15 sujets de 1 à 15 (sur un total de 18)
  • Auteur
    Messages
  • aude25
    Participant
    Nombre d'articles : 12

    Bonsoir,
    je ne savais pas si il fallait continuer le message de hugow ou re créer un nouveau message..
    J’ai tout un tas de bannières publicitaires qui viennent se greffer aux pages que je consulte . j’ai téléchargé junkware comme vous l’aviez préconisé dans le sujet d’hugow et j’ai donc maintenant un rapport sur mon bureau. et là, ben ça me fait un belle jambe je ne sais qu’en faire.. :what:

    merci d’avance de l’aide que vous pourrez m’apporter :shame:

    Aude

    H.A.W.X
    Participant
    Nombre d'articles : 1809

    Bonsoir et bienvenue :)

    Tu es probablement infecté. Nous allons commencer par un scan général ;)

    • Copie le script ci dessous :
      HKCRLocal SettingsSoftwareMicrosoftWindowsShellMuiCache
      HKCUSoftware
      HKCUSoftwareAppDataLowSoftware
      HKCUSoftwareClassesLocal SettingsSoftwareMicrosoftWindowsShellMuiCache
      HKCUSoftwareGoogleChromeExtensions
      HKCUSOFTWAREPoliciesGoogleChrome /s
      HKCUSoftwareMicrosoftCommand Processor /s
      HKLMSOFTWAREPoliciesGoogleChrome /s
      HKLMSoftwareMicrosoftCommand Processor /s
      HKLMSoftware
      HKLMSoftwareClasses
      HKLMSoftwareClassesInstallerAssemblies
      HKLMSoftwareMicrosoftTracing
      HKLMSoftwareWow6432NodeGoogleChromeExtensions
      HKLMSoftwareWow6432NodeMicrosoftTracing
      %Homedrive%*
      %Homedrive%*.
      %Userprofile%*
      %Userprofile%*.
      %Allusersprofile%*
      %Allusersprofile%*.
      %LocalAppData%*
      %LocalAppData%*.
      %Userprofile%Local SettingsApplication Data*
      %Userprofile%Local SettingsApplication Data*.
      %Userprofile%AppDataLocalGoogleChromeUser DataDefaultPepper DataShockwave FlashWritableRoot#SharedObjects*
      %Userprofile%AppDataLocalGoogleChromeUser DataDefaultPepper DataShockwave FlashWritableRoot#SharedObjects*.
      %programFiles%*
      %programfiles%GoogleDesktopInstall /s
      %programFiles%*.
      %Systemroot%Installer*.
      %Systemroot%Temp*.exe /s
      %systemroot%system32*.dll /lockedfiles
      %systemroot%system32*.exe /lockedfiles
      %systemroot%system32*.in*
      %systemroot%Tasks*
      %systemroot%Tasks*.
      %systemroot%system32Tasks*
      %systemroot%system32Tasks*.
      %systemroot%system32drivers*.sy* /lockedfiles
      %systemroot%system32config*.exe /s
      %Systemroot%ServiceProfiles*.exe /s
      %systemroot%system32*.sys
      dir %Homedrive%* /S /A:L /C
      msconfig
      activex
      /md5start
      explorer.exe
      winlogon.exe
      wininit.exe
      volsnap.sys
      atapi.sys
      ndis.sys
      cdrom.sys
      i8042prt.sys
      iastor.sys
      tdx.sys
      netbt.sys
      afd.sys
      /md5stop
      netsvcs
      safebootminimal
      safebootnetwork
      CREATERESTOREPOINT
    • Télécharge OTL (by OldTimer) sur ton bureau.
    • Lance OTL, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Coche/Sélectionne les cases comme l’image ci dessous
    • Colle le Script copié plus haut dans la partie inférieure d’OTL “Personnalisation”
    • Clique sur Analyse

    • Une fois le scan terminé 1 ou 2 rapports vont s’ouvrir OTL.txt et Extras.txt.
    • Héberge les rapports OTL.txt et Extras.txt sur Sosupload
    • Aide: comment héberger un fichier sur Sosupload

      Note : Au cas où, tu peux les retrouver dans le dossier C:OTL ou sur ton bureau en fonction des cas rencontrés

    ++ :)

    aude25
    Participant
    Nombre d'articles : 12

    http://cjoint.com/data3/3DwapYDfWZG.htm” onclick=”window.open(this.href);return false;

    http://cjoint.com/data3/3DwarmoZprI.htm” onclick=”window.open(this.href);return false;

    si mes liens fonctionnent je veux bien aller brûler un cierge vu mon ignorance totale en matière d’informatique.. :)

    H.A.W.X
    Participant
    Nombre d'articles : 1809

    Bonsoir,

    Je poste ton rapport demain matin :)

    ++

    H.A.W.X
    Participant
    Nombre d'articles : 1809

    Bonjour, :)

    Ca faisait longtemps que j’avais pas mis autant de temps pour lire un rapport :shocked: Autant te dire qu’il y a du monde dans ton ordi :secretsmile:

    Tu vas avoir 5 étapes à faire dans l’ordre :) Tout les rapports sont à mettre sur cjoint, comme au début :)

    1.

    • Copie les lignes en italique ci dessous :

    :otl
    PRC – [2014/04/21 20:34:59 | 000,457,728 | —- | M] () — C:UsersAude GALINIERAppDataRoamingcacaowebcacaoweb.exe
    PRC – [2014/04/20 23:38:35 | 000,566,272 | —- | M] (Cherished Technololgy LIMITED) — C:ProgramDataWPMwprotectmanager.exe
    PRC – [2014/04/16 16:02:10 | 003,267,536 | —- | M] () — C:UsersAude GALINIERAppDataLocalfst_fr_156upfst_fr_156.exe
    PRC – [2014/04/16 16:02:06 | 003,982,800 | —- | M] () — C:Program Files (x86)fst_fr_156fst_fr_156.exe
    PRC – [2014/04/11 04:05:52 | 000,705,136 | —- | M] (Cherished Technololgy LIMITED) — C:ProgramDataIePluginServicePluginService.exe
    MOD – [2014/04/21 20:34:59 | 000,457,728 | —- | M] () — C:UsersAude GALINIERAppDataRoamingcacaowebcacaoweb.exe
    MOD – [2014/04/16 16:02:10 | 003,267,536 | —- | M] () — C:UsersAude GALINIERAppDataLocalfst_fr_156upfst_fr_156.exe
    MOD – [2014/04/16 16:02:06 | 003,982,800 | —- | M] () — C:Program Files (x86)fst_fr_156fst_fr_156.exe
    IE:64bit: – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1398029880&from=tugs&uid=HGSTXHTS541075A9E680_JD110019K8DE1KK8DE1KX” onclick=”window.open(this.href);return false;
    IE:64bit: – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1398029880&from=tugs&uid=HGSTXHTS541075A9E680_JD110019K8DE1KK8DE1KX&q=” onclick=”window.open(this.href);return false;{searchTerms}
    IE:64bit: – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1398029880&from=tugs&uid=HGSTXHTS541075A9E680_JD110019K8DE1KK8DE1KX&q=” onclick=”window.open(this.href);return false;{searchTerms}
    IE:64bit: – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://start.mysearchdial.com/?f=1&a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyByE0DtDtB0BtDyC0Fzz0CyE0DtB0BzytN0D0Tzu0SzzyEtCtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1PtN1L1G1B1V1N2Y1L1Qzu2SyC0CtByD0EtDtD0DtGtAtCyBtCtG0C0C0EtAtG0CyD0FtAtGyE0DzztDyByB0BtAyEyD0B0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0CyB0A0AyC0AtBtG0B0A0D0AtG0ByDtCtBtGyDtC0AtCtGtB0EyCyByDzyyBzyzytA0EyC2Q&cr=1963455271&ir=” onclick=”window.open(this.href);return false;
    IE:64bit: – HKLM..SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://www.bing.com/search?q=” onclick=”window.open(this.href);return false;{searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
    IE:64bit: – HKLM..SearchScopes{33BB0A4E-99AF-4226-BDF6-49120163DE86}: “URL” = http://start.mysearchdial.com/results.php?f=4&q=” onclick=”window.open(this.href);return false;{searchTerms}&a=cmi_14_16_ch&cd=2XzuyEtN2Y1L1QzuyByE0DtDtB0BtDyC0Fzz0CyE0DtB0BzytN0D0Tzu0SzzyEtCtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1PtN1L1G1B1V1N2Y1L1Qzu2SyC0CtByD0EtDtD0DtGtAtCyBtCtG0C0C0EtAtG0CyD0FtAtGyE0DzztDyByB0BtAyEyD0B0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0CyB0A0AyC0AtBtG0B0A0D0AtG0ByDtCtBtGyDtC0AtCtGtB0EyCyByDzyyBzyzytA0EyC2Q&cr=1963455271&ir=
    IE:64bit: – HKLM..SearchScopes{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: “URL” = http://istart.webssearches.com/web/?type=ds&ts=1398029880&from=tugs&uid=HGSTXHTS541075A9E680_JD110019K8DE1KK8DE1KX&q=” onclick=”window.open(this.href);return false;{searchTerms}
    IE – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1398029880&from=tugs&uid=HGSTXHTS541075A9E680_JD110019K8DE1KK8DE1KX” onclick=”window.open(this.href);return false;
    IE – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1398029880&from=tugs&uid=HGSTXHTS541075A9E680_JD110019K8DE1KK8DE1KX&q=” onclick=”window.open(this.href);return false;{searchTerms}
    IE – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1398029880&from=tugs&uid=HGSTXHTS541075A9E680_JD110019K8DE1KK8DE1KX&q=” onclick=”window.open(this.href);return false;{searchTerms}
    IE – HKLM..SearchScopes{33BB0A4E-99AF-4226-BDF6-49120163DE86}: “URL” = http://istart.webssearches.com/web/?type=ds&ts=1398029880&from=tugs&uid=HGSTXHTS541075A9E680_JD110019K8DE1KK8DE1KX&q=” onclick=”window.open(this.href);return false;{searchTerms}
    IE – HKUS-1-5-21-2734083464-1398316719-1191631614-1002SOFTWAREMicrosoftInternet ExplorerMain,bProtector Start Page = http://www.searchgol.com/?babsrc=HP_ss&mntrId=2EC91E71D9704F5A&affID=125035&tsp=5030” onclick=”window.open(this.href);return false;
    IE – HKUS-1-5-21-2734083464-1398316719-1191631614-1002SOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1398029880&from=tugs&uid=HGSTXHTS541075A9E680_JD110019K8DE1KK8DE1KX” onclick=”window.open(this.href);return false;
    IE – HKUS-1-5-21-2734083464-1398316719-1191631614-1002..SearchScopes{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: “URL” = http://istart.webssearches.com/web/?type=ds&ts=1398029880&from=tugs&uid=HGSTXHTS541075A9E680_JD110019K8DE1KK8DE1KX&q=” onclick=”window.open(this.href);return false;{searchTerms}
    FF – prefs.js..browser.search.defaultenginename: “webssearches”
    FF – prefs.js..browser.search.selectedEngine: “webssearches”
    FF – prefs.js..browser.startup.homepage: “http://istart.webssearches.com/?type=hppp&ts=1398103281&from=tugs&uid=HGSTXHTS541075A9E680_JD110019K8DE1KK8DE1KX”
    FF – prefs.js..extensions.enabledAddons: cacaoweb%40cacaoweb.org:1.0.34
    [2014/04/20 23:38:36 | 000,000,000 | —D | M] (“Freeven pro 1.2”) — C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensions2ab9302c-551a-4804-9971-9932d6d5b0f9@2bfa4cf8-298a-4792-80d5-75352ee81de1.com
    [2013/12/04 23:15:29 | 000,000,000 | —D | M] (cacaoweb) — C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensionscacaoweb@cacaoweb.org
    [2014/04/20 23:39:45 | 000,000,000 | —D | M] (“MediaPlayerplus”) — C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensionsa9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com
    [2014/04/21 17:31:20 | 000,000,000 | —D | M] (No name found) — C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensions2ab9302c-551a-4804-9971-9932d6d5b0f9@2bfa4cf8-298a-4792-80d5-75352ee81de1.comextensionData
    [2014/04/21 17:31:20 | 000,000,000 | —D | M] (No name found) — C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensions2ab9302c-551a-4804-9971-9932d6d5b0f9@2bfa4cf8-298a-4792-80d5-75352ee81de1.comextensionDataplugins
    [2014/04/21 17:31:20 | 000,000,000 | —D | M] (No name found) — C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensions2ab9302c-551a-4804-9971-9932d6d5b0f9@2bfa4cf8-298a-4792-80d5-75352ee81de1.comextensionDatauserCode
    [2014/04/21 17:31:22 | 000,000,000 | —D | M] (No name found) — C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensionsa9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.comextensionData
    [2014/04/21 17:31:22 | 000,000,000 | —D | M] (No name found) — C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensionsa9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.comextensionDataplugins
    [2014/04/21 17:31:22 | 000,000,000 | —D | M] (No name found) — C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensionsa9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.comextensionDatauserCode
    [2014/04/21 20:01:24 | 000,000,585 | —- | M] () — C:Program Files (x86)mozilla firefoxsearchpluginswebssearches.xml
    CHR – Extension: Freeven pro 1.2 = C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultExtensionsdmgpbjjcdccinnndjdgmegndbmhbgglb1.26.17_0crossrider
    CHR – Extension: Freeven pro 1.2 = C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultExtensionsdmgpbjjcdccinnndjdgmegndbmhbgglb1.26.17_0
    CHR – Extension: MediaPlayerplus = C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultExtensionsmajjphhgppkndjjkmhhnbgafooenebhd1.26.21_0crossrider
    CHR – Extension: MediaPlayerplus = C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultExtensionsmajjphhgppkndjjkmhhnbgafooenebhd1.26.21_0
    O2 – BHO: (IETabPage Class) – {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} – C:Program Files (x86)SupTabSupTab.dll (Thinknice Co. Limited)
    O2 – BHO: (searchgol Helper Object) – {8F547BDD-FCD4-48F8-A06F-573D6F404A3C} – C:Program Files (x86)searchgolsearchgol1.8.16.19bhsearchgol.dll (Montera Technologeis LTD)
    O2 – BHO: (mysearchdial Helper Object) – {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} – C:Program Files (x86)Mysearchdial1.8.29.0bhmysearchdial.dll File not found
    O3:64bit: – HKLM..Toolbar: (no name) – Locked – No CLSID value found.
    O3 – HKLM..Toolbar: (no name) – Locked – No CLSID value found.
    O4 – HKLM..Run: [fst_fr_156] C:Program Files (x86)fst_fr_156fst_fr_156.exe ()
    O4 – HKUS-1-5-21-2734083464-1398316719-1191631614-1002..Run: [cacaoweb] C:UsersAude GALINIERAppDataRoamingcacaowebcacaoweb.exe ()

    :reg
    [-HKEY_CURRENT_USERSoftware59538dd0e03ebe48]
    [-HKEY_CURRENT_USERSoftwareAnyProtect]
    [-HKEY_CURRENT_USERSoftwareAppDataLowSoftwareMediaPlayerplus]
    [-HKEY_CURRENT_USERSoftwarecacaoweb]
    [-HKEY_CURRENT_USERSoftwarefreesofttoday]
    [-HKEY_CURRENT_USERSoftwareGoogleChromeExtensionsiagcajndpnfncplednpbnkahadegklfa]
    [-HKEY_CURRENT_USERSoftwareGoogleChromeExtensionspaoponfhfdfnjgddpnpjkambkcgdaaib]
    [-HKEY_CURRENT_USERSoftwareOptimizer Elite Max]
    [-HKEY_CURRENT_USERSoftwaresearchgol]
    [-HKEY_CURRENT_USERSoftwareTutoTag]
    [-HKEY_LOCAL_MACHINESoftware59538dd0e03ebe48]
    [-HKEY_LOCAL_MACHINESoftwareBunndle]
    [-HKEY_LOCAL_MACHINESoftwareClasses.searchConnector-ms]
    [-HKEY_LOCAL_MACHINESoftwareClasses.search-ms]
    [-HKEY_LOCAL_MACHINESoftwarefree_soft_today]
    [-HKEY_LOCAL_MACHINESoftwareFreeven pro 1.2]
    [-HKEY_LOCAL_MACHINESoftwareMediaPlayerplus]
    [-HKEY_LOCAL_MACHINESoftwareMicrosoftTracingBrowseMark_RASAPI32]
    [-HKEY_LOCAL_MACHINESoftwareMicrosoftTracingBrowseMark_RASMANCS]
    [-HKEY_LOCAL_MACHINESoftwareMicrosoftTracingNewPlayer_RASAPI32]
    [-HKEY_LOCAL_MACHINESoftwareMicrosoftTracingNewPlayer_RASMANCS]
    [-HKEY_LOCAL_MACHINESoftwareMicrosoftTracingScanTack_RASAPI32]
    [-HKEY_LOCAL_MACHINESoftwareMicrosoftTracingScanTack_RASMANCS]
    [-HKEY_LOCAL_MACHINESoftwareMicrosoftTracingSetup (1)_RASAPI32]
    [-HKEY_LOCAL_MACHINESoftwareMicrosoftTracingSetup (1)_RASMANCS]
    [-HKEY_LOCAL_MACHINESoftwareMicrosoftTracingupdateBrowseMark_RASAPI32]
    [-HKEY_LOCAL_MACHINESoftwareMicrosoftTracingupdateBrowseMark_RASMANCS]
    [-HKEY_LOCAL_MACHINESoftwareMicrosoftTracingupdateScanTack_RASAPI32]
    [-HKEY_LOCAL_MACHINESoftwareMicrosoftTracingupdateScanTack_RASMANCS]
    [-HKEY_LOCAL_MACHINESoftwaresearchgol]
    [-HKEY_LOCAL_MACHINESoftwaresupTab]
    [-HKEY_LOCAL_MACHINESoftwaresupWPM]
    [-HKEY_LOCAL_MACHINESoftwareTutorials]
    [-HKEY_LOCAL_MACHINESoftwareUniblue]
    [-HKEY_LOCAL_MACHINESoftwarewebssearchesSoftware]
    [-HKEY_LOCAL_MACHINESoftwareWow6432NodeGoogleChromeExtensionsaipfmkinhleccnodemkoofnnofpbbpac]
    [-HKEY_LOCAL_MACHINESoftwareWow6432NodeGoogleChromeExtensionspelmeidfhdlhlbjimpabfcbnnojbboma]
    [-HKEY_LOCAL_MACHINESoftwareWow6432NodeMicrosoftTracingBrowseMark_RASAPI32]
    [-HKEY_LOCAL_MACHINESoftwareWow6432NodeMicrosoftTracingBrowseMark_RASMANCS]
    [-HKEY_LOCAL_MACHINESoftwareWow6432NodeMicrosoftTracingNewPlayer_RASAPI32]
    [-HKEY_LOCAL_MACHINESoftwareWow6432NodeMicrosoftTracingNewPlayer_RASMANCS]
    [-HKEY_LOCAL_MACHINESoftwareWow6432NodeMicrosoftTracingScanTack_RASAPI32]
    [-HKEY_LOCAL_MACHINESoftwareWow6432NodeMicrosoftTracingScanTack_RASMANCS]
    [-HKEY_LOCAL_MACHINESoftwareWow6432NodeMicrosoftTracingSetup (1)_RASAPI32]
    [-HKEY_LOCAL_MACHINESoftwareWow6432NodeMicrosoftTracingSetup (1)_RASMANCS]
    [-HKEY_LOCAL_MACHINESoftwareWow6432NodeMicrosoftTracingupdateBrowseMark_RASAPI32]
    [-HKEY_LOCAL_MACHINESoftwareWow6432NodeMicrosoftTracingupdateBrowseMark_RASMANCS]
    [-HKEY_LOCAL_MACHINESoftwareWow6432NodeMicrosoftTracingupdateScanTack_RASAPI32]
    [-HKEY_LOCAL_MACHINESoftwareWow6432NodeMicrosoftTracingupdateScanTack_RASMANCS]
    [-HKEY_LOCAL_MACHINESoftwareWpm]

    :files
    C:Program Files (x86)BrowseMark
    C:Program Files (x86)Freeven pro 1.2
    C:Program Files (x86)fst_fr_156
    C:Program Files (x86)MediaPlayerplus
    C:Program Files (x86)mozilla firefoxsearchpluginswebssearches.xml
    C:Program Files (x86)SupTab
    C:Program Files (x86)Uniblue
    C:Program Files (x86)Optimizer Elite Max
    C:Program Files (x86)searchgol
    C:ProgramDataIePluginService
    C:ProgramDataMicrosoftWindowsStart MenuProgramsfree_soft_today
    C:ProgramDataWPM
    C:UsersAude GALINIERAppDataLocalAnyProtectScannerSetup.exe
    C:UsersAude GALINIERAppDataLocalfst_fr_156
    C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultExtensionsdmgpbjjcdccinnndjdgmegndbmhbgglb
    C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultExtensionsmajjphhgppkndjjkmhhnbgafooenebhd
    C:UsersAude GALINIERAppDataLocalSearchProtect
    C:UsersAude GALINIERAppDataLocalspeedial.crx
    C:UsersAude GALINIERAppDataRoamingaps.uninstall.scan.results
    C:UsersAude GALINIERAppDataRoamingcacaoweb
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensions2ab9302c-551a-4804-9971-9932d6d5b0f9@2bfa4cf8-298a-4792-80d5-75352ee81de1.com
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensionsa9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com
    C:UsersAude GALINIERAppDataRoamingsearchgol
    C:UsersAude GALINIERAppDataRoamingsp_data.sys
    C:UsersAude GALINIERAppDataRoamingSupTab
    C:UsersAude GALINIERAppDataRoamingUniblue
    C:UsersAude GALINIERAppDataRoamingVOPackage
    C:UsersAude GALINIERAppDataRoamingwebssearches
    C:Windowstasks10348d99-5fbe-4e76-93c7-38e3385833c9-*.job
    C:WindowstasksAPSnotifierPP*
    C:Windowstasksf08de44e-751a-4092-ad9e-9c9a07ee0606-*.job
    C:WindowstasksMySearchDial.job
    C:WindowstasksSpeedUpMyPC*

    :commands
    [reboot]

    • Lance OTL, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Colle les lignes copier au ci dessus dans la partie inférieure d’OTL “Personnalisation”
    • Clique sur Correction

    • OTL peut te demander de redémarrer, si c’est le cas fait le immédiatement !
    • Une fois le scan terminé 1 rapport va s’ouvrir ¤¤¤¤¤¤¤¤¤¤¤.log.
    • Copie et colle le contenu du rapport sur le forum.

      Note : Au cas où, tu peux les retrouver dans le dossier C:OTL ou sur ton bureau en fonction des cas rencontrés

    2.

    • Télécharge Adwcleaner (de Xplode) sur ton Bureau !
    • Fais clic droit dessus, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista,sinon double-clique pour XP
      1. Choisis l’option Scanner
      2. Choisis l’option Nettoyer
    • Accepte l’avertissement en cliquant sur OK

    • Accepte les avertissements/informations en cliquant sur OK
    • Copie et Colle le contenu du rapport qui apparaît au redémarrage du PC

    3.

    • Désactive ton antivirus
    • Télécharge Shortcut_Module sur ton bureau.

      Note : Enregistrer votre travail avant de continuer !

    • Lance Shortcut_Module,
    • Clic sur Nettoyer

      Note : Patiente le temps du scan

    • Laisse travailler l’outil même s’il te parait bloqué
    • Si l’outil détecte un proxy que tu ne connais pas clic sur : “Supprimer le proxy
    • Héberge le rapport C:Shortcut_Module_date_heure.txt sur https://antimalware.top/” onclick=”window.open(this.href);return false; puis donne le lien obtenu

    4.

    • Télécharge MalwareBytes
    • Procède à l’installation de celui çi Décocher “Activer l’essai gratuit de Malwarebytes Anti-Malware Premium”
    • Clic sur Mettre à jour (à droite, au centre)
    • Clic sur Examen (en haut)
    • Sélectionne Examen “Menaces”
    • Clic sur Examiner maintenant

    • A la fin du scan clic sur Tout mettre en quarantaine !
    • Clic sur Copier dans le Presse-papiers
    • Un rapport va s’ouvrir. Copie/Colle son contenue dans ta prochaine réponse.

    5.

    • Télécharge ZHPDiag (de Nicolas Coolman) sur ton bureau.
    • Installe le logiciel.
    • Lance ZHPDiag, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Clic sur Complet

      Note : Ne pas fermer le programme même si il est indiqué qu’il ne répond plus.

    • Une fois le scan terminé rends toi sur le bureau, le fichier ZHPDiag.txt à été créé.
    • Héberge le rapport ZHPDiag.txt sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum

    Aller, courage ! :)

    aude25
    Participant
    Nombre d'articles : 12

    merci beaucoup!!! et désolé si mon cas vous a prit beaucoup de temps…. :shame:

    Je suis en déplacement quelques jours donc je me pencherai sur la question en revenant. ou si j’ai le temps entre temps.
    encre merci je sens que je vais avoir du pain sur la planche :)

    bonne journée

    Aude

    Anonyme
    Nombre d'articles : 0

    Ok aude, on attend ton retour ;)

    aude25
    Participant
    Nombre d'articles : 12

    oyé oyé! vous allez forcément regretter mon retour.. ci dessous le rapport de la première étape. il est looooooonnnnngggg i’m so sorry..

    [spoiler:qah11ne9]========== OTL ==========
    Process cacaoweb.exe killed successfully!
    Process wprotectmanager.exe killed successfully!
    No active process named upfst_fr_156.exe was found!
    Process fst_fr_156.exe killed successfully!
    Process PluginService.exe killed successfully!
    HKLMSOFTWAREMicrosoftInternet ExplorerMain\Default_Page_URL| /E : value set successfully!
    HKLMSOFTWAREMicrosoftInternet ExplorerMain\Default_Search_URL| /E : value set successfully!
    HKLMSOFTWAREMicrosoftInternet ExplorerMain\Search Page| /E : value set successfully!
    HKLMSOFTWAREMicrosoftInternet ExplorerMain\Start Page| /E : value set successfully!
    64bit-Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerSearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{0633EE93-D776-472f-A0FF-E1416B8B2E3A} not found.
    64bit-Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerSearchScopes{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{33BB0A4E-99AF-4226-BDF6-49120163DE86} not found.
    64bit-Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerSearchScopes{77AA745B-F4F8-45DA-9B14-61D2D95054C8} deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{77AA745B-F4F8-45DA-9B14-61D2D95054C8} not found.
    HKLMSOFTWAREMicrosoftInternet ExplorerMain\Default_Page_URL| /E : value set successfully!
    HKLMSOFTWAREMicrosoftInternet ExplorerMain\Default_Search_URL| /E : value set successfully!
    HKLMSOFTWAREMicrosoftInternet ExplorerMain\Search Page| /E : value set successfully!
    Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerSearchScopes{33BB0A4E-99AF-4226-BDF6-49120163DE86} not found.
    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{33BB0A4E-99AF-4226-BDF6-49120163DE86} not found.
    HKUS-1-5-21-2734083464-1398316719-1191631614-1002SOFTWAREMicrosoftInternet ExplorerMain\bProtector Start Page| /E : value set successfully!
    HKUS-1-5-21-2734083464-1398316719-1191631614-1002SOFTWAREMicrosoftInternet ExplorerMain\Default_Page_URL| /E : value set successfully!
    Registry key HKEY_USERSS-1-5-21-2734083464-1398316719-1191631614-1002SoftwareMicrosoftInternet ExplorerSearchScopes{77AA745B-F4F8-45DA-9B14-61D2D95054C8} not found.
    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{77AA745B-F4F8-45DA-9B14-61D2D95054C8} not found.
    Prefs.js: “webssearches” removed from browser.search.defaultenginename
    Prefs.js: “webssearches” removed from browser.search.selectedEngine
    Prefs.js: “http://istart.webssearches.com/?type=hppp&ts=1398103281&from=tugs&uid=HGSTXHTS541075A9E680_JD110019K8DE1KK8DE1KX” removed from browser.startup.homepage
    Prefs.js: cacaoweb%40cacaoweb.org:1.0.34 removed from extensions.enabledAddons
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensions2ab9302c-551a-4804-9971-9932d6d5b0f9@2bfa4cf8-298a-4792-80d5-75352ee81de1.comskin folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensions2ab9302c-551a-4804-9971-9932d6d5b0f9@2bfa4cf8-298a-4792-80d5-75352ee81de1.comlocaleen-US folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensions2ab9302c-551a-4804-9971-9932d6d5b0f9@2bfa4cf8-298a-4792-80d5-75352ee81de1.comlocale folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensions2ab9302c-551a-4804-9971-9932d6d5b0f9@2bfa4cf8-298a-4792-80d5-75352ee81de1.comextensionDatauserCode folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensions2ab9302c-551a-4804-9971-9932d6d5b0f9@2bfa4cf8-298a-4792-80d5-75352ee81de1.comextensionDataplugins folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensions2ab9302c-551a-4804-9971-9932d6d5b0f9@2bfa4cf8-298a-4792-80d5-75352ee81de1.comextensionData folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensions2ab9302c-551a-4804-9971-9932d6d5b0f9@2bfa4cf8-298a-4792-80d5-75352ee81de1.comdefaultspreferences folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensions2ab9302c-551a-4804-9971-9932d6d5b0f9@2bfa4cf8-298a-4792-80d5-75352ee81de1.comdefaults folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensions2ab9302c-551a-4804-9971-9932d6d5b0f9@2bfa4cf8-298a-4792-80d5-75352ee81de1.comchromecontentcore folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensions2ab9302c-551a-4804-9971-9932d6d5b0f9@2bfa4cf8-298a-4792-80d5-75352ee81de1.comchromecontentapi folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensions2ab9302c-551a-4804-9971-9932d6d5b0f9@2bfa4cf8-298a-4792-80d5-75352ee81de1.comchromecontent folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensions2ab9302c-551a-4804-9971-9932d6d5b0f9@2bfa4cf8-298a-4792-80d5-75352ee81de1.comchrome folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensions2ab9302c-551a-4804-9971-9932d6d5b0f9@2bfa4cf8-298a-4792-80d5-75352ee81de1.com folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensionscacaoweb@cacaoweb.orgdefaultspreferences folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensionscacaoweb@cacaoweb.orgdefaults folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensionscacaoweb@cacaoweb.orgchromeskin folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensionscacaoweb@cacaoweb.orgchromelocalefr-FR folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensionscacaoweb@cacaoweb.orgchromelocalees-ES folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensionscacaoweb@cacaoweb.orgchromelocaleen-US folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensionscacaoweb@cacaoweb.orgchromelocalede-DE folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensionscacaoweb@cacaoweb.orgchromelocale folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensionscacaoweb@cacaoweb.orgchromecontent folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensionscacaoweb@cacaoweb.orgchrome folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensionscacaoweb@cacaoweb.org folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensionsa9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.comskin folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensionsa9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.comlocaleen-US folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensionsa9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.comlocale folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensionsa9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.comextensionDatauserCode folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensionsa9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.comextensionDataplugins folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensionsa9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.comextensionData folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensionsa9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.comdefaultspreferences folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensionsa9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.comdefaults folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensionsa9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.comchromecontentcore folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensionsa9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.comchromecontentapi folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensionsa9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.comchromecontent folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensionsa9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.comchrome folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensionsa9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com folder moved successfully.
    Folder C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensions2ab9302c-551a-4804-9971-9932d6d5b0f9@2bfa4cf8-298a-4792-80d5-75352ee81de1.comextensionData not found.
    Folder C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensions2ab9302c-551a-4804-9971-9932d6d5b0f9@2bfa4cf8-298a-4792-80d5-75352ee81de1.comextensionDataplugins not found.
    Folder C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensions2ab9302c-551a-4804-9971-9932d6d5b0f9@2bfa4cf8-298a-4792-80d5-75352ee81de1.comextensionDatauserCode not found.
    Folder C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensionsa9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.comextensionData not found.
    Folder C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensionsa9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.comextensionDataplugins not found.
    Folder C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensionsa9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.comextensionDatauserCode not found.
    C:Program Files (x86)Mozilla Firefoxsearchpluginswebssearches.xml moved successfully.
    File C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultExtensionsdmgpbjjcdccinnndjdgmegndbmhbgglb1.26.17_0crossrider not found.
    C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultExtensionsdmgpbjjcdccinnndjdgmegndbmhbgglb1.26.17_0jslibpopupResource folder moved successfully.
    C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultExtensionsdmgpbjjcdccinnndjdgmegndbmhbgglb1.26.17_0jslib folder moved successfully.
    C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultExtensionsdmgpbjjcdccinnndjdgmegndbmhbgglb1.26.17_0jsapi folder moved successfully.
    C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultExtensionsdmgpbjjcdccinnndjdgmegndbmhbgglb1.26.17_0js folder moved successfully.
    C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultExtensionsdmgpbjjcdccinnndjdgmegndbmhbgglb1.26.17_0iconsactions folder moved successfully.
    C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultExtensionsdmgpbjjcdccinnndjdgmegndbmhbgglb1.26.17_0icons folder moved successfully.
    C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultExtensionsdmgpbjjcdccinnndjdgmegndbmhbgglb1.26.17_0extensionDatauserCode folder moved successfully.
    C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultExtensionsdmgpbjjcdccinnndjdgmegndbmhbgglb1.26.17_0extensionDataplugins folder moved successfully.
    C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultExtensionsdmgpbjjcdccinnndjdgmegndbmhbgglb1.26.17_0extensionData folder moved successfully.
    C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultExtensionsdmgpbjjcdccinnndjdgmegndbmhbgglb1.26.17_0 folder moved successfully.
    File C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultExtensionsmajjphhgppkndjjkmhhnbgafooenebhd1.26.21_0crossrider not found.
    C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultExtensionsmajjphhgppkndjjkmhhnbgafooenebhd1.26.21_0jslibpopupResource folder moved successfully.
    C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultExtensionsmajjphhgppkndjjkmhhnbgafooenebhd1.26.21_0jslib folder moved successfully.
    C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultExtensionsmajjphhgppkndjjkmhhnbgafooenebhd1.26.21_0jsapi folder moved successfully.
    C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultExtensionsmajjphhgppkndjjkmhhnbgafooenebhd1.26.21_0js folder moved successfully.
    C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultExtensionsmajjphhgppkndjjkmhhnbgafooenebhd1.26.21_0iconsactions folder moved successfully.
    C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultExtensionsmajjphhgppkndjjkmhhnbgafooenebhd1.26.21_0icons folder moved successfully.
    C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultExtensionsmajjphhgppkndjjkmhhnbgafooenebhd1.26.21_0extensionDatauserCode folder moved successfully.
    C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultExtensionsmajjphhgppkndjjkmhhnbgafooenebhd1.26.21_0extensionDataplugins folder moved successfully.
    C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultExtensionsmajjphhgppkndjjkmhhnbgafooenebhd1.26.21_0extensionData folder moved successfully.
    C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultExtensionsmajjphhgppkndjjkmhhnbgafooenebhd1.26.21_0 folder moved successfully.
    Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully.
    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully.
    C:Program Files (x86)SupTabSupTab.dll moved successfully.
    Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{8F547BDD-FCD4-48F8-A06F-573D6F404A3C} deleted successfully.
    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{8F547BDD-FCD4-48F8-A06F-573D6F404A3C} deleted successfully.
    C:Program Files (x86)searchgolsearchgol1.8.16.19bhsearchgol.dll moved successfully.
    Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} deleted successfully.
    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} deleted successfully.
    64bit-Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerToolbar\Locked deleted successfully.
    Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerToolbar\Locked deleted successfully.
    Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun\fst_fr_156 deleted successfully.
    C:Program Files (x86)fst_fr_156fst_fr_156.exe moved successfully.
    Registry value HKEY_USERSS-1-5-21-2734083464-1398316719-1191631614-1002SoftwareMicrosoftWindowsCurrentVersionRun\cacaoweb deleted successfully.
    C:UsersAude GALINIERAppDataRoamingcacaowebcacaoweb.exe moved successfully.
    ========== REGISTRY ==========
    Registry key HKEY_CURRENT_USERSoftware59538dd0e03ebe48 deleted successfully.
    Registry key HKEY_CURRENT_USERSoftwareAnyProtect deleted successfully.
    Registry key HKEY_CURRENT_USERSoftwareAppDataLowSoftwareMediaPlayerplus deleted successfully.
    Registry key HKEY_CURRENT_USERSoftwarecacaoweb deleted successfully.
    Registry key HKEY_CURRENT_USERSoftwarefreesofttoday deleted successfully.
    Registry key HKEY_CURRENT_USERSoftwareGoogleChromeExtensionsiagcajndpnfncplednpbnkahadegklfa deleted successfully.
    Registry key HKEY_CURRENT_USERSoftwareGoogleChromeExtensionspaoponfhfdfnjgddpnpjkambkcgdaaib not found.
    Registry key HKEY_CURRENT_USERSoftwareOptimizer Elite Max deleted successfully.
    Registry key HKEY_CURRENT_USERSoftwaresearchgol deleted successfully.
    Registry key HKEY_CURRENT_USERSoftwareTutoTag deleted successfully.
    Registry key HKEY_LOCAL_MACHINESoftware59538dd0e03ebe48 deleted successfully.
    Registry key HKEY_LOCAL_MACHINESoftwareBunndle deleted successfully.
    Registry key HKEY_LOCAL_MACHINESoftwareClasses.searchConnector-ms deleted successfully.
    Registry key HKEY_LOCAL_MACHINESoftwareClasses.search-ms deleted successfully.
    Registry key HKEY_LOCAL_MACHINESoftwarefree_soft_today deleted successfully.
    Registry key HKEY_LOCAL_MACHINESoftwareFreeven pro 1.2 deleted successfully.
    Registry key HKEY_LOCAL_MACHINESoftwareMediaPlayerplus deleted successfully.
    Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftTracingBrowseMark_RASAPI32 deleted successfully.
    Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftTracingBrowseMark_RASMANCS deleted successfully.
    Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftTracingNewPlayer_RASAPI32 deleted successfully.
    Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftTracingNewPlayer_RASMANCS deleted successfully.
    Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftTracingScanTack_RASAPI32 deleted successfully.
    Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftTracingScanTack_RASMANCS deleted successfully.
    Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftTracingSetup (1)_RASAPI32 deleted successfully.
    Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftTracingSetup (1)_RASMANCS deleted successfully.
    Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftTracingupdateBrowseMark_RASAPI32 deleted successfully.
    Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftTracingupdateBrowseMark_RASMANCS deleted successfully.
    Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftTracingupdateScanTack_RASAPI32 deleted successfully.
    Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftTracingupdateScanTack_RASMANCS deleted successfully.
    Registry key HKEY_LOCAL_MACHINESoftwaresearchgol deleted successfully.
    Registry key HKEY_LOCAL_MACHINESoftwaresupTab deleted successfully.
    Registry key HKEY_LOCAL_MACHINESoftwaresupWPM deleted successfully.
    Registry key HKEY_LOCAL_MACHINESoftwareTutorials deleted successfully.
    Registry key HKEY_LOCAL_MACHINESoftwareUniblue deleted successfully.
    Registry key HKEY_LOCAL_MACHINESoftwarewebssearchesSoftware deleted successfully.
    Registry key HKEY_LOCAL_MACHINESoftwareWow6432NodeGoogleChromeExtensionsaipfmkinhleccnodemkoofnnofpbbpac deleted successfully.
    Registry key HKEY_LOCAL_MACHINESoftwareWow6432NodeGoogleChromeExtensionspelmeidfhdlhlbjimpabfcbnnojbboma deleted successfully.
    Registry key HKEY_LOCAL_MACHINESoftwareWow6432NodeMicrosoftTracingBrowseMark_RASAPI32 not found.
    Registry key HKEY_LOCAL_MACHINESoftwareWow6432NodeMicrosoftTracingBrowseMark_RASMANCS not found.
    Registry key HKEY_LOCAL_MACHINESoftwareWow6432NodeMicrosoftTracingNewPlayer_RASAPI32 not found.
    Registry key HKEY_LOCAL_MACHINESoftwareWow6432NodeMicrosoftTracingNewPlayer_RASMANCS not found.
    Registry key HKEY_LOCAL_MACHINESoftwareWow6432NodeMicrosoftTracingScanTack_RASAPI32 not found.
    Registry key HKEY_LOCAL_MACHINESoftwareWow6432NodeMicrosoftTracingScanTack_RASMANCS not found.
    Registry key HKEY_LOCAL_MACHINESoftwareWow6432NodeMicrosoftTracingSetup (1)_RASAPI32 not found.
    Registry key HKEY_LOCAL_MACHINESoftwareWow6432NodeMicrosoftTracingSetup (1)_RASMANCS not found.
    Registry key HKEY_LOCAL_MACHINESoftwareWow6432NodeMicrosoftTracingupdateBrowseMark_RASAPI32 not found.
    Registry key HKEY_LOCAL_MACHINESoftwareWow6432NodeMicrosoftTracingupdateBrowseMark_RASMANCS not found.
    Registry key HKEY_LOCAL_MACHINESoftwareWow6432NodeMicrosoftTracingupdateScanTack_RASAPI32 not found.
    Registry key HKEY_LOCAL_MACHINESoftwareWow6432NodeMicrosoftTracingupdateScanTack_RASMANCS not found.
    Registry key HKEY_LOCAL_MACHINESoftwareWpm deleted successfully.
    ========== FILES ==========
    C:Program Files (x86)BrowseMark folder moved successfully.
    C:Program Files (x86)Freeven pro 1.2 folder moved successfully.
    C:Program Files (x86)fst_fr_156 folder moved successfully.
    C:Program Files (x86)MediaPlayerplus folder moved successfully.
    FileFolder C:Program Files (x86)mozilla firefoxsearchpluginswebssearches.xml not found.
    C:Program Files (x86)SupTabweb_localeszh-TW folder moved successfully.
    C:Program Files (x86)SupTabweb_localeszh-CN folder moved successfully.
    C:Program Files (x86)SupTabweb_localesvi-VI folder moved successfully.
    C:Program Files (x86)SupTabweb_localestr-TR folder moved successfully.
    C:Program Files (x86)SupTabweb_localesru-MO folder moved successfully.
    C:Program Files (x86)SupTabweb_localesru folder moved successfully.
    C:Program Files (x86)SupTabweb_localespt-BR folder moved successfully.
    C:Program Files (x86)SupTabweb_localespt folder moved successfully.
    C:Program Files (x86)SupTabweb_localespl folder moved successfully.
    C:Program Files (x86)SupTabweb_localesit-IT folder moved successfully.
    C:Program Files (x86)SupTabweb_localesit-CH folder moved successfully.
    C:Program Files (x86)SupTabweb_localesfr-LU folder moved successfully.
    C:Program Files (x86)SupTabweb_localesfr-FR folder moved successfully.
    C:Program Files (x86)SupTabweb_localesfr-CH folder moved successfully.
    C:Program Files (x86)SupTabweb_localesfr-CA folder moved successfully.
    C:Program Files (x86)SupTabweb_localesfr-BE folder moved successfully.
    C:Program Files (x86)SupTabweb_localeses-ES folder moved successfully.
    C:Program Files (x86)SupTabweb_localeses-419 folder moved successfully.
    C:Program Files (x86)SupTabweb_localesen-US folder moved successfully.
    C:Program Files (x86)SupTabweb_locales folder moved successfully.
    C:Program Files (x86)SupTabwebjs folder moved successfully.
    C:Program Files (x86)SupTabwebimgweather folder moved successfully.
    C:Program Files (x86)SupTabwebimg folder moved successfully.
    C:Program Files (x86)SupTabweb folder moved successfully.
    C:Program Files (x86)SupTab folder moved successfully.
    C:Program Files (x86)UniblueSpeedUpMyPCx86 folder moved successfully.
    C:Program Files (x86)UniblueSpeedUpMyPCThird-party Terms folder moved successfully.
    C:Program Files (x86)UniblueSpeedUpMyPCMicrosoft.VC90.CRT folder moved successfully.
    C:Program Files (x86)UniblueSpeedUpMyPClocales folder moved successfully.
    C:Program Files (x86)UniblueSpeedUpMyPClocalesvLC_MESSAGES folder moved successfully.
    C:Program Files (x86)UniblueSpeedUpMyPClocalesv folder moved successfully.
    C:Program Files (x86)UniblueSpeedUpMyPClocaleruLC_MESSAGES folder moved successfully.
    C:Program Files (x86)UniblueSpeedUpMyPClocaleru folder moved successfully.
    C:Program Files (x86)UniblueSpeedUpMyPClocalept_BRLC_MESSAGES folder moved successfully.
    C:Program Files (x86)UniblueSpeedUpMyPClocalept_BR folder moved successfully.
    C:Program Files (x86)UniblueSpeedUpMyPClocalenoLC_MESSAGES folder moved successfully.
    C:Program Files (x86)UniblueSpeedUpMyPClocaleno folder moved successfully.
    C:Program Files (x86)UniblueSpeedUpMyPClocalenlLC_MESSAGES folder moved successfully.
    C:Program Files (x86)UniblueSpeedUpMyPClocalenl folder moved successfully.
    C:Program Files (x86)UniblueSpeedUpMyPClocalejaLC_MESSAGES folder moved successfully.
    C:Program Files (x86)UniblueSpeedUpMyPClocaleja folder moved successfully.
    C:Program Files (x86)UniblueSpeedUpMyPClocaleitLC_MESSAGES folder moved successfully.
    C:Program Files (x86)UniblueSpeedUpMyPClocaleit folder moved successfully.
    C:Program Files (x86)UniblueSpeedUpMyPClocalefrLC_MESSAGES folder moved successfully.
    C:Program Files (x86)UniblueSpeedUpMyPClocalefr folder moved successfully.
    C:Program Files (x86)UniblueSpeedUpMyPClocalefiLC_MESSAGES folder moved successfully.
    C:Program Files (x86)UniblueSpeedUpMyPClocalefi folder moved successfully.
    C:Program Files (x86)UniblueSpeedUpMyPClocaleesLC_MESSAGES folder moved successfully.
    C:Program Files (x86)UniblueSpeedUpMyPClocalees folder moved successfully.
    C:Program Files (x86)UniblueSpeedUpMyPClocaleenLC_MESSAGES folder moved successfully.
    C:Program Files (x86)UniblueSpeedUpMyPClocaleen folder moved successfully.
    C:Program Files (x86)UniblueSpeedUpMyPClocaledeLC_MESSAGES folder moved successfully.
    C:Program Files (x86)UniblueSpeedUpMyPClocalede folder moved successfully.
    C:Program Files (x86)UniblueSpeedUpMyPClocaledaLC_MESSAGES folder moved successfully.
    C:Program Files (x86)UniblueSpeedUpMyPClocaleda folder moved successfully.
    C:Program Files (x86)UniblueSpeedUpMyPClocale folder moved successfully.
    C:Program Files (x86)UniblueSpeedUpMyPCfonts folder moved successfully.
    C:Program Files (x86)UniblueSpeedUpMyPC folder moved successfully.
    C:Program Files (x86)Uniblue folder moved successfully.
    C:Program Files (x86)Optimizer Elite MaxHelp folder moved successfully.
    C:Program Files (x86)Optimizer Elite Max folder moved successfully.
    C:Program Files (x86)searchgolsearchgol1.8.16.19bh folder moved successfully.
    C:Program Files (x86)searchgolsearchgol1.8.16.19 folder moved successfully.
    C:Program Files (x86)searchgolsearchgol folder moved successfully.
    C:Program Files (x86)searchgol folder moved successfully.
    C:ProgramDataIePluginServiceupdate folder moved successfully.
    C:ProgramDataIePluginService folder moved successfully.
    C:ProgramDataMicrosoftWindowsStart MenuProgramsfree_soft_today folder moved successfully.
    C:ProgramDataWPMupdate folder moved successfully.
    C:ProgramDataWPMlog folder moved successfully.
    C:ProgramDataWPM folder moved successfully.
    C:UsersAude GALINIERAppDataLocalAnyProtectScannerSetup.exe moved successfully.
    C:UsersAude GALINIERAppDataLocalfst_fr_156fst_fr_1561.10 folder moved successfully.
    C:UsersAude GALINIERAppDataLocalfst_fr_156fst_fr_156 folder moved successfully.
    C:UsersAude GALINIERAppDataLocalfst_fr_156Download folder moved successfully.
    C:UsersAude GALINIERAppDataLocalfst_fr_156 folder moved successfully.
    C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultExtensionsdmgpbjjcdccinnndjdgmegndbmhbgglb folder moved successfully.
    C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultExtensionsmajjphhgppkndjjkmhhnbgafooenebhd folder moved successfully.
    C:UsersAude GALINIERAppDataLocalSearchProtectLogs folder moved successfully.
    C:UsersAude GALINIERAppDataLocalSearchProtect folder moved successfully.
    C:UsersAude GALINIERAppDataLocalspeedial.crx moved successfully.
    C:UsersAude GALINIERAppDataRoamingaps.uninstall.scan.results moved successfully.
    C:UsersAude GALINIERAppDataRoamingcacaoweb folder moved successfully.
    FileFolder C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensions2ab9302c-551a-4804-9971-9932d6d5b0f9@2bfa4cf8-298a-4792-80d5-75352ee81de1.com not found.
    FileFolder C:UsersAude GALINIERAppDataRoamingmozillaFirefoxProfilesogr44mkg.defaultextensionsa9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com not found.
    C:UsersAude GALINIERAppDataRoamingsearchgol folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingsp_data.sys moved successfully.
    C:UsersAude GALINIERAppDataRoamingSupTab folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingUniblueSpeedUpMyPCtemp folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingUniblueSpeedUpMyPCbanners folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingUniblueSpeedUpMyPC folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingUniblue folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingVOPackage folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingwebssearchesimages folder moved successfully.
    C:UsersAude GALINIERAppDataRoamingwebssearches folder moved successfully.
    C:Windowstasks10348d99-5fbe-4e76-93c7-38e3385833c9-3.job moved successfully.
    C:Windowstasks10348d99-5fbe-4e76-93c7-38e3385833c9-4.job moved successfully.
    C:Windowstasks10348d99-5fbe-4e76-93c7-38e3385833c9-5.job moved successfully.
    C:WindowstasksAPSnotifierPP1.job moved successfully.
    C:WindowstasksAPSnotifierPP2.job moved successfully.
    C:WindowstasksAPSnotifierPP3.job moved successfully.
    C:Windowstasksf08de44e-751a-4092-ad9e-9c9a07ee0606-1.job moved successfully.
    C:Windowstasksf08de44e-751a-4092-ad9e-9c9a07ee0606-3.job moved successfully.
    C:Windowstasksf08de44e-751a-4092-ad9e-9c9a07ee0606-4.job moved successfully.
    C:Windowstasksf08de44e-751a-4092-ad9e-9c9a07ee0606-5.job moved successfully.
    C:WindowstasksMySearchDial.job moved successfully.
    C:WindowstasksSpeedUpMyPC Maintenance.job moved successfully.
    C:WindowstasksSpeedUpMyPC Startup.job moved successfully.
    ========== COMMANDS ==========

    OTL by OldTimer – Version 3.2.69.0 log created on 04252014_175122[/spoiler:qah11ne9]

    aude25
    Participant
    Nombre d'articles : 12

    ci dessous le rapport de l’étape 2. vous pouvez toujours m’envoyer chier au pire :)

    [spoiler:271vkj54]# AdwCleaner v3.202 – Rapport créé le 25/04/2014 à 18:10:30
    # Mis à jour le 23/04/2014 par Xplode
    # Système d'exploitation : Windows 8 (64 bits)
    # Nom d'utilisateur : Aude GALINIER – AUDE
    # Exécuté depuis : C:UsersAude GALINIERDownloadsadwcleaner.exe
    # Option : Nettoyer

    ***** [ Services ] *****

    [#] Service Supprimé : BackupStack
    [#] Service Supprimé : IePluginService
    Service Supprimé : LPTSystemUpdater
    [#] Service Supprimé : Update BrowseMark
    [#] Service Supprimé : Wpm

    ***** [ Fichiers / Dossiers ] *****

    Dossier Supprimé : C:ProgramDataActiveris
    Dossier Supprimé : C:ProgramDataMicrosoftWindowsStart MenuProgramsOptimizer Elite Max
    Dossier Supprimé : C:Program Files (x86)LPT
    Dossier Supprimé : C:Program Files (x86)MyPC Backup
    Dossier Supprimé : C:Program Files (x86)Uninstaller
    Dossier Supprimé : C:UsersAUDEGA~1AppDataLocalTempapn
    Dossier Supprimé : C:UsersAUDEGA~1AppDataLocalTempBrowseMark
    Dossier Supprimé : C:UsersAUDEGA~1AppDataLocalTempmt_ffx
    Dossier Supprimé : C:UsersAUDEGA~1AppDataLocalTempSmartbar
    Dossier Supprimé : C:UsersAude GALINIERAppDataLocalLPT
    Dossier Supprimé : C:UsersAude GALINIERAppDataLocalNativeMessaging
    Dossier Supprimé : C:UsersAude GALINIERAppDataLocalSmartbar
    Dossier Supprimé : C:UsersAude GALINIERAppDataLocalTBHostSupport
    Dossier Supprimé : C:UsersAude GALINIERAppDataLocalWhiteListing
    Dossier Supprimé : C:UsersAude GALINIERAppDataLocalLowsearchgol
    Dossier Supprimé : C:UsersAude GALINIERAppDataRoamingActiveris
    Dossier Supprimé : C:UsersAude GALINIERAppDataRoamingOptimizer Elite Max
    Dossier Supprimé : C:UsersAude GALINIERAppDataRoamingMicrosoftWindowsStart MenuProgramsMyPC Backup
    Dossier Supprimé : C:UsersAude GALINIERAppDataRoamingMicrosoftWindowsStart MenuProgramsVOPackage
    Dossier Supprimé : C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultExtensionsbopakagnckmlgajfccecajhnimjiiedh
    Fichier Supprimé : C:END
    Fichier Supprimé : C:UsersAude GALINIERAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupMyPC Backup.lnk
    Fichier Supprimé : C:UsersAude GALINIERDesktopMyPC Backup.lnk
    Fichier Supprimé : C:UsersAude GALINIERAppDataRoamingMozillaFirefoxProfilesogr44mkg.defaultinvalidprefs.js
    Fichier Supprimé : C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultExtensionsnewtabv3.crx
    Fichier Supprimé : C:WindowsSystem32TasksAPSnotifierPP1
    Fichier Supprimé : C:WindowsSystem32TasksAPSnotifierPP2
    Fichier Supprimé : C:WindowsSystem32TasksAPSnotifierPP3
    Fichier Supprimé : C:WindowsSystem32TasksBitGuard
    Fichier Supprimé : C:WindowsSystem32TasksMySearchDial
    Fichier Supprimé : C:WindowsSystem32TasksSpeedUpMyPC Maintenance
    Fichier Supprimé : C:WindowsSystem32TasksSpeedUpMyPC Startup

    ***** [ Raccourcis ] *****

    Raccourci Désinfecté : C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle ChromeGoogle Chrome.lnk
    Raccourci Désinfecté : C:UsersAude GALINIERAppDataRoamingMicrosoftInternet ExplorerQuick LaunchGoogle Chrome.lnk
    Raccourci Désinfecté : C:UsersAude GALINIERAppDataRoamingMicrosoftInternet ExplorerQuick LaunchLaunch Internet Explorer Browser.lnk
    Raccourci Désinfecté : C:UsersAude GALINIERAppDataRoamingMicrosoftInternet ExplorerQuick LaunchUser PinnedTaskBarGoogle Chrome (2).lnk
    Raccourci Désinfecté : C:UsersAude GALINIERAppDataRoamingMicrosoftInternet ExplorerQuick LaunchUser PinnedTaskBarGoogle Chrome.lnk

    ***** [ Registre ] *****

    Clé Supprimée : HKLMSOFTWAREGoogleChromeExtensionsbopakagnckmlgajfccecajhnimjiiedh
    Clé Supprimée : HKLMSOFTWAREGoogleChromeExtensionsiagcajndpnfncplednpbnkahadegklfa
    Clé Supprimée : [x64] HKLMSOFTWAREGoogleChromeExtensionsiagcajndpnfncplednpbnkahadegklfa
    Valeur Supprimée : HKCUSoftwareMicrosoftInternet ExplorerMain [bprotector start page]
    Valeur Supprimée : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes [bProtectorDefaultScope]
    Valeur Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionRun [Browser Infrastructure Helper]
    Clé Supprimée : HKLMSOFTWAREClassesesrv.searchgolESrvc
    Clé Supprimée : HKLMSOFTWAREClassesesrv.searchgolESrvc.1
    Clé Supprimée : HKLMSOFTWAREClassesiesmartbar.bandobjectattribute
    Clé Supprimée : HKLMSOFTWAREClassesiesmartbar.bho
    Clé Supprimée : HKLMSOFTWAREClassesiesmartbar.dockingpanel
    Clé Supprimée : HKLMSOFTWAREClassesiesmartbar.iesmartbar
    Clé Supprimée : HKLMSOFTWAREClassesiesmartbar.iesmartbarbandobject
    Clé Supprimée : HKLMSOFTWAREClassesiesmartbar.smartbardisplaystate
    Clé Supprimée : HKLMSOFTWAREClassesiesmartbar.smartbarmenuform
    Clé Supprimée : HKLMSOFTWAREClassessearchgol.searchgolappCore
    Clé Supprimée : HKLMSOFTWAREClassessearchgol.searchgolappCore.1
    Clé Supprimée : HKLMSOFTWAREClassessearchgol.searchgoldskBnd
    Clé Supprimée : HKLMSOFTWAREClassessearchgol.searchgoldskBnd.1
    Clé Supprimée : HKLMSOFTWAREClassessearchgol.searchgolHlpr
    Clé Supprimée : HKLMSOFTWAREClassessearchgol.searchgolHlpr.1
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingsmartbar_rasapi32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingsmartbar_rasmancs
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingspeedupmypc_RASAPI32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingspeedupmypc_RASMANCS
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionApp Pathsmypc backup
    Clé Supprimée : HKLMSOFTWAREClassesAppID{88AF4F6A-C6B7-4229-9275-824E98BF97F9}
    Clé Supprimée : HKLMSOFTWAREClassesAppID{C292AD0A-C11F-479B-B8DB-743E72D283B0}
    Clé Supprimée : HKLMSOFTWAREClassesAppID{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{00078E95-3A4A-4137-8DE7-2824908D1C17}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{3004627E-F8E9-4E8B-909D-316753CBA923}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{56561B2A-FB5D-363A-9631-4C03D6054209}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{840A13FF-B464-4782-9C96-AAF3092E55DD}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{A717364F-69F3-3A24-ADD5-3901A57F880E}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{CCB08265-B35D-30B2-A6AF-6986CA957358}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{CD92622E-49B9-33B7-98D1-EC51049457D7}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{D8E43B96-EB46-4820-92B7-232AEB735685}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{E041E037-FA4B-364A-B440-7A1051EA0301}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{0400EBCA-042C-4000-AA89-9713FBEDB671}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{0BD19251-4B4B-4B94-AB16-617106245BB7}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{3860D897-7DCD-473C-9744-B21DB133AB20}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{44B29DDD-CF7A-454A-A275-A322A398D93F}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{917CAAE9-DD47-4025-936E-1414F07DF5B8}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{B2DB115C-8278-4947-9A07-57B53D1C4215}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{B97FC455-DB33-431D-84DB-6F1514110BD5}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{E72E9312-0367-4216-BFC7-21485FA8390B}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
    Clé Supprimée : HKLMSOFTWAREClassesTypeLib{105F25A9-C42F-48A6-998D-0494E8AE336A}
    Clé Supprimée : HKLMSOFTWAREClassesTypeLib{88AF4F6A-C6B7-4229-9275-824E98BF97F9}
    Clé Supprimée : HKLMSOFTWAREClassesTypeLib{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
    Clé Supprimée : HKLMSOFTWAREClassesTypeLib{C292AD0A-C11F-479B-B8DB-743E72D283B0}
    Clé Supprimée : HKLMSOFTWAREClassesTypeLib{FBC322D5-407E-4854-8C0B-555B951FD8E3}
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{00078E95-3A4A-4137-8DE7-2824908D1C17}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{8F547BDD-FCD4-48F8-A06F-573D6F404A3C}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{00078E95-3A4A-4137-8DE7-2824908D1C17}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{8F547BDD-FCD4-48F8-A06F-573D6F404A3C}
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
    Clé Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
    Clé Supprimée : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{006EE092-9658-4FD6-BD8E-A21A348E59F5}
    Clé Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes{006EE092-9658-4FD6-BD8E-A21A348E59F5}
    Valeur Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerToolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
    Clé Supprimée : [x64] HKLMSOFTWAREClassesCLSID{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesCLSID{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesCLSID{56561B2A-FB5D-363A-9631-4C03D6054209}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesCLSID{A717364F-69F3-3A24-ADD5-3901A57F880E}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesCLSID{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesCLSID{CCB08265-B35D-30B2-A6AF-6986CA957358}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesCLSID{CD92622E-49B9-33B7-98D1-EC51049457D7}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesCLSID{E041E037-FA4B-364A-B440-7A1051EA0301}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{0400EBCA-042C-4000-AA89-9713FBEDB671}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{0BD19251-4B4B-4B94-AB16-617106245BB7}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{3860D897-7DCD-473C-9744-B21DB133AB20}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{44B29DDD-CF7A-454A-A275-A322A398D93F}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{917CAAE9-DD47-4025-936E-1414F07DF5B8}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{B2DB115C-8278-4947-9A07-57B53D1C4215}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{B97FC455-DB33-431D-84DB-6F1514110BD5}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{E72E9312-0367-4216-BFC7-21485FA8390B}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
    Clé Supprimée : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
    Clé Supprimée : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
    Valeur Supprimée : [x64] HKLMSOFTWAREMicrosoftInternet ExplorerToolbar [{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}]
    Valeur Supprimée : [x64] HKLMSOFTWAREMicrosoftInternet ExplorerToolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
    Donnée Restaurée : HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetIEXPLORE.EXEshellopencommand
    Clé Supprimée : HKCUSoftwareinstalledbrowserextensions
    Clé Supprimée : HKCUSoftwareSmartBar
    Clé Supprimée : HKCUSoftwaresmartbarbackup
    Clé Supprimée : HKCUSoftwaresmartbarlog
    Clé Supprimée : HKCUSoftwareTutorials
    Clé Supprimée : HKLMSoftwareinstalledbrowserextensions
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstall{AC6E9B2A-A7E6-4B17-8A6C-29D519673E12}
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstall{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallVOPackage
    Clé Supprimée : [x64] HKLMSOFTWAREinstalledbrowserextensions
    Clé Supprimée : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallMyPC Backup
    Donnée Supprimée : [x64] HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWindows [AppInit_DLLs] – c:progra~3bitguard271769~1.27{c16c1~1loader.dll

    ***** [ Navigateurs ] *****

    -\ Internet Explorer v10.0.9200.16843

    Paramètre Restauré : HKCUSoftwareMicrosoftInternet ExplorerMain [Search Page]
    Paramètre Restauré : HKCUSoftwareMicrosoftInternet ExplorerMain [Start Page]
    Paramètre Restauré : HKCUSoftwareMicrosoftInternet ExplorerMain [Search Bar]
    Paramètre Restauré : HKCUSoftwareMicrosoftInternet ExplorerSearch [Default_Search_URL]
    Paramètre Restauré : HKCUSoftwareMicrosoftInternet ExplorerSearch [SearchAssistant]
    Paramètre Restauré : HKCUSoftwareMicrosoftInternet ExplorerSearchUrl [Default]
    Paramètre Restauré : HKLMSOFTWAREMicrosoftInternet ExplorerSearchUrl [Default]

    -\ Mozilla Firefox v28.0 (fr)

    [ Fichier : C:UsersAude GALINIERAppDataRoamingMozillaFirefoxProfilesogr44mkg.defaultprefs.js ]

    Ligne Supprimée : user_pref(“browser.newtab.url”, “hxxp://feed.snapdo.com/?publisher=ShoppingHelper&dpid=OB_PubID_CH&co=FR&userid=a32b1215-bc4b-eec7-14fb-c5df352e03a0&searchtype=nt&installDate={installDate}&barcode[…]
    Ligne Supprimée : user_pref(“browser.startup.homepage”, “hxxp://istart.webssearches.com/?type=hppp&ts=1398117333&from=tugs&uid=HGSTXHTS541075A9E680_JD110019K8DE1KK8DE1KX”);

    -\ Google Chrome v34.0.1847.116

    [ Fichier : C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultpreferences ]

    Supprimée [Startup_urls] : hxxp://istart.webssearches.com/?type=hppp&ts=1398441041&from=tugs&uid=HGSTXHTS541075A9E680_JD110019K8DE1KK8DE1KX” onclick=”window.open(this.href);return false;
    Supprimée [Homepage] : hxxp://istart.webssearches.com/?type=hppp&ts=1398441041&from=tugs&uid=HGSTXHTS541075A9E680_JD110019K8DE1KK8DE1KX” onclick=”window.open(this.href);return false;
    Supprimée [Extension] : aipfmkinhleccnodemkoofnnofpbbpac
    Supprimée [Extension] : bopakagnckmlgajfccecajhnimjiiedh
    Supprimée [Extension] : dmgpbjjcdccinnndjdgmegndbmhbgglb
    Supprimée [Extension] : iagcajndpnfncplednpbnkahadegklfa
    Supprimée [Extension] : majjphhgppkndjjkmhhnbgafooenebhd
    Supprimée [Extension] : paoponfhfdfnjgddpnpjkambkcgdaaib
    Supprimée [Extension] : pelmeidfhdlhlbjimpabfcbnnojbboma

    *************************

    AdwCleaner[R0].txt – [18578 octets] – [25/04/2014 18:08:29]
    AdwCleaner[S0].txt – [15503 octets] – [25/04/2014 18:10:30]

    ########## EOF – C:AdwCleanerAdwCleaner[S0].txt – [15564 octets] ##########[/spoiler:271vkj54]

    aude25
    Participant
    Nombre d'articles : 12

    lien étape 3

    http://cjoint.com/data3/3Dztc6wvCK3.htm” onclick=”window.open(this.href);return false;

    aude25
    Participant
    Nombre d'articles : 12

    rapport étape 4 :cry:

    [spoiler:26unxmrc]Malwarebytes Anti-Malware
    http://www.malwarebytes.org” onclick=”window.open(this.href);return false;

    Scan Date: 25/04/2014
    Scan Time: 19:24:34
    Logfile: antimalware.txt
    Administrator: Yes

    Version: 2.00.1.1004
    Malware Database: v2014.04.25.09
    Rootkit Database: v2014.03.27.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Chameleon: Disabled

    OS: Windows 8
    CPU: x64
    File System: NTFS
    User: Aude GALINIER

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 276796
    Time Elapsed: 15 min, 29 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Shuriken: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 24
    PUP.Optional.SearchGolTB.A, HKLMSOFTWARECLASSESINTERFACE{4B62762D-AA67-4312-A5BF-91BCB7A4720A}, Quarantined, [becf141aeb903ff795bfd37ee71b6c94],
    PUP.Optional.SearchGolTB.A, HKLMSOFTWARECLASSESTypeLib{105F25A9-C42F-48A6-998D-0494E8AE336A}, Quarantined, [94f9d35bdc9fc175c88c034e877be917],
    PUP.Optional.SearchGolTB.A, HKLMSOFTWARECLASSESINTERFACE{506DD7C6-B05D-43CE-81FF-AA05E11DBDFD}, Quarantined, [94f9d35bdc9fc175c88c034e877be917],
    PUP.Optional.SearchGolTB.A, HKLMSOFTWARECLASSESINTERFACE{6D3C9858-2674-46E1-9112-107340758481}, Quarantined, [94f9d35bdc9fc175c88c034e877be917],
    PUP.Optional.SearchGolTB.A, HKLMSOFTWARECLASSESINTERFACE{909112FE-C4A2-4990-A499-E58867D55B15}, Quarantined, [94f9d35bdc9fc175c88c034e877be917],
    PUP.Optional.SearchGolTB.A, HKLMSOFTWARECLASSESINTERFACE{9BEEB5A2-8B02-465A-904D-FE5A447F59EB}, Quarantined, [94f9d35bdc9fc175c88c034e877be917],
    PUP.Optional.SearchGolTB.A, HKLMSOFTWARECLASSESINTERFACE{B618C19D-A418-4586-80C6-09DBDA9C748E}, Quarantined, [94f9d35bdc9fc175c88c034e877be917],
    PUP.Optional.SearchGolTB.A, HKLMSOFTWARECLASSESINTERFACE{B68B00A0-95B9-4162-BA45-7A1113317DA9}, Quarantined, [94f9d35bdc9fc175c88c034e877be917],
    PUP.Optional.SearchGolTB.A, HKLMSOFTWARECLASSESINTERFACE{BFE45A8B-650C-4E99-A3F4-CC6A2874893B}, Quarantined, [94f9d35bdc9fc175c88c034e877be917],
    PUP.Optional.SearchGolTB.A, HKLMSOFTWARECLASSESINTERFACE{E413D78F-283C-45F1-9992-8EF7D55A4933}, Quarantined, [94f9d35bdc9fc175c88c034e877be917],
    PUP.Optional.SearchGolTB.A, HKLMSOFTWARECLASSESINTERFACE{E7C2FDF1-1635-41B4-8207-C1684B6807D7}, Quarantined, [94f9d35bdc9fc175c88c034e877be917],
    PUP.Optional.SearchGolTB.A, HKLMSOFTWARECLASSESINTERFACE{F9F5A267-FA5A-4CA3-8BE5-4C1EEAD01011}, Quarantined, [94f9d35bdc9fc175c88c034e877be917],
    PUP.Optional.SearchGolTB.A, HKLMSOFTWAREWOW6432NODECLASSESINTERFACE{4B62762D-AA67-4312-A5BF-91BCB7A4720A}, Quarantined, [94f9d35bdc9fc175c88c034e877be917],
    PUP.Optional.SearchGolTB.A, HKLMSOFTWAREWOW6432NODECLASSESINTERFACE{506DD7C6-B05D-43CE-81FF-AA05E11DBDFD}, Quarantined, [94f9d35bdc9fc175c88c034e877be917],
    PUP.Optional.SearchGolTB.A, HKLMSOFTWAREWOW6432NODECLASSESINTERFACE{6D3C9858-2674-46E1-9112-107340758481}, Quarantined, [94f9d35bdc9fc175c88c034e877be917],
    PUP.Optional.SearchGolTB.A, HKLMSOFTWAREWOW6432NODECLASSESINTERFACE{909112FE-C4A2-4990-A499-E58867D55B15}, Quarantined, [94f9d35bdc9fc175c88c034e877be917],
    PUP.Optional.SearchGolTB.A, HKLMSOFTWAREWOW6432NODECLASSESINTERFACE{9BEEB5A2-8B02-465A-904D-FE5A447F59EB}, Quarantined, [94f9d35bdc9fc175c88c034e877be917],
    PUP.Optional.SearchGolTB.A, HKLMSOFTWAREWOW6432NODECLASSESINTERFACE{B618C19D-A418-4586-80C6-09DBDA9C748E}, Quarantined, [94f9d35bdc9fc175c88c034e877be917],
    PUP.Optional.SearchGolTB.A, HKLMSOFTWAREWOW6432NODECLASSESINTERFACE{B68B00A0-95B9-4162-BA45-7A1113317DA9}, Quarantined, [94f9d35bdc9fc175c88c034e877be917],
    PUP.Optional.SearchGolTB.A, HKLMSOFTWAREWOW6432NODECLASSESINTERFACE{BFE45A8B-650C-4E99-A3F4-CC6A2874893B}, Quarantined, [94f9d35bdc9fc175c88c034e877be917],
    PUP.Optional.SearchGolTB.A, HKLMSOFTWAREWOW6432NODECLASSESINTERFACE{E413D78F-283C-45F1-9992-8EF7D55A4933}, Quarantined, [94f9d35bdc9fc175c88c034e877be917],
    PUP.Optional.SearchGolTB.A, HKLMSOFTWAREWOW6432NODECLASSESINTERFACE{E7C2FDF1-1635-41B4-8207-C1684B6807D7}, Quarantined, [94f9d35bdc9fc175c88c034e877be917],
    PUP.Optional.SearchGolTB.A, HKLMSOFTWAREWOW6432NODECLASSESINTERFACE{F9F5A267-FA5A-4CA3-8BE5-4C1EEAD01011}, Quarantined, [94f9d35bdc9fc175c88c034e877be917],
    PUP.Optional.SearchGolTB.A, HKLMSOFTWAREWOW6432NODECLASSESTypeLib{105F25A9-C42F-48A6-998D-0494E8AE336A}, Quarantined, [9af36bc34833ba7c23310a47fa08cd33],

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 7
    PUP.Optional.Qone8, HKLMSOFTWAREMICROSOFTINTERNET EXPLORERSEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[6a2395993d3e90a6e549250b2cd88b75]
    PUP.Optional.Snapdo, HKUS-1-5-21-2734083464-1398316719-1191631614-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWAREMICROSOFTINTERNET EXPLORERMAIN|Search Page, http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZLPTi8JOzLs49cNRzh3I-6bBgQZQhc0wmbrgn5-trPydtzoyz94FxSeAU18LRax_yDm0Y_XxuekdKVylN__eyu2di8aZmxCZnI3pjp528D0fUjt3G_LPJs15f2YIkBmv_ta4UnWJ_3-Xg,,&q=” onclick=”window.open(this.href);return false;{searchTerms}, Good: (http://www.google.com), Bad: (http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZLPTi8JOzLs49cNRzh3I-6bBgQZQhc0wmbrgn5-trPydtzoyz94FxSeAU18LRax_yDm0Y_XxuekdKVylN__eyu2di8aZmxCZnI3pjp528D0fUjt3G_LPJs15f2YIkBmv_ta4UnWJ_3-Xg,,&q={searchTerms}),Replaced,[2865101e0e6d92a4435ba38c01035ba5]
    PUP.Optional.Snapdo, HKUS-1-5-21-2734083464-1398316719-1191631614-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWAREMICROSOFTINTERNET EXPLORERMAIN|Start Page, http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZLPTi8JOzLs49cNRzh3I-6bBgQZQhc0wmbrgn5-trPydtzoyz94FxSeAU18LRax_yDm0Y_XxuekdKV-Ss4zb7oM5q4oy0NzZmyUkKNB6EqnY0c4s4bQiwskQSeWI-lSOudEzYJjWsvM2Q,,” onclick=”window.open(this.href);return false;, Good: (http://www.google.com), Bad: (http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZLPTi8JOzLs49cNRzh3I-6bBgQZQhc0wmbrgn5-trPydtzoyz94FxSeAU18LRax_yDm0Y_XxuekdKV-Ss4zb7oM5q4oy0NzZmyUkKNB6EqnY0c4s4bQiwskQSeWI-lSOudEzYJjWsvM2Q,,),Replaced,[93fa280683f85bdb5b441a152fd5639d]
    PUP.Optional.Snapdo, HKUS-1-5-21-2734083464-1398316719-1191631614-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWAREMICROSOFTINTERNET EXPLORERMAIN|Search Bar, http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZLPTi8JOzLs49cNRzh3I-6bBgQZQhc0wmbrgn5-trPydtzoyz94FxSeAU18LRax_yDm0Y_XxuekdKVylN__eyu2di8aZmxCZnI3pjp528D0fUjt3G_LPJs15f2YIkBmv_ta4UnWJ_3-Xg,,&q=” onclick=”window.open(this.href);return false;{searchTerms}, Good: (http://www.google.com), Bad: (http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZLPTi8JOzLs49cNRzh3I-6bBgQZQhc0wmbrgn5-trPydtzoyz94FxSeAU18LRax_yDm0Y_XxuekdKVylN__eyu2di8aZmxCZnI3pjp528D0fUjt3G_LPJs15f2YIkBmv_ta4UnWJ_3-Xg,,&q={searchTerms}),Replaced,[5b32bd71f08bdd591f7e53dc8f757f81]
    PUP.Optional.Snapdo, HKUS-1-5-21-2734083464-1398316719-1191631614-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWAREMICROSOFTINTERNET EXPLORERSEARCH|Default_Search_URL, http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZLPTi8JOzLs49cNRzh3I-6bBgQZQhc0wmbrgn5-trPydtzoyz94FxSeAU18LRax_yDm0Y_XxuekdKVylN__eyu2di8aZmxCZnI3pjp528D0fUjt3G_LPJs15f2YIkBmv_ta4UnWJ_3-Xg,,&q=” onclick=”window.open(this.href);return false;{searchTerms}, Good: (http://www.google.com), Bad: (http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZLPTi8JOzLs49cNRzh3I-6bBgQZQhc0wmbrgn5-trPydtzoyz94FxSeAU18LRax_yDm0Y_XxuekdKVylN__eyu2di8aZmxCZnI3pjp528D0fUjt3G_LPJs15f2YIkBmv_ta4UnWJ_3-Xg,,&q={searchTerms}),Replaced,[0687a9858dee94a2653b8aa5768ea55b]
    PUP.Optional.Snapdo, HKUS-1-5-21-2734083464-1398316719-1191631614-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWAREMICROSOFTINTERNET EXPLORERSEARCH|SearchAssistant, http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZLPTi8JOzLs49cNRzh3I-6bBgQZQhc0wmbrgn5-trPydtzoyz94FxSeAU18LRax_yDm0Y_XxuekdKVylN__eyu2di8aZmxCZnI3pjp528D0fUjt3G_LPJs15f2YIkBmv_ta4UnWJ_3-Xg,,&q=” onclick=”window.open(this.href);return false;{searchTerms}, Good: (http://www.google.com), Bad: (http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZLPTi8JOzLs49cNRzh3I-6bBgQZQhc0wmbrgn5-trPydtzoyz94FxSeAU18LRax_yDm0Y_XxuekdKVylN__eyu2di8aZmxCZnI3pjp528D0fUjt3G_LPJs15f2YIkBmv_ta4UnWJ_3-Xg,,&q={searchTerms}),Replaced,[424b2509cbb0af87346d88a7f90b2dd3]
    PUP.Optional.SnapDo.A, HKUS-1-5-21-2734083464-1398316719-1191631614-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWAREMICROSOFTINTERNET EXPLORERSEARCHURL|Default, http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZLPTi8JOzLs49cNRzh3I-6bBgQZQhc0wmbrgn5-trPydtzoyz94FxSeAU18LRax_yDm0Y_XxuekdKVylN__eyu2di8aZmxCZnI3pjp528D0fUjt3G_LPJs15f2YIkBmv_ta4UnWJ_3-Xg,,&q=” onclick=”window.open(this.href);return false;{searchTerms}, Good: (http://www.google.com), Bad: (http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZLPTi8JOzLs49cNRzh3I-6bBgQZQhc0wmbrgn5-trPydtzoyz94FxSeAU18LRax_yDm0Y_XxuekdKVylN__eyu2di8aZmxCZnI3pjp528D0fUjt3G_LPJs15f2YIkBmv_ta4UnWJ_3-Xg,,&q={searchTerms}),Replaced,[b5d8d658c2b960d65bdc66c0e024e11f]

    Folders: 4
    PUP.Optional.CrossRider.A, C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultdatabaseschrome-extension_dmgpbjjcdccinnndjdgmegndbmhbgglb_0, Quarantined, [bfce53dbeb908caa5bd3d694877b4eb2],
    PUP.Optional.CrossRider.A, C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultdatabaseschrome-extension_majjphhgppkndjjkmhhnbgafooenebhd_0, Quarantined, [abe21519e49774c23df6d793c14105fb],
    PUP.Optional.CrossRider.A, C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultLocal Extension Settingsdmgpbjjcdccinnndjdgmegndbmhbgglb, Quarantined, [cebfd6584b3078beb28816544cb609f7],
    PUP.Optional.CrossRider.A, C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultLocal Extension Settingsmajjphhgppkndjjkmhhnbgafooenebhd, Quarantined, [dab381adf68583b37bc485e5986aa65a],

    Files: 25
    PUP.Optional.Spigot.A, C:UsersAude GALINIERDownloadsFreeZipOpener_Install.exe, Quarantined, [8ffe51ddc0bb2610434b0c14fe036997],
    PUP.Optional.BundleInstaller.A, C:UsersAude GALINIERDownloadsSetup (1).exe, Quarantined, [b1dc7fafbdbe4de9651c9d6cec186a96],
    PUP.Optional.BundleInstaller.A, C:UsersAude GALINIERDownloadsSetup.exe, Quarantined, [a9e4ce603d3eaa8c70119a6f0004eb15],
    PUP.Optional.SmartBar.A, C:WindowsInstallerb934bc.msi, Quarantined, [8607f43a9fdcaf8733a2959240c0b14f],
    PUP.Optional.CrossRider.A, C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultLocal Storagechrome-extension_dmgpbjjcdccinnndjdgmegndbmhbgglb_0.localstorage, Quarantined, [761776b89ddec175bc3ab3c3897907f9],
    PUP.Optional.CrossRider.A, C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultLocal Storagechrome-extension_dmgpbjjcdccinnndjdgmegndbmhbgglb_0.localstorage-journal, Quarantined, [a5e8101e5625330306f036406b97748c],
    PUP.Optional.CrossRider.A, C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultLocal Storagechrome-extension_majjphhgppkndjjkmhhnbgafooenebhd_0.localstorage, Quarantined, [7b122608522959ddd724d99dca3834cc],
    PUP.Optional.CrossRider.A, C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultLocal Storagechrome-extension_majjphhgppkndjjkmhhnbgafooenebhd_0.localstorage-journal, Quarantined, [9feeb27c7cff6bcb1edd83f381816c94],
    PUP.Optional.CrossRider.A, C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultdatabaseschrome-extension_dmgpbjjcdccinnndjdgmegndbmhbgglb_014, Quarantined, [bfce53dbeb908caa5bd3d694877b4eb2],
    PUP.Optional.CrossRider.A, C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultdatabaseschrome-extension_majjphhgppkndjjkmhhnbgafooenebhd_013, Quarantined, [abe21519e49774c23df6d793c14105fb],
    PUP.Optional.CrossRider.A, C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultLocal Extension Settingsdmgpbjjcdccinnndjdgmegndbmhbgglb00005.ldb, Quarantined, [cebfd6584b3078beb28816544cb609f7],
    PUP.Optional.CrossRider.A, C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultLocal Extension Settingsdmgpbjjcdccinnndjdgmegndbmhbgglb00018.log, Quarantined, [cebfd6584b3078beb28816544cb609f7],
    PUP.Optional.CrossRider.A, C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultLocal Extension SettingsdmgpbjjcdccinnndjdgmegndbmhbgglbCURRENT, Quarantined, [cebfd6584b3078beb28816544cb609f7],
    PUP.Optional.CrossRider.A, C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultLocal Extension SettingsdmgpbjjcdccinnndjdgmegndbmhbgglbLOCK, Quarantined, [cebfd6584b3078beb28816544cb609f7],
    PUP.Optional.CrossRider.A, C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultLocal Extension SettingsdmgpbjjcdccinnndjdgmegndbmhbgglbLOG, Quarantined, [cebfd6584b3078beb28816544cb609f7],
    PUP.Optional.CrossRider.A, C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultLocal Extension SettingsdmgpbjjcdccinnndjdgmegndbmhbgglbLOG.old, Quarantined, [cebfd6584b3078beb28816544cb609f7],
    PUP.Optional.CrossRider.A, C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultLocal Extension SettingsdmgpbjjcdccinnndjdgmegndbmhbgglbMANIFEST-000016, Quarantined, [cebfd6584b3078beb28816544cb609f7],
    PUP.Optional.CrossRider.A, C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultLocal Extension Settingsmajjphhgppkndjjkmhhnbgafooenebhd00005.ldb, Quarantined, [dab381adf68583b37bc485e5986aa65a],
    PUP.Optional.CrossRider.A, C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultLocal Extension Settingsmajjphhgppkndjjkmhhnbgafooenebhd00103.ldb, Quarantined, [dab381adf68583b37bc485e5986aa65a],
    PUP.Optional.CrossRider.A, C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultLocal Extension Settingsmajjphhgppkndjjkmhhnbgafooenebhd00116.log, Quarantined, [dab381adf68583b37bc485e5986aa65a],
    PUP.Optional.CrossRider.A, C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultLocal Extension SettingsmajjphhgppkndjjkmhhnbgafooenebhdCURRENT, Quarantined, [dab381adf68583b37bc485e5986aa65a],
    PUP.Optional.CrossRider.A, C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultLocal Extension SettingsmajjphhgppkndjjkmhhnbgafooenebhdLOCK, Quarantined, [dab381adf68583b37bc485e5986aa65a],
    PUP.Optional.CrossRider.A, C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultLocal Extension SettingsmajjphhgppkndjjkmhhnbgafooenebhdLOG, Quarantined, [dab381adf68583b37bc485e5986aa65a],
    PUP.Optional.CrossRider.A, C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultLocal Extension SettingsmajjphhgppkndjjkmhhnbgafooenebhdLOG.old, Quarantined, [dab381adf68583b37bc485e5986aa65a],
    PUP.Optional.CrossRider.A, C:UsersAude GALINIERAppDataLocalGoogleChromeUser DataDefaultLocal Extension SettingsmajjphhgppkndjjkmhhnbgafooenebhdMANIFEST-000114, Quarantined, [dab381adf68583b37bc485e5986aa65a],

    Physical Sectors: 0
    (No malicious items detected)

    (end)[/spoiler:26unxmrc]

    aude25
    Participant
    Nombre d'articles : 12

    et le bouquet final …

    http://cjoint.com/data3/3DztMJWSm8k.htm” onclick=”window.open(this.href);return false;

    :yes :yes :yes

    H.A.W.X
    Participant
    Nombre d'articles : 1809

    Bonsoir :)

    Belle prise dit donc ! Il y a avait des bestioles dans ton ordi ! :shocked:

    Ca doit aller bien non ? :)

    • Télécharge Infected Scanner (de fredodiable) sur ton bureau !
    • Lance Infected Scanner, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Clic sur la loupe

    • Si le rond n’est pas Vert :
      • Clic sur l’icône du rapport (à droite de la loupe)
    • Une fois le scan terminé rends toi sur le bureau, un rapport Rapport.txt à été créé.
    • Héberge le rapport Rapport.txt

    ++ :)

    aude25
    Participant
    Nombre d'articles : 12

    le rond est vert!!!!!! :bravo1: :bravo1: :bravo1: :bravo1: :bravo1: :bravo1: :bravo1: :bravo1:
    a-t-on idée de la provenance de toutes ces bêbêtes?
    en tout cas je vous remercie chaudement pour le coup de pouce!
    comment vous remercier?? mon rayon c’est le poney.. si un jour vous avez besoin de renseignements.sait on jamais! :-)

    Anonyme
    Nombre d'articles : 0

    :hello: ,

    a-t-on idée de la provenance de toutes ces bêbêtes?

    Des sites ou tu télécharges, ils signent des partenariat publicitaires.

    • Pour supprimer les outils de désinfections utilisés :
    • Télécharges Delfix sur ton Bureau.
    • Lance Delfix, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Coche les cases suivantes :
      • Supprimer les outils de désinfection
      • Purger la restauration système

    [fin2desinf:20c0f4y2][/fin2desinf:20c0f4y2]

15 sujets de 1 à 15 (sur un total de 18)
  • Vous devez être connecté pour répondre à ce sujet.