Sujet Précédent Sujet Suivant

Virus clef usb raccourci

Résolu/Fermé
Mam42 Messages postés 6 Date d'inscription dimanche 31 août 2014 Statut Membre Dernière intervention 1 septembre 2014 - 31 août 2014 à 12:06
 Utilisateur anonyme - 2 sept. 2014 à 06:29
Bonjour,

J'ai un virus sur mon pc qui transforme les fichiers sur les clef USB et disque dur externe en raccourcis. Après avoir fais un tour sur google il semblerai que je ne soit pas du tout capable de m'en débarrasser seule.
Quelqu'un pour un p'tit coup de main?
Merci d'avance!


A voir également:

11 réponses

Réponse 1 / 11
Utilisateur anonyme
31 août 2014 à 12:07
Bonjour

# Télécharge UsbFix par El Desaparecido sur ton Bureau.
# Si ton antivirus affiche une alerte, ignore-la et désactive l'antivirus temporairement.

# Branche toutes tes sources de données externes à ton PC (clé USB, disque dur externe, etc...) sans les ouvrir.
# Double clique sur UsbFix.exe.

# Clique sur Options, dans le menu BBCode choisis CCM.
# Valide en cliquant sur Appliquer.
# UsbFix se relancera pour prendre en compte tes réglages.
# Clique maintenant sur Recherche.


# Laisse travailler l'outil, ton bureau ne sera pas accessible durant la phase de nettoyage, c'est normal.

# À la fin du scan, un rapport va s'afficher, poste-le dans ta prochaine réponse sur le forum.
# Le rapport est aussi sauvegardé à la racine du disque système.
(C:\Usbfix\Log\UsbFix [Scan ...txt).
( CTRL+A pour sélectionner, CTRL+C pour copier et CTRL+V pour coller )
# ->> Tutoriel (aide) en images sur le site de l'auteur.

@+
0
Réponse 2 / 11
Mam42 Messages postés 6 Date d'inscription dimanche 31 août 2014 Statut Membre Dernière intervention 1 septembre 2014
31 août 2014 à 16:32
MERCI!

Voici le rapport :

############################## | UsbFix V 7.181 | [Recherche]

Utilisateur: Nora (Administrateur) # NORA-PC
Mis à jour le 31/08/2014 par El Desaparecido - SosVirus
Lancé à 16:22:57 | 31/08/2014

Site Web : https://www.usbfix.net/
Changelog : https://www.usb-antivirus.com/fr/maj/
Assistance : https://depannageinformatique.org/acheter/reservation/?f=6
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : https://www.usb-antivirus.com/fr/contact/

################## | System information |

MB: Dell Inc. (0J509P)
CPU: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
GC: ATI Mobility Radeon HD 4650
RAM -> [Total : 4085 Mo | Free : 1756 Mo]
Bios: Dell Inc.
Boot: Normal boot

OS: Microsoft(TM) Windows 7 Ultimate (6.1.7601 64-Bit) Service Pack 1
WB: Internet Explorer : 11.00.9600.16428
WB: Mozilla Firefox : 30.0

################## | Security Information |

AV: avast! Antivirus [(!) Désactivé |A jour]
AS: avast! Antivirus [(!) Désactivé |A jour]
AS: Windows Defender [Actif |A jour]
FW: Windows Firewall [Actif]
SC: Security Center [Actif]
WU: Windows Update [Actif]

################## | Disk Information |

C:\ (%SystemDrive%) -> Disque fixe # 117 Go (33 Go libre(s) - 28%) [] # NTFS
D:\ -> Disque fixe # 349 Go (194 Go libre(s) - 56%) [Documents] # NTFS
F:\ -> Disque amovible # 7 Go (7 Go libre(s) - 99%) [] # FAT32
G:\ -> CD-ROM # 819 Mo (0 Mo libre(s) - 0%) [Projet sans titre] # UDF
I:\ -> Disque amovible # 4 Go (4 Go libre(s) - 98%) [] # FAT32

################## | Regedit Run |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [Google Update] "C:\Users\Nora\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKCU\..\Run : [ccleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO
04 - HKCU\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKCU\..\Run : [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
04 - HKLM\..\Run : [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
04 - HKLM\..\Run : [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
04 - HKLM\..\Run : [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
04 - HKLM\..\Run : [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
04 - [x64] HKLM\..\Run : [MRT] "C:\Windows\system32\MRT.exe" /R
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-1632045711-2625259477-304083982-1000\..\Run : [Google Update] "C:\Users\Nora\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKU\S-1-5-21-1632045711-2625259477-304083982-1000\..\Run : [AdobeBridge]
04 - HKU\S-1-5-21-1632045711-2625259477-304083982-1000\..\Run : [ccleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO
04 - HKU\S-1-5-21-1632045711-2625259477-304083982-1000\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKU\S-1-5-21-1632045711-2625259477-304083982-1000\..\Run : [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-18\..\RunOnce : [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"https://support.microsoft.com/en-us/windows/install-windows-7-service-pack-1-sp1-b3da2c0f-cdb6-0572-8596-bab972897f61" /build:7601

################## | Recherche générique |

Présent! I:\SURVIVAL.vbe
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\01-01-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\01-03-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\03-01-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\04-01-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\05-04-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\06-01-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\07-01-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\08-02-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\09-02-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\09-04-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\13-01-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\13-04-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\14-01-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\14-04-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\16-04-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\17-01-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\17-04-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\18-01-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\19-01-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\19-04-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\19-07-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\20-01-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\20-04-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\21-12-2013
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\22-02-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\23-02-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\23-12-2013
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\24-05-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\24-12-2013
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\25-02-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\25-05-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\25-12-2013
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\26-12-2013
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\28-01-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\28-12-2013
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\29-03-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\30-03-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\30-12-2013
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\31-12-2013
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\ak.tmp
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\01-01-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\01-03-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\03-01-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\04-01-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\05-04-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\06-01-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\07-01-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\08-02-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\09-02-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\09-04-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\13-01-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\13-04-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\14-01-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\14-04-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\16-04-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\17-01-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\17-04-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\18-01-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\19-01-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\19-04-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\19-07-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\20-01-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\20-04-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\21-12-2013
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\22-02-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\23-02-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\23-12-2013
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\24-05-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\24-12-2013
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\25-02-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\25-05-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\25-12-2013
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\26-12-2013
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\28-01-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\28-12-2013
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\29-03-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\30-03-2014
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\30-12-2013
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\31-12-2013
Présent! C:\Users\Nora\AppData\Roaming\86412E3E\ak.tmp
Présent! C:\Users\Nora\AppData\Roaming\86412E3E
Présent! C:\Users\Nora\AppData\Local\Temp\Nora7
Présent! C:\Users\Nora\AppData\Local\Temp\Nora8
Présent! C:\Users\Nora\AppData\Roaming\Public
Présent! C:\Users\Nora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\trz6A95.tmp

################## | Registre |

Présent! HKCU\Software\Holaa
Présent! HKU\S-1-5-21-1632045711-2625259477-304083982-1000\Software\Holaa

################## | UsbFix - Information |

UsbFix a détecté sur votre ordinateur, une infection qui dispose d'une fonction de Keylogger.
Après désinfection par UsbFix, veuillez modifier tous vos mots de passe.
Si vous avez effectué des achats sur internet,
veuillez contacter votre banque afin d'envisager une opposition sur votre carte bancaire.Info : Comment supprimer l'infection des raccourcis sur USB ? (Video)
Info : L'infection des raccourcis USB, c'est quoi ?

################## | Hijack |

Hijacked! [SH] I:\SURVIVAL.vbe
Hijacked! [SHD] I:\fac

################## | E.O.F | https://www.sosvirus.net/ | https://www.usbfix.net/ |
0
Réponse 3 / 11
Utilisateur anonyme
31 août 2014 à 16:35
Re

# Branche toutes tes sources de données externes à ton PC (clé USB, disque dur externe, etc...) sans les ouvrir.
# Double clique sur UsbFix.exe.

# Clique sur Options, dans le menu BBCode choisis CCM.
# Valide en cliquant sur Appliquer.
# UsbFix se relancera pour prendre en compte tes réglages.
# Clique maintenant sur Nettoyage.


# Laisse travailler l'outil, ton bureau ne sera pas accessible durant la phase de nettoyage, c'est normal.

# À la fin du scan, un rapport va s'afficher, poste-le dans ta prochaine réponse sur le forum.
# Le rapport est aussi sauvegardé à la racine du disque système.
(C:\Usbfix\Log\UsbFix [Clean ...txt).
( CTRL+A pour sélectionner, CTRL+C pour copier et CTRL+V pour coller )
# ->> Tutoriel (aide) en images sur le site de l'auteur.
@+

0
Réponse 4 / 11
Mam42 Messages postés 6 Date d'inscription dimanche 31 août 2014 Statut Membre Dernière intervention 1 septembre 2014
31 août 2014 à 20:58
Re

Voici le rapport :

############################## | UsbFix V 7.181 | [Nettoyage]

Utilisateur: Nora (Administrateur) # NORA-PC
Mis à jour le 31/08/2014 par El Desaparecido - SosVirus
Lancé à 20:51:29 | 31/08/2014

Site Web : https://www.usbfix.net/
Changelog : https://www.usb-antivirus.com/fr/maj/
Assistance : https://depannageinformatique.org/acheter/reservation/?f=6
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : https://www.usb-antivirus.com/fr/contact/

################## | System information |

MB: Dell Inc. (0J509P)
CPU: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
GC: ATI Mobility Radeon HD 4650
RAM -> [Total : 4085 Mo | Free : 1715 Mo]
Bios: Dell Inc.
Boot: Normal boot

OS: Microsoft(TM) Windows 7 Ultimate (6.1.7601 64-Bit) Service Pack 1
WB: Internet Explorer : 11.00.9600.16428
WB: Mozilla Firefox : 30.0

################## | Security Information |

AV: avast! Antivirus [(!) Désactivé |A jour]
AS: avast! Antivirus [(!) Désactivé |A jour]
AS: Windows Defender [Actif |A jour]
FW: Windows Firewall [Actif]
SC: Security Center [Actif]
WU: Windows Update [Actif]

################## | Disk Information |

C:\ (%SystemDrive%) -> Disque fixe # 117 Go (33 Go libre(s) - 28%) [] # NTFS
D:\ -> Disque fixe # 349 Go (194 Go libre(s) - 56%) [Documents] # NTFS
F:\ -> Disque amovible # 7 Go (7 Go libre(s) - 99%) [] # FAT32
G:\ -> CD-ROM # 819 Mo (0 Mo libre(s) - 0%) [Projet sans titre] # UDF
I:\ -> Disque amovible # 4 Go (4 Go libre(s) - 98%) [] # FAT32

################## | Recherche générique |

Supprimé! I:\SURVIVAL.vbe
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\01-01-2014
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\01-03-2014
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\03-01-2014
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\04-01-2014
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\05-04-2014
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\06-01-2014
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\07-01-2014
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\08-02-2014
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\09-02-2014
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\09-04-2014
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\13-01-2014
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\13-04-2014
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\14-01-2014
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\14-04-2014
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\16-04-2014
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\17-01-2014
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\17-04-2014
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\18-01-2014
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\19-01-2014
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\19-04-2014
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\19-07-2014
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\20-01-2014
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\20-04-2014
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\21-12-2013
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\22-02-2014
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\23-02-2014
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\23-12-2013
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\24-05-2014
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\24-12-2013
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\25-02-2014
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\25-05-2014
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\25-12-2013
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\26-12-2013
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\28-01-2014
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\28-12-2013
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\29-03-2014
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\30-03-2014
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\30-12-2013
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\31-12-2013
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E\ak.tmp
Supprimé! C:\Users\Nora\AppData\Roaming\86412E3E
Supprimé! C:\Users\Nora\AppData\Local\Temp\Nora7
Supprimé! C:\Users\Nora\AppData\Local\Temp\Nora8
Supprimé! C:\Users\Nora\AppData\Roaming\Public
Supprimé! C:\Users\Nora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\trz6A95.tmp

(!) Fichiers temporaires supprimés. (95.3315696716309 MB)

################## | Registre |

Supprimé! HKCU\Software\Holaa

################## | Regedit Run |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [Google Update] "C:\Users\Nora\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKCU\..\Run : [ccleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO
04 - HKCU\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKCU\..\Run : [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
04 - HKLM\..\Run : [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
04 - HKLM\..\Run : [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
04 - HKLM\..\Run : [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
04 - HKLM\..\Run : [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
04 - [x64] HKLM\..\Run : [MRT] "C:\Windows\system32\MRT.exe" /R
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-1632045711-2625259477-304083982-1000\..\Run : [Google Update] "C:\Users\Nora\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKU\S-1-5-21-1632045711-2625259477-304083982-1000\..\Run : [AdobeBridge]
04 - HKU\S-1-5-21-1632045711-2625259477-304083982-1000\..\Run : [ccleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO
04 - HKU\S-1-5-21-1632045711-2625259477-304083982-1000\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKU\S-1-5-21-1632045711-2625259477-304083982-1000\..\Run : [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-18\..\RunOnce : [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"https://support.microsoft.com/en-us/windows/install-windows-7-service-pack-1-sp1-b3da2c0f-cdb6-0572-8596-bab972897f61" /build:7601

################## | UsbFix - Information |

UsbFix a détecté sur votre ordinateur, une infection qui dispose d'une fonction de Keylogger.
Après désinfection par UsbFix, veuillez modifier tous vos mots de passe.
Si vous avez effectué des achats sur internet,
veuillez contacter votre banque afin d'envisager une opposition sur votre carte bancaire.Info : Comment supprimer l'infection des raccourcis sur USB ? (Video)
Info : L'infection des raccourcis USB, c'est quoi ?

################## | Hijack |

Restauré! [D] I:\fac

################## | C:\ %SystemDrive% - Disque Fixe (NTFS) |

[31/08/2014 - 20:26:54 | ASH | 3136904 Ko] - C:\hiberfil.sys
[31/08/2014 - 20:27:02 | ASH | 4182540 Ko] - C:\pagefile.sys
[30/08/2014 - 21:49:51 | D] - C:\Config.Msi
[28/10/2012 - 15:33:19 | SHD] - C:\$Recycle.Bin
[14/07/2009 - 05:20:08 | D] - C:\PerfLogs
[14/07/2009 - 07:08:56 | SHD] - C:\Documents and Settings
[28/10/2011 - 08:05:27 | SHD] - C:\Recovery
[28/10/2011 - 08:05:33 | RD] - C:\Users
[28/10/2011 - 09:17:16 | RHD] - C:\MSOCache
[28/10/2011 - 10:15:33 | D] - C:\Intel
[09/02/2013 - 18:17:29 | D] - C:\wamp
[30/08/2014 - 21:49:29 | SHD] - C:\System Volume Information
[30/08/2014 - 21:52:58 | HD] - C:\ProgramData
[30/08/2014 - 21:53:23 | D] - C:\Windows
[31/08/2014 - 10:22:24 | RD] - C:\Program Files
[31/08/2014 - 10:22:24 | RD] - C:\Program Files (x86)
[31/08/2014 - 20:50:06 | D] - C:\UsbFix

################## | D:\ - Disque Fixe (NTFS) |

[08/03/2012 - 19:19:07 | A | 4762 Ko] - D:\wordpress-3.3.1-fr_FR.zip
[11/04/2012 - 17:51:51 | A | 259 Ko] - D:\attachments(2).zip
[06/05/2013 - 12:19:06 | A | 153632 Ko] - D:\avdpt103w.zip
[30/09/2013 - 18:27:39 | A | 3051 Ko] - D:\malinette_v0.85.zip
[07/01/2013 - 17:32:52 | A | 359 Ko] - D:\arkaos.vj
[29/10/2011 - 06:11:07 | D] - D:\msdownld.tmp
[17/02/2013 - 19:42:39 | A | 0 Ko] - D:\2228_12168686_MVM_0.tmp
[12/03/2013 - 11:22:09 | A | 0 Ko] - D:\6028_5108424_MVM_0.tmp
[01/03/2014 - 21:28:47 | A | 0 Ko] - D:\880_11228811_MVM_1.tmp
[01/03/2014 - 21:28:47 | A | 0 Ko] - D:\880_11228811_MVM_0.tmp
[01/03/2014 - 21:28:47 | A | 0 Ko] - D:\880_11228811_MVM_2.tmp
[01/03/2014 - 21:28:47 | A | 0 Ko] - D:\880_11228811_MVM_3.tmp
[30/03/2013 - 17:41:57 | A | 74 Ko] - D:\cc_20130330_164149.reg
[02/01/2012 - 17:48:02 | A | 49096 Ko] - D:\DjiTHS.rar
[27/06/2013 - 12:30:33 | A | 1453 Ko] - D:\WL2.1.3.rar
[19/05/2013 - 23:59:26 | A | 18268 Ko] - D:\site.psd
[30/06/2011 - 03:59:44 | A | 129 Ko] - D:\plaquette_prelevement.pdf
[30/06/2011 - 03:59:44 | A | 142 Ko] - D:\acte_caution_solidaire.pdf
[30/06/2011 - 03:59:44 | A | 50 Ko] - D:\fiche_cartonnee.pdf
[30/06/2011 - 03:59:44 | A | 82 Ko] - D:\AUTORISATION_DE_PRELEVEMENT.pdf
[30/06/2011 - 03:59:44 | A | 7 Ko] - D:\AR_Liste_pieces_centrales.pdf
[30/06/2011 - 03:59:44 | A | 63 Ko] - D:\AR_COURRIER_RECEPTION.pdf
[24/10/2011 - 02:43:35 | A | 487 Ko] - D:\bonnet chat.pdf
[11/03/2012 - 17:31:08 | A | 62 Ko] - D:\BN8546 caf.pdf
[11/04/2012 - 01:34:10 | A | 195 Ko] - D:\instructions.pdf
[11/04/2012 - 01:34:10 | A | 123 Ko] - D:\informations.pdf
[11/04/2012 - 01:34:10 | A | 14 Ko] - D:\Dossier_2012.pdf
[18/04/2012 - 10:00:08 | A | 10 Ko] - D:\Notification_2012.pdf
[18/04/2012 - 10:00:08 | A | 24 Ko] - D:\notice.pdf
[30/04/2012 - 17:53:47 | A | 250 Ko] - D:\Vercors.pdf
[04/07/2012 - 10:31:55 | A | 234 Ko] - D:\chale dentelle.pdf
[28/07/2012 - 13:19:48 | A | 40 Ko] - D:\chale_paquerette.pdf
[30/09/2012 - 21:14:46 | A | 56 Ko] - D:\CAF.pdf
[30/10/2012 - 17:51:05 | A | 76 Ko] - D:\lmde.pdf
[17/12/2012 - 15:30:22 | A | 39 Ko] - D:\caf 17-12-12.pdf
[05/01/2013 - 11:36:28 | A | 107 Ko] - D:\dr2011.pdf
[11/01/2013 - 00:42:27 | A | 101 Ko] - D:\Liste de livres à lire.pdf
[22/08/2013 - 19:22:40 | A | 110 Ko] - D:\CONFIMATION DOSSIER SNCM.PDF
[27/04/2013 - 23:19:28 | A | 6 Ko] - D:\Que signifie pour vous le terme support.odt
[08/05/2013 - 17:03:22 | A | 6 Ko] - D:\Vimeo.odt
[14/01/2014 - 17:07:13 | A | 5 Ko] - D:\he's watching you.odt
[28/02/2012 - 19:25:26 | A | 189 Ko] - D:\lmde.jpg
[28/02/2012 - 19:29:02 | A | 379 Ko] - D:\lmde2.jpg
[11/11/2012 - 17:06:29 | A | 52 Ko] - D:\batterie-maman.jpg
[29/01/2013 - 11:48:43 | A | 115 Ko] - D:\commande-fotodiscount-29-01-13.jpg
[06/07/2013 - 18:20:39 | A | 402 Ko] - D:\Steam.jpg
[29/07/2013 - 13:12:44 | A | 7734 Ko] - D:\IMG_9194.JPG
[29/07/2013 - 13:12:46 | A | 6354 Ko] - D:\IMG_9195.JPG
[29/07/2013 - 13:12:48 | A | 6483 Ko] - D:\IMG_9196.JPG
[30/08/2014 - 11:49:14 | A | 724 Ko] - D:\AUTOENTREPRISE.jpg
[25/05/2014 - 08:33:20 | ASH | 0 Ko] - [VirusTotal - (0/54)] - D:\desktop.ini
[28/02/2012 - 19:29:46 | A | 26 Ko] - D:\lmde.htm
[31/07/2014 - 15:04:28 | D] - D:\.freemind
[04/10/2011 - 22:40:05 | A | 29 Ko] - D:\ARTICLE.docx
[10/10/2011 - 00:34:29 | A | 33 Ko] - D:\PIXMANIA.docx
[24/10/2011 - 04:01:09 | A | 10 Ko] - D:\Bonnet à oreilles de chat réalisable en une soirée.docx
[10/01/2012 - 13:08:14 | A | 13 Ko] - D:\Date de la transaction 10 Janvier 2012 11.docx
[30/04/2012 - 17:54:30 | A | 14 Ko] - D:\Vercors.docx
[04/06/2012 - 22:22:56 | A | 20 Ko] - D:\lettre de motiv maste.docx
[06/01/2013 - 17:54:45 | A | 53 Ko] - D:\page anouk.docx
[11/01/2013 - 01:10:30 | A | 16 Ko] - D:\Liste de livres à lire.docx
[23/04/2013 - 15:20:27 | A | 13 Ko] - D:\Introduction.docx
[10/05/2013 - 22:08:42 | A | 14 Ko] - D:\todolist.docx
[23/05/2013 - 00:45:08 | A | 14 Ko] - D:\petits problemes a resoudre.docx
[13/01/2014 - 23:58:33 | A | 13 Ko] - D:\Projet professionnel.docx
[16/06/2011 - 02:00:36 | A | 31 Ko] - D:\lettre de motivation 10.doc
[23/12/2011 - 15:01:42 | SHD] - D:\$RECYCLE.BIN
[10/06/2012 - 12:19:17 | D] - D:\WL2.1.3
[01/10/2009 - 11:04:14 | D] - D:\libtheora-1.1.1
[16/12/2010 - 15:55:24 | D] - D:\webmdshow-0.9.12.0-20101216
[28/10/2011 - 10:36:03 | SHD] - D:\System Volume Information
[28/02/2012 - 19:29:44 | D] - D:\lmde_fichiers
[06/09/2012 - 15:29:30 | RD] - D:\Documents
[29/09/2012 - 19:03:24 | D] - D:\TmForever
[03/11/2012 - 14:47:48 | D] - D:\site perso
[04/11/2012 - 01:47:00 | D] - D:\League of Legends
[08/01/2013 - 20:53:02 | D] - D:\trois ptits pois
[04/02/2013 - 15:51:00 | D] - D:\videos ppt
[04/02/2013 - 15:59:31 | D] - D:\Animations
[05/02/2013 - 14:17:52 | D] - D:\Bluetooth
[07/02/2013 - 17:42:39 | D] - D:\crous
[13/02/2013 - 22:06:11 | D] - D:\js
[13/02/2013 - 22:06:11 | D] - D:\Archive(1)
[17/02/2013 - 19:14:15 | D] - D:\slider
[17/02/2013 - 19:35:24 | D] - D:\test slidetr
[17/02/2013 - 23:01:50 | D] - D:\slider2
[17/02/2013 - 23:50:06 | D] - D:\cv
[19/02/2013 - 23:53:01 | D] - D:\html cours
[28/02/2013 - 15:36:04 | D] - D:\Blocs-notes OneNote
[30/07/2013 - 13:38:29 | D] - D:\terraria
[30/07/2013 - 13:38:56 | D] - D:\maison des artistes
[22/08/2013 - 14:35:02 | D] - D:\programmes
[12/09/2013 - 14:50:05 | D] - D:\Adobe
[22/09/2013 - 00:23:04 | D] - D:\encodeur vidéo
[30/09/2013 - 18:42:20 | D] - D:\pure data
[21/10/2013 - 13:44:10 | D] - D:\vecteur
[28/10/2013 - 14:49:26 | D] - D:\portfolio
[30/10/2013 - 20:24:49 | D] - D:\preset LR
[07/11/2013 - 12:04:31 | D] - D:\ldlc
[18/11/2013 - 11:36:01 | D] - D:\3D
[03/12/2013 - 17:55:59 | D] - D:\visuel afk
[22/12/2013 - 00:11:40 | D] - D:\ps brush
[22/12/2013 - 00:12:36 | D] - D:\fonts
[14/01/2014 - 01:12:13 | D] - D:\cv+ lettre de motiv'
[19/01/2014 - 23:43:02 | D] - D:\My Games
[30/03/2014 - 15:26:22 | D] - D:\FAC
[25/05/2014 - 08:33:19 | RD] - D:\Videos
[25/05/2014 - 08:33:19 | RD] - D:\Pictures
[25/05/2014 - 08:33:20 | RD] - D:\Music
[30/08/2014 - 11:58:15 | D] - D:\auto entreprise
[31/08/2014 - 20:49:59 | RD] - D:\Downloads
[31/08/2014 - 20:50:09 | RD] - D:\Bureau

################## | F:\ - Disque USB (FAT32) |

[25/12/2013 - 22:26:32 | D] - F:\pr impressions

################## | I:\ - Disque USB (FAT32) |

[19/12/2013 - 21:42:08 | D] - I:\fac

################## | Vaccin |

C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
I:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | https://www.sosvirus.net/ | https://www.usbfix.net/ |
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 11
Utilisateur anonyme
31 août 2014 à 21:00
Re

Télécharge Malwaresbytes anti malware ici
https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/

--->> Installe le (choisis bien français ); ne modifie pas les paramètres d'installe
--->> Décoche la case Activer l'essai gratuit de Malwarebytes Anti-Malware Premium à la fin de l'installation
--->> /!\ Utilisateurs de Vista/7/8/8.1 : faire un clic droit sur le raccourci de MalwareBytes' Anti-Malware et choisir Exécuter en tant qu'administrateur
--->> Clique sur Mettre à jour dans le Tableau de bord afin de mettre à jour la base de données.
--->> Dans l'onglet Examen, sélectionnez Examen Menaces puis clique sur Examiner maintenant.
--->> Une fois le scan terminé, clique sur Tout mettre en quarantaine puis sur Appliquez les actions

--->> (Si un message demande de redémarrer le PC pour terminer la suppression, accepte)

--->> Le rapport est disponible dans Historique > Journaux de l'application. (Choisis bien le dernier en date
Tu sélectionnes le fichier et tu demandes l'affichage
En bas à gauche un bouton exporter ; tu cliques dessus et tu choisis fichier texte et tu choisis ensuite ou l'enregistrer pour ensuite pouvoir le poster dans ta prochaine réponse

Merci

@+

0
Réponse 6 / 11
Mam42 Messages postés 6 Date d'inscription dimanche 31 août 2014 Statut Membre Dernière intervention 1 septembre 2014
31 août 2014 à 22:11
Voici le rapport

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'examen: 31-Aug-14
Heure de l'examen: 9:54:18 PM
Fichier journal: virus.txt
Administrateur: Oui

Version: 2.00.2.1012
Base de données Malveillants: v2014.08.31.06
Base de données Rootkits: v2014.08.21.01
Licence: Gratuite
Protection contre les malveillants: Désactivé(e)
Protection contre les sites Web malveillants: Désactivé(e)
Self-protection: Désactivé(e)

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Nora

Type d'examen: Examen "Menaces"
Résultat: Terminé
Objets analysés: 313948
Temps écoulé: 9 min, 15 sec

Mémoire: Activé(e)
Démarrage: Activé(e)
Système de fichiers: Activé(e)
Archives: Activé(e)
Rootkits: Désactivé(e)
Heuristics: Activé(e)
PUP: Activé(e)
PUM: Activé(e)

Processus: 2
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper\updateDealKeeper.exe, 4136, Supprimé-au-redémarrage, [6fb3339ad8a3db5b4f3caa4bfa0823dd]
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper\bin\utilDealKeeper.exe, 4968, Supprimé-au-redémarrage, [6fb3339ad8a3db5b4f3caa4bfa0823dd]

Modules: 0
(No malicious items detected)

Clés du Registre: 57
PUP.Optional.WPM.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsMangerProtect, Mis en quarantaine, [988a1fae750616200cba1680818019e7],
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WindowsMangerProtect, Mis en quarantaine, [988a1fae750616200cba1680818019e7],
PUP.Optional.IePluginService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginServices, Mis en quarantaine, [3ee44d8086f5b680af034f142dd4d828],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, Mis en quarantaine, [28fa6c6198e32d097f33179952b026da],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, Mis en quarantaine, [28fa6c6198e32d097f33179952b026da],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, Mis en quarantaine, [4cd63994314a072f765c466a39c97e82],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, Mis en quarantaine, [4cd63994314a072f765c466a39c97e82],
PUP.Optional.FindRight.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{2c774641-5504-46a8-b63f-6715ae3fe376}, Mis en quarantaine, [cc56b21b91eac5713b5ef98215edbd43],
PUP.Optional.FindRight.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{c638abe2-47da-4351-b170-e6a673d25ca3}, Mis en quarantaine, [cc56b21b91eac5713b5ef98215edbd43],
PUP.Optional.FindRight.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4CCADDA1-60AD-48AA-97C2-FA892D2499FB}, Mis en quarantaine, [cc56b21b91eac5713b5ef98215edbd43],
PUP.Optional.FindRight.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4CCADDA1-60AD-48AA-97C2-FA892D2499FB}, Mis en quarantaine, [cc56b21b91eac5713b5ef98215edbd43],
PUP.Optional.FindRight.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{c638abe2-47da-4351-b170-e6a673d25ca3}, Mis en quarantaine, [cc56b21b91eac5713b5ef98215edbd43],
PUP.Optional.FindRight.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{2C774641-5504-46A8-B63F-6715AE3FE376}, Mis en quarantaine, [cc56b21b91eac5713b5ef98215edbd43],
PUP.Optional.FindRight.A, HKU\S-1-5-21-1632045711-2625259477-304083982-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{2C774641-5504-46A8-B63F-6715AE3FE376}, Mis en quarantaine, [cc56b21b91eac5713b5ef98215edbd43],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}, Mis en quarantaine, [67bb804d7ffcb87e942a00b012f0f50b],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{C292AD0A-C11F-479B-B8DB-743E72D283B0}, Mis en quarantaine, [67bb804d7ffcb87e942a00b012f0f50b],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{C292AD0A-C11F-479B-B8DB-743E72D283B0}, Mis en quarantaine, [67bb804d7ffcb87e942a00b012f0f50b],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\esrv.mysearchdialESrvc.1, Mis en quarantaine, [67bb804d7ffcb87e942a00b012f0f50b],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\esrv.mysearchdialESrvc, Mis en quarantaine, [67bb804d7ffcb87e942a00b012f0f50b],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.mysearchdialESrvc, Mis en quarantaine, [67bb804d7ffcb87e942a00b012f0f50b],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.mysearchdialESrvc.1, Mis en quarantaine, [67bb804d7ffcb87e942a00b012f0f50b],
PUP.Optional.Babylon.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, Mis en quarantaine, [081a4a83afccb383d46c78ff05fd857b],
PUP.Optional.Babylon.A, HKU\S-1-5-21-1632045711-2625259477-304083982-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}, Mis en quarantaine, [081a4a83afccb383d46c78ff05fd857b],
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-1632045711-2625259477-304083982-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, Mis en quarantaine, [58ca9e2f324960d6036d7007758dee12],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, Mis en quarantaine, [58ca9e2f324960d6036d7007758dee12],
PUP.Optional.Delta.A, HKU\S-1-5-21-1632045711-2625259477-304083982-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{82E1477C-B154-48D3-9891-33D83C26BCD3}, Mis en quarantaine, [1e046568dd9e76c0268c4d62e121659b],
PUP.Optional.Delta.A, HKU\S-1-5-21-1632045711-2625259477-304083982-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{82E1477C-B154-48D3-9891-33D83C26BCD3}, Mis en quarantaine, [1e046568dd9e76c0268c4d62e121659b],
PUP.Optional.Delta.A, HKU\S-1-5-21-1632045711-2625259477-304083982-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}, Mis en quarantaine, [63bf3a938bf079bd337e8d22b151659b],
PUP.Optional.Delta.A, HKU\S-1-5-21-1632045711-2625259477-304083982-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}, Mis en quarantaine, [63bf3a938bf079bd337e8d22b151659b],
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{55dce8ba-9dec-4013-937e-adbf9317d990}Gw64, Mis en quarantaine, [839fc508bcbf78bee52320d4e220a35d],
PUP.Optional.DealKeeper.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Deal Keeper, Mis en quarantaine, [6fb3339ad8a3db5b4f3caa4bfa0823dd],
PUP.Optional.DealKeeper.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util Deal Keeper, Mis en quarantaine, [6fb3339ad8a3db5b4f3caa4bfa0823dd],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Delta Chrome Toolbar, Mis en quarantaine, [0e1447862f4ca29489a3ff535ba98a76],
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{55dce8ba-9dec-4013-937e-adbf9317d990}w64, Mis en quarantaine, [9b8718b5ef8c3cfac8450252e321926e],
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\DataMngr, Mis en quarantaine, [53cf6b6217640531ac642bd6986bca36],
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\DataMngr, Mis en quarantaine, [42e01eaf82f9b68037d9b64b24dffe02],
PUP.Optional.DealKeeper.A, HKLM\SOFTWARE\WOW6432NODE\Deal Keeper, Mis en quarantaine, [45ddb6177cff5bdb86069f5669993ac6],
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, Mis en quarantaine, [b86addf00774ae88143b87cd0400f30d],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\supWPM, Mis en quarantaine, [bc661bb25526f73f678ea8451fe337c9],
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\sweet-pageSoftware, Mis en quarantaine, [8b97f0ddadceaf87d6e79fa9fa0ae11f],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\eooncjejnppfjjklapaamhcdmjbilmde, Mis en quarantaine, [0c1628a5225959dd57ddf044b74dd62a],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLCORE\mysearchdial, Mis en quarantaine, [27fb804d6912ec4a612b4ee55aaaf20e],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, Mis en quarantaine, [45dd795482f949ed7b79905d99695ba5],
PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ssd, Mis en quarantaine, [1012e5e8097247efa7d487710df526da],
PUP.Optional.FindRight.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update FindRight, Mis en quarantaine, [53cf12bb1962a88eb5f6e0399d6644bc],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-1632045711-2625259477-304083982-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Datamngr, Mis en quarantaine, [3de5e8e5ef8c75c15bb2a78d9e668d73],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-1632045711-2625259477-304083982-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr_Toolbar, Mis en quarantaine, [c55d22ab64176bcb0dffdb5960a445bb],
PUP.Optional.DealKeeper.A, HKU\S-1-5-21-1632045711-2625259477-304083982-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Deal Keeper, Mis en quarantaine, [e042329b38435bdbb0dde312fe046b95],
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-1632045711-2625259477-304083982-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\mysearchdial.com, Mis en quarantaine, [889ac805a7d411251e132c096a9a9c64],
PUP.Optional.WebSearches.A, HKU\S-1-5-21-1632045711-2625259477-304083982-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SupHpUISoft, Mis en quarantaine, [ed351faeee8d989e337fba35bf43f010],
PUP.Optional.Babylon.A, HKU\S-1-5-21-1632045711-2625259477-304083982-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BABSOLUTION\Updater, Mis en quarantaine, [869cd2fbcbb0082e41cfaa8bdd27c33d],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1632045711-2625259477-304083982-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Mis en quarantaine, [33ef3d9083f8a393fce04bd2a0630ff1],
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-1632045711-2625259477-304083982-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\mysearchdial, Mis en quarantaine, [56cc319c0f6c3bfb895cd662976d659b],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1632045711-2625259477-304083982-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Mis en quarantaine, [1e043d90cbb0f640a8881b199e6621df],
PUP.Optional.BProtector.A, HKU\S-1-5-21-1632045711-2625259477-304083982-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\bProtectSettings, Mis en quarantaine, [e83ae7e688f3d660b1ad350259ab33cd],
PUP.Optional.Softonic.A, HKU\S-1-5-21-1632045711-2625259477-304083982-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, Mis en quarantaine, [b171d0fdcfac11253ec0a26a20e37e82],
PUP.Optional.SystemSpeedup, HKU\S-1-5-21-1632045711-2625259477-304083982-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\ssd, Mis en quarantaine, [5cc6dbf29be070c6700a21d7a55d59a7],

Valeurs du Registre: 4
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, cor, Mis en quarantaine, [45dd795482f949ed7b79905d99695ba5]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1632045711-2625259477-304083982-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0V1D1S1R1D0V1O, Mis en quarantaine, [1e043d90cbb0f640a8881b199e6621df]
PUP.BProtector, HKU\S-1-5-21-1632045711-2625259477-304083982-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|bProtector Start Page, https://www.searchgol.com/?babsrc=HP_ss&mntrId=86417A79055020CC&affID=119357&tt=160913_c1&tsp=5014 Mis en quarantaine, [c062fecf3d3ee353888644f059ab41bf]
PUP.BProtector, HKU\S-1-5-21-1632045711-2625259477-304083982-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|bProtectorDefaultScope, {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, Mis en quarantaine, [cf53a627bbc02e088788300416eed52b]

Données du Registre: 4
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, https://www.google.com/webhp?gws_rd=ssl{searchTerms}, Bon: (www.google.com), Mauvais: (https://www.google.com/webhp?gws_rd=ssl{searchTerms}),Remplacé,[f42e9b323f3c1620185dc91ed03407f9]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, https://www.google.com/webhp?gws_rd=ssl{searchTerms}, Bon: (www.google.com), Mauvais: (https://www.google.com/webhp?gws_rd=ssl{searchTerms}),Remplacé,[63bf0dc0d4a7fb3b5ef77e5ec83c8d73]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, https://www.google.com/webhp?gws_rd=ssl{searchTerms}, Bon: (www.google.com), Mauvais: (https://www.google.com/webhp?gws_rd=ssl{searchTerms}),Remplacé,[e93946875328e452b1c430b75fa5a55b]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, https://www.google.com/webhp?gws_rd=ssl{searchTerms}, Bon: (www.google.com), Mauvais: (https://www.google.com/webhp?gws_rd=ssl{searchTerms}),Remplacé,[929002cbb8c378be2134e0fc778d28d8]

Dossiers: 19
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper, Supprimé-au-redémarrage, [6fb3339ad8a3db5b4f3caa4bfa0823dd],
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper\bin, Supprimé-au-redémarrage, [6fb3339ad8a3db5b4f3caa4bfa0823dd],
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper\bin\plugins, Mis en quarantaine, [6fb3339ad8a3db5b4f3caa4bfa0823dd],
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper\bin\TEMP, Mis en quarantaine, [6fb3339ad8a3db5b4f3caa4bfa0823dd],
PUP.Optional.Delta.A, C:\Users\Nora\AppData\Roaming\BabSolution\Shared, Mis en quarantaine, [0e1447862f4ca29489a3ff535ba98a76],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, Mis en quarantaine, [47dbb8159dde0f274293c613d52d837d],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, Mis en quarantaine, [47dbb8159dde0f274293c613d52d837d],
PUP.Optional.BabSolution.A, C:\Users\Nora\AppData\Roaming\BabSolution\CR, Mis en quarantaine, [fa281bb2453637ffe718ce0db64c2fd1],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, Mis en quarantaine, [75add2fb2d4e0036fd4b4f8dfd057090],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log, Mis en quarantaine, [75add2fb2d4e0036fd4b4f8dfd057090],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, Mis en quarantaine, [75add2fb2d4e0036fd4b4f8dfd057090],
PUP.Optional.SystemSpeedup, C:\Users\Nora\AppData\Roaming\systweak\ssd, Mis en quarantaine, [e53d7d503e3dd16530ba2ab24cb6d22e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector, Mis en quarantaine, [f23020ad3d3e45f17918f8eac53d8977],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\2.1.1000.13665, Mis en quarantaine, [f23020ad3d3e45f17918f8eac53d8977],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\signatures, Mis en quarantaine, [f23020ad3d3e45f17918f8eac53d8977],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\updates, Mis en quarantaine, [f23020ad3d3e45f17918f8eac53d8977],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Nora\AppData\Roaming\systweak\Advanced-System-Protector, Mis en quarantaine, [aa78c30a16651125048d19c95ea427d9],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Nora\AppData\Roaming\systweak\Advanced-System-Protector\2.1.1000.13665, Mis en quarantaine, [aa78c30a16651125048d19c95ea427d9],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Nora\AppData\Roaming\systweak\Advanced-System-Protector\Logs, Mis en quarantaine, [aa78c30a16651125048d19c95ea427d9],

Fichiers: 166
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, Mis en quarantaine, [988a1fae750616200cba1680818019e7],
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, Mis en quarantaine, [3ee44d8086f5b680af034f142dd4d828],
PUP.Optional.Delta.A, C:\ProgramData\DSearchLink\DSearchLink.exe, Mis en quarantaine, [29f9efde5a21a195fdb4c4d9fc08bf41],
Hacktool.Agent, d:\Downloads\wl2.1.3.rar, Mis en quarantaine, [a37ff0dd6b10a88ec37123347a87728e],
Hacktool.Agent, d:\\settings\wl2.1.3.rar, Mis en quarantaine, [aa78a22ba8d35cda062e7fd809f82ed2],
PUP.Optional.RegCleanerPro, C:\Windows\System32\Tasks\ASP, Mis en quarantaine, [0d152e9fa5d640f60db5935d10f24fb1],
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{55dce8ba-9dec-4013-937e-adbf9317d990}Gw64.sys, Mis en quarantaine, [839fc508bcbf78bee52320d4e220a35d],
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper\DealKeeper.ico, Mis en quarantaine, [6fb3339ad8a3db5b4f3caa4bfa0823dd],
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper\0, Mis en quarantaine, [6fb3339ad8a3db5b4f3caa4bfa0823dd],
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper\7za.exe, Mis en quarantaine, [6fb3339ad8a3db5b4f3caa4bfa0823dd],
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper\error, Mis en quarantaine, [6fb3339ad8a3db5b4f3caa4bfa0823dd],
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper\updateDealKeeper.exe, Supprimé-au-redémarrage, [6fb3339ad8a3db5b4f3caa4bfa0823dd],
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper\updateDealKeeper.InstallState, Mis en quarantaine, [6fb3339ad8a3db5b4f3caa4bfa0823dd],
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper\bin\55dce8ba9dec4013937e.dll, Mis en quarantaine, [6fb3339ad8a3db5b4f3caa4bfa0823dd],
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper\bin\7za.exe, Mis en quarantaine, [6fb3339ad8a3db5b4f3caa4bfa0823dd],
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper\bin\BrowserAdapter.7z, Mis en quarantaine, [6fb3339ad8a3db5b4f3caa4bfa0823dd],
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper\bin\BrowserAdapterS.7z, Mis en quarantaine, [6fb3339ad8a3db5b4f3caa4bfa0823dd],
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper\bin\DealKeeper.BrowserAdapter.exe, Mis en quarantaine, [6fb3339ad8a3db5b4f3caa4bfa0823dd],
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper\bin\DealKeeper.PurBrowse.zip, Mis en quarantaine, [6fb3339ad8a3db5b4f3caa4bfa0823dd],
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper\bin\DealKeeper.PurBrowseG.zip, Mis en quarantaine, [6fb3339ad8a3db5b4f3caa4bfa0823dd],
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper\bin\sqlite3.dll, Mis en quarantaine, [6fb3339ad8a3db5b4f3caa4bfa0823dd],
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper\bin\utilDealKeeper.exe, Supprimé-au-redémarrage, [6fb3339ad8a3db5b4f3caa4bfa0823dd],
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper\bin\utilDealKeeper.InstallState, Mis en quarantaine, [6fb3339ad8a3db5b4f3caa4bfa0823dd],
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper\bin\plugins\DealKeeper.Bromon.dll, Mis en quarantaine, [6fb3339ad8a3db5b4f3caa4bfa0823dd],
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper\bin\plugins\DealKeeper.BroStats.dll, Mis en quarantaine, [6fb3339ad8a3db5b4f3caa4bfa0823dd],
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper\bin\plugins\DealKeeper.BrowserAdapter.dll, Mis en quarantaine, [6fb3339ad8a3db5b4f3caa4bfa0823dd],
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper\bin\plugins\DealKeeper.BrowserAdapterS.dll, Mis en quarantaine, [6fb3339ad8a3db5b4f3caa4bfa0823dd],
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper\bin\plugins\DealKeeper.CompatibilityChecker.dll, Mis en quarantaine, [6fb3339ad8a3db5b4f3caa4bfa0823dd],
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper\bin\plugins\DealKeeper.FeSvc.dll, Mis en quarantaine, [6fb3339ad8a3db5b4f3caa4bfa0823dd],
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper\bin\plugins\DealKeeper.FFUpdate.dll, Mis en quarantaine, [6fb3339ad8a3db5b4f3caa4bfa0823dd],
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper\bin\plugins\DealKeeper.IEUpdate.dll, Mis en quarantaine, [6fb3339ad8a3db5b4f3caa4bfa0823dd],
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper\bin\plugins\DealKeeper.PurBrowse.dll, Mis en quarantaine, [6fb3339ad8a3db5b4f3caa4bfa0823dd],
PUP.Optional.DealKeeper.A, C:\Program Files (x86)\Deal Keeper\bin\plugins\DealKeeper.PurBrowseG.dll, Mis en quarantaine, [6fb3339ad8a3db5b4f3caa4bfa0823dd],
PUP.Optional.Boost.A, C:\Users\Nora\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.boostsaves.com_0.localstorage, Supprimé-au-redémarrage, [37eb02cb255642f41e0fb4422fd32ed2],
PUP.Optional.Boost.A, C:\Users\Nora\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.boostsaves.com_0.localstorage-journal, Supprimé-au-redémarrage, [170b01ccd4a79b9b7bb2a84ef90951af],
PUP.Optional.BitGuard.A, C:\Windows\System32\Tasks\BitGuard, Mis en quarantaine, [d0529d30fb800a2cee28d12a43bfae52],
PUP.Optional.Superfish.A, C:\Users\Nora\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, Supprimé-au-redémarrage, [3ee4ac213f3cc1752eb227deb74cd32d],
PUP.Optional.Superfish.A, C:\Users\Nora\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, Mis en quarantaine, [a87a04c9fc7f67cffae656afe320d62a],
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}.xpi, Mis en quarantaine, [859d755849323afc807953b940c3bd43],
PUP.Optional.BProtector.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\bProtector_extensions.sqlite, Mis en quarantaine, [62c0d1fcadce00364eb7f81b08fb06fa],
PUP.Optional.BProtector.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\bprotector_prefs.js, Mis en quarantaine, [0b17bb12304b91a5a363ee25f70c27d9],
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\q4d7twkw.default\searchplugins\Mysearchdial.xml, Mis en quarantaine, [39e9b419d1aa55e176281ef5b152f808],
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\searchplugins\Mysearchdial.xml, Mis en quarantaine, [26fc587543386dc92d716ba82bd80bf5],
PUP.Optional.BrowserDefender.A, C:\Users\Nora\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage, Mis en quarantaine, [f32f64692f4ca2942043ef48976deb15],
PUP.Optional.Delta.A, C:\Users\Nora\AppData\Roaming\BabSolution\Shared\Delta.ico, Mis en quarantaine, [0e1447862f4ca29489a3ff535ba98a76],
PUP.Optional.Delta.A, C:\Users\Nora\AppData\Roaming\BabSolution\Shared\BabMaint.exe, Mis en quarantaine, [0e1447862f4ca29489a3ff535ba98a76],
PUP.Optional.Delta.A, C:\Users\Nora\AppData\Roaming\BabSolution\Shared\BUSolution.dll, Mis en quarantaine, [0e1447862f4ca29489a3ff535ba98a76],
PUP.Optional.Delta.A, C:\Users\Nora\AppData\Roaming\BabSolution\Shared\chu.js, Mis en quarantaine, [0e1447862f4ca29489a3ff535ba98a76],
PUP.Optional.Delta.A, C:\Users\Nora\AppData\Roaming\BabSolution\Shared\GUninstaller.exe, Mis en quarantaine, [0e1447862f4ca29489a3ff535ba98a76],
PUP.Optional.Delta.A, C:\Users\Nora\AppData\Roaming\BabSolution\Shared\SetupParams.ini, Mis en quarantaine, [0e1447862f4ca29489a3ff535ba98a76],
PUP.Optional.Delta.A, C:\Users\Nora\AppData\Roaming\BabSolution\Shared\sqlite3.dll, Mis en quarantaine, [0e1447862f4ca29489a3ff535ba98a76],
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{55dce8ba-9dec-4013-937e-adbf9317d990}w64.sys, Mis en quarantaine, [9b8718b5ef8c3cfac8450252e321926e],
PUP.Optional.BabSolution.A, C:\Users\Nora\AppData\Roaming\BabSolution\CR\Delta.crx, Mis en quarantaine, [fa281bb2453637ffe718ce0db64c2fd1],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log\ProtectWindowsManager_2014-07-31[14-34-27-374].log, Mis en quarantaine, [75add2fb2d4e0036fd4b4f8dfd057090],
PUP.Optional.SystemSpeedup, C:\Users\Nora\AppData\Roaming\systweak\ssd\SSDPTstub.exe, Mis en quarantaine, [e53d7d503e3dd16530ba2ab24cb6d22e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\signatures\completedatabase.db, Mis en quarantaine, [f23020ad3d3e45f17918f8eac53d8977],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\signatures\Cookies.bin, Mis en quarantaine, [f23020ad3d3e45f17918f8eac53d8977],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\signatures\DigSign.bin, Mis en quarantaine, [f23020ad3d3e45f17918f8eac53d8977],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\signatures\FilePathFIX.bin, Mis en quarantaine, [f23020ad3d3e45f17918f8eac53d8977],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\signatures\FilePaths.bin, Mis en quarantaine, [f23020ad3d3e45f17918f8eac53d8977],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\signatures\FileSignature.bin, Mis en quarantaine, [f23020ad3d3e45f17918f8eac53d8977],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\signatures\Folders.bin, Mis en quarantaine, [f23020ad3d3e45f17918f8eac53d8977],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\signatures\Md5.bin, Mis en quarantaine, [f23020ad3d3e45f17918f8eac53d8977],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\signatures\Registry.bin, Mis en quarantaine, [f23020ad3d3e45f17918f8eac53d8977],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\signatures\SetupSign.bin, Mis en quarantaine, [f23020ad3d3e45f17918f8eac53d8977],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\signatures\StrSetupSign.bin, Mis en quarantaine, [f23020ad3d3e45f17918f8eac53d8977],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\updates\100oupdate.zip, Mis en quarantaine, [f23020ad3d3e45f17918f8eac53d8977],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\updates\1835completedatabase.zip, Mis en quarantaine, [f23020ad3d3e45f17918f8eac53d8977],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\updates\1926mupdate.zip, Mis en quarantaine, [f23020ad3d3e45f17918f8eac53d8977],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\updates\1927update.zip, Mis en quarantaine, [f23020ad3d3e45f17918f8eac53d8977],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\updates\1928update.zip, Mis en quarantaine, [f23020ad3d3e45f17918f8eac53d8977],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System-Protector\updates\1929update.zip, Mis en quarantaine, [f23020ad3d3e45f17918f8eac53d8977],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Nora\AppData\Roaming\systweak\Advanced-System-Protector\ASPStartupManagerErrorLog.txt, Mis en quarantaine, [aa78c30a16651125048d19c95ea427d9],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Nora\AppData\Roaming\systweak\Advanced-System-Protector\QDetail.db, Mis en quarantaine, [aa78c30a16651125048d19c95ea427d9],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Nora\AppData\Roaming\systweak\Advanced-System-Protector\Settings.db, Mis en quarantaine, [aa78c30a16651125048d19c95ea427d9],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Nora\AppData\Roaming\systweak\Advanced-System-Protector\Update.ini, Mis en quarantaine, [aa78c30a16651125048d19c95ea427d9],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Nora\AppData\Roaming\systweak\Advanced-System-Protector\2.1.1000.13665\ASPLog.txt, Mis en quarantaine, [aa78c30a16651125048d19c95ea427d9],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Nora\AppData\Roaming\systweak\Advanced-System-Protector\Logs\log_26-08-14_10-19-24.xml, Mis en quarantaine, [aa78c30a16651125048d19c95ea427d9],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Nora\AppData\Roaming\systweak\Advanced-System-Protector\Logs\SMLog.xml, Mis en quarantaine, [aa78c30a16651125048d19c95ea427d9],
PUP.Optional.SweetPage.A, C:\Users\Nora\AppData\Local\Google\Chrome\User Data\Default\Preferences, Bon: (), Mauvais: ( "startup_urls": [ "http://delta-searches.com/?type=hp&ts=1406810056&from=cor&uid=ST9500420AS_5VJE7FQ3XXXX5VJE7FQ3" ],), Remplacé,[76ac05c89dde2115a0585ebb4eb7e41c]
PUP.Optional.MySearch.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\q4d7twkw.default\user.js, Bon: (), Mauvais: (user_pref("extensions.irmysearch.aflt", "dsites0202");), Remplacé,[8c965a7391ea41f5c41f68b0da2b8c74]
PUP.Optional.MySearch.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\q4d7twkw.default\user.js, Bon: (), Mauvais: (user_pref("extensions.irmysearch.instlRef", "0211_a");), Remplacé,[32f0f4d9700b86b07b6837e1d82d31cf]
PUP.Optional.MySearch.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\q4d7twkw.default\user.js, Bon: (), Mauvais: (user_pref("extensions.irmysearch.cr", "2034875082");), Remplacé,[220028a55e1d63d317cc21f7e4216f91]
PUP.Optional.MySearch.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\q4d7twkw.default\user.js, Bon: (), Mauvais: (user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzuyB0AyBzytDyDyDtDtBtD0C0CtB0EtA0EtN0D0Tzu0SyBzzyEtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDtBtCtC1V1TtN1L1G1B1V1N2Y1L1Qzu2StB0Azy0BtA0AzzzztG0E0E0FyEtGtBtDyDzytGtBtB0F0AtGtCtC0F0FyB0Bzz0E0C0CyE0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtByB0EtCyC0E0CtG0CyByCzytGtA0FtAzytGtA0ByBzztGyD0CyDtBzy0EtBtB0EzzzzyD2Q");), Remplacé,[81a16a635c1f2016885b6bade52057a9]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\q4d7twkw.default\user.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.hmpg", true);), Remplacé,[cc56f9d4334857df3faddd3b55b0de22]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\q4d7twkw.default\user.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.hmpgUrl", "http://start.mysearchdial.com/...");), Remplacé,[6bb706c76318dd59985453c5e71e9967]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\q4d7twkw.default\user.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.dfltSrch", true);), Remplacé,[62c01eafb6c5d264cd1f51c718edbe42]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\q4d7twkw.default\user.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");), Remplacé,[9d85f4d9552690a68567f32535d0a957]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\q4d7twkw.default\user.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.dnsErr", true);), Remplacé,[61c1c10cb8c39a9cfaf2d93ff70ee61a]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\q4d7twkw.default\user.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial_i.newTab", false);), Remplacé,[82a038954338fc3ac5278098e2238c74]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\q4d7twkw.default\user.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.newTabUrl", "http://start.mysearchdial.com/...");), Remplacé,[67bb7a53314a9c9a49a360b824e118e8]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\q4d7twkw.default\user.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.tlbrSrchUrl", "http://start.mysearchdial.com/...");), Remplacé,[27fb507dd4a7b0867775d444ca3ba65a]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\q4d7twkw.default\user.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.id", "7A79055020CC2E3E");), Remplacé,[ba68e7e6b5c6dd59aa42cb4db550d828]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\q4d7twkw.default\user.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.instlDay", "16123");), Remplacé,[cb57507d3a41c571737953c5ae57e31d]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\q4d7twkw.default\user.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.vrsn", "1.8.29.0");), Remplacé,[64be20adbac1d26487657b9df1142fd1]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\q4d7twkw.default\user.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.vrsni", "1.8.29.0");), Remplacé,[ac76e0ed52290c2a12da031545c032ce]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\q4d7twkw.default\user.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.29.014:33:1");), Remplacé,[9d857558ec8ff145bf2d9a7e51b4c43c]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\q4d7twkw.default\user.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");), Remplacé,[be64cffe166582b4e5076eaaa95c9070]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\q4d7twkw.default\user.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.prdct", "mysearchdial");), Remplacé,[849e9c31b1ca10263cb078a0b84da55b]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\q4d7twkw.default\user.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.aflt", "dsites0202");), Remplacé,[51d1319c6a112d09905c0e0a9372d22e]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\q4d7twkw.default\user.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial_i.smplGrp", "none");), Remplacé,[7fa35d70c2b933032dbf91876c9955ab]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\q4d7twkw.default\user.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.tlbrId", "base");), Remplacé,[49d914b9c6b551e567856dabf411ed13]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\q4d7twkw.default\user.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.instlRef", "0211_a");), Remplacé,[c45e2e9f13688fa730bc35e319ec36ca]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\q4d7twkw.default\user.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.dfltLng", "");), Remplacé,[e141399486f53afc8369d5430500c33d]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\q4d7twkw.default\user.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");), Remplacé,[a2804c81cdae3afcb3398098b055837d]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\q4d7twkw.default\user.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.excTlbr", false);), Remplacé,[48dab21bec8ff83ec22a7e9abe4747b9]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\q4d7twkw.default\user.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial_i.hmpg", true);), Remplacé,[3ae8efde99e259dd9e4ed741877eb34d]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\q4d7twkw.default\user.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.cr", "2034875082");), Remplacé,[ae7423aa6b10a096e705ae6af3120ef2]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\q4d7twkw.default\user.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzuyB0AyBzytDyDyDtDtBtD0C0CtB0EtA0EtN0D0Tzu0SyBzzyEtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDtBtCtC1V1TtN1L1G1B1V1N2Y1L1Qzu2StB0Azy0BtA0AzzzztG0E0E0FyEtGtBtDyDzytGtBtB0F0AtGtCtC0F0FyB0Bzz0E0C0CyE0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtByB0EtCyC0E0CtG0CyByCzytGtA0FtAzytGtA0ByBzztGyD0CyDtBzy0EtBtB0EzzzzyD2Q");), Remplacé,[cd551fae2655ac8a3daf2fe922e3ff01]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\q4d7twkw.default\user.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.AL", 2);), Remplacé,[1b0712bb1a612313be2e05138580f808]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.AL", 2);), Remplacé,[111154796c0feb4b16d535e3877ea65a]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.aflt", "dsites0202");), Remplacé,[e43e25a8fc7f1e181ccf23f5f213f907]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");), Remplacé,[d05266671368df573bb03bddab5a0ff1]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzuyB0AyBzytDyDyDtDtBtD0C0CtB0EtA0EtN0D0Tzu0SyBzzyEtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDtBtCtC1V1TtN1L1G1B1V1N2Y1L1Qzu2StB0Azy0BtA0AzzzztG0E0E0FyEtGtBtDyDzytGtBtB0F0AtGtCtC0F0FyB0Bzz0E0C0CyE0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtByB0EtCyC0E0CtG0CyByCzytGtA0FtAzytGtA0ByBzztGyD0CyDtBzy0EtBtB0EzzzzyD2Q");), Remplacé,[4bd7a32a0279033346a55dbb1fe67090]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.cntry", "FR");), Remplacé,[879bdfee1764e0569c4f3ade04013ec2]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.cr", "2034875082");), Remplacé,[de44656879022f07a5462bed020360a0]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.dfltLng", "");), Remplacé,[1a08ebe2e59638fe638887917293669a]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.dfltSrch", true);), Remplacé,[fd2528a56d0e7db9f1fa1503a164c53b]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.dnsErr", true);), Remplacé,[f929c508fa813105717a44d420e5fe02]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497,426401714,3046281807,752626116,1657571787,3224935090,2597085128,1828564131,3396905322,2787570089,1850357963,3855095921,1516386922,3836221436,2015489896,270173904,3729539987,424611005,965674394,609003582,2041931190,3874294282,2774755777,931959409,398575749,3999997753,1104451911,1233863968,4280856088,1554076246,1949401179,1770772786,3253391265,3778438159,1649478750,2848156272,2476712966,3103989719,475488147,1715867073,3594694113,3774606882,4036647035,1593922001,4110151693,2941033654,3206511613");), Remplacé,[160c5f6e413a3ef8ca21001855b0fb05]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.excTlbr", false);), Remplacé,[0d15438af487ad8915d67c9c04016b95]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.hdrMd5", "8B3AFCF457E2ACAC0AD08C9603BF1C87");), Remplacé,[889a5f6e4f2c50e67c6f74a4699c54ac]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.hmpg", true);), Remplacé,[f42ed7f6502b47ef41aa7d9b8283817f]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.hmpgUrl", "http://start.mysearchdial.com/...");), Remplacé,[c2609b32710abb7b8b60160210f512ee]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.id", "7A79055020CC2E3E");), Remplacé,[0a18d0fdbcbf35016e7d66b2f80d11ef]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.instlDay", "16123");), Remplacé,[f62c4d80cfacd85ea34830e8788d6f91]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.instlRef", "0211_a");), Remplacé,[f1315d7095e685b115d6c75140c51fe1]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.lastB", "http://start.mysearchdial.com/...");), Remplacé,[8d9549844c2fad89fdeed147a26342be]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.lastVrsnTs", "1.8.29.014:33:1");), Remplacé,[ec36d1fc4e2de452d21947d1ce3748b8]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.newTabUrl", "http://start.mysearchdial.com/...");), Remplacé,[022009c40d6ece6810dbb860f90cab55]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.pnu_base", "{\"newVrsn\":\"90\",\"lastVrsn\":\"90\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"false\",\"msgTs\":0,\"lstMsgTs\":\"0\"}");), Remplacé,[051dcd00483349ed1ad1c2569e67fc04]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.prdct", "mysearchdial");), Remplacé,[0f136e5f007b92a4509bb761a65ffa06]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");), Remplacé,[d052b11cd5a60b2b3ab1c652fa0b6898]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.sg", "none");), Remplacé,[66bce5e8d5a69a9ccd1e57c119ecab55]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");), Remplacé,[b9691db0e49756e043a837e10cf9f010]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.tlbrId", "base");), Remplacé,[7aa80cc1b2c99c9a1fccbd5bfd0822de]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.tlbrSrchUrl", "http://start.mysearchdial.com/...");), Remplacé,[6fb32ba26d0ea98deffc46d2699c38c8]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.vrsn", "1.8.29.0");), Remplacé,[78aae6e77efd73c3d714fd1b0cf9de22]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial.vrsni", "1.8.29.0");), Remplacé,[150dffce6417979f1bd0fa1e2dd88e72]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial_i.hmpg", true);), Remplacé,[53cf9e2fdaa1b68027c44dcb897c09f7]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial_i.newTab", false);), Remplacé,[50d29d3079023bfb7c6f17010ff6da26]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial_i.smplGrp", "none");), Remplacé,[5bc77558b1ca54e2db1055c308fd32ce]
PUP.Optional.MySearchDial.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.29.014:33:1");), Remplacé,[30f2eedf3447231348a39484b253af51]
PUP.Optional.Delta.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.delta.admin", false);), Remplacé,[e240ede07cfff83e2ad112065ea7758b]
PUP.Optional.Delta.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.delta.aflt", "babsst");), Remplacé,[9f834a8391eafc3a9d5e051361a450b0]
PUP.Optional.Delta.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");), Remplacé,[c65c1cb1d7a4cb6b9566ff19e71e36ca]
PUP.Optional.Delta.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.delta.autoRvrt", "false");), Remplacé,[3ae84e7ff487bf7747b49e7a9d684cb4]
PUP.Optional.Delta.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.delta.dfltLng", "fr");), Remplacé,[d84a636ade9d49ed3ebd7e9aaa5be61a]
PUP.Optional.Delta.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.delta.excTlbr", false);), Remplacé,[0f138845601b6bcb897272a6897cb64a]
PUP.Optional.Delta.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.delta.ffxUnstlRst", true);), Remplacé,[190997367605181e00fbfa1e6a9b48b8]
PUP.Optional.Delta.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.delta.id", "86412e3e0000000000007a79055020cc");), Remplacé,[f72b804d314a91a5a853df394abb02fe]
PUP.Optional.Delta.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.delta.instlDay", "15971");), Remplacé,[dc46af1e106b73c3c03b011761a46c94]
PUP.Optional.Delta.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.delta.instlRef", "sst");), Remplacé,[ce54e2eb3546c96d48b3c94f1fe6cf31]
PUP.Optional.Delta.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.delta.newTab", false);), Remplacé,[61c17a53fd7ef640d02b898fa85dc13f]
PUP.Optional.Delta.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.delta.prdct", "delta");), Remplacé,[4fd315b8314a73c3fdfe4dcbf510e51b]
PUP.Optional.Delta.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.delta.prtnrId", "delta");), Remplacé,[839fe9e4ed8eb383db2074a48580b24e]
PUP.Optional.Delta.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.delta.rvrt", "false");), Remplacé,[fd254588205bd5610fece038b3521de3]
PUP.Optional.Delta.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.delta.smplGrp", "none");), Remplacé,[e04205c832492511fefdcd4bf510e31d]
PUP.Optional.Delta.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.delta.tlbrId", "base");), Remplacé,[33ef4984047788aedb20f325a75e9769]
PUP.Optional.Delta.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.delta.tlbrSrchUrl", "");), Remplacé,[dd45a7265229a5911be0fe1aea1bf50b]
PUP.Optional.Delta.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.delta.vrsn", "1.8.24.6");), Remplacé,[f52d8e3f3249f541986362b69e679b65]
PUP.Optional.Delta.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.delta.vrsnTs", "1.8.24.611:07:04");), Remplacé,[2cf65e6fadce50e6d724bd5b49bcfb05]
PUP.Optional.Delta.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.delta.vrsni", "1.8.24.6");), Remplacé,[8a986a63fb80e155718a8e8a15f0629e]
PUP.Optional.Delta.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.delta_i.babExt", "");), Remplacé,[5bc755784a3194a2a2595bbd3cc95ea2]
PUP.Optional.Delta.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.delta_i.babTrack", "affID=119357&tt=160913_c1&tsp=5014");), Remplacé,[57cb56777dfea39337c407115da8f709]
PUP.Optional.Delta.A, C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js, Bon: (), Mauvais: (user_pref("extensions.delta_i.srcExt", "ss");), Remplacé,[bc66606d1e5d67cffffc41d7d82d07f9]

Secteurs physiques: 0
(No malicious items detected)


(end)



Merci!
0
Réponse 7 / 11
Utilisateur anonyme
31 août 2014 à 22:13
Re

Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.
Lance le, clique sur [Scanner] puis patiente le temps du scan.
Une fois le scan terminé clique sur le bouton [Nettoyer]
Patiente durant le nettoyage. Lis le message qui apparaît, puis clique sur Ok . Le PC va être redémarré automatiquement et le rapport s'ouvrira à la fin du redémarrage.
Poste le rapport

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt

A lire :
Les programmes potentiellement indésirables :
https://www.malekal.com/adwares-pup-protection/

Les toolbars, c'est pas obligatoire ( par Malekal ) :https://forum.malekal.com/viewtopic.php?t=6173&start=


@+
0
Réponse 8 / 11
Mam42 Messages postés 6 Date d'inscription dimanche 31 août 2014 Statut Membre Dernière intervention 1 septembre 2014
31 août 2014 à 22:47
Re


# AdwCleaner v3.308 - Report created 31/08/2014 at 22:42:23
# Updated 20/08/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Nora - NORA-PC
# Running from : D:\Bureau\adwcleaner_3.308.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\DSearchLink
Folder Deleted : C:\ProgramData\Systweak
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Video Converter
Folder Deleted : C:\Program Files (x86)\FindRight
Folder Deleted : C:\Program Files (x86)\Free Video Converter
Folder Deleted : C:\Windows\SysWOW64\BitGuard
Folder Deleted : C:\Users\Nora\AppData\Roaming\BabSolution
Folder Deleted : C:\Users\Nora\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Nora\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Nora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Folder Deleted : C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\q4d7twkw.default\Extensions\staged\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
File Deleted : C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\invalidprefs.js
File Deleted : C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\searchplugins\Search_Results.xml
File Deleted : C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\q4d7twkw.default\user.js

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\DealKeeper_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\DealKeeper_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FindRight_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FindRight_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateDealKeeper_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateDealKeeper_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateFindRight_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateFindRight_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilFindRight_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilFindRight_RASMANCS
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKCU\Software\530dad8b669ef14
Key Deleted : HKLM\SOFTWARE\530dad8b669ef14
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_xnview_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_xnview_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}
Key Deleted : HKCU\Software\BABSOLUTION
Key Deleted : HKCU\Software\ClickConnect
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\systweak
Key Deleted : HKLM\SOFTWARE\Delta
Key Deleted : HKLM\SOFTWARE\InstallCore
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Trymedia Systems
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17239


-\\ Mozilla Firefox v30.0 (fr)

[ File : C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\q4d7twkw.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename", "Mysearchdial");

[ File : C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\qwaoyfff.default\prefs.js ]

Line Deleted : user_pref("extensions.irmysearch.aflt", "dsites0202");
Line Deleted : user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzuyB0AyBzytDyDyDtDtBtD0C0CtB0EtA0EtN0D0Tzu0SyBzzyEtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDtBtCtC1V1TtN1L1G1B1V1N2Y1L1Qzu2StB0Azy0BtA0AzzzztG0E0E0FyEtGtBt[...]
Line Deleted : user_pref("extensions.irmysearch.cr", "2034875082");
Line Deleted : user_pref("extensions.irmysearch.instlRef", "0211_a");
Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", true);

-\\ Google Chrome v

[ File : C:\Users\Nora\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss&mntrId=86417A79055020CC&affID=119357&tt=160913_c1&tsp=5014
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites0202&cd=2XzuyEtN2Y1L1QzuyB0AyBzytDyDyDtDtBtD0C0CtB0EtA0EtN0D0Tzu0SyBzzyEtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDtBtCtC1V1TtN1L1G1B1V1N2Y1L1Qzu2StB0Azy0BtA0AzzzztG0E0E0FyEtGtBtDyDzytGtBtB0F0AtGtCtC0F0FyB0Bzz0E0C0CyE0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtByB0EtCyC0E0CtG0CyByCzytGtA0FtAzytGtA0ByBzztGyD0CyDtBzy0EtBtB0EzzzzyD2Q&cr=2034875082&ir=
Deleted [Startup_urls] : hxxp://www.sweet-page.com/?type=hp&ts=1406810056&from=cor&uid=ST9500420AS_5VJE7FQ3XXXX5VJE7FQ3

*************************

AdwCleaner[R0].txt - [7337 octets] - [31/08/2014 22:38:08]
AdwCleaner[S0].txt - [7747 octets] - [31/08/2014 22:42:23]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7807 octets] ##########
0
Réponse 9 / 11
Utilisateur anonyme
31 août 2014 à 23:06
Re

On nettoie et finalise.

1) tu vides la quarabntaine de Malwaresbytes

2)Télécharge DelFix de Xplode

Lance le.
Tu as 5 choix :

Réactiver l'UAC
Supprimer les outils de désinfection (cocher par défaut)
Effectuer une sauvegarde du registre
Purger la restauration de système
Réinitialisation des paramètres usine

Tu coches ceux qui sont en gras ci-dessus
et tu exécutes
Le rapport se trouve ici généralement
C:\DelFix.txt



Le reste de la sécurité : http://forum.malekal.com/comment-securiser-son-ordinateur.html

@+
0
Réponse 10 / 11
Mam42 Messages postés 6 Date d'inscription dimanche 31 août 2014 Statut Membre Dernière intervention 1 septembre 2014
1 sept. 2014 à 20:46
Voici le dernier rapport :
# DelFix v10.8 - Logfile created 01/09/2014 at 20:43:39
# Updated 29/07/2014 by Xplode
# Username : Nora - NORA-PC
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\USBFix
Deleted : C:\AdwCleaner
Deleted : d:\Bureau\adwcleaner_3.308.exe
Deleted : d:\Bureau\UsbFix.lnk
Deleted : d:\Bureau\UsbFix_Report.txt
Deleted : HKCU\Software\USBFix
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\USBFix

########## - EOF - ##########


C'est fini? =)

En tout cas milles merci!! Tu viens juste de sauver ma soutenance de mémoire.
0
Réponse 11 / 11
Utilisateur anonyme
2 sept. 2014 à 06:29
Bonjour

Je te propose donc de mettre ce sujet en résolu

@+
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse