Clé Trouvée : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Clé Trouvée : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}
Clé Trouvée : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Clé Trouvée : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3C100595-7FAC-4898-8388-D1A3824ED3E7}
Clé Trouvée : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5C83A689-2A2D-11E5-8262-D053490B39C6}
Clé Trouvée : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Clé Trouvée : [x64] HKCU\Software\Pokki
Clé Trouvée : [x64] HKCU\Software\PRODUCTSETUP
Clé Trouvée : [x64] HKCU\Software\speed browser
Clé Trouvée : [x64] HKCU\Software\WajIEnhance
Clé Trouvée : [x64] HKCU\Software\WInterEnhancer
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Clé Trouvée : HKLM\SOFTWARE\Classes\TypeLib\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88}
Clé Trouvée : HKLM\SOFTWARE\Classes\TypeLib\{CB6BF8B6-E12B-42FA-A478-91BCCDE475DC}
Clé Trouvée : HKLM\SOFTWARE\IHProtect
Clé Trouvée : HKLM\SOFTWARE\istartsurfSoftware
Clé Trouvée : HKLM\SOFTWARE\LENOVO\VisualDiscovery
Clé Trouvée : HKLM\SOFTWARE\LenovoBrowserGuard
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7D7D6742-5B49-4454-9E9B-748E731E741A}_is1
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\istartsurf uninstall
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LenovoBrowserGuard
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebShield
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WInterEnhancer
Clé Trouvée : HKLM\SOFTWARE\SpeedBrowser
Clé Trouvée : HKLM\SOFTWARE\SupDp
Clé Trouvée : HKLM\SOFTWARE\Superfish Inc. VisualDiscovery
Clé Trouvée : HKLM\SOFTWARE\SupTab
Clé Trouvée : HKLM\SOFTWARE\supWindowsMangerProtect
Clé Trouvée : HKLM\SOFTWARE\VisualDiscovery
Clé Trouvée : HKLM\SOFTWARE\WInterEnhancer
Clé Trouvée : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Clé Trouvée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}
Clé Trouvée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Clé Trouvée : HKU\.DEFAULT\Software\Browser
Donnée Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Donnée Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
Donnée Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:50118;hxxps=127.0.0.1:50118
Donnée Trouvée : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Donnée Trouvée : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
Donnée Trouvée : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:50118;hxxps=127.0.0.1:50118
Valeur Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [DefaultConnectionSettings]
Valeur Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [SavedLegacySettings]
Valeur Trouvée : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [DefaultConnectionSettings]
Valeur Trouvée : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [SavedLegacySettings]
-\\ Internet Explorer v11.0.9600.17840
Paramètre Trouvé : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.istartsurf.com/web/?type=dspp&ts=1436723854&z=860e270c611f2d4938b4ec6g1zeccq7mfbemfw8ecg&from=tugs&uid=ST500LT012-1DG142_S3PMW3N6XXXXS3PMW3N6&q={searchTerms}
Paramètre Trouvé : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.istartsurf.com/web/?type=dspp&ts=1436723854&z=860e270c611f2d4938b4ec6g1zeccq7mfbemfw8ecg&from=tugs&uid=ST500LT012-1DG142_S3PMW3N6XXXXS3PMW3N6&q={searchTerms}
Paramètre Trouvé : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.istartsurf.com/web/?type=ds&ts=1436720242&z=b81abe2a07270cce668145fg4zcc9qcm0o7efc8c8z&from=tugs&uid=ST500LT012-1DG142_S3PMW3N6XXXXS3PMW3N6&q={searchTerms}
Paramètre Trouvé : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.istartsurf.com/web/?type=ds&ts=1436720242&z=b81abe2a07270cce668145fg4zcc9qcm0o7efc8c8z&from=tugs&uid=ST500LT012-1DG142_S3PMW3N6XXXXS3PMW3N6&q={searchTerms}
Paramètre Trouvé : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.istartsurf.com/web/?type=ds&ts=1436720242&z=b81abe2a07270cce668145fg4zcc9qcm0o7efc8c8z&from=tugs&uid=ST500LT012-1DG142_S3PMW3N6XXXXS3PMW3N6&q={searchTerms}
Paramètre Trouvé : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.istartsurf.com/web/?type=ds&ts=1436720242&z=b81abe2a07270cce668145fg4zcc9qcm0o7efc8c8z&from=tugs&uid=ST500LT012-1DG142_S3PMW3N6XXXXS3PMW3N6&q={searchTerms}
-\\ Mozilla Firefox v39.0 (x86 fr)
-\\ Google Chrome v44.0.2403.125
[C:\Users\Alizée P\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Trouvée [Homepage] : hxxp://search.easylifeapp.com/?pid=821&src=ch1&r=2013/03/22&hid=2330675471&lg=EN&cc=FR
[C:\Users\Alizée P\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Trouvée [Startup_URLs] : 3F82E1BCE215513ADCCCC743326E8F1802DFB27EB0C3F52408EB7652FC6DE336"},"software_reporter":{"prompt_reason":"C545A6AFDFEC5DAB0021A6B0CD21C2CF6909C240B20DA75D58AF63077CDA8B61","prompt_seed":"AD47D0DF38C19B240B08312CC92EE401BF5954FA2DCF94959E6C674A6D08D21B","prompt_version":"DE9688B4EE1AF6028D037A8F181BC44FADEBFAB75E7BDB2ED0596F961ECB6E04"},"sync":{"remaining_rollback_tries":"6F20A4CB390A3BDF1925D7108947A702046BF9B9D1D9B5F8483929828729A8AA"}},"super_mac":"9D86090359C510EA3AC1E841B5081817D9F2AE06436E454B0F819330FF5CEB0C"},"session":{"restore_on_startup":5,"startup_urls":["hxxp://www.google.fr/","hxxp://rocket-find.com/?f=7&a=rckt_tele_14_29_ff&cd=2XzuyEtN2Y1L1QzuyDzzzytC0C0FtB0A0A0CzztBzzyC0DyEtN0D0Tzu0SzytByCtN1L2XzutBtFtBtCtFtCyEtFyEtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyCyByByDtAyCyDyDtG0A0F0F0CtGtB0D0CtAtGzz0B0C0FtGtB0DzytA0ByEyEtAzy0D0E0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCzztD0B0ByEzz0EtGyD0BzyzztGyDtAzyyEtGzz0FyD0FtGyCtA0CyDtB0DyC0C0EtAyD0B2Q&cr=1110651823&ir=
AdwCleaner[R0].txt - [15747 octets] - [01/08/2015 18:23:33]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [15808 octets] ##########
1 août 2015 à 18:43
https://pjjoint.malekal.com/files.php?id=20150801_v11v8q6e7y7
https://pjjoint.malekal.com/files.php?id=20150801_g7p7e6c11h11
https://pjjoint.malekal.com/files.php?id=20150801_y58z14x6z7
Voilà, j'espère que je n'ai rien oublié.