[Résolu] Nouveau PC apparemment infecté

[Elicia789]

Bonjour,

En premier lieu, je voudrais préciser que je n'ai pas l'habitude de régler mes soucis de pc moi-même en général c'était un ami qui me guidait et m'aider à le faire(via vos conseils) c'est pour cela que je vous demanderais par avance un peu d'indulgence si parfois je ne comprends pas de suite les démarches à effectuer si cela est trop technique.

Mon pc est nouveau (à peine 3 semaines) avec une configuration plus que raisonnable. Sauf que depuis presque une semaine je connais de plus en plus souvent des ralentissements et même maintenant il crash avec pour message que ma mémoire serait saturée (hors j'ai encore environ 650 GO de dispo) et contenu de son âge cela me semble peu probable. Ma connection net est de plus en plus difficile voir parfois impossible. Il me semble que mamachine est déjà infectée. Pourriez-vous m'aider ?

 

 

voici le rapport ZHPDIAG

Rapport de ZHPDiag v2013.5.13.114 par Nicolas Coolman, Update du 13/05/2013

Run by ***** at 14/05/2013 17:34:07

State : Version à jour.

WhiteList : Enable

High Elevated Privileges : OK

UAC : Deactivate by program

 

 

---\\ Web Browser

MSIE: Internet Explorer v10.0.9200.16540

MFIE: Mozilla Firefox 20.0.1 (Defaut)

GCIE: Google Chrome v26.0.1410.64

 

---\\ Windows Product Information

~ Langage: Français

Windows 7 Business Edition, 64-bit Service Pack 1 (Build 7601)

Windows Server License Manager Script : OK

~ Windows® 7, OEM_COA_NSLP channel

Windows ID Activation : OK

~ Windows Partial Key : WV6YR

Windows License : OK

~ Windows Remaining Initializations Number : 3

Software Protection Service (Protection logicielle) : OK

Windows Automatic Updates : OK

Windows Activation Technologies : OK

 

---\\ System Protection

Malwarebytes Anti-Malware version 1.75.0.1300

SUPERAntiSpyware v5.6.1014

Windows Defender W7

 

---\\ System Optimizer

 

---\\ Peer To Peer (P2P)

 

---\\ Software Update

Adobe Flash Player 11 Plugin

 

---\\ System Information

~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel

~ Operating System: 64 Bits

Boot mode: Normal (Normal boot)

Total RAM: 8154 MB (72% free)

System Restore: Activé (Enable)

System drive C: has 653 GB (70%) free of 931 GB

 

---\\ Logged in mode

~ Computer Name:

~ User Name:

~ All Users Names: UpdatusUser, Administrateur,

~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89

Logged in as Administrator

 

---\\ Environnement Variables

~ System Unit : C:\

~ %AppData% : C:\Users\b****\AppData\Roaming\

~ %Desktop% : C:\Users\b****\Desktop\

~ %Favorites% : C:\Users\b****\Favorites\

~ %LocalAppData% : C:\Users\****\AppData\Local\

~ %StartMenu% : C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\

~ %Windir% : C:\Windows\

~ %System% : C:\Windows\System32\

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 653 Go of 931 Go)

D:\ CD-ROM drive (Not Inserted)

 

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified

~ Security Center: 27 Legitimates Filtered in 00mn 00s

 

 

 

---\\ Recherche particulière de fichiers génériques

[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]

[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]

[MD5.753C0848AE7872A3F59663078A517293] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.27/04/2013 - 16:26:20.) -- C:\Windows\System32\wininet.dll [2240512]

[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]

[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]

[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]

[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]

[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]

[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]

[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]

[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]

[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]

[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]

[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]

[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]

[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]

[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]

[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]

[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 04:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]

[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]

[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]

[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]

~ Generic Processes: Scanned in 00mn 00s

 

 

 

---\\ Etat des fichiers cachés (Caché/Total)

~ Mes images (My Pictures) : 1/1228

~ Mes musiques (My Musics) : 1/616

~ Mes Videos (My Videos) : 1/19

~ Mes Favoris (My Favorites) : 1/29

~ Mes Documents (My Documents) : 1/63969

~ Mon Bureau (My Desktop) : 1/10

~ Menu demarrer (Programs) : 1/28

~ Hidden Files: Scanned in 00mn 30s

 

 

 

---\\ Processus lancés

[MD5.D9C8DC2D7EC28E3FF25C99EF17C8631A] - (...) -- C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2787280] [PID.2080] =>Toolbar.Babylon

[MD5.E7D75EC4BBD08FF5B16F875BA4EA810D] - (.Splashtop Inc. - Splashtop Connect ZyngaGames Agent..) -- C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe [841544] [PID.2560] =>Toolbar.Zynga

[MD5.4D241A6A8F6BA9FA32FF836551FFDCEA] - (.Intel Corporation - Intel® USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608] [PID.2620]

[MD5.FF6AE53ADF70281EE3591955277C90B4] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345312] [PID.2648]

[MD5.8E2A7F1F62467A7DCB8AB2C0642F47CA] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.2708]

[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.3220]

[MD5.6F5386A655598F71BAAB2D6B63A69D6A] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [920472] [PID.4384]

[MD5.F834B06933E51E2266DC4858A0E9DD98] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [17304] [PID.2424]

[MD5.D719477489E4EF1B987E5525D608F2A5] - (.Adobe Systems, Inc. - Adobe Flash Player 11.7 r700.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe [1855880] [PID.4728]

[MD5.8DEA9B1919CD66DD2B4D4B8C13B335EC] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7335424] [PID.4848]

[MD5.81F177C1954453AF407604160BD149CB] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [383264] [PID.904]

[MD5.D762433B2E23C0F8085980CEE6267ACD] - (.Avira Operations GmbH & Co. KG - Avira Scheduler.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86752] [PID.1480]

[MD5.CD3E1FB3013C4EB958EA863B78E1AEE0] - (.Avira Operations GmbH & Co. KG - Avira Firewall Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe [657120] [PID.1936]

[MD5.748E78BDA2994279C40BCB1B0FE6FB25] - (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110816] [PID.1968]

[MD5.4FE5C6D40664AE07BE5105874357D2ED] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [57008] [PID.2040]

[MD5.D279A1DB5B38B6464BF0ED4D0BA0E50E] - (.Freemake - FreemakeUtilsService.) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101376] [PID.2288]

[MD5.25E8ED6FC3820B59CE602BA4D4C1D01E] - (.Ellora Assets Corp. - CaptureLibService.) -- C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216] [PID.2668]

[MD5.166FC0B36842135BC2D3C32DF70ED0D6] - (.Intel Corporation - Intel® Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560] [PID.1044]

[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.2460]

[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.3108]

[MD5.8475E746EB72D04F1015E6F091F50E09] - (.Splashtop Inc. - Splashtop Connect Back Service..) -- C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe [477000] [PID.3212]

[MD5.1CFA4A1F3C7BB4C8F299E00428EB8677] - (.Splashtop Inc. - Splashtop Software Updater Service.) -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [370504] [PID.3244] =>Adware.IncrediBar

[MD5.C42B5CFD183DCC3A1116C6B4ABB8B69C] - (.Avira Operations GmbH & Co. KG - Avira MailGuard Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [371768] [PID.3996]

[MD5.C56BA6666999BF91C4A9EC61415F906C] - (.Avira Operations GmbH & Co. KG - Avira WebGuard Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.exe [562744] [PID.4024]

[MD5.C56E64BA70DC822B84D100A6F8D690D3] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [277784] [PID.5952]

[MD5.B7C53DA1C73FF39F4A6248643EFD979A] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1266464] [PID.6024]

[MD5.0F9E1BC7E2BEA1A4108EC9736CF0C2D9] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [363800] [PID.4436]

~ Processes Running: Scanned in 00mn 00s

 

 

 

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)

C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Preferences

~ Google Browser: 0 Legitimates Filtered in 00mn 00s

 

 

 

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\i51li9ld.default\prefs.js

C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\i51li9ld.default\user.js

M3 - MFPP: Plugins - [*****] -- C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\i51li9ld.default\searchplugins\babylon.xml =>Toolbar.Babylon

M3 - MFPP: Plugins - [*****] -- C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\i51li9ld.default\searchplugins\BrowserProtect.xml =>Toolbar.Babylon

M3 - MFPP: Plugins - [*****] -- C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\i51li9ld.default\searchplugins\delta.xml

M0 - MFSP: prefs.js [****] - i51li9ld.default] Delta Search =>Toolbar.DeltaSearch

M2 - MFEP: prefs.js [****] - i51li9ld.default\ffxtlbr@delta.com] [] Delta Toolbar v1.5.0 (..)

M2 - MFEP: prefs.js [****] - i51li9ld.default\{166daec2-af51-4e22-85c2-0ea1a9c65be4}] [] Wallpaper Rotator v1.9 (..)

M2 - MFEP: prefs.js [****] - i51li9ld.default\{7c6cdf7c-8ea8-4be7-ae5a-0b3effe14d66}] [] Facebook Photo Zoom v0.4 (..)

~ Firefox Browser: 20 Legitimates Filtered in 00mn 00s

 

 

 

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:splashtopconnect

R3 - URLSearchHook: Splashtop Connect SearchHook [64Bits] - {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} . (.Splashtop Inc. - Addressbar search extention..) (2.0.5.1) -- C:\Program Files (x86)\Splashtop\Splashtop Connect IE\AddressBarSearch.dll

~ IE Browser: 15 Legitimates Filtered in 00mn 00s

 

 

 

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

~ Proxy management: Scanned in 00mn 00s

 

 

 

---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs

F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: Shell=C:\Windows\explorer.exe

F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe

~ Keys: Scanned in 00mn 00s

 

 

 

---\\ Redirection du fichier Hosts (O1)

~ Le fichier hosts est sain (The hosts file is clean).

~ Hosts File: Scanned in 00mn 00s

~ Nombre de lignes (Lines number): 21

 

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: Splashtop Connect VisualBookmark [64Bits] - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} . (.Splashtop Inc. - Splashtop Connect IE Extension..) -- C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll

~ BHO: 1 Legitimates Filtered in 00mn 00s

 

 

 

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe

O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKCU\..\Run: [AdobeBridge] Clé orpheline

O4 - HKCU\..\Run: [sUPERAntiSpyware] . (.SUPERAntiSpyware.com - SUPERAntiSpyware Application.) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKLM\..\Wow6432Node\Run: [ZyngaGamesAgent] . (.Splashtop Inc. - Splashtop Connect ZyngaGames Agent..) -- C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe =>Toolbar.Zynga

O4 - HKLM\..\Wow6432Node\Run: [sTCAgent] . (.Splashtop Inc. - Splashtop Connect IE Agent..) -- C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe

O4 - HKLM\..\Wow6432Node\Run: [HDAudDeck] . (.VIA - VIA HD Audio CPL.) -- C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe

O4 - HKLM\..\Wow6432Node\Run: [uSB3MON] . (.Intel Corporation - Intel® USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

O4 - HKLM\..\Wow6432Node\Run: [AdobeCS6ServiceManager] . (.Adobe Systems Incorporated - Adobe CS6 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe

O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe

O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

O4 - HKUS\S-1-5-21-1906736058-3776518062-3006771716-1001\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-21-1906736058-3776518062-3006771716-1001\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

~ Application: Scanned in 00mn 00s

 

 

 

---\\ Autres liens utilisateurs (O4)

O4 - GS\TaskBar: Adobe After Effects CS6.lnk . (.Adobe Systems Incorporated - Adobe After Effects CS6.) -- C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\AfterFX.exe

O4 - GS\TaskBar: Adobe Dreamweaver CS6.lnk . (.Adobe Systems, Inc. - Adobe Dreamweaver CS6.) -- C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe

O4 - GS\TaskBar: Adobe Fireworks CS6.lnk . (.Adobe Systems Incorporated - Adobe Fireworks CS6.) -- C:\Program Files (x86)\Adobe\Adobe Fireworks CS6\Fireworks.exe

O4 - GS\TaskBar: Adobe Flash Professional CS6.lnk . (.Adobe Systems Incorporated. - Adobe Flash CS6.) -- C:\Program Files (x86)\Adobe\Adobe Flash CS6\Flash.exe

O4 - GS\TaskBar: Adobe Illustrator CS6 (64 Bit).lnk . (.Adobe Systems Inc. - Adobe Illustrator CS6.) -- C:\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\Illustrator.exe

O4 - GS\TaskBar: Adobe InDesign CS6.lnk . (.Adobe Systems Incorporated - Adobe InDesign CS6.) -- C:\Program Files (x86)\Adobe\Adobe InDesign CS6\InDesign.exe

O4 - GS\TaskBar: Adobe Photoshop CS6 (64 Bit).lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CS6.) -- C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe

O4 - GS\TaskBar: Adobe Premiere Pro CS6.lnk . (.Adobe Systems, Incorporated - Adobe Premiere Pro CS6.) -- C:\Program Files\Adobe\Adobe Premiere Pro CS6\Adobe Premiere Pro.exe

O4 - GS\TaskBar: CyberLink MediaEspresso 6.7.lnk . (.CyberLink Corp. - CyberLink MediaEspresso Main Program.) -- C:\Program Files (x86)\Cyberlink\MediaEspresso\MediaEspresso.exe

O4 - GS\TaskBar: CyberLink PowerDirector 11 (64-bit).lnk . (.CyberLink Corp. - PowerDirector 11.) -- C:\Program Files\CyberLink\PowerDirector11\PDR11.exe

O4 - GS\TaskBar: Games.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe Splashtop Gaming

O4 - GS\TaskBar: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - GS\TaskBar: iTunes.lnk . (.Apple Inc. - iTunes.) -- C:\Program Files (x86)\iTunes\iTunes.exe

O4 - GS\TaskBar: Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

O4 - GS\TaskBar: Microsoft Office Access 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\accicons.exe

O4 - GS\TaskBar: Microsoft Office Excel 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe

O4 - GS\TaskBar: Microsoft Office Outlook 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe

O4 - GS\TaskBar: Microsoft Office PowerPoint 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe

O4 - GS\TaskBar: Microsoft Office Publisher 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pubs.exe

O4 - GS\TaskBar: Microsoft Office Word 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe

O4 - GS\TaskBar: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O4 - GS\TaskBar: Pinnacle Studio 15.lnk . (.Pinnacle Systems - Studio program file.) -- C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe

O4 - GS\TaskBar: QuickTime Player.lnk . (.Apple Inc. - QuickTime Player.) -- C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe

O4 - GS\TaskBar: WaveEditor.lnk . (.Cyberlink - Cyberlink WaveEditor.) -- C:\Program Files (x86)\Cyberlink\WaveEditor\WaveEditor.exe

O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe

O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe

O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - GS\Programs: Social Games.lnk - Clé orpheline

O4 - GS\QuickLaunch: BitTorrent.lnk . (.BitTorrent Inc. - BitTorrent.) -- C:\Users\*****\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent

O4 - GS\QuickLaunch: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - GS\QuickLaunch: Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\Windows\system32\eudcedit.exe

O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe

~ Global Startup: Scanned in 00mn 01s

 

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{DE429923-4561-46B5-9FA3-0133BF3322A5}: DhcpNameServer = ***.***.*.***

O17 - HKLM\System\CS1\Services\Tcpip\..\{DE429923-4561-46B5-9FA3-0133BF3322A5}: DhcpNameServer = ***.***.*.***

O17 - HKLM\System\CS2\Services\Tcpip\..\{DE429923-4561-46B5-9FA3-0133BF3322A5}: DhcpNameServer = ***.***.*.***

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = ***.***.*.***

~ Domain: Scanned in 00mn 00s

 

 

 

---\\ Protocole additionnel (O18)

O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll

~ Protocole Additionnel: Scanned in 00mn 00s

 

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: BrowserProtect (BrowserProtect) . (...) - C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe =>Toolbar.Babylon

O23 - Service: Splashtop Connect Service (SCBackService) . (.Splashtop Inc. - Splashtop Connect Back Service..) - C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe

O23 - Service: Splashtop Software Updater Service (SSUService) . (.Splashtop Inc. - Splashtop Software Updater Service.) - C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe =>Adware.IncrediBar

O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) . (.VIA Technologies, Inc. - Service binary.) - C:\Windows\System32\viakaraokesrv.exe

~ Services: 25 Legitimates Filtered in 00mn 09s

 

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: Delta toolbar - (.Delta.) [HKLM][64Bits] -- delta

~ Logic: 95 Legitimates Filtered in 00mn 00s

 

 

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\5828cdcb23bb942]

[HKCU\Software\Cheddar]

[HKCU\Software\DataMngr] =>PUP.Datamngr

[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr

[HKCU\Software\Delta]

[HKCU\Software\Iminent] =>Adware.IMBooster

[HKCU\Software\OfferBox] =>PUP.OfferBox

[HKLM\Software\Wow6432Node\5828cdcb23bb942]

[HKLM\Software\Wow6432Node\Babylon] =>Toolbar.Babylon

[HKLM\Software\Wow6432Node\DataMngr] =>PUP.Datamngr

[HKLM\Software\Wow6432Node\Delta]

[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster

~ Key Software: 172 Legitimates Filtered in 00mn 00s

 

 

 

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 05/05/2013 - 21:14:55 - [1,494] ----D C:\Program Files (x86)\Delta

O43 - CFD: 14/05/2013 - 17:11:24 - [0,663] ----D C:\Program Files (x86)\Iminent =>Adware.IMBooster

O43 - CFD: 05/05/2013 - 21:14:40 - [0] ----D C:\ProgramData\Babylon =>Toolbar.Babylon

O43 - CFD: 05/05/2013 - 21:15:44 - [7,805] ----D C:\ProgramData\BrowserProtect =>Toolbar.Babylon

O43 - CFD: 05/05/2013 - 21:14:40 - [0,018] ----D C:\Users\****\AppData\Roaming\Babylon =>Toolbar.Babylon

O43 - CFD: 05/05/2013 - 21:14:55 - [0,259] ----D C:\Users\****\AppData\Roaming\Delta

O43 - CFD: 05/05/2013 - 21:16:32 - [124,666] ----D C:\Users\****\AppData\Roaming\OpenCandy =>Adware.OpenCandy

O43 - CFD: 28/04/2013 - 16:04:36 - [0,001] --H-D C:\Users\****\AppData\Local\qJu93WnM2ARE8

O43 - CFD: 05/05/2013 - 21:16:13 - [0,001] ----D C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect =>Toolbar.Babylon

~ Program Folder: 160 Legitimates Filtered in 00mn 30s

 

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.5B1A4A14AC6DDADFDA5ECE8D728DFFB7] - 02/05/2013 - 23:56:32 ---A- . (...) -- C:\Windows\msxml4-KB973688-enu.LOG [286846]

O44 - LFC:[MD5.9DD85DFE0345821E3AF09BB2FC156C29] - 02/05/2013 - 23:56:21 ---A- . (...) -- C:\Windows\msxml4-KB954430-enu.LOG [290638]

~ Files: 21 Legitimates Filtered in 00mn 21s

 

 

 

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

~ MWPS: 16 Legitimates Filtered in 00mn 00s

 

 

 

---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1

~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s

 

 

 

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]

~ Drivers: Scanned in 00mn 00s

 

 

 

---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

~ ADS: Scanned in 00mn 00s

 

 

 

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

~ Keys: Scanned in 00mn 00s

 

 

 

---\\ Search Browser Infection (O69)

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.admin", false);

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.aflt", "babsst");

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.autoRvrt", "false");

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.dfltLng", "en");

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.excTlbr", false);

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.ffxUnstlRst", true);

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.id", "34b567e3000000000000902b343711f9");

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.instlDay", "15830");

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.instlRef", "sst");

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.newTab", false);

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.prdct", "delta");

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.prtnrId", "delta");

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.rvrt", "false");

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.smplGrp", "none");

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.tlbrId", "base");

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.tlbrSrchUrl", "");

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.vrsn", "1.8.16.16");

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.vrsni", "1.8.16.16");

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.vrsnTs", "1.8.16.1621:16:57");

O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - Bing

O69 - SBI: SearchScopes [HKCU] {82878AFC-F2EA-4c6c-B7A5-3A88173F38E2} - (Yahoo) - http://fr.search.yahoo.com

O69 - SBI: SearchScopes [HKCU] {8BF1F355-39FB-4b2f-806B-E6A77B5EAE62} - (Bing) - Bing

O69 - SBI: SearchScopes [HKCU] {9D01D9E3-7995-4978-B94C-7A98B56BB981} - (Google) - Google

~ Keys: Scanned in 00mn 00s

 

 

 

---\\ Recherche particuliere à la racine de certains dossiers (O84)

[MD5.CB3E384669AFFF4B240DA79C0EBD0F42] [sPRF][26/04/2013] (...) -- C:\ProgramData\NTUser.dat [262144]

[MD5.B28C334C03CEE7C5E829C43AE75DAE5A] [sPRF][28/01/2013] (.Ask.com - AskIC Dynamic Link Library.) -- C:\Users\berna\AppData\Local\Temp\AskSLib.dll [248008]

[MD5.AE1545E3CD5C72B1EC1118C404262484] [sPRF][26/04/2013] (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller 11.7 r700.) -- C:\Users\*****\AppData\Local\Temp\fp_pl_pfs_installer-1.exe [17605512]

[MD5.AE1545E3CD5C72B1EC1118C404262484] [sPRF][26/04/2013] (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller 11.7 r700.) -- C:\Users\*****\AppData\Local\Temp\fp_pl_pfs_installer.exe [17605512]

[MD5.D7270C0373D3441A3D6F56F11B6C55DA] [sPRF][05/05/2013] (.Ellora Assets Corporation - Freemake Music Box Setup.) -- C:\Users\*****\AppData\Local\Temp\FreemakeMusicBox_0.9.8.4.exe [15217368]

[MD5.EBC39C4725C0E32C4ED7CE1050E32CBD] [sPRF][05/05/2013] (.Ellora Assets Corporation - Freemake Video Downloader Setup.) -- C:\Users\*****\AppData\Local\Temp\FreemakeVideoDownloader_3.5.0.7.exe [12143456]

[MD5.43C35081CE0AC367267C5916AB25A817] [sPRF][05/05/2013] (...) -- C:\Users\****\AppData\Local\Temp\vlc-2.0.6-win32.exe [22948790]

[MD5.2E04F070F2EDC7C2D29B3A4EDC7E45DE] [sPRF][26/10/2010] (.Pinnacle Systems, Inc. - Pinnacle Studio.) -- C:\Users\****\AppData\Local\Temp\Welcome.exe [247120]

[MD5.FBAB280D0CAC5E21C72F0A1A7B5B9608] [sPRF][24/05/2006] (.Macrovision Corporation - Setup.exe.) -- C:\Users\****\AppData\Local\Temp\_is494F.exe [455600]

[MD5.A95866BA166A09E360BB88DA72D4531D] [sPRF][14/05/2013] (...) -- C:\Users\****\Desktop\AdwCleaner.exe [628743]

[MD5.E8D3E34FFDAF21DF7C09CBBBA5763237] [sPRF][14/05/2013] (.ESET - ESET Smart Installer.) -- C:\Users\****\Desktop\esetsmartinstaller_enu.exe [2347384]

[MD5.D0C602EB6A1D3B650E0FCE20478DB972] [sPRF][14/05/2013] (.Pas de propriétaire - Suppression fichiers temporaires.) -- C:\Users\****\Desktop\SFT.exe [845503]

~ Files: Scanned in 00mn 01s

 

 

 

---\\ Scan Additionnel (O88)

Database Version : v2.12091 - (13/05/2013)

Clés trouvées (Keys found) : 144

Valeurs trouvées (Values found) : 0

Dossiers trouvés (Folders found) : 6

Fichiers trouvés (Files found) : 2

 

[HKLM\Software\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}] =>Adware.SocialSkinz

[HKLM\Software\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}] =>Adware.SocialSkinz

[HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster

[HKLM\Software\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster

[HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster

[HKLM\Software\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster

[HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster

[HKLM\Software\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster

[HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster

[HKLM\Software\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster

[HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade

[HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade

[HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade

[HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade

[HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}] =>PUP.RewardsArcade

[HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade

[HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade

[HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade

[HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade

[HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade

[HKLM\Software\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}] =>Adware.SocialSkinz

[HKLM\Software\Wow6432Node\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}] =>Adware.SocialSkinz

[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EF25F71D-F3E8-42A3-8B5A-DBF83C4B942F}] =>Toolbar.Splashtop

[HKLM\Software\Classes\Installer\Features\D17F52FE8E3F3A24B8A5BD8FC3B449F2] =>Toolbar.Splashtop

[HKLM\Software\Classes\Installer\Products\D17F52FE8E3F3A24B8A5BD8FC3B449F2] =>Toolbar.Splashtop

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D17F52FE8E3F3A24B8A5BD8FC3B449F2] =>Toolbar.Splashtop

[HKLM\Software\Wow6432Node\Classes\Installer\Features\D17F52FE8E3F3A24B8A5BD8FC3B449F2] =>Toolbar.Splashtop

[HKLM\Software\Wow6432Node\Classes\Installer\Products\D17F52FE8E3F3A24B8A5BD8FC3B449F2] =>Toolbar.Splashtop

[HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade

[HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade

[HKLM\Software\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz

[HKLM\Software\Wow6432Node\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz

[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz

[HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}] =>Adware.IMBooster

[HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade

[HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade

[HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade

[HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade

[HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade

[HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade

[HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade

[HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade

[HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade

[HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade

[HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade

[HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade

[HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>Toolbar.Babylon

[HKLM\Software\Wow6432Node\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>Toolbar.Babylon

[HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade

[HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade

[HKLM\Software\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}] =>Hijacker.Seeearch

[HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade

[HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade

[HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade

[HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade

[HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade

[HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade

[HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}] =>PUP.RewardsArcade

[HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade

[HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}] =>Adware.IMBooster

[HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade

[HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade

[HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade

[HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade

[HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade

[HKLM\Software\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade

[HKLM\Software\Classes\AppID\escorteng.dll] =>Toolbar.Babylon

[HKLM\Software\Classes\AppID\esrv.EXE] =>Toolbar.Babylon

[HKLM\Software\Classes\AppID\TbCommonUtils.DLL] =>Toolbar.Agent

[HKLM\Software\Classes\AppID\TbHelper.EXE] =>Toolbar.Agent

[HKLM\Software\Classes\S] =>Toolbar.Agent

[HKLM\Software\Classes\TbCommonUtils.CommonUtils] =>Toolbar.Agent

[HKLM\Software\Classes\TbCommonUtils.CommonUtils.1] =>Toolbar.Agent

[HKCU\Software\DataMngr] =>Adware.Bandoo

[HKLM\Software\Wow6432Node\DataMngr] =>Adware.Bandoo

[HKCU\Software\Iminent] =>Adware.IMBooster

[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster

[HKCU\Software\OfferBox] =>PUP.OfferBox

[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32] =>Adware.Bandoo

[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS] =>Adware.Bandoo

[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP] =>Adware.IMBooster

[HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}] =>Toolbar.Agent

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}] =>Toolbar.Agent

[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}] =>Toolbar.Agent

[HKLM\SYSTEM\CurrentControlSet\Services\SCBackService] =>Toolbar.Agent

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings] =>PUP.BProtector

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>Toolbar.Agent

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>Toolbar.Agent

[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}] =>Toolbar.DeltaSearch

[HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch

[HKLM\Software\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch

[HKLM\Software\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}] =>Toolbar.DeltaSearch

[HKLM\Software\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}] =>Toolbar.DeltaSearch

[HKLM\Software\Wow6432Node\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}] =>Toolbar.DeltaSearch

[HKLM\Software\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}] =>Toolbar.DeltaSearch

[HKLM\Software\Classes\AppID\ESRV.EXE] =>Adware.Facemoods

[HKLM\Software\Classes\esrv.deltaESrvc] =>toolbar.DeltaSearch

[HKLM\Software\Classes\esrv.deltaESrvc.1] =>toolbar.DeltaSearch

[HKLM\Software\Classes\AppID\escortEng.DLL] =>PUP.Funmoods

[HKLM\Software\Wow6432Node\Classes\esrv.deltaESrvc] =>toolbar.DeltaSearch

[HKLM\Software\Wow6432Node\Classes\esrv.deltaESrvc.1] =>toolbar.DeltaSearch

[HKLM\Software\Wow6432Node\Classes\AppID\escortEng.DLL] =>PUP.Funmoods

[HKLM\Software\Wow6432Node\Classes\AppID\TbHelper.EXE] =>Toolbar.Agent

C:\Program Files (x86)\Iminent =>Adware.IMBooster

C:\ProgramData\Babylon =>Toolbar.Babylon

C:\ProgramData\BrowserProtect =>Hijacker.Eazel

C:\Users\*****\AppData\Roaming\Babylon =>Toolbar.Babylon

C:\Users\*****\AppData\Roaming\OpenCandy =>Adware.OpenCandy

C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\i51li9ld.default\Extensions\ffxtlbr@delta.com =>PUP.Funmoods

C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\i51li9ld.default\bprotector_extensions.sqlite =>PUP.BProtector

C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\i51li9ld.default\bprotector_prefs.js =>PUP.BProtector

~ Additionnel Scan: 331366 Items scanned in 00mn 13s

 

 

 

---\\ Random Export Key (O91)

[HKCU\Software\5828cdcb23bb942] =>Toolbar.Babylon^

[HKCU\Software\5828cdcb23bb942]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"

[HKCU\Software\5828cdcb23bb942]:version="2.6.1249.132"

[HKLM\Software\Wow6432Node\5828cdcb23bb942] =>Toolbar.Babylon^

[HKLM\Software\Wow6432Node\5828cdcb23bb942]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"

[HKLM\Software\Wow6432Node\5828cdcb23bb942]:version="2.6.1249.132"

~ Export Key Software: Scanned in 00mn 00s

 

 

 

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 11/07/2012 140672 | (!SASCORE) . (.SUPERAntiSpyware.com.) - C:\Program Files\SUPERAntiSpyware\SASCORE64.exe

SS - | Demand 06/05/2013 250808 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

SR - | Auto 26/04/2013 657120 | (AntiVirFirewallService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe

SR - | Auto 13/05/2013 371768 | (AntiVirMailService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe

SR - | Auto 26/04/2013 86752 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

SR - | Auto 26/04/2013 110816 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

SR - | Auto 13/05/2013 562744 | (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.exe

SR - | Auto 21/12/2012 57008 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe

SR - | Auto 2787280 | (BrowserProtect) . (...) - C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe =>Toolbar.Babylon

SR - | Auto 01/04/2013 101376 | (Freemake Improver) . (.Freemake.) - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

SR - | Auto 01/04/2013 9216 | (FreemakeVideoCapture) . (.Ellora Assets Corp..) - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe

SS - | Auto 27/04/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SS - | Demand 27/04/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SR - | Auto 08/12/2011 607456 | (Intel® Capability Licensing Service Interface) . (.Intel® Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe

SR - | Demand 20/02/2013 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe

SR - | Auto 16/12/2011 161560 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

SR - | Auto 16/12/2011 277784 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

SS - | Demand 10/04/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

SR - | Auto 15/03/2013 877856 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe

SR - | Auto 15/03/2013 1266464 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

SR - | Auto 390672 | (RichVideo64) . (...) - C:\Program Files\CyberLink\Shared files\RichVideo64.exe

SR - | Auto 15/11/2010 477000 | (SCBackService) . (.Splashtop Inc..) - C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe

SR - | Auto 15/03/2012 370504 | (SSUService) . (.Splashtop Inc..) - C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe

SR - | Auto 14/03/2013 383264 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

SR - | Auto 16/12/2011 363800 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

SR - | Auto 10/01/2012 27760 | (VIAKaraokeService) . (.VIA Technologies, Inc..) - C:\Windows\System32\viakaraokesrv.exe

SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Demand 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe

SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 00s

 

 

 

~ 966 Legitimates filtered by white list

End of the scan (630 lines in 01mn 58s)(0)

Modifié le 16 mai 2013 par Elicia789

[bernard53]

Bonsoir

ok ceci s.t.p

 

* Copie le tout le texte présent dans l'encadré ci-dessous (tu le sélectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C)

[MD5.D9C8DC2D7EC28E3FF25C99EF17C8631A] - (...) -- C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2787280] [PID.2080] => Infection PUP (Hijacker.Eazel)*

M3 - MFPP: Plugins - [*****] -- C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\i51li9ld.default\searchplugins\BrowserProtect.xml => Infection PUP (Hijacker.Eazel)*

O23 - Service: BrowserProtect (BrowserProtect) . (...) - C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe => Infection PUP (Hijacker.Eazel)*

[HKCU\Software\DataMngr] => Infection PUP (PUP.BearShare)*

[HKCU\Software\DataMngr_Toolbar] => Infection PUP (PUP.BearShare)*

[HKCU\Software\Iminent] => Infection PUP (Adware.IMBooster)*

[HKCU\Software\OfferBox] => Infection PUP (PUP.OfferBox)*

[HKLM\Software\Wow6432Node\Babylon] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Wow6432Node\DataMngr] => Infection PUP (PUP.BearShare)*

[HKLM\Software\Wow6432Node\Iminent] => Infection PUP (Adware.IMBooster)*

O43 - CFD: 14/05/2013 - 17:11:24 - [0,663] ----D C:\Program Files (x86)\Iminent => Infection PUP (Adware.IMBooster)*

O43 - CFD: 05/05/2013 - 21:14:40 - [0] ----D C:\ProgramData\Babylon => Infection BT (Toolbar.Babylon)

O43 - CFD: 05/05/2013 - 21:15:44 - [7,805] ----D C:\ProgramData\BrowserProtect => Infection PUP (Hijacker.Eazel)*

O43 - CFD: 05/05/2013 - 21:14:40 - [0,018] ----D C:\Users\****\AppData\Roaming\Babylon => Infection BT (Toolbar.Babylon)

O43 - CFD: 05/05/2013 - 21:16:32 - [124,666] ----D C:\Users\****\AppData\Roaming\OpenCandy => Infection PUP (Adware.OpenCandy)*

O43 - CFD: 05/05/2013 - 21:16:13 - [0,001] ----D C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect => Infection PUP (Hijacker.Eazel)*

[HKLM\Software\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}] => Infection BT (Adware.SocialSkinz)

[HKLM\Software\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}] => Infection BT (Adware.SocialSkinz)

[HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] => Infection BT (Adware.IMBooster)

[HKLM\Software\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] => Infection BT (Adware.IMBooster)

[HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] => Infection BT (Adware.IMBooster)

[HKLM\Software\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] => Infection BT (Adware.IMBooster)

[HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] => Infection BT (Adware.IMBooster)

[HKLM\Software\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] => Infection BT (Adware.IMBooster)

[HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] => Infection BT (Adware.IMBooster)

[HKLM\Software\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] => Infection BT (Adware.IMBooster)

[HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}] => Infection BT (Adware.SocialSkinz)

[HKLM\Software\Wow6432Node\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}] => Infection BT (Adware.SocialSkinz)

[HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] => Infection BT (Adware.SocialSkinz)

[HKLM\Software\Wow6432Node\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] => Infection BT (Adware.SocialSkinz)

[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] => Infection BT (Adware.SocialSkinz)

[HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}] => Infection BT (Adware.IMBooster)

[HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] => Infection PUP (Adware.Funmoods)

[HKLM\Software\Wow6432Node\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] => Infection PUP (Adware.Funmoods)

[HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}] => Infection BT (Hijacker.Seeearch)

[HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}] => Infection BT (Adware.IMBooster)

[HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\AppID\escorteng.dll] => Infection PUP (PUP.Funmoods)*

[HKLM\Software\Classes\AppID\esrv.EXE] => Infection PUP (PUP.Funmoods)

[HKCU\Software\DataMngr] => Infection PUP (PUP.BearShare)*

[HKLM\Software\Wow6432Node\DataMngr] => Infection PUP (PUP.BearShare)*

[HKCU\Software\Iminent] => Infection PUP (Adware.IMBooster)*

[HKLM\Software\Wow6432Node\Iminent] => Infection PUP (Adware.IMBooster)*

[HKCU\Software\OfferBox] => Infection PUP (PUP.OfferBox)*

[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32] => Infection PUP (Adware.IMBooster)*

[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS] => Infection PUP (Adware.IMBooster)*

[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP] => Infection PUP (Adware.IMBooster)*

[HKLM\Software\Classes\Prod.cap] => Infection PUP (Toolbar.Babylon)

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings] => Infection PUP (PUP.BProtector)

[HKLM\Software\Classes\AppID\ESRV.EXE] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Classes\AppID\escortEng.DLL] => Infection PUP (PUP.Funmoods)*

[HKLM\Software\Wow6432Node\Classes\AppID\escortEng.DLL] => Infection PUP (PUP.Funmoods)*

C:\Program Files (x86)\Iminent => Infection PUP (Adware.IMBooster)*

C:\ProgramData\Babylon => Infection BT (Toolbar.Babylon)

C:\ProgramData\BrowserProtect => Infection PUP (Hijacker.Eazel)*

C:\Users\*****\AppData\Roaming\Babylon => Infection BT (Toolbar.Babylon)

C:\Users\*****\AppData\Roaming\OpenCandy => Infection PUP (Adware.OpenCandy)*

C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\i51li9ld.default\bprotector_extensions.sqlite => Infection PUP (PUP.BProtector)*

C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\i51li9ld.default\bprotector_prefs.js => Infection PUP (PUP.BProtector)*

[HKCU\Software\5828cdcb23bb942]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" => Infection PUP (Toolbar.Babylon)

[HKLM\Software\Wow6432Node\5828cdcb23bb942]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" => Infection PUP (Toolbar.Babylon)

SR - | Auto 2787280 | (BrowserProtect) . (...) - C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe => Infection PUP (Hijacker.Eazel)*

M3 - MFPP: Plugins - [*****] -- C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\i51li9ld.default\searchplugins\delta.xml => Toolbar.DeltaSearch

M0 - MFSP: prefs.js [****] - i51li9ld.default] Delta Search => Toolbar.DeltaSearch

M2 - MFEP: prefs.js [****] - i51li9ld.default\ffxtlbr@delta.com] [] Delta Toolbar v1.5.0 (..)

R3 - URLSearchHook: Splashtop Connect SearchHook [64Bits] - {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} . (.Splashtop Inc. - Addressbar search extention..) (2.0.5.1) -- C:\Program Files (x86)\Splashtop\Splashtop Connect IE\AddressBarSearch.dll

O2 - BHO: Splashtop Connect VisualBookmark [64Bits] - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} . (.Splashtop Inc. - Splashtop Connect IE Extension..) -- C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll

O4 - HKLM\..\Wow6432Node\Run: [ZyngaGamesAgent] . (.Splashtop Inc. - Splashtop Connect ZyngaGames Agent..) -- C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe

O4 - HKLM\..\Wow6432Node\Run: [sTCAgent] . (.Splashtop Inc. - Splashtop Connect IE Agent..) -- C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe

O23 - Service: Splashtop Connect Service (SCBackService) . (.Splashtop Inc. - Splashtop Connect Back Service..) - C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe

O23 - Service: Splashtop Software Updater Service (SSUService) . (.Splashtop Inc. - Splashtop Software Updater Service.) - C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe

O42 - Logiciel: Delta toolbar - (.Delta.) [HKLM][64Bits] -- delta => Toolbar.DeltaSearch

[MD5.B28C334C03CEE7C5E829C43AE75DAE5A] [sPRF][28/01/2013] (.Ask.com - AskIC Dynamic Link Library.) -- C:\Users\berna\AppData\Local\Temp\AskSLib.dll [248008]

[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EF25F71D-F3E8-42A3-8B5A-DBF83C4B942F}]

[HKLM\Software\Classes\Installer\Features\D17F52FE8E3F3A24B8A5BD8FC3B449F2]

[HKLM\Software\Classes\Installer\Products\D17F52FE8E3F3A24B8A5BD8FC3B449F2]

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D17F52FE8E3F3A24B8A5BD8FC3B449F2]

[HKLM\Software\Wow6432Node\Classes\Installer\Features\D17F52FE8E3F3A24B8A5BD8FC3B449F2]

[HKLM\Software\Wow6432Node\Classes\Installer\Products\D17F52FE8E3F3A24B8A5BD8FC3B449F2]

[HKLM\Software\Classes\AppID\TbCommonUtils.DLL] => Toolbar.Agent

[HKLM\Software\Classes\AppID\TbHelper.EXE] => Toolbar.Agent*

[HKLM\Software\Classes\S] => Toolbar.Agent

[HKLM\Software\Classes\TbCommonUtils.CommonUtils] => Toolbar.Agent

[HKLM\Software\Classes\TbCommonUtils.CommonUtils.1] => Toolbar.Agent

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}] => Toolbar.Agent

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}] => Toolbar.Agent

[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}] => Toolbar.Agent

[HKLM\SYSTEM\CurrentControlSet\Services\SCBackService] => Toolbar.Splashtop

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] => Toolbar.Agent

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] => Toolbar.Agent

[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}] => Toolbar.DeltaSearch

[HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] => Toolbar.DeltaSearch

[HKLM\Software\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] => Toolbar.DeltaSearch

[HKLM\Software\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}] => Toolbar.DeltaSearch

[HKLM\Software\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}] => Toolbar.DeltaSearch

[HKLM\Software\Wow6432Node\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}] => Toolbar.DeltaSearch

[HKLM\Software\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}] => Toolbar.DeltaSearch

[HKLM\Software\Classes\esrv.deltaESrvc] => Toolbar.DeltaSearch

[HKLM\Software\Classes\esrv.deltaESrvc.1] => Toolbar.DeltaSearch

[HKLM\Software\Wow6432Node\Classes\AppID\TbHelper.EXE] => Toolbar.Agent*

SR - | Auto 15/11/2010 477000 | (SCBackService) . (.Splashtop Inc..) - C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe

SR - | Auto 15/03/2012 370504 | (SSUService) . (.Splashtop Inc..) - C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe

M3 - MFPP: Plugins - [*****] -- C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\i51li9ld.default\searchplugins\babylon.xml

O43 - CFD: 28/04/2013 - 16:04:36 - [0,001] --H-D C:\Users\****\AppData\Local\qJu93WnM2ARE8

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.admin", false);

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.aflt", "babsst");

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.autoRvrt", "false");

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.dfltLng", "en");

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.excTlbr", false);

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.ffxUnstlRst", true);

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.id", "34b567e3000000000000902b343711f9");

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.instlDay", "15830");

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.instlRef", "sst");

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.newTab", false);

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.prdct", "delta");

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.prtnrId", "delta");

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.rvrt", "false");

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.smplGrp", "none");

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.tlbrId", "base");

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.tlbrSrchUrl", "");

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.vrsn", "1.8.16.16");

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.vrsni", "1.8.16.16");

O69 - SBI: prefs.js [***** - i51li9ld.default] user_pref("extensions.delta.vrsnTs", "1.8.16.1621:16:57");

[HKLM\Software\Wow6432Node\Classes\esrv.deltaESrvc]

[HKLM\Software\Wow6432Node\Classes\esrv.deltaESrvc.1]

C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\i51li9ld.default\Extensions\ffxtlbr@delta.com

 

FirewallRaz

EmptyFlash

Emptytemp

SysRestore

 

 

Puis Lance ZHPFix depuis le raccourci du bureau.

 

-> laisse travailler l'outil et ne touche à rien ...

 

Une fois terminée, un nouveau rapport s'affiche : copie/colle le contenu de ce dernier dans ta prochaine réponse ...

 

(ce rapport est en outre sauvegardé dans ce dossier > C:\Program files\ZHPDiag\ZHPFixReport.txt)

 

Important : s'il t'est demandé de redémarrer le PC pour finir le nettoyage, fais le de suite !

 

 

Ensuite:Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.

 

http://general-changelog-team.fr/telechargements/logiciels/viewdownload/75-outils-de-xplode/28-adwcleaner

 

 

 

- Lances le en mode normal , puis cliques sur [suppression]

- Lorsque le message indiquant qu'AdwCleaner a détecté une variante spécifique d'adware s'affiche , cliquez sur [OK]

 

- L'ordinateur va redémarrer tout seul. Redémarre-le en mode normal.

- AdwCleaner s'ouvrira normalement, avec comme seul choix possible [suppression]

 

- Cliquez dessus, puis patientes pendant la suppression.

- Une fois la suppression effectuée, AdwCleaner vous invitera à redémarrer l'ordinateur

 

- Au redémarrage, un rapport s'ouvrira. Postes le sur le forum.

 

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[s1].txt

[pear]

Bonjour,

 

C'est beaucoup trop de saletés en peu de temps.

A l'avenir , vous devriez être plus méfiante.

 

 

1)Télécharger AdwCleaner

Sous Vista et Windows 7-> Exécuter en tant qu'administrateur

 

Cliquez sur Recherche et postez le rapport généré C:\AdwCleaner[R1].txt

Afin de ne pas fausser les rapports,Recherche et Suppression ne doivent être lancés qu'une seule fois

NettoyageA faire sans délai

Relancez AdwCleaner avec droits administrateur

Cliquez sur Suppression et postez le rapport C:\AdwCleaner[s1].txt

 

2)Télécharger Junkware Removal Tool de thisisu

OS:Windows XP/Vista/7/8

Utilisable sur systèmes 32-bits et 64-bits

 

Clquez sur Jrt.exe avec droits administrateur.

Si votre antvirus râle,Vous le signalez comme acceptable dans les exceptions de votre antivirus

 

Une fenêtre noire s'ouvre qui vous dit de cliquer une touche pour lancer le scan.

 

L'outil va prendre quelques minutes pour fouiller votre machine.

Patientez jusqu'à l'apparition de Jrt.txt dont vous posterez le contenu.

 

3)Téléchargez MBAM

Avant de lancer Mbam

Vous devez d'abord désactiver vos protections mais vous ne savez pas comment faire

Cliquer ici

Branchez tous les supports amovibles avant de faire ce scan (clé usb/disque dur externe etc)

Exécuter avec droits d'administrateur.

Sous Vista , désactiver l'Uac

 

Double cliquez sur l'icône Download_mbam-setup.exe pour lancer le processus d'installation.

Enregistrez le sur le bureau .

Fermer toutes les fenêtres et programmes

Suivez les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet)

N'apportez aucune modification aux réglages par défaut et, en fin d'installation,

Vérifiez que les options Update/Mises à jour et Launch/Exécuter soient cochées

 

MBAM démarrera automatiquement et enverra un message demandant de mettre à jour le programme avant de lancer une analyse.

cliquer sur OK pour fermer la boîte de dialogue..

Dans l'onglet "mise à jour", cliquez sur le bouton Recherche de mise à jour:

Si le pare-feu demande l'autorisation de connecter MBAM, acceptez

 

Une fois la mise à jour terminée, allez dans l'onglet Recherche.

 

Sélectionnez "Exécuter un examen complet"

Cliquez sur "Rechercher"

.L' analyse prendra un certain temps, soyez patient !

A la fin , un message affichera :

L'examen s'est terminé normalement.

Et un fichier Mbam.log apparaitra

 

 

Sélectionnez tout et cliquez sur Supprimer la sélection ,

MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

puis ouvrir le Bloc-notes et y copier le rapport d'analyse qui peut être retrouvé sous l'onglet Rapports/logs.

Copiez-collez ce rapport dans la prochaine réponse.

 

4)Nouveau Zhpdiag

 

Double-cliquer sur ZHPDiag.exe pour installer l'outil

Sur le bureau ,il devrait y avoir 3 icônes

 

Sous XP, double clic sur l'icône ZhpDiag

Sous Vista/7, faire un clic droit et Exécuter en tant qu'administrateur

 

 

Cliquez sur le bouton

en haut, à droite et choisissez Tous

Pour éviter un blocage, décochez 045 et 061

 

Clic sur la Loupe en haut, à gauche pour lancer le scan

Postez le rapport ZhpDiag.txt qui apparait sur le bureau

 

Comment poster les rapports

Cliquez sur ce bouton en haut, à droite

Appuyez sur Parcourir et chercher le rapport ,

Cliquer sur Envoyer

>> dans la page suivante -->

Cliquer Pjjoint Uploader ,,

une adresse http//.. sera créée

Copier /coller cette adresse dans votre prochain message.

[Elicia789]

Bonsoir

ok ceci s.t.p

 

* Copie le tout le texte présent dans l'encadré ci-dessous (tu le sélectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C)

 

 

Puis Lance ZHPFix depuis le raccourci du bureau.

 

-> laisse travailler l'outil et ne touche à rien ...

 

Une fois terminée, un nouveau rapport s'affiche : copie/colle le contenu de ce dernier dans ta prochaine réponse ...

 

(ce rapport est en outre sauvegardé dans ce dossier > C:\Program files\ZHPDiag\ZHPFixReport.txt)

 

Important : s'il t'est demandé de redémarrer le PC pour finir le nettoyage, fais le de suite !

 

 

Ensuite:Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.

 

Téléchargements - Outils de Xplode - AdwCleaner

 

 

 

- Lances le en mode normal , puis cliques sur [suppression]

- Lorsque le message indiquant qu'AdwCleaner a détecté une variante spécifique d'adware s'affiche , cliquez sur [OK]

 

- L'ordinateur va redémarrer tout seul. Redémarre-le en mode normal.

- AdwCleaner s'ouvrira normalement, avec comme seul choix possible [suppression]

 

- Cliquez dessus, puis patientes pendant la suppression.

- Une fois la suppression effectuée, AdwCleaner vous invitera à redémarrer l'ordinateur

 

- Au redémarrage, un rapport s'ouvrira. Postes le sur le forum.

 

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[s1].txt

 

Bonsoir un grand merci de votre aide, par contre je vois que j'ai deux interlocuteurs différents, cela devient un peu compliqué, que dois je faire ?

je vous poste les deux rapports que vous m'avez demandé de vous faire parvenir

 

Rapport de ZHPFix 2013.5.11.1 par Nicolas Coolman, Update du 11/05/2013

Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-14-05-2013-18-54-15.txt

Run by berna at 14/05/2013 18:54:15

High Elevated Privileges : OK

Windows 7 Business Edition, 64-bit Service Pack 1 (Build 7601)

 

Corbeille vidée

 

========== Logiciel(s) ==========

ABSENT Software Key: delta

 

========== Processus mémoire ==========

SUPPRIME Reboot Memory Process: C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe

 

========== Clé(s) du Registre ==========

ABSENT Key: Service: BrowserProtect

ABSENT Key: HKCU\Software\DataMngr

ABSENT Key: HKCU\Software\DataMngr_Toolbar

ABSENT Key: HKCU\Software\Iminent

ABSENT Key: HKCU\Software\OfferBox

ABSENT Key: HKLM\Software\Wow6432Node\Babylon

ABSENT Key: HKLM\Software\Wow6432Node\DataMngr

ABSENT Key: HKLM\Software\Wow6432Node\Iminent

ABSENT Key: HKLM\Software\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}

ABSENT Key: HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}

ABSENT Key: HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}

ABSENT Key: HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}

ABSENT Key: HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}

ABSENT Key: HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}

ABSENT Key: HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}

ABSENT Key: HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}

ABSENT Key: HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}

ABSENT Key: HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}

ABSENT Key: HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}

ABSENT Key: HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}

ABSENT Key: HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}

ABSENT Key: HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}

ABSENT Key: HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}

ABSENT Key: HKLM\Software\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}

ABSENT Key: HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}

ABSENT Key: HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}

ABSENT Key: HKLM\Software\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}

ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}

ABSENT Key: HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}

ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}

ABSENT Key: HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}

ABSENT Key: HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}

ABSENT Key: HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}

ABSENT Key: HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}

ABSENT Key: HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}

ABSENT Key: HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}

ABSENT Key: HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}

ABSENT Key: HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}

ABSENT Key: HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}

ABSENT Key: HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}

ABSENT Key: HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}

ABSENT Key: HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}

ABSENT Key: HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}

ABSENT Key: HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}

ABSENT Key: HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}

ABSENT Key: HKLM\Software\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}

ABSENT Key: HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}

ABSENT Key: HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}

ABSENT Key: HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}

ABSENT Key: HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}

ABSENT Key: HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}

ABSENT Key: HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}

ABSENT Key: HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}

ABSENT Key: HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}

ABSENT Key: HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}

ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}

ABSENT Key: HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}

ABSENT Key: HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}

ABSENT Key: HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}

ABSENT Key: HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}

ABSENT Key: HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}

ABSENT Key: HKLM\Software\Classes\AppID\escorteng.dll

ABSENT Key: HKLM\Software\Classes\AppID\esrv.EXE

ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32

ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS

ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP

ABSENT Key: HKLM\Software\Classes\Prod.cap

ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings

ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\escortEng.DLL

ABSENT Key: CLSID BHO: {0E5680D1-BF44-4929-94AF-FD30D784AD1D}

ABSENT Key: Service: SCBackService

ABSENT Key: Service: SSUService

ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EF25F71D-F3E8-42A3-8B5A-DBF83C4B942F}

ABSENT Key: HKLM\Software\Classes\Installer\Features\D17F52FE8E3F3A24B8A5BD8FC3B449F2

ABSENT Key: HKLM\Software\Classes\Installer\Products\D17F52FE8E3F3A24B8A5BD8FC3B449F2

ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D17F52FE8E3F3A24B8A5BD8FC3B449F2

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Installer\Features\D17F52FE8E3F3A24B8A5BD8FC3B449F2

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Installer\Products\D17F52FE8E3F3A24B8A5BD8FC3B449F2

ABSENT Key: HKLM\Software\Classes\AppID\TbCommonUtils.DLL

ABSENT Key: HKLM\Software\Classes\AppID\TbHelper.EXE

ABSENT Key: HKLM\Software\Classes\S

ABSENT Key: HKLM\Software\Classes\TbCommonUtils.CommonUtils

ABSENT Key: HKLM\Software\Classes\TbCommonUtils.CommonUtils.1

ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}

ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}

ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}

ABSENT Key: HKLM\SYSTEM\CurrentControlSet\Services\SCBackService

ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375

ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5

ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}

ABSENT Key: HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

ABSENT Key: HKLM\Software\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}

ABSENT Key: HKLM\Software\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}

ABSENT Key: HKLM\Software\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}

ABSENT Key: HKLM\Software\Classes\esrv.deltaESrvc

ABSENT Key: HKLM\Software\Classes\esrv.deltaESrvc.1

ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\TbHelper.EXE

ABSENT Key: HKLM\Software\Wow6432Node\Classes\esrv.deltaESrvc

ABSENT Key: HKLM\Software\Wow6432Node\Classes\esrv.deltaESrvc.1

 

========== Valeur(s) du Registre ==========

ABSENT [HKCU\Software\5828cdcb23bb942]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"

ABSENT [HKLM\Software\Wow6432Node\5828cdcb23bb942]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"

ABSENT URLSearchHook: {0F3DC9E0-C459-4a40-BCF8-747BD9322E10}

ABSENT RunValue: ZyngaGamesAgent

ABSENT RunValue: STCAgent

ABSENT Valeur Standard Profile: FirewallRaz :

ABSENT Valeur Domain Profile: FirewallRaz :

 

========== Préférences navigateur ==========

ABSENT Mozilla Pref: - i51li9ld.default] Delta Search

ABSENT \prefs.js

SUPPRIME Mozilla Pref: user_pref("extensions.delta.admin", false);

SUPPRIME Mozilla Pref: user_pref("extensions.delta.aflt", "babsst");

SUPPRIME Mozilla Pref: user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");

SUPPRIME Mozilla Pref: user_pref("extensions.delta.autoRvrt", "false");

SUPPRIME Mozilla Pref: user_pref("extensions.delta.dfltLng", "en");

SUPPRIME Mozilla Pref: user_pref("extensions.delta.excTlbr", false);

SUPPRIME Mozilla Pref: user_pref("extensions.delta.ffxUnstlRst", true);

SUPPRIME Mozilla Pref: user_pref("extensions.delta.id", "34b567e3000000000000902b343711f9");

SUPPRIME Mozilla Pref: user_pref("extensions.delta.instlDay", "15830");

SUPPRIME Mozilla Pref: user_pref("extensions.delta.instlRef", "sst");

SUPPRIME Mozilla Pref: user_pref("extensions.delta.newTab", false);

SUPPRIME Mozilla Pref: user_pref("extensions.delta.prdct", "delta");

SUPPRIME Mozilla Pref: user_pref("extensions.delta.prtnrId", "delta");

SUPPRIME Mozilla Pref: user_pref("extensions.delta.rvrt", "false");

SUPPRIME Mozilla Pref: user_pref("extensions.delta.smplGrp", "none");

SUPPRIME Mozilla Pref: user_pref("extensions.delta.tlbrId", "base");

SUPPRIME Mozilla Pref: user_pref("extensions.delta.tlbrSrchUrl", "");

SUPPRIME Mozilla Pref: user_pref("extensions.delta.vrsn", "1.8.16.16");

SUPPRIME Mozilla Pref: user_pref("extensions.delta.vrsni", "1.8.16.16");

SUPPRIME Mozilla Pref: user_pref("extensions.delta.vrsnTs", "1.8.16.1621:16:57");

 

========== Dossier(s) ==========

ABSENT C:\Program Files (x86)\Iminent

ABSENT C:\ProgramData\Babylon

SUPPRIME Reboot Folder**: C:\ProgramData\BrowserProtect

ABSENT C:\Users\****\AppData\Roaming\Babylon

ABSENT C:\Users\****\AppData\Roaming\OpenCandy

ABSENT C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect

ABSENT C:\Users\****\AppData\Local\qJu93WnM2ARE8

SUPPRIME Flash Cookies

SUPPRIME Temporaires Windows

 

========== Fichier(s) ==========

ABSENT File: c:\users\****\appdata\roaming\mozilla\firefox\profiles\i51li9ld.default\searchplugins\browserprotect.xml

SUPPRIME Reboot c:\programdata\browserprotect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.exe

ABSENT Folder/File: c:\program files (x86)\iminent

ABSENT Folder/File: c:\programdata\babylon

ABSENT Folder/File: c:\users\*****\appdata\roaming\babylon

ABSENT Folder/File: c:\users\*****\appdata\roaming\opencandy

ABSENT Folder/File: c:\users\*****\appdata\roaming\mozilla\firefox\profiles\i51li9ld.default\bprotector_extensions.sqlite

ABSENT Folder/File: c:\users\*****\appdata\roaming\mozilla\firefox\profiles\i51li9ld.default\bprotector_prefs.js

ABSENT File: c:\users\*****\appdata\roaming\mozilla\firefox\profiles\i51li9ld.default\searchplugins\delta.xml

ABSENT File: c:\program files (x86)\splashtop\splashtop connect ie\addressbarsearch.dll

SUPPRIME Reboot c:\program files (x86)\splashtop\splashtop connect\zyngagamesagent.exe

ABSENT Folder/File: c:\users\berna\appdata\local\temp\askslib.dll

ABSENT File: c:\users\*****\appdata\roaming\mozilla\firefox\profiles\i51li9ld.default\searchplugins\babylon.xml

ABSENT Folder/File: c:\users\*****\appdata\roaming\mozilla\firefox\profiles\i51li9ld.default\extensions\ffxtlbr@delta.com

SUPPRIME Flash Cookies

SUPPRIME Temporaires Windows

 

========== Restauration Système ==========

Point de restauration du système créé avec succès

 

 

========== Récapitulatif ==========

1 : Processus mémoire

148 : Clé(s) du Registre

7 : Valeur(s) du Registre

9 : Dossier(s)

16 : Fichier(s)

1 : Logiciel(s)

22 : Préférences navigateur

1 : Restauration Système

 

# AdwCleaner v2.300 - Rapport créé le 14/05/2013 à 18:57:53

# Mis à jour le 28/04/2013 par Xplode

# Système d'exploitation : Windows 7 Professional Service Pack 1 (64 bits)

# Nom d'utilisateur : -

# Mode de démarrage : Normal

# Exécuté depuis : C:\Users\*****\Desktop\AdwCleaner.exe

# Option [suppression]

 

 

***** [services] *****

 

 

***** [Fichiers / Dossiers] *****

 

Dossier Supprimé : C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl

Fichier Supprimé : C:\Users\berna\AppData\Roaming\Mozilla\Firefox\Profiles\i51li9ld.default\searchplugins\Babylon.xml

Supprimé au redémarrage : C:\ProgramData\BrowserProtect

 

***** [Registre] *****

 

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\5828cdcb23bb942

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}

 

***** [Navigateurs] *****

 

-\\ Internet Explorer v10.0.9200.16537

 

[OK] Le registre ne contient aucune entrée illégitime.

 

-\\ Mozilla Firefox v20.0.1 (fr)

 

Fichier : C:\Users\berna\AppData\Roaming\Mozilla\Firefox\Profiles\i51li9ld.default\prefs.js

 

C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\i51li9ld.default\user.js ... Supprimé !

 

Supprimée : user_pref("extensions.delta.admin", false);

Supprimée : user_pref("extensions.delta.aflt", "babsst");

Supprimée : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");

Supprimée : user_pref("extensions.delta.autoRvrt", "false");

Supprimée : user_pref("extensions.delta.dfltLng", "en");

Supprimée : user_pref("extensions.delta.excTlbr", false);

Supprimée : user_pref("extensions.delta.ffxUnstlRst", true);

Supprimée : user_pref("extensions.delta.id", "34b567e3000000000000902b343711f9");

Supprimée : user_pref("extensions.delta.instlDay", "15830");

Supprimée : user_pref("extensions.delta.instlRef", "sst");

Supprimée : user_pref("extensions.delta.newTab", false);

Supprimée : user_pref("extensions.delta.prdct", "delta");

Supprimée : user_pref("extensions.delta.prtnrId", "delta");

Supprimée : user_pref("extensions.delta.rvrt", "false");

Supprimée : user_pref("extensions.delta.smplGrp", "none");

Supprimée : user_pref("extensions.delta.tlbrId", "base");

Supprimée : user_pref("extensions.delta.tlbrSrchUrl", "");

Supprimée : user_pref("extensions.delta.vrsn", "1.8.16.16");

Supprimée : user_pref("extensions.delta.vrsnTs", "1.8.16.1621:16:57");

Supprimée : user_pref("extensions.delta.vrsni", "1.8.16.16");

 

-\\ Google Chrome v26.0.1410.64

 

Fichier : C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

[OK] Le fichier ne contient aucune entrée illégitime.

 

*************************

 

AdwCleaner[s1].txt - [3005 octets] - [14/05/2013 18:57:53]

 

########## EOF - C:\AdwCleaner[s1].txt - [3065 octets] ##########

[Elicia789]

Bonjour,

 

C'est beaucoup trop de saletés en peu de temps.

A l'avenir , vous devriez être plus méfiante.

 

 

1)Télécharger AdwCleaner

Sous Vista et Windows 7-> Exécuter en tant qu'administrateur

 

Cliquez sur Recherche et postez le rapport généré C:\AdwCleaner[R1].txt

Afin de ne pas fausser les rapports,Recherche et Suppression ne doivent être lancés qu'une seule fois

NettoyageA faire sans délai

Relancez AdwCleaner avec droits administrateur

Cliquez sur Suppression et postez le rapport C:\AdwCleaner[s1].txt

 

2)Télécharger Junkware Removal Tool de thisisu

OS:Windows XP/Vista/7/8

Utilisable sur systèmes 32-bits et 64-bits

 

Clquez sur Jrt.exe avec droits administrateur.

Si votre antvirus râle,Vous le signalez comme acceptable dans les exceptions de votre antivirus

 

Une fenêtre noire s'ouvre qui vous dit de cliquer une touche pour lancer le scan.

 

L'outil va prendre quelques minutes pour fouiller votre machine.

Patientez jusqu'à l'apparition de Jrt.txt dont vous posterez le contenu.

 

3)Téléchargez MBAM

Avant de lancer Mbam

Vous devez d'abord désactiver vos protections mais vous ne savez pas comment faire

Cliquer ici

Branchez tous les supports amovibles avant de faire ce scan (clé usb/disque dur externe etc)

Exécuter avec droits d'administrateur.

Sous Vista , désactiver l'Uac

 

Double cliquez sur l'icône Download_mbam-setup.exe pour lancer le processus d'installation.

Enregistrez le sur le bureau .

Fermer toutes les fenêtres et programmes

Suivez les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet)

N'apportez aucune modification aux réglages par défaut et, en fin d'installation,

Vérifiez que les options Update/Mises à jour et Launch/Exécuter soient cochées

 

MBAM démarrera automatiquement et enverra un message demandant de mettre à jour le programme avant de lancer une analyse.

cliquer sur OK pour fermer la boîte de dialogue..

Dans l'onglet "mise à jour", cliquez sur le bouton Recherche de mise à jour:

Si le pare-feu demande l'autorisation de connecter MBAM, acceptez

 

Une fois la mise à jour terminée, allez dans l'onglet Recherche.

 

Sélectionnez "Exécuter un examen complet"

Cliquez sur "Rechercher"

.L' analyse prendra un certain temps, soyez patient !

A la fin , un message affichera :

L'examen s'est terminé normalement.

Et un fichier Mbam.log apparaitra

 

 

Sélectionnez tout et cliquez sur Supprimer la sélection ,

MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

puis ouvrir le Bloc-notes et y copier le rapport d'analyse qui peut être retrouvé sous l'onglet Rapports/logs.

Copiez-collez ce rapport dans la prochaine réponse.

 

4)Nouveau Zhpdiag

 

Double-cliquer sur ZHPDiag.exe pour installer l'outil

Sur le bureau ,il devrait y avoir 3 icônes

 

Sous XP, double clic sur l'icône ZhpDiag

Sous Vista/7, faire un clic droit et Exécuter en tant qu'administrateur

 

 

Cliquez sur le bouton

en haut, à droite et choisissez Tous

Pour éviter un blocage, décochez 045 et 061

 

Clic sur la Loupe en haut, à gauche pour lancer le scan

Postez le rapport ZhpDiag.txt qui apparait sur le bureau

 

Comment poster les rapports

Cliquez sur ce bouton en haut, à droite

Appuyez sur Parcourir et chercher le rapport ,

Cliquer sur Envoyer

>> dans la page suivante -->

Cliquer Pjjoint Uploader ,,

une adresse http//.. sera créée

Copier /coller cette adresse dans votre prochain message.

 

 

Je vous remercie pour votre aide et oui je pense que je vais devoir être beaucoup plus vigilante. Dès que j'ai terminé toutes vos procédures, je vous envoie les rapports que vous m'avez demandé.

[pear]

Que Bernard veuille bien m'excuser, je ne l'avais pas vu.

Il a priorité et donc je me retire.

[bernard53]

Pas de soucis pear

Elicia789 dis moi quand tu auras fait mes demandes s.t.p

[Elicia789]

Pas de soucis pear

Elicia789 dis moi quand tu auras fait mes demandes s.t.p

 

 

Bonjour Bernard,

 

voici les rapports que vous m'aviez demandé de vous faire parvenir (ZHPFix & AdwCleaner) . En revanche, une petite question, dans ce que vous m'avez demandé de copié/collé il y'avait des asterix (dans certains chemins d'accès) que j'avais mis moi-même dans mon 1er rapport pour cacher pour le nom d'utilisateur de mon pc. Est ce que cela pourrais engendrer des soucis dans les procédures à suivre ?

 

Rapport de ZHPFix 2013.5.11.1 par Nicolas Coolman, Update du 11/05/2013

Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-14-05-2013-18-54-15.txt

Run by ***** at 14/05/2013 18:54:15

High Elevated Privileges : OK

Windows 7 Business Edition, 64-bit Service Pack 1 (Build 7601)

 

Corbeille vidée

 

========== Logiciel(s) ==========

ABSENT Software Key: delta

 

========== Processus mémoire ==========

SUPPRIME Reboot Memory Process: C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe

 

========== Clé(s) du Registre ==========

ABSENT Key: Service: BrowserProtect

ABSENT Key: HKCU\Software\DataMngr

ABSENT Key: HKCU\Software\DataMngr_Toolbar

ABSENT Key: HKCU\Software\Iminent

ABSENT Key: HKCU\Software\OfferBox

ABSENT Key: HKLM\Software\Wow6432Node\Babylon

ABSENT Key: HKLM\Software\Wow6432Node\DataMngr

ABSENT Key: HKLM\Software\Wow6432Node\Iminent

ABSENT Key: HKLM\Software\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}

ABSENT Key: HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}

ABSENT Key: HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}

ABSENT Key: HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}

ABSENT Key: HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}

ABSENT Key: HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}

ABSENT Key: HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}

ABSENT Key: HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}

ABSENT Key: HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}

ABSENT Key: HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}

ABSENT Key: HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}

ABSENT Key: HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}

ABSENT Key: HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}

ABSENT Key: HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}

ABSENT Key: HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}

ABSENT Key: HKLM\Software\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}

ABSENT Key: HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}

ABSENT Key: HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}

ABSENT Key: HKLM\Software\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}

ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}

ABSENT Key: HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}

ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}

ABSENT Key: HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}

ABSENT Key: HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}

ABSENT Key: HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}

ABSENT Key: HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}

ABSENT Key: HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}

ABSENT Key: HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}

ABSENT Key: HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}

ABSENT Key: HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}

ABSENT Key: HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}

ABSENT Key: HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}

ABSENT Key: HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}

ABSENT Key: HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}

ABSENT Key: HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}

ABSENT Key: HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}

ABSENT Key: HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}

ABSENT Key: HKLM\Software\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}

ABSENT Key: HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}

ABSENT Key: HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}

ABSENT Key: HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}

ABSENT Key: HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}

ABSENT Key: HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}

ABSENT Key: HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}

ABSENT Key: HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}

ABSENT Key: HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}

ABSENT Key: HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}

ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}

ABSENT Key: HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}

ABSENT Key: HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}

ABSENT Key: HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}

ABSENT Key: HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}

ABSENT Key: HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}

ABSENT Key: HKLM\Software\Classes\AppID\escorteng.dll

ABSENT Key: HKLM\Software\Classes\AppID\esrv.EXE

ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32

ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS

ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP

ABSENT Key: HKLM\Software\Classes\Prod.cap

ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings

ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\escortEng.DLL

ABSENT Key: CLSID BHO: {0E5680D1-BF44-4929-94AF-FD30D784AD1D}

ABSENT Key: Service: SCBackService

ABSENT Key: Service: SSUService

ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EF25F71D-F3E8-42A3-8B5A-DBF83C4B942F}

ABSENT Key: HKLM\Software\Classes\Installer\Features\D17F52FE8E3F3A24B8A5BD8FC3B449F2

ABSENT Key: HKLM\Software\Classes\Installer\Products\D17F52FE8E3F3A24B8A5BD8FC3B449F2

ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D17F52FE8E3F3A24B8A5BD8FC3B449F2

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Installer\Features\D17F52FE8E3F3A24B8A5BD8FC3B449F2

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Installer\Products\D17F52FE8E3F3A24B8A5BD8FC3B449F2

ABSENT Key: HKLM\Software\Classes\AppID\TbCommonUtils.DLL

ABSENT Key: HKLM\Software\Classes\AppID\TbHelper.EXE

ABSENT Key: HKLM\Software\Classes\S

ABSENT Key: HKLM\Software\Classes\TbCommonUtils.CommonUtils

ABSENT Key: HKLM\Software\Classes\TbCommonUtils.CommonUtils.1

ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}

ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}

ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}

ABSENT Key: HKLM\SYSTEM\CurrentControlSet\Services\SCBackService

ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375

ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5

ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}

ABSENT Key: HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

ABSENT Key: HKLM\Software\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}

ABSENT Key: HKLM\Software\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}

ABSENT Key: HKLM\Software\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}

ABSENT Key: HKLM\Software\Classes\esrv.deltaESrvc

ABSENT Key: HKLM\Software\Classes\esrv.deltaESrvc.1

ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\TbHelper.EXE

ABSENT Key: HKLM\Software\Wow6432Node\Classes\esrv.deltaESrvc

ABSENT Key: HKLM\Software\Wow6432Node\Classes\esrv.deltaESrvc.1

 

========== Valeur(s) du Registre ==========

ABSENT [HKCU\Software\5828cdcb23bb942]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"

ABSENT [HKLM\Software\Wow6432Node\5828cdcb23bb942]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"

ABSENT URLSearchHook: {0F3DC9E0-C459-4a40-BCF8-747BD9322E10}

ABSENT RunValue: ZyngaGamesAgent

ABSENT RunValue: STCAgent

ABSENT Valeur Standard Profile: FirewallRaz :

ABSENT Valeur Domain Profile: FirewallRaz :

 

========== Préférences navigateur ==========

ABSENT Mozilla Pref: - i51li9ld.default] Delta Search

ABSENT \prefs.js

SUPPRIME Mozilla Pref: user_pref("extensions.delta.admin", false);

SUPPRIME Mozilla Pref: user_pref("extensions.delta.aflt", "babsst");

SUPPRIME Mozilla Pref: user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");

SUPPRIME Mozilla Pref: user_pref("extensions.delta.autoRvrt", "false");

SUPPRIME Mozilla Pref: user_pref("extensions.delta.dfltLng", "en");

SUPPRIME Mozilla Pref: user_pref("extensions.delta.excTlbr", false);

SUPPRIME Mozilla Pref: user_pref("extensions.delta.ffxUnstlRst", true);

SUPPRIME Mozilla Pref: user_pref("extensions.delta.id", "34b567e3000000000000902b343711f9");

SUPPRIME Mozilla Pref: user_pref("extensions.delta.instlDay", "15830");

SUPPRIME Mozilla Pref: user_pref("extensions.delta.instlRef", "sst");

SUPPRIME Mozilla Pref: user_pref("extensions.delta.newTab", false);

SUPPRIME Mozilla Pref: user_pref("extensions.delta.prdct", "delta");

SUPPRIME Mozilla Pref: user_pref("extensions.delta.prtnrId", "delta");

SUPPRIME Mozilla Pref: user_pref("extensions.delta.rvrt", "false");

SUPPRIME Mozilla Pref: user_pref("extensions.delta.smplGrp", "none");

SUPPRIME Mozilla Pref: user_pref("extensions.delta.tlbrId", "base");

SUPPRIME Mozilla Pref: user_pref("extensions.delta.tlbrSrchUrl", "");

SUPPRIME Mozilla Pref: user_pref("extensions.delta.vrsn", "1.8.16.16");

SUPPRIME Mozilla Pref: user_pref("extensions.delta.vrsni", "1.8.16.16");

SUPPRIME Mozilla Pref: user_pref("extensions.delta.vrsnTs", "1.8.16.1621:16:57");

 

========== Dossier(s) ==========

ABSENT C:\Program Files (x86)\Iminent

ABSENT C:\ProgramData\Babylon

SUPPRIME Reboot Folder**: C:\ProgramData\BrowserProtect

ABSENT C:\Users\****\AppData\Roaming\Babylon

ABSENT C:\Users\****\AppData\Roaming\OpenCandy

ABSENT C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect

ABSENT C:\Users\****\AppData\Local\qJu93WnM2ARE8

SUPPRIME Flash Cookies

SUPPRIME Temporaires Windows

 

========== Fichier(s) ==========

ABSENT File: c:\users\****\appdata\roaming\mozilla\firefox\profiles\i51li9ld.default\searchplugins\browserprotect.xml

SUPPRIME Reboot c:\programdata\browserprotect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.exe

ABSENT Folder/File: c:\program files (x86)\iminent

ABSENT Folder/File: c:\programdata\babylon

ABSENT Folder/File: c:\users\*****\appdata\roaming\babylon

ABSENT Folder/File: c:\users\*****\appdata\roaming\opencandy

ABSENT Folder/File: c:\users\*****\appdata\roaming\mozilla\firefox\profiles\i51li9ld.default\bprotector_extensions.sqlite

ABSENT Folder/File: c:\users\*****\appdata\roaming\mozilla\firefox\profiles\i51li9ld.default\bprotector_prefs.js

ABSENT File: c:\users\*****\appdata\roaming\mozilla\firefox\profiles\i51li9ld.default\searchplugins\delta.xml

ABSENT File: c:\program files (x86)\splashtop\splashtop connect ie\addressbarsearch.dll

SUPPRIME Reboot c:\program files (x86)\splashtop\splashtop connect\zyngagamesagent.exe

ABSENT Folder/File: c:\users\berna\appdata\local\temp\askslib.dll

ABSENT File: c:\users\*****\appdata\roaming\mozilla\firefox\profiles\i51li9ld.default\searchplugins\babylon.xml

ABSENT Folder/File: c:\users\*****\appdata\roaming\mozilla\firefox\profiles\i51li9ld.default\extensions\ffxtlbr@delta.com

SUPPRIME Flash Cookies

SUPPRIME Temporaires Windows

 

========== Restauration Système ==========

Point de restauration du système créé avec succès

 

 

========== Récapitulatif ==========

1 : Processus mémoire

148 : Clé(s) du Registre

7 : Valeur(s) du Registre

9 : Dossier(s)

16 : Fichier(s)

1 : Logiciel(s)

22 : Préférences navigateur

1 : Restauration Système

 

# AdwCleaner v2.300 - Rapport créé le 14/05/2013 à 18:57:53

# Mis à jour le 28/04/2013 par Xplode

# Système d'exploitation : Windows 7 Professional Service Pack 1 (64 bits)

# Nom d'utilisateur : -

# Mode de démarrage : Normal

# Exécuté depuis : C:\Users\*****\Desktop\AdwCleaner.exe

# Option [suppression]

 

 

***** [services] *****

 

 

***** [Fichiers / Dossiers] *****

 

Dossier Supprimé : C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl

Fichier Supprimé : C:\Users\berna\AppData\Roaming\Mozilla\Firefox\Profiles\i51li9ld.default\searchplugins\Babylon.xml

Supprimé au redémarrage : C:\ProgramData\BrowserProtect

 

***** [Registre] *****

 

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\5828cdcb23bb942

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}

 

***** [Navigateurs] *****

 

-\\ Internet Explorer v10.0.9200.16537

 

[OK] Le registre ne contient aucune entrée illégitime.

 

-\\ Mozilla Firefox v20.0.1 (fr)

 

Fichier : C:\Users\berna\AppData\Roaming\Mozilla\Firefox\Profiles\i51li9ld.default\prefs.js

 

C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\i51li9ld.default\user.js ... Supprimé !

 

Supprimée : user_pref("extensions.delta.admin", false);

Supprimée : user_pref("extensions.delta.aflt", "babsst");

Supprimée : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");

Supprimée : user_pref("extensions.delta.autoRvrt", "false");

Supprimée : user_pref("extensions.delta.dfltLng", "en");

Supprimée : user_pref("extensions.delta.excTlbr", false);

Supprimée : user_pref("extensions.delta.ffxUnstlRst", true);

Supprimée : user_pref("extensions.delta.id", "34b567e3000000000000902b343711f9");

Supprimée : user_pref("extensions.delta.instlDay", "15830");

Supprimée : user_pref("extensions.delta.instlRef", "sst");

Supprimée : user_pref("extensions.delta.newTab", false);

Supprimée : user_pref("extensions.delta.prdct", "delta");

Supprimée : user_pref("extensions.delta.prtnrId", "delta");

Supprimée : user_pref("extensions.delta.rvrt", "false");

Supprimée : user_pref("extensions.delta.smplGrp", "none");

Supprimée : user_pref("extensions.delta.tlbrId", "base");

Supprimée : user_pref("extensions.delta.tlbrSrchUrl", "");

Supprimée : user_pref("extensions.delta.vrsn", "1.8.16.16");

Supprimée : user_pref("extensions.delta.vrsnTs", "1.8.16.1621:16:57");

Supprimée : user_pref("extensions.delta.vrsni", "1.8.16.16");

 

-\\ Google Chrome v26.0.1410.64

 

Fichier : C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

[OK] Le fichier ne contient aucune entrée illégitime.

 

*************************

 

AdwCleaner[s1].txt - [3005 octets] - [14/05/2013 18:57:53]

 

########## EOF - C:\AdwCleaner[s1].txt - [3065 octets] ##########

[bernard53]

J'ai bien vu les astérix et penser que c'est toi qui avis fait cela donc comme tu connaissais ces lignes, je ne touche pas

comment va ton pc cette fois,

[Elicia789]

J'ai bien vu les astérix et penser que c'est toi qui avis fait cela donc comme tu connaissais ces lignes, je ne touche pas

comment va ton pc cette fois,

 

Bonsoir ,

Il est en bien meilleure forme c'est indéniable même si c'est pas encore tout à fait cela. Il reste peu être encore des vilaines petites bestioles qui doivent le contrarier

Plus du tout de message de saturation de mémoire mais toujours des difficultés avec ma connexion net

Modifié le 15 mai 2013 par Elicia789