Page http://d.7769domain.com/ qui s'ouvre toute seule
Résolu
xMiya-chan
Messages postés
120
Date d'inscription
Statut
Membre
Dernière intervention
-
xMiya-chan Messages postés 120 Date d'inscription Statut Membre Dernière intervention -
xMiya-chan Messages postés 120 Date d'inscription Statut Membre Dernière intervention -
Bonjour,
depuis quelques temps, des pages qui commencent par "http://d.7769domain.com/" s'ouvrent toutes seules et ça commence vraiment à être casse pieds. Dedans, ils me demandent de répondre à des sondages pour savoir si je suis satisfaite du service des sites que je consulte, comme YT, FB, etc. Sinon, y'a des pubs pour avoir un IPhone à 1€. J'aimerais me débarrasser de ce qui cause tout ça. Si vous aviez un logiciel, ou autre, svp...
Merci
(désolé si je n'ai pas posté ma question au bon endroit..)
depuis quelques temps, des pages qui commencent par "http://d.7769domain.com/" s'ouvrent toutes seules et ça commence vraiment à être casse pieds. Dedans, ils me demandent de répondre à des sondages pour savoir si je suis satisfaite du service des sites que je consulte, comme YT, FB, etc. Sinon, y'a des pubs pour avoir un IPhone à 1€. J'aimerais me débarrasser de ce qui cause tout ça. Si vous aviez un logiciel, ou autre, svp...
Merci
(désolé si je n'ai pas posté ma question au bon endroit..)
A voir également:
- Page http://d.7769domain.com/ qui s'ouvre toute seule
- Http - Guide
- Supprimer page word - Guide
- Http //192.168.l.l - Guide
- Imprimer tableau excel sur une page - Guide
- Page d'accueil - Guide
2 réponses
Salut,
Commence par un nettoyage adwcleaner : https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start=
Donne le rapport de nettoyage dans un nouveau message.
Salut,
Suis le tutoriel FRST https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
Cela va générer trois rapports FRST :
Envoie comme expliqué, ces trois rapports sur le site pjjoint et donne les trois liens pjjoint de ces rapports afin qu'ils puissent être consultés.
--
Commence par un nettoyage adwcleaner : https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start=
Donne le rapport de nettoyage dans un nouveau message.
Salut,
Suis le tutoriel FRST https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
Cela va générer trois rapports FRST :
- FRST.txt
- Shortcut.txt
- Additionnal.txt
Envoie comme expliqué, ces trois rapports sur le site pjjoint et donne les trois liens pjjoint de ces rapports afin qu'ils puissent être consultés.
--
Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
HKU\S-1-5-21-1952828977-576085348-507956990-1001\...\RunOnce: [Application Restart #3] => C:\Users\Alizée P\AppData\Local\Pokki\Engine\HostAppService.exe [7863808 2015-07-16] (Pokki)
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:50118;https=127.0.0.1:50118 [Attention - Possible Proxy Malicieux]
ProxyEnable: [S-1-5-21-1952828977-576085348-507956990-1001] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-1952828977-576085348-507956990-1001] => http=127.0.0.1:50118;https=127.0.0.1:50118 [Attention - Possible Proxy Malicieux]
S4 CltMngSvc; C:\Program Files (x86)\LenovoBrowserGuard\Main\bin\CltMngSvc.exe [2538824 2014-07-22] (ClientConnect LTD)
R2 GQnCKb; C:\ProgramData\tbLVWEy\GQnCKb.exe [2732024 2015-07-12] (Irrational Number Applications)
S4 IHProtect Service; C:\Program Files (x86)\MiuiTab\ProtectService.exe [125112 2015-06-24] (XTab system)
S4 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [707240 2015-07-12] () [File not signed] <==== ATTENTION
R2 WInterEnhancer Service; C:\Program Files (x86)\WInterEnhancer\WInterEnhancer Internet Enhancer\InternetEnhancerService.exe [1154560 2015-07-08] () [File not signed]
R2 lyrohyno; C:\Program Files (x86)\4B3388FF-1438020073-11E4-A961-68F7285F0905\knst6D6A.tmpfs [X]
2015-07-27 20:05 - 2015-07-27 20:05 - 00000000 ____D C:\Program Files (x86)\predm
2015-07-27 20:01 - 2015-07-30 20:27 - 00000000 ____D C:\Program Files (x86)\4B3388FF-1438020073-11E4-A961-68F7285F0905
2015-07-25 13:59 - 2015-07-27 22:26 - 00000000 ____D C:\Users\Sebastien Petit\AppData\Local\WebShield
2015-07-25 13:50 - 2015-07-29 13:24 - 00000000 ____D C:\Users\Sebastien Petit\AppData\Local\Pokki
2015-07-20 23:12 - 2015-07-20 23:12 - 00000000 ____D C:\WebShield
2015-07-20 01:52 - 2015-07-20 01:52 - 00000000 ____D C:\Users\Public\Documents\Baidu
2015-07-20 01:52 - 2015-07-20 01:52 - 00000000 ____D C:\ProgramData\Baidu
2015-07-20 01:39 - 2015-07-20 01:39 - 00000000 ____D C:\Users\Alizée P\AppData\Local\Setup387637812
2015-07-18 22:15 - 2015-07-18 22:15 - 00000000 ____D C:\Program Files (x86)\MyPCBU
2015-07-18 18:23 - 2015-07-18 18:23 - 00000000 ____D C:\Users\Alizée P\AppData\Local\speed browser
2015-07-18 17:58 - 2015-07-18 17:58 - 00000000 ____D C:\ProgramData\Browser
2015-07-13 17:50 - 2015-07-13 19:04 - 00000000 ____D C:\Users\Alizée P\SupTab
2015-07-13 01:46 - 2015-08-01 17:56 - 00000000 ____D C:\Users\Alizée P\AppData\Local\Pokki
2015-07-12 19:02 - 2015-08-01 00:14 - 00003440 _____ C:\WINDOWS\System32\Tasks\Ihuihpavoh
2015-07-12 19:01 - 2015-07-12 19:02 - 00000000 ____D C:\ProgramData\Ihuihpavoh
2015-07-12 18:58 - 2015-07-12 18:58 - 00000000 ____D C:\Users\Alizée P\AppData\Local\WebShield
2015-07-12 18:58 - 2015-07-12 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WInterEnhancer
2015-07-12 18:57 - 2015-07-12 18:58 - 00000000 ____D C:\Program Files (x86)\MiuiTab
2015-07-12 18:57 - 2015-07-12 18:57 - 00000000 ____D C:\ProgramData\WindowsMangerProtect
2015-07-12 18:57 - 2015-07-12 18:57 - 00000000 ____D C:\ProgramData\tbLVWEy
2015-07-12 18:58 - 2015-01-01 01:00 - 00000000 ____D C:\Program Files (x86)\WInterEnhancer
2015-07-12 18:57 - 2015-01-01 01:00 - 00000000 ____D C:\ProgramData\WebShield
Task: {2DF123A0-E864-4FB3-AB9A-D0C003ABDA31} - System32\Tasks\Ihuihpavoh => C:\ProgramData\Ihuihpavoh\1.0.4.1\uhenweik.exe [2015-07-12] ()
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
HKU\S-1-5-21-1952828977-576085348-507956990-1001\...\RunOnce: [Application Restart #3] => C:\Users\Alizée P\AppData\Local\Pokki\Engine\HostAppService.exe [7863808 2015-07-16] (Pokki)
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:50118;https=127.0.0.1:50118 [Attention - Possible Proxy Malicieux]
ProxyEnable: [S-1-5-21-1952828977-576085348-507956990-1001] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-1952828977-576085348-507956990-1001] => http=127.0.0.1:50118;https=127.0.0.1:50118 [Attention - Possible Proxy Malicieux]
S4 CltMngSvc; C:\Program Files (x86)\LenovoBrowserGuard\Main\bin\CltMngSvc.exe [2538824 2014-07-22] (ClientConnect LTD)
R2 GQnCKb; C:\ProgramData\tbLVWEy\GQnCKb.exe [2732024 2015-07-12] (Irrational Number Applications)
S4 IHProtect Service; C:\Program Files (x86)\MiuiTab\ProtectService.exe [125112 2015-06-24] (XTab system)
S4 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [707240 2015-07-12] () [File not signed] <==== ATTENTION
R2 WInterEnhancer Service; C:\Program Files (x86)\WInterEnhancer\WInterEnhancer Internet Enhancer\InternetEnhancerService.exe [1154560 2015-07-08] () [File not signed]
R2 lyrohyno; C:\Program Files (x86)\4B3388FF-1438020073-11E4-A961-68F7285F0905\knst6D6A.tmpfs [X]
2015-07-27 20:05 - 2015-07-27 20:05 - 00000000 ____D C:\Program Files (x86)\predm
2015-07-27 20:01 - 2015-07-30 20:27 - 00000000 ____D C:\Program Files (x86)\4B3388FF-1438020073-11E4-A961-68F7285F0905
2015-07-25 13:59 - 2015-07-27 22:26 - 00000000 ____D C:\Users\Sebastien Petit\AppData\Local\WebShield
2015-07-25 13:50 - 2015-07-29 13:24 - 00000000 ____D C:\Users\Sebastien Petit\AppData\Local\Pokki
2015-07-20 23:12 - 2015-07-20 23:12 - 00000000 ____D C:\WebShield
2015-07-20 01:52 - 2015-07-20 01:52 - 00000000 ____D C:\Users\Public\Documents\Baidu
2015-07-20 01:52 - 2015-07-20 01:52 - 00000000 ____D C:\ProgramData\Baidu
2015-07-20 01:39 - 2015-07-20 01:39 - 00000000 ____D C:\Users\Alizée P\AppData\Local\Setup387637812
2015-07-18 22:15 - 2015-07-18 22:15 - 00000000 ____D C:\Program Files (x86)\MyPCBU
2015-07-18 18:23 - 2015-07-18 18:23 - 00000000 ____D C:\Users\Alizée P\AppData\Local\speed browser
2015-07-18 17:58 - 2015-07-18 17:58 - 00000000 ____D C:\ProgramData\Browser
2015-07-13 17:50 - 2015-07-13 19:04 - 00000000 ____D C:\Users\Alizée P\SupTab
2015-07-13 01:46 - 2015-08-01 17:56 - 00000000 ____D C:\Users\Alizée P\AppData\Local\Pokki
2015-07-12 19:02 - 2015-08-01 00:14 - 00003440 _____ C:\WINDOWS\System32\Tasks\Ihuihpavoh
2015-07-12 19:01 - 2015-07-12 19:02 - 00000000 ____D C:\ProgramData\Ihuihpavoh
2015-07-12 18:58 - 2015-07-12 18:58 - 00000000 ____D C:\Users\Alizée P\AppData\Local\WebShield
2015-07-12 18:58 - 2015-07-12 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WInterEnhancer
2015-07-12 18:57 - 2015-07-12 18:58 - 00000000 ____D C:\Program Files (x86)\MiuiTab
2015-07-12 18:57 - 2015-07-12 18:57 - 00000000 ____D C:\ProgramData\WindowsMangerProtect
2015-07-12 18:57 - 2015-07-12 18:57 - 00000000 ____D C:\ProgramData\tbLVWEy
2015-07-12 18:58 - 2015-01-01 01:00 - 00000000 ____D C:\Program Files (x86)\WInterEnhancer
2015-07-12 18:57 - 2015-01-01 01:00 - 00000000 ____D C:\ProgramData\WebShield
Task: {2DF123A0-E864-4FB3-AB9A-D0C003ABDA31} - System32\Tasks\Ihuihpavoh => C:\ProgramData\Ihuihpavoh\1.0.4.1\uhenweik.exe [2015-07-12] ()
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
- Internet Explorer et modules complémentaires / moteurs de recherche : https://forum.malekal.com/viewtopic.php?t=41399&start=
- Firefox : https://www.malekal.com/reparer-firefox/?t=36057&start=
- Google Chrome : https://www.malekal.com/reparer-google-chrome/?t=35837&start=
Voici le fichier texte !
Fix result of Farbar Recovery Scan Tool (x64) Version:30-07-2015
Ran by Alizée P (2015-08-01 19:10:57) Run:1
Running from C:\Users\Alizée P\Desktop
Loaded Profiles: Alizée P (Available Profiles: Alizée P & Sebastien Petit)
Boot Mode: Normal
==============================================
fixlist content:
HKU\S-1-5-21-1952828977-576085348-507956990-1001\...\RunOnce: [Application Restart #3] => C:\Users\Alizée P\AppData\Local\Pokki\Engine\HostAppService.exe [7863808 2015-07-16] (Pokki)
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:50118;https=127.0.0.1:50118 [Attention - Possible Proxy Malicieux]
ProxyEnable: [S-1-5-21-1952828977-576085348-507956990-1001] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-1952828977-576085348-507956990-1001] => http=127.0.0.1:50118;https=127.0.0.1:50118 [Attention - Possible Proxy Malicieux]
S4 CltMngSvc; C:\Program Files (x86)\LenovoBrowserGuard\Main\bin\CltMngSvc.exe [2538824 2014-07-22] (ClientConnect LTD)
R2 GQnCKb; C:\ProgramData\tbLVWEy\GQnCKb.exe [2732024 2015-07-12] (Irrational Number Applications)
S4 IHProtect Service; C:\Program Files (x86)\MiuiTab\ProtectService.exe [125112 2015-06-24] (XTab system)
S4 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [707240 2015-07-12] () [File not signed] <==== ATTENTION
R2 WInterEnhancer Service; C:\Program Files (x86)\WInterEnhancer\WInterEnhancer Internet Enhancer\InternetEnhancerService.exe [1154560 2015-07-08] () [File not signed]
R2 lyrohyno; C:\Program Files (x86)\4B3388FF-1438020073-11E4-A961-68F7285F0905\knst6D6A.tmpfs [X]
2015-07-27 20:05 - 2015-07-27 20:05 - 00000000 ____D C:\Program Files (x86)\predm
2015-07-27 20:01 - 2015-07-30 20:27 - 00000000 ____D C:\Program Files (x86)\4B3388FF-1438020073-11E4-A961-68F7285F0905
2015-07-25 13:59 - 2015-07-27 22:26 - 00000000 ____D C:\Users\Sebastien Petit\AppData\Local\WebShield
2015-07-25 13:50 - 2015-07-29 13:24 - 00000000 ____D C:\Users\Sebastien Petit\AppData\Local\Pokki
2015-07-20 23:12 - 2015-07-20 23:12 - 00000000 ____D C:\WebShield
2015-07-20 01:52 - 2015-07-20 01:52 - 00000000 ____D C:\Users\Public\Documents\Baidu
2015-07-20 01:52 - 2015-07-20 01:52 - 00000000 ____D C:\ProgramData\Baidu
2015-07-20 01:39 - 2015-07-20 01:39 - 00000000 ____D C:\Users\Alizée P\AppData\Local\Setup387637812
2015-07-18 22:15 - 2015-07-18 22:15 - 00000000 ____D C:\Program Files (x86)\MyPCBU
2015-07-18 18:23 - 2015-07-18 18:23 - 00000000 ____D C:\Users\Alizée P\AppData\Local\speed browser
2015-07-18 17:58 - 2015-07-18 17:58 - 00000000 ____D C:\ProgramData\Browser
2015-07-13 17:50 - 2015-07-13 19:04 - 00000000 ____D C:\Users\Alizée P\SupTab
2015-07-13 01:46 - 2015-08-01 17:56 - 00000000 ____D C:\Users\Alizée P\AppData\Local\Pokki
2015-07-12 19:02 - 2015-08-01 00:14 - 00003440 _____ C:\WINDOWS\System32\Tasks\Ihuihpavoh
2015-07-12 19:01 - 2015-07-12 19:02 - 00000000 ____D C:\ProgramData\Ihuihpavoh
2015-07-12 18:58 - 2015-07-12 18:58 - 00000000 ____D C:\Users\Alizée P\AppData\Local\WebShield
2015-07-12 18:58 - 2015-07-12 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WInterEnhancer
2015-07-12 18:57 - 2015-07-12 18:58 - 00000000 ____D C:\Program Files (x86)\MiuiTab
2015-07-12 18:57 - 2015-07-12 18:57 - 00000000 ____D C:\ProgramData\WindowsMangerProtect
2015-07-12 18:57 - 2015-07-12 18:57 - 00000000 ____D C:\ProgramData\tbLVWEy
2015-07-12 18:58 - 2015-01-01 01:00 - 00000000 ____D C:\Program Files (x86)\WInterEnhancer
2015-07-12 18:57 - 2015-01-01 01:00 - 00000000 ____D C:\ProgramData\WebShield
Task: {2DF123A0-E864-4FB3-AB9A-D0C003ABDA31} - System32\Tasks\Ihuihpavoh => C:\ProgramData\Ihuihpavoh\1.0.4.1\uhenweik.exe [2015-07-12] ()
HKU\S-1-5-21-1952828977-576085348-507956990-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Application Restart #3 => value removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
HKU\S-1-5-21-1952828977-576085348-507956990-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value removed successfully
HKU\S-1-5-21-1952828977-576085348-507956990-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
CltMngSvc => service removed successfully
GQnCKb => Unable to stop service.
GQnCKb => service removed successfully
IHProtect Service => service removed successfully
WindowsMangerProtect => service removed successfully
WInterEnhancer Service => Unable to stop service.
WInterEnhancer Service => service removed successfully
lyrohyno => Unable to stop service.
lyrohyno => service removed successfully
C:\Program Files (x86)\predm => moved successfully.
C:\Program Files (x86)\4B3388FF-1438020073-11E4-A961-68F7285F0905 => moved successfully.
C:\Users\Sebastien Petit\AppData\Local\WebShield => moved successfully.
C:\Users\Sebastien Petit\AppData\Local\Pokki => moved successfully.
C:\WebShield => moved successfully.
C:\Users\Public\Documents\Baidu => moved successfully.
C:\ProgramData\Baidu => moved successfully.
C:\Users\Alizée P\AppData\Local\Setup387637812 => moved successfully.
C:\Program Files (x86)\MyPCBU => moved successfully.
C:\Users\Alizée P\AppData\Local\speed browser => moved successfully.
C:\ProgramData\Browser => moved successfully.
C:\Users\Alizée P\SupTab => moved successfully.
"C:\Users\Alizée P\AppData\Local\Pokki" folder move:
Could not move "C:\Users\Alizée P\AppData\Local\Pokki" => Scheduled to move on reboot.
C:\WINDOWS\System32\Tasks\Ihuihpavoh => moved successfully.
"C:\ProgramData\Ihuihpavoh" folder move:
Could not move "C:\ProgramData\Ihuihpavoh" => Scheduled to move on reboot.
C:\Users\Alizée P\AppData\Local\WebShield => moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WInterEnhancer => moved successfully.
C:\Program Files (x86)\MiuiTab => moved successfully.
C:\ProgramData\WindowsMangerProtect => moved successfully.
"C:\ProgramData\tbLVWEy" folder move:
Could not move "C:\ProgramData\tbLVWEy" => Scheduled to move on reboot.
"C:\Program Files (x86)\WInterEnhancer" folder move:
Could not move "C:\Program Files (x86)\WInterEnhancer" => Scheduled to move on reboot.
C:\ProgramData\WebShield => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{2DF123A0-E864-4FB3-AB9A-D0C003ABDA31}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2DF123A0-E864-4FB3-AB9A-D0C003ABDA31}" => key removed successfully
C:\Windows\System32\Tasks\Ihuihpavoh not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Ihuihpavoh" => key removed successfully
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-08-01 19:16:50)<=
C:\Users\Alizée P\AppData\Local\Pokki => Is moved successfully
C:\ProgramData\Ihuihpavoh => Is moved successfully
C:\ProgramData\tbLVWEy => Is moved successfully
C:\Program Files (x86)\WInterEnhancer => Is moved successfully
Fix result of Farbar Recovery Scan Tool (x64) Version:30-07-2015
Ran by Alizée P (2015-08-01 19:10:57) Run:1
Running from C:\Users\Alizée P\Desktop
Loaded Profiles: Alizée P (Available Profiles: Alizée P & Sebastien Petit)
Boot Mode: Normal
==============================================
fixlist content:
HKU\S-1-5-21-1952828977-576085348-507956990-1001\...\RunOnce: [Application Restart #3] => C:\Users\Alizée P\AppData\Local\Pokki\Engine\HostAppService.exe [7863808 2015-07-16] (Pokki)
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:50118;https=127.0.0.1:50118 [Attention - Possible Proxy Malicieux]
ProxyEnable: [S-1-5-21-1952828977-576085348-507956990-1001] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-1952828977-576085348-507956990-1001] => http=127.0.0.1:50118;https=127.0.0.1:50118 [Attention - Possible Proxy Malicieux]
S4 CltMngSvc; C:\Program Files (x86)\LenovoBrowserGuard\Main\bin\CltMngSvc.exe [2538824 2014-07-22] (ClientConnect LTD)
R2 GQnCKb; C:\ProgramData\tbLVWEy\GQnCKb.exe [2732024 2015-07-12] (Irrational Number Applications)
S4 IHProtect Service; C:\Program Files (x86)\MiuiTab\ProtectService.exe [125112 2015-06-24] (XTab system)
S4 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [707240 2015-07-12] () [File not signed] <==== ATTENTION
R2 WInterEnhancer Service; C:\Program Files (x86)\WInterEnhancer\WInterEnhancer Internet Enhancer\InternetEnhancerService.exe [1154560 2015-07-08] () [File not signed]
R2 lyrohyno; C:\Program Files (x86)\4B3388FF-1438020073-11E4-A961-68F7285F0905\knst6D6A.tmpfs [X]
2015-07-27 20:05 - 2015-07-27 20:05 - 00000000 ____D C:\Program Files (x86)\predm
2015-07-27 20:01 - 2015-07-30 20:27 - 00000000 ____D C:\Program Files (x86)\4B3388FF-1438020073-11E4-A961-68F7285F0905
2015-07-25 13:59 - 2015-07-27 22:26 - 00000000 ____D C:\Users\Sebastien Petit\AppData\Local\WebShield
2015-07-25 13:50 - 2015-07-29 13:24 - 00000000 ____D C:\Users\Sebastien Petit\AppData\Local\Pokki
2015-07-20 23:12 - 2015-07-20 23:12 - 00000000 ____D C:\WebShield
2015-07-20 01:52 - 2015-07-20 01:52 - 00000000 ____D C:\Users\Public\Documents\Baidu
2015-07-20 01:52 - 2015-07-20 01:52 - 00000000 ____D C:\ProgramData\Baidu
2015-07-20 01:39 - 2015-07-20 01:39 - 00000000 ____D C:\Users\Alizée P\AppData\Local\Setup387637812
2015-07-18 22:15 - 2015-07-18 22:15 - 00000000 ____D C:\Program Files (x86)\MyPCBU
2015-07-18 18:23 - 2015-07-18 18:23 - 00000000 ____D C:\Users\Alizée P\AppData\Local\speed browser
2015-07-18 17:58 - 2015-07-18 17:58 - 00000000 ____D C:\ProgramData\Browser
2015-07-13 17:50 - 2015-07-13 19:04 - 00000000 ____D C:\Users\Alizée P\SupTab
2015-07-13 01:46 - 2015-08-01 17:56 - 00000000 ____D C:\Users\Alizée P\AppData\Local\Pokki
2015-07-12 19:02 - 2015-08-01 00:14 - 00003440 _____ C:\WINDOWS\System32\Tasks\Ihuihpavoh
2015-07-12 19:01 - 2015-07-12 19:02 - 00000000 ____D C:\ProgramData\Ihuihpavoh
2015-07-12 18:58 - 2015-07-12 18:58 - 00000000 ____D C:\Users\Alizée P\AppData\Local\WebShield
2015-07-12 18:58 - 2015-07-12 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WInterEnhancer
2015-07-12 18:57 - 2015-07-12 18:58 - 00000000 ____D C:\Program Files (x86)\MiuiTab
2015-07-12 18:57 - 2015-07-12 18:57 - 00000000 ____D C:\ProgramData\WindowsMangerProtect
2015-07-12 18:57 - 2015-07-12 18:57 - 00000000 ____D C:\ProgramData\tbLVWEy
2015-07-12 18:58 - 2015-01-01 01:00 - 00000000 ____D C:\Program Files (x86)\WInterEnhancer
2015-07-12 18:57 - 2015-01-01 01:00 - 00000000 ____D C:\ProgramData\WebShield
Task: {2DF123A0-E864-4FB3-AB9A-D0C003ABDA31} - System32\Tasks\Ihuihpavoh => C:\ProgramData\Ihuihpavoh\1.0.4.1\uhenweik.exe [2015-07-12] ()
HKU\S-1-5-21-1952828977-576085348-507956990-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Application Restart #3 => value removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
HKU\S-1-5-21-1952828977-576085348-507956990-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value removed successfully
HKU\S-1-5-21-1952828977-576085348-507956990-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
CltMngSvc => service removed successfully
GQnCKb => Unable to stop service.
GQnCKb => service removed successfully
IHProtect Service => service removed successfully
WindowsMangerProtect => service removed successfully
WInterEnhancer Service => Unable to stop service.
WInterEnhancer Service => service removed successfully
lyrohyno => Unable to stop service.
lyrohyno => service removed successfully
C:\Program Files (x86)\predm => moved successfully.
C:\Program Files (x86)\4B3388FF-1438020073-11E4-A961-68F7285F0905 => moved successfully.
C:\Users\Sebastien Petit\AppData\Local\WebShield => moved successfully.
C:\Users\Sebastien Petit\AppData\Local\Pokki => moved successfully.
C:\WebShield => moved successfully.
C:\Users\Public\Documents\Baidu => moved successfully.
C:\ProgramData\Baidu => moved successfully.
C:\Users\Alizée P\AppData\Local\Setup387637812 => moved successfully.
C:\Program Files (x86)\MyPCBU => moved successfully.
C:\Users\Alizée P\AppData\Local\speed browser => moved successfully.
C:\ProgramData\Browser => moved successfully.
C:\Users\Alizée P\SupTab => moved successfully.
"C:\Users\Alizée P\AppData\Local\Pokki" folder move:
Could not move "C:\Users\Alizée P\AppData\Local\Pokki" => Scheduled to move on reboot.
C:\WINDOWS\System32\Tasks\Ihuihpavoh => moved successfully.
"C:\ProgramData\Ihuihpavoh" folder move:
Could not move "C:\ProgramData\Ihuihpavoh" => Scheduled to move on reboot.
C:\Users\Alizée P\AppData\Local\WebShield => moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WInterEnhancer => moved successfully.
C:\Program Files (x86)\MiuiTab => moved successfully.
C:\ProgramData\WindowsMangerProtect => moved successfully.
"C:\ProgramData\tbLVWEy" folder move:
Could not move "C:\ProgramData\tbLVWEy" => Scheduled to move on reboot.
"C:\Program Files (x86)\WInterEnhancer" folder move:
Could not move "C:\Program Files (x86)\WInterEnhancer" => Scheduled to move on reboot.
C:\ProgramData\WebShield => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{2DF123A0-E864-4FB3-AB9A-D0C003ABDA31}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2DF123A0-E864-4FB3-AB9A-D0C003ABDA31}" => key removed successfully
C:\Windows\System32\Tasks\Ihuihpavoh not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Ihuihpavoh" => key removed successfully
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-08-01 19:16:50)<=
C:\Users\Alizée P\AppData\Local\Pokki => Is moved successfully
C:\ProgramData\Ihuihpavoh => Is moved successfully
C:\ProgramData\tbLVWEy => Is moved successfully
C:\Program Files (x86)\WInterEnhancer => Is moved successfully
voici le rapport de nettoyage adwcleaner (j'envoie la suite dans quelques minutes) ;
# AdwCleaner v4.208 - Rapport créé le 01/08/2015 à 18:23:33
# Mis à jour le 09/07/2015 par Xplode
# Base de données : 2015-08-01.1 [Serveur]
# Système d'exploitation : Windows 8.1 Connected (x64)
# Nom d'utilisateur : Alizée P - ALIZÉEPETIT
# Exécuté depuis : C:\Users\Alizée P\Downloads\adwcleaner_4.208.exe
# Option : Scanner
Service Trouvé : CltMngSvc
Service Trouvé : IHProtect Service
Service Trouvé : WindowsMangerProtect
Service Trouvé : WInterEnhancer Service
Dossier Trouvé : C:\Program Files (x86)\LenovoBrowserGuard
Dossier Trouvé : C:\Program Files (x86)\miuitab
Dossier Trouvé : C:\Program Files (x86)\MyPCBU
Dossier Trouvé : C:\Program Files (x86)\predm
Dossier Trouvé : C:\Program Files (x86)\Wajam
Dossier Trouvé : C:\Program Files (x86)\WInterEnhancer
Dossier Trouvé : C:\ProgramData\Browser
Dossier Trouvé : C:\ProgramData\IHProtectUpDate
Dossier Trouvé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WInterEnhancer
Dossier Trouvé : C:\ProgramData\pokki
Dossier Trouvé : C:\ProgramData\radio
Dossier Trouvé : C:\ProgramData\WebShield
Dossier Trouvé : C:\ProgramData\WindowsMangerProtect
Dossier Trouvé : C:\Users\Alizée P\AppData\Local\LenovoBrowserGuard
Dossier Trouvé : C:\Users\Alizée P\AppData\Local\Motion_Apps
Dossier Trouvé : C:\Users\Alizée P\AppData\Local\pokki
Dossier Trouvé : C:\Users\Alizée P\AppData\Local\speed browser
Dossier Trouvé : C:\Users\Alizée P\AppData\Local\WebShield
Dossier Trouvé : C:\Users\Alizée P\AppData\Roaming\istartsurf
Dossier Trouvé : C:\Users\Alizée P\SupTab
Dossier Trouvé : C:\Users\Sebastien Petit\AppData\Local\pokki
Dossier Trouvé : C:\Users\Sebastien Petit\AppData\Local\WebShield
Dossier Trouvé : C:\WebShield
Dossier Trouvé : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\speed browser
Fichier Trouvé : C:\Users\Alizée P\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
Fichier Trouvé : C:\Users\Alizée P\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
Fichier Trouvé : C:\Users\Alizée P\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage
Fichier Trouvé : C:\Users\Alizée P\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage-journal
Fichier Trouvé : C:\WINDOWS\System32\VisualDiscoveryOff.ini
Fichier Trouvé : C:\WINDOWS\SysWOW64\VisualDiscovery.ini
Fichier Trouvé : C:\WINDOWS\SysWOW64\VisualDiscoveryOff.ini
Raccourci Infecté : C:\Users\Alizée P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Raccourci Infecté : C:\Users\Alizée P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Clé Trouvée : HKCU\Software\AppDataLow\Software\DynConIE
Clé Trouvée : HKCU\Software\Browser
Clé Trouvée : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Clé Trouvée : HKCU\Software\Classes\Directory\shell\pokki
Clé Trouvée : HKCU\Software\Classes\Drive\shell\pokki
Clé Trouvée : HKCU\Software\Classes\lnkfile\shell\pokki
Clé Trouvée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Clé Trouvée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Clé Trouvée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}
Clé Trouvée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Clé Trouvée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3C100595-7FAC-4898-8388-D1A3824ED3E7}
Clé Trouvée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5C83A689-2A2D-11E5-8262-D053490B39C6}
Clé Trouvée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Clé Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Clé Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Clé Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Clé Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1
Clé Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_Start_Menu
Clé Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_Start_Menu
Clé Trouvée : HKCU\Software\Pokki
Clé Trouvée : HKCU\Software\PRODUCTSETUP
Clé Trouvée : HKCU\Software\speed browser
Clé Trouvée : HKCU\Software\WajIEnhance
Clé Trouvée : HKCU\Software\WInterEnhancer
Clé Trouvée : [x64] HKCU\Software\Browser
Clé Trouvée : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Clé Trouvée : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Clé Trouvée : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Clé Trouvée : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}
Clé Trouvée : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Clé Trouvée : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3C100595-7FAC-4898-8388-D1A3824ED3E7}
Clé Trouvée : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5C83A689-2A2D-11E5-8262-D053490B39C6}
Clé Trouvée : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Clé Trouvée : [x64] HKCU\Software\Pokki
Clé Trouvée : [x64] HKCU\Software\PRODUCTSETUP
Clé Trouvée : [x64] HKCU\Software\speed browser
Clé Trouvée : [x64] HKCU\Software\WajIEnhance
Clé Trouvée : [x64] HKCU\Software\WInterEnhancer
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
Clé Trouvée : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Clé Trouvée : HKLM\SOFTWARE\Classes\TypeLib\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88}
Clé Trouvée : HKLM\SOFTWARE\Classes\TypeLib\{CB6BF8B6-E12B-42FA-A478-91BCCDE475DC}
Clé Trouvée : HKLM\SOFTWARE\IHProtect
Clé Trouvée : HKLM\SOFTWARE\istartsurfSoftware
Clé Trouvée : HKLM\SOFTWARE\LENOVO\VisualDiscovery
Clé Trouvée : HKLM\SOFTWARE\LenovoBrowserGuard
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7D7D6742-5B49-4454-9E9B-748E731E741A}_is1
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\istartsurf uninstall
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LenovoBrowserGuard
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebShield
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WInterEnhancer
Clé Trouvée : HKLM\SOFTWARE\SpeedBrowser
Clé Trouvée : HKLM\SOFTWARE\SupDp
Clé Trouvée : HKLM\SOFTWARE\Superfish Inc. VisualDiscovery
Clé Trouvée : HKLM\SOFTWARE\SupTab
Clé Trouvée : HKLM\SOFTWARE\supWindowsMangerProtect
Clé Trouvée : HKLM\SOFTWARE\VisualDiscovery
Clé Trouvée : HKLM\SOFTWARE\WInterEnhancer
Clé Trouvée : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
Clé Trouvée : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Clé Trouvée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}
Clé Trouvée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Clé Trouvée : HKU\.DEFAULT\Software\Browser
Donnée Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Donnée Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
Donnée Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:50118;hxxps=127.0.0.1:50118
Donnée Trouvée : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Donnée Trouvée : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
Donnée Trouvée : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:50118;hxxps=127.0.0.1:50118
Valeur Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [DefaultConnectionSettings]
Valeur Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [SavedLegacySettings]
Valeur Trouvée : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [DefaultConnectionSettings]
Valeur Trouvée : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [SavedLegacySettings]
-\\ Internet Explorer v11.0.9600.17840
Paramètre Trouvé : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.istartsurf.com/web/?type=dspp&ts=1436723854&z=860e270c611f2d4938b4ec6g1zeccq7mfbemfw8ecg&from=tugs&uid=ST500LT012-1DG142_S3PMW3N6XXXXS3PMW3N6&q={searchTerms}
Paramètre Trouvé : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.istartsurf.com/web/?type=dspp&ts=1436723854&z=860e270c611f2d4938b4ec6g1zeccq7mfbemfw8ecg&from=tugs&uid=ST500LT012-1DG142_S3PMW3N6XXXXS3PMW3N6&q={searchTerms}
Paramètre Trouvé : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.istartsurf.com/web/?type=ds&ts=1436720242&z=b81abe2a07270cce668145fg4zcc9qcm0o7efc8c8z&from=tugs&uid=ST500LT012-1DG142_S3PMW3N6XXXXS3PMW3N6&q={searchTerms}
Paramètre Trouvé : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.istartsurf.com/web/?type=ds&ts=1436720242&z=b81abe2a07270cce668145fg4zcc9qcm0o7efc8c8z&from=tugs&uid=ST500LT012-1DG142_S3PMW3N6XXXXS3PMW3N6&q={searchTerms}
Paramètre Trouvé : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.istartsurf.com/web/?type=ds&ts=1436720242&z=b81abe2a07270cce668145fg4zcc9qcm0o7efc8c8z&from=tugs&uid=ST500LT012-1DG142_S3PMW3N6XXXXS3PMW3N6&q={searchTerms}
Paramètre Trouvé : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.istartsurf.com/web/?type=ds&ts=1436720242&z=b81abe2a07270cce668145fg4zcc9qcm0o7efc8c8z&from=tugs&uid=ST500LT012-1DG142_S3PMW3N6XXXXS3PMW3N6&q={searchTerms}
-\\ Mozilla Firefox v39.0 (x86 fr)
-\\ Google Chrome v44.0.2403.125
[C:\Users\Alizée P\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Trouvée [Homepage] : hxxp://search.easylifeapp.com/?pid=821&src=ch1&r=2013/03/22&hid=2330675471&lg=EN&cc=FR
[C:\Users\Alizée P\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Trouvée [Startup_URLs] : 3F82E1BCE215513ADCCCC743326E8F1802DFB27EB0C3F52408EB7652FC6DE336"},"software_reporter":{"prompt_reason":"C545A6AFDFEC5DAB0021A6B0CD21C2CF6909C240B20DA75D58AF63077CDA8B61","prompt_seed":"AD47D0DF38C19B240B08312CC92EE401BF5954FA2DCF94959E6C674A6D08D21B","prompt_version":"DE9688B4EE1AF6028D037A8F181BC44FADEBFAB75E7BDB2ED0596F961ECB6E04"},"sync":{"remaining_rollback_tries":"6F20A4CB390A3BDF1925D7108947A702046BF9B9D1D9B5F8483929828729A8AA"}},"super_mac":"9D86090359C510EA3AC1E841B5081817D9F2AE06436E454B0F819330FF5CEB0C"},"session":{"restore_on_startup":5,"startup_urls":["hxxp://www.google.fr/","hxxp://rocket-find.com/?f=7&a=rckt_tele_14_29_ff&cd=2XzuyEtN2Y1L1QzuyDzzzytC0C0FtB0A0A0CzztBzzyC0DyEtN0D0Tzu0SzytByCtN1L2XzutBtFtBtCtFtCyEtFyEtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyCyByByDtAyCyDyDtG0A0F0F0CtGtB0D0CtAtGzz0B0C0FtGtB0DzytA0ByEyEtAzy0D0E0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCzztD0B0ByEzz0EtGyD0BzyzztGyDtAzyyEtGzz0FyD0FtGyCtA0CyDtB0DyC0C0EtAyD0B2Q&cr=1110651823&ir=
AdwCleaner[R0].txt - [15747 octets] - [01/08/2015 18:23:33]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [15808 octets] ##########
https://pjjoint.malekal.com/files.php?id=20150801_v11v8q6e7y7
https://pjjoint.malekal.com/files.php?id=20150801_g7p7e6c11h11
https://pjjoint.malekal.com/files.php?id=20150801_y58z14x6z7
Voilà, j'espère que je n'ai rien oublié.