Elicia789

Bonjour Pear, Un grand merci pour votre aide, je vous prie de trouver ci-joint le lien pour le rapport http://www.cjoint.com/c/GCzmT3TdvIO

Bonjour, Depuis quelques semaines mon pc rame de plus en plus, il est surement infecté, un bon nettoyage ne serait pas du luxe, pourriez vous m'aider à le faire en vous en remerciant par avance

Bonjour, Je suis en effet surprise que le débit de connexion soit si peu élevé, je suis pourtant équipée de la fibre via la boxSensation, qui bug régulièrement il faut l'admettre... hummm.... qui n'est plus proposée désormais par le fournisseur depuis peu...Dois je faire remonter cette information à mon fournisseur d'accès ? ( Delfix à été exécuté et tous les outils de désinfection supprimés comme vous me l'aviez indiqué, voici le lien du rapport http://www.cjoint.com/c/EFrj7sArnPA . J'ai également lu tous les liens que vous m'avez transmis et j'ai appris énormément de choses, je serais encore plus vigilante bien que je pensais à tort l'être suffisamment et bien non. Un immense merci à vous et à votre équipe pour votre aide efficace, votre gentillesse, votre professionnalisme et vos conseils précieux Mille merci encore en vous souhaitant une agréable journée. J'attends une éventuelle réponse de votre part concernant mon fournisseur d'accès avant d'apposer la mention [résolu]

Les résultats de mon test de debit de connexion sont : Ping : 4 ms Download Max : 29.43 Mbit/s Upload Max : 1.65 Mbit/s J'ai réinitialisé tous mes navigateurs comme vous me l'avez conseillé et je navigue beaucoup plus vite, c'est réellement un plaisir de retrouver enfin du vent dans mes voiles.... Je vous remercie infiniment pour votre patience et votre aide efficace qui m'ont été précieuses.... vraiment !!!! Me reste t'il encore des choses à effectuer ? Dans l'attente de votre réponse, je vous souhaite une agréable soirée tomtom95

La navigation reste encore très lente

Download YouTube Videos YouTube Flash Player ont été supprimés comme vous me l'avez conseillé. le rapport ZHPCleaner se trouve sur ce lien : http://www.cjoint.com/c/EFqopnIbybA

Bonjour, Le navigateur que j'utilise régulièrement est firefox, je viens de suivre toutes vos procédures, la navigation est un peu fluide mais encore ralentie surtout à l'ouverture Je connais le même soucis sur google chrome mais l'utilisant que très rarement cela ne me gêne pas trop. Sur internet explorer où j'y surfe qu'exceptionnellement la navigation est bcq plus rapide mais la version que j'ai n'est à mon avis pas à jour, mes recherches ne m'ayant amené que sur des versions payantes (par sms) dont je me méfie. Je vous joins le lien du rapport Adwcleaner http://www.cjoint.com/c/EFqm0JMkNAA Je vous prie aussi de m'excuser pour avoir utiliser la fonction "citer" que j'ai pensé à tort devoir utiliser et merci pour me l'avoir précisé....

Bonsoir tomtom95 et merci à vous, J'ai suivie toutes vos procédures. Multi Virus Cleaner , SUPERAntiSpyware, avast! Antivirus, Adobe Acrobat X Pro sont désinstallés. Malwarebytes Anti-Malware : j'ai essayé de faire une mise à jour sans succès, je l'ai donc désinstallée pour le réinstaller via votre lien mais je n'ai pu décocher : "essayer la version d'essai" puisque cette option n'apparaissait pas. suis quand même protégée ? WinCerber Firewall est une version achetée & associée directement à VirusKeeper dans sa version ultimate Fixlog : http://up.security-x.fr/file.php?h=Raa56fa5421ba89b063c1075f9763f4d0 Rapport Malwarebytes : http://up.security-x.fr/file.php?h=R370e84668fe7195ff45297ce42f1b332 En revanche, ma navigation et son démarrage sont encore très ralentis en connaissant encore des soucis de plugins soit après une mise en veille soit en pleine navigation.

Bonsoir tomtom95, Un grand merci à vous, je vous prie de trouver ci-joint les liens que vous m'avez demandé de vous faire parvenir : http://up.security-x.fr/file.php?h=Rc88daee35df763797cbdeeff21ef7f23 http://up.security-x.fr/file.php?h=Rffe7a7f471da60aaaa655f57fed86f67 Je vous souhaite une agréable soirée dans l'attente de votre réponse

Bonsoir, Je viens vers vous pour une demande d'aide pour un éventuel état des lieux, voir de désinfection de ma machine avec laquelle je rencontre de plus en plus d'énormes ralentissements et de problèmes depuis plusieurs semaines voir mois (de manière Crescendo) qu'ils soient au démarrage ou pendant l'utilisation. De gros soucis de navigateurs également, de bug intempestifs ou de plantages. Parfois même, à savoir si c'est lié ou pas, mais lors de l'utilisation d'un certain logiciel (pourtant pas trop gourmand : powerdirector) me fais planter ma connexion internet, le pb se manifeste également lors de la mise en ligne également de certain fichiers vidéo. Peut être ai je des hallucinations ou pures coincidences mais.... Cela devient vraiment pénible voir ingérable parfois. Je rencontre régulièrement des pb de plugins et dans l'obligations de réactualiser mes pages souvent pour lire par exemple des vidéos ou jeux. Beaucoup de mal également pour les mises à jour de ma carte graphique. J'avais une fusée, je me retrouve avec un canasson qui a bien du mal a avancer.... sourire Pour info, mon pc n'est âgé que d'un peu plus de deux ans (monté sur mesure) et j'ai déjà grillé un disque dur il y'a un peu moins d'un an sans raisons vraiment apparentes si ce n'est un déménagement (d'un seul étage) où j'avais pris pourtant toutes les précautions nécessaires pour le déplacement peu important de ma tour. Je vous remercie par avance pour l'aide que vous voudrez bien m'apporter en espérant également de votre part un peu d'indulgence si parfois je prends un peu de temps pour bien comprendre toutes les démarches à suivre surtout lorsqu'elles sont très techniques. Je vous souhaite une agréable soirée. Je vous joins dès votre accord mon rapport ZHPDiag

Bonjour Bernard, Un immense merci pour ton aide précieuse et efficace Bonne journée

MDRRRRRRRRR ah bah oui çà c'est une idée "assurance tous risques" (en français) Une bonne soirée à vous Le scan rapide Malwarebytes ne trouve aucun élément infecté, par contre sur un scan complet il y'a encore 15 éléments infectés. Est ce que ceux-ci pourront re contaminés mon pc à plus au moins long terme ? supprimer ou mettre en quarantaine ces éléments supprimerait mon accès à ces log (dont j'ai absolument besoin). Que faire ? Fichier(s) détecté(s): 15 C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\amtlib.dll (PUP.RiskwareTool.CK) -> Aucune action effectuée. C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\amtlib.dll (PUP.RiskwareTool.CK) -> Aucune action effectuée. C:\Program Files\Adobe\Adobe Encore CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Aucune action effectuée. C:\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\amtlib.dll (PUP.RiskwareTool.CK) -> Aucune action effectuée. C:\Program Files\Adobe\Adobe Media Encoder CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Aucune action effectuée. C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\amtlib.dll (PUP.RiskwareTool.CK) -> Aucune action effectuée. C:\Program Files (x86)\Adobe\Adobe Audition CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Aucune action effectuée. C:\Program Files (x86)\Adobe\Adobe Bridge CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Aucune action effectuée. C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Aucune action effectuée. C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Aucune action effectuée. C:\Program Files (x86)\Adobe\Adobe Fireworks CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Aucune action effectuée. C:\Program Files (x86)\Adobe\Adobe Flash CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Aucune action effectuée. C:\Program Files (x86)\Adobe\Adobe Illustrator CS6\Support Files\Contents\Windows\amtlib.dll (PUP.RiskwareTool.CK) -> Aucune action effectuée. C:\Program Files (x86)\Adobe\Adobe InDesign CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Aucune action effectuée. C:\Program Files (x86)\Adobe\Adobe Prelude CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Aucune action effectuée.

Ah ouUUiIIii quelle différence ! ma connexion est vraiment boostée. Un grand MERCI a toi Puis je considérer que mon pc est maintenant nettoyé et débarrassé de tout ce qui pouvait ou pourrait lui être nocif ?

Bonsoir , Il est en bien meilleure forme c'est indéniable même si c'est pas encore tout à fait cela. Il reste peu être encore des vilaines petites bestioles qui doivent le contrarier Plus du tout de message de saturation de mémoire mais toujours des difficultés avec ma connexion net

Bonjour Bernard, voici les rapports que vous m'aviez demandé de vous faire parvenir (ZHPFix & AdwCleaner) . En revanche, une petite question, dans ce que vous m'avez demandé de copié/collé il y'avait des asterix (dans certains chemins d'accès) que j'avais mis moi-même dans mon 1er rapport pour cacher pour le nom d'utilisateur de mon pc. Est ce que cela pourrais engendrer des soucis dans les procédures à suivre ? Rapport de ZHPFix 2013.5.11.1 par Nicolas Coolman, Update du 11/05/2013 Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-14-05-2013-18-54-15.txt Run by ***** at 14/05/2013 18:54:15 High Elevated Privileges : OK Windows 7 Business Edition, 64-bit Service Pack 1 (Build 7601) Corbeille vidée ========== Logiciel(s) ========== ABSENT Software Key: delta ========== Processus mémoire ========== SUPPRIME Reboot Memory Process: C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe ========== Clé(s) du Registre ========== ABSENT Key: Service: BrowserProtect ABSENT Key: HKCU\Software\DataMngr ABSENT Key: HKCU\Software\DataMngr_Toolbar ABSENT Key: HKCU\Software\Iminent ABSENT Key: HKCU\Software\OfferBox ABSENT Key: HKLM\Software\Wow6432Node\Babylon ABSENT Key: HKLM\Software\Wow6432Node\DataMngr ABSENT Key: HKLM\Software\Wow6432Node\Iminent ABSENT Key: HKLM\Software\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921} ABSENT Key: HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} ABSENT Key: HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} ABSENT Key: HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} ABSENT Key: HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} ABSENT Key: HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} ABSENT Key: HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} ABSENT Key: HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} ABSENT Key: HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} ABSENT Key: HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759} ABSENT Key: HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} ABSENT Key: HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} ABSENT Key: HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} ABSENT Key: HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} ABSENT Key: HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} ABSENT Key: HKLM\Software\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E} ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E} ABSENT Key: HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} ABSENT Key: HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} ABSENT Key: HKLM\Software\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291} ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291} ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} ABSENT Key: HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} ABSENT Key: HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} ABSENT Key: HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} ABSENT Key: HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} ABSENT Key: HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} ABSENT Key: HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} ABSENT Key: HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} ABSENT Key: HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} ABSENT Key: HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} ABSENT Key: HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} ABSENT Key: HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} ABSENT Key: HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} ABSENT Key: HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} ABSENT Key: HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} ABSENT Key: HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} ABSENT Key: HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} ABSENT Key: HKLM\Software\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C} ABSENT Key: HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} ABSENT Key: HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} ABSENT Key: HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} ABSENT Key: HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} ABSENT Key: HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} ABSENT Key: HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} ABSENT Key: HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF} ABSENT Key: HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} ABSENT Key: HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08} ABSENT Key: HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} ABSENT Key: HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} ABSENT Key: HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} ABSENT Key: HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} ABSENT Key: HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} ABSENT Key: HKLM\Software\Classes\AppID\escorteng.dll ABSENT Key: HKLM\Software\Classes\AppID\esrv.EXE ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32 ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP ABSENT Key: HKLM\Software\Classes\Prod.cap ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\escortEng.DLL ABSENT Key: CLSID BHO: {0E5680D1-BF44-4929-94AF-FD30D784AD1D} ABSENT Key: Service: SCBackService ABSENT Key: Service: SSUService ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EF25F71D-F3E8-42A3-8B5A-DBF83C4B942F} ABSENT Key: HKLM\Software\Classes\Installer\Features\D17F52FE8E3F3A24B8A5BD8FC3B449F2 ABSENT Key: HKLM\Software\Classes\Installer\Products\D17F52FE8E3F3A24B8A5BD8FC3B449F2 ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D17F52FE8E3F3A24B8A5BD8FC3B449F2 ABSENT Key: HKLM\Software\Wow6432Node\Classes\Installer\Features\D17F52FE8E3F3A24B8A5BD8FC3B449F2 ABSENT Key: HKLM\Software\Wow6432Node\Classes\Installer\Products\D17F52FE8E3F3A24B8A5BD8FC3B449F2 ABSENT Key: HKLM\Software\Classes\AppID\TbCommonUtils.DLL ABSENT Key: HKLM\Software\Classes\AppID\TbHelper.EXE ABSENT Key: HKLM\Software\Classes\S ABSENT Key: HKLM\Software\Classes\TbCommonUtils.CommonUtils ABSENT Key: HKLM\Software\Classes\TbCommonUtils.CommonUtils.1 ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E5680D1-BF44-4929-94AF-FD30D784AD1D} ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E5680D1-BF44-4929-94AF-FD30D784AD1D} ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D} ABSENT Key: HKLM\SYSTEM\CurrentControlSet\Services\SCBackService ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375 ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5 ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85} ABSENT Key: HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} ABSENT Key: HKLM\Software\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D} ABSENT Key: HKLM\Software\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D} ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D} ABSENT Key: HKLM\Software\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B} ABSENT Key: HKLM\Software\Classes\esrv.deltaESrvc ABSENT Key: HKLM\Software\Classes\esrv.deltaESrvc.1 ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\TbHelper.EXE ABSENT Key: HKLM\Software\Wow6432Node\Classes\esrv.deltaESrvc ABSENT Key: HKLM\Software\Wow6432Node\Classes\esrv.deltaESrvc.1 ========== Valeur(s) du Registre ========== ABSENT [HKCU\Software\5828cdcb23bb942]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" ABSENT [HKLM\Software\Wow6432Node\5828cdcb23bb942]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" ABSENT URLSearchHook: {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} ABSENT RunValue: ZyngaGamesAgent ABSENT RunValue: STCAgent ABSENT Valeur Standard Profile: FirewallRaz : ABSENT Valeur Domain Profile: FirewallRaz : ========== Préférences navigateur ========== ABSENT Mozilla Pref: - i51li9ld.default] Delta Search ABSENT \prefs.js SUPPRIME Mozilla Pref: user_pref("extensions.delta.admin", false); SUPPRIME Mozilla Pref: user_pref("extensions.delta.aflt", "babsst"); SUPPRIME Mozilla Pref: user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); SUPPRIME Mozilla Pref: user_pref("extensions.delta.autoRvrt", "false"); SUPPRIME Mozilla Pref: user_pref("extensions.delta.dfltLng", "en"); SUPPRIME Mozilla Pref: user_pref("extensions.delta.excTlbr", false); SUPPRIME Mozilla Pref: user_pref("extensions.delta.ffxUnstlRst", true); SUPPRIME Mozilla Pref: user_pref("extensions.delta.id", "34b567e3000000000000902b343711f9"); SUPPRIME Mozilla Pref: user_pref("extensions.delta.instlDay", "15830"); SUPPRIME Mozilla Pref: user_pref("extensions.delta.instlRef", "sst"); SUPPRIME Mozilla Pref: user_pref("extensions.delta.newTab", false); SUPPRIME Mozilla Pref: user_pref("extensions.delta.prdct", "delta"); SUPPRIME Mozilla Pref: user_pref("extensions.delta.prtnrId", "delta"); SUPPRIME Mozilla Pref: user_pref("extensions.delta.rvrt", "false"); SUPPRIME Mozilla Pref: user_pref("extensions.delta.smplGrp", "none"); SUPPRIME Mozilla Pref: user_pref("extensions.delta.tlbrId", "base"); SUPPRIME Mozilla Pref: user_pref("extensions.delta.tlbrSrchUrl", ""); SUPPRIME Mozilla Pref: user_pref("extensions.delta.vrsn", "1.8.16.16"); SUPPRIME Mozilla Pref: user_pref("extensions.delta.vrsni", "1.8.16.16"); SUPPRIME Mozilla Pref: user_pref("extensions.delta.vrsnTs", "1.8.16.1621:16:57"); ========== Dossier(s) ========== ABSENT C:\Program Files (x86)\Iminent ABSENT C:\ProgramData\Babylon SUPPRIME Reboot Folder**: C:\ProgramData\BrowserProtect ABSENT C:\Users\****\AppData\Roaming\Babylon ABSENT C:\Users\****\AppData\Roaming\OpenCandy ABSENT C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect ABSENT C:\Users\****\AppData\Local\qJu93WnM2ARE8 SUPPRIME Flash Cookies SUPPRIME Temporaires Windows ========== Fichier(s) ========== ABSENT File: c:\users\****\appdata\roaming\mozilla\firefox\profiles\i51li9ld.default\searchplugins\browserprotect.xml SUPPRIME Reboot c:\programdata\browserprotect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.exe ABSENT Folder/File: c:\program files (x86)\iminent ABSENT Folder/File: c:\programdata\babylon ABSENT Folder/File: c:\users\*****\appdata\roaming\babylon ABSENT Folder/File: c:\users\*****\appdata\roaming\opencandy ABSENT Folder/File: c:\users\*****\appdata\roaming\mozilla\firefox\profiles\i51li9ld.default\bprotector_extensions.sqlite ABSENT Folder/File: c:\users\*****\appdata\roaming\mozilla\firefox\profiles\i51li9ld.default\bprotector_prefs.js ABSENT File: c:\users\*****\appdata\roaming\mozilla\firefox\profiles\i51li9ld.default\searchplugins\delta.xml ABSENT File: c:\program files (x86)\splashtop\splashtop connect ie\addressbarsearch.dll SUPPRIME Reboot c:\program files (x86)\splashtop\splashtop connect\zyngagamesagent.exe ABSENT Folder/File: c:\users\berna\appdata\local\temp\askslib.dll ABSENT File: c:\users\*****\appdata\roaming\mozilla\firefox\profiles\i51li9ld.default\searchplugins\babylon.xml ABSENT Folder/File: c:\users\*****\appdata\roaming\mozilla\firefox\profiles\i51li9ld.default\extensions\ffxtlbr@delta.com SUPPRIME Flash Cookies SUPPRIME Temporaires Windows ========== Restauration Système ========== Point de restauration du système créé avec succès ========== Récapitulatif ========== 1 : Processus mémoire 148 : Clé(s) du Registre 7 : Valeur(s) du Registre 9 : Dossier(s) 16 : Fichier(s) 1 : Logiciel(s) 22 : Préférences navigateur 1 : Restauration Système # AdwCleaner v2.300 - Rapport créé le 14/05/2013 à 18:57:53 # Mis à jour le 28/04/2013 par Xplode # Système d'exploitation : Windows 7 Professional Service Pack 1 (64 bits) # Nom d'utilisateur : - # Mode de démarrage : Normal # Exécuté depuis : C:\Users\*****\Desktop\AdwCleaner.exe # Option [suppression] ***** [services] ***** ***** [Fichiers / Dossiers] ***** Dossier Supprimé : C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl Fichier Supprimé : C:\Users\berna\AppData\Roaming\Mozilla\Firefox\Profiles\i51li9ld.default\searchplugins\Babylon.xml Supprimé au redémarrage : C:\ProgramData\BrowserProtect ***** [Registre] ***** Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\5828cdcb23bb942 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761} Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0E5680D1-BF44-4929-94AF-FD30D784AD1D} Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0F3DC9E0-C459-4A40-BCF8-747BD9322E10} Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F} ***** [Navigateurs] ***** -\\ Internet Explorer v10.0.9200.16537 [OK] Le registre ne contient aucune entrée illégitime. -\\ Mozilla Firefox v20.0.1 (fr) Fichier : C:\Users\berna\AppData\Roaming\Mozilla\Firefox\Profiles\i51li9ld.default\prefs.js C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\i51li9ld.default\user.js ... Supprimé ! Supprimée : user_pref("extensions.delta.admin", false); Supprimée : user_pref("extensions.delta.aflt", "babsst"); Supprimée : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); Supprimée : user_pref("extensions.delta.autoRvrt", "false"); Supprimée : user_pref("extensions.delta.dfltLng", "en"); Supprimée : user_pref("extensions.delta.excTlbr", false); Supprimée : user_pref("extensions.delta.ffxUnstlRst", true); Supprimée : user_pref("extensions.delta.id", "34b567e3000000000000902b343711f9"); Supprimée : user_pref("extensions.delta.instlDay", "15830"); Supprimée : user_pref("extensions.delta.instlRef", "sst"); Supprimée : user_pref("extensions.delta.newTab", false); Supprimée : user_pref("extensions.delta.prdct", "delta"); Supprimée : user_pref("extensions.delta.prtnrId", "delta"); Supprimée : user_pref("extensions.delta.rvrt", "false"); Supprimée : user_pref("extensions.delta.smplGrp", "none"); Supprimée : user_pref("extensions.delta.tlbrId", "base"); Supprimée : user_pref("extensions.delta.tlbrSrchUrl", ""); Supprimée : user_pref("extensions.delta.vrsn", "1.8.16.16"); Supprimée : user_pref("extensions.delta.vrsnTs", "1.8.16.1621:16:57"); Supprimée : user_pref("extensions.delta.vrsni", "1.8.16.16"); -\\ Google Chrome v26.0.1410.64 Fichier : C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] Le fichier ne contient aucune entrée illégitime. ************************* AdwCleaner[s1].txt - [3005 octets] - [14/05/2013 18:57:53] ########## EOF - C:\AdwCleaner[s1].txt - [3065 octets] ##########

Je vous remercie pour votre aide et oui je pense que je vais devoir être beaucoup plus vigilante. Dès que j'ai terminé toutes vos procédures, je vous envoie les rapports que vous m'avez demandé.

Bonsoir un grand merci de votre aide, par contre je vois que j'ai deux interlocuteurs différents, cela devient un peu compliqué, que dois je faire ? je vous poste les deux rapports que vous m'avez demandé de vous faire parvenir Rapport de ZHPFix 2013.5.11.1 par Nicolas Coolman, Update du 11/05/2013 Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-14-05-2013-18-54-15.txt Run by berna at 14/05/2013 18:54:15 High Elevated Privileges : OK Windows 7 Business Edition, 64-bit Service Pack 1 (Build 7601) Corbeille vidée ========== Logiciel(s) ========== ABSENT Software Key: delta ========== Processus mémoire ========== SUPPRIME Reboot Memory Process: C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe ========== Clé(s) du Registre ========== ABSENT Key: Service: BrowserProtect ABSENT Key: HKCU\Software\DataMngr ABSENT Key: HKCU\Software\DataMngr_Toolbar ABSENT Key: HKCU\Software\Iminent ABSENT Key: HKCU\Software\OfferBox ABSENT Key: HKLM\Software\Wow6432Node\Babylon ABSENT Key: HKLM\Software\Wow6432Node\DataMngr ABSENT Key: HKLM\Software\Wow6432Node\Iminent ABSENT Key: HKLM\Software\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921} ABSENT Key: HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} ABSENT Key: HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} ABSENT Key: HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} ABSENT Key: HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} ABSENT Key: HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} ABSENT Key: HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} ABSENT Key: HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} ABSENT Key: HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} ABSENT Key: HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759} ABSENT Key: HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} ABSENT Key: HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} ABSENT Key: HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} ABSENT Key: HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} ABSENT Key: HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} ABSENT Key: HKLM\Software\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E} ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E} ABSENT Key: HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} ABSENT Key: HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} ABSENT Key: HKLM\Software\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291} ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291} ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} ABSENT Key: HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} ABSENT Key: HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} ABSENT Key: HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} ABSENT Key: HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} ABSENT Key: HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} ABSENT Key: HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} ABSENT Key: HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} ABSENT Key: HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} ABSENT Key: HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} ABSENT Key: HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} ABSENT Key: HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} ABSENT Key: HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} ABSENT Key: HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} ABSENT Key: HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} ABSENT Key: HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} ABSENT Key: HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} ABSENT Key: HKLM\Software\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C} ABSENT Key: HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} ABSENT Key: HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} ABSENT Key: HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} ABSENT Key: HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} ABSENT Key: HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} ABSENT Key: HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} ABSENT Key: HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF} ABSENT Key: HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} ABSENT Key: HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08} ABSENT Key: HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} ABSENT Key: HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} ABSENT Key: HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} ABSENT Key: HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} ABSENT Key: HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} ABSENT Key: HKLM\Software\Classes\AppID\escorteng.dll ABSENT Key: HKLM\Software\Classes\AppID\esrv.EXE ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32 ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP ABSENT Key: HKLM\Software\Classes\Prod.cap ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\escortEng.DLL ABSENT Key: CLSID BHO: {0E5680D1-BF44-4929-94AF-FD30D784AD1D} ABSENT Key: Service: SCBackService ABSENT Key: Service: SSUService ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EF25F71D-F3E8-42A3-8B5A-DBF83C4B942F} ABSENT Key: HKLM\Software\Classes\Installer\Features\D17F52FE8E3F3A24B8A5BD8FC3B449F2 ABSENT Key: HKLM\Software\Classes\Installer\Products\D17F52FE8E3F3A24B8A5BD8FC3B449F2 ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D17F52FE8E3F3A24B8A5BD8FC3B449F2 ABSENT Key: HKLM\Software\Wow6432Node\Classes\Installer\Features\D17F52FE8E3F3A24B8A5BD8FC3B449F2 ABSENT Key: HKLM\Software\Wow6432Node\Classes\Installer\Products\D17F52FE8E3F3A24B8A5BD8FC3B449F2 ABSENT Key: HKLM\Software\Classes\AppID\TbCommonUtils.DLL ABSENT Key: HKLM\Software\Classes\AppID\TbHelper.EXE ABSENT Key: HKLM\Software\Classes\S ABSENT Key: HKLM\Software\Classes\TbCommonUtils.CommonUtils ABSENT Key: HKLM\Software\Classes\TbCommonUtils.CommonUtils.1 ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E5680D1-BF44-4929-94AF-FD30D784AD1D} ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E5680D1-BF44-4929-94AF-FD30D784AD1D} ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D} ABSENT Key: HKLM\SYSTEM\CurrentControlSet\Services\SCBackService ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375 ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5 ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85} ABSENT Key: HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} ABSENT Key: HKLM\Software\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D} ABSENT Key: HKLM\Software\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D} ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D} ABSENT Key: HKLM\Software\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B} ABSENT Key: HKLM\Software\Classes\esrv.deltaESrvc ABSENT Key: HKLM\Software\Classes\esrv.deltaESrvc.1 ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\TbHelper.EXE ABSENT Key: HKLM\Software\Wow6432Node\Classes\esrv.deltaESrvc ABSENT Key: HKLM\Software\Wow6432Node\Classes\esrv.deltaESrvc.1 ========== Valeur(s) du Registre ========== ABSENT [HKCU\Software\5828cdcb23bb942]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" ABSENT [HKLM\Software\Wow6432Node\5828cdcb23bb942]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" ABSENT URLSearchHook: {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} ABSENT RunValue: ZyngaGamesAgent ABSENT RunValue: STCAgent ABSENT Valeur Standard Profile: FirewallRaz : ABSENT Valeur Domain Profile: FirewallRaz : ========== Préférences navigateur ========== ABSENT Mozilla Pref: - i51li9ld.default] Delta Search ABSENT \prefs.js SUPPRIME Mozilla Pref: user_pref("extensions.delta.admin", false); SUPPRIME Mozilla Pref: user_pref("extensions.delta.aflt", "babsst"); SUPPRIME Mozilla Pref: user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); SUPPRIME Mozilla Pref: user_pref("extensions.delta.autoRvrt", "false"); SUPPRIME Mozilla Pref: user_pref("extensions.delta.dfltLng", "en"); SUPPRIME Mozilla Pref: user_pref("extensions.delta.excTlbr", false); SUPPRIME Mozilla Pref: user_pref("extensions.delta.ffxUnstlRst", true); SUPPRIME Mozilla Pref: user_pref("extensions.delta.id", "34b567e3000000000000902b343711f9"); SUPPRIME Mozilla Pref: user_pref("extensions.delta.instlDay", "15830"); SUPPRIME Mozilla Pref: user_pref("extensions.delta.instlRef", "sst"); SUPPRIME Mozilla Pref: user_pref("extensions.delta.newTab", false); SUPPRIME Mozilla Pref: user_pref("extensions.delta.prdct", "delta"); SUPPRIME Mozilla Pref: user_pref("extensions.delta.prtnrId", "delta"); SUPPRIME Mozilla Pref: user_pref("extensions.delta.rvrt", "false"); SUPPRIME Mozilla Pref: user_pref("extensions.delta.smplGrp", "none"); SUPPRIME Mozilla Pref: user_pref("extensions.delta.tlbrId", "base"); SUPPRIME Mozilla Pref: user_pref("extensions.delta.tlbrSrchUrl", ""); SUPPRIME Mozilla Pref: user_pref("extensions.delta.vrsn", "1.8.16.16"); SUPPRIME Mozilla Pref: user_pref("extensions.delta.vrsni", "1.8.16.16"); SUPPRIME Mozilla Pref: user_pref("extensions.delta.vrsnTs", "1.8.16.1621:16:57"); ========== Dossier(s) ========== ABSENT C:\Program Files (x86)\Iminent ABSENT C:\ProgramData\Babylon SUPPRIME Reboot Folder**: C:\ProgramData\BrowserProtect ABSENT C:\Users\****\AppData\Roaming\Babylon ABSENT C:\Users\****\AppData\Roaming\OpenCandy ABSENT C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect ABSENT C:\Users\****\AppData\Local\qJu93WnM2ARE8 SUPPRIME Flash Cookies SUPPRIME Temporaires Windows ========== Fichier(s) ========== ABSENT File: c:\users\****\appdata\roaming\mozilla\firefox\profiles\i51li9ld.default\searchplugins\browserprotect.xml SUPPRIME Reboot c:\programdata\browserprotect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.exe ABSENT Folder/File: c:\program files (x86)\iminent ABSENT Folder/File: c:\programdata\babylon ABSENT Folder/File: c:\users\*****\appdata\roaming\babylon ABSENT Folder/File: c:\users\*****\appdata\roaming\opencandy ABSENT Folder/File: c:\users\*****\appdata\roaming\mozilla\firefox\profiles\i51li9ld.default\bprotector_extensions.sqlite ABSENT Folder/File: c:\users\*****\appdata\roaming\mozilla\firefox\profiles\i51li9ld.default\bprotector_prefs.js ABSENT File: c:\users\*****\appdata\roaming\mozilla\firefox\profiles\i51li9ld.default\searchplugins\delta.xml ABSENT File: c:\program files (x86)\splashtop\splashtop connect ie\addressbarsearch.dll SUPPRIME Reboot c:\program files (x86)\splashtop\splashtop connect\zyngagamesagent.exe ABSENT Folder/File: c:\users\berna\appdata\local\temp\askslib.dll ABSENT File: c:\users\*****\appdata\roaming\mozilla\firefox\profiles\i51li9ld.default\searchplugins\babylon.xml ABSENT Folder/File: c:\users\*****\appdata\roaming\mozilla\firefox\profiles\i51li9ld.default\extensions\ffxtlbr@delta.com SUPPRIME Flash Cookies SUPPRIME Temporaires Windows ========== Restauration Système ========== Point de restauration du système créé avec succès ========== Récapitulatif ========== 1 : Processus mémoire 148 : Clé(s) du Registre 7 : Valeur(s) du Registre 9 : Dossier(s) 16 : Fichier(s) 1 : Logiciel(s) 22 : Préférences navigateur 1 : Restauration Système # AdwCleaner v2.300 - Rapport créé le 14/05/2013 à 18:57:53 # Mis à jour le 28/04/2013 par Xplode # Système d'exploitation : Windows 7 Professional Service Pack 1 (64 bits) # Nom d'utilisateur : - # Mode de démarrage : Normal # Exécuté depuis : C:\Users\*****\Desktop\AdwCleaner.exe # Option [suppression] ***** [services] ***** ***** [Fichiers / Dossiers] ***** Dossier Supprimé : C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl Fichier Supprimé : C:\Users\berna\AppData\Roaming\Mozilla\Firefox\Profiles\i51li9ld.default\searchplugins\Babylon.xml Supprimé au redémarrage : C:\ProgramData\BrowserProtect ***** [Registre] ***** Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\5828cdcb23bb942 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761} Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0E5680D1-BF44-4929-94AF-FD30D784AD1D} Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0F3DC9E0-C459-4A40-BCF8-747BD9322E10} Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F} ***** [Navigateurs] ***** -\\ Internet Explorer v10.0.9200.16537 [OK] Le registre ne contient aucune entrée illégitime. -\\ Mozilla Firefox v20.0.1 (fr) Fichier : C:\Users\berna\AppData\Roaming\Mozilla\Firefox\Profiles\i51li9ld.default\prefs.js C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\i51li9ld.default\user.js ... Supprimé ! Supprimée : user_pref("extensions.delta.admin", false); Supprimée : user_pref("extensions.delta.aflt", "babsst"); Supprimée : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); Supprimée : user_pref("extensions.delta.autoRvrt", "false"); Supprimée : user_pref("extensions.delta.dfltLng", "en"); Supprimée : user_pref("extensions.delta.excTlbr", false); Supprimée : user_pref("extensions.delta.ffxUnstlRst", true); Supprimée : user_pref("extensions.delta.id", "34b567e3000000000000902b343711f9"); Supprimée : user_pref("extensions.delta.instlDay", "15830"); Supprimée : user_pref("extensions.delta.instlRef", "sst"); Supprimée : user_pref("extensions.delta.newTab", false); Supprimée : user_pref("extensions.delta.prdct", "delta"); Supprimée : user_pref("extensions.delta.prtnrId", "delta"); Supprimée : user_pref("extensions.delta.rvrt", "false"); Supprimée : user_pref("extensions.delta.smplGrp", "none"); Supprimée : user_pref("extensions.delta.tlbrId", "base"); Supprimée : user_pref("extensions.delta.tlbrSrchUrl", ""); Supprimée : user_pref("extensions.delta.vrsn", "1.8.16.16"); Supprimée : user_pref("extensions.delta.vrsnTs", "1.8.16.1621:16:57"); Supprimée : user_pref("extensions.delta.vrsni", "1.8.16.16"); -\\ Google Chrome v26.0.1410.64 Fichier : C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] Le fichier ne contient aucune entrée illégitime. ************************* AdwCleaner[s1].txt - [3005 octets] - [14/05/2013 18:57:53] ########## EOF - C:\AdwCleaner[s1].txt - [3065 octets] ##########

Bonjour, En premier lieu, je voudrais préciser que je n'ai pas l'habitude de régler mes soucis de pc moi-même en général c'était un ami qui me guidait et m'aider à le faire(via vos conseils) c'est pour cela que je vous demanderais par avance un peu d'indulgence si parfois je ne comprends pas de suite les démarches à effectuer si cela est trop technique. Mon pc est nouveau (à peine 3 semaines) avec une configuration plus que raisonnable. Sauf que depuis presque une semaine je connais de plus en plus souvent des ralentissements et même maintenant il crash avec pour message que ma mémoire serait saturée (hors j'ai encore environ 650 GO de dispo) et contenu de son âge cela me semble peu probable. Ma connection net est de plus en plus difficile voir parfois impossible. Il me semble que mamachine est déjà infectée. Pourriez-vous m'aider ? voici le rapport ZHPDIAG Rapport de ZHPDiag v2013.5.13.114 par Nicolas Coolman, Update du 13/05/2013 Run by ***** at 14/05/2013 17:34:07 State : Version à jour. WhiteList : Enable High Elevated Privileges : OK UAC : Deactivate by program ---\\ Web Browser MSIE: Internet Explorer v10.0.9200.16540 MFIE: Mozilla Firefox 20.0.1 (Defaut) GCIE: Google Chrome v26.0.1410.64 ---\\ Windows Product Information ~ Langage: Français Windows 7 Business Edition, 64-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows® 7, OEM_COA_NSLP channel Windows ID Activation : OK ~ Windows Partial Key : WV6YR Windows License : OK ~ Windows Remaining Initializations Number : 3 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ System Protection Malwarebytes Anti-Malware version 1.75.0.1300 SUPERAntiSpyware v5.6.1014 Windows Defender W7 ---\\ System Optimizer ---\\ Peer To Peer (P2P) ---\\ Software Update Adobe Flash Player 11 Plugin ---\\ System Information ~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 8154 MB (72% free) System Restore: Activé (Enable) System drive C: has 653 GB (70%) free of 931 GB ---\\ Logged in mode ~ Computer Name: ~ User Name: ~ All Users Names: UpdatusUser, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\b****\AppData\Roaming\ ~ %Desktop% : C:\Users\b****\Desktop\ ~ %Favorites% : C:\Users\b****\Favorites\ ~ %LocalAppData% : C:\Users\****\AppData\Local\ ~ %StartMenu% : C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 653 Go of 931 Go) D:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified ~ Security Center: 27 Legitimates Filtered in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024] [MD5.753C0848AE7872A3F59663078A517293] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.27/04/2013 - 16:26:20.) -- C:\Windows\System32\wininet.dll [2240512] [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448] [MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128] [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160] [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456] [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400] [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368] [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472] [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224] [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208] [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632] [MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680] [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280] [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536] [MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 04:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888] [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184] [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296] [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/1228 ~ Mes musiques (My Musics) : 1/616 ~ Mes Videos (My Videos) : 1/19 ~ Mes Favoris (My Favorites) : 1/29 ~ Mes Documents (My Documents) : 1/63969 ~ Mon Bureau (My Desktop) : 1/10 ~ Menu demarrer (Programs) : 1/28 ~ Hidden Files: Scanned in 00mn 30s ---\\ Processus lancés [MD5.D9C8DC2D7EC28E3FF25C99EF17C8631A] - (...) -- C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2787280] [PID.2080] =>Toolbar.Babylon [MD5.E7D75EC4BBD08FF5B16F875BA4EA810D] - (.Splashtop Inc. - Splashtop Connect ZyngaGames Agent..) -- C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe [841544] [PID.2560] =>Toolbar.Zynga [MD5.4D241A6A8F6BA9FA32FF836551FFDCEA] - (.Intel Corporation - Intel® USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608] [PID.2620] [MD5.FF6AE53ADF70281EE3591955277C90B4] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345312] [PID.2648] [MD5.8E2A7F1F62467A7DCB8AB2C0642F47CA] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.2708] [MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.3220] [MD5.6F5386A655598F71BAAB2D6B63A69D6A] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [920472] [PID.4384] [MD5.F834B06933E51E2266DC4858A0E9DD98] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [17304] [PID.2424] [MD5.D719477489E4EF1B987E5525D608F2A5] - (.Adobe Systems, Inc. - Adobe Flash Player 11.7 r700.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe [1855880] [PID.4728] [MD5.8DEA9B1919CD66DD2B4D4B8C13B335EC] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7335424] [PID.4848] [MD5.81F177C1954453AF407604160BD149CB] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [383264] [PID.904] [MD5.D762433B2E23C0F8085980CEE6267ACD] - (.Avira Operations GmbH & Co. KG - Avira Scheduler.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86752] [PID.1480] [MD5.CD3E1FB3013C4EB958EA863B78E1AEE0] - (.Avira Operations GmbH & Co. KG - Avira Firewall Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe [657120] [PID.1936] [MD5.748E78BDA2994279C40BCB1B0FE6FB25] - (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110816] [PID.1968] [MD5.4FE5C6D40664AE07BE5105874357D2ED] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [57008] [PID.2040] [MD5.D279A1DB5B38B6464BF0ED4D0BA0E50E] - (.Freemake - FreemakeUtilsService.) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101376] [PID.2288] [MD5.25E8ED6FC3820B59CE602BA4D4C1D01E] - (.Ellora Assets Corp. - CaptureLibService.) -- C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216] [PID.2668] [MD5.166FC0B36842135BC2D3C32DF70ED0D6] - (.Intel Corporation - Intel® Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560] [PID.1044] [MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.2460] [MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.3108] [MD5.8475E746EB72D04F1015E6F091F50E09] - (.Splashtop Inc. - Splashtop Connect Back Service..) -- C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe [477000] [PID.3212] [MD5.1CFA4A1F3C7BB4C8F299E00428EB8677] - (.Splashtop Inc. - Splashtop Software Updater Service.) -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [370504] [PID.3244] =>Adware.IncrediBar [MD5.C42B5CFD183DCC3A1116C6B4ABB8B69C] - (.Avira Operations GmbH & Co. KG - Avira MailGuard Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [371768] [PID.3996] [MD5.C56BA6666999BF91C4A9EC61415F906C] - (.Avira Operations GmbH & Co. KG - Avira WebGuard Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.exe [562744] [PID.4024] [MD5.C56E64BA70DC822B84D100A6F8D690D3] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [277784] [PID.5952] [MD5.B7C53DA1C73FF39F4A6248643EFD979A] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1266464] [PID.6024] [MD5.0F9E1BC7E2BEA1A4108EC9736CF0C2D9] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [363800] [PID.4436] ~ Processes Running: Scanned in 00mn 00s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Preferences ~ Google Browser: 0 Legitimates Filtered in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\i51li9ld.default\prefs.js C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\i51li9ld.default\user.js M3 - MFPP: Plugins - [*****] -- C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\i51li9ld.default\searchplugins\babylon.xml =>Toolbar.Babylon M3 - MFPP: Plugins - [*****] -- C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\i51li9ld.default\searchplugins\BrowserProtect.xml =>Toolbar.Babylon M3 - MFPP: Plugins - [*****] -- C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\i51li9ld.default\searchplugins\delta.xml M0 - MFSP: prefs.js [****] - i51li9ld.default] Delta Search =>Toolbar.DeltaSearch M2 - MFEP: prefs.js [****] - i51li9ld.default\ffxtlbr@delta.com] [] Delta Toolbar v1.5.0 (..) M2 - MFEP: prefs.js [****] - i51li9ld.default\{166daec2-af51-4e22-85c2-0ea1a9c65be4}] [] Wallpaper Rotator v1.9 (..) M2 - MFEP: prefs.js [****] - i51li9ld.default\{7c6cdf7c-8ea8-4be7-ae5a-0b3effe14d66}] [] Facebook Photo Zoom v0.4 (..) ~ Firefox Browser: 20 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:splashtopconnect R3 - URLSearchHook: Splashtop Connect SearchHook [64Bits] - {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} . (.Splashtop Inc. - Addressbar search extention..) (2.0.5.1) -- C:\Program Files (x86)\Splashtop\Splashtop Connect IE\AddressBarSearch.dll ~ IE Browser: 15 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 21 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Splashtop Connect VisualBookmark [64Bits] - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} . (.Splashtop Inc. - Splashtop Connect IE Extension..) -- C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll ~ BHO: 1 Legitimates Filtered in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [AdobeBridge] Clé orpheline O4 - HKCU\..\Run: [sUPERAntiSpyware] . (.SUPERAntiSpyware.com - SUPERAntiSpyware Application.) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKLM\..\Wow6432Node\Run: [ZyngaGamesAgent] . (.Splashtop Inc. - Splashtop Connect ZyngaGames Agent..) -- C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe =>Toolbar.Zynga O4 - HKLM\..\Wow6432Node\Run: [sTCAgent] . (.Splashtop Inc. - Splashtop Connect IE Agent..) -- C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe O4 - HKLM\..\Wow6432Node\Run: [HDAudDeck] . (.VIA - VIA HD Audio CPL.) -- C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe O4 - HKLM\..\Wow6432Node\Run: [uSB3MON] . (.Intel Corporation - Intel® USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe O4 - HKLM\..\Wow6432Node\Run: [AdobeCS6ServiceManager] . (.Adobe Systems Incorporated - Adobe CS6 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-21-1906736058-3776518062-3006771716-1001\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-21-1906736058-3776518062-3006771716-1001\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe ~ Application: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\TaskBar: Adobe After Effects CS6.lnk . (.Adobe Systems Incorporated - Adobe After Effects CS6.) -- C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\AfterFX.exe O4 - GS\TaskBar: Adobe Dreamweaver CS6.lnk . (.Adobe Systems, Inc. - Adobe Dreamweaver CS6.) -- C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe O4 - GS\TaskBar: Adobe Fireworks CS6.lnk . (.Adobe Systems Incorporated - Adobe Fireworks CS6.) -- C:\Program Files (x86)\Adobe\Adobe Fireworks CS6\Fireworks.exe O4 - GS\TaskBar: Adobe Flash Professional CS6.lnk . (.Adobe Systems Incorporated. - Adobe Flash CS6.) -- C:\Program Files (x86)\Adobe\Adobe Flash CS6\Flash.exe O4 - GS\TaskBar: Adobe Illustrator CS6 (64 Bit).lnk . (.Adobe Systems Inc. - Adobe Illustrator CS6.) -- C:\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\Illustrator.exe O4 - GS\TaskBar: Adobe InDesign CS6.lnk . (.Adobe Systems Incorporated - Adobe InDesign CS6.) -- C:\Program Files (x86)\Adobe\Adobe InDesign CS6\InDesign.exe O4 - GS\TaskBar: Adobe Photoshop CS6 (64 Bit).lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CS6.) -- C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe O4 - GS\TaskBar: Adobe Premiere Pro CS6.lnk . (.Adobe Systems, Incorporated - Adobe Premiere Pro CS6.) -- C:\Program Files\Adobe\Adobe Premiere Pro CS6\Adobe Premiere Pro.exe O4 - GS\TaskBar: CyberLink MediaEspresso 6.7.lnk . (.CyberLink Corp. - CyberLink MediaEspresso Main Program.) -- C:\Program Files (x86)\Cyberlink\MediaEspresso\MediaEspresso.exe O4 - GS\TaskBar: CyberLink PowerDirector 11 (64-bit).lnk . (.CyberLink Corp. - PowerDirector 11.) -- C:\Program Files\CyberLink\PowerDirector11\PDR11.exe O4 - GS\TaskBar: Games.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe Splashtop Gaming O4 - GS\TaskBar: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\TaskBar: iTunes.lnk . (.Apple Inc. - iTunes.) -- C:\Program Files (x86)\iTunes\iTunes.exe O4 - GS\TaskBar: Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe O4 - GS\TaskBar: Microsoft Office Access 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\accicons.exe O4 - GS\TaskBar: Microsoft Office Excel 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe O4 - GS\TaskBar: Microsoft Office Outlook 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe O4 - GS\TaskBar: Microsoft Office PowerPoint 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe O4 - GS\TaskBar: Microsoft Office Publisher 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pubs.exe O4 - GS\TaskBar: Microsoft Office Word 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe O4 - GS\TaskBar: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O4 - GS\TaskBar: Pinnacle Studio 15.lnk . (.Pinnacle Systems - Studio program file.) -- C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe O4 - GS\TaskBar: QuickTime Player.lnk . (.Apple Inc. - QuickTime Player.) -- C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe O4 - GS\TaskBar: WaveEditor.lnk . (.Cyberlink - Cyberlink WaveEditor.) -- C:\Program Files (x86)\Cyberlink\WaveEditor\WaveEditor.exe O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\Programs: Social Games.lnk - Clé orpheline O4 - GS\QuickLaunch: BitTorrent.lnk . (.BitTorrent Inc. - BitTorrent.) -- C:\Users\*****\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent O4 - GS\QuickLaunch: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\QuickLaunch: Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\Windows\system32\eudcedit.exe O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe ~ Global Startup: Scanned in 00mn 01s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{DE429923-4561-46B5-9FA3-0133BF3322A5}: DhcpNameServer = ***.***.*.*** O17 - HKLM\System\CS1\Services\Tcpip\..\{DE429923-4561-46B5-9FA3-0133BF3322A5}: DhcpNameServer = ***.***.*.*** O17 - HKLM\System\CS2\Services\Tcpip\..\{DE429923-4561-46B5-9FA3-0133BF3322A5}: DhcpNameServer = ***.***.*.*** O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = ***.***.*.*** ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: BrowserProtect (BrowserProtect) . (...) - C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe =>Toolbar.Babylon O23 - Service: Splashtop Connect Service (SCBackService) . (.Splashtop Inc. - Splashtop Connect Back Service..) - C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe O23 - Service: Splashtop Software Updater Service (SSUService) . (.Splashtop Inc. - Splashtop Software Updater Service.) - C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe =>Adware.IncrediBar O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) . (.VIA Technologies, Inc. - Service binary.) - C:\Windows\System32\viakaraokesrv.exe ~ Services: 25 Legitimates Filtered in 00mn 09s ---\\ Logiciels installés (O42) O42 - Logiciel: Delta toolbar - (.Delta.) [HKLM][64Bits] -- delta ~ Logic: 95 Legitimates Filtered in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\5828cdcb23bb942] [HKCU\Software\Cheddar] [HKCU\Software\DataMngr] =>PUP.Datamngr [HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr [HKCU\Software\Delta] [HKCU\Software\Iminent] =>Adware.IMBooster [HKCU\Software\OfferBox] =>PUP.OfferBox [HKLM\Software\Wow6432Node\5828cdcb23bb942] [HKLM\Software\Wow6432Node\Babylon] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\DataMngr] =>PUP.Datamngr [HKLM\Software\Wow6432Node\Delta] [HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster ~ Key Software: 172 Legitimates Filtered in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 05/05/2013 - 21:14:55 - [1,494] ----D C:\Program Files (x86)\Delta O43 - CFD: 14/05/2013 - 17:11:24 - [0,663] ----D C:\Program Files (x86)\Iminent =>Adware.IMBooster O43 - CFD: 05/05/2013 - 21:14:40 - [0] ----D C:\ProgramData\Babylon =>Toolbar.Babylon O43 - CFD: 05/05/2013 - 21:15:44 - [7,805] ----D C:\ProgramData\BrowserProtect =>Toolbar.Babylon O43 - CFD: 05/05/2013 - 21:14:40 - [0,018] ----D C:\Users\****\AppData\Roaming\Babylon =>Toolbar.Babylon O43 - CFD: 05/05/2013 - 21:14:55 - [0,259] ----D C:\Users\****\AppData\Roaming\Delta O43 - CFD: 05/05/2013 - 21:16:32 - [124,666] ----D C:\Users\****\AppData\Roaming\OpenCandy =>Adware.OpenCandy O43 - CFD: 28/04/2013 - 16:04:36 - [0,001] --H-D C:\Users\****\AppData\Local\qJu93WnM2ARE8 O43 - CFD: 05/05/2013 - 21:16:13 - [0,001] ----D C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect =>Toolbar.Babylon ~ Program Folder: 160 Legitimates Filtered in 00mn 30s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.5B1A4A14AC6DDADFDA5ECE8D728DFFB7] - 02/05/2013 - 23:56:32 ---A- . (...) -- C:\Windows\msxml4-KB973688-enu.LOG [286846] O44 - LFC:[MD5.9DD85DFE0345821E3AF09BB2FC156C29] - 02/05/2013 - 23:56:21 ---A- . (...) -- C:\Windows\msxml4-KB954430-enu.LOG [290638] ~ Files: 21 Legitimates Filtered in 00mn 21s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ MWPS: 16 Legitimates Filtered in 00mn 00s ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 ~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088] ~ Drivers: Scanned in 00mn 00s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ ADS: Scanned in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.admin", false); O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.aflt", "babsst"); O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.autoRvrt", "false"); O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.dfltLng", "en"); O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.excTlbr", false); O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.ffxUnstlRst", true); O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.id", "34b567e3000000000000902b343711f9"); O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.instlDay", "15830"); O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.instlRef", "sst"); O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.newTab", false); O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.prdct", "delta"); O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.prtnrId", "delta"); O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.rvrt", "false"); O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.smplGrp", "none"); O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.tlbrId", "base"); O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.tlbrSrchUrl", ""); O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.vrsn", "1.8.16.16"); O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.vrsni", "1.8.16.16"); O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.vrsnTs", "1.8.16.1621:16:57"); O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - Bing O69 - SBI: SearchScopes [HKCU] {82878AFC-F2EA-4c6c-B7A5-3A88173F38E2} - (Yahoo) - http://fr.search.yahoo.com O69 - SBI: SearchScopes [HKCU] {8BF1F355-39FB-4b2f-806B-E6A77B5EAE62} - (Bing) - Bing O69 - SBI: SearchScopes [HKCU] {9D01D9E3-7995-4978-B94C-7A98B56BB981} - (Google) - Google ~ Keys: Scanned in 00mn 00s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.CB3E384669AFFF4B240DA79C0EBD0F42] [sPRF][26/04/2013] (...) -- C:\ProgramData\NTUser.dat [262144] [MD5.B28C334C03CEE7C5E829C43AE75DAE5A] [sPRF][28/01/2013] (.Ask.com - AskIC Dynamic Link Library.) -- C:\Users\berna\AppData\Local\Temp\AskSLib.dll [248008] [MD5.AE1545E3CD5C72B1EC1118C404262484] [sPRF][26/04/2013] (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller 11.7 r700.) -- C:\Users\*****\AppData\Local\Temp\fp_pl_pfs_installer-1.exe [17605512] [MD5.AE1545E3CD5C72B1EC1118C404262484] [sPRF][26/04/2013] (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller 11.7 r700.) -- C:\Users\*****\AppData\Local\Temp\fp_pl_pfs_installer.exe [17605512] [MD5.D7270C0373D3441A3D6F56F11B6C55DA] [sPRF][05/05/2013] (.Ellora Assets Corporation - Freemake Music Box Setup.) -- C:\Users\*****\AppData\Local\Temp\FreemakeMusicBox_0.9.8.4.exe [15217368] [MD5.EBC39C4725C0E32C4ED7CE1050E32CBD] [sPRF][05/05/2013] (.Ellora Assets Corporation - Freemake Video Downloader Setup.) -- C:\Users\*****\AppData\Local\Temp\FreemakeVideoDownloader_3.5.0.7.exe [12143456] [MD5.43C35081CE0AC367267C5916AB25A817] [sPRF][05/05/2013] (...) -- C:\Users\****\AppData\Local\Temp\vlc-2.0.6-win32.exe [22948790] [MD5.2E04F070F2EDC7C2D29B3A4EDC7E45DE] [sPRF][26/10/2010] (.Pinnacle Systems, Inc. - Pinnacle Studio.) -- C:\Users\****\AppData\Local\Temp\Welcome.exe [247120] [MD5.FBAB280D0CAC5E21C72F0A1A7B5B9608] [sPRF][24/05/2006] (.Macrovision Corporation - Setup.exe.) -- C:\Users\****\AppData\Local\Temp\_is494F.exe [455600] [MD5.A95866BA166A09E360BB88DA72D4531D] [sPRF][14/05/2013] (...) -- C:\Users\****\Desktop\AdwCleaner.exe [628743] [MD5.E8D3E34FFDAF21DF7C09CBBBA5763237] [sPRF][14/05/2013] (.ESET - ESET Smart Installer.) -- C:\Users\****\Desktop\esetsmartinstaller_enu.exe [2347384] [MD5.D0C602EB6A1D3B650E0FCE20478DB972] [sPRF][14/05/2013] (.Pas de propriétaire - Suppression fichiers temporaires.) -- C:\Users\****\Desktop\SFT.exe [845503] ~ Files: Scanned in 00mn 01s ---\\ Scan Additionnel (O88) Database Version : v2.12091 - (13/05/2013) Clés trouvées (Keys found) : 144 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 6 Fichiers trouvés (Files found) : 2 [HKLM\Software\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}] =>Adware.SocialSkinz [HKLM\Software\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}] =>Adware.SocialSkinz [HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster [HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster [HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster [HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster [HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade [HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade [HKLM\Software\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}] =>Adware.SocialSkinz [HKLM\Software\Wow6432Node\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}] =>Adware.SocialSkinz [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EF25F71D-F3E8-42A3-8B5A-DBF83C4B942F}] =>Toolbar.Splashtop [HKLM\Software\Classes\Installer\Features\D17F52FE8E3F3A24B8A5BD8FC3B449F2] =>Toolbar.Splashtop [HKLM\Software\Classes\Installer\Products\D17F52FE8E3F3A24B8A5BD8FC3B449F2] =>Toolbar.Splashtop [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D17F52FE8E3F3A24B8A5BD8FC3B449F2] =>Toolbar.Splashtop [HKLM\Software\Wow6432Node\Classes\Installer\Features\D17F52FE8E3F3A24B8A5BD8FC3B449F2] =>Toolbar.Splashtop [HKLM\Software\Wow6432Node\Classes\Installer\Products\D17F52FE8E3F3A24B8A5BD8FC3B449F2] =>Toolbar.Splashtop [HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade [HKLM\Software\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz [HKLM\Software\Wow6432Node\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz [HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}] =>Adware.IMBooster [HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade [HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>Toolbar.Babylon [HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade [HKLM\Software\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}] =>Hijacker.Seeearch [HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade [HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}] =>Adware.IMBooster [HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade [HKLM\Software\Classes\AppID\escorteng.dll] =>Toolbar.Babylon [HKLM\Software\Classes\AppID\esrv.EXE] =>Toolbar.Babylon [HKLM\Software\Classes\AppID\TbCommonUtils.DLL] =>Toolbar.Agent [HKLM\Software\Classes\AppID\TbHelper.EXE] =>Toolbar.Agent [HKLM\Software\Classes\S] =>Toolbar.Agent [HKLM\Software\Classes\TbCommonUtils.CommonUtils] =>Toolbar.Agent [HKLM\Software\Classes\TbCommonUtils.CommonUtils.1] =>Toolbar.Agent [HKCU\Software\DataMngr] =>Adware.Bandoo [HKLM\Software\Wow6432Node\DataMngr] =>Adware.Bandoo [HKCU\Software\Iminent] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster [HKCU\Software\OfferBox] =>PUP.OfferBox [HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32] =>Adware.Bandoo [HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS] =>Adware.Bandoo [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP] =>Adware.IMBooster [HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}] =>Toolbar.Agent [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}] =>Toolbar.Agent [HKLM\SYSTEM\CurrentControlSet\Services\SCBackService] =>Toolbar.Agent [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings] =>PUP.BProtector [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>Toolbar.Agent [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}] =>Toolbar.DeltaSearch [HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch [HKLM\Software\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch [HKLM\Software\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}] =>Toolbar.DeltaSearch [HKLM\Software\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}] =>Toolbar.DeltaSearch [HKLM\Software\Wow6432Node\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}] =>Toolbar.DeltaSearch [HKLM\Software\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}] =>Toolbar.DeltaSearch [HKLM\Software\Classes\AppID\ESRV.EXE] =>Adware.Facemoods [HKLM\Software\Classes\esrv.deltaESrvc] =>toolbar.DeltaSearch [HKLM\Software\Classes\esrv.deltaESrvc.1] =>toolbar.DeltaSearch [HKLM\Software\Classes\AppID\escortEng.DLL] =>PUP.Funmoods [HKLM\Software\Wow6432Node\Classes\esrv.deltaESrvc] =>toolbar.DeltaSearch [HKLM\Software\Wow6432Node\Classes\esrv.deltaESrvc.1] =>toolbar.DeltaSearch [HKLM\Software\Wow6432Node\Classes\AppID\escortEng.DLL] =>PUP.Funmoods [HKLM\Software\Wow6432Node\Classes\AppID\TbHelper.EXE] =>Toolbar.Agent C:\Program Files (x86)\Iminent =>Adware.IMBooster C:\ProgramData\Babylon =>Toolbar.Babylon C:\ProgramData\BrowserProtect =>Hijacker.Eazel C:\Users\*****\AppData\Roaming\Babylon =>Toolbar.Babylon C:\Users\*****\AppData\Roaming\OpenCandy =>Adware.OpenCandy C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\i51li9ld.default\Extensions\ffxtlbr@delta.com =>PUP.Funmoods C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\i51li9ld.default\bprotector_extensions.sqlite =>PUP.BProtector C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\i51li9ld.default\bprotector_prefs.js =>PUP.BProtector ~ Additionnel Scan: 331366 Items scanned in 00mn 13s ---\\ Random Export Key (O91) [HKCU\Software\5828cdcb23bb942] =>Toolbar.Babylon^ [HKCU\Software\5828cdcb23bb942]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" [HKCU\Software\5828cdcb23bb942]:version="2.6.1249.132" [HKLM\Software\Wow6432Node\5828cdcb23bb942] =>Toolbar.Babylon^ [HKLM\Software\Wow6432Node\5828cdcb23bb942]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" [HKLM\Software\Wow6432Node\5828cdcb23bb942]:version="2.6.1249.132" ~ Export Key Software: Scanned in 00mn 00s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 11/07/2012 140672 | (!SASCORE) . (.SUPERAntiSpyware.com.) - C:\Program Files\SUPERAntiSpyware\SASCORE64.exe SS - | Demand 06/05/2013 250808 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe SR - | Auto 26/04/2013 657120 | (AntiVirFirewallService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe SR - | Auto 13/05/2013 371768 | (AntiVirMailService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe SR - | Auto 26/04/2013 86752 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe SR - | Auto 26/04/2013 110816 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe SR - | Auto 13/05/2013 562744 | (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.exe SR - | Auto 21/12/2012 57008 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SR - | Auto 2787280 | (BrowserProtect) . (...) - C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe =>Toolbar.Babylon SR - | Auto 01/04/2013 101376 | (Freemake Improver) . (.Freemake.) - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe SR - | Auto 01/04/2013 9216 | (FreemakeVideoCapture) . (.Ellora Assets Corp..) - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe SS - | Auto 27/04/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 27/04/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SR - | Auto 08/12/2011 607456 | (Intel® Capability Licensing Service Interface) . (.Intel® Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe SR - | Demand 20/02/2013 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe SR - | Auto 16/12/2011 161560 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe SR - | Auto 16/12/2011 277784 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe SS - | Demand 10/04/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe SR - | Auto 15/03/2013 877856 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SR - | Auto 15/03/2013 1266464 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe SR - | Auto 390672 | (RichVideo64) . (...) - C:\Program Files\CyberLink\Shared files\RichVideo64.exe SR - | Auto 15/11/2010 477000 | (SCBackService) . (.Splashtop Inc..) - C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe SR - | Auto 15/03/2012 370504 | (SSUService) . (.Splashtop Inc..) - C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe SR - | Auto 14/03/2013 383264 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe SR - | Auto 16/12/2011 363800 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe SR - | Auto 10/01/2012 27760 | (VIAKaraokeService) . (.VIA Technologies, Inc..) - C:\Windows\System32\viakaraokesrv.exe SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Demand 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 00s ~ 966 Legitimates filtered by white list End of the scan (630 lines in 01mn 58s)(0)