15 sujets de 1 à 15 (sur un total de 17)
  • Auteur
    Messages
  • benaissa
    Participant
    Nombre d'articles : 9

    bonsoir;

    c’est ma première participation dans ce forum ,

    ces derniers jours j’ai eu un problème grave .
    en fait j’ai un centre d’impression , je reçois donc chaque semaine une dizaine de clés usb :P: .
    mon ordi est alors infecté par un virus qui me crée des raccourcis dans mon disque de sauvegarde et sur les clé usb une fois connécter à l’ordi.
    ce virus n’est pas détectable par l’antivirus NOD security . mais le programme “USB DISK SECURITY” affiche que le virus s’appelle ” funny.vbs.vbs” et il ne le supprime pas :shame: .

    merci de me répondre le plus tôt possible et merci d’avance.

    buckhulk
    Participant
    Nombre d'articles : 2398

    Bonjour benaissa

    tu vas passer USBFix :

    USBFix

    Télécharge : UsbFix par El Desaparecido sur ton Bureau.

    A / Si ton antivirus affiche une alerte, ignore-la et désactive l’antivirus temporairement. Tous les Antivirus

    B / Branche toutes tes sources de données externes à ton PC (clé USB, disque dur externe, etc…) sans les ouvrir.
    C / Double clique sur UsbFix.exe.
    D / Valide en cliquant sur Appliquer.
    E / UsbFix se relancera pour prendre en compte tes réglages.
    F / Clique sur Nettoyage.

    H / Laisse travailler l’outil, ton bureau ne sera pas accessible durant la phase de nettoyage.
    I / À la fin du scan, un rapport va s’afficher, poste-le dans ta prochaine réponse sur le forum.

    1 / Le rapport est aussi sauvegardé à la racine du disque système.
    ( C:UsbFixLogUsbFix [Clean 1] Nom de l’ordinateur.txt ).

    ( CTRL+A pour sélectionner, CTRL+C pour copier et CTRL+V pour coller )

    2 / ->> Tutoriel (aide) en images sur le site de l’auteur.
    ___________________________________________________

    ensuite tu me feras un ZHPDiag s’il te plait :merci2:

    • Télécharge ZHPDiag (de Nicolas Coolman) sur ton bureau.
    • Installe le logiciel.
    • Lance ZHPDiag, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Clic sur Complet

      Note : Ne pas fermer le programme même si il est indiqué qu’il ne répond plus.

    • Une fois le scan terminé rends toi sur le bureau, le fichier ZHPDiag.txt à été créé.
    • Héberge le rapport ZHPDiag.txt sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum

    2 rapport dans ta prochaine réponse et tu me dis comment ça va ?

    benaissa
    Participant
    Nombre d'articles : 9

    merci pour votre reponse imediate

    voici le rapport de la premiere etape:
    ############################## | UsbFix V 7.171 | [Nettoyage]

    Utilisateur: user (Administrateur) # USER-PC
    Mis à jour le 18/05/2014 par El Desaparecido – SosVirus
    Lancé à 19:27:16 | 01/06/2014

    Site Web : http://www.usbfix.net/
    Changelog : http://www.usbfix.net/maj/
    Assistance : https://www.sosvirus.net/aide-nettoyage-pc/
    Upload Malware : https://www.sosvirus.net/upload_malware.php
    Contact : http://www.usbfix.net/contact/

    PC: Dell Inc. (01HXXJ)
    CPU: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
    RAM -> [Total : 2048 Mo| Free : 257 Mo]
    Bios: Dell Inc.
    Boot: Normal boot

    OS: Microsoft Windows 7 Edition Starter (6.1.7601 32-Bit) Service Pack 1
    WB: Windows Internet Explorer : 9.0.8112.16421
    WB: Google Chrome : 32.0.1700.107

    SC: Security Center [Enabled]
    WU: Windows Update [Enabled]
    AV: ESET NOD32 Antivirus 5.2 [Enabled | Updated]
    AV: avast! Antivirus [Enabled | Updated]
    AS: ESET NOD32 Antivirus 5.2 [Enabled | Updated]
    AS: avast! Antivirus [Enabled | Updated]
    AS: Windows Defender [Enabled | (!) Outdated]
    FW: Windows FireWall [Enabled]

    C: (%SystemDrive%) -> Disque fixe # 244 Go (106 Go libre(s) – 43%) [OS] # NTFS
    D: -> Disque fixe # 222 Go (189 Go libre(s) – 85%) [Sauvegarde] # NTFS
    E: -> CD-ROM
    F: -> Disque amovible # 1003 Mo (942 Mo libre(s) – 94%) [CHAOUKI@] # FAT

    ################## | Processus Stoppés |

    C:WindowsSystem32wlanext.exe (ID: 1348|ParentID: 884)
    C:WindowsSystem32conhost.exe (ID: 1356|ParentID: 436)
    C:WindowsSystem32spoolsv.exe (ID: 1856|ParentID: 556)
    C:Program FilesCommon FilesAdobeARM1.0armsvc.exe (ID: 1936|ParentID: 556|Système)
    C:Program FilesWIDCOMMBluetooth Softwarebtwdins.exe (ID: 1956|ParentID: 556|Système)
    C:Program FilesCommon FilesInterVideoDeviceServiceDevSvc.exe (ID: 1980|ParentID: 556|Système)
    C:ProgramDataDatacardServiceHWDeviceService.exe (ID: 456|ParentID: 556|Système)
    C:Program FilesCanonIJPLMijplmsvc.exe (ID: 368|ParentID: 556|Système)
    C:ProgramDataInternet MobileOnlineUpdateouc.exe (ID: 776|ParentID: 632|Système)
    C:Program FilesCommon Filesmicrosoft sharedVS7DEBUGMDM.EXE (ID: 504|ParentID: 556|Système)
    C:ProgramDataMobileBrServmbbService.exe (ID: 1096|ParentID: 556|Système)
    C:WindowsSystem32taskhost.exe (ID: 2540|ParentID: 556|user)
    C:WindowsSystem32taskeng.exe (ID: 2572|ParentID: 952|Système)
    C:Program FilesGoogleUpdateGoogleUpdate.exe (ID: 2636|ParentID: 2572|Système)
    C:Windowsexplorer.exe (ID: 2724|ParentID: 2652|user)
    C:Program FilesIntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe (ID: 2888|ParentID: 2724|user)
    C:ProgramDataDatacardServiceDCSHelper.exe (ID: 2924|ParentID: 456|user)
    C:WindowsSystem32hkcmd.exe (ID: 2956|ParentID: 2724|user)
    C:WindowsSystem32igfxpers.exe (ID: 2996|ParentID: 2724|user)
    C:Program FilesUSB Disk SecurityUSBGuard.exe (ID: 3072|ParentID: 2724|user)
    C:ProgramDataAnti-phishing Domain Advisorvisicom_antiphishing.exe (ID: 3176|ParentID: 2724|user)
    C:WindowsSystem32SearchIndexer.exe (ID: 3256|ParentID: 556|Système)
    C:Program FilesCanonQuick MenuCNQMMAIN.EXE (ID: 3356|ParentID: 2724|user)
    C:Program FilesStarterBackgroundChangerStarterBackgroundChangerTask.exe (ID: 3484|ParentID: 2724|user)
    C:Program FilesInternet Download ManagerIDMan.exe (ID: 3672|ParentID: 2724|user)
    C:Program FilesSkypePhoneSkype.exe (ID: 2800|ParentID: 2724|user)
    C:WindowsSystem32wscript.exe (ID: 2788|ParentID: 2724|user)
    C:Program FilesWIDCOMMBluetooth SoftwareBTTray.exe (ID: 2744|ParentID: 2724|user)
    C:Program FilesInternet Download ManagerIEMonitor.exe (ID: 1476|ParentID: 3672|user)
    C:Program FilesWIDCOMMBluetooth SoftwareBTStackServer.exe (ID: 3092|ParentID: 700|user)
    C:Program FilesWIDCOMMBluetooth SoftwareBluetooth Headset Helper.exe (ID: 904|ParentID: 2744|user)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 4600|ParentID: 2724|user)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 4724|ParentID: 4600|user)
    C:Program FilesCanonQuick MenuCNQMUPDT.EXE (ID: 4984|ParentID: 3356|user)
    C:Program FilesCanonQuick MenuCNQMSWCS.EXE (ID: 5020|ParentID: 3356|user)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5216|ParentID: 4600|user)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5280|ParentID: 4600|user)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5304|ParentID: 4600|user)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5320|ParentID: 4600|user)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5332|ParentID: 4600|user)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5364|ParentID: 4600|user)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5380|ParentID: 4600|user)
    C:Program FilesIntelIntel(R) Rapid Storage TechnologyIAStorDataMgrSvc.exe (ID: 2300|ParentID: 556|Système)
    C:Program FilesIntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 2316|ParentID: 556|Système)
    C:Program FilesIntelIntel(R) Management Engine ComponentsUNSUNS.exe (ID: 3416|ParentID: 556|Système)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 4956|ParentID: 4600|user)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 4196|ParentID: 4600|user)
    C:WindowsSystem32WUDFHost.exe (ID: 3972|ParentID: 884|SERVICE LOCAL)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 1896|ParentID: 4600|user)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 1484|ParentID: 4600|user)

    ################## | Autorun |

    F:IdentificationPlantules.lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
    F:biologie mauvaises herbest11 [Mode de compatibilité].lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
    F:orobanche_presentation [Lecture seule] [Mode de compatibilité].lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
    F:dossier sponsoring.lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
    F:DSC_3923.lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
    F:F12.lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
    F:6122013354.lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
    F:Sans titre.lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
    F:poster paysage.lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
    F:centre alami fin.lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
    F:EIE tourisme.lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
    F:etude d’impact garde.lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
    F:img.lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
    F:bizo.lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
    F:pict.lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
    F:bin.lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
    F:.lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
    F:rapactivites-rapactivites08.lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
    F:63.lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)
    F:Sp Mauvaises herbes 9(3&4).lnk -> F:Funny.vbs.vbs – (SHA1: A6DD556A1B2DD112C16AF22AB2F057CF6E069DAB)

    ################## | Recherche générique |

    Supprimé! C:UsersuserAppDataRoamingFunny.vbs.vbs
    Supprimé! C:UsersuserAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupFunny.vbs.vbs
    Supprimé! C:UsersuserAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupUpdat.exe
    Supprimé! C:UsersuserAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupUpdate.exe
    Supprimé! F:Funny.vbs.vbs
    Supprimé! F:.lnk
    Supprimé! F:63.lnk
    Supprimé! F:rapactivites-rapactivites08.lnk
    Supprimé! F:Sp Mauvaises herbes 9(3&4).lnk
    Supprimé! F:biologie mauvaises herbest11 [Mode de compatibilité].lnk
    Supprimé! F:IdentificationPlantules.lnk
    Supprimé! F:orobanche_presentation [Lecture seule] [Mode de compatibilité].lnk
    Supprimé! F:dossier sponsoring.lnk
    Supprimé! F:F12.lnk
    Supprimé! F:DSC_3923.lnk
    Supprimé! F:6122013354.lnk
    Supprimé! F:Sans titre.lnk
    Supprimé! F:poster paysage.lnk
    Supprimé! F:centre alami fin.lnk
    Supprimé! F:EIE tourisme.lnk
    Supprimé! F:etude d’impact garde.lnk
    Supprimé! F:img.lnk
    Supprimé! F:pict.lnk
    Supprimé! F:bizo.lnk
    Supprimé! F:bin.lnk
    Supprimé! C:UsersuserAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupStart.lnk
    Supprimé! F:bin.doc
    Supprimé! F:bizo.doc
    Supprimé! F:img.jpg

    (!) Fichiers temporaires supprimés.

    ################## | Registre |

    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000SoftwareMicrosoftWindowsCurrentVersionRun|Funny
    Supprimé! HKCU|di
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2G
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{094742f8-e13b-11e3-bc29-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{0a1f3498-29b6-11e2-a654-24b6fd1cdda0}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{12b217d5-eba6-11e2-b465-001e101fb681}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{1330ca65-bb2a-11e3-b6f2-806e6f6e6963}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{1a6522d3-211d-11e2-a6f4-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{1a652310-211d-11e2-a6f4-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{1f0efd4d-a6a9-11e2-b004-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{25aae9eb-499a-11e3-9f64-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{28c6d6d9-48d0-11e3-9ef7-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{2b423cde-793c-11e2-8625-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{2ef2909b-11bb-11e3-836c-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{2ef290cc-11bb-11e3-836c-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{2f9d32b0-ad8f-11e2-aea3-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{302b3b0e-8a34-11e2-8eae-001e101f8924}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{38cc1c4f-7121-11e2-855b-001e101f8ed0}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{3e340e5b-242c-11e2-8766-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{480aeda9-23c5-11e3-8379-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{4ec1ffbe-7f76-11e3-8519-001e101f63cf}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{60732888-25ee-11e2-a723-24b6fd1cdda0}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{62af7174-8bb3-11e2-892e-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{6724e2b3-79cc-11e2-afb5-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{696aa803-96d6-11e3-8323-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{6bc6fe6e-d605-11e2-836f-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{75e9f100-79ed-11e2-9f34-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{7c2caeb1-87df-11e2-b454-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{7c2caef9-87df-11e2-b454-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{7d0dbd17-ca9e-11e2-a9eb-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{869e9728-8e9e-11e3-924a-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{869e973c-8e9e-11e3-924a-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{87dcbaa6-716b-11e3-950d-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{8cc46a18-e901-11e3-9bb5-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{8cc46a35-e901-11e3-9bb5-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{8d2d8e01-8e79-11e2-861b-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{9a87b33f-72e2-11e2-8950-001e101f3315}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{9a87b370-72e2-11e2-8950-001e101f3315}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{9ebb87df-5b0e-11e2-8865-24b6fd1cdda0}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{a01a39ee-22ad-11e2-8670-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{a57f1233-7cea-11e2-8a31-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{aed799dc-52ba-11e2-b169-24b6fd1cdda0}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{afe925f9-89e4-11e3-a2ce-806e6f6e6963}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{b2261d38-1f03-11e3-9582-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{b2261d6d-1f03-11e3-9582-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{b7486817-1d5b-11e3-bd64-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{bc7a288a-a923-11e2-8c57-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{c0a57387-38e9-11e2-9e5c-001e101f63cf}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{c154270c-511a-11e3-927c-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{c154272d-511a-11e3-927c-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{d0c30ad1-2111-11e2-a329-642737d0044d}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{d0c30b1f-2111-11e2-a329-001e101f1f81}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{d0c30b40-2111-11e2-a329-001e101f1f81}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{d501dd62-4c4e-11e3-94a9-24b6fd1cdda0}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{d6b654f9-9cc3-11e3-8e93-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{d97b4e80-5a16-11e3-91da-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{dba3b83b-92d1-11e2-855d-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{e2cdcb35-2ce7-11e3-bd25-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{e5be0f44-3a8e-11e3-9974-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{e86a60fc-2441-11e2-b43a-642737d0044d}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{e9195d3f-9251-11e2-8326-642737d0044e}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{eed18bc9-2a84-11e2-87d4-24b6fd1cdda0}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{f55177b9-58fc-11e2-b1b1-642737d0044d}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{f5517807-58fc-11e2-b1b1-001e101f8ed0}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{fa50e63d-42c0-11e2-b1af-24b6fd1cdda0}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{fa64bae6-36f6-11e2-87db-24b6fd1cdda0}
    Supprimé! HKUS-1-5-21-2931659078-2909613575-642730951-1000Software….Mountpoints2{fddf13b2-8895-11e2-8569-642737d0044e}

    ################## | Regedit Run |

    F2 – HKLM..Winlogon : [Shell] explorer.exe
    F2 – HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
    04 – HKCU..Run : [StarterBackgroundChanger] “C:Program FilesStarterBackgroundChangerStarterBackgroundChangerTask.exe”
    04 – HKCU..Run : [Internet Download Accelerator] C:Program FilesIDAida.exe -autorun
    04 – HKCU..Run : [IDMan] C:Program FilesInternet Download ManagerIDMan.exe /onboot
    04 – HKCU..Run : [Speech Recognition] “C:WindowsSpeechCommonsapisvr.exe” -SpeechUX -Startup
    04 – HKCU..Run : [Facebook Update] “C:UsersuserAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
    04 – HKCU..Run : [Apps Hat] C:UsersuserAppDataLocalWebPlayerAppsHatWebPlayer.exe
    04 – HKCU..Run : [Skype] “C:Program FilesSkypePhoneSkype.exe” /minimized /regrun
    04 – HKLM..Run : [IAStorIcon] C:Program FilesIntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe
    04 – HKLM..Run : [IgfxTray] C:Windowssystem32igfxtray.exe
    04 – HKLM..Run : [HotKeysCmds] C:Windowssystem32hkcmd.exe
    04 – HKLM..Run : [Persistence] C:Windowssystem32igfxpers.exe
    04 – HKLM..Run : [egui] “C:Program FilesESETESET NOD32 Antivirusegui.exe” /hide /waitservice
    04 – HKLM..Run : [USB Antivirus] C:Program FilesUSB Disk SecurityUSBGuard.exe
    04 – HKLM..Run : [Adobe ARM] “C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe”
    04 – HKLM..Run : [AMD Catalyst] C:ProgramDataCatalystcolor.exe
    04 – HKLM..Run : [Anti-phishing Domain Advisor] “C:ProgramDataAnti-phishing Domain Advisorvisicom_antiphishing.exe”
    04 – HKLM..Run : [SweetIM] C:Program FilesSweetIMMessengerSweetIM.exe
    04 – HKLM..Run : [CanonQuickMenu] C:Program FilesCanonQuick MenuCNQMMAIN.EXE /logon
    04 – HKLM..Run : [avast5] “C:Program FilesAlwil SoftwareAvast5avastUI.exe” /nogui
    04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-21-2931659078-2909613575-642730951-1000..Run : [StarterBackgroundChanger] “C:Program FilesStarterBackgroundChangerStarterBackgroundChangerTask.exe”
    04 – HKUS-1-5-21-2931659078-2909613575-642730951-1000..Run : [Internet Download Accelerator] C:Program FilesIDAida.exe -autorun
    04 – HKUS-1-5-21-2931659078-2909613575-642730951-1000..Run : [IDMan] C:Program FilesInternet Download ManagerIDMan.exe /onboot
    04 – HKUS-1-5-21-2931659078-2909613575-642730951-1000..Run : [Speech Recognition] “C:WindowsSpeechCommonsapisvr.exe” -SpeechUX -Startup
    04 – HKUS-1-5-21-2931659078-2909613575-642730951-1000..Run : [Facebook Update] “C:UsersuserAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
    04 – HKUS-1-5-21-2931659078-2909613575-642730951-1000..Run : [Apps Hat] C:UsersuserAppDataLocalWebPlayerAppsHatWebPlayer.exe
    04 – HKUS-1-5-21-2931659078-2909613575-642730951-1000..Run : [Skype] “C:Program FilesSkypePhoneSkype.exe” /minimized /regrun
    04 – HKUS-1-5-19..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
    04 – HKUS-1-5-20..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe

    ################## | C: %SystemDrive% – Disque Fixe (NTFS) |

    [10/06/2009 – 22:42:20 | N | 0 Ko] – C:config.sys
    [28/03/2012 – 05:39:02 | N | 256 Ko] – C:index.sys
    [10/10/2013 – 21:11:19 | RASH | 0 Ko] – C:MSDOS.SYS
    [10/10/2013 – 21:11:19 | RASH | 0 Ko] – C:IO.SYS
    [01/06/2014 – 18:34:11 | ASH | 1572864 Ko] – C:hiberfil.sys
    [01/06/2014 – 18:34:13 | ASH | 2097152 Ko] – C:pagefile.sys
    [31/05/2014 – 21:46:23 | D] – C:Config.Msi
    [27/03/2012 – 12:11:44 | SHD] – C:$Recycle.Bin
    [10/06/2009 – 22:42:20 | A | 0 Ko] – C:autoexec.bat
    [14/07/2009 – 05:53:55 | SHD] – C:Documents and Settings
    [27/03/2012 – 12:11:24 | SHD] – C:Recovery
    [28/03/2012 – 04:54:49 | D] – C:Intel
    [02/02/2013 – 01:07:13 | RHD] – C:MSOCache
    [10/04/2013 – 11:51:47 | D] – C:Othmany Quran
    [24/11/2013 – 18:15:36 | D] – C:SmartSound Software
    [13/02/2014 – 00:53:05 | D] – C:Users
    [31/05/2014 – 21:45:32 | SHD] – C:System Volume Information
    [31/05/2014 – 21:45:36 | D] – C:Program Files
    [31/05/2014 – 21:45:45 | D] – C:Windows
    [01/06/2014 – 11:33:02 | HD] – C:ProgramData
    [01/06/2014 – 18:57:11 | D] – C:UsbFix

    ################## | D: – Disque Fixe (NTFS) |

    [27/03/2012 – 12:19:31 | SHD] – D:$RECYCLE.BIN
    [27/03/2012 – 12:19:36 | SHD] – D:System Volume Information
    [06/01/2014 – 21:13:05 | D] – D:music
    [30/05/2014 – 18:44:38 | D] – D:ismail

    ################## | F: – Disque USB (FAT) |

    [16/05/2014 – 18:02:10 | HD] – F:.Trashes
    [16/05/2014 – 18:02:10 | SH | 4 Ko] – F:._.Trashes
    [16/05/2014 – 18:02:12 | HD] – F:.Spotlight-V100
    [15/05/2014 – 01:04:14 | N | 71 Ko] – F:Sans titre.png
    [15/05/2014 – 02:22:20 | N | 1141 Ko] – F:6122013354.png
    [18/01/2007 – 09:56:58 | N | 14041 Ko] – F:Sp Mauvaises herbes 9(3&4).PDF
    [06/05/2014 – 10:07:50 | N | 7185 Ko] – F:rapactivites-rapactivites08.pdf
    [06/05/2014 – 10:09:50 | N | 427 Ko] – F:63.pdf
    [06/05/2014 – 10:17:02 | N | 8800 Ko] – F:biologie mauvaises herbest11 [Mode de compatibilité].pdf
    [06/05/2014 – 10:18:20 | N | 1701 Ko] – F:orobanche_presentation [Lecture seule] [Mode de compatibilité].pdf
    [06/05/2014 – 10:23:00 | N | 5383 Ko] – F:IdentificationPlantules.pdf
    [08/05/2014 – 23:23:20 | N | 717 Ko] – F:dossier sponsoring.pdf
    [14/05/2014 – 16:25:44 | N | 626 Ko] – F:centre alami fin.pdf
    [18/05/2014 – 21:26:42 | N | 208 Ko] – F:etude d’impact garde.pdf
    [18/05/2014 – 22:50:24 | N | 2291 Ko] – F:EIE tourisme.pdf
    [22/09/2013 – 21:39:22 | N | 1 Ko] – F:pict.jpg
    [23/12/2013 – 21:06:30 | N | 129 Ko] – F:DSC_3923.jpg
    [16/05/2014 – 15:29:46 | N | 14819 Ko] – F:poster paysage.jpg
    [16/05/2014 – 18:02:12 | HD] – F:.fseventsd
    [08/05/2014 – 23:23:58 | N | 1007 Ko] – F:F12.docx
    [16/08/2013 – 16:19:32 | N | 1 Ko] – F:Zain
    [08/05/2014 – 21:26:30 | SHD] – F:System Volume Information
    [19/05/2014 – 10:12:02 | D] – F:Nouveau dossier

    ################## | Vaccin |

    D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

    ################## | E.O.F | https://www.sosvirus.net/ | http://www.usbfix.net/ |

    buckhulk
    Participant
    Nombre d'articles : 2398

    ;)

    benaissa
    Participant
    Nombre d'articles : 9

    rebonsoir :

    enfin j’ai reussi voici le lien:
    https://antimalware.top/www/?a=d&i=2iu01ntlKH” onclick=”window.open(this.href);return false;

    buckhulk
    Participant
    Nombre d'articles : 2398

    beaucoup d’infections ….

    tu vas commencer par passer Adwcleaner , Malwarebytes, et Shortcut_Module , ensuite tu referas un ZHPDiag :(

    :merci2:

    • Télécharge Adwcleaner (de Xplode) sur ton Bureau !
    • Fais clic droit dessus, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista,sinon double-clique pour XP
      1. Choisis l’option Scanner
      2. Choisis l’option Nettoyer
    • Accepte l’avertissement en cliquant sur OK

    • Accepte les avertissements/informations en cliquant sur OK
    • Copie et Colle le contenu du rapport qui apparaît au redémarrage du PC

    ____________________________________

    • Télécharge MalwareBytes
    • Procède à l’installation de celui çi Décocher “Activer l’essai gratuit de Malwarebytes Anti-Malware Premium”
    • Clic sur Mettre à jour (à droite, au centre)
    • Clic sur Examen (en haut)
    • Sélectionne Examen “Menaces”
    • Clic sur Examiner maintenant

    • A la fin du scan clic sur Tout mettre en quarantaine !
    • Clic sur Copier dans le Presse-papiers
    • Un rapport va s’ouvrir. Copie/Colle son contenue dans ta prochaine réponse.

    __________________________________

    • Désactive ton antivirus sinon l’outil ne pourra pas travailler convenablement.
    • Télécharge Shortcut_Module sur ton bureau.

      Note : Enregistrer votre travail avant de continuer !

    • Lance Shortcut_Module,
    • Clic sur Nettoyer

      Note : Patiente le temps du scan

    • Laisse travailler l’outil même s’il te parait bloqué
    • Si l’outil détecte un proxy que tu ne connais pas clic sur : “Supprimer le proxy
    • Héberge le rapport C:Shortcut_Module_date_heure.txt sur https://antimalware.top/” onclick=”window.open(this.href);return false; puis donne le lien obtenu

    ________________________________________

    :merci2:

    benaissa
    Participant
    Nombre d'articles : 9

    voici le contenu de AdwCleaner:
    # AdwCleaner v3.211 – Rapport créé le 01/06/2014 à 20:37:29
    # Mis à jour le 26/05/2014 par Xplode
    # Système d’exploitation : Windows 7 Starter Service Pack 1 (32 bits)
    # Nom d’utilisateur : user – USER-PC
    # Exécuté depuis : C:UsersuserDesktopadwcleaner_3.211.exe
    # Option : Nettoyer

    ***** [ Services ] *****

    [#] Service Supprimé : IBUpdaterService
    [#] Service Supprimé : Update Mega Browse

    ***** [ Fichiers / Dossiers ] *****

    Dossier Supprimé : C:ProgramDataAnti-phishing Domain Advisor
    Dossier Supprimé : C:ProgramDataBabylon
    Dossier Supprimé : C:ProgramDataDigiSaver
    Dossier Supprimé : C:ProgramDataSNT
    Dossier Supprimé : C:ProgramDataSweetIM
    Dossier Supprimé : C:ProgramDataVisualBee
    Dossier Supprimé : C:ProgramDatawEabsavEE
    Dossier Supprimé : C:ProgramDataYoutubeAdblocker
    Dossier Supprimé : C:Program FilesDigiSaver
    Dossier Supprimé : C:Program FilesMega Browse
    Dossier Supprimé : C:Program FilesMyPC Backup
    Dossier Supprimé : C:Program FilesSNT
    Dossier Supprimé : C:Program FilesSweetIM
    Dossier Supprimé : C:Program Filessweetpacks bundle uninstaller
    Dossier Supprimé : C:Program FileswEabsavEE
    Dossier Supprimé : C:Program FilesYoutubeAdblocker
    Dossier Supprimé : C:WindowsInstaller{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
    Dossier Supprimé : C:Windowssystem32ARFC
    Dossier Supprimé : C:Windowssystem32jmdp
    Dossier Supprimé : C:Windowssystem32WNLT
    Dossier Supprimé : C:usersuserAppDataLocalapn
    Dossier Supprimé : C:usersuserAppDataLocalb1e
    Dossier Supprimé : C:usersuserAppDataLocalBabylon
    Dossier Supprimé : C:usersuserAppDataLocalBundled software uninstaller
    Dossier Supprimé : C:usersuserAppDataLocalgenienext
    Dossier Supprimé : C:usersuserAppDataLocaliLivid
    Dossier Supprimé : C:usersuserAppDataLocalMobogenie
    Dossier Supprimé : C:usersuserAppDataLocaltorch
    Dossier Supprimé : C:usersuserAppDataLocalTempwebget
    Dossier Supprimé : C:usersuserAppDataRoamingB1Toolbar
    Dossier Supprimé : C:usersuserAppDataRoamingBabylon
    Dossier Supprimé : C:usersuserAppDataRoamingnewnext.me
    Dossier Supprimé : C:usersuserAppDataRoamingOpenCandy
    Dossier Supprimé : C:usersuserDocumentsMobogenie
    Dossier Supprimé : C:UsersuserAppDataLocalGoogleChromeUser DataDefaultExtensionshahpjplbmicfkmoccokbjejahjjpnena
    Dossier Supprimé : C:UsersuserAppDataLocalGoogleChromeUser DataDefaultExtensionsogccgbmabaphcakpiclgcnmcnimhokcj
    Dossier Supprimé : C:UsersAdministrateurAppDataLocalGoogleChromeUser DataDefaultExtensionsghidoagigpolbjipegiemahknjmmhnam
    Dossier Supprimé : C:UsersInvitéAppDataLocalGoogleChromeUser DataDefaultExtensionsghidoagigpolbjipegiemahknjmmhnam
    Dossier Supprimé : C:UsersuserAppDataLocalGoogleChromeUser DataDefaultExtensionsghidoagigpolbjipegiemahknjmmhnam
    Dossier Supprimé : C:UsersAdministrateurAppDataLocalGoogleChromeUser DataDefaultExtensionsgolapeopndcilhkgbckmeoengmkanncj
    Dossier Supprimé : C:UsersInvitéAppDataLocalGoogleChromeUser DataDefaultExtensionsgolapeopndcilhkgbckmeoengmkanncj
    Dossier Supprimé : C:UsersuserAppDataLocalGoogleChromeUser DataDefaultExtensionsgolapeopndcilhkgbckmeoengmkanncj
    Dossier Supprimé : C:UsersAdministrateurAppDataLocalGoogleChromeUser DataDefaultExtensionslpgpcfgfkblfaaeanejjbcfjedihenmf
    Dossier Supprimé : C:UsersInvitéAppDataLocalGoogleChromeUser DataDefaultExtensionslpgpcfgfkblfaaeanejjbcfjedihenmf
    Dossier Supprimé : C:UsersuserAppDataLocalGoogleChromeUser DataDefaultExtensionslpgpcfgfkblfaaeanejjbcfjedihenmf
    Fichier Supprimé : C:Windowssystem32ImhxxpComm.dll
    Fichier Supprimé : C:usersuserdaemonprocess.txt
    Fichier Supprimé : C:usersuserAppDataRoamingMozillaFirefoxProfilesmaos1urt.defaultsearchpluginsAskcom.xml
    Fichier Supprimé : C:usersuserAppDataRoamingMozillaFirefoxProfilesmaos1urt.defaultsearchpluginsbabylon1.xml
    Fichier Supprimé : C:usersuserAppDataRoamingMozillaFirefoxProfilesmaos1urt.defaultsearchpluginsSweetIm.xml
    Fichier Supprimé : C:usersuserAppDataRoamingMozillaFirefoxProfilesmaos1urt.defaultsearchpluginsWebSearch.xml
    Fichier Supprimé : C:usersuserAppDataRoamingMozillaFirefoxProfilesmaos1urt.defaultuser.js

    ***** [ Raccourcis ] *****

    ***** [ Registre ] *****

    Clé Supprimée : HKLMSOFTWAREGoogleChromeExtensionshahpjplbmicfkmoccokbjejahjjpnena
    Clé Supprimée : HKLMSOFTWAREGoogleChromeExtensionsogccgbmabaphcakpiclgcnmcnimhokcj
    Valeur Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionRun [Apps Hat]
    Clé Supprimée : HKLMSOFTWAREClassesAppIDescort.DLL
    Clé Supprimée : HKLMSOFTWAREClassesApplicationsilividsetup.exe
    Clé Supprimée : HKLMSOFTWAREClassesbbylntlbr.bbylntlbrHlpr
    Clé Supprimée : HKLMSOFTWAREClassesbbylntlbr.bbylntlbrHlpr.1
    Clé Supprimée : HKLMSOFTWAREClassesMediaPlayer.GraphicsUtils
    Clé Supprimée : HKLMSOFTWAREClassesMediaPlayer.GraphicsUtils.1
    Clé Supprimée : HKLMSOFTWAREClassesMgMediaPlayer.GifAnimator
    Clé Supprimée : HKLMSOFTWAREClassesMgMediaPlayer.GifAnimator.1
    Clé Supprimée : HKLMSOFTWAREClassesProd.cap
    Clé Supprimée : HKLMSOFTWAREClassessim-packages
    Clé Supprimée : HKLMSOFTWAREClassesSWEETIE.IEToolbar
    Clé Supprimée : HKLMSOFTWAREClassesSWEETIE.IEToolbar.1
    Clé Supprimée : HKLMSOFTWAREClassessweetim_urlsearchhook.toolbarurlsearchhook
    Clé Supprimée : HKLMSOFTWAREClassessweetim_urlsearchhook.toolbarurlsearchhook.1
    Clé Supprimée : HKLMSOFTWAREClassesToolbar3.sweetie
    Clé Supprimée : HKLMSOFTWAREClassesToolbar3.sweetie.1
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingapnstub_RASAPI32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingapnstub_RASMANCS
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingaskpartnercobrandingtool_rasapi32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingaskpartnercobrandingtool_rasmancs
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingAskPIP_FF__RASAPI32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingAskPIP_FF__RASMANCS
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingAskSLib_RASAPI32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingAskSLib_RASMANCS
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingAskToolbar_RASAPI32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingAskToolbar_RASMANCS
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingau__rasapi32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingau__rasmancs
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingBabylon_RASAPI32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingBabylon_RASMANCS
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingBackupStack_RASAPI32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingBackupStack_RASMANCS
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingbiclient_RASAPI32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingbiclient_RASMANCS
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingBundleSweetIMSetup_RASAPI32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingBundleSweetIMSetup_RASMANCS
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingiLividSetup_RASAPI32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingiLividSetup_RASMANCS
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingLatestDLMgr_RASAPI32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingLatestDLMgr_RASMANCS
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingMegaBrowse_RASAPI32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingMegaBrowse_RASMANCS
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingMobogenie_RASAPI32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingMobogenie_RASMANCS
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingsweetim_rasapi32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingsweetim_rasmancs
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingsweetpacksupdatemanager_rasapi32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingSweetPacksUpdateManager_RASMANCS
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingTaskScheduler_RASAPI32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingTaskScheduler_RASMANCS
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingupdateBrowseSmart_RASAPI32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingupdateBrowseSmart_RASMANCS
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingupdateMegaBrowse_RASAPI32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingupdateMegaBrowse_RASMANCS
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingutilBrowseSmart_RASAPI32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingutilBrowseSmart_RASMANCS
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingutilMegaBrowse_RASAPI32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingutilMegaBrowse_RASMANCS
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionApp PathsMobogenieAdd
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionApp PathsSweetIM.exe
    Valeur Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionRun [Anti-phishing Domain Advisor]
    Valeur Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionRun [SweetIM]
    Valeur Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionSharedDLLs [C:Program FilesSweetIMToolbarsInternet ExplorermgHelperApp.exe]
    Valeur Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionSharedDLLs [C:Program FilesSweetIMToolbarsInternet ExplorermgToolbarProxy.dll]
    Clé Supprimée : HKCUSoftware23575e480bfee127dbd180edc79be36d
    Clé Supprimée : HKCUSoftwareAppDataLow{5F189DF5-2D05-472B-9091-84D9848AE48B}
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallS-5521066580
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingSoftonicDownloader_pour_sopcast_RASAPI32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingSoftonicDownloader_pour_sopcast_RASMANCS
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingSoftonicDownloader_pour_video-to-video-converter_RASAPI32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingSoftonicDownloader_pour_video-to-video-converter_RASMANCS
    Clé Supprimée : HKLMSOFTWAREClassesAppID{09C554C3-109B-483C-A06B-F14172F1A947}
    Clé Supprimée : HKLMSOFTWAREClassesAppID{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{2EECD738-5844-4A99-B4B6-146BF802613B}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{82AC53B4-164C-4B07-A016-437A8388B81A}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{E46C8196-B634-44A1-AF6E-957C64278AB1}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{EEE6C35B-6118-11DC-9C72-001320C79847}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{EEE6C35C-6118-11DC-9C72-001320C79847}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{EEE6C35D-6118-11DC-9C72-001320C79847}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{A439801C-961D-452C-AB42-7848E9CBD289}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{EEE6C358-6118-11DC-9C72-001320C79847}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{EEE6C359-6118-11DC-9C72-001320C79847}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{EEE6C35A-6118-11DC-9C72-001320C79847}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
    Clé Supprimée : HKLMSOFTWAREClassesTypeLib{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
    Clé Supprimée : HKLMSOFTWAREClassesTypeLib{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
    Clé Supprimée : HKLMSOFTWAREClassesTypeLib{EEE6C35E-6118-11DC-9C72-001320C79847}
    Clé Supprimée : HKLMSOFTWAREClassesTypeLib{EEE6C35F-6118-11DC-9C72-001320C79847}
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{EEE6C35C-6118-11DC-9C72-001320C79847}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{EEE6C35B-6118-11DC-9C72-001320C79847}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{EEE6C35C-6118-11DC-9C72-001320C79847}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{EEE6C35B-6118-11DC-9C72-001320C79847}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{EEE6C35C-6118-11DC-9C72-001320C79847}
    Clé Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{628F3201-34D0-49C0-BB9A-82A26AEFB291}
    Clé Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{EEE6C367-6118-11DC-9C72-001320C79847}
    Clé Supprimée : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
    Clé Supprimée : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
    Clé Supprimée : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
    Clé Supprimée : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
    Clé Supprimée : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{EEE6C360-6118-11DC-9C72-001320C79847}
    Clé Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
    Clé Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes{EEE6C360-6118-11DC-9C72-001320C79847}
    Valeur Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerToolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
    Clé Supprimée : HKCUSoftwareAPN PIP
    Clé Supprimée : HKCUSoftwareBabylonToolbar
    Clé Supprimée : HKCUSoftwareBI
    Clé Supprimée : HKCUSoftwareIM
    Clé Supprimée : HKCUSoftwareImInstaller
    Clé Supprimée : HKCUSoftwareInstallCore
    Clé Supprimée : HKCUSoftwareOptimizer Pro
    Clé Supprimée : HKCUSoftwarePIP
    Clé Supprimée : HKCUSoftwareRegisteredApplicationsEx
    Clé Supprimée : HKCUSoftwareSoftonic
    Clé Supprimée : HKCUSoftwarevisualbee
    Clé Supprimée : HKCUSoftwareWebplayer
    Clé Supprimée : HKCUSoftwareWNLT
    Clé Supprimée : HKCUSoftwareAppDataLow{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
    Clé Supprimée : HKCUSoftwareAppDataLowSoftware
    Clé Supprimée : HKLMSoftware{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
    Clé Supprimée : HKLMSoftware{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
    Clé Supprimée : HKLMSoftware{5F189DF5-2D05-472B-9091-84D9848AE48B}
    Clé Supprimée : HKLMSoftware{77D46E27-0E41-4478-87A6-AABE6FBCF252}
    Clé Supprimée : HKLMSoftwareBabylon
    Clé Supprimée : HKLMSoftwareBabylonToolbar
    Clé Supprimée : HKLMSoftwarevisualbee
    Clé Supprimée : HKLMSoftwareWNLT
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstall{7223EDAC-E091-B3C1-BD91-B66CE557800F}
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstall{96E2E493-C484-43E3-9B95-D62EE7D40D3A}
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstall{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstall{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstall{ea8fa6be-29be-4af2-9352-841f83215eb0}
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallAnti-phishing Domain Advisor
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallOptimizer Pro_is1
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallSweetIM Bundle by SweetPacks
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallWNLT
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components2F47BF73B948514FAACADD8CBBDF37D
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components7D5290CDBDAE4242926B8E6CA650501
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components80D9F5E1E95FEE4794CE438E635239E
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components8E33F7B61DEFF24BB9673ED7D467636
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsE3D8A5B48622A445A7DF73FEFF32C3F
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components12BF94BD06C95F343A77631402B9556A
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components1E264E0A5959A1C46BA9175A878B12EA
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components2124D8A8CF720FD44866190AF560228E
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components27A325ACED8CA4743A30127638591ADB
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components2E6768B6932D112438F047C54D180635
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components34EDDB1BFB3A2D448845F3EFD0F15A43
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components350D17402BD84234EAF7D32F08172D7C
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components351716A953E21214898904032EAE2E81
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components397C771A7BCAC904697C3EC629ED33ED
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components3EE8C5F419057E1478A654868CEE60B5
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components427EA997C413D1D47907CBFC7B2DB432
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components4318DF19719275242801CBE292063A4C
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components45FC115D1FEAEF849A4E1610D6EC8BF0
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components46A5861A389ADB844AF89E31BC9DF0A1
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components4735D908D66E1BA46B6C2D7185A12B2B
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components49B0E1A6FF50BBE4289E4E23DE6EA0C7
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components4CCCAC049F34D0540AAC13011398BEDB
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components5C4389D0BFB302C479DE4178BD5D9EBA
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components5D2B09BDEF4FE54418E6F3373CDBC7AC
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components61B65D3397A1FBF4CB1571B5E4F6B5B0
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components68E8A05C60DD9254591DBD16C94EDDBF
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components697E782CF574CC34CBB9566440BA12BC
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components69D6A6B2ED56AF24EA6335EAD6E91CA4
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components6AE27A8613CF7EA4782F2886F67295E5
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components75D5168E5E176C24981B4E5DBD991078
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components76D8378E2DDAED3428720A631F6E3BF0
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components7CE172051F585E04187BCB97570BFA74
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components7FFA128C2B0FF414D805FC5627883401
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components86A901BA5265452499DCBF719C378EE3
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components86EDC790504E1834DBC20C9A04328FD2
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components8724E58E6C7D00C48A0D4F3345EB2C26
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components88ABD1CD5C40EC84789A7F6EF86DAC5E
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components97C3D0F82E712E241A2F969F45E3351C
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components980289C22F80A7C4BB9323DC61255E4E
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components98CC8BF5A4A6E6C4ABF7051DDAB8B058
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components9A001B259DB7D694E818BE29B973992C
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components9A4B7EF3789F871419D9302583B20C15
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components9E7F556BF224D804D96A96F0F6344789
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsA189D17A469616C4688D23E192996267
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsA6C53B0F76C44004A8F36716213017DB
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsAB676B0E1B9EFA049B9F7DDDA9645734
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsB31BBB0B825EDEF45AB0FE7099C68C81
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsB471D8D7319336B4CA89374ED0D7B806
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsB59F2D8189784CC46A4597F2842480B0
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsBAE2EC163C6A68A48921573E0E7E199D
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsBC30043663AA2CA4DA1DAA9CA5FDCC75
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsBD746FB95FB8E5B45BF66BE54D5FD91F
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsBF4F885EDEE45644EB1E0C99E0162399
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsC06C6662FA5B04646829E4A460857770
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsCCF399FCD6D2D3F46BF02A1378654FC9
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsCE21F3FD57B244142880EF15A165A156
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsCEEB3E14ABE8270419B0FD762E18F7C6
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsD149C1355C98DE24E82CEFBD996FE06A
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsD15DAF33C220F91468A1D7D57C31ACD7
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsD3BA76A44C779424889063D5098ED2D6
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsD6D0EB9FDBD90C04D92A7E729058F10D
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsDB59FDB786388EA4D897F3EE715683AC
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsDB8DAD19CFBCC2049A4477183787E8C5
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsE1C820A74ED67374BA048B52CB3C3804
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsE4748F9A4181FCE46A23C13B517B9420
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsEC65F200D112357449C8B1BC3CFA03D0
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsED1B5E9A3BDB51349BF96E842C062D98
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsF327D0C73C0973644A21E8CC852267A0
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsF754C503375A13344B22388E18DFE87E
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsFA96423FE2B98E248A3B23548D1E22D9
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsFDC83385E6C239F4C876A77A37DF581D
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsFECBC2BC14DA6CD459BD59A041709836
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ProductsB2FD9C0A5B9838449838816A28001F4B
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ProductsEB6AF8AEEB922FA4392548F13812E50B
    Clé Supprimée : HKLMSoftwareClassesInstallerFeaturesB2FD9C0A5B9838449838816A28001F4B
    Clé Supprimée : HKLMSoftwareClassesInstallerFeaturesEB6AF8AEEB922FA4392548F13812E50B
    Clé Supprimée : HKLMSoftwareClassesInstallerProductsB2FD9C0A5B9838449838816A28001F4B
    Clé Supprimée : HKLMSoftwareClassesInstallerProductsEB6AF8AEEB922FA4392548F13812E50B
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUpgradeCodes789034A89BAC50E4782F0A7BDBF75632
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUpgradeCodesA97CEC23332751B47BA4B95BAA50C9D0

    ***** [ Navigateurs ] *****

    -\ Internet Explorer v9.0.8112.16464

    Paramètre Restauré : HKCUSoftwareMicrosoftInternet ExplorerMain [Search Page Before]
    Paramètre Restauré : HKCUSoftwareMicrosoftInternet ExplorerMain [Start Page]
    Paramètre Restauré : HKLMSOFTWAREMicrosoftInternet ExplorerMain [Start Page]

    -\ Mozilla Firefox v

    [ Fichier : C:usersuserAppDataRoamingMozillaFirefoxProfilesmaos1urt.defaultprefs.js ]

    Ligne Supprimée : user_pref(“browser.search.order.1”, “WebSearch”);
    Ligne Supprimée : user_pref(“browser.search.defaultengine”, “Ask.com”);
    Ligne Supprimée : user_pref(“browser.search.defaultenginename”, “WebSearch”);
    Ligne Supprimée : user_pref(“extensions.asktb.ff-original-keyword-url”, “”);
    Ligne Supprimée : user_pref(“sweetim.toolbar.previous.browser.startup.homepage”, “hxxp://www.ask.com/?l=dis&o=15003”);
    Ligne Supprimée : user_pref(“sweetim.toolbar.urls.homepage”, “hxxp://home.sweetim.com/?crg=3.1010000.00000&barid={379E4CE4-6883-11E2-84B2-24B6FD1CDDA0}”);
    Ligne Supprimée : user_pref(“sweetim.toolbar.previous.browser.search.defaultenginename”, “Ask.com”);
    Ligne Supprimée : user_pref(“sweetim.toolbar.previous.browser.search.selectedEngine”, “Ask.com”);
    Ligne Supprimée : user_pref(“browser.search.defaulturl”, “hxxp://websearch.webisgreat.info/?pid=512&r=2014/02/12&hid=4155509761874720991&lg=EN&cc=MA&unqvl=48&l=1&q=”);
    Ligne Supprimée : user_pref(“sweetim.toolbar.previous.keyword.URL”, “hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=SPC2&o=15000&locale=fr_US&apn_uid=9ee9253c-73a9-4b1c-8c21-3d2d255ea419&apn_ptnrs=%5EPV&apn_saui[…]
    Ligne Supprimée : user_pref(“browser.search.order.1,S”, “WebSearch”);
    Ligne Supprimée : user_pref(“browser.search.defaultenginename,S”, “WebSearch”);
    Ligne Supprimée : user_pref(“browser.search.selectedEngine,S”, “WebSearch”);

    -\ Google Chrome v32.0.1700.107

    [ Fichier : C:UsersuserAppDataLocalGoogleChromeUser DataDefaultpreferences ]

    Supprimée [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=SPC2&o=15000&locale=fr_US&apn_uid=9ee9253c-73a9-4b1c-8c21-3d2d255ea419&apn_ptnrs=%5EPV&apn_sauid=D3BF5177-7D9D-4CCB-BA35-8A42F776285B&apn_dtid=%5EYYYYYY%5EYY%5EMA&q=” onclick=”window.open(this.href);return false;{searchTerms}
    Supprimée [Search Provider] : hxxp://search.sweetim.com/search.asp?src=6&q=” onclick=”window.open(this.href);return false;{searchTerms}&crg=3.1010000.00000&barid={379E4CE4-6883-11E2-84B2-24B6FD1CDDA0}
    Supprimée [Search Provider] : hxxp://websearch.webisgreat.info/?l=1&q=” onclick=”window.open(this.href);return false;{searchTerms}&pid=512&r=2014/02/12&hid=4155509761874720991&lg=EN&cc=MA&unqvl=48
    Supprimée [Startup_urls] : hxxp://websearch.webisgreat.info/?pid=512&r=2014/02/12&hid=4155509761874720991&lg=EN&cc=MA&unqvl=48″ onclick=”window.open(this.href);return false;
    Supprimée [Homepage] : hxxp://websearch.webisgreat.info/?pid=512&r=2014/02/12&hid=4155509761874720991&lg=EN&cc=MA&unqvl=48″ onclick=”window.open(this.href);return false;
    Supprimée [Extension] : ghidoagigpolbjipegiemahknjmmhnam
    Supprimée [Extension] : golapeopndcilhkgbckmeoengmkanncj
    Supprimée [Extension] : hahpjplbmicfkmoccokbjejahjjpnena
    Supprimée [Extension] : lpgpcfgfkblfaaeanejjbcfjedihenmf
    Supprimée [Extension] : ogccgbmabaphcakpiclgcnmcnimhokcj

    *************************

    AdwCleaner[R0].txt – [28955 octets] – [01/06/2014 20:36:12]
    AdwCleaner[S0].txt – [29441 octets] – [01/06/2014 20:37:29]

    ########## EOF – C:AdwCleanerAdwCleaner[S0].txt – [29502 octets] ##########

    benaissa
    Participant
    Nombre d'articles : 9

    voici le contenu de malwerbytes:

    Malwarebytes Anti-Malware
    http://www.malwarebytes.org

    Scan Date: 01/06/2014
    Scan Time: 20:51:43
    Logfile: malwarebytes.txt
    Administrator: Yes

    Version: 2.00.2.1012
    Malware Database: v2014.03.04.09
    Rootkit Database: v2014.02.20.01
    License: Trial
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Self-protection: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x86
    File System: NTFS
    User: user

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 220048
    Time Elapsed: 11 min, 18 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 1
    PUP.Optional.InstallBrain.A, HKUS-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWAREWNLT, Quarantined, [1a2fb04f9fdbdc5a37bb426f52b142be],

    Registry Values: 1
    PUP.Optional.InstallBrain.A, HKUS-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWAREWNLT|URL, Quarantined, [1a2fb04f9fdbdc5a37bb426f52b142be],

    Registry Data: 0
    (No malicious items detected)

    Folders: 2
    PUP.Optional.WhiteSmoke.A, C:WindowsSystem32configsystemprofileAppDataLocalGoogleChromeUser DataDefaultExtensionsogccgbmabaphcakpiclgcnmcnimhokcj, Quarantined, [c584748bceac6fc7abc17f0cde24a858],
    PUP.Optional.WhiteSmoke.A, C:WindowsSystem32configsystemprofileAppDataLocalGoogleChromeUser DataDefaultExtensionsogccgbmabaphcakpiclgcnmcnimhokcj1.1.0.1_0, Quarantined, [c584748bceac6fc7abc17f0cde24a858],

    Files: 12
    PUP.Optional.SweetIM, C:WindowsInstallerecdd8a.msi, Quarantined, [bf8a00ff82f8c076e097213052b2fc04],
    PUP.Optional.WhiteSmoke.A, C:WindowsSystem32configsystemprofileAppDataLocalGoogleChromeUser DataDefaultExtensionsogccgbmabaphcakpiclgcnmcnimhokcj1.1.0.1_0128.png, Quarantined, [c584748bceac6fc7abc17f0cde24a858],
    PUP.Optional.WhiteSmoke.A, C:WindowsSystem32configsystemprofileAppDataLocalGoogleChromeUser DataDefaultExtensionsogccgbmabaphcakpiclgcnmcnimhokcj1.1.0.1_048.png, Quarantined, [c584748bceac6fc7abc17f0cde24a858],
    PUP.Optional.WhiteSmoke.A, C:WindowsSystem32configsystemprofileAppDataLocalGoogleChromeUser DataDefaultExtensionsogccgbmabaphcakpiclgcnmcnimhokcj1.1.0.1_0background.html, Quarantined, [c584748bceac6fc7abc17f0cde24a858],
    PUP.Optional.WhiteSmoke.A, C:WindowsSystem32configsystemprofileAppDataLocalGoogleChromeUser DataDefaultExtensionsogccgbmabaphcakpiclgcnmcnimhokcj1.1.0.1_0logger.js, Quarantined, [c584748bceac6fc7abc17f0cde24a858],
    PUP.Optional.WhiteSmoke.A, C:WindowsSystem32configsystemprofileAppDataLocalGoogleChromeUser DataDefaultExtensionsogccgbmabaphcakpiclgcnmcnimhokcj1.1.0.1_0main.js, Quarantined, [c584748bceac6fc7abc17f0cde24a858],
    PUP.Optional.WhiteSmoke.A, C:WindowsSystem32configsystemprofileAppDataLocalGoogleChromeUser DataDefaultExtensionsogccgbmabaphcakpiclgcnmcnimhokcj1.1.0.1_0manifest.json, Quarantined, [c584748bceac6fc7abc17f0cde24a858],
    PUP.Optional.WhiteSmoke.A, C:WindowsSystem32configsystemprofileAppDataLocalGoogleChromeUser DataDefaultExtensionsogccgbmabaphcakpiclgcnmcnimhokcj1.1.0.1_0mgHelperGC.dll, Quarantined, [c584748bceac6fc7abc17f0cde24a858],
    PUP.Optional.WhiteSmoke.A, C:WindowsSystem32configsystemprofileAppDataLocalGoogleChromeUser DataDefaultExtensionsogccgbmabaphcakpiclgcnmcnimhokcj1.1.0.1_0newtab.html, Quarantined, [c584748bceac6fc7abc17f0cde24a858],
    PUP.Optional.WhiteSmoke.A, C:WindowsSystem32configsystemprofileAppDataLocalGoogleChromeUser DataDefaultExtensionsogccgbmabaphcakpiclgcnmcnimhokcj1.1.0.1_0newtab.js, Quarantined, [c584748bceac6fc7abc17f0cde24a858],
    PUP.Optional.WhiteSmoke.A, C:WindowsSystem32configsystemprofileAppDataLocalGoogleChromeUser DataDefaultExtensionsogccgbmabaphcakpiclgcnmcnimhokcj1.1.0.1_0simapp.js, Quarantined, [c584748bceac6fc7abc17f0cde24a858],
    PUP.Optional.WhiteSmoke.A, C:WindowsSystem32configsystemprofileAppDataLocalGoogleChromeUser DataDefaultExtensionsogccgbmabaphcakpiclgcnmcnimhokcj1.1.0.1_0toolbar.js, Quarantined, [c584748bceac6fc7abc17f0cde24a858],

    Physical Sectors: 0
    (No malicious items detected)

    (end)

    benaissa
    Participant
    Nombre d'articles : 9

    voici le lien de shortcut :

    https://antimalware.top/www/?a=d&i=TSbSvvsQiJ” onclick=”window.open(this.href);return false;

    buckhulk
    Participant
    Nombre d'articles : 2398

    ok tu peux me refaire un ZHPDiag maintenant s’il te plait :merci2:

    benaissa
    Participant
    Nombre d'articles : 9

    voici le lien du nv rapp de zhpdiag:

    https://antimalware.top/www/?a=d&i=jB15ivc14H” onclick=”window.open(this.href);return false;

    buckhulk
    Participant
    Nombre d'articles : 2398

    Il faut que tu réinitialise tes navigateurs :
    Réinitialisation des navigateurs

    liens divers officiels

    Firefox

    Google Chrome

    Internet Explorer

    tu as plein d’extension qui sont infectées ,tu vas essayer de passer ce script et après tu me referas un ZHPDiag !

    • Séléctionne et copie le script suivant :

      Script ZHPFix
      ShortcutFix
      G1 - GCS: Preference [User DataDefault] http://websearch.webisgreat.info
      G0 - GCSP: Preference [User DataDefault][HomePage] http://websearch.webisgreat.info
      G2 - GCE: Preference [User DataDefault] [bfjgfmegkolfnnimdfokmhadhpinbkpb] SNT v.2.1 (Activé) => Adware.MyWebSearch
      G2 - GCE: Preference [User DataDefault] [cjmplbnfmniceomefbehjibjigknjaao] DigiSaver v.6.7 (Activé) =>PUP.DiGiSaver
      G2 - GCE: Preference [User DataDefault] [ghidoagigpolbjipegiemahknjmmhnam] YoutubeAdblocker v.1.0 (Activé) =>PUP.TubeAdBlocker
      G2 - GCE: Preference [User DataDefault] [golapeopndcilhkgbckmeoengmkanncj] weubSavve v.3.7 (Activé) =>PUP.Websave
      G2 - GCE: Preference [User DataDefault] [hahpjplbmicfkmoccokbjejahjjpnena] Improved Search v.1.2 (Désactivé) =>Hijacker.SearchB1org
      G2 - GCE: Preference [User DataDefault] [ihhmkgmoickonlbbblaeedgjpfmpkdjn] YTAdRemoval v.1.5 (Activé) =>PUP.YTAdRemoval
      G2 - GCE: Preference [User DataDefault] [ogccgbmabaphcakpiclgcnmcnimhokcj] SweetPacks Chrome Extension v.1.3.0.2 (Désactivé) =>PUP.SweetIM
      G2 - EXT: C:UsersuserAppDataLocalGoogleChromeUser DataDefaultExtensionsbfjgfmegkolfnnimdfokmhadhpinbkpb [SNT] => Adware.MyWebSearch
      G2 - EXT: C:UsersuserAppDataLocalGoogleChromeUser DataDefaultExtensionscjmplbnfmniceomefbehjibjigknjaao [DigiSaver] =>PUP.DiGiSaver
      G2 - EXT: C:UsersuserAppDataLocalGoogleChromeUser DataDefaultExtensionsghidoagigpolbjipegiemahknjmmhnam [YoutubeAdblocker] =>PUP.TubeAdBlocker
      G2 - EXT: C:UsersuserAppDataLocalGoogleChromeUser DataDefaultExtensionsgolapeopndcilhkgbckmeoengmkanncj [weubSavve] =>PUP.Websave
      G2 - EXT: C:UsersuserAppDataLocalGoogleChromeUser DataDefaultExtensionshahpjplbmicfkmoccokbjejahjjpnena [Improved Search] =>Hijacker.SearchB1org
      G2 - EXT: C:UsersuserAppDataLocalGoogleChromeUser DataDefaultExtensionsihhmkgmoickonlbbblaeedgjpfmpkdjn [YTAdRemoval] =>PUP.YTAdRemoval
      G2 - EXT: C:UsersuserAppDataLocalGoogleChromeUser DataDefaultExtensionsogccgbmabaphcakpiclgcnmcnimhokcj [SweetPacks Chrome Extension] =>PUP.SweetIM
      M3 - MFPP: Plugins - [user] -- C:UsersuserAppDataRoamingMozillaFirefoxProfilesmaos1urt.defaultsearchpluginsaskcom.xml => Plugin Mozilla Firefox Ask.com
      M3 - MFPP: Plugins - [user] -- C:UsersuserAppDataRoamingMozillaFirefoxProfilesmaos1urt.defaultsearchpluginsbabylon1.xml =>PUP.Babylon
      M3 - MFPP: Plugins - [user] -- C:UsersuserAppDataRoamingMozillaFirefoxProfilesmaos1urt.defaultsearchpluginssweetim.xml =>PUP.SweetIM
      M3 - MFPP: Plugins - [user] -- C:UsersuserAppDataRoamingMozillaFirefoxProfilesmaos1urt.defaultsearchpluginsWebSearch.xml => PUP.Mocaflix
      M2 - MFEP: prefs.js [user - maos1urt.defaulttoolbarbutton@obviousidea.us] [] ObviousIdea Addon v2.0 (..)
      M2 - MFEP: prefs.js [user - maos1urt.default{317EB79C-82C1-4D5A-9D04-342BAA96B7C0}] [] AllGamesHome Toolbar v1.0.10 (..)
      R0 - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://websearch.webisgreat.info
      R0 - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://websearch.webisgreat.info
      R4 - HKLMSOFTWAREMicrosoftInternet ExplorerPhishingFilter,EnabledV8 = 0 => Microsoft Internet Explorer Phishing Filter Disabled
      O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetPacks Toolbar module for Internet Expl.) -- C:Program FilesSweetIMToolbarsInternet ExplorermgToolbarIE.dll =>PUP.SweetIM
      O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - [HKLM]{EEE6C35B-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetPacks Toolbar module for Internet Expl.) -- C:Program FilesSweetIMToolbarsInternet ExplorermgToolbarIE.dll =>PUP.SweetIM
      ~ Toolbar: Scanned in 00mn 00s
      O4 - GSQuickLaunch [user]: chrome.LNK . (.Google Inc. - Google Chrome.) -- C:Program FilesGoogleChromeApplicationchrome.exe http://www.bahaty.com =>PUP.Bahaty
      O4 - GSQuickLaunch [user]: Internet Explorer.LNK . (.Microsoft Corporation - Internet Explorer.) -- C:Program FilesInternet Exploreriexplore.exe http://www.bahaty.com =>PUP.Bahaty
      O4 - GSDesktop [user]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:Program FilesGoogleChromeApplicationchrome.exe http://www.bahaty.com =>PUP.Bahaty
      O4 - GSDesktop [user]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:Program FilesInternet Exploreriexplore.exe http://www.bahaty.com =>PUP.Bahaty
      O4 - HKLM..Run: [Anti-phishing Domain Advisor] . (.Visicom Media Inc. (Powered by Panda Securi - Visicom Media Anti-phishing Domain Advisor.) -- C:ProgramDataAnti-phishing Domain Advisorvisicom_antiphishing.exe =>Adware.PUP.VisicomAntiPhishing
      O4 - HKLM..Run: [SweetIM] . (.SweetIM Technologies Ltd. - SweetIM Instant Messenger Enhancer.) -- C:Program FilesSweetIMMessengerSweetIM.exe =>PUP.SweetIM
      O4 - HKCU..Run: [Apps Hat] C:UsersuserAppDataLocalWebPlayerAppsHatWebPlayer.exe (.not file.) =>PUP.CrossRider
      O4 - HKUSS-1-5-21-2931659078-2909613575-642730951-1000..Run: [Apps Hat] C:UsersuserAppDataLocalWebPlayerAppsHatWebPlayer.exe (.not file.) =>PUP.CrossRider
      O17 - HKLMSystemCCSServicesTcpip..{754D5DB9-BDD2-46F8-8278-FA3512F0B297}: NameServer = 212.217.0.1,212.217.1.1
      O17 - HKLMSystemCCSServicesTcpip..{50FD9B91-3F06-4531-9051-0362DCD61A5C}: DhcpDomain = iav.ac.ma
      O17 - HKLMSystemCS1ServicesTcpip..{754D5DB9-BDD2-46F8-8278-FA3512F0B297}: NameServer = 212.217.0.1,212.217.1.1
      O17 - HKLMSystemCS1ServicesTcpip..{50FD9B91-3F06-4531-9051-0362DCD61A5C}: DhcpDomain = iav.ac.ma
      O17 - HKLMSystemCS2ServicesTcpip..{754D5DB9-BDD2-46F8-8278-FA3512F0B297}: NameServer = 212.217.0.1,212.217.1.1
      O17 - HKLMSystemCS2ServicesTcpip..{BF749290-909C-46DE-AB09-654E324E00B4}: DhcpNameServer = 212.217.0.12 212.217.0.14
      O17 - HKLMSystemCS2ServicesTcpip..{50FD9B91-3F06-4531-9051-0362DCD61A5C}: DhcpDomain = iav.ac.ma
      O23 - Service: (IBUpdaterService) . (...) - C:WindowsSystem32dmwu.exe (.not file.) =>Adware.InstallBrain
      O23 - Service: Update Mega Browse (Update Mega Browse) . (...) - C:Program FilesMega BrowseupdateMegaBrowse.exe (.not file.) =>PUP.MegaBrowse
      [MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-2931659078-2909613575-642730951-1000Core] (.Facebook Inc..) -- C:usersuserAppDataLocalFacebookUpdateFacebookUpdate.exe [138096]
      [MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-2931659078-2909613575-642730951-1000UA] (.Facebook Inc..) -- C:usersuserAppDataLocalFacebookUpdateFacebookUpdate.exe [138096]
      [MD5.00000000000000000000000000000000] [APT] [RealUpgradeLogonTaskS-1-5-21-2931659078-2909613575-642730951-1000] (...) -- C:Program FilesRealRealUpgradeRealUpgrade.exe (.not file.) [0] => RealNetworks RealUpgrade LogonTask
      [MD5.00000000000000000000000000000000] [APT] [RealUpgradeScheduledTaskS-1-5-21-2931659078-2909613575-642730951-1000] (...) -- C:Program FilesRealRealUpgradeRealUpgrade.exe (.not file.) [0] => RealNetworks RealUpgrade LogonTask
      [MD5.00000000000000000000000000000000] [APT] [{11528384-8300-441E-9FDE-E2563FA02EE9}] (...) -- F:need 4 speed mostwantedeauninstall.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{1D9C1430-0F09-45D3-9ED1-18496EEB76EC}] (...) -- C:Program FilesAuralogTELL ME MORE SI PLUSbinUnsetup.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{2186D41B-BE21-4B26-A07F-07FAF77ADCD0}] (...) -- E:MSETUP4.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{50A22205-15D3-4B07-BFEC-624E379CA06F}] (...) -- F:office 2007SETUP.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{78EC896E-CEF4-4D6F-8FBE-9569FB473CB8}] (...) -- C:usersuserDesktopislamalbanywlsetup-web.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{A77EEBD2-F4B4-4C8C-A720-684BA71F7D26}] (...) -- C:usersuserDesktopLogiciel STAT(MiniTab 2013)Setup.exe (.not file.) [0] => Fichier absent
      O39 - APT: FacebookUpdateTaskUserS-1-5-21-2931659078-2909613575-642730951-1000Core - (.Facebook Inc..) -- C:WindowsTasksFacebookUpdateTaskUserS-1-5-21-2931659078-2909613575-642730951-1000Core.job [902] => Facebook Update Task User
      O39 - APT: FacebookUpdateTaskUserS-1-5-21-2931659078-2909613575-642730951-1000Core - (.Facebook Inc..) -- C:WindowsSystem32TasksFacebookUpdateTaskUserS-1-5-21-2931659078-2909613575-642730951-1000Core [902] => Facebook Update Task User
      O39 - APT: FacebookUpdateTaskUserS-1-5-21-2931659078-2909613575-642730951-1000UA - (.Facebook Inc..) -- C:WindowsTasksFacebookUpdateTaskUserS-1-5-21-2931659078-2909613575-642730951-1000UA.job [924] => Facebook Update Task User
      O39 - APT: FacebookUpdateTaskUserS-1-5-21-2931659078-2909613575-642730951-1000UA - (.Facebook Inc..) -- C:WindowsSystem32TasksFacebookUpdateTaskUserS-1-5-21-2931659078-2909613575-642730951-1000UA [924] => Facebook Update Task User
      O42 - Logiciel: Anti-phishing Domain Advisor - (.Visicom Media Inc. (Powered by Panda Security).) [HKLM] -- Anti-phishing Domain Advisor =>Adware.PUP.VisicomAntiPhishing
      O42 - Logiciel: DigiSaver - (.DigiSaVer.) [HKLM] -- {7223EDAC-E091-B3C1-BD91-B66CE557800F} =>PUP.DiGiSaver
      O42 - Logiciel: IB Updater Service - (...) [HKLM] -- WNLT =>Adware.InstallBrain
      O42 - Logiciel: SweetIM Bundle by SweetPacks - (.SweetPacks LTD.) [HKLM] -- SweetIM Bundle by SweetPacks =>PUP.SweetIM
      O42 - Logiciel: SweetIM for Messenger 3.7 - (.SweetIM Technologies Ltd..) [HKLM] -- {A0C9DF2B-89B5-4483-8983-18A68200F1B4} =>PUP.SweetIM
      O42 - Logiciel: Toolbar 4.7 by SweetPacks - (.SweetIM Technologies Ltd..) [HKLM] -- {96E2E493-C484-43E3-9B95-D62EE7D40D3A} =>PUP.SweetIM
      O42 - Logiciel: Update Manager for SweetPacks 1.1 - (.SweetIM Technologies Ltd..) [HKLM] -- {EA8FA6BE-29BE-4AF2-9352-841F83215EB0} =>PUP.SweetIM
      [HKCUSoftware23575e480bfee127dbd180edc79be36d]
      [HKCUSoftwareAPN PIP] => Toolbar.Ask
      [HKCUSoftwareAppDataLowSoftwareitsyourbar]
      [HKCUSoftwareAppDataLow{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}] => PUP.Agent
      [HKCUSoftwareAppDataLow{5F189DF5-2D05-472B-9091-84D9848AE48B}] => Trojan.SProtector
      [HKCUSoftwareBI] => Infection Web (Adware.MegaSearch)
      [HKCUSoftwareBabylonToolbar] =>PUP.Babylon
      [HKCUSoftwareIM] => Messaging.IncrediMail
      [HKCUSoftwareImInstaller] => Messenging.IncrediMail
      [HKCUSoftwareInstallCore] =>Adware.InstallCore
      [HKCUSoftwareOptimizer Pro] =>PUP.OptimizerPro
      [HKCUSoftwarePIP] => Toolbar.Ask
      [HKCUSoftwareRegisteredApplicationsEx] =>PUP.SfKpCouponApp
      [HKCUSoftwareSoftonic] =>Toolbar.Conduit
      [HKCUSoftwareSweetIM] =>PUP.SweetIM
      [HKCUSoftwareVisualbee] =>Adware.VisualBeeToolbar
      [HKCUSoftwareWNLT] =>Adware.IncrediBar
      [HKCUSoftwareWebPlayer] => Infection PUP (Adware.SocialSkinz)
      [HKLMSoftwareBabylonToolbar] =>PUP.Babylon
      [HKLMSoftwareBabylon] =>PUP.Babylon
      [HKLMSoftwareSweetIM] =>PUP.SweetIM
      [HKLMSoftwareVBMZ] =>PUP.Duuqu
      [HKLMSoftwareVisualbee] =>Adware.VisualBeeToolbar
      O43 - CFD: 06/08/2013 - 17:31:09 - [] ----D C:Program Files1.0 ???????? ???????
      O43 - CFD: 13/04/2014 - 11:48:35 - [0] ----D C:Program FilesDigiSaver =>PUP.DiGiSaver
      O43 - CFD: 12/04/2014 - 13:06:24 - [0] ----D C:Program FilesMega Browse =>PUP.MegaBrowse
      O43 - CFD: 11/12/2013 - 10:28:52 - [] ----D C:Program FilesMTB13FR
      O43 - CFD: 01/01/2014 - 11:58:20 - [] ----D C:Program FilesMyPC Backup =>PUP.MyPCBackup
      O43 - CFD: 11/04/2014 - 20:59:21 - [0] ----D C:Program FilesSNT => Adware.MyWebSearch
      O43 - CFD: 27/01/2013 - 14:13:16 - [] ----D C:Program FilesSweetIM =>PUP.SweetIM
      O43 - CFD: 27/01/2013 - 14:12:24 - [] ----D C:Program Filessweetpacks bundle uninstaller =>PUP.SweetIM
      O43 - CFD: 11/04/2014 - 20:59:09 - [0] ----D C:Program FileswEabsavEE =>PUP.Websave
      O43 - CFD: 19/05/2014 - 14:38:49 - [] ----D C:Program FilesYoutubeAdblocker =>PUP.TubeAdBlocker
      O43 - CFD: 11/04/2014 - 14:12:45 - [0] ----D C:Program FilesYTAdRemoval =>PUP.YTAdRemoval
      O43 - CFD: 15/12/2012 - 15:34:21 - [] ----D C:ProgramDataAnti-phishing Domain Advisor =>Adware.PUP.VisicomAntiPhishing
      O43 - CFD: 09/12/2012 - 11:34:57 - [0] ----D C:ProgramDataBabylon =>PUP.Babylon
      O43 - CFD: 19/05/2014 - 14:39:19 - [] ----D C:ProgramDataDigiSaver =>PUP.DiGiSaver
      O43 - CFD: 11/04/2014 - 20:59:22 - [] ----D C:ProgramDataed60aaa9a2e3c22e
      O43 - CFD: 19/02/2014 - 21:41:07 - [] ----D C:ProgramDataihhmkgmoickonlbbblaeedgjpfmpkdjn => PUP.YTAdRemoval
      O43 - CFD: 13/02/2014 - 00:52:23 - [] ----D C:ProgramDataInstallMate =>PUP.Tarma
      O43 - CFD: 12/04/2014 - 13:06:24 - [0] ----D C:ProgramDataSNT => Adware.MyWebSearch
      O43 - CFD: 27/01/2013 - 14:13:16 - [] ----D C:ProgramDataSweetIM =>PUP.SweetIM
      O43 - CFD: 10/02/2014 - 01:34:15 - [0] ----D C:ProgramDataVisualBee =>Adware.VisualBeeToolbar
      O43 - CFD: 12/04/2014 - 13:06:24 - [0] ----D C:ProgramDatawEabsavEE =>PUP.Websave
      O43 - CFD: 26/11/2013 - 20:20:35 - [0] ----D C:ProgramDataWindows Update => Empty Folder not necessary
      O43 - CFD: 12/04/2014 - 13:06:24 - [0] ----D C:ProgramDataYoutubeAdblocker =>PUP.TubeAdBlocker
      O43 - CFD: 12/04/2014 - 13:06:24 - [0] ----D C:ProgramDataYTAdRemoval =>PUP.YTAdRemoval
      O43 - CFD: 03/01/2013 - 22:18:15 - [] ----D C:UsersuserAppDataRoamingB1Toolbar =>Hijacker.SearchB1org
      O43 - CFD: 09/12/2012 - 11:34:56 - [] ----D C:UsersuserAppDataRoamingBabylon =>PUP.Babylon
      O43 - CFD: 19/05/2014 - 14:21:21 - [] ----D C:UsersuserAppDataRoamingnewnext.me =>PUP.NextLive
      O43 - CFD: 06/02/2014 - 00:39:24 - [] ----D C:UsersuserAppDataRoamingOpenCandy =>Adware.OpenCandy
      O43 - CFD: 27/01/2013 - 14:08:23 - [] ----D C:UsersuserAppDataLocalAPN => Toolbar.Ask
      O43 - CFD: 03/01/2013 - 22:18:22 - [] ----D C:UsersuserAppDataLocalB1E => Toolbar. BrotherSoft
      O43 - CFD: 09/12/2012 - 11:34:58 - [] ----D C:UsersuserAppDataLocalBabylon =>PUP.Babylon
      O43 - CFD: 11/10/2013 - 10:58:46 - [0] ----D C:UsersuserAppDataLocalBundled software uninstaller =>Adware.MegaSearch
      O43 - CFD: 19/05/2014 - 15:54:05 - [0] ----D C:UsersuserAppDataLocalgenienext =>PUP.NextLive
      O43 - CFD: 30/12/2012 - 10:56:55 - [] ----D C:UsersuserAppDataLocaliLivid =>Adware.Bandoo
      O43 - CFD: 15/12/2012 - 15:34:31 - [] ----D C:UsersuserAppDataLocalitsyourbar
      O43 - CFD: 19/05/2014 - 14:56:03 - [] ----D C:UsersuserAppDataLocalMobogenie =>PUP.Mobogenie
      O43 - CFD: 13/02/2014 - 00:53:06 - [] ----D C:UsersuserAppDataLocalTorch => Torch Media Inc
      O43 - CFD: 27/02/2013 - 22:58:28 - [] ----D C:UsersuserAppDataLocal_
      O51 - MPSK:{12b217ef-eba6-11e2-b465-001e101fb681}AutoRuncommand. (...) -- F:AutoRun.exe (.not file.) => Microsoft Windows NT or Infection USB
      O51 - MPSK:{1a6522e4-211d-11e2-a6f4-642737d0044e}AutoRuncommand. (...) -- F:AutoRun.exe (.not file.) => Microsoft Windows NT or Infection USB
      O51 - MPSK:{25aaea1f-499a-11e3-9f64-24b6fd1cdda0}AutoRuncommand. (...) -- F:AutoRun.exe (.not file.) => Microsoft Windows NT or Infection USB
      O51 - MPSK:{2b423cd0-793c-11e2-8625-642737d0044e}AutoRuncommand. (...) -- F:AutoRun.exe (.not file.) => Microsoft Windows NT or Infection USB
      O51 - MPSK:{2b423cec-793c-11e2-8625-642737d0044e}AutoRuncommand. (...) -- F:AutoRun.exe (.not file.) => Microsoft Windows NT or Infection USB
      O51 - MPSK:{2ef290bf-11bb-11e3-836c-642737d0044e}AutoRuncommand. (...) -- F:AutoRun.exe (.not file.) => Microsoft Windows NT or Infection USB
      O51 - MPSK:{75e9f10f-79ed-11e2-9f34-642737d0044e}AutoRuncommand. (...) -- F:AutoRun.exe (.not file.) => Microsoft Windows NT or Infection USB
      O51 - MPSK:{7c2caee4-87df-11e2-b454-642737d0044e}AutoRuncommand. (...) -- F:AutoRun.exe (.not file.) => Microsoft Windows NT or Infection USB
      O51 - MPSK:{7d0dbd19-ca9e-11e2-a9eb-642737d0044e}AutoRuncommand. (...) -- F:AutoRun.exe (.not file.) => Microsoft Windows NT or Infection USB
      O51 - MPSK:{9a87b35d-72e2-11e2-8950-001e101f3315}AutoRuncommand. (...) -- F:AutoRun.exe (.not file.) => Microsoft Windows NT or Infection USB
      O51 - MPSK:{b2261d61-1f03-11e3-9582-642737d0044e}AutoRuncommand. (...) -- F:AutoRun.exe (.not file.) => Microsoft Windows NT or Infection USB
      O51 - MPSK:{b2261d79-1f03-11e3-9582-642737d0044e}AutoRuncommand. (...) -- F:AutoRun.exe (.not file.) => Microsoft Windows NT or Infection USB
      O51 - MPSK:{b748683b-1d5b-11e3-bd64-642737d0044e}AutoRuncommand. (...) -- F:AutoRun.exe (.not file.) => Microsoft Windows NT or Infection USB
      O51 - MPSK:{c0a57392-38e9-11e2-9e5c-001e101f63cf}AutoRuncommand. (...) -- F:AutoRun.exe (.not file.) => Microsoft Windows NT or Infection USB
      O51 - MPSK:{c154271a-511a-11e3-927c-642737d0044e}AutoRuncommand. (...) -- F:AutoRun.exe (.not file.) => Microsoft Windows NT or Infection USB
      O51 - MPSK:{c52c7516-7d33-11e3-9532-642737d0044e}AutoRuncommand. (...) -- F:autorun.exe (.not file.) => Microsoft Windows NT or Infection USB
      O51 - MPSK:{d0c30ae3-2111-11e2-a329-24b6fd1cdda0}AutoRuncommand. (...) -- F:AutoRun.exe (.not file.) => Microsoft Windows NT or Infection USB
      O51 - MPSK:{d0c30b31-2111-11e2-a329-001e101f1f81}AutoRuncommand. (...) -- F:AutoRun.exe (.not file.) => Microsoft Windows NT or Infection USB
      O51 - MPSK:{d97b4e97-5a16-11e3-91da-642737d0044e}AutoRuncommand. (...) -- F:AutoRun.exe (.not file.) => Microsoft Windows NT or Infection USB
      O51 - MPSK:{e38d7440-2440-11e3-9418-642737d0044e}AutoRuncommand. (...) -- F:AutoRun.exe (.not file.) => Microsoft Windows NT or Infection USB
      O51 - MPSK:{e86a6101-2441-11e2-b43a-24b6fd1cdda0}AutoRuncommand. (...) -- F:AutoRun.exe (.not file.) => Microsoft Windows NT or Infection USB
      O69 - SBI: C:UsersuserAppDataRoamingMozillaFirefoxProfilesmaos1urt.defaultsearchpluginsaskcom.xml => Plugin Mozilla Firefox Ask.com
      O69 - SBI: prefs.js [user - maos1urt.default] user_pref("extensions.asktb.ff-original-keyword-url", ""); => Toolbar.Agent
      O69 - SBI: prefs.js [user - maos1urt.default] user_pref("sweetim.toolbar.previous.browser.startup.homepage", "http://www.ask.com/?l=dis&o=15003"); =>PUP.SweetIM
      O69 - SBI: prefs.js [user - maos1urt.default] user_pref("sweetim.toolbar.urls.homepage", "http://home.sweetim.com/?crg=3.1010000.00000&barid={379E4CE4-6883-11E2-84B2-24B6FD1CDD[...] =>PUP.SweetIM
      O69 - SBI: prefs.js [user - maos1urt.default] user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "Ask.com"); =>PUP.SweetIM
      O69 - SBI: prefs.js [user - maos1urt.default] user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Ask.com"); =>PUP.SweetIM
      O69 - SBI: prefs.js [user - maos1urt.default] user_pref("sweetim.toolbar.previous.keyword.URL", "http://websearch.ask.com/redirect?client=ff&src=kw&tb=SPC2&o=15000&locale=fr_US[...] =>PUP.SweetIM
      O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [DefaultScope] - (Search the web (Babylon)) - http://search.babylon.com =>PUP.Babylon
      O69 - SBI: SearchScopes [HKCU] {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} - (Search The Web) - http://www.mystart.com =>Adware.IMBooster
      O69 - SBI: SearchScopes [HKCU] {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} - (AllGamesHome Search) - http://start.allgameshome.com => Toolbar.CheatEngine
      O69 - SBI: SearchScopes [HKCU] {AD84A86F-8FF6-4E5C-8643-9B1FA93ED4D6} - (Ask Search) - http://websearch.ask.com =>Toolbar.Ask
      O69 - SBI: SearchScopes [HKCU] {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} - (WebSearch) - http://websearch.webisgreat.info => Infection PUP (PUP.Browse2Save)
      O69 - SBI: SearchScopes [HKCU] {EEE6C360-6118-11DC-9C72-001320C79847} - (SweetIM Search) - http://search.sweetim.com =>PUP.SweetIM
      [MD5.0CEC0457D5F4CDF41BFE4CBE68601390] [SPRF][02/08/2013] (...) -- C:ProgramDatawin_mpwd_sys.dat [2568]
      [MD5.7FC39C966D0DF666790F2F3A67E8DEFE] [SPRF][13/09/2012] (.XPSP2 - WindowsApplication1.) -- C:UsersuserAppDataRoamingPlugin.exe [39936] => Infection FakeAlert (Possible)
      [MD5.9DBDEE49DADD657065836572BE8CE383] [SPRF][12/11/2011] (...) -- C:UsersuserAppDataRoamingsetup.exe [559424] => Infection Diverse (Trojan.Agent)
      [MD5.6D80474DCF10B34A7BD1156EFB62DFCC] [SPRF][08/03/2014] (.Bump Technologies, Inc. - BumpTop Setup.) -- C:UsersuserDesktopbumptop_bumptop_2.1_32_et_64_bits_anglais_282232.exe [18087040]
      O90 - PUC: "394E2E69484C3E34B9596DE27E4DD0A3" . (.Toolbar 4.7 by SweetPacks.) -- C:WindowsInstaller{96E2E493-C484-43E3-9B95-D62EE7D40D3A}ARPPRODUCTICON.exe =>PUP.SweetIM
      O90 - PUC: "B2FD9C0A5B9838449838816A28001F4B" . (.SweetIM for Messenger 3.7.) -- C:WindowsInstaller{A0C9DF2B-89B5-4483-8983-18A68200F1B4}ARPPRODUCTICON.exe =>PUP.SweetIM
      [HKCUSoftware23575e480bfee127dbd180edc79be36d]:39b7927e0d4deb5c10fb380b7c53c617="TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAA4fug4AtAnNI
      [HKCUSoftware23575e480bfee127dbd180edc79be36d]:5546459fd68bf16831797d2aa2e7d569="TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAA4fug4AtAnNI
      [MD5.4FDF4861DC614282DC4C0CC6FC39FF4B] [WIS][27/01/2013] (.SweetIM Technologies Ltd. - SweetPacks Toolbar for Internet Explorer 4.0.) -- C:WindowsInstallerecdd8a.msi [3637248] =>PUP.SweetIM
      HKLMSOFTWAREMicrosoftTracingappshat-distribution_RASAPI32 =>PUP.CrossRider
      HKLMSOFTWAREMicrosoftTracingappshat-distribution_RASMANCS =>PUP.CrossRider
      HKLMSOFTWAREMicrosoftTracingBabylon_RASAPI32 =>PUP.Babylon
      HKLMSOFTWAREMicrosoftTracingBabylon_RASMANCS =>PUP.Babylon
      HKLMSOFTWAREMicrosoftTracingBackupStack_RASAPI32 =>PUP.MyPCBackup
      HKLMSOFTWAREMicrosoftTracingBackupStack_RASMANCS =>PUP.MyPCBackup
      HKLMSOFTWAREMicrosoftTracingbiclient_RASAPI32 =>Adware.MegaSearch
      HKLMSOFTWAREMicrosoftTracingbiclient_RASMANCS =>Adware.MegaSearch
      HKLMSOFTWAREMicrosoftTracingBrowseSmartSetup_RASAPI32 =>PUP.BrowseSmart
      HKLMSOFTWAREMicrosoftTracingBrowseSmartSetup_RASMANCS =>PUP.BrowseSmart
      HKLMSOFTWAREMicrosoftTracingBrowseSmart_Setup_RASAPI32 =>PUP.BrowseSmart
      HKLMSOFTWAREMicrosoftTracingBrowseSmart_Setup_RASMANCS =>PUP.BrowseSmart
      HKLMSOFTWAREMicrosoftTracingbundlesweetimsetup_RASAPI32 =>PUP.SweetIM
      HKLMSOFTWAREMicrosoftTracingbundlesweetimsetup_RASMANCS =>PUP.SweetIM
      HKLMSOFTWAREMicrosoftTracingDiVapton_Setup_RASAPI32 =>PUP.DiVapton
      HKLMSOFTWAREMicrosoftTracingDiVapton_Setup_RASMANCS =>PUP.DiVapton
      HKLMSOFTWAREMicrosoftTracingDiVapton_sm_RASAPI32 =>PUP.DiVapton
      HKLMSOFTWAREMicrosoftTracingDiVapton_sm_RASMANCS =>PUP.DiVapton
      HKLMSOFTWAREMicrosoftTracingGoogleToolbarInstaller_download_signed_6_RASAPI32 =>Toolbar.Google
      HKLMSOFTWAREMicrosoftTracingGoogleToolbarInstaller_download_signed_6_RASMANCS =>Toolbar.Google
      HKLMSOFTWAREMicrosoftTracingGoogleToolbarInstaller_updater_signed_RASAPI32 =>Toolbar.Google
      HKLMSOFTWAREMicrosoftTracingGoogleToolbarInstaller_updater_signed_RASMANCS =>Toolbar.Google
      HKLMSOFTWAREMicrosoftTracingGoogleToolbarManager_94DDE1EDD1CDF6A3_RASAPI32 =>Toolbar.Google
      HKLMSOFTWAREMicrosoftTracingGoogleToolbarManager_94DDE1EDD1CDF6A3_RASMANCS =>Toolbar.Google
      HKLMSOFTWAREMicrosoftTracingGoogleToolbarNotifier_RASAPI32 =>Toolbar.Google
      HKLMSOFTWAREMicrosoftTracingGoogleToolbarNotifier_RASMANCS =>Toolbar.Google
      HKLMSOFTWAREMicrosoftTracingiLividSetup_RASAPI32 =>Adware.Bandoo
      HKLMSOFTWAREMicrosoftTracingiLividSetup_RASMANCS =>Adware.Bandoo
      HKLMSOFTWAREMicrosoftTracingLatestDLMgr_RASAPI32 =>Adware.OpenCandy
      HKLMSOFTWAREMicrosoftTracingLatestDLMgr_RASMANCS =>Adware.OpenCandy
      HKLMSOFTWAREMicrosoftTracingMegaBrowseSetup_RASAPI32 =>PUP.MegaBrowse
      HKLMSOFTWAREMicrosoftTracingMegaBrowseSetup_RASMANCS =>PUP.MegaBrowse
      HKLMSOFTWAREMicrosoftTracingMegaBrowse_RASAPI32 =>PUP.MegaBrowse
      HKLMSOFTWAREMicrosoftTracingMegaBrowse_RASMANCS =>PUP.MegaBrowse
      HKLMSOFTWAREMicrosoftTracingMegaBrowse_Setup_RASAPI32 =>PUP.MegaBrowse
      HKLMSOFTWAREMicrosoftTracingMegaBrowse_Setup_RASMANCS =>PUP.MegaBrowse
      HKLMSOFTWAREMicrosoftTracingMobogenie_RASAPI32 =>PUP.Mobogenie
      HKLMSOFTWAREMicrosoftTracingMobogenie_RASMANCS =>PUP.Mobogenie
      HKLMSOFTWAREMicrosoftTracingMobogenie_Setup_2_RASAPI32 =>PUP.Mobogenie
      HKLMSOFTWAREMicrosoftTracingMobogenie_Setup_2_RASMANCS =>PUP.Mobogenie
      HKLMSOFTWAREMicrosoftTracingSoftonicDownloader_pour_sopcast_RASAPI32 =>Toolbar.Conduit
      HKLMSOFTWAREMicrosoftTracingSoftonicDownloader_pour_sopcast_RASMANCS =>Toolbar.Conduit
      HKLMSOFTWAREMicrosoftTracingSoftonicDownloader_pour_video-to-video-converter_RASAPI32 =>Toolbar.Conduit
      HKLMSOFTWAREMicrosoftTracingSoftonicDownloader_pour_video-to-video-converter_RASMANCS =>Toolbar.Conduit
      HKLMSOFTWAREMicrosoftTracingSweetIM_RASAPI32 =>PUP.SweetIM
      HKLMSOFTWAREMicrosoftTracingSweetIM_RASMANCS =>PUP.SweetIM
      HKLMSOFTWAREMicrosoftTracingSweetPacksUpdateManager_RASAPI32 =>PUP.SweetIM
      HKLMSOFTWAREMicrosoftTracingSweetPacksUpdateManager_RASMANCS =>PUP.SweetIM
      HKLMSOFTWAREMicrosoftTracingupdateBrowseSmart_RASAPI32 =>PUP.BrowseSmart
      HKLMSOFTWAREMicrosoftTracingupdateBrowseSmart_RASMANCS =>PUP.BrowseSmart
      HKLMSOFTWAREMicrosoftTracingupdateDiVapton_RASAPI32 =>PUP.DiVapton
      HKLMSOFTWAREMicrosoftTracingupdateDiVapton_RASMANCS =>PUP.DiVapton
      HKLMSOFTWAREMicrosoftTracingupdateMegaBrowse_RASAPI32 =>PUP.MegaBrowse
      HKLMSOFTWAREMicrosoftTracingupdateMegaBrowse_RASMANCS =>PUP.MegaBrowse
      HKLMSOFTWAREMicrosoftTracingutilBrowseSmart_RASAPI32 =>PUP.BrowseSmart
      HKLMSOFTWAREMicrosoftTracingutilBrowseSmart_RASMANCS =>PUP.BrowseSmart
      HKLMSOFTWAREMicrosoftTracingutilDiVapton_RASAPI32 =>PUP.DiVapton
      HKLMSOFTWAREMicrosoftTracingutilDiVapton_RASMANCS =>PUP.DiVapton
      HKLMSOFTWAREMicrosoftTracingutilMegaBrowse_RASAPI32 =>PUP.MegaBrowse
      HKLMSOFTWAREMicrosoftTracingutilMegaBrowse_RASMANCS =>PUP.MegaBrowse
      HKLMSOFTWAREMicrosoftTracingvbmz_RASAPI32 =>PUP.Duuqu
      HKLMSOFTWAREMicrosoftTracingvbmz_RASMANCS =>PUP.Duuqu
      HKLMSOFTWAREMicrosoftTracingVisualBeeSilent_RASAPI32 =>Adware.VisualBeeToolbar
      HKLMSOFTWAREMicrosoftTracingVisualBeeSilent_RASMANCS =>Adware.VisualBeeToolbar
      HKLMSOFTWAREMicrosoftTracingwebget_setup_RASAPI32 =>PUP.WebGet
      HKLMSOFTWAREMicrosoftTracingwebget_setup_RASMANCS =>PUP.WebGet
      [HKCRCLSID{28AA3843-2744-2BDB-0CB4-B6973A89069B}] (YTAdRemoval) =>PUP.YTAdRemoval
      [HKCRCLSID{2EECD738-5844-4a99-B4B6-146BF802613B}] (Babylon toolbar helper) =>PUP.Babylon
      [HKCRCLSID{B8C54F28-F7D4-D3E0-F326-F0EF175D0072}] (YoutubeAdblocker) =>PUP.Multiplug
      [HKCRCLSID{DB38CCBB-E151-3245-3E9D-A010F51222C2}] (DigiSaver) =>PUP.DiGiSaver
      [HKCRCLSID{EEE6C35B-6118-11DC-9C72-001320C79847}] (SweetPacks Toolbar for Internet Explorer) =>PUP.SweetIM
      [HKCRCLSID{EEE6C35C-6118-11DC-9C72-001320C79847}] (SweetPacks Browser Helper) =>PUP.SweetIM
      [HKCRCLSID{EEE6C35D-6118-11DC-9C72-001320C79847}] (SweetIM ToolbarURLSearchHook Class) =>PUP.SweetIM
      SS - | Auto 10/07/1658 0 | (IBUpdaterService) . (...) - C:WindowsSystem32dmwu.exe =>Adware.InstallBrain
      SS - | Auto 10/07/1658 0 | (Update Mega Browse) . (...) - C:Program FilesMega BrowseupdateMegaBrowse.exe =>PUP.MegaBrowse
      [HKLMSoftwareGoogleChromeExtensionscjmplbnfmniceomefbehjibjigknjaao] =>PUP.DiGiSaver^
      [HKLMSoftwareGoogleChromeExtensionsghidoagigpolbjipegiemahknjmmhnam] =>PUP.TubeAdBlocker^
      [HKLMSoftwareGoogleChromeExtensionsgolapeopndcilhkgbckmeoengmkanncj] =>PUP.Websave^
      [HKLMSoftwareGoogleChromeExtensionshahpjplbmicfkmoccokbjejahjjpnena] =>Hijacker.SearchB1org^
      [HKLMSoftwareGoogleChromeExtensionsihhmkgmoickonlbbblaeedgjpfmpkdjn] =>PUP.YTAdRemoval^
      [HKLMSoftwareGoogleChromeExtensionsogccgbmabaphcakpiclgcnmcnimhokcj] =>PUP.SweetIM^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{EEE6C35C-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
      [HKLMSYSTEMCurrentControlSetServicesIBUpdaterService] =>Adware.InstallBrain^
      [HKLMSYSTEMCurrentControlSetServicesUpdate Mega Browse] =>PUP.MegaBrowse^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstallAnti-phishing Domain Advisor] =>Adware.PUP.VisicomAntiPhishing^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstall{7223EDAC-E091-B3C1-BD91-B66CE557800F}] =>PUP.DiGiSaver^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstallWNLT] =>Adware.InstallBrain^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstallSweetIM Bundle by SweetPacks] =>PUP.SweetIM^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstall{A0C9DF2B-89B5-4483-8983-18A68200F1B4}] =>PUP.SweetIM^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstall{96E2E493-C484-43E3-9B95-D62EE7D40D3A}] =>PUP.SweetIM^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstall{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}] =>PUP.SweetIM^
      [HKLMSoftwareClassesAppID{09C554C3-109B-483C-A06B-F14172F1A947}] =>PUP.Babylon
      [HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>PUP.Babylon
      [HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}] =>PUP.ToolbarCleaner
      [HKLMSoftwareClassesTypeLib{4d3b167e-5fd8-4276-8fd7-9df19c1e4d19}] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz
      [HKLMSoftwareClassesCLSID{82ac53b4-164c-4b07-a016-437a8388b81a}] =>PUP.SweetIM
      [HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}] =>Toolbar.Agent
      [HKLMSoftwareClassesInterface{A439801C-961D-452C-AB42-7848E9CBD289}] =>PUP.Babylon
      [HKLMSoftwareClassesCLSID{A4A0CB15-8465-4F58-A7E5-73084EA2A064}] =>PUP.SweetIM
      [HKLMSoftwareClassesAppID{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
      [HKLMSoftwareClassesCLSID{E46C8196-B634-44a1-AF6E-957C64278AB1}] =>PUP.Babylon
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsD15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsD6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsA189D17A469616C4688D23E192996267] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsD3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components351716A953E21214898904032EAE2E81] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
      [HKLMSoftwareClassesInterface{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}] =>PUP.Babylon
      [HKLMSoftwareClassesAppIDescort.dll] =>PUP.Babylon
      [HKLMSoftwareMicrosoftWindowsCurrentVersionApp Pathssweetim.exe] =>PUP.SweetIM
      [HKLMSoftwareClassessim-packages] =>Toolbar.Agent
      [HKCUSoftwareAPN PIP] =>Toolbar.Ask
      [HKCUSoftwareBabylonToolbar] =>PUP.Babylon
      [HKLMSoftwareBabylonToolbar] =>PUP.Babylon
      [HKCUSoftwarePIP] =>Toolbar.Ask
      [HKCUSoftwareSoftonic] =>Toolbar.Conduit
      [HKLMSoftwareClassesInstallerFeaturesEB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM
      [HKLMSoftwareClassesInstallerProductsEB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ProductsEB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftTracingMobogenie_RASMANCS] =>PUP.Mobogenie
      [HKCUSoftwareSweetIM] =>PUP.SweetIM
      [HKLMSoftwareSweetIM] =>PUP.SweetIM
      [HKCUSoftwareWNLT] =>Adware.IncrediBar
      [HKLMSoftwareWNLT] =>Adware.IncrediBar
      [HKLMSoftwareMicrosoftTracingBabylon_RASAPI32] =>PUP.Babylon
      [HKLMSoftwareMicrosoftTracingBabylon_RASMANCS] =>PUP.Babylon
      [HKLMSoftwareMicrosoftTracingMobogenie_RASAPI32] =>PUP.Mobogenie
      [HKLMSoftwareClassesProd.cap] =>PUP.Babylon
      [HKLMSoftwareVBMZ] =>Toolbar.Conduit
      [HKCUSoftwareInstallCore] =>Adware.InstallCore
      [HKLMSoftwareClassesInstallerFeaturesB2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
      [HKLMSoftwareClassesInstallerProductsB2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ProductsB2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
      [HKLMSoftwareClassesInstallerFeatures394E2E69484C3E34B9596DE27E4DD0A3] =>PUP.SweetIM
      [HKLMSoftwareClassesInstallerProducts394E2E69484C3E34B9596DE27E4DD0A3] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Products394E2E69484C3E34B9596DE27E4DD0A3] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstall{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}] =>Adware.Browse2Save
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components2F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components7D5290CDBDAE4242926B8E6CA650501] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components80D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsE3D8A5B48622A445A7DF73FEFF32C3F] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUpgradeCodes789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components4318DF19719275242801CBE292063A4C] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components45FC115D1FEAEF849A4E1610D6EC8BF0] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components46A5861A389ADB844AF89E31BC9DF0A1] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components49B0E1A6FF50BBE4289E4E23DE6EA0C7] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components4CCCAC049F34D0540AAC13011398BEDB] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components5C4389D0BFB302C479DE4178BD5D9EBA] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components5D2B09BDEF4FE54418E6F3373CDBC7AC] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components61B65D3397A1FBF4CB1571B5E4F6B5B0] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components68E8A05C60DD9254591DBD16C94EDDBF] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components697E782CF574CC34CBB9566440BA12BC] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components6AE27A8613CF7EA4782F2886F67295E5] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components75D5168E5E176C24981B4E5DBD991078] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components7CE172051F585E04187BCB97570BFA74] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components86A901BA5265452499DCBF719C378EE3] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components8724E58E6C7D00C48A0D4F3345EB2C26] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components88ABD1CD5C40EC84789A7F6EF86DAC5E] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components980289C22F80A7C4BB9323DC61255E4E] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components9A4B7EF3789F871419D9302583B20C15] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsA6C53B0F76C44004A8F36716213017DB] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsAB676B0E1B9EFA049B9F7DDDA9645734] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsB31BBB0B825EDEF45AB0FE7099C68C81] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsB471D8D7319336B4CA89374ED0D7B806] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsB59F2D8189784CC46A4597F2842480B0] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsBC30043663AA2CA4DA1DAA9CA5FDCC75] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsBD746FB95FB8E5B45BF66BE54D5FD91F] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsCCF399FCD6D2D3F46BF02A1378654FC9] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsD149C1355C98DE24E82CEFBD996FE06A] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsDB59FDB786388EA4D897F3EE715683AC] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsDB8DAD19CFBCC2049A4477183787E8C5] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsE1C820A74ED67374BA048B52CB3C3804] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsEC65F200D112357449C8B1BC3CFA03D0] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsF327D0C73C0973644A21E8CC852267A0] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsFA96423FE2B98E248A3B23548D1E22D9] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsFDC83385E6C239F4C876A77A37DF581D] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components34EDDB1BFB3A2D448845F3EFD0F15A43] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components427EA997C413D1D47907CBFC7B2DB432] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUpgradeCodesA97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
      [HKLMSoftwareClassesMediaPlayer.GraphicsUtils] =>PUP.SweetIM
      [HKLMSoftwareClassesMediaPlayer.GraphicsUtils.1] =>PUP.SweetIM
      [HKLMSoftwareClassesMgMediaPlayer.GifAnimator] =>PUP.SweetIM
      [HKLMSoftwareClassesMgMediaPlayer.GifAnimator.1] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsF754C503375A13344B22388E18DFE87E] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsE4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
      [HKCUSoftwareBI] =>Adware.MegaSearch
      [HKLMSoftwareClassesCLSID{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}] =>Adware.BrowseFox
      [HKLMSoftwareMicrosoftTracingapnstub_RASAPI32] =>Toolbar.Ask
      [HKLMSoftwareMicrosoftTracingapnstub_RASMANCS] =>Toolbar.Ask
      [HKLMSoftwareMicrosoftTracingaskpartnercobrandingtool_rasapi32] =>Toolbar.Ask
      [HKLMSoftwareMicrosoftTracingaskpartnercobrandingtool_rasmancs] =>Toolbar.Ask
      [HKLMSoftwareClassesSWEETIE.IEToolbar] =>PUP.SweetIM
      [HKLMSoftwareClassesSWEETIE.IEToolbar.1] =>PUP.SweetIM
      [HKLMSoftwareClassesSweetIM_URLSearchHook.ToolbarURLSearchHook] =>PUP.SweetIM
      [HKLMSoftwareClassesSweetIM_URLSearchHook.ToolbarURLSearchHook.1] =>PUP.SweetIM
      [HKLMSoftwareClassesToolbar3.SWEETIE] =>PUP.SweetIM
      [HKLMSoftwareClassesToolbar3.SWEETIE.1] =>PUP.SweetIM
      [HKLMSoftwareClassesInterface{EEE6C358-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
      [HKLMSoftwareClassesInterface{EEE6C359-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
      [HKLMSoftwareClassesInterface{EEE6C35A-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components8E33F7B61DEFF24BB9673ED7D467636] =>PUP.SweetIM^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsFF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components12BF94BD06C95F343A77631402B9556A] =>PUP.SweetIM^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components2124D8A8CF720FD44866190AF560228E] =>PUP.SweetIM^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components27A325ACED8CA4743A30127638591ADB] =>PUP.SweetIM^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components350D17402BD84234EAF7D32F08172D7C] =>PUP.SweetIM^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components3EE8C5F419057E1478A654868CEE60B5] =>PUP.SweetIM^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components4735D908D66E1BA46B6C2D7185A12B2B] =>PUP.SweetIM^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components76D8378E2DDAED3428720A631F6E3BF0] =>PUP.SweetIM^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components9A001B259DB7D694E818BE29B973992C] =>PUP.SweetIM^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsBAE2EC163C6A68A48921573E0E7E199D] =>PUP.SweetIM^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsBF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsC06C6662FA5B04646829E4A460857770] =>PUP.SweetIM^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsCE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsCEEB3E14ABE8270419B0FD762E18F7C6] =>PUP.SweetIM^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsED1B5E9A3BDB51349BF96E842C062D98] =>PUP.SweetIM^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsFECBC2BC14DA6CD459BD59A041709836] =>PUP.SweetIM^
      [HKLMSoftwareMicrosoftInternet ExplorerToolbar]:{EEE6C35B-6118-11DC-9C72-001320C79847} =>PUP.SweetIM^
      [HKLMSOFTWAREMicrosoftWindowsCurrentVersionRun]:Anti-phishing Domain Advisor =>Adware.PUP.VisicomAntiPhishing^
      [HKCUSOFTWAREMicrosoftWindowsCurrentVersionRun]:Apps Hat =>PUP.CrossRider^
      C:UsersuserAppDataLocalGoogleChromeUser DataDefaultExtensionscjmplbnfmniceomefbehjibjigknjaao =>PUP.DiGiSaver^
      C:UsersuserAppDataLocalGoogleChromeUser DataDefaultExtensionsghidoagigpolbjipegiemahknjmmhnam =>PUP.TubeAdBlocker^
      C:UsersuserAppDataLocalGoogleChromeUser DataDefaultExtensionsgolapeopndcilhkgbckmeoengmkanncj =>PUP.Websave^
      C:UsersuserAppDataLocalGoogleChromeUser DataDefaultExtensionshahpjplbmicfkmoccokbjejahjjpnena =>Hijacker.SearchB1org^
      C:UsersuserAppDataLocalGoogleChromeUser DataDefaultExtensionsihhmkgmoickonlbbblaeedgjpfmpkdjn =>PUP.YTAdRemoval^
      C:UsersuserAppDataLocalGoogleChromeUser DataDefaultExtensionsogccgbmabaphcakpiclgcnmcnimhokcj =>PUP.SweetIM^
      C:Program FilesDigiSaver =>PUP.DiGiSaver^
      C:Program FilesMega Browse =>PUP.MegaBrowse^
      C:Program FilesMyPC Backup =>PUP.MyPCBackup^
      C:Program FilesSweetIM =>PUP.SweetIM^
      C:Program Filessweetpacks bundle uninstaller =>PUP.SweetIM^
      C:Program FileswEabsavEE =>PUP.Websave^
      C:Program FilesYoutubeAdblocker =>PUP.TubeAdBlocker^
      C:Program FilesYTAdRemoval =>PUP.YTAdRemoval^
      C:ProgramDataAnti-phishing Domain Advisor =>Adware.PUP.VisicomAntiPhishing^
      C:ProgramDataBabylon =>PUP.Babylon^
      C:ProgramDataDigiSaver =>PUP.DiGiSaver^
      C:ProgramDataInstallMate =>PUP.Tarma^
      C:ProgramDataSweetIM =>PUP.SweetIM^
      C:ProgramDataVisualBee =>Adware.VisualBeeToolbar^
      C:ProgramDatawEabsavEE =>PUP.Websave^
      C:ProgramDataYoutubeAdblocker =>PUP.TubeAdBlocker^
      C:ProgramDataYTAdRemoval =>PUP.YTAdRemoval^
      C:UsersuserAppDataRoamingB1Toolbar =>Hijacker.SearchB1org^
      C:UsersuserAppDataRoamingBabylon =>PUP.Babylon^
      C:UsersuserAppDataRoamingnewnext.me =>PUP.NextLive^
      C:UsersuserAppDataRoamingOpenCandy =>Adware.OpenCandy^
      C:UsersuserAppDataLocalBabylon =>PUP.Babylon^
      C:UsersuserAppDataLocalBundled software uninstaller =>Adware.MegaSearch^
      C:UsersuserAppDataLocalgenienext =>PUP.NextLive^
      C:UsersuserAppDataLocaliLivid =>Adware.Bandoo^
      C:UsersuserAppDataLocalMobogenie =>PUP.Mobogenie^
      C:UsersuserAppDataLocalB1E =>Toolbar.BrotherSoft
      C:UsersuserAppDataRoamingMozillaFirefoxProfilesmaos1urt.defaultSearchPluginssweetim.xml =>PUP.SweetIM
      [HKCUSoftwareOptimizer Pro] =>PUP.OptimizerPro^
      [HKCUSoftwareRegisteredApplicationsEx] =>PUP.SfKpCouponApp^
      [HKCUSoftwareVisualbee] =>Adware.VisualBeeToolbar^
      [HKLMSoftwareBabylon] =>PUP.Babylon^
      [HKLMSoftwareVisualbee] =>Adware.VisualBeeToolbar^
      C:WindowsInstallerecdd8a.msi =>PUP.SweetIM^
      [HKCRCLSID{28AA3843-2744-2BDB-0CB4-B6973A89069B}] (YTAdRemoval) =>PUP.YTAdRemoval^
      [HKCRCLSID{2EECD738-5844-4a99-B4B6-146BF802613B}] (Babylon toolbar helper) =>PUP.Babylon^
      [HKCRCLSID{B8C54F28-F7D4-D3E0-F326-F0EF175D0072}] (YoutubeAdblocker) =>PUP.Multiplug^
      [HKCRCLSID{DB38CCBB-E151-3245-3E9D-A010F51222C2}] (DigiSaver) =>PUP.DiGiSaver^
      [HKCRCLSID{EEE6C35B-6118-11DC-9C72-001320C79847}] (SweetPacks Toolbar for Internet Explorer) =>PUP.SweetIM^
      [HKCRCLSID{EEE6C35C-6118-11DC-9C72-001320C79847}] (SweetPacks Browser Helper) =>PUP.SweetIM^
      [HKCRCLSID{EEE6C35D-6118-11DC-9C72-001320C79847}] (SweetIM ToolbarURLSearchHook Class) =>PUP.SweetIM^
      ProxyFix
      EmptyPrefetch
      EmptyFlash
      SysRestore
      FirewallRAZ
      EmptyTemp

    • Lances ZHPFix, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista

      1. Clique sur Importer
      2. Les lignes précedemment copiées doivent être collées dans le cadre
      3. Si c’est le cas, Clic sur “GO


      exemple :

    • Confirmes les nettoyages des données en cliquant sur “Oui
    • Une fois le scan terminé rends toi sur le bureau, le fichier ZHPFixReport à été crée.
    • Héberge le rapport ZHPFixReport sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse.
    benaissa
    Participant
    Nombre d'articles : 9

    bonsoir

    je ne reussi pas a trouver le script sur google chrome es ce que vous pouvez me donner des indications svp

    buckhulk
    Participant
    Nombre d'articles : 2398

    Le script que je t’ai fait pour ZHPFix , il est dans le message au dessus il suffit de cliquer sur tout selectionner et de faire un clic droit dessus en faisant copier , puis tu ouvre ZHPFix (la seringue), les lignes doivent être inscrites dedant ou tu fais importer , puis nettoyer , et go !

    pour réinitialiser Google chrome c’est comme ça :

    [spoiler:1ig6em89]Avec Google Chrome, vous pouvez réinitialiser vos paramètres de navigateur d'un simple clic. Dans certains cas, les programmes que vous installez peuvent modifier les paramètres de Chrome à votre insu. De nouvelles extensions ou barres d'outils peuvent s'afficher et le moteur de recherche peut changer. En réinitialisant les paramètres du navigateur, vous annulez ces modifications indésirables, issues de l'installation d'autres programmes. Vos favoris et vos mots de passe enregistrés ne sont cependant pas supprimés ni modifiés.

    Pour réinitialiser les paramètres du navigateur, procédez comme suit :

    Cliquez sur le menu Chrome Chrome menu dans la barre d'outils du navigateur.
    Sélectionnez Paramètres.
    Cliquez sur Afficher les paramètres avancés, puis accédez à la section “Réinitialiser les paramètres du navigateur”.
    Cliquez sur Réinitialiser les paramètres du navigateur.
    Dans la boîte de dialogue qui s'affiche, cliquez sur Réinitialiser. Remarque : lorsque la case “Aidez-nous à améliorer Google Chrome en nous signalant les paramètres actuels” est cochée, cela signifie que vous envoyez vos paramètres Chrome à Google de manière anonyme. En nous signalant ces paramètres, vous nous permettez d'analyser les tendances et vous nous aidez à éviter toute modification indésirable des paramètres à l'avenir.
    La réinitialisation de vos paramètres de navigateur a un impact sur les paramètres ci-dessous :

    Les valeurs par défaut de votre moteur de recherche par défaut et des autres moteurs de recherche enregistrés seront rétablies.
    Le bouton Accueil sera masqué et l'URL que vous aviez définie sera supprimée.
    Les onglets s'affichant par défaut au démarrage seront effacés. Un nouvel onglet s'affichera lorsque vous ouvrirez le navigateur ou reprendrez votre navigation là où vous vous étiez arrêté si vous utilisez un Chromebook.
    La page Nouvel onglet sera vide, sauf si vous disposez d'une version de Chrome contenant une extension qui contrôle cette page. Si tel est le cas, la page sera peut-être conservée.
    Les onglets épinglés ne le seront plus.
    Les paramètres de contenu seront effacés et leurs valeurs par défaut seront rétablies.
    Les cookies et les données de site seront effacés.
    Les extensions et les thèmes seront désactivés.[/spoiler:1ig6em89]

    est-ce que j’ai bien compris ta question ?

    benaissa
    Participant
    Nombre d'articles : 9

    bonjour ;

    dsl pour mon retard du aux occupations personnelles:

    voici le lien du rapport,
    https://antimalware.top/www/?a=d&i=eWRfGsX6ay” onclick=”window.open(this.href);return false;

15 sujets de 1 à 15 (sur un total de 17)
  • Vous devez être connecté pour répondre à ce sujet.