[Résolu] Demande d'analyse ZHP sur PC d'occase

[Invité Notpa]

Bonjour à tous !

 

Je viens d’acquérir un PC auprès de l'assos informatique où je donne des cours (22 formateurs, 24 PCs) en remplacement de mon vieux XP. C'est un HP Pavillon Win 8.1 Pro 64bits (100€, ça vaut le coup et le coût). Comme ce PC servait aux élèves, j'ai bien peur qu'il y ai des cochonneries dessus (j'ai parfois des problèmes bizarres comme redirection de liens ou impossible de télécharger via Firefox 30.0).

 

J'ai lancé un ZHPdiag dont voici le résultat : http://cjoint.com/?DGspbAb8mZP

 

Pouvez-vous me dire si ce PC est clean ou a besoin d'un nettoyage ?

 

Merci d'avance

 

Notpa

[Apollo]

Salut Notpa,

 

Il y a du monde, les infections "classiques", Boxore, TB e tutti quanti.

 

1)

ZHPFix :

 

• Ferme toutes les applications ouvertes

   

   

• Double-clique sur ZHPFix, raccourci installé par ZHPDiag sur le Bureau
  Important:
  Sous Vista et Windows 7/8 : il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur.

   

   

• Copie les lignes ci-dessous dans la fenêtre

sauf le mot citation.

 

 

  Citation

Script ZHPFix

[MD5.0D977B881EF93503930E1F5FB19B5B3F] - (...) -- C:\Program Files (x86)\sizlsearch\bin\sizlsearch.BrowserAdapter.exe [96544] [PID.4960] =>PUP.SizlSearch
G1 - GCS: Preference [user Data\Default] http://isearch.omiga-plus.com =>Hijacker.OmigaPlus
G0 - GCSP: Preference [user Data\Default][HomePage] http://isearch.omiga-plus.com =>Hijacker.OmigaPlus
G2 - GCE: Preference [user Data\Default] [engaigpbgdjjmanonjcjkcmomgibneba] Boxore v.1.8, (Activé) =>Adware.Boxore
G2 - GCE: Preference [user Data\Default] [pelmeidfhdlhlbjimpabfcbnnojbboma] Quick start v.4.4.5, (Activé) =>PUP.QuickStart
M2 - MFEP: prefs.js [Mulot-13 Admin - luy35bc2.default\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}] [] PriceGong v2.6.11 (..) =>Adware.PriceGong
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com =>Hijacker.OmigaPlus
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com =>Hijacker.OmigaPlus
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com =>Hijacker.OmigaPlus
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com =>Hijacker.OmigaPlus
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com =>Hijacker.OmigaPlus
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com =>Hijacker.OmigaPlus
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com =>Hijacker.OmigaPlus
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com =>Hijacker.OmigaPlus
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com =>Hijacker.OmigaPlus
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com =>Hijacker.OmigaPlus
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com =>Hijacker.OmigaPlus
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com =>Hijacker.OmigaPlus
O2 - BHO: IETabPage Class [64Bits] - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} . (.Thinknice Co. Limited - SupTab setup package.) -- C:\Program Files (x86)\SupTab\SupTab.dll =>PUP.SupTab
O2 - BHO: sizlsearch [64Bits] - {36d96925-abfa-4eb8-b630-305e905a930d} . (.sizlsearch - sizlsearch.) -- C:\Program Files (x86)\sizlsearch\sizlsearchbho.dll =>PUP.SizlSearch
O4 - GS\Desktop [Mulot-13 Admin]: Continue VuuPC Installation.lnk . (...) -- C:\Users\Mulot-13 Admin\AppData\Local\Temp\ICReinstall_nsg8D67.tmp \RR (.not file.) =>PUP.VuuPC
O4 - GS\Desktop [Mulot-13 Admin]: Sync Folder.lnk . (.MyPCBackup.com - MyPC Backup.) -- C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe =>PUP.MyPCBackup
O4 - GS\Startup [Mulot-13 Admin]: MyPC Backup.lnk . (.MyPCBackup.com - MyPC Backup.) -- C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe =>PUP.MyPCBackup
O4 - HKLM\..\Wow6432Node\Run: [boxore Client] . (.Boxore OU - Boxore Client.) -- C:\Program Files (x86)\Boxore\BoxoreClient\boxore.exe =>Adware.Boxore
O20 - AppInit_DLLs: . (.Skytech Co., Ltd. - Skytech.) - C:\Program Files (x86)\SupTab\SearchProtect64.dll =>PUP.SearchProtect
O23 - Service: Computer Backup (MyPC Backup) (BackupStack) . (.Just Develop It - Backup Stack.) - C:\Program Files (x86)\MyPC Backup\BackupStack.exe =>PUP.MyPCBackup
O23 - Service: IePlugin Services (IePluginServices) . (.Cherished Technololgy LIMITED - IePlugin Service.) - C:\ProgramData\IePluginServices\PluginService.exe =>Trojan.SProtector
O23 - Service: Service Software Update (Software_update) (Software_update) . (.The Software Group - Software Update.) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore
O23 - Service: Update sizlsearch (Update sizlsearch) . (...) - C:\Program Files (x86)\sizlsearch\updatesizlsearch.exe =>PUP.SizlSearch
O23 - Service: Util sizlsearch (Util sizlsearch) . (...) - C:\Program Files (x86)\sizlsearch\bin\utilsizlsearch.exe =>PUP.SizlSearch
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) . (.Fuyu LIMITED - WindowsProtectManger Service.) - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Fuyu
[MD5.00000000000000000000000000000000] [APT] [Optimizer Pro Schedule] (...) -- C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe (.not file.) [0] =>PUP.OptimizerPro
[MD5.7D46006E77B80B55CDDD54B52B05F287] [APT] [softwareUpdateTaskMachineCore] (.The Software Group.) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe [119408] =>Adware.Boxore
[MD5.7D46006E77B80B55CDDD54B52B05F287] [APT] [softwareUpdateTaskMachineUA] (.The Software Group.) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe [119408] =>Adware.Boxore
O39 - APT: SoftwareUpdateTaskMachineCore - (.The Software Group.) -- C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job [948] =>Adware.Boxore
O39 - APT: SoftwareUpdateTaskMachineCore - (.The Software Group.) -- C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineCore [948] =>Adware.Boxore
O39 - APT: SoftwareUpdateTaskMachineUA - (.The Software Group.) -- C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job [952] =>Adware.Boxore
O39 - APT: SoftwareUpdateTaskMachineUA - (.The Software Group.) -- C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineUA [952] =>Adware.Boxore
O41 - Driver: ({9d5747ee-0448-4681-8337-1555de75a3b6}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{9d5747ee-0448-4681-8337-1555de75a3b6}Gw64.sys =>PUP.LinkiDoo
O42 - Logiciel: Boxore Client - (.Boxore OU.) [HKLM][64Bits] -- {D8D8A342-0E9F-47EA-A35E-CF431B50B286} =>Adware.Boxore
O42 - Logiciel: MyPC Backup - (.JDi Backup Ltd.) [HKLM][64Bits] -- MyPC Backup =>PUP.MyPCBackup
O42 - Logiciel: PriceGong 2.6.11 - (.PriceGong.) [HKLM][64Bits] -- PriceGong =>Adware.PriceGong
O42 - Logiciel: WebInternetSecurity - (.WebInternetSecurity.) [HKCU][64Bits] -- webinternetsecurity =>Spyware.Binternet
O42 - Logiciel: WindowsMangerProtect20.0.0.502 - (.WindowsProtect LIMITED.) [HKLM][64Bits] -- WindowsMangerProtect => PUP.Fuyu
O42 - Logiciel: sizlsearch - (.sizlsearch.) [HKLM][64Bits] -- sizlsearch =>PUP.SizlSearch
[HKCU\Software\Boxore] =>Adware.Boxore
[HKCU\Software\sizlsearch] =>PUP.SizlSearch
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKLM\Software\Wow6432Node\SupDp] =>PUP.SupTab
[HKLM\Software\Wow6432Node\sizlsearch] =>PUP.SizlSearch
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager
O43 - CFD: 16/07/2014 - 16:44:50 - [] ----D C:\Program Files (x86)\Boxore =>Adware.Boxore
O43 - CFD: 16/07/2014 - 19:07:33 - [] ----D C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup
O43 - CFD: 16/07/2014 - 16:48:10 - [] ----D C:\Program Files (x86)\PriceGong =>Adware.PriceGong
O43 - CFD: 17/07/2014 - 16:22:05 - [] ----D C:\Program Files (x86)\sizlsearch =>PUP.SizlSearch
O43 - CFD: 16/07/2014 - 16:44:30 - [] ----D C:\Program Files (x86)\SupTab =>PUP.SupTab
O43 - CFD: 16/07/2014 - 16:44:34 - [] ----D C:\ProgramData\IePluginServices =>Trojan.SProtector
O43 - CFD: 16/07/2014 - 16:44:14 - [] ----D C:\ProgramData\WindowsMangerProtect => PUP.Fuyu
O43 - CFD: 17/07/2014 - 15:49:29 - [] ----D C:\Users\Mulot-13 Admin\AppData\Roaming\omiga-plus =>Hijacker.OmigaPlus
O43 - CFD: 16/07/2014 - 17:21:32 - [] ----D C:\Users\Mulot-13 Admin\AppData\Roaming\VOPackage =>Adware.Downware
O43 - CFD: 16/07/2014 - 16:48:14 - [] ----D C:\Users\Mulot-13 Admin\AppData\Local\webinternetsecurity =>Spyware.Binternet
O43 - CFD: 16/07/2014 - 16:47:50 - [] ----D C:\Users\Mulot-13 Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup =>PUP.MyPCBackup
O44 - LFC:[MD5.02A2F59DFBB86C0BE9FF52EFF695A846] - 12/07/2014 - 12:46:32 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{9d5747ee-0448-4681-8337-1555de75a3b6}Gw64.sys [61120] =>PUP.LinkiDoo
O58 - SDL:12/07/2014 - 12:46:32 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{9d5747ee-0448-4681-8337-1555de75a3b6}Gw64.sys [61120] =>PUP.LinkiDoo
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com =>Hijacker.OmigaPlus
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar.admin", false); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar.aflt", "babsst"); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar.babExt", ""); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar.babTrack", "affID=108988"); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar.bbDpng", 30); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar.dfltSrch", false); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar.hmpg", false); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar.id", "2aa81bf300000000000000197e51e77c"); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar.instlDay", "15369"); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar.instlRef", "sst"); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar.lastDP", 30); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1717:46:31"); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "9.0"); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar.newTab", true); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar.newTabUrl", "http://search.babylon.com/?babsrc=NT_bb"); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar.noFFXTlbr", false); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar.propectorlck", 66502714); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar.ptch_0717", true); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar.smplGrp", "none"); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar.srcExt", "ss"); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar.tlbrId", "base"); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17"); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1717:46:31"); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17"); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar_i.aflt", "babsst"); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar_i.babExt", ""); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar_i.babTrack", "affID=108988"); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar_i.hardId", "2aa81bf300000000000000197e51e77c"); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar_i.id", "2aa81bf300000000000000197e51e77c"); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar_i.instlDay", "15369"); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar_i.instlRef", "sst"); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar"); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon"); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar_i.tlbrId", "base"); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17"); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1717:46:31"); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17"); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - 3da09j43.UtilisateurNono] user_pref("extensions.ffxtlbr@babylon.com.install-event-fired", true); =>PUP.Babylon
O69 - SBI: prefs.js [Mulot-13 Admin - fmsc4oll.default] user_pref("extensions.ffxtlbr@babylon.com.install-event-fired", true); =>PUP.Babylon
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} [DefaultScope] - (omiga-plus) - http://isearch.omiga-plus.com =>Hijacker.OmigaPlus
O90 - PUC: "243A8D8DF9E0AE743AE5FC34B1052B68" . (.Boxore Client.) -- C:\WINDOWS\Installer\{D8D8A342-0E9F-47EA-A35E-CF431B50B286}\boxore.ico =>Adware.Boxore
[MD5.CE0DD0FECDF44C33EE0E9A908A4919A8] [WIS][02/07/2014] (.Boxore OU - Boxore Client Installer.) -- C:\Windows\Installer\47e887f6.msi [2473984] =>Adware.Boxore
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.MyPCBackup
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\sizlsearch_RASAPI32 =>PUP.SizlSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\sizlsearch_RASMANCS =>PUP.SizlSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatesizlsearch_RASAPI32 =>PUP.SizlSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatesizlsearch_RASMANCS =>PUP.SizlSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilsizlsearch_RASAPI32 =>PUP.SizlSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilsizlsearch_RASMANCS =>PUP.SizlSearch
SS - | Auto 18/06/2014 36424 | (BackupStack) . (.Just Develop It.) - C:\Program Files (x86)\MyPC Backup\BackupStack.exe =>PUP.MyPCBackup
SS - | Auto 16/07/2014 119408 | (Software_update) . (.The Software Group.) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore
SS - | Demand 16/07/2014 119408 | (Software_update_m) . (.The Software Group.) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore
SR - | Auto 16/07/2014 759688 | (IePluginServices) . (.Cherished Technololgy LIMITED.) - C:\ProgramData\IePluginServices\PluginService.exe =>Trojan.SProtector
SR - | Auto 18/07/2014 321824 | (Update sizlsearch) . (...) - C:\Program Files (x86)\sizlsearch\updatesizlsearch.exe =>PUP.SizlSearch
SR - | Auto 18/07/2014 321824 | (Util sizlsearch) . (...) - C:\Program Files (x86)\sizlsearch\bin\utilsizlsearch.exe =>PUP.SizlSearch
SR - | Auto 16/07/2014 535936 | (WindowsMangerProtect) . (.Fuyu LIMITED.) - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe => PUP.Fuyu
[HKLM\Software\Google\Chrome\Extensions\engaigpbgdjjmanonjcjkcmomgibneba] =>Adware.Boxore^
[HKLM\Software\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma] =>PUP.QuickStart^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] =>PUP.SupTab^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{36D96925-ABFA-4EB8-B630-305E905A930D}] =>PUP.SizlSearch^
[HKLM\SYSTEM\CurrentControlSet\Services\MyPC Backup) (BackupStack] =>PUP.MyPCBackup^
[HKLM\SYSTEM\CurrentControlSet\Services\IePluginServices] =>Trojan.SProtector^
[HKLM\SYSTEM\CurrentControlSet\Services\Software_update) (Software_update] =>Adware.Boxore^
[HKLM\SYSTEM\CurrentControlSet\Services\Update sizlsearch] =>PUP.SizlSearch^
[HKLM\SYSTEM\CurrentControlSet\Services\Util sizlsearch] =>PUP.SizlSearch^
[HKLM\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect] =>PUP.Fuyu^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D8D8A342-0E9F-47EA-A35E-CF431B50B286}] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup] =>PUP.MyPCBackup^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\PriceGong] =>Adware.PriceGong^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\webinternetsecurity] =>Spyware.Binternet^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\sizlsearch] =>PUP.SizlSearch^
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160] =>Adware.PredictAd
[HKCU\Software\Boxore] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0124B064795BB484FA494FC7CF204C0C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\01F8E7504D2D2644AB1185234D2AD5AC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\04CDEDFDD6EF25443B78A49D1FE5B4F2] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\058911EBC07BAAE42B102E3F4B0D070D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\05CE306CC244D284D8D8090E404CD7D3] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\089527E77AD22E345B0066D226E44F46] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0BD0B15D6F0C2BF428B339B2D2D732C9] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0C1AAA506D92B2D44BD6FEF6CDFB71E1] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CAEC9AFF1716FF4DBACEED82F88C702] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0DD4444CBC682774C8E573CC73C5BC46] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0F68250201451D64EA71E91BA19832DC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\126FFC99A0F214F41AE2D6C7A0FC09BF] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12F72EF2521177A4BB467FF35A881382] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\14873772FE3926F4195C9280D52D3486] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\14CF11D787D40BF458A3B5CB123733CE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\163A5460E4FB18343B4C0B781B27E813] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1705977FCB2F22F4D8A9AB847C3FB9CE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\19F133B6A0BA9B14493CE47703DF4CF3] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1C735C7A54F53574CA5AEA93D0D1F01E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1CE2260B068265A488410CA171D93778] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DF1DD2609A2135479C19D72E41B64AA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1F72D9058D0863E4F8EB9FE6E980C385] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2217D47FAFB0AC547820199B3A026CFB] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22C5FD2815F5C7C4DB5F34F504BF9D96] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26CF57FC035624845B9005289DFA1448] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2719056FB4CDD294887140382819FFF7] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2956CB28F45AAF746998774B3C9FF012] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2AD5E582EBA9ED54989A134D9250922B] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BB672F8D2CA64146B6688371E75C986] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2EA450B923F9C4D4BBEB203648FBFFDC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2ECA942EFDBD22B4EBB7FE3AB9EDDBDD] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F055C41FDCA50A43BE42A96D243AD47] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F4EE319A22490145BC4AEBC53B616CA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\31E430E345D85D54CA33BC88AEFDB9D8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\358096DA35E67B5479C2E880DF0C10C1] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\37345F678B330594E9E4AC16908F78CF] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38641BF101151094F86DD62B534BDEC4] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38762340C83E6764B87807B67154F5A4] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3984BAF27BDA0DC4D8AED19FCB64BD7D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3D82200490995CE42AB754DCD90AC44D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3E9F0E4315A35D741873885200C6A454] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3F261C3E5AD56E54598E24B106813C7E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\40D753328E77EE842A82631EED62CEC5] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\40FDEFB25883CF140B9B5F89CB7E2871] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\412179CD2126BB34CAE51691856A3D68] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43218F63264345445A73071C174FEEE8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\439E8A02B7736CA488EECE28D7EE961A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\456D8CED0106E1649AE5CBD8082AC705] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\459277E8A0EE8894F9D7F807DF90506A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\463372A470C576443AE8802B1AC61D89] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\48F13E425ECD5F243A8A82AA2B65336D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B6F3AD0EE690D2478C7D0528AADF8C4] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4BB9D431259E08A499469636383B9935] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4D3B0714BC82B2340AB18C031262573D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4D5809867D6C1D14180511D3AAD03F79] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4DB13DED48DC4494C90DE800D31B086C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\52C608FC2A61CCE479768A9719CABF7B] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\56861F0CE995D0E45835F5D31E105D54] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\58E44D082625757499995F9516313A9C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5A52F724764B00747A637F14FBBBB830] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5B19839CB98BB914BA43E863BBE11B4E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\613DCE6E373581A40B6C88D4F7C09096] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6292C097F9759424BAFA3E32CD3DD562] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\62C171206461ED34885A4AE095F4A7AC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\63E9F48D88AA940498502E29E3747471] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\64747EAAAE2BA5141AEBCF4F6651A144] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6494B0B34076D6248B6E5F42E3252AD0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6495111F730311440BBC3AAAF3B8C7AC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\65273BD75ADFA9146A0950469941299A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6543EA2E8E729CF4789BCD7361D58C03] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\658DABBCADB609E429A6769C46FAADD0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\67A614CC45D7C5845BE2184211CC8F9C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B6581D2CF6BB444D8ACBF79E3AF425B] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C0DB201BFD71284CB8CA279446863E8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6EA4E994723ECC940AE01A2507673199] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F2331E07AF9B414DB15E2E7BAB7F880] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F3E6739E6CECC64D9B7E5D24CF60746] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\73268B3F6C2206C4BAF14E3C5B4BC494] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\73D229597C7281E409FDEB3079E30E5A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75A49DF39158638428A0F7797D4CD1E6] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D223AE12684124794DD7D3FB067886] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76937F723CDCAB547A9791D60867A5B5] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\78AD011E92C0B7D4A86E41451EC7A0F0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\79080E81959ECB54E9E7B3C67AE5781A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7A8B37070412F4D47895AA40EFC2E39A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7F84DAA817EC0AB409DFE802184D5B09] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\82F14F44AA63A5945A2E960EF018794E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\831071FAC16E2DA4682F55E0B0DE6979] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\83D0F8F1641145A42B26F71D534E9A34] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\84072C174C7F25148BFB33ADE8C704E1] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\872C7B3D2887D4E4EBF645D7AB9374D1] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8C00987A23C36B145AB60EE274936EB3] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D736B12592E2E94094267BC5B7AA7EB] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8F3E0221A8351144BB04AEF5266143CB] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\90E77522D1656DA4DABC673942243B44] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\920219BD6C542544893D7ECFCB5E2B6B] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\939840D09446FFF459FA6CB4F03C38BE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9459BDD3A7C686345A9B7A1AD1CC6BE4] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\95AC1A94BAFFE3D41B23B2097BA8B190] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\983EBB458AA802846BBC74D26C3209C8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98A0180804723E24AAA941C0B046363D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\990A25796B2949842BACA56514B7316A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\999D63C685BF046489CA3126029FE837] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9AC4C1465926D52478BEC6D3DB946DD7] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9CF7625ADC5FCFE43AD003DCC16B49CB] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A2D54AC8D24E8F94ABBB993A69EF13EC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A357C02D064283D41978AFEEE1A48E0F] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A4022CA9531268145AD6F8FD7F4F01DC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5CDCC279604D6746A7DA9ED701BF41F] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6F4FE9AC6F165A4EAA8F90CE891C0DA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A960AC53CA238044A820A3B63D4536CA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AA3077BB9E4617440AF467D91146A8C4] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AAC05EAA51DC78A41A1DCE3B31038584] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AD7957C966A13904EA466152B29EA9AF] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B13C910C1D6376A4BB2BDB9585253923] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B1B5689BAD89AFD448923B5051E5BB50] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B2CE0F97DFABDE446811F33E7273BFE2] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B445461D74829AF4C8EF6C00B2861EF0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4D011D14FD2DB74A9090EA633C0B98E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B551BEBCA0334AA40978C2137FD21AB2] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B877893A942DC524580C7B45547FCBC8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC651C0803618C44DA6F1DDD51AF35BF] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BDE5B9F2A520B674BBB1BEAE5F5D51B8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEE85C3D8F4816D4A9E5F4EAA4D80A2A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BFD48F71CCCEC97489147D4E852D3F6F] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C05694CDCD2DD724F90F13A20E67EC7C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C42065D3060DD4648A38882BEA92941E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C5F606FB1152E344981B09071C472211] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C77B53875F388AA4AA076F6F9D099011] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C85EA06E73FF0A240B4C287EE0D9521D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA30DE5A0DE293D4AA3BF5E13322823A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA9ADF25A98C8074FA4CBBA3ED29FEFA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCE886225BDEB6C43868B0AEDB036B02] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CDD11BF4B1CAA584695EFBC611438213] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE1CCF5CABA1395409D54586592B319E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE7392F9B9A81FA4EA952625BD5534FE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D12B7976E5CA7C34D932C1A8A1BF61C8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D91D500D43BD91A44B02BDBE41E0523F] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DA2710A9158C6584C9677EB954F3AC97] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DCF07B57C9DC38E419CF122EA180585E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD2E1A561C7F1294BB3996EE77F6BBEE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF14E9E130504B745A2AC47EF6145D24] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF7A4CDE9ED9CD7479FF74F35FA4149E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE39849AF921D045B613CD5852C76A6] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E03EC5B80A22A7D4C92AB528A3D323E8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1B9E95AA2730744AB926911484F8AD5] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E3436415FB2833843B9EE970079A87C0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E3BBB86ACE9686A4281227D5F7EE95AE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E6B40E8EBBC3CD445BD2FC7D8FDCCFEC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E77C3F952C1F0354FAFADB6B080ACCF7] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E84382A588F214C4C89C3DB758EA6AD6] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E89B10C102BBEF941A920EE2269747C0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E9D73D5153C19FD48B6E10CB7E8572CE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EBAFF392ACA75ED4CA30BF821C1AE267] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ECFC746582988774684DB5D8D95F674D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EECC799BFA63E6146A81EAAA53540EDE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F1547261AA1C98C48B0ECDBC767C76CE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F1BDB464DE2D33547BB31C1B35D9C337] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F29CFDBF9B20AB8448A1BD73A3FE863F] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F5F8D8368E8CAE84188DE44DAF8C10F9] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FAB510A06C6F4B24AAD055CE6EEA27CD] =>Adware.Boxore^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Boxore Client =>Adware.Boxore^
C:\Users\Mulot-13 Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\engaigpbgdjjmanonjcjkcmomgibneba =>Adware.Boxore^
C:\Users\Mulot-13 Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma =>PUP.QuickStart^
C:\Users\Mulot-13 Admin\AppData\Roaming\Mozilla\Firefox\Profiles\luy35bc2.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829} =>Adware.PriceGong^
C:\Program Files (x86)\Boxore =>Adware.Boxore^
C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup^
C:\Program Files (x86)\PriceGong =>Adware.PriceGong^
C:\Program Files (x86)\sizlsearch =>PUP.SizlSearch^
C:\Program Files (x86)\SupTab =>PUP.SupTab^
C:\ProgramData\IePluginServices =>Trojan.SProtector^
C:\Users\Mulot-13 Admin\AppData\Roaming\omiga-plus =>Hijacker.OmigaPlus^
C:\Users\Mulot-13 Admin\AppData\Roaming\VOPackage =>Adware.Downware^
C:\Users\Mulot-13 Admin\AppData\Local\webinternetsecurity =>Spyware.Binternet^
C:\Users\Mulot-13 Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup =>PUP.MyPCBackup^
C:\Program Files (x86)\Software =>Adware.Boxore
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong =>Adware.PriceGong
C:\Users\Mulot-13 Admin\AppData\Local\Software =>Adware.Boxore
C:\Users\Mulot-13 Admin\AppData\LocalLow\PriceGong =>Adware.PriceGong
C:\Program Files (x86)\sizlsearch\bin\sizlsearch.BrowserAdapter.exe =>PUP.SizlSearch^
C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore^
C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job =>Adware.Boxore^
C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineCore =>Adware.Boxore^
C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job =>Adware.Boxore^
C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineUA =>Adware.Boxore^
[HKCU\Software\sizlsearch] =>PUP.SizlSearch^
[HKLM\Software\Wow6432Node\SupDp] =>PUP.SupTab^
[HKLM\Software\Wow6432Node\sizlsearch] =>PUP.SizlSearch^
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab^
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager^
C:\Windows\Installer\47e887f6.msi =>Adware.Boxore^
EmptyClsid
Ifeofix
Proxyfix
FirewallRaz
ShortcutFix
EmptyPrefetch
emptytemp
emptyflash

 

Cliquer sur IMPORTER., cela devrait coller le contenu du presse papier dans la fenêtre ZHPFix.

 

• Le script doit automatiquement apparaitre dans ZHPFix.

   

  Clique sur le bouton GO pour lancer le nettoyage

 

 

• Valide par Oui la désinstallation des programmes si demandé.

   

   

• Laisse l'outil travailler. Si un redémarrage est demandé, accepte et redémarre le PC

   

   

• Le rapport ZHPFixReport.txt s'affiche. Copie-colle le contenu de ce rapport dans ta réponse.
  Le rapport ZHPFixReport.txt est enregistré sous C:\ZHP\ZHPFix.txt

 

Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide.

 

------------------------------------

 

2)

*** Si tu as une ancienne version d'AdwCleaner, lance-le et clique sur désinstaller.***

Télécharge AdwCleaner par Xplode: [*]

https://toolslib.net/downloads/viewdownload/1-adwcleaner/

Enregistre-le sur le bureau (et pas ailleurs).

Afin de ne pas fausser le rapport, ne passer l'outil qu'une seule fois svp!

Si tu es sous XP double clique sur AdwCleaner pour lancer l'outil.
Si tu es sous Vista/Seven, clique droit sur AdwCleaner et choisis exécuter en temps qu'administrateur.

Clique sur Scanner et laisse travailler l'outil.

Cliquer sur Nettoyer , le bouton sera accessible.

Le rapport va s'ouvrir en fichier texte; copie la totalité de son contenu et colle-le dans ta réponse.

Le rapport est en outre sauvegardé sous C:\AdwCleaner[s0]

NB: Si l'outil "cale" en mode normal, le lancer en mode sans échec: http://www.vista-xp.fr/forum/topic93.html

A lire absolument: http://www.vista-xp.fr/forum/topic5482.html
http://www.vista-xp.fr/forum/topic10389.html

-------------------------

3)

Télécharge Junkware Removal Tool sur le bureau: http://www.bleepingcomputer.com/download/junkware-removal-tool/

Site éditeur: http://thisisudax.org/

Sous XP, double-clique sur l'icône et presse une touche lorsque cela sera demandé.

Sous Vista/7/8, clic droit/exécuter en temps qu'administrateur.

L'outil peut demander si on souhaite vérifier la présence d'une nouvelle version Y/N >> taper Y.
S'il découvre une version obsolète, il le dira et devrez presser une touche. L'outil se fermera. Mettez-le à la corbeille et téléchargez la dernière version.

Renomme JRT_NEW en JRT.

Si c'est déjà la bonne version , il commencera sa recherche de malwares normalement. Patience svp.

Afin de ne pas fausser les rapports, ne passer l'outil qu'une seule fois svp!

Si l'antivirus fait des siennes: désactive-le provisoirement. Si tu ne sais pas comment faire, reporte-toi à cet article.

Poste le rapport généré à la fin de l'analyse.

NB: Le bureau disparaitra un instant, c'est normal.

>>>Si le rapport est long, l'héberger ici: http://cjoint.com ou http://dl.free.fr/

 

@++

[Invité Notpa]

Merci l'ami !

 

Je m'attaque à toutes ces tâches. Dès que fini, je reviens.

 

Merci encore

 

Notpa

[Invité Notpa]

Voici le rapport ZPFix :

 

  Citation

 

Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by Mulot-13 Admin at 18/07/2014 16:01:51
High Elevated Privileges : OK
Windows 8 Business Edition, 64-bit Service Pack 1 (9600)

Corbeille vidée (00mn 04s)
Dossier Prefetcher vidé
Réparation des raccourcis navigateur

========== Logiciels ==========
SUPPRIMÉ: Boxore Client
ABSENT Uninstall Process: c:\program files (x86)\pricegong\uninst.exe
SUPPRIMÉ: WindowsMangerProtect20.0.0.502

========== Processus mémoire ==========
SUPPRIMÉ Redémarrage: Memory Process: C:\Program Files (x86)\sizlsearch\bin\sizlsearch.BrowserAdapter.exe

========== Clés du Registre ==========
SUPPRIMÉ Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PriceGong]
SUPPRIMÉ: CLSID BHO: {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
SUPPRIMÉ: CLSID BHO: {36d96925-abfa-4eb8-b630-305e905a930d}
SUPPRIMÉ: Service: BackupStack
SUPPRIMÉ: Service: IePluginServices
SUPPRIMÉ: Service: Software_update
SUPPRIMÉ: Service: Update sizlsearch
SUPPRIMÉ: Service: Util sizlsearch
SUPPRIMÉ Driver Key: {9d5747ee-0448-4681-8337-1555de75a3b6}Gw64
SUPPRIMÉ: HKCU\Software\Boxore
SUPPRIMÉ: HKCU\Software\sizlsearch
SUPPRIMÉ: HKLM\Software\Wow6432Node\Boxore
SUPPRIMÉ: HKLM\Software\Wow6432Node\SupDp
SUPPRIMÉ: HKLM\Software\Wow6432Node\sizlsearch
SUPPRIMÉ: HKLM\Software\Wow6432Node\supTab
SUPPRIMÉ: HKLM\Software\Wow6432Node\supWPM
SUPPRIMÉ: SearchScopes :{33BB0A4E-99AF-4226-BDF6-49120163DE86}
SUPPRIMÉ:* HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32
SUPPRIMÉ:* HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS
SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\sizlsearch_RASAPI32
SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\sizlsearch_RASMANCS
SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatesizlsearch_RASAPI32
SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatesizlsearch_RASMANCS
SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilsizlsearch_RASAPI32
SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilsizlsearch_RASMANCS
SUPPRIMÉ: Service: Software_update_m
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
SUPPRIMÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\webinternetsecurity
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\sizlsearch
SUPPRIMÉ: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
SUPPRIMÉ: HKCU\Software\AppDataLow\Software\PriceGong
SUPPRIMÉ: HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
SUPPRIMÉ: HKLM\Software\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC
Branche de Base de Registres IFEO non infectée !
[HKLM\SOFTWARE\Microsoft\...\Image File Execution Options\DatamngrCoordinator.exe]SUPPRIMÉ (DatamngrCoordinator.exe)

========== Valeurs du Registre ==========
ProxyFix : Configuration proxy supprimée avec succès
SUPPRIMÉ ProxyServer Value
SUPPRIMÉ ProxyEnable Value
SUPPRIMÉ EnableHttp1_1 Value
SUPPRIMÉ ProxyHttp1.1 Value
SUPPRIMÉ ProxyOverride Value
Aucune Valeur Standard Profile: FirewallRaz :
Aucune Valeur Domain Profile: FirewallRaz :
SUPPRIMÉ: FirewallRaz (Domain) : {9E3D57FC-7C37-4424-9352-4831E97D029D}
SUPPRIMÉ: FirewallRaz (Domain) : {548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}
SUPPRIMÉ: FirewallRaz (Domain) : NetPres-In-TCP-NoScope
SUPPRIMÉ: FirewallRaz (Domain) : NetPres-Out-TCP-NoScope
SUPPRIMÉ: FirewallRaz (None) : NetPres-WSD-In-UDP
SUPPRIMÉ: FirewallRaz (None) : NetPres-WSD-Out-UDP
SUPPRIMÉ: FirewallRaz (Public) : NetPres-In-TCP
SUPPRIMÉ: FirewallRaz (Public) : NetPres-Out-TCP
SUPPRIMÉ: FirewallRaz (None) : MCX-Prov-Out-TCP
SUPPRIMÉ: FirewallRaz (None) : MCX-McrMgr-Out-TCP
SUPPRIMÉ: FirewallRaz (Domain) : {E7985E1D-C36F-4787-80A8-6350D07E9266}
SUPPRIMÉ: FirewallRaz (None) : {808F1451-4108-46FD-ADBB-F17324B5F0BD}

========== Eléments de donnée du Registre ==========
SUPPRIMÉ: R0 - Main,Start Page = KCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page
SUPPRIMÉ: R0 - Main,Start Page = KLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page
SUPPRIMÉ: R0 - Main,Start Page = KLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page
SUPPRIMÉ: R1 Search Page =
SUPPRIMÉ AppInit: ytech.) - C:\Program Files (x86)\SupTab\SearchProtect64.dll
SUPPRIMÉ: StartMenuInternet: C:\Program Files\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com

========== Préférences navigateur ==========
PRESENT Chrome File: C:\Users\Mulot-13 Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
SUPPRIMÉ Chrome Site: http://isearch.omiga-plus.com
SUPPRIMÉ Chrome Site: http://isearch.omiga-plus.com
SUPPRIMÉ Chrome Site: http://isearch.omiga-plus.com
SUPPRIMÉ Chrome Site: http://isearch.omiga-plus.com
PRESENT Chrome File: C:\Users\Mulot-13 Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
ABSENT Chrome Site: http://isearch.omiga-plus.com
SUPPRIMÉ Folder Chrome: C:\Users\Mulot-13 Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\engaigpbgdjjmanonjcjkcmomgibneba
SUPPRIMÉ Folder Chrome: C:\Users\Mulot-13 Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar.admin", false);
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar.aflt", "babsst");
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar.babExt", "");
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar.babTrack", "affID=108988");
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar.bbDpng", 30);
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar.dfltSrch", false);
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar.hmpg", false);
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar.id", "2aa81bf300000000000000197e51e77c");
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar.instlDay", "15369");
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar.instlRef", "sst");
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar.lastDP", 30);
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1717:46:31");
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "9.0");
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar.newTab", true);
ABSENT Mozilla Pref: user_pref("extensions.BabylonToolbar.newTabUrl", "http://search.babylo...m/?babsrc=NT_bb");
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar.propectorlck", 66502714);
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar.ptch_0717", true);
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar.smplGrp", "none");
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar.srcExt", "ss");
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar.tlbrId", "base");
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17");
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1717:46:31");
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17");
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar_i.babExt", "");
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar_i.babTrack", "affID=108988");
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar_i.hardId", "2aa81bf300000000000000197e51e77c");
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar_i.id", "2aa81bf300000000000000197e51e77c");
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar_i.instlDay", "15369");
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1717:46:31");
SUPPRIMÉ Mozilla Pref: user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
SUPPRIMÉ Mozilla Pref: user_pref("extensions.ffxtlbr@babylon.com.install-event-fired", true);
SUPPRIMÉ Mozilla Pref: user_pref("extensions.ffxtlbr@babylon.com.install-event-fired", true);

========== Dossiers ==========
Aucun dossiers CLSID Local utilisateur vide
SUPPRIMÉS Temporaires Windows (42)
SUPPRIMÉS Flash Cookies (0)

========== Fichiers ==========
SUPPRIMÉ: c:\users\mulot-13 admin\appdata\local\google\chrome\user data\default\preferences
SUPPRIMÉ: c:\program files (x86)\suptab\suptab.dll
SUPPRIMÉ: c:\users\mulot-13 admin\desktop\continue vuupc installation.lnk
SUPPRIMÉ: c:\users\mulot-13 admin\desktop\sync folder.lnk
SUPPRIMÉ: c:\users\mulot-13 admin\appdata\roaming\microsoft\windows\start menu\programs\startup\mypc backup.lnk
SUPPRIMÉ Redémarrage: c:\programdata\iepluginservices\pluginservice.exe
SUPPRIMÉ Redémarrage: c:\program files (x86)\sizlsearch\updatesizlsearch.exe
SUPPRIMÉ Redémarrage: c:\windows\system32\drivers\{9d5747ee-0448-4681-8337-1555de75a3b6}gw64.sys
SUPPRIMÉS Temporaires Windows (138) (80 321 018 octets)
SUPPRIMÉS Flash Cookies (0) (0 octets)

========== Tache planifiée ==========
SUPPRIMÉ: Optimizer Pro Schedule
SUPPRIMÉ: SoftwareUpdateTaskMachineCore
SUPPRIMÉ: SoftwareUpdateTaskMachineCore
SUPPRIMÉ: SoftwareUpdateTaskMachineUA


========== Récapitulatif ==========
1 : Processus mémoire
36 : Clés du Registre
20 : Valeurs du Registre
6 : Eléments de donnée du Registre
3 : Dossiers
10 : Fichiers
3 : Logiciels
52 : Préférences navigateur
4 : Tache planifiée


End of clean in 01mn 14s

========== Chemin de fichier rapport ==========
C:\Users\Mulot-13 Admin\AppData\Roaming\ZHP\ZHPFix[R1].txt - 18/07/2014 16:01:56 [10531]

 

La suite un peu plus tard, je dois m'absenter.

 

A+

 

Notpa

[Invité Notpa]

Re,

 

Quelle galère ! Avec FF, les downloads ne fonctionnent pas. Avec IE 11, certains marchent, pas d'autres. De plus, je suis em...dé par des redirections et fenêtres de pub. Bref, j'ai quand même réussi à télécharger et exécuter AdwCeaner et JRT, dont voici les résultats :

 

AdwCleaner :

 

http://cjoint.com/?DGsssL9JKT1

 

JRT :

 

  Citation

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 Pro x64
Ran by Mulot-13 Admin on 18/07/2014 at 18:01:15,84
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~ FireFox

Successfully deleted the following from C:\Users\Mulot-13 Admin\AppData\Roaming\mozilla\firefox\profiles\fmsc4oll.default\prefs.js


Successfully deleted the following from C:\Users\Mulot-13 Admin\AppData\Roaming\mozilla\firefox\profiles\3da09j43.UtilisateurNono\prefs.js



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18/07/2014 at 18:07:05,82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

C'est bon ? Je fais des tests sous FF et te tiens informé.

 

Merci encore.

 

Notpa

[Invité Notpa]

Encore moi...

 

J'ai essayé de télécharger Auslogics Disk Defrag à partir de Zébulon : le bouton Télécharger n’a aucun effet. Si je vais sur le site www.auslogics.com, je peux faire le download. Et ceci en mode sans échec ou normal de FF.

 

Il y a donc encore un truc qui coince....

Par contre, plus de fenêtres de pub ! Génial !

[Invité Notpa]

Bonjour Apollo,

 

A première vue, tout n'est pas réglé : ce matin, après avoir démarré ma machine, j'ai lancé FireFox (page Google par défaut), une page sur un site de jeux à télécharger s'est affichée. Il y a donc une redirection qui traine encore.

 

PS : plus que ça. Je viens d'avoir 2 onglets dans FF ouverts à l'insu de mon plein gré vers des pages de pub !

 

A+

 

Notpa

[Apollo]

Bonjour,

 

Il serait bon de faire un examen personnalisé (complet) avec MBAM.

 

Si tu ne parvenais pas à télécharger les exécutables, je te les hébergerais.

 

1) Télécharger SFTGC.exe sur le Bureau >>>> il ne peut pas être ailleurs! L'y déplacer si nécessaire. http://theknitter-apollo.xooit.com/p22075.htm

Fermer les applications et navigateurs.

Sous XP, double cliquer sur le fichier.
Sous les autres versions de Windows, clic droit sur le fichier et choisir Exécuter en tant qu'administrateur.

Après l'initialisation, cliquer sur Go pour lancer le nettoyage.

Si l'antivirus chicane, désactive-le provisoirement. . Si tu ne sais pas comment faire, reporte-toi à cet article.

Un rapport va s'ouvrir à la fin.
Ce rapport est sur le bureau (SFTGC.txt)

Héberger sur http://cjoint.com pour ne pas planter le sujet. ou http://dl.free.fr/

--------------------------

Fais une analyse Complète (Personnalisée) après le scan rapide. Avec MBAM 2.0.

2) Télécharger MalwareBytes Antimalware sur le bureau. http://fr.malwarebytes.org/

MBAM 2.0 captures d'écran: http://theknitter-apollo.xooit.com/t3536-MBAM-2-0-Captures-d-cran.htm

http://www.pcastuces.com/logitheque/malwarebytes_anti-malware.htm

A la fin de l'installation, décocher la proposition de version d'essai de version Premium.

Cliquer sur Mettre à jour.

Options de langage:

Connecter les supports amovibles (USB) et cliquer sur Examiner maintenant.

Si des objets malveillants sont découverts:

A la fin de l'analyse, cliquer sur Export log et enregistrer le rapport en fichier texte.

Poster ce rapport.

Pour une analyse plus personnalisée, choisir cette option. L'analyse totale des disques, partitions et supports amovibles sera appliquée.

@++

[Invité Notpa]

Re,

 

Plus de problèmes pour télécharger (merci pour ta proposition !). Si je clique sur un lien, je télécharge bien (SFTGC par exemple). MBAM, je l'avais installé il y a 2 jours.

 

Je passe ce programmes et te tiens au jus.

 

PS : le temps que je tape ce message, 2 sessions FF se sont ouvertes avec lien pubs ! Grr !

 

A+

 

Notpa

[Apollo]

Re,

 

Sauvegarde favoris Firefox: http://support.mozilla.org/fr/kb/restaurer-marque-pages-deplacer-ordinateur

 

Désinstaller le navigateur avec RevoUninstaller: http://theknitter-apollo.xooit.com/p20405.htm

Réinstaller le navigateur. (dernière version pour bien faire).

 

------------------------------

Teste puis refais un scan avec ZHPDiag

 

@++