Actualité informatique
Test comparatif matériel informatique
Jeux vidéo
Astuces informatique
Vidéo
Télécharger
Services en ligne
Forum informatique
01Business

|-  SECURITE


|||-  

Trojan.VB.Downloader.Gen [Résolu]

 

bernard53, 2 utilisateurs anonymes et 45 utilisateurs inconnus
Ajouter une réponse
 

 
Page photos
 
     
Vider la liste des messages à citer
 
 Page :
1
Auteur
 Sujet :

Trojan.VB.Downloader.Gen [Résolu]

Prévenir les modérateurs en cas d'abus 
kirikou123
kirikou123
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 27/05/2013 à 19:40:11  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonsoir,
 les amis me voila embetté avec un vis de type : Trojan.VB.Downloader.Gen
 Votre aide me serait bien utile
 Cdt kirikou123.  :pleure:


Profil : Equipe sécurité
did80
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés) Helpeur confirmé
  1. Posté le 27/05/2013 à 19:49:46  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello: kirikou123

 fais ceci

 Scan du PC et recherche des infections.

 * Télécharge OTL sur ton Bureau.

 * Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

 * Fait un double-clic sur l'icône d'OTL pour le lancer.
 (Vista/Seven faire un clic-droit sur l'icône d'OTL et choisir "Exécuter en tant qu'administrateur" )

 * Quand l'interface d'OTL apparaîtra, assure toi que dans la section "Rapport" (en haut à droite) que la case "Rapport minimal" soit cochée.

 * Copies et colles le contenu de la citation ci-dessous dans le cadre se nommant "Personnalisation" :
 



 
 netsvcs
 msconfig
 activex
 drivers32
 %systemroot%\*. /mp /s
 %systemroot%\system32\*.dll /lockedfiles
 %systemroot%\system32\drivers\​*.sys /lockedfiles
 %systemroot%\Tasks\*.job /lockedfiles
 %alluserprofile%\application data\*.
 %alluserprofile%\application data\*.exe /s
 %appdata%\*.
 %appdata%\*.exe /s
 %systemdrive%\*.
 %systemdrive%\*.exe
 %programfiles%\*.
 /md5start
 explorer.exe
 userinit.exe
 winlogon.exe
 eventlog.dll
 netlogon.dll
 nvrd32.sys
 /md5stop
 savembr:0
 createrestorepoint
 



 * Cliques sur le bouton "Analyse" (en haut à gauche).

 * Laisse le scan aller jusqu'à son terme sans te servir du PC.

 * A la fin du scan un ou deux rapports vont s'ouvrir : "OTL.Txt" et "Extras.Txt"(dans certains cas).

 Nota : Les rapports sont également présents sur le Bureau et sauvegardés dans le dossier 'C:\_OTL'.

 Hébergement des rapports.

 1 - Connecte toi ici --> Cjoint.com

 2 - Clique sur le bouton Parcourir... et recherche dans l'arborescence ton premier rapport 'OTL.txt' sur le Bureau et sélectionne le.

 3 - Clique ensuite sur le bouton Créer le lien Cjoint et patiente quelques secondes afin d'obtenir le lien de partage que tu devras

 me transmettre après avoir effectué un clic droit dessus > Copier le raccourci. Celui-ci ressemblera à ceci : http://cjoint.com/?BHpjGhPqPRB

 * Effectue les même étapes pour le rapport 'Extras.txt'.

 ;)


---------------
l'urgent est fait , l'impossible est en cours
pour les miracles prévoir des délais
(Publicité)
kirikou123
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 27/05/2013 à 20:36:27  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Merci de t'occuper de moi
 il scanne en ce moment.
 juste pour info je fais cela distance pour mon frère qui est nul en informatique est-ce que cela n'a aucune incidence?  

kirikou123
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 27/05/2013 à 20:59:41  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
voici le lien otl :http://cjoint.com/?CEBw1KNWSN​G

 voici le lien extra :http://cjoint.com/?CEBw6DLCLE​Z
 merci beaucoup.

Profil : Equipe sécurité
did80
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés) Helpeur confirmé
  1. Posté le 28/05/2013 à 09:42:27  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello: kirikou123

 fais ceci

 
 Ferme toutes les fenêtres actives sur ton PC

 Relance OTL > Clic droit dessus > "Exécuter en tant qu'Administrateur".

 vérifie que la case "Rapport minimal" soit bien cochée.

 Copie et colle le contenu de cette citation (en bleu ) dans la fenêtre "Personnalisation:
 

 :otl

 O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA​6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEng​ine.dll (Conduit Ltd.)    => Conduit Ltd. - Conduit Toolbar
 O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395​D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)    => Toolbar.Agent
 O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA​6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEng​ine.dll (Conduit Ltd.)    => Conduit Ltd. - Conduit Toolbar
 O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0E91EFA2-AF48-4333-9965-5DD29​DE31B56} - No CLSID value found.    => FileServe Toolbar
 [2013/05/27 20:28:10 | 000,000,000 | ---D | C] -- C:\Users\lazur\AppData\Roaming​\Microsoft\Windows\Start Menu\Programs\Wajam    => Toolbar.Wajam
 [2013/05/27 20:28:08 | 000,000,000 | ---D | C] -- C:\Users\lazur\AppData\Local\W​ajam    => Toolbar.Wajam
 [2013/05/27 20:27:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wajam    => Toolbar.Wajam
 [2012/07/24 10:11:04 | 000,000,000 | ---D | M] -- C:\Users\lazur\AppData\Roaming​\eType    => Toolbar.eType
 [2011/08/27 19:55:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ConduitEngine    => Toolbar.Conduit
 [2012/10/19 17:04:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Hotspot Shield    => Toolbar.Conduit
 [2013/05/27 20:29:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Wajam    => Toolbar.Wajam
 SRV - (WajamUpdater) -- C:\Program Files (x86)\Wajam\Updater\WajamUpdat​er.exe (Wajam)    => Toolbar.Agent
 IE - HKLM\..\SearchScopes\{afdbddaa​-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/Resu [...] =CT2548838    => Toolbar.Conduit
 IE - HKCU\..\URLSearchHook: {6ec85fcf-87ad-41d7-ae1f-f116f​8ad4848} - No CLSID value found    => Avanquest FR Toolbar
 IE - HKCU\..\URLSearchHook: {8e5025c2-8ea3-430d-80b8-a1415​1068a6d} - No CLSID value found    => Toolbar.01NET.com
 IE - HKCU\..\URLSearchHook: {d7f26d0e-9801-45c3-a091-8a65e​4ed73b5} - No CLSID value found    => Toolbar.Conduit
 [2012/11/09 19:11:47 | 000,002,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_R​esults.xml    => Toolbar.SearchResults
 PRC - C:\Program Files\Web Assistant\ExtensionUpdaterServ​ice.exe ()    
 PRC - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.ex​e (Discordia, LTD)    
 SRV - (Web Assistant Updater) -- C:\Program Files\Web Assistant\ExtensionUpdaterServ​ice.exe ()    
 IE - HKLM\..\SearchScopes,DefaultSc​ope = {9BB47C17-9C68-4BB3-B188-DD9AF​0FD2406}    
 IE - HKLM\..\SearchScopes\{9BB47C17​-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/ [...] archTerms}    
 IE - HKLM\..\SearchScopes,DefaultSc​ope = {9BB47C17-9C68-4BB3-B188-DD9AF​0FD2406}    
 IE - HKLM\..\SearchScopes\{8A96AF9E​-4074-43b7-BEA3-87217BDA7406}: "URL" = http://www.searchqu.com/web?sr [...] archTerms}    
 IE - HKLM\..\SearchScopes\{9BB47C17​-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/ [...] archTerms}    
 IE - HKLM\..\SearchScopes\{EEE6C360​-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/sear [...] archTerms}    
 IE - HKCU\..\SearchScopes,DefaultSc​ope = {8A96AF9E-4074-43b7-BEA3-87217​BDA7406}    
 IE - HKCU\..\SearchScopes\{0ECDF796​-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={ [...] 262d40d610    
 IE - HKCU\..\SearchScopes\{57F6EA5C​-F7E1-4A42-B131-418FFD1024E1}: "URL" = http://websearch.ask.com/custo [...] tid=OSJ000
 IE - HKCU\..\SearchScopes\{5AA2BA46​-9913-4DC7-9620-69AB0FA17AE7}: "URL" = http://search.alot.com/web?q={ [...] .5.20000.3    
 IE - HKCU\..\SearchScopes\{8A96AF9E​-4074-43b7-BEA3-87217BDA7406}: "URL" = http://www.searchqu.com/web?sr [...] archTerms}    
 IE - HKCU\..\SearchScopes\{A531D99C​-5A22-449b-83DA-872725C6D0ED}: "URL" = http://search.alot.com/web?q={searchTerms}    
 FF - prefs.js..browser.search.defau​ltenginename: "Speedbit Search"
 FF - prefs.js..browser.search.defau​lturl: "http://go.speedbit.com/search​.aspx?s=D45b&q="
 FF - prefs.js..browser.search.order​.1: "Speedbit Search"
 FF - prefs.js..keyword.URL: "http://go.speedbit.com/search​.aspx?s=D45b&q="
 FF - prefs.js..browser.startup.home​page: "http://www.searchqu.com/406"
 64bit-FF - HKEY_LOCAL_MACHINE\software\mo​zilla\Firefox\Extensions\\{336​D0C35-8A85-403a-B9D2-65C292C39​087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX    
 FF - HKEY_LOCAL_MACHINE\software\mo​zilla\Firefox\Extensions\\offe​rboxffx@offerbox.com: C:\Program Files (x86)\OfferBox\offerboxffx@off​erbox.com    
 FF - HKEY_LOCAL_MACHINE\software\mo​zilla\Firefox\Extensions\\{336​D0C35-8A85-403a-B9D2-65C292C39​087}: C:\Program Files\Web Assistant\Firefox    
 FF - HKEY_CURRENT_USER\software\moz​illa\Firefox\Extensions\\{5a95​a9e0-59dd-4314-bd84-4d18ca83a0​e2}: C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-​59dd-4314-bd84-4d18ca83a0e2}.x​pi [2013/05/02 21:21:44 | 000,037,909 | ---- | M] ()    
 [2012/11/09 19:11:47 | 000,002,683 | ---- | M] () -- C:\Users\lazur\AppData\Roaming​\mozilla\firefox\profiles\jdq5​s30c.default\searchplugins\Sea​rch_Results.xml
 [2013/04/05 22:40:00 | 000,002,530 | ---- | M] () -- C:\Users\lazur\AppData\Roaming​\mozilla\firefox\profiles\jdq5​s30c.default\searchplugins\spe​edbit.xml
 [2013/05/02 21:21:44 | 000,037,909 | ---- | M] () (No name found) -- C:\PROGRAM FILES (X86)\WAJAM\FIREFOX\{5A95A9E0-​59DD-4314-BD84-4D18CA83A0E2}.X​PI
 [2012/06/07 11:04:51 | 000,002,352 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.​xml    
 O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C29​2C39087} - C:\Program Files\Web Assistant\Extension64.dll ()    
 O2 - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF98​9AF1115} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\IEBHO.dll (Discordia, LTD)    
 O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C29​2C39087} - C:\Program Files\Web Assistant\Extension32.dll ()    
 O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955​acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\searchqudtx.dl​l ()    
 O2 - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF98​9AF1115} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Discordia, LTD)    
 O2 - BHO: (OfferBox) - {FC0D62C2-9640-4AEB-A5D5-CF25D​F11FA8C} - C:\Program Files (x86)\OfferBox\OfferBoxBHO.dll (Secure Digital Services Limited)    
 O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4​151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC)    
 O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
 O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955​acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\searchqudtx.dl​l ()    
 O4 - HKLM\..\Run: [DATAMNGR] C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.ex​e (Discordia, LTD)    
 [6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 [1 C:\*.tmp files -> C:\*.tmp -> ]
 [2013/05/27 20:29:34 | 000,000,000 | ---- | M] () -- C:\END    
 [2011/08/05 11:16:52 | 000,000,000 | ---D | M] -- C:\Users\lazur\AppData\Roaming​\FREEzeFrog    
 [2013/03/29 19:28:19 | 000,000,000 | ---D | M] -- C:\Users\lazur\AppData\Roaming​\moovida-1    
 [2012/05/09 17:10:34 | 000,000,000 | ---D | M] -- C:\Users\lazur\AppData\Roaming​\Nosibay    
 [2011/10/26 15:46:50 | 000,000,000 | ---D | M] -- C:\Users\lazur\AppData\Roaming​\OfferBox    
 [2011/04/20 15:33:41 | 000,000,000 | ---D | M] -- C:\Users\lazur\AppData\Roaming​\widestream    
 [2011/12/11 10:43:00 | 000,281,960 | ---- | M] (DSNR Labs) -- C:\Users\lazur\AppData\Roaming​\eType\eTypeUninstall.exe
 [2011/04/24 16:40:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Fluendo    
 [2011/08/05 11:16:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\FREEzeFrog    
 [2012/05/09 17:09:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Iminent    
 [2012/04/29 22:39:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Nosibay    
 [2011/11/01 19:43:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\OfferBox    
 [2012/11/09 18:16:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Software
 [2011/05/21 14:21:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows iLivid Toolbar    
 [2011/08/05 11:30:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Yontoo Layers Runtime


 :files

 C:\Program Files (x86)\ConduitEngine\ConduitEng​ine.dll
 C:\Program Files (x86)\Wajam\IE\priam_bho.dll
 C:\Users\lazur\AppData\Local\W​ajam
 C:\Program Files (x86)\Wajam
 C:\Users\lazur\AppData\Roaming​\eType
 C:\Program Files (x86)\ConduitEngine
 C:\Program Files (x86)\mozilla firefox\searchplugins\Search_R​esults.xml
 C:\Program Files\Web Assistant\ExtensionUpdaterServ​ice.exe
 C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.ex​e
 C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
 :\Program Files (x86)\OfferBox\offerboxffx@off​erbox.com
 C:\Program Files\Web Assistant\Firefox
 C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-​59dd-4314-bd84-4d18ca83a0e2}.x​pi
 C:\Users\lazur\AppData\Roaming​\mozilla\firefox\profiles\jdq5​s30c.default\searchplugins\Sea​rch_Results.xml
 C:\Users\lazur\AppData\Roaming​\mozilla\firefox\profiles\jdq5​s30c.default\searchplugins\spe​edbit.xml
 C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.​xml
 C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\IEBHO.dll
 C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\searchqudtx.dl​l
 C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\IEBHO.dll
 C:\Program Files (x86)\OfferBox\OfferBoxBHO.dll
 C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll
 C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.ex​e
 C:\Users\lazur\AppData\Roaming​\FREEzeFrog
 C:\Users\lazur\AppData\Roaming​\moovida-1
 C:\Users\lazur\AppData\Roaming​\Nosibay
 C:\Users\lazur\AppData\Roaming​\OfferBox
 C:\Users\lazur\AppData\Roaming​\widestream
 C:\Users\lazur\AppData\Roaming​\eType\eTypeUninstall.exe
 C:\Program Files (x86)\Fluendo
 C:\Program Files (x86)\FREEzeFrog
 C:\Program Files (x86)\Iminent
 C:\Program Files (x86)\Nosibay
 C:\Program Files (x86)\OfferBox
 C:\Program Files (x86)\Software
 C:\Program Files (x86)\Windows iLivid Toolbar
 C:\Program Files (x86)\Yontoo Layers Runtime
 :Commands

 [EMPTYFLASH]
 [emptytemp]  
 


 Clique sur le bouton "Correction".

 Ne touche plus au PC avant son redémarrage en mode normal.
 
 A l'ouverture du PC un rapport va s'ouvrir --> 04212011_xxxxxx.log ... Si ce n'est le cas tu le retrouveras sous le même nom sur le Bureau ou alors dans son dossier --> C:\_OTL
 Copie et colle ici en réponse le contenu de ce rapport  ;)
 

 




---------------
l'urgent est fait , l'impossible est en cours
pour les miracles prévoir des délais
(Publicité)
kirikou123
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 28/05/2013 à 18:15:24  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
bonsoir,

 Voici le rapport :

 All processes killed
 Error: Unable to interpret <O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA​6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEng​ine.dll (Conduit Ltd.) => Conduit Ltd. - Conduit Toolbar> in the current context!
 Error: Unable to interpret <O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395​D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam) => Toolbar.Agent> in the current context!
 Error: Unable to interpret <O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA​6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEng​ine.dll (Conduit Ltd.) => Conduit Ltd. - Conduit Toolbar> in the current context!
 Error: Unable to interpret <O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0E91EFA2-AF48-4333-9965-5DD29​DE31B56} - No CLSID value found. => FileServe Toolbar> in the current context!
 Error: Unable to interpret <[2013/05/27 20:28:10 | 000,000,000 | ---D | C] -- C:\Users\lazur\AppData\Roaming​\Microsoft\Windows\Start Menu\Programs\Wajam => Toolbar.Wajam> in the current context!
 Error: Unable to interpret <[2013/05/27 20:28:08 | 000,000,000 | ---D | C] -- C:\Users\lazur\AppData\Local\W​ajam => Toolbar.Wajam> in the current context!
 Error: Unable to interpret <[2013/05/27 20:27:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wajam => Toolbar.Wajam> in the current context!
 Error: Unable to interpret <[2012/07/24 10:11:04 | 000,000,000 | ---D | M] -- C:\Users\lazur\AppData\Roaming​\eType => Toolbar.eType> in the current context!
 Error: Unable to interpret <[2011/08/27 19:55:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ConduitEngine => Toolbar.Conduit> in the current context!
 Error: Unable to interpret <[2012/10/19 17:04:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Hotspot Shield => Toolbar.Conduit> in the current context!
 Error: Unable to interpret <[2013/05/27 20:29:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Wajam => Toolbar.Wajam> in the current context!
 Error: Unable to interpret <SRV - (WajamUpdater) -- C:\Program Files (x86)\Wajam\Updater\WajamUpdat​er.exe (Wajam) => Toolbar.Agent> in the current context!
 Error: Unable to interpret <IE - HKLM\..\SearchScopes\{afdbddaa​-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/Resu [...] =CT2548838 => Toolbar.Conduit> in the current context!
 Error: Unable to interpret <IE - HKCU\..\URLSearchHook: {6ec85fcf-87ad-41d7-ae1f-f116f​8ad4848} - No CLSID value found => Avanquest FR Toolbar> in the current context!
 Error: Unable to interpret <IE - HKCU\..\URLSearchHook: {8e5025c2-8ea3-430d-80b8-a1415​1068a6d} - No CLSID value found => Toolbar.01NET.com> in the current context!
 Error: Unable to interpret <IE - HKCU\..\URLSearchHook: {d7f26d0e-9801-45c3-a091-8a65e​4ed73b5} - No CLSID value found => Toolbar.Conduit> in the current context!
 Error: Unable to interpret <[2012/11/09 19:11:47 | 000,002,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_R​esults.xml => Toolbar.SearchResults> in the current context!
 Error: Unable to interpret <PRC - C:\Program Files\Web Assistant\ExtensionUpdaterServ​ice.exe ()> in the current context!
 Error: Unable to interpret <PRC - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.ex​e (Discordia, LTD)> in the current context!
 Error: Unable to interpret <SRV - (Web Assistant Updater) -- C:\Program Files\Web Assistant\ExtensionUpdaterServ​ice.exe ()> in the current context!
 Error: Unable to interpret <IE - HKLM\..\SearchScopes,DefaultSc​ope = {9BB47C17-9C68-4BB3-B188-DD9AF​0FD2406}> in the current context!
 Error: Unable to interpret <IE - HKLM\..\SearchScopes\{9BB47C17​-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/ [...] rchTerms}> in the current context!
 Error: Unable to interpret <IE - HKLM\..\SearchScopes,DefaultSc​ope = {9BB47C17-9C68-4BB3-B188-DD9AF​0FD2406}> in the current context!
 Error: Unable to interpret <IE - HKLM\..\SearchScopes\{8A96AF9E​-4074-43b7-BEA3-87217BDA7406}: "URL" = http://www.searchqu.com/web?sr [...] rchTerms}> in the current context!
 Error: Unable to interpret <IE - HKLM\..\SearchScopes\{9BB47C17​-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/ [...] rchTerms}> in the current context!
 Error: Unable to interpret <IE - HKLM\..\SearchScopes\{EEE6C360​-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/sear [...] rchTerms}> in the current context!
 Error: Unable to interpret <IE - HKCU\..\SearchScopes,DefaultSc​ope = {8A96AF9E-4074-43b7-BEA3-87217​BDA7406}> in the current context!
 Error: Unable to interpret <IE - HKCU\..\SearchScopes\{0ECDF796​-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={ [...] 62d40d610> in the current context!
 Error: Unable to interpret <IE - HKCU\..\SearchScopes\{57F6EA5C​-F7E1-4A42-B131-418FFD1024E1}: "URL" = http://websearch.ask.com/custo [...] id=OSJ000> in the current context!
 Error: Unable to interpret <IE - HKCU\..\SearchScopes\{5AA2BA46​-9913-4DC7-9620-69AB0FA17AE7}: "URL" = http://search.alot.com/web?q={ [...] 5.20000.3> in the current context!
 Error: Unable to interpret <IE - HKCU\..\SearchScopes\{8A96AF9E​-4074-43b7-BEA3-87217BDA7406}: "URL" = http://www.searchqu.com/web?sr [...] rchTerms}> in the current context!
 Error: Unable to interpret <IE - HKCU\..\SearchScopes\{A531D99C​-5A22-449b-83DA-872725C6D0ED}: "URL" = http://search.alot.com/web?q={searchTerms}> in the current context!
 Error: Unable to interpret <FF - prefs.js..browser.search.defau​ltenginename: "Speedbit Search"> in the current context!
 Error: Unable to interpret <FF - prefs.js..browser.search.defau​lturl: "http://go.speedbit.com/search​.aspx?s=D45b&q="> in the current context!
 Error: Unable to interpret <FF - prefs.js..browser.search.order​.1: "Speedbit Search"> in the current context!
 Error: Unable to interpret <FF - prefs.js..keyword.URL: "http://go.speedbit.com/search​.aspx?s=D45b&q="> in the current context!
 Error: Unable to interpret <FF - prefs.js..browser.startup.home​page: "http://www.searchqu.com/406"> in the current context!
 Error: Unable to interpret <64bit-FF - HKEY_LOCAL_MACHINE\software\mo​zilla\Firefox\Extensions\\{336​D0C35-8A85-403a-B9D2-65C292C39​087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX> in the current context!
 Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mo​zilla\Firefox\Extensions\\offe​rboxffx@offerbox.com: C:\Program Files (x86)\OfferBox\offerboxffx@off​erbox.com> in the current context!
 Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mo​zilla\Firefox\Extensions\\{336​D0C35-8A85-403a-B9D2-65C292C39​087}: C:\Program Files\Web Assistant\Firefox> in the current context!
 Error: Unable to interpret <FF - HKEY_CURRENT_USER\software\moz​illa\Firefox\Extensions\\{5a95​a9e0-59dd-4314-bd84-4d18ca83a0​e2}: C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-​59dd-4314-bd84-4d18ca83a0e2}.x​pi [2013/05/02 21:21:44 | 000,037,909 | ---- | M] ()> in the current context!
 Error: Unable to interpret <[2012/11/09 19:11:47 | 000,002,683 | ---- | M] () -- C:\Users\lazur\AppData\Roaming​\mozilla\firefox\profiles\jdq5​s30c.default\searchplugins\Sea​rch_Results.xml> in the current context!
 Error: Unable to interpret <[2013/04/05 22:40:00 | 000,002,530 | ---- | M] () -- C:\Users\lazur\AppData\Roaming​\mozilla\firefox\profiles\jdq5​s30c.default\searchplugins\spe​edbit.xml> in the current context!
 Error: Unable to interpret <[2013/05/02 21:21:44 | 000,037,909 | ---- | M] () (No name found) -- C:\PROGRAM FILES (X86)\WAJAM\FIREFOX\{5A95A9E0-​59DD-4314-BD84-4D18CA83A0E2}.X​PI> in the current context!
 Error: Unable to interpret <[2012/06/07 11:04:51 | 000,002,352 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.​xml> in the current context!
 Error: Unable to interpret <O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C29​2C39087} - C:\Program Files\Web Assistant\Extension64.dll ()> in the current context!
 Error: Unable to interpret <O2 - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF98​9AF1115} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\IEBHO.dll (Discordia, LTD)> in the current context!
 Error: Unable to interpret <O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C29​2C39087} - C:\Program Files\Web Assistant\Extension32.dll ()> in the current context!
 Error: Unable to interpret <O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955​acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\searchqudtx.dl​l ()> in the current context!
 Error: Unable to interpret <O2 - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF98​9AF1115} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Discordia, LTD)> in the current context!
 Error: Unable to interpret <O2 - BHO: (OfferBox) - {FC0D62C2-9640-4AEB-A5D5-CF25D​F11FA8C} - C:\Program Files (x86)\OfferBox\OfferBoxBHO.dll (Secure Digital Services Limited)> in the current context!
 Error: Unable to interpret <O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4​151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC)> in the current context!
 Error: Unable to interpret <O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.> in the current context!
 Error: Unable to interpret <O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955​acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\searchqudtx.dl​l ()> in the current context!
 Error: Unable to interpret <O4 - HKLM\..\Run: [DATAMNGR] C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.ex​e (Discordia, LTD)> in the current context!
 Error: Unable to interpret <[6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]> in the current context!
 Error: Unable to interpret <[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]> in the current context!
 Error: Unable to interpret <[1 C:\*.tmp files -> C:\*.tmp -> ]> in the current context!
 Error: Unable to interpret <[2013/05/27 20:29:34 | 000,000,000 | ---- | M] () -- C:\END> in the current context!
 Error: Unable to interpret <[2011/08/05 11:16:52 | 000,000,000 | ---D | M] -- C:\Users\lazur\AppData\Roaming​\FREEzeFrog> in the current context!
 Error: Unable to interpret <[2013/03/29 19:28:19 | 000,000,000 | ---D | M] -- C:\Users\lazur\AppData\Roaming​\moovida-1> in the current context!
 Error: Unable to interpret <[2012/05/09 17:10:34 | 000,000,000 | ---D | M] -- C:\Users\lazur\AppData\Roaming​\Nosibay> in the current context!
 Error: Unable to interpret <[2011/10/26 15:46:50 | 000,000,000 | ---D | M] -- C:\Users\lazur\AppData\Roaming​\OfferBox> in the current context!
 Error: Unable to interpret <[2011/04/20 15:33:41 | 000,000,000 | ---D | M] -- C:\Users\lazur\AppData\Roaming​\widestream> in the current context!
 Error: Unable to interpret <[2011/12/11 10:43:00 | 000,281,960 | ---- | M] (DSNR Labs) -- C:\Users\lazur\AppData\Roaming​\eType\eTypeUninstall.exe> in the current context!
 Error: Unable to interpret <[2011/04/24 16:40:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Fluendo> in the current context!
 Error: Unable to interpret <[2011/08/05 11:16:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\FREEzeFrog> in the current context!
 Error: Unable to interpret <[2012/05/09 17:09:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Iminent> in the current context!
 Error: Unable to interpret <[2012/04/29 22:39:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Nosibay> in the current context!
 Error: Unable to interpret <[2011/11/01 19:43:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\OfferBox> in the current context!
 Error: Unable to interpret <[2012/11/09 18:16:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Software> in the current context!
 Error: Unable to interpret <[2011/05/21 14:21:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows iLivid Toolbar> in the current context!
 Error: Unable to interpret <[2011/08/05 11:30:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Yontoo Layers Runtime> in the current context!
 ========== FILES ==========
 C:\Program Files (x86)\ConduitEngine\ConduitEng​ine.dll moved successfully.
 File\Folder C:\Program Files (x86)\Wajam\IE\priam_bho.dll not found.
 File\Folder C:\Users\lazur\AppData\Local\W​ajam not found.
 C:\Program Files (x86)\Wajam\Firefox folder moved successfully.
 C:\Program Files (x86)\Wajam folder moved successfully.
 C:\Users\lazur\AppData\Roaming​\eType folder moved successfully.
 C:\Program Files (x86)\ConduitEngine folder moved successfully.
 C:\Program Files (x86)\mozilla firefox\searchplugins\Search_R​esults.xml moved successfully.
 C:\Program Files\Web Assistant\ExtensionUpdaterServ​ice.exe moved successfully.
 C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.ex​e moved successfully.
 File\Folder C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX not found.
 Error: Unable to interpret <:\Program Files (x86)\OfferBox\offerboxffx@off​erbox.com> in the current context!
 Error: Unable to interpret <C:\Program Files\Web Assistant\Firefox> in the current context!
 Error: Unable to interpret <C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-​59dd-4314-bd84-4d18ca83a0e2}.x​pi> in the current context!
 Error: Unable to interpret <C:\Users\lazur\AppData\Roamin​g\mozilla\firefox\profiles\jdq​5s30c.default\searchplugins\Se​arch_Results.xml> in the current context!
 Error: Unable to interpret <C:\Users\lazur\AppData\Roamin​g\mozilla\firefox\profiles\jdq​5s30c.default\searchplugins\sp​eedbit.xml> in the current context!
 Error: Unable to interpret <C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.​xml> in the current context!
 Error: Unable to interpret <C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\IEBHO.dll​> in the current context!
 Error: Unable to interpret <C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\searchqudtx.dl​l> in the current context!
 Error: Unable to interpret <C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\IEBHO.dll> in the current context!
 Error: Unable to interpret <C:\Program Files (x86)\OfferBox\OfferBoxBHO.dll​> in the current context!
 Error: Unable to interpret <C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll> in the current context!
 Error: Unable to interpret <C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.ex​e> in the current context!
 Error: Unable to interpret <C:\Users\lazur\AppData\Roamin​g\FREEzeFrog> in the current context!
 Error: Unable to interpret <C:\Users\lazur\AppData\Roamin​g\moovida-1> in the current context!
 Error: Unable to interpret <C:\Users\lazur\AppData\Roamin​g\Nosibay> in the current context!
 Error: Unable to interpret <C:\Users\lazur\AppData\Roamin​g\OfferBox> in the current context!
 Error: Unable to interpret <C:\Users\lazur\AppData\Roamin​g\widestream> in the current context!
 Error: Unable to interpret <C:\Users\lazur\AppData\Roamin​g\eType\eTypeUninstall.exe> in the current context!
 Error: Unable to interpret <C:\Program Files (x86)\Fluendo> in the current context!
 Error: Unable to interpret <C:\Program Files (x86)\FREEzeFrog> in the current context!
 Error: Unable to interpret <C:\Program Files (x86)\Iminent> in the current context!
 Error: Unable to interpret <C:\Program Files (x86)\Nosibay> in the current context!
 Error: Unable to interpret <C:\Program Files (x86)\OfferBox> in the current context!
 Error: Unable to interpret <C:\Program Files (x86)\Software> in the current context!
 Error: Unable to interpret <C:\Program Files (x86)\Windows iLivid Toolbar> in the current context!
 Error: Unable to interpret <C:\Program Files (x86)\Yontoo Layers Runtime> in the current context!
 ========== COMMANDS ==========
 
 [EMPTYFLASH]
 
 User: All Users
 
 User: Default
 ->Flash cache emptied: 57472 bytes
 
 User: Default User
 ->Flash cache emptied: 0 bytes
 
 User: lazur
 ->Flash cache emptied: 57978 bytes
 
 User: LogMeInRemoteUser
 ->Flash cache emptied: 56478 bytes
 
 User: Public
 
 User: UpdatusUser
 ->Flash cache emptied: 57472 bytes
 
 Total Flash Files Cleaned = 0,00 mb
 
 
 [EMPTYTEMP]
 
 User: All Users
 
 User: Default
 ->Temporary Internet Files folder emptied: 0 bytes
 ->Flash cache emptied: 0 bytes
 
 User: Default User
 ->Temporary Internet Files folder emptied: 0 bytes
 ->Flash cache emptied: 0 bytes
 
 User: lazur
 ->Temp folder emptied: 299711075 bytes
 ->Temporary Internet Files folder emptied: 5645470 bytes
 ->Java cache emptied: 3406343 bytes
 ->FireFox cache emptied: 107946241 bytes
 ->Google Chrome cache emptied: 0 bytes
 ->Apple Safari cache emptied: 0 bytes
 ->Flash cache emptied: 0 bytes
 
 User: LogMeInRemoteUser
 ->Temporary Internet Files folder emptied: 0 bytes
 ->Flash cache emptied: 0 bytes
 
 User: Public
 
 User: UpdatusUser
 ->Temporary Internet Files folder emptied: 0 bytes
 ->Flash cache emptied: 0 bytes
 
 %systemdrive% .tmp files removed: 734003136 bytes
 %systemroot% .tmp files removed: 0 bytes
 %systemroot%\System32 .tmp files removed: 1279968 bytes
 %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
 %systemroot%\System32\drivers .tmp files removed: 0 bytes
 Windows Temp folder emptied: 603041729 bytes
 %systemroot%\sysnative\config\​systemprofile\AppData\Local\Mi​crosoft\Windows\Temporary Internet Files folder emptied: 68172 bytes
 RecycleBin emptied: 3440 bytes
 
 Total Files Cleaned = 1 674,00 mb
 
 
 OTL by OldTimer - Version 3.2.69.0 log created on 05282013_195403

 Files\Folders moved on Reboot...
 C:\Users\lazur\AppData\Local\T​emp\FXSAPIDebugLogFile.txt moved successfully.
 File move failed. C:\Users\lazur\AppData\Local\M​icrosoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
 File\Folder C:\Windows\temp\HFI470.tmp.htm​l not found!
 C:\Windows\temp\KB2600217_2013​0528_194705275-Microsoft .NET Framework 4 Client Profile-MSP0.txt moved successfully.
 C:\Windows\temp\KB2600217_2013​0528_194705275.html moved successfully.
 File\Folder C:\Windows\temp\TMP0000001B589​152812C3DDD12 not found!

 PendingFileRenameOperations files...

 Registry entries deleted on Reboot...

Profil : Equipe sécurité
did80
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés) Helpeur confirmé
  1. Posté le 29/05/2013 à 08:42:44  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello: kirikou123

 ceci stp

 
 Télécharge zhpdiag

 http://telechargement.zebulon.fr/zhpdiag.html


 Enregistrer le Fichier sur le bureau important

 exécuter en tant qu'administrateur pour Vista/7) pour lancer le programme d'assistant d'installation


 Scanner le pc en cliquant sur image de la loupe

 Enregistrer le rapport image de la disquette  qui apparaitra a la fin du scan


 très volumineux incomplet sur le forum

 il faut le poster sur www.cjoint.com

 1 parcourir : zhpdiag.txt sur le bureau

 2 déposer

 3 me donner le lien formé qui ressemble a çà
 http://cjoint.com/?BJlkjReCl6v4 ;)  


---------------
l'urgent est fait , l'impossible est en cours
pour les miracles prévoir des délais
kirikou123
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 29/05/2013 à 17:39:52  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonsoir,
 voici le lien :http://cjoint.com/?CEDtNarU1X​G

(Publicité)
Profil : Equipe sécurité
did80
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés) Helpeur confirmé
  1. Posté le 30/05/2013 à 09:13:12  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello: kirikou123


 Sélectionnes et copies les lignes bleues suivantes
 

 G2 - GCE: Preference [User Data\Default] [dlnembnfbcpjnepmfjmngjenhhajpd​fd] Web Assistant v.2.0.0.100 (Désactivé)    => Infection BT (Adware.IncrediBar)
 M3 - MFPP: Plugins - [lazur] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\babylon.​xml    => Infection BT (Toolbar.Babylon)
 O2 - BHO: Web Assistant Helper [64Bits] - {336D0C35-8A85-403a-B9D2-65C29​2C39087} . (...) -- C:\Program Files\Web Assistant\Extension32.dll    => Infection BT (Adware.IncrediBar)
 O2 - BHO: Searchqu Toolbar [64Bits] - {99079a25-328f-4bd4-be04-00955​acaa0a7} . (.Pas de propriétaire - dtx Dynamic Link Library.) -- C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\searchqudtx.dl​l    => Infection BT (Adware.Bandoo)
 O2 - BHO: UrlHelper Class [64Bits] - {A40DC6C5-79D0-4ca8-A185-8FF98​9AF1115} . (.Discordia, LTD - IEHelper.) -- C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\IEBHO.dll    => Infection BT (Adware.Bandoo)
 O2 - BHO: OfferBox [64Bits] - {FC0D62C2-9640-4AEB-A5D5-CF25D​F11FA8C} . (.Secure Digital Services Limited - OfferBox.) -- C:\Program Files (x86)\OfferBox\OfferBoxBHO.dll    => Infection PUP (PUP.OfferBox)
 O2 - BHO: Yontoo Layers [64Bits] - {FD72061E-9FDE-484D-A58A-0BAB4​151CAD8} . (.Yontoo LLC - Yontoo Layers Runtime.) -- C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll    => Infection BT (Adware.Yontoo)
 O4 - HKLM\..\Wow6432Node\Run: [DATAMNGR] C:\Program Files (x86)\WI3C8A~1\Datamngr\DATAMN​~1.exe (.not file.)    => Infection BT (Adware.Bandoo)
 O23 - Service: Web Assistant Updater (Web Assistant Updater) . (...) - C:\Program Files\Web Assistant\ExtensionUpdaterServ​ice.exe (.not file.)    => Infection BT (Adware.IncrediBar)
 [MD5.00000000000000000000000000​000000] [APT] [{63D17920-20B3-4AA5-8AF9-D7869​70CCD97}] (...) -- C:\Program Files (x86)\Babylon\Babylon-Pro\Util​s\uninstbb.exe (.not file.)   [0]    => Infection BT (Toolbar.Babylon)
 O42 - Logiciel: Web Assistant 2.0.0.100 - (.IncrediBar.) [HKLM][64Bits] -- {336D0C35-8A85-403a-B9D2-65C29​2C39087}_is1    => Infection BT (Adware.IncrediBar)
 O42 - Logiciel: Windows iLivid Toolbar - (.Bandoo Media, Inc.) [HKLM][64Bits] -- Searchqu 406 MediaBar    => Infection BT (Adware.Bandoo)
 O42 - Logiciel: Yontoo Layers Runtime 1.10.01 - (.Yontoo LLC.) [HKLM][64Bits] -- {889DF117-14D1-44EE-9F31-C5FB5​D47F68B}    => Infection BT (Adware.Yontoo)
 [HKCU\Software\AppDataLow\Softw​are\Crossrider]    => Infection PUP (Adware.VidSaver)
 [HKCU\Software\AppDataLow\Softw​are\I Want This]    => Infection BT (PUP.RewardsArcade)
 [HKCU\Software\AppDataLow\Softw​are\ShoppingReport2]    => Infection BT (Adware.ShoppingReports)
 [HKCU\Software\AppDataLow\Softw​are\searchqutoolbar]    => Infection PUP (Adware.Bandoo)
 [HKCU\Software\DataMngr_Toolbar​]
 [HKCU\Software\Datamngr]    => Infection PUP (PUP.BearShare)
 [HKCU\Software\Iminent]    => Infection PUP (Adware.IMBooster)
 [HKCU\Software\Moovida]    => Infection BT (Adware.SPointer)
 [HKCU\Software\OfferBox]    => Infection PUP (PUP.OfferBox)
 [HKCU\Software\TutoTag]    => Infection BT (Spyware.AgenceExclusive)
 [HKCU\Software\Tutorials]    => Infection BT (Spyware.AgenceExclusive)
 [HKCU\Software\WideStream]    => Infection BT (Adware.SPointer)
 [HKCU\Software\iLivid]    => Infection BT (Adware.Bandoo)
 [HKLM\Software\Web Assistant]    => Infection BT (Adware.IncrediBar)
 [HKLM\Software\Wow6432Node\Boxo​re]    => Infection PUP (Adware.Boxore)
 [HKLM\Software\Wow6432Node\FREE​zeFrog]    => Infection KeyLogger (Adware.FreezeFrog)
 [HKLM\Software\Wow6432Node\Imin​ent]    => Infection PUP (Adware.IMBooster)
 [HKLM\Software\Wow6432Node\Moov​ida]    => Infection BT (Adware.SPointer)
 [HKLM\Software\Wow6432Node\Offe​rBox]    => Infection PUP (PUP.OfferBox)
 [HKLM\Software\Wow6432Node\Sear​chquMediabarTb]    => Infection PUP (Adware.Bandoo)
 [HKLM\Software\Wow6432Node\Web Assistant]    => Infection BT (Adware.IncrediBar)
 O43 - CFD: 24/04/2011 - 16:40:17 - [50,419] ----D C:\Program Files (x86)\Fluendo    => Infection BT (Adware.SPointer)
 O43 - CFD: 09/05/2012 - 17:09:30 - [0,785] ----D C:\Program Files (x86)\Iminent    => Infection PUP (Adware.IMBooster)
 O43 - CFD: 01/11/2011 - 19:43:44 - [0,170] ----D C:\Program Files (x86)\OfferBox    => Infection PUP (PUP.OfferBox)
 O43 - CFD: 24/04/2011 - 19:25:24 - [1,024] ----D C:\Program Files (x86)\Widestream6    => Infection BT (Adware.SPointer)
 O43 - CFD: 21/05/2011 - 14:21:01 - [8,648] ----D C:\Program Files (x86)\Windows iLivid Toolbar    => Infection BT (Adware.Bandoo)
 O43 - CFD: 05/08/2011 - 11:30:32 - [0,186] ----D C:\Program Files (x86)\Yontoo Layers Runtime    => Infection BT (Adware.Yontoo)
 O43 - CFD: 05/08/2011 - 11:16:52 - [0] ----D C:\Users\lazur\AppData\Roaming​\FREEzeFrog    => Infection KeyLogger (Adware.FreezeFrog)
 O43 - CFD: 29/03/2013 - 19:28:19 - [0,636] ----D C:\Users\lazur\AppData\Roaming​\moovida-1    => Infection BT (Adware.SPointer)
 O43 - CFD: 26/10/2011 - 15:46:50 - [0,281] ----D C:\Users\lazur\AppData\Roaming​\OfferBox    => Infection PUP (PUP.OfferBox)
 O43 - CFD: 20/04/2011 - 15:33:41 - [0,001] ----D C:\Users\lazur\AppData\Roaming​\widestream    => Infection BT (Adware.SPointer)
 O43 - CFD: 24/04/2011 - 19:25:15 - [0,352] ----D C:\Users\lazur\AppData\Local\w​idestream6 Air    => Infection BT (Adware.SPointer)
 O44 - LFC:[MD5.D41D8CD98F00B204E9800998EC​F8427E] - 27/05/2013 - 19:29:34 ---A- . (...) -- C:\END   [0]    => Infection FakeAlert (Trojan.FakeAlert)
 O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C​0A66CC9} - (Search the web (Babylon)) - http://search.babylon.com    => Infection PUP (PUP.ClaroSearch)
 O69 - SBI: SearchScopes [HKCU] {5AA2BA46-9913-4DC7-9620-69AB0​FA17AE7} - (ALOT Recherche) - http://search.alot.com    => Infection BT (AdWare.Comet)
 O69 - SBI: SearchScopes [HKCU] {8A96AF9E-4074-43b7-BEA3-87217​BDA7406} [DefaultScope] - (Web Search) - http://www.searchqu.com    => Infection PUP (Adware.Bandoo)
 O69 - SBI: SearchScopes [HKCU] {A531D99C-5A22-449b-83DA-87272​5C6D0ED} - (Recherche alOt) - http://search.alot.com
 O69 - SBI: SearchScopes [HKCU] {d906873c-051a-427c-a638-768d3​902f01b} - (YouGoo) - http://www.yougoo.fr
 O69 - SBI: SearchScopes [HKUS\.DEFAULT] {4B8C28A7-A9BC-45F8-990D-21499​EED643C} - (QuestScan) - http://www.questscan.com    => Infection BT (Adware.QuestScan)
 O69 - SBI: SearchScopes [HKUS\S-1-5-18] {4B8C28A7-A9BC-45F8-990D-21499​EED643C} - (QuestScan) - http://www.questscan.com    => Infection BT (Adware.QuestScan)
 [HKLM\Software\Classes\Interfac​e\{021B4049-F57D-4565-A693-FD3​B04786BFA}]    => Infection BT (Adware.IMBooster)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{021B4049-F57D-4​565-A693-FD3B04786BFA}]    => Infection BT (Adware.IMBooster)
 [HKLM\Software\Classes\Interfac​e\{0362AA09-808D-48E9-B360-FB5​1A8CBCE09}]    => Infection BT (Adware.IMBooster)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{0362AA09-808D-4​8E9-B360-FB51A8CBCE09}]    => Infection BT (Adware.IMBooster)
 [HKLM\Software\Classes\Interfac​e\{06844020-CD0B-3D3D-A7FE-371​153013E49}]    => Infection BT (Adware.IMBooster)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{06844020-CD0B-3​D3D-A7FE-371153013E49}]    => Infection BT (Adware.IMBooster)
 [HKLM\Software\Classes\Interfac​e\{0ADC01BB-303B-3F8E-93DA-12C​140E85460}]    => Infection BT (Adware.IMBooster)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{0ADC01BB-303B-3​F8E-93DA-12C140E85460}]    => Infection BT (Adware.IMBooster)
 [HKCU\Software\Microsoft\Intern​et Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}]    => Infection BT (PUP.ClaroSearch)
 [HKLM\Software\Classes\Interfac​e\{10D3722F-23E6-3901-B6C1-FF6​567121920}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{10D3722F-23E6-3​901-B6C1-FF6567121920}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Classes\Interfac​e\{10DE7085-6A1E-4D41-A7BF-9AF​93E351401}]    => Infection BT (Adware.Yontoo)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{10DE7085-6A1E-4​D41-A7BF-9AF93E351401}]    => Infection BT (Adware.Yontoo)
 [HKLM\Software\Classes\Interfac​e\{1675E62B-F911-3B7B-A046-EB5​7261212F3}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{1675E62B-F911-3​B7B-A046-EB57261212F3}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Classes\Interfac​e\{192929F2-9273-3894-91B0-F54​671C4C861}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{192929F2-9273-3​894-91B0-F54671C4C861}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Classes\Interfac​e\{1AD27395-1659-4DFF-A319-2CF​A243861A5}]    => Infection BT (Adware.Yontoo)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{1AD27395-1659-4​DFF-A319-2CFA243861A5}]    => Infection BT (Adware.Yontoo)
 [HKLM\Software\Classes\Interfac​e\{1B730ACF-26A3-447B-9994-14A​EE0EB72CC}]    => Infection PUP (Adware.Bandoo)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{1B730ACF-26A3-4​47B-9994-14AEE0EB72CC}]    => Infection PUP (Adware.Bandoo)
 [HKLM\Software\Classes\Interfac​e\{2932897E-3036-43D9-8A64-B06​447992065}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{2932897E-3036-4​3D9-8A64-B06447992065}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Classes\Interfac​e\{2DE92D29-A042-3C37-BFF8-07C​7D8893EFA}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{2DE92D29-A042-3​C37-BFF8-07C7D8893EFA}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Classes\Interfac​e\{32B80AD6-1214-45F4-994E-78A​5D482C000}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{32B80AD6-1214-4​5F4-994E-78A5D482C000}]    => Infection PUP (PUP.RewardsArcade)
 [HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{33​6D0C35-8A85-403a-B9D2-65C292C3​9087}]    => Infection BT (Adware.IncrediBar)
 [HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Settings\​{336D0C35-8A85-403a-B9D2-65C29​2C39087}]    => Infection BT (Adware.IncrediBar)
 [HKLM\Software\Classes\CLSID\{3​36D0C35-8A85-403a-B9D2-65C292C​39087}]    => Infection BT (Adware.IncrediBar)
 [HKLM\Software\Microsoft\Window​s\CurrentVersion\Explorer\Brow​ser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}]    => Infection BT (Adware.IncrediBar)
 [HKLM\Software\Wow6432Node\Micr​osoft\Windows\CurrentVersion\E​xplorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}]    => Infection BT (Adware.IncrediBar)
 [HKLM\Software\Classes\Interfac​e\{3A8E103F-B2B7-3BEF-B3B0-88E​29B2420E4}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{3A8E103F-B2B7-3​BEF-B3B0-88E29B2420E4}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Classes\Interfac​e\{44C3C1DB-2127-433C-98EC-4C9​412B5FC3A}]    => Infection BT (Toolbar.Babylon)
 [HKLM\Software\Classes\Interfac​e\{478CE5D3-D38E-3FFE-8DBE-8C4​A0F1C4D8D}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{478CE5D3-D38E-3​FFE-8DBE-8C4A0F1C4D8D}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Classes\Interfac​e\{48B7DA4E-69ED-39E3-BAD5-3E3​EFF22CFB0}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{48B7DA4E-69ED-3​9E3-BAD5-3E3EFF22CFB0}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Classes\Interfac​e\{4D5132DD-BB2B-4249-B5E0-D14​5A8C982E1}]    => Infection BT (Toolbar.Babylon)
 [HKLM\Software\Classes\Interfac​e\{5982F405-44E4-3BBB-BAC4-CF8​141CBBC5C}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{5982F405-44E4-3​BBB-BAC4-CF8141CBBC5C}]    => Infection PUP (PUP.RewardsArcade)
 [HKCU\Software\Microsoft\Intern​et Explorer\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}]    => Infection BT (AdWare.Comet)
 [HKLM\Software\Classes\Interfac​e\{5D8C3CC3-3C05-38A1-B244-924​A23115FE9}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{5D8C3CC3-3C05-3​8A1-B244-924A23115FE9}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Classes\Interfac​e\{5F339F0B-716F-408F-A627-DEE​B5DEB4020}]    => Infection BT (Toolbar.Babylon)
 [HKLM\Software\Wow6432Node\Micr​osoft\Windows\CurrentVersion\U​ninstall\{6084C211-01A1-464E-9​7A0-09772E122B50}]    => Infection BT (Adware.SPointer)
 [HKLM\Software\Classes\Interfac​e\{641593AF-D9FD-30F7-B783-36E​16F7A2E08}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{641593AF-D9FD-3​0F7-B783-36E16F7A2E08}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Classes\Interfac​e\{66EEF543-A9AC-4A9D-AA3C-1ED​148AC8EEE}]    => Infection PUP (PUP.WhiteSmoke)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{66EEF543-A9AC-4​A9D-AA3C-1ED148AC8EEE}]    => Infection PUP (PUP.WhiteSmoke)
 [HKLM\Software\Wow6432Node\Micr​osoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}]    => Infection BT (Adware.IMBooster)
 [HKLM\Software\Classes\TypeLib\​{6A4BCABA-C437-4C76-A54E-AF31B​8A76CB9}]    => Infection PUP (Adware.Bandoo)
 [HKLM\Software\Classes\Interfac​e\{706D4A4B-184A-4434-B331-296​B07493D2D}]    => Infection BT (Toolbar.Babylon)
 [HKLM\Software\Classes\Interfac​e\{711FC48A-1356-3932-94D8-A8B​733DBC7E4}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{711FC48A-1356-3​932-94D8-A8B733DBC7E4}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Classes\Interfac​e\{72227B7F-1F02-3560-95F5-592​E68BACC0C}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{72227B7F-1F02-3​560-95F5-592E68BACC0C}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Classes\Interfac​e\{7B5E8CE3-4722-4C0E-A236-A6F​F731BEF37}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{7B5E8CE3-4722-4​C0E-A236-A6FF731BEF37}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Microsoft\Window​s\CurrentVersion\Uninstall\{88​9DF117-14D1-44EE-9F31-C5FB5D47​F68B}]    => Infection BT (Adware.Yontoo)
 [HKLM\Software\Classes\Interfac​e\{890D4F59-5ED0-3CB4-8E0E-74A​5A86E7ED0}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{890D4F59-5ED0-3​CB4-8E0E-74A5A86E7ED0}]    => Infection PUP (PUP.RewardsArcade)
 [HKCU\Software\Microsoft\Intern​et Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}]    => Infection PUP (Adware.Bandoo)
 [HKLM\Software\Wow6432Node\Micr​osoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}]    => Infection PUP (Adware.Bandoo)
 [HKLM\Software\Classes\Interfac​e\{8BE10F21-185F-4CA0-B789-992​1674C3993}]    => Infection BT (Toolbar.Babylon)
 [HKLM\Software\Classes\Interfac​e\{8C68913C-AC3C-4494-8B9C-984​D87C85003}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{8C68913C-AC3C-4​494-8B9C-984D87C85003}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Classes\Interfac​e\{8D019513-083F-4AA5-933F-7D4​3A6DA82C4}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{8D019513-083F-4​AA5-933F-7D43A6DA82C4}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Classes\Interfac​e\{923F6FB8-A390-370E-A0D2-DD5​05432481D}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{923F6FB8-A390-3​70E-A0D2-DD505432481D}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Classes\Interfac​e\{94C0B25D-3359-4B10-B227-F96​A77DB773F}]    => Infection BT (Toolbar.Babylon)
 [HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{99​079A25-328F-4BD4-BE04-00955ACA​A0A7}]    => Infection BT (Adware.Bandoo)
 [HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Settings\​{99079A25-328F-4BD4-BE04-00955​ACAA0A7}]    => Infection BT (Adware.Bandoo)
 [HKLM\Software\Wow6432Node\Micr​osoft\Windows\CurrentVersion\E​xplorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}]    => Infection BT (Adware.Bandoo)
 [HKLM\Software\Wow6432Node\Micr​osoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}]    => Infection BT (Adware.Bandoo)
 [HKLM\Software\Microsoft\Intern​et Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}]    => Infection PUP (Adware.Bandoo)
 [HKLM\Software\Wow6432Node\Micr​osoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}]    => Infection PUP (Adware.Bandoo)
 [HKLM\Software\Classes\Interfac​e\{9BBB26EF-B178-35D6-9D3D-B48​5F4279FE5}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{9BBB26EF-B178-3​5D6-9D3D-B485F4279FE5}]    => Infection PUP (PUP.RewardsArcade)
 [HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{A4​0DC6C5-79D0-4ca8-A185-8FF989AF​1115}]    => Infection PUP (Adware.Bandoo)
 [HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Settings\​{A40DC6C5-79D0-4ca8-A185-8FF98​9AF1115}]    => Infection PUP (Adware.Bandoo)
 [HKLM\Software\Classes\CLSID\{A​40DC6C5-79D0-4ca8-A185-8FF989A​F1115}]    => Infection PUP (Adware.Bandoo)
 [HKLM\Software\Microsoft\Window​s\CurrentVersion\Explorer\Brow​ser Helper Objects\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}]    => Infection PUP (Adware.Bandoo)
 [HKLM\Software\Wow6432Node\Micr​osoft\Windows\CurrentVersion\E​xplorer\Browser Helper Objects\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}]    => Infection PUP (Adware.Bandoo)
 [HKCU\Software\Microsoft\Intern​et Explorer\SearchScopes\{A531D99C-5A22-449b-83DA-872725C6D0ED}]    => Infection PUP (Adware.Bandoo)
 [HKLM\Software\Classes\Interfac​e\{A62DDBE0-8D2A-339A-B089-8CB​CC5CD322A}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{A62DDBE0-8D2A-3​39A-B089-8CBCC5CD322A}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Classes\Interfac​e\{A82AD04D-0B8E-3A49-947B-6A6​9A8A9C96D}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{A82AD04D-0B8E-3​A49-947B-6A69A8A9C96D}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Classes\Interfac​e\{ADEB3CC9-A05D-4FCC-BD09-902​5456AA3EA}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{ADEB3CC9-A05D-4​FCC-BD09-9025456AA3EA}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Classes\Interfac​e\{B06D4521-D09C-3F41-8E39-9D7​84CCA2A75}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{B06D4521-D09C-3​F41-8E39-9D784CCA2A75}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Classes\Interfac​e\{B0B75FBA-7288-4FD3-A9EB-7EE​27FA65599}]    => Infection BT (Toolbar.Babylon)
 [HKLM\Software\Classes\Interfac​e\{B173667F-8395-4317-8DD6-45A​D1FE00047}]    => Infection BT (Toolbar.Babylon)
 [HKLM\Software\Classes\Interfac​e\{B32672B3-F656-46E0-B584-FE6​1C0BB6037}]    => Infection BT (Toolbar.Babylon)
 [HKLM\Software\Classes\AppID\{B​DB69379-802F-4EAF-B541-F8DE92D​D98DB}]    => Infection BT (Toolbar.Babylon)
 [HKLM\Software\Wow6432Node\Clas​ses\AppID\{BDB69379-802F-4EAF-​B541-F8DE92DD98DB}]    => Infection BT (Toolbar.Babylon)
 [HKLM\Software\Classes\AppID\{B​DB69379-802F-4eaf-B541-F8DE92D​D98DB}]    => Infection BT (Toolbar.Babylon)
 [HKLM\Software\Wow6432Node\Clas​ses\AppID\{BDB69379-802F-4eaf-​B541-F8DE92DD98DB}]    => Infection BT (Toolbar.Babylon)
 [HKLM\Software\Classes\Interfac​e\{C06DAD42-6F39-4CE1-83CC-9A8​B9105E556}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{C06DAD42-6F39-4​CE1-83CC-9A8B9105E556}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Classes\Interfac​e\{C2434722-5C85-4CA0-BA69-1B6​7E7AB3D68}]    => Infection BT (Toolbar.Babylon)
 [HKLM\Software\Classes\Interfac​e\{C2996524-2187-441F-A398-CD6​CB6B3D020}]    => Infection BT (Toolbar.Babylon)
 [HKLM\Software\Classes\Interfac​e\{C2E799D0-43A5-3477-8A98-FC5​F3677F35C}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{C2E799D0-43A5-3​477-8A98-FC5F3677F35C}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Classes\AppID\{C​FDAFE39-20CE-451D-BD45-A37452F​39CF0}]    => Infection BT (Adware.Yontoo)
 [HKLM\Software\Wow6432Node\Clas​ses\AppID\{CFDAFE39-20CE-451D-​BD45-A37452F39CF0}]    => Infection BT (Adware.Yontoo)
 [HKLM\Software\Classes\Interfac​e\{D16107CD-2AD5-46A8-BA59-303​B7C32C500}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{D16107CD-2AD5-4​6A8-BA59-303B7C32C500}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Classes\Interfac​e\{D25B101F-8188-3B43-9D85-201​F372BC205}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{D25B101F-8188-3​B43-9D85-201F372BC205}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Classes\Interfac​e\{D2BA7595-5E44-3F1E-880F-03B​3139FA5ED}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{D2BA7595-5E44-3​F1E-880F-03B3139FA5ED}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Classes\Interfac​e\{D35F5C81-17D9-3E1C-A1FC-447​2542E1D25}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{D35F5C81-17D9-3​E1C-A1FC-4472542E1D25}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Classes\TypeLib\​{D372567D-67C1-4B29-B3F0-159B5​2B3E967}]    => Infection BT (Adware.Yontoo)
 [HKLM\Software\Classes\Interfac​e\{D8FA96CA-B250-312C-AF34-4FF​1DD72589D}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{D8FA96CA-B250-3​12C-AF34-4FF1DD72589D}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Classes\Interfac​e\{DAFC1E63-3359-416D-9BC2-E7D​CA6F7B0F3}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{DAFC1E63-3359-4​16D-9BC2-E7DCA6F7B0F3}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Classes\Interfac​e\{DC5E5C44-80FD-3697-9E65-9F2​86D92F3E7}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{DC5E5C44-80FD-3​697-9E65-9F286D92F3E7}]    => Infection PUP (PUP.RewardsArcade)
 [HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{DF​7770F7-832F-4BDF-B144-100EDDD0​C3AE}]    => Infection BT (Adware.Yontoo)
 [HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Settings\​{DF7770F7-832F-4BDF-B144-100ED​DD0C3AE}]    => Infection BT (Adware.Yontoo)
 [HKLM\Software\Wow6432Node\Micr​osoft\Windows\CurrentVersion\E​xt\PreApproved\{DF7770F7-832F-​4BDF-B144-100EDDD0C3AE}]    => Infection BT (Adware.Yontoo)
 [HKLM\Software\Classes\Interfac​e\{E047E227-5342-4D94-80F7-CFB​154BF55BD}]    => Infection BT (Toolbar.Babylon)
 [HKLM\Software\Classes\Interfac​e\{E1B4C9DE-D741-385F-981E-674​5FACE6F01}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{E1B4C9DE-D741-3​85F-981E-6745FACE6F01}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Classes\Interfac​e\{E3F79BE9-24D4-4F4D-8C13-DF2​C9899F82E}]    => Infection BT (Toolbar.Babylon)
 [HKLM\Software\Wow6432Node\Micr​osoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}]    => Infection BT (Adware.IMBooster)
 [HKLM\Software\Classes\Interfac​e\{E77EEF95-3E83-4BB8-9C0D-4A5​163774997}]    => Infection BT (Toolbar.Babylon)
 [HKLM\Software\Classes\Interfac​e\{E7B623F5-9715-3F9F-A671-D14​85A39F8A2}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{E7B623F5-9715-3​F9F-A671-D1485A39F8A2}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Classes\Interfac​e\{ED916A7B-7C68-3198-B87D-2DA​BC30A5587}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{ED916A7B-7C68-3​198-B87D-2DABC30A5587}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Classes\Interfac​e\{EFA1BDB2-BB3D-3D9A-8EB5-D0D​22E0F64F4}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{EFA1BDB2-BB3D-3​D9A-8EB5-D0D22E0F64F4}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Classes\Interfac​e\{EFDCAF05-D29C-4D4D-9836-8CD​CD606A6B2}]    => Infection BT (Toolbar.Babylon)
 [HKLM\Software\Wow6432Node\Micr​osoft\Internet Explorer\Low Rights\ElevationPolicy\{F34C9277-6577-4DFF-B2D7-7D58092F272F}]    => Infection PUP (PUP.Datamngr)
 [HKLM\Software\Classes\Interfac​e\{F4CBF4DD-F8FE-35BA-BB7E-683​04DAAB70B}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{F4CBF4DD-F8FE-3​5BA-BB7E-68304DAAB70B}]    => Infection PUP (PUP.RewardsArcade)
 [HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{FC​0D62C2-9640-4AEB-A5D5-CF25DF11​FA8C}]    => Infection BT (Hijack.Browser)
 [HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Settings\​{FC0D62C2-9640-4AEB-A5D5-CF25D​F11FA8C}]    => Infection BT (Hijack.Browser)
 [HKLM\Software\Wow6432Node\Micr​osoft\Windows\CurrentVersion\E​xplorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}]    => Infection BT (Hijack.Browser)
 [HKLM\Software\Classes\Interfac​e\{FC32005D-E27C-32E0-ADFA-152​F598B75E7}]    => Infection PUP (PUP.RewardsArcade)
 [HKLM\Software\Wow6432Node\Clas​ses\Interface\{FC32005D-E27C-3​2E0-ADFA-152F598B75E7}]    => Infection PUP (PUP.RewardsArcade)
 [HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{FD​72061E-9FDE-484D-A58A-0BAB4151​CAD8}]    => Infection BT (Adware.Yontoo)
 [HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Settings\​{FD72061E-9FDE-484D-A58A-0BAB4​151CAD8}]    => Infection BT (Adware.Yontoo)
 [HKLM\Software\Wow6432Node\Micr​osoft\Windows\CurrentVersion\E​xplorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]    => Infection BT (Adware.Yontoo)
 [HKLM\Software\Classes\SearchQU​IEHelper.DNSGuard]
 [HKLM\Software\Classes\SearchQU​IEHelper.DNSGuard.1]
 [HKLM\Software\Wow6432Node\Goog​le\Chrome\Extensions\bjeikehei​jdjdfjbmknpefojickbkmom]
 [HKLM\Software\Wow6432Node\Boxo​re]    => Infection PUP (Adware.Boxore)
 [HKCU\Software\DataMngr]    => Infection PUP (PUP.BearShare)
 [HKCU\Software\DataMngr_Toolbar​]
 [HKLM\Software\Wow6432Node\FREE​zeFrog]    => Infection KeyLogger (Adware.FreezeFrog)
 [HKCU\Software\AppDataLow\Softw​are\I Want This]    => Infection BT (PUP.RewardsArcade)
 [HKCU\Software\ilivid]    => Infection BT (Adware.Bandoo)
 [HKCU\Software\Iminent]    => Infection PUP (Adware.IMBooster)
 [HKLM\Software\Wow6432Node\Imin​ent]    => Infection PUP (Adware.IMBooster)
 [HKCU\Software\OfferBox]    => Infection PUP (PUP.OfferBox)
 [HKLM\Software\Wow6432Node\Offe​rBox]    => Infection PUP (PUP.OfferBox)
 [HKLM\Software\Wow6432Node\Sear​chquMediabarTb]    => Infection PUP (Adware.Bandoo)
 [HKCU\Software\AppDataLow\Softw​are\searchqutoolbar]    => Infection PUP (Adware.Bandoo)
 [HKCU\Software\Tutorials]    => Infection BT (Spyware.AgenceExclusive)
 [HKLM\Software\Web Assistant]    => Infection BT (Adware.IncrediBar)
 [HKLM\Software\Wow6432Node\Web Assistant]    => Infection BT (Adware.IncrediBar)
 [HKCU\Software\WideStream]    => Infection BT (Adware.SPointer)
 [HKLM\Software\Wow6432Node\Micr​osoft\Tracing\Babylon_RASAPI32​]
 [HKLM\Software\Wow6432Node\Micr​osoft\Tracing\Babylon_RASMANCS​]
 [HKLM\Software\Wow6432Node\Micr​osoft\Tracing\Iminent_RASAPI32​]
 [HKLM\Software\Wow6432Node\Micr​osoft\Tracing\Iminent_RASMANCS​]
 [HKLM\Software\Wow6432Node\Micr​osoft\Tracing\incredibar_insta​ller_RASAPI32]
 [HKLM\Software\Wow6432Node\Micr​osoft\Tracing\incredibar_insta​ller_RASMANCS]
 [HKLM\Software\Wow6432Node\Micr​osoft\Tracing\MyBabylontb_RASA​PI32]
 [HKLM\Software\Wow6432Node\Micr​osoft\Tracing\MyBabylontb_RASM​ANCS]
 [HKLM\Software\Wow6432Node\Micr​osoft\Tracing\SearchquMediaBar​_RASAPI32]
 [HKLM\Software\Wow6432Node\Micr​osoft\Tracing\SearchquMediaBar​_RASMANCS]
 [HKLM\Software\Wow6432Node\Micr​osoft\Tracing\SetupDataMngr_Se​archqu_RASAPI32]
 [HKLM\Software\Wow6432Node\Micr​osoft\Tracing\SetupDataMngr_Se​archqu_RASMANCS]
 [HKLM\Software\Microsoft\Window​s\CurrentVersion\Uninstall\{33​6D0C35-8A85-403a-B9D2-65C292C3​9087}_is1]    => Infection BT (Adware.IncrediBar)
 [HKLM\Software\Classes\Prod.cap​]
 [HKCU\Software\AppDataLow\Softw​are\Crossrider]    => Infection PUP (Adware.VidSaver)
 [HKLM\Software\Classes\YontooIE​Client.Api]
 [HKLM\Software\Classes\YontooIE​Client.Api.1]
 [HKLM\Software\Classes\YontooIE​Client.Layers]
 [HKLM\Software\Classes\YontooIE​Client.Layers.1]
 [HKLM\Software\Classes\AppID\Yo​ntooIEClient.DLL]
 [HKLM\Software\Wow6432Node\Clas​ses\SearchQUIEHelper.DNSGuard]
 [HKLM\Software\Wow6432Node\Clas​ses\SearchQUIEHelper.DNSGuard.​1]
 [HKLM\Software\Wow6432Node\Clas​ses\YontooIEClient.Api]
 [HKLM\Software\Wow6432Node\Clas​ses\YontooIEClient.Api.1]
 [HKLM\Software\Wow6432Node\Clas​ses\YontooIEClient.Layers]
 [HKLM\Software\Wow6432Node\Clas​ses\YontooIEClient.Layers.1]
 [HKLM\Software\Wow6432Node\Clas​ses\AppID\YontooIEClient.DLL]
 C:\Program Files (x86)\Yontoo Layers Runtime    => Infection BT (Adware.Yontoo)
 C:\Program Files (x86)\Iminent    => Infection PUP (Adware.IMBooster)
 C:\Program Files (x86)\OfferBox    => Infection PUP (PUP.OfferBox)
 C:\Program Files (x86)\Widestream6    => Infection BT (Adware.SPointer)
 C:\Program Files (x86)\Windows iLivid Toolbar    => Infection BT (Adware.Bandoo)
 C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\Moovida    => Infection BT (Adware.SPointer)
 C:\Users\lazur\AppData\Roaming​\FREEzeFrog    => Infection KeyLogger (Adware.FreezeFrog)
 C:\Users\lazur\AppData\Roaming​\OfferBox    => Infection PUP (PUP.OfferBox)
 C:\Users\lazur\AppData\Roaming​\Widestream    => Infection BT (Adware.SPointer)
 C:\Users\lazur\AppData\Local\S​oftware    => Infection PUP (Adware.Boxore)
 C:\Users\lazur\AppData\Local\w​idestream6 Air    => Infection BT (Adware.SPointer)
 C:\Users\lazur\AppData\LocalLo​w\BabylonToolbar    => Infection BT (Toolbar.Babylon)
 C:\Users\lazur\AppData\LocalLo​w\facemoods.com    => Infection PUP (Adware.Facemoods)
 C:\Users\lazur\AppData\LocalLo​w\searchquband    => Infection PUP (Adware.Bandoo)
 C:\Users\lazur\AppData\LocalLo​w\searchqutoolbar    => Infection PUP (Adware.Bandoo)
 C:\Users\lazur\AppData\LocalLo​w\ShoppingReport2    => Infection BT (Adware.ShoppingReports)
 O90 - PUC: "112C48061A10E464790A9077E221B​205" . (.Moovida.) -- C:\Windows\Installer\{6084C211​-01A1-464E-97A0-09772E122B50}\​ARPPRODUCTICON.exe    => Infection BT (Adware.SPointer)
 SS - | Auto  0 |  (Web Assistant Updater) . (...) - C:\Program Files\Web Assistant\ExtensionUpdaterServ​ice.exe    => Infection BT (Adware.IncrediBar)
 [HKLM\Software\Google\Chrome\Ex​tensions\dlnembnfbcpjnepmfjmng​jenhhajpdfd]
 [HKLM\Software\Wow6432Node\Goog​le\Chrome\Extensions\dlnembnfb​cpjnepmfjmngjenhhajpdfd]
 [HKLM\Software\Classes\AppID\{4​D076AB4-7562-427A-B5D2-BD96E19​DEE56}]
 [HKLM\Software\Wow6432Node\Clas​ses\AppID\{4D076AB4-7562-427A-​B5D2-BD96E19DEE56}]
 [HKLM\Software\Wow6432Node\Micr​osoft\Tracing\offerbox_RASAPI3​2]
 [HKLM\Software\Wow6432Node\Micr​osoft\Tracing\offerbox_RASMANC​S]
 [HKCU\Software\InstallCore]    
 [HKLM\Software\Classes\AppID\se​cman.DLL]
 [HKLM\SYSTEM\CurrentControlSet\​Services\Web Assistant Updater]
 [HKLM\Software\Classes\Installe​r\Features\112C48061A10E464790​A9077E221B205]
 [HKLM\Software\Classes\Installe​r\Products\112C48061A10E464790​A9077E221B205]
 [HKLM\Software\Microsoft\Window​s\CurrentVersion\Installer\Use​rData\S-1-5-18\Products\112C48​061A10E464790A9077E221B205]
 [HKLM\Software\Wow6432Node\Clas​ses\Installer\Features\112C480​61A10E464790A9077E221B205]
 [HKLM\Software\Wow6432Node\Clas​ses\Installer\Products\112C480​61A10E464790A9077E221B205]
 [HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{33​6D0C35-8A85-403A-B9D2-65C292C3​9087}]
 [HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Settings\​{336D0C35-8A85-403A-B9D2-65C29​2C39087}]
 [HKLM\Software\Classes\CLSID\{3​36D0C35-8A85-403A-B9D2-65C292C​39087}]
 [HKLM\Software\Microsoft\Window​s\CurrentVersion\Explorer\Brow​ser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}]
 [HKLM\Software\Wow6432Node\Micr​osoft\Windows\CurrentVersion\E​xplorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}]
 [HKLM\Software\Microsoft\Window​s\CurrentVersion\Installer\Use​rData\S-1-5-18\Components\2979​9DE249E7DBC459FC6C8F07EB8375]
 [HKLM\Software\Microsoft\Window​s\CurrentVersion\Installer\Use​rData\S-1-5-18\Components\0238​BBE24EA3A70408B81E4BB89C15E5]
 [HKCU\AppEvents\Schemes\Apps\Ex​plorer\Navigating\Old_Current]
 [HKLM\Software\Wow6432Node\Micr​osoft\Windows\CurrentVersion\E​xplorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]    
 [HKLM\Software\Wow6432Node\Micr​osoft\Windows\CurrentVersion\E​xt\PreApproved\{02478D38-C3F9-​4EFB-9B51-7695ECA05670}]    
 [HKLM\Software\Classes\Interfac​e\{B7EA2226-F876-4BE4-B478-76E​BAE2A668A}]
 [HKLM\Software\Wow6432Node\Micr​osoft\Tracing\I Want This_RASAPI32]
 [HKLM\Software\Wow6432Node\Micr​osoft\Tracing\I Want This_RASMANCS]
 [HKLM\Software\Classes\Interfac​e\{C3F058A9-407D-4CD1-8F66-B75​605B54B69}]
 [HKLM\Software\Classes\Interfac​e\{8911483C-C00A-4183-9FBC-6C9​C00946C15}]
 [HKLM\Software\Classes\Interfac​e\{5C9A230D-70A5-11D5-AFB0-005​0DAC67890}]
 [HKLM\Software\Classes\Interfac​e\{0BF91075-F457-4A8B-99EF-140​B52D2F22A}]
 [HKLM\Software\Classes\Interfac​e\{37425600-CB21-49A0-8659-476​FBAB0F8E8}]
 [HKLM\Software\Classes\Interfac​e\{431FB0E5-2CBB-4602-9FE6-F1D​64488ADD7}]
 [HKLM\Software\Classes\AppID\{6​536801B-F50C-449B-9476-093DFD3​789E3}]
 [HKLM\Software\Wow6432Node\Clas​ses\AppID\{6536801B-F50C-449B-​9476-093DFD3789E3}]
 [HKLM\Software\Wow6432Node\Micr​osoft\Tracing\ConduitInstaller​_RASAPI32]
 [HKLM\Software\Wow6432Node\Micr​osoft\Tracing\ConduitInstaller​_RASMANCS]
 [HKLM\Software\Microsoft\Window​s\CurrentVersion\Installer\Use​rData\S-1-5-18\Components\CA00​54A5AB3EFFE4CB5660E44A1E7DCC]

 FirewallRaz
 EmptyFlash
 EmptyTemp
 

 lance zhpfix

 tu colles les lignes avec ce bouton

 http://img15.hostingpics.net/p​ics/487000Capturezphrouge.png

 tu supprimes avec le bouton GO

 copies colles c:\zhp\zhpfix[r1].txt ;)


---------------
l'urgent est fait , l'impossible est en cours
pour les miracles prévoir des délais
kirikou123
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 30/05/2013 à 10:47:48  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut voici le rapport :

 Rapport de ZHPFix 2013.5.24.2 par Nicolas Coolman, Update du 24/05/2013
 Fichier d'export Registre :
 Run by lazur at 30/05/2013 12:43:21
 High Elevated Privileges : OK
 Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

 Corbeille vidée

 ========== Logiciel(s) ==========
 ABSENT Software Key: {336D0C35-8A85-403a-B9D2-65C29​2C39087}_is1
 ABSENT Uninstall Process: c:\program files (x86)\windows ilivid toolbar\uninstall.exe
 ABSENT Software Key: {889DF117-14D1-44EE-9F31-C5FB5​D47F68B}

 ========== Clé(s) du Registre ==========
 SUPPRIME [HKLM\SOFTWARE\Wow6432Node\Micr​osoft\Windows\CurrentVersion\U​ninstall\Searchqu 406 MediaBar]
 SUPPRIME Key: CLSID BHO: {336D0C35-8A85-403a-B9D2-65C29​2C39087}
 SUPPRIME  Key: CLSID: [HKLM\SOFTWARE\Classes\CLSID\{3​36D0C35-8A85-403a-B9D2-65C292C​39087}]
 SUPPRIME Key: CLSID BHO: {99079a25-328f-4bd4-be04-00955​acaa0a7}
 SUPPRIME Key: CLSID BHO: {A40DC6C5-79D0-4ca8-A185-8FF98​9AF1115}
 SUPPRIME  Key: CLSID: [HKLM\SOFTWARE\Classes\CLSID\{A​40DC6C5-79D0-4ca8-A185-8FF989A​F1115}]
 SUPPRIME Key: CLSID BHO: {FC0D62C2-9640-4AEB-A5D5-CF25D​F11FA8C}
 SUPPRIME Key: CLSID BHO: {FD72061E-9FDE-484D-A58A-0BAB4​151CAD8}
 SUPPRIME Key: Service: Web Assistant Updater
 SUPPRIME Key: HKCU\Software\AppDataLow\Softw​are\Crossrider
 SUPPRIME Key: HKCU\Software\AppDataLow\Softw​are\I Want This
 SUPPRIME Key: HKCU\Software\AppDataLow\Softw​are\ShoppingReport2
 SUPPRIME Key: HKCU\Software\AppDataLow\Softw​are\searchqutoolbar
 SUPPRIME Key: HKCU\Software\DataMngr_Toolbar
 SUPPRIME Key: HKCU\Software\Datamngr
 SUPPRIME Key: HKCU\Software\Iminent
 SUPPRIME Key: HKCU\Software\Moovida
 SUPPRIME Key: HKCU\Software\OfferBox
 SUPPRIME Key: HKCU\Software\TutoTag
 SUPPRIME Key: HKCU\Software\Tutorials
 SUPPRIME Key: HKCU\Software\WideStream
 SUPPRIME Key: HKCU\Software\iLivid
 SUPPRIME Key*: HKLM\Software\Web Assistant
 SUPPRIME Key: HKLM\Software\Wow6432Node\Boxo​re
 SUPPRIME Key: HKLM\Software\Wow6432Node\FREE​zeFrog
 SUPPRIME Key: HKLM\Software\Wow6432Node\Imin​ent
 SUPPRIME Key: HKLM\Software\Wow6432Node\Moov​ida
 SUPPRIME Key: HKLM\Software\Wow6432Node\Offe​rBox
 ABSENT Key: HKLM\Software\Wow6432Node\Sear​chquMediabarTb
 ABSENT Key: HKLM\Software\Wow6432Node\Web Assistant
 SUPPRIME Key: SearchScopes :{0ECDF796-C2DC-4d79-A620-CCE0​C0A66CC9}
 SUPPRIME Key: SearchScopes :{5AA2BA46-9913-4DC7-9620-69AB​0FA17AE7}
 SUPPRIME Key: SearchScopes :{8A96AF9E-4074-43b7-BEA3-8721​7BDA7406}
 SUPPRIME Key: SearchScopes :{A531D99C-5A22-449b-83DA-8727​25C6D0ED}
 SUPPRIME Key: SearchScopes :{d906873c-051a-427c-a638-768d​3902f01b}
 SUPPRIME Key*: SearchScopes :{4B8C28A7-A9BC-45F8-990D-2149​9EED643C}
 ABSENT SearchScopes :{4B8C28A7-A9BC-45F8-990D-2149​9EED643C}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{021B4049-F57D-4565-A693-FD3​B04786BFA}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{021B4049-F57D-4​565-A693-FD3B04786BFA}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{0362AA09-808D-48E9-B360-FB5​1A8CBCE09}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{0362AA09-808D-4​8E9-B360-FB51A8CBCE09}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{06844020-CD0B-3D3D-A7FE-371​153013E49}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{06844020-CD0B-3​D3D-A7FE-371153013E49}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{0ADC01BB-303B-3F8E-93DA-12C​140E85460}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{0ADC01BB-303B-3​F8E-93DA-12C140E85460}
 ABSENT Key: HKCU\Software\Microsoft\Intern​et Explorer\SearchScopes\{0ecdf79​6-c2dc-4d79-a620-cce0c0a66cc9}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{10D3722F-23E6-3901-B6C1-FF6​567121920}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{10D3722F-23E6-3​901-B6C1-FF6567121920}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{10DE7085-6A1E-4D41-A7BF-9AF​93E351401}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{10DE7085-6A1E-4​D41-A7BF-9AF93E351401}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{1675E62B-F911-3B7B-A046-EB5​7261212F3}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{1675E62B-F911-3​B7B-A046-EB57261212F3}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{192929F2-9273-3894-91B0-F54​671C4C861}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{192929F2-9273-3​894-91B0-F54671C4C861}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{1AD27395-1659-4DFF-A319-2CF​A243861A5}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{1AD27395-1659-4​DFF-A319-2CFA243861A5}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{1B730ACF-26A3-447B-9994-14A​EE0EB72CC}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{1B730ACF-26A3-4​47B-9994-14AEE0EB72CC}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{2932897E-3036-43D9-8A64-B06​447992065}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{2932897E-3036-4​3D9-8A64-B06447992065}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{2DE92D29-A042-3C37-BFF8-07C​7D8893EFA}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{2DE92D29-A042-3​C37-BFF8-07C7D8893EFA}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{32B80AD6-1214-45F4-994E-78A​5D482C000}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{32B80AD6-1214-4​5F4-994E-78A5D482C000}
 SUPPRIME Key: HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{33​6D0C35-8A85-403a-B9D2-65C292C3​9087}
 SUPPRIME Key: HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Settings\​{336D0C35-8A85-403a-B9D2-65C29​2C39087}
 ABSENT Key: HKLM\Software\Classes\CLSID\{3​36D0C35-8A85-403a-B9D2-65C292C​39087}
 SUPPRIME Key*: HKLM\Software\Microsoft\Window​s\CurrentVersion\Explorer\Brow​ser Helper Objects\{336D0C35-8A85-403a-B9​D2-65C292C39087}
 ABSENT Key: HKLM\Software\Wow6432Node\Micr​osoft\Windows\CurrentVersion\E​xplorer\Browser Helper Objects\{336D0C35-8A85-403a-B9​D2-65C292C39087}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{3A8E103F-B2B7-3BEF-B3B0-88E​29B2420E4}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{3A8E103F-B2B7-3​BEF-B3B0-88E29B2420E4}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{44C3C1DB-2127-433C-98EC-4C9​412B5FC3A}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{478CE5D3-D38E-3FFE-8DBE-8C4​A0F1C4D8D}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{478CE5D3-D38E-3​FFE-8DBE-8C4A0F1C4D8D}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{48B7DA4E-69ED-39E3-BAD5-3E3​EFF22CFB0}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{48B7DA4E-69ED-3​9E3-BAD5-3E3EFF22CFB0}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{4D5132DD-BB2B-4249-B5E0-D14​5A8C982E1}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{5982F405-44E4-3BBB-BAC4-CF8​141CBBC5C}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{5982F405-44E4-3​BBB-BAC4-CF8141CBBC5C}
 ABSENT Key: HKCU\Software\Microsoft\Intern​et Explorer\SearchScopes\{5AA2BA4​6-9913-4DC7-9620-69AB0FA17AE7}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{5D8C3CC3-3C05-38A1-B244-924​A23115FE9}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{5D8C3CC3-3C05-3​8A1-B244-924A23115FE9}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{5F339F0B-716F-408F-A627-DEE​B5DEB4020}
 SUPPRIME Key: HKLM\Software\Wow6432Node\Micr​osoft\Windows\CurrentVersion\U​ninstall\{6084C211-01A1-464E-9​7A0-09772E122B50}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{641593AF-D9FD-30F7-B783-36E​16F7A2E08}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{641593AF-D9FD-3​0F7-B783-36E16F7A2E08}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{66EEF543-A9AC-4A9D-AA3C-1ED​148AC8EEE}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{66EEF543-A9AC-4​A9D-AA3C-1ED148AC8EEE}
 SUPPRIME Key: HKLM\Software\Wow6432Node\Micr​osoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81C​CD-A80C-4060-8947-5AE69ED01199​}
 SUPPRIME Key: HKLM\Software\Classes\TypeLib\​{6A4BCABA-C437-4C76-A54E-AF31B​8A76CB9}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{706D4A4B-184A-4434-B331-296​B07493D2D}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{711FC48A-1356-3932-94D8-A8B​733DBC7E4}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{711FC48A-1356-3​932-94D8-A8B733DBC7E4}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{72227B7F-1F02-3560-95F5-592​E68BACC0C}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{72227B7F-1F02-3​560-95F5-592E68BACC0C}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{7B5E8CE3-4722-4C0E-A236-A6F​F731BEF37}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{7B5E8CE3-4722-4​C0E-A236-A6FF731BEF37}
 SUPPRIME Key*: HKLM\Software\Microsoft\Window​s\CurrentVersion\Uninstall\{88​9DF117-14D1-44EE-9F31-C5FB5D47​F68B}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{890D4F59-5ED0-3CB4-8E0E-74A​5A86E7ED0}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{890D4F59-5ED0-3​CB4-8E0E-74A5A86E7ED0}
 ABSENT Key: HKCU\Software\Microsoft\Intern​et Explorer\SearchScopes\{8A96AF9​E-4074-43b7-BEA3-87217BDA7406}
 SUPPRIME Key: HKLM\Software\Wow6432Node\Micr​osoft\Internet Explorer\SearchScopes\{8A96AF9​E-4074-43b7-BEA3-87217BDA7406}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{8BE10F21-185F-4CA0-B789-992​1674C3993}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{8C68913C-AC3C-4494-8B9C-984​D87C85003}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{8C68913C-AC3C-4​494-8B9C-984D87C85003}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{8D019513-083F-4AA5-933F-7D4​3A6DA82C4}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{8D019513-083F-4​AA5-933F-7D43A6DA82C4}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{923F6FB8-A390-370E-A0D2-DD5​05432481D}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{923F6FB8-A390-3​70E-A0D2-DD505432481D}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{94C0B25D-3359-4B10-B227-F96​A77DB773F}
 SUPPRIME Key: HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{99​079A25-328F-4BD4-BE04-00955ACA​A0A7}
 SUPPRIME Key: HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Settings\​{99079A25-328F-4BD4-BE04-00955​ACAA0A7}
 ABSENT Key: HKLM\Software\Wow6432Node\Micr​osoft\Windows\CurrentVersion\E​xplorer\Browser Helper Objects\{99079A25-328F-4BD4-BE​04-00955ACAA0A7}
 ABSENT Key: HKLM\Software\Wow6432Node\Micr​osoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A​25-328F-4BD4-BE04-00955ACAA0A7​}
 SUPPRIME Key*: HKLM\Software\Microsoft\Intern​et Explorer\SearchScopes\{9BB47C1​7-9C68-4BB3-B188-DD9AF0FD2406}
 ABSENT Key: HKLM\Software\Wow6432Node\Micr​osoft\Internet Explorer\SearchScopes\{9BB47C1​7-9C68-4BB3-B188-DD9AF0FD2406}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{9BBB26EF-B178-35D6-9D3D-B48​5F4279FE5}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{9BBB26EF-B178-3​5D6-9D3D-B485F4279FE5}
 SUPPRIME Key: HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{A4​0DC6C5-79D0-4ca8-A185-8FF989AF​1115}
 SUPPRIME Key: HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Settings\​{A40DC6C5-79D0-4ca8-A185-8FF98​9AF1115}
 ABSENT Key: HKLM\Software\Classes\CLSID\{A​40DC6C5-79D0-4ca8-A185-8FF989A​F1115}
 SUPPRIME Key*: HKLM\Software\Microsoft\Window​s\CurrentVersion\Explorer\Brow​ser Helper Objects\{A40DC6C5-79D0-4ca8-A1​85-8FF989AF1115}
 ABSENT Key: HKLM\Software\Wow6432Node\Micr​osoft\Windows\CurrentVersion\E​xplorer\Browser Helper Objects\{A40DC6C5-79D0-4ca8-A1​85-8FF989AF1115}
 ABSENT Key: HKCU\Software\Microsoft\Intern​et Explorer\SearchScopes\{A531D99​C-5A22-449b-83DA-872725C6D0ED}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{A62DDBE0-8D2A-339A-B089-8CB​CC5CD322A}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{A62DDBE0-8D2A-3​39A-B089-8CBCC5CD322A}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{A82AD04D-0B8E-3A49-947B-6A6​9A8A9C96D}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{A82AD04D-0B8E-3​A49-947B-6A69A8A9C96D}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{ADEB3CC9-A05D-4FCC-BD09-902​5456AA3EA}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{ADEB3CC9-A05D-4​FCC-BD09-9025456AA3EA}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{B06D4521-D09C-3F41-8E39-9D7​84CCA2A75}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{B06D4521-D09C-3​F41-8E39-9D784CCA2A75}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{B0B75FBA-7288-4FD3-A9EB-7EE​27FA65599}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{B173667F-8395-4317-8DD6-45A​D1FE00047}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{B32672B3-F656-46E0-B584-FE6​1C0BB6037}
 SUPPRIME Key: HKLM\Software\Classes\AppID\{B​DB69379-802F-4EAF-B541-F8DE92D​D98DB}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\AppID\{BDB69379-802F-4EAF-​B541-F8DE92DD98DB}
 ABSENT Key: HKLM\Software\Classes\AppID\{B​DB69379-802F-4eaf-B541-F8DE92D​D98DB}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{C06DAD42-6F39-4CE1-83CC-9A8​B9105E556}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{C06DAD42-6F39-4​CE1-83CC-9A8B9105E556}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{C2434722-5C85-4CA0-BA69-1B6​7E7AB3D68}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{C2996524-2187-441F-A398-CD6​CB6B3D020}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{C2E799D0-43A5-3477-8A98-FC5​F3677F35C}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{C2E799D0-43A5-3​477-8A98-FC5F3677F35C}
 SUPPRIME Key: HKLM\Software\Classes\AppID\{C​FDAFE39-20CE-451D-BD45-A37452F​39CF0}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\AppID\{CFDAFE39-20CE-451D-​BD45-A37452F39CF0}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{D16107CD-2AD5-46A8-BA59-303​B7C32C500}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{D16107CD-2AD5-4​6A8-BA59-303B7C32C500}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{D25B101F-8188-3B43-9D85-201​F372BC205}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{D25B101F-8188-3​B43-9D85-201F372BC205}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{D2BA7595-5E44-3F1E-880F-03B​3139FA5ED}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{D2BA7595-5E44-3​F1E-880F-03B3139FA5ED}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{D35F5C81-17D9-3E1C-A1FC-447​2542E1D25}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{D35F5C81-17D9-3​E1C-A1FC-4472542E1D25}
 SUPPRIME Key: HKLM\Software\Classes\TypeLib\​{D372567D-67C1-4B29-B3F0-159B5​2B3E967}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{D8FA96CA-B250-312C-AF34-4FF​1DD72589D}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{D8FA96CA-B250-3​12C-AF34-4FF1DD72589D}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{DAFC1E63-3359-416D-9BC2-E7D​CA6F7B0F3}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{DAFC1E63-3359-4​16D-9BC2-E7DCA6F7B0F3}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{DC5E5C44-80FD-3697-9E65-9F2​86D92F3E7}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{DC5E5C44-80FD-3​697-9E65-9F286D92F3E7}
 SUPPRIME Key: HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{DF​7770F7-832F-4BDF-B144-100EDDD0​C3AE}
 SUPPRIME Key: HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Settings\​{DF7770F7-832F-4BDF-B144-100ED​DD0C3AE}
 SUPPRIME Key: HKLM\Software\Wow6432Node\Micr​osoft\Windows\CurrentVersion\E​xt\PreApproved\{DF7770F7-832F-​4BDF-B144-100EDDD0C3AE}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{E047E227-5342-4D94-80F7-CFB​154BF55BD}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{E1B4C9DE-D741-385F-981E-674​5FACE6F01}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{E1B4C9DE-D741-3​85F-981E-6745FACE6F01}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{E3F79BE9-24D4-4F4D-8C13-DF2​C9899F82E}
 SUPPRIME Key: HKLM\Software\Wow6432Node\Micr​osoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969​FB-6D33-48d2-9061-8BBD4899EB08​}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{E77EEF95-3E83-4BB8-9C0D-4A5​163774997}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{E7B623F5-9715-3F9F-A671-D14​85A39F8A2}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{E7B623F5-9715-3​F9F-A671-D1485A39F8A2}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{ED916A7B-7C68-3198-B87D-2DA​BC30A5587}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{ED916A7B-7C68-3​198-B87D-2DABC30A5587}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{EFA1BDB2-BB3D-3D9A-8EB5-D0D​22E0F64F4}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{EFA1BDB2-BB3D-3​D9A-8EB5-D0D22E0F64F4}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{EFDCAF05-D29C-4D4D-9836-8CD​CD606A6B2}
 SUPPRIME Key: HKLM\Software\Wow6432Node\Micr​osoft\Internet Explorer\Low Rights\ElevationPolicy\{F34C92​77-6577-4DFF-B2D7-7D58092F272F​}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{F4CBF4DD-F8FE-35BA-BB7E-683​04DAAB70B}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{F4CBF4DD-F8FE-3​5BA-BB7E-68304DAAB70B}
 SUPPRIME Key: HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{FC​0D62C2-9640-4AEB-A5D5-CF25DF11​FA8C}
 SUPPRIME Key: HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Settings\​{FC0D62C2-9640-4AEB-A5D5-CF25D​F11FA8C}
 ABSENT Key: HKLM\Software\Wow6432Node\Micr​osoft\Windows\CurrentVersion\E​xplorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5​D5-CF25DF11FA8C}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{FC32005D-E27C-32E0-ADFA-152​F598B75E7}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Interface\{FC32005D-E27C-3​2E0-ADFA-152F598B75E7}
 SUPPRIME Key: HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{FD​72061E-9FDE-484D-A58A-0BAB4151​CAD8}
 SUPPRIME Key: HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Settings\​{FD72061E-9FDE-484D-A58A-0BAB4​151CAD8}
 ABSENT Key: HKLM\Software\Wow6432Node\Micr​osoft\Windows\CurrentVersion\E​xplorer\Browser Helper Objects\{FD72061E-9FDE-484D-A5​8A-0BAB4151CAD8}
 SUPPRIME Key: HKLM\Software\Classes\SearchQU​IEHelper.DNSGuard
 SUPPRIME Key: HKLM\Software\Classes\SearchQU​IEHelper.DNSGuard.1
 SUPPRIME Key: HKLM\Software\Wow6432Node\Goog​le\Chrome\Extensions\bjeikehei​jdjdfjbmknpefojickbkmom
 ABSENT Key: HKCU\Software\DataMngr
 ABSENT Key: HKCU\Software\ilivid
 SUPPRIME Key: HKLM\Software\Wow6432Node\Micr​osoft\Tracing\Babylon_RASAPI32
 SUPPRIME Key: HKLM\Software\Wow6432Node\Micr​osoft\Tracing\Babylon_RASMANCS
 SUPPRIME Key: HKLM\Software\Wow6432Node\Micr​osoft\Tracing\Iminent_RASAPI32
 SUPPRIME Key: HKLM\Software\Wow6432Node\Micr​osoft\Tracing\Iminent_RASMANCS
 SUPPRIME Key: HKLM\Software\Wow6432Node\Micr​osoft\Tracing\incredibar_insta​ller_RASAPI32
 SUPPRIME Key: HKLM\Software\Wow6432Node\Micr​osoft\Tracing\incredibar_insta​ller_RASMANCS
 SUPPRIME Key: HKLM\Software\Wow6432Node\Micr​osoft\Tracing\MyBabylontb_RASA​PI32
 SUPPRIME Key: HKLM\Software\Wow6432Node\Micr​osoft\Tracing\MyBabylontb_RASM​ANCS
 SUPPRIME Key: HKLM\Software\Wow6432Node\Micr​osoft\Tracing\SearchquMediaBar​_RASAPI32
 SUPPRIME Key: HKLM\Software\Wow6432Node\Micr​osoft\Tracing\SearchquMediaBar​_RASMANCS
 SUPPRIME Key: HKLM\Software\Wow6432Node\Micr​osoft\Tracing\SetupDataMngr_Se​archqu_RASAPI32
 SUPPRIME Key: HKLM\Software\Wow6432Node\Micr​osoft\Tracing\SetupDataMngr_Se​archqu_RASMANCS
 SUPPRIME Key*: HKLM\Software\Microsoft\Window​s\CurrentVersion\Uninstall\{33​6D0C35-8A85-403a-B9D2-65C292C3​9087}_is1
 SUPPRIME Key: HKLM\Software\Classes\Prod.cap
 SUPPRIME Key: HKLM\Software\Classes\YontooIE​Client.Api
 SUPPRIME Key: HKLM\Software\Classes\YontooIE​Client.Api.1
 SUPPRIME Key: HKLM\Software\Classes\YontooIE​Client.Layers
 SUPPRIME Key: HKLM\Software\Classes\YontooIE​Client.Layers.1
 SUPPRIME Key: HKLM\Software\Classes\AppID\Yo​ntooIEClient.DLL
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\SearchQUIEHelper.DNSGuard
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\SearchQUIEHelper.DNSGuard.​1
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\YontooIEClient.Api
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\YontooIEClient.Api.1
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\YontooIEClient.Layers
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\YontooIEClient.Layers.1
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\AppID\YontooIEClient.DLL
 SUPPRIME Key: \Software\Classes\Installer\Pr​oducts\\112C48061A10E464790A90​77E221B205
 SUPPRIME Key: \Software\Classes\Installer\Fe​atures\112C48061A10E464790A907​7E221B205
 ABSENT Key: Service: Web Assistant Updater
 SUPPRIME Key*: HKLM\Software\Google\Chrome\Ex​tensions\dlnembnfbcpjnepmfjmng​jenhhajpdfd
 ABSENT Key: HKLM\Software\Wow6432Node\Goog​le\Chrome\Extensions\dlnembnfb​cpjnepmfjmngjenhhajpdfd
 SUPPRIME Key: HKLM\Software\Classes\AppID\{4​D076AB4-7562-427A-B5D2-BD96E19​DEE56}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\AppID\{4D076AB4-7562-427A-​B5D2-BD96E19DEE56}
 SUPPRIME Key: HKLM\Software\Wow6432Node\Micr​osoft\Tracing\offerbox_RASAPI3​2
 SUPPRIME Key: HKLM\Software\Wow6432Node\Micr​osoft\Tracing\offerbox_RASMANC​S
 SUPPRIME Key: HKCU\Software\InstallCore
 SUPPRIME Key: HKLM\Software\Classes\AppID\se​cman.DLL
 ABSENT Key: HKLM\SYSTEM\CurrentControlSet\​Services\Web Assistant Updater
 ABSENT Key: HKLM\Software\Classes\Installe​r\Features\112C48061A10E464790​A9077E221B205
 ABSENT Key: HKLM\Software\Classes\Installe​r\Products\112C48061A10E464790​A9077E221B205
 SUPPRIME Key*: HKLM\Software\Microsoft\Window​s\CurrentVersion\Installer\Use​rData\S-1-5-18\Products\112C48​061A10E464790A9077E221B205
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Installer\Features\112C480​61A10E464790A9077E221B205
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\Installer\Products\112C480​61A10E464790A9077E221B205
 ABSENT Key: HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{33​6D0C35-8A85-403A-B9D2-65C292C3​9087}
 ABSENT Key: HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Settings\​{336D0C35-8A85-403A-B9D2-65C29​2C39087}
 ABSENT Key: HKLM\Software\Microsoft\Window​s\CurrentVersion\Explorer\Brow​ser Helper Objects\{336D0C35-8A85-403A-B9​D2-65C292C39087}
 SUPPRIME Key*: HKLM\Software\Microsoft\Window​s\CurrentVersion\Installer\Use​rData\S-1-5-18\Components\2979​9DE249E7DBC459FC6C8F07EB8375
 SUPPRIME Key*: HKLM\Software\Microsoft\Window​s\CurrentVersion\Installer\Use​rData\S-1-5-18\Components\0238​BBE24EA3A70408B81E4BB89C15E5
 SUPPRIME Key: HKCU\AppEvents\Schemes\Apps\Ex​plorer\Navigating\Old_Current
 SUPPRIME Key: HKLM\Software\Wow6432Node\Micr​osoft\Windows\CurrentVersion\E​xplorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B​51-7695ECA05670}
 SUPPRIME Key: HKLM\Software\Wow6432Node\Micr​osoft\Windows\CurrentVersion\E​xt\PreApproved\{02478D38-C3F9-​4EFB-9B51-7695ECA05670}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{B7EA2226-F876-4BE4-B478-76E​BAE2A668A}
 SUPPRIME Key: HKLM\Software\Wow6432Node\Micr​osoft\Tracing\I Want This_RASAPI32
 SUPPRIME Key: HKLM\Software\Wow6432Node\Micr​osoft\Tracing\I Want This_RASMANCS
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{C3F058A9-407D-4CD1-8F66-B75​605B54B69}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{8911483C-C00A-4183-9FBC-6C9​C00946C15}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{5C9A230D-70A5-11D5-AFB0-005​0DAC67890}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{0BF91075-F457-4A8B-99EF-140​B52D2F22A}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{37425600-CB21-49A0-8659-476​FBAB0F8E8}
 SUPPRIME Key*: HKLM\Software\Classes\Interfac​e\{431FB0E5-2CBB-4602-9FE6-F1D​64488ADD7}
 SUPPRIME Key: HKLM\Software\Classes\AppID\{6​536801B-F50C-449B-9476-093DFD3​789E3}
 ABSENT Key: HKLM\Software\Wow6432Node\Clas​ses\AppID\{6536801B-F50C-449B-​9476-093DFD3789E3}
 SUPPRIME Key: HKLM\Software\Wow6432Node\Micr​osoft\Tracing\ConduitInstaller​_RASAPI32
 SUPPRIME Key: HKLM\Software\Wow6432Node\Micr​osoft\Tracing\ConduitInstaller​_RASMANCS
 SUPPRIME Key*: HKLM\Software\Microsoft\Window​s\CurrentVersion\Installer\Use​rData\S-1-5-18\Components\CA00​54A5AB3EFFE4CB5660E44A1E7DCC

 ========== Valeur(s) du Registre ==========
 SUPPRIME RunValue: DATAMNGR
 ABSENT Valeur Standard Profile: FirewallRaz :
 ABSENT Valeur Domain Profile: FirewallRaz :
 SUPPRIME FirewallRaz (None) : {28AE19DB-6C55-4349-8E00-624BE​5497985}
 SUPPRIME FirewallRaz (Public) : {119CCC43-707F-4938-8013-31079​67C3DA7}
 SUPPRIME FirewallRaz (Public) : {9A7CDE4C-A45F-48BE-A28D-DB4A3​0A76FE9}
 SUPPRIME FirewallRaz (Private) : TCP Query User{DAFD9270-AF85-4432-A30B-E​34A61CC1379}C:\program files (x86)\printershare\paconsole.e​xe
 SUPPRIME FirewallRaz (Private) : UDP Query User{A9BCF851-E353-4D7A-9301-A​1DFB396FB30}C:\program files (x86)\printershare\paconsole.e​xe

 ========== Préférences navigateur ==========
 SUPPRIME Folder Chrome: C:\Users\lazur\AppData\Local\G​oogle\Chrome\User Data\Default\Extensions\dlnemb​nfbcpjnepmfjmngjenhhajpdfd

 ========== Dossier(s) ==========
 SUPPRIME Folder: C:\Users\lazur\AppData\Local\G​oogle\Chrome\User Data\Default\Extensions\dlnemb​nfbcpjnepmfjmngjenhhajpdfd
 SUPPRIME Folder: C:\Program Files (x86)\Fluendo
 SUPPRIME Folder: C:\Program Files (x86)\Iminent
 SUPPRIME Folder: C:\Program Files (x86)\OfferBox
 SUPPRIME Folder: C:\Program Files (x86)\Widestream6
 SUPPRIME Folder: C:\Program Files (x86)\Windows iLivid Toolbar
 SUPPRIME Folder: C:\Program Files (x86)\Yontoo Layers Runtime
 SUPPRIME Folder: C:\Users\lazur\AppData\Roaming​\FREEzeFrog
 SUPPRIME Folder: C:\Users\lazur\AppData\Roaming​\moovida-1
 SUPPRIME Folder: C:\Users\lazur\AppData\Roaming​\OfferBox
 SUPPRIME Folder: C:\Users\lazur\AppData\Roaming​\widestream
 SUPPRIME Folder: C:\Users\lazur\AppData\Local\w​idestream6 Air
 SUPPRIME Folder: c:\programdata\microsoft\windo​ws\start menu\programs\moovida
 SUPPRIME Folder: c:\users\lazur\appdata\local\s​oftware
 SUPPRIME Folder: c:\users\lazur\appdata\locallo​w\babylontoolbar
 SUPPRIME Folder: c:\users\lazur\appdata\locallo​w\facemoods.com
 SUPPRIME Folder: c:\users\lazur\appdata\locallo​w\searchquband
 SUPPRIME Folder: c:\users\lazur\appdata\locallo​w\shoppingreport2
 SUPPRIME Flash Cookies
 SUPPRIME Temporaires Windows

 ========== Fichier(s) ==========
 SUPPRIME File: c:\program files (x86)\mozilla firefox\searchplugins\babylon.​xml
 SUPPRIME File: c:\program files\web assistant\extension32.dll
 ABSENT File: c:\program files (x86)\wi3c8a~1\datamngr\datamn​~1.exe
 ABSENT File: c:\program files\web assistant\extensionupdaterserv​ice.exe
 SUPPRIME File: c:\end
 ABSENT Folder/File: c:\program files (x86)\yontoo layers runtime
 ABSENT Folder/File: c:\users\lazur\appdata\roaming​\freezefrog
 ABSENT Folder/File: c:\users\lazur\appdata\roaming​\offerbox
 ABSENT Folder/File: c:\users\lazur\appdata\roaming​\widestream
 ABSENT Folder/File: c:\users\lazur\appdata\local\w​idestream6 air
 ABSENT Folder/File: c:\users\lazur\appdata\locallo​w\searchqutoolbar
 SUPPRIME Flash Cookies
 SUPPRIME Temporaires Windows

 ========== Tache planifiée ==========
 SUPPRIME Task: {63D17920-20B3-4AA5-8AF9-D7869​70CCD97}


 ========== Récapitulatif ==========
 258 : Clé(s) du Registre
 8 : Valeur(s) du Registre
 20 : Dossier(s)
 13 : Fichier(s)
 3 : Logiciel(s)
 1 : Préférences navigateur
 1 : Tache planifiée


 End of clean in 01mn 48s

 ========== Chemin de fichier rapport ==========
 C:\ZHP\ZHPFix[R1].txt - 30/05/2013 12:43:22 [26449]

Profil : Equipe sécurité
did80
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés) Helpeur confirmé
  1. Posté le 31/05/2013 à 07:38:59  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello: kirikou123

 ok on va approfondir fais ceci

 
 Télécharges  sur le Bureau  Roguekiller ICI
 et pas ailleurs.


 http://up.sur-la-toile.com/4Z2Y


 • Quitte tous les programmes en cours.
 • Sous Vista/Seven , clic droit -> lancer en tant qu'administrateur
 
 • Sinon lance simplement RogueKiller.exe

 Après le préscan  cliques sur scan
 Le scan fini cliques sur rapport

 • Un rapport s'ouvrira (RKreport[1].txt qui se trouve également à côté de l'exécutable),
 Copies/colles ce rapport. ;)


---------------
l'urgent est fait , l'impossible est en cours
pour les miracles prévoir des délais
(Publicité)
kirikou123
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 31/05/2013 à 17:39:47  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonsoir voici le rapport:

 RogueKiller V8.5.4 _x64_ [Mar 18 2013] par Tigzy
 mail : tigzyRK<at>gmail<dot>com
 Remontees : http://www.sur-la-toile.com/di [...] ntees.html
 Site Web : http://www.sur-la-toile.com/RogueKiller/
 Blog : http://tigzyrk.blogspot.com/

 Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
 Demarrage : Mode normal
 Utilisateur : lazur [Droits d'admin]
 Mode : Recherche -- Date : 31/05/2013 19:37:27
 | ARK || FAK || MBR |

 ¤¤¤ Processus malicieux : 1 ¤¤¤
 [SUSP PATH] TVersity.exe -- C:\ProgramData\TVersity\Media Server\web\admin\TVersity.exe [-] -> TUÉ [TermProc]

 ¤¤¤ Entrees de registre : 4 ¤¤¤
 [HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> TROUVÉ
 [HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> TROUVÉ
 [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595f​e6b30ee} (1) -> TROUVÉ
 [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002​B30309D} (1) -> TROUVÉ

 ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

 ¤¤¤ Driver : [NON CHARGE] ¤¤¤

 ¤¤¤ Fichier HOSTS: ¤¤¤
 --> C:\Windows\system32\drivers\et​c\hosts



 ¤¤¤ MBR Verif: ¤¤¤

 +++++ PhysicalDrive0: WDC WD32 00AAJS-22L7A SCSI Disk Device +++++
 --- User ---
 [MBR] 71dc68ae4bd6c5ab8da5518dfc73ec​94
 [BSP] 7039602054ee55af79ebca9c309fd9​6c : Windows 7/8 MBR Code
 Partition table:
 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 16384 Mo
 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 33556480 | Size: 100 Mo
 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 33761280 | Size: 288759 Mo
 User = LL1 ... OK!
 Error reading LL2 MBR!

 Termine : << RKreport[1]_S_31052013_193727.txt >>
 RKreport[1]_S_31052013_193727.txt



Profil : Equipe sécurité
did80
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés) Helpeur confirmé
  1. Posté le 01/06/2013 à 11:14:26  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello: kirikou123

 ok fais ceci

 relance roguekiller scan cliques suppression

 copies/colles le rapport  ;)


---------------
l'urgent est fait , l'impossible est en cours
pour les miracles prévoir des délais
kirikou123
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 04/06/2013 à 17:39:47  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut Did 80 voici le rapport :
 RogueKiller V8.5.4 _x64_ [Mar 18 2013] par Tigzy
 mail : tigzyRK<at>gmail<dot>com
 Remontees : http://www.sur-la-toile.com/di [...] ntees.html
 Site Web : http://www.sur-la-toile.com/RogueKiller/
 Blog : http://tigzyrk.blogspot.com/

 Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
 Demarrage : Mode normal
 Utilisateur : lazur [Droits d'admin]
 Mode : Suppression -- Date : 04/06/2013 19:37:41
 | ARK || FAK || MBR |

 ¤¤¤ Processus malicieux : 1 ¤¤¤
 [SUSP PATH] TVersity.exe -- C:\ProgramData\TVersity\Media Server\web\admin\TVersity.exe [-] -> TUÉ [TermProc]

 ¤¤¤ Entrees de registre : 3 ¤¤¤
 [HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REMPLACÉ (2)
 [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595f​e6b30ee} (1) -> REMPLACÉ (0)
 [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002​B30309D} (1) -> REMPLACÉ (0)

 ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

 ¤¤¤ Driver : [NON CHARGE] ¤¤¤

 ¤¤¤ Fichier HOSTS: ¤¤¤
 --> C:\Windows\system32\drivers\et​c\hosts



 ¤¤¤ MBR Verif: ¤¤¤

 +++++ PhysicalDrive0: WDC WD32 00AAJS-22L7A SCSI Disk Device +++++
 --- User ---
 [MBR] 71dc68ae4bd6c5ab8da5518dfc73ec​94
 [BSP] 7039602054ee55af79ebca9c309fd9​6c : Windows 7/8 MBR Code
 Partition table:
 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 16384 Mo
 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 33556480 | Size: 100 Mo
 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 33761280 | Size: 288759 Mo
 User = LL1 ... OK!
 Error reading LL2 MBR!

 Termine : << RKreport[3]_D_04062013_193741.txt >>
 RKreport[1]_S_31052013_193727.txt ; RKreport[2]_S_04062013_193703.txt ; RKreport[3]_D_04062013_193741.txt



(Publicité)
Profil : Equipe sécurité
did80
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés) Helpeur confirmé
  1. Posté le 04/06/2013 à 18:16:18  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello: kirikou123

 fais ceci


 http://www.bleepingcomputer.co [...] r-combofix



 Télécharge Combofix.exe de sUBs sur ton Bureau et pas ailleurs.

 renomme le avant qu'il n'atterisse sur le bureau

 http://www.donnemoilinfo.com/t [...] mboFix.php

 http://www.bleepingcomputer.com/download/combofix/

 Important : Désactive ton Antivirus et antispyware avant le scan avec Combofix :
 http://forum.pcastuces.com/des [...] -f31s4.htm

 Ferme toutes les fenêtres actives avant de lancer le scan.
 Durant celui-ci, ne touche plus à ton PC tant que celui-ci ne sera pas terminé.
 Il peut y avoir un redémarrage du PC afin de finaliser les suppressions.

 > Double clique sur combofix.exe pour le lancer et valide par OUI
 * Si l'installation de la Console est demandée > Valide!
 * Le scan reprendra après son installation.

 > Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

 NOTE : Le rapport se trouve également ici : C:\Combofix.txt
 *********************
 Infos sur le redémarrage :
 Si tu n'arrive pas à accéder au Bureau (page noire) > Effectue à l'aide ton clavier un [Ctrl + Alt + Suppr] pour obtenir le Gestionnaire des tâches.
 Dans le Gestionnaire > Onglet 'Applications' > Bouton 'Nouvelle tâche...'
 Dans la fenêtre d'exécution tape explorer.exe et valide.
 Cela ouvrira ton Bureau normalement.  ;)


---------------
l'urgent est fait , l'impossible est en cours
pour les miracles prévoir des délais
kirikou123
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 04/06/2013 à 21:04:24  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello: Bonsoir voici le rapport :

 ComboFix 13-06-03.06 - lazur 04/06/2013  22:38:25.1.1 - x64
 Microsoft Windows 7 Édition Familiale Premium   6.1.7601.1.1252.33.1036.18.179​1.484 [GMT 2:00]
 Lancé depuis: c:\users\lazur\Desktop\ComboFi​x.exe
 AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83B​D5D0C2C}
 SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C​6DA4691}
 SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132​C1ACF46}
 .
 .
 ((((((((((((((((((((((((((((((​((((((   Autres suppressions   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .
 .
 c:\users\lazur\AppData\Roaming​\Microsoft\Windows\Recent\www.​Golden-DDL.com.URL
 c:\users\lazur\videos\z JDownloaderSetup.exe
 c:\windows\security\Database\t​mp.edb
 c:\windows\SysWow64\System32\M​ASetupCleaner.exe
 c:\windows\SysWow64\System32\m​uzapp.exe
 .
 .
 (((((((((((((((((((((((((((((   Fichiers créés du 2013-05-04 au 2013-06-04  ))))))))))))))))))))))))))))))​))))))
 .
 .
 2013-06-04 20:48 . 2013-06-04 20:48 -------- d-----w- c:\users\UpdatusUser\AppData\L​ocal\temp
 2013-06-04 10:50 . 2013-06-04 10:50 -------- d-----w- c:\users\lazur\AppData\Local\E​levatedDiagnostics
 2013-05-31 18:10 . 2013-05-31 18:10 76232 ----a-w- c:\programdata\Microsoft\Windo​ws Defender\Definition Updates\{0732C8CB-BD30-438B-84​23-11D55BE43896}\offreg.dll
 2013-05-31 07:40 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Windo​ws Defender\Definition Updates\{0732C8CB-BD30-438B-84​23-11D55BE43896}\mpengine.dll
 2013-05-29 17:35 . 2013-05-29 17:35 512 ----a-w- C:\PhysicalDisk0_MBR.bin
 2013-05-29 17:22 . 2013-05-30 10:43 -------- d-----w- C:\ZHP
 2013-05-29 17:22 . 2013-05-30 10:37 -------- d-----w- c:\program files (x86)\ZHPDiag
 2013-05-29 08:35 . 2013-05-29 08:35 -------- d-----w- c:\program files\Bonjour
 2013-05-29 08:35 . 2013-05-29 08:35 -------- d-----w- c:\program files (x86)\Bonjour
 2013-05-29 08:31 . 2013-05-29 08:48 -------- d-----w- c:\program files (x86)\PrinterShare
 2013-05-28 18:17 . 2013-05-28 18:17 -------- d-----w- c:\programdata\VirtualizedAppl​ications
 2013-05-28 18:10 . 2013-05-28 18:10 -------- d-----w- c:\program files (x86)\TeamViewer
 2013-05-28 17:54 . 2013-05-28 17:54 -------- d-----w- C:\_OTL
 2013-05-28 16:36 . 2013-05-28 16:36 -------- d-----w- C:\output
 2013-05-27 20:25 . 2013-05-27 20:25 512 ----a-w- C:\PhysicalMBR.bin
 2013-05-27 19:10 . 2013-05-27 19:10 -------- d-----w- c:\users\lazur\AppData\Roaming​\Avira
 2013-05-27 19:08 . 2013-05-27 19:06 83160 ----a-w- c:\windows\system32\drivers\av​netflt.sys
 2013-05-27 19:04 . 2013-03-06 14:14 28600 ----a-w- c:\windows\system32\drivers\av​kmgr.sys
 2013-05-27 19:04 . 2013-02-26 14:57 130016 ----a-w- c:\windows\system32\drivers\av​ipbb.sys
 2013-05-27 19:04 . 2013-02-26 14:57 100712 ----a-w- c:\windows\system32\drivers\av​gntflt.sys
 2013-05-27 19:04 . 2013-05-27 19:04 -------- d-----w- c:\programdata\Avira
 2013-05-27 19:04 . 2013-05-27 19:04 -------- d-----w- c:\program files (x86)\Avira
 2013-05-27 18:35 . 2013-05-27 18:35 -------- d-s---w- c:\windows\SysWow64\Microsoft
 2013-05-27 17:36 . 2013-05-27 17:38 -------- d-----w- C:\9c4cf37911e78c8252aec816f8
 2013-05-24 03:43 . 2013-05-31 19:04 263576 ----a-w- c:\program files (x86)\Mozilla Firefox\browser\components\bro​wsercomps.dll
 2013-05-20 19:39 . 2013-05-20 19:40 -------- d-----w- C:\47261441415f75140ebf00943ea​71bb9
 2013-05-17 15:58 . 2013-05-17 15:59 -------- d-----w- C:\2aa7cae4a7fc0f01834b13
 2013-05-16 23:46 . 2013-05-16 23:47 -------- d-----w- C:\b5bd018fa9f765dec209ffab438​2
 2013-05-16 07:25 . 2013-05-16 07:33 -------- d-----w- C:\84d2a2ecd5af6b1a005d9c1c41
 2013-05-15 10:25 . 2005-02-02 10:05 8704 ----a-w- c:\windows\system32\E_GCINST.D​LL
 2013-05-15 10:25 . 2007-12-07 00:08 108032 ----a-w- c:\windows\system32\E_ILMBEE.D​LL
 2013-05-15 10:25 . 2007-12-07 00:01 81408 ----a-w- c:\windows\system32\E_IBCBBEE.​DLL
 2013-05-14 18:49 . 2013-05-14 18:50 9195912 ----a-w- c:\windows\SysWow64\FlashPlaye​rInstaller.exe
 2013-05-14 17:49 . 2013-04-05 06:50 3958784 ----a-w- c:\windows\system32\jscript9.d​ll
 2013-05-14 17:49 . 2013-04-05 05:26 2877440 ----a-w- c:\windows\SysWow64\jscript9.d​ll
 2013-05-14 17:49 . 2013-04-05 05:28 817664 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
 2013-05-14 17:49 . 2013-04-05 06:52 1084928 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
 2013-05-14 17:49 . 2013-04-05 06:50 53248 ----a-w- c:\windows\system32\jsproxy.dl​l
 2013-05-14 17:49 . 2013-04-05 05:28 1767424 ----a-w- c:\windows\SysWow64\wininet.dl​l
 2013-05-14 17:49 . 2013-04-05 06:52 2242048 ----a-w- c:\windows\system32\wininet.dl​l
 2013-05-14 17:49 . 2013-04-05 06:50 19231232 ----a-w- c:\windows\system32\mshtml.dll
 2013-05-14 17:49 . 2013-04-05 06:50 15404032 ----a-w- c:\windows\system32\ieframe.dl​l
 2013-05-14 17:48 . 2013-04-10 03:30 3153920 ----a-w- c:\windows\system32\win32k.sys
 2013-05-14 17:48 . 2013-04-10 06:01 983400 ----a-w- c:\windows\system32\drivers\dx​gkrnl.sys
 2013-05-14 17:48 . 2013-04-10 06:01 265064 ----a-w- c:\windows\system32\drivers\dx​gmms1.sys
 2013-05-14 17:48 . 2011-02-03 11:25 144384 ----a-w- c:\windows\system32\cdd.dll
 2013-05-14 17:47 . 2013-03-19 05:53 230400 ----a-w- c:\windows\system32\wwansvc.dl​l
 2013-05-14 17:47 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdi​m.dll
 2013-05-14 17:47 . 2013-02-27 05:52 14172672 ----a-w- c:\windows\system32\shell32.dl​l
 2013-05-14 17:47 . 2013-02-27 05:48 1930752 ----a-w- c:\windows\system32\authui.dll
 2013-05-14 17:47 . 2013-02-27 05:52 197120 ----a-w- c:\windows\system32\shdocvw.dl​l
 2013-05-14 17:47 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.ex​e
 2013-05-14 17:47 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\SysWow64\authui.dll
 2013-05-14 17:47 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dl​l
 2013-05-14 17:29 . 2013-05-14 17:29 -------- d-----w- c:\program files (x86)\Common Files\Apple
 2013-05-08 01:12 . 2013-05-08 01:12 106088 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll
 .
 .
 .
 ((((((((((((((((((((((((((((((​((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .
 2013-05-18 15:04 . 2010-06-24 09:33 22240 ----a-w- c:\programdata\Microsoft\Ident​ityCRL\production\ppcrlconfig6​00.dll
 2013-05-14 18:50 . 2012-04-09 19:43 692104 ----a-w- c:\windows\SysWow64\FlashPlaye​rApp.exe
 2013-05-14 18:50 . 2011-08-11 09:26 71048 ----a-w- c:\windows\SysWow64\FlashPlaye​rCPLApp.cpl
 2013-05-14 18:29 . 2011-04-13 07:09 75016696 ----a-w- c:\windows\system32\MRT.exe
 2013-05-09 08:58 . 2011-10-19 08:12 287840 ----a-w- c:\windows\system32\aswBoot.ex​e
 2013-05-02 00:06 . 2011-10-19 08:32 278800 ------w- c:\windows\system32\MpSigStub.​exe
 2013-05-01 20:55 . 2013-05-01 20:55 73728 ----a-w- c:\windows\SysWow64\SetIEInsta​lledDate.exe
 2013-05-01 20:55 . 2013-05-01 20:55 719360 ----a-w- c:\windows\SysWow64\mshtmlmedi​a.dll
 2013-05-01 20:55 . 2013-05-01 20:55 523264 ----a-w- c:\windows\SysWow64\vbscript.d​ll
 2013-05-01 20:55 . 2013-05-01 20:55 48640 ----a-w- c:\windows\SysWow64\mshtmler.d​ll
 2013-05-01 20:55 . 2013-05-01 20:55 38400 ----a-w- c:\windows\SysWow64\imgutil.dl​l
 2013-05-01 20:55 . 2013-05-01 20:55 226304 ----a-w- c:\windows\system32\elshyph.dl​l
 2013-05-01 20:55 . 2013-05-01 20:55 185344 ----a-w- c:\windows\SysWow64\elshyph.dl​l
 2013-05-01 20:55 . 2013-05-01 20:55 158720 ----a-w- c:\windows\SysWow64\msls31.dll
 2013-05-01 20:55 . 2013-05-01 20:55 150528 ----a-w- c:\windows\SysWow64\iexpress.e​xe
 2013-05-01 20:55 . 2013-05-01 20:55 138752 ----a-w- c:\windows\SysWow64\wextract.e​xe
 2013-05-01 20:55 . 2013-05-01 20:55 137216 ----a-w- c:\windows\SysWow64\ieUnatt.ex​e
 2013-05-01 20:55 . 2013-05-01 20:55 12800 ----a-w- c:\windows\SysWow64\mshta.exe
 2013-05-01 20:55 . 2013-05-01 20:55 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.​dll
 2013-05-01 20:55 . 2013-05-01 20:55 1054720 ----a-w- c:\windows\system32\MsSpellChe​ckingFacility.exe
 2013-05-01 20:55 . 2013-05-01 20:55 97280 ----a-w- c:\windows\system32\mshtmled.d​ll
 2013-05-01 20:55 . 2013-05-01 20:55 92160 ----a-w- c:\windows\system32\SetIEInsta​lledDate.exe
 2013-05-01 20:55 . 2013-05-01 20:55 905728 ----a-w- c:\windows\system32\mshtmlmedi​a.dll
 2013-05-01 20:55 . 2013-05-01 20:55 81408 ----a-w- c:\windows\system32\icardie.dl​l
 2013-05-01 20:55 . 2013-05-01 20:55 77312 ----a-w- c:\windows\system32\tdc.ocx
 2013-05-01 20:55 . 2013-05-01 20:55 762368 ----a-w- c:\windows\system32\ieapfltr.d​ll
 2013-05-01 20:55 . 2013-05-01 20:55 62976 ----a-w- c:\windows\system32\pngfilt.dl​l
 2013-05-01 20:55 . 2013-05-01 20:55 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
 2013-05-01 20:55 . 2013-05-01 20:55 599552 ----a-w- c:\windows\system32\vbscript.d​ll
 2013-05-01 20:55 . 2013-05-01 20:55 52224 ----a-w- c:\windows\system32\msfeedsbs.​dll
 2013-05-01 20:55 . 2013-05-01 20:55 51200 ----a-w- c:\windows\system32\imgutil.dl​l
 2013-05-01 20:55 . 2013-05-01 20:55 48640 ----a-w- c:\windows\system32\mshtmler.d​ll
 2013-05-01 20:55 . 2013-05-01 20:55 452096 ----a-w- c:\windows\system32\dxtmsft.dl​l
 2013-05-01 20:55 . 2013-05-01 20:55 441856 ----a-w- c:\windows\system32\html.iec
 2013-05-01 20:55 . 2013-05-01 20:55 361984 ----a-w- c:\windows\SysWow64\html.iec
 2013-05-01 20:55 . 2013-05-01 20:55 281600 ----a-w- c:\windows\system32\dxtrans.dl​l
 2013-05-01 20:55 . 2013-05-01 20:55 27648 ----a-w- c:\windows\system32\licmgr10.d​ll
 2013-05-01 20:55 . 2013-05-01 20:55 270848 ----a-w- c:\windows\system32\iedkcs32.d​ll
 2013-05-01 20:55 . 2013-05-01 20:55 247296 ----a-w- c:\windows\system32\webcheck.d​ll
 2013-05-01 20:55 . 2013-05-01 20:55 235008 ----a-w- c:\windows\system32\url.dll
 2013-05-01 20:55 . 2013-05-01 20:55 23040 ----a-w- c:\windows\SysWow64\licmgr10.d​ll
 2013-05-01 20:55 . 2013-05-01 20:55 216064 ----a-w- c:\windows\system32\msls31.dll
 2013-05-01 20:55 . 2013-05-01 20:55 197120 ----a-w- c:\windows\system32\msrating.d​ll
 2013-05-01 20:55 . 2013-05-01 20:55 173568 ----a-w- c:\windows\system32\ieUnatt.ex​e
 2013-05-01 20:55 . 2013-05-01 20:55 167424 ----a-w- c:\windows\system32\iexpress.e​xe
 2013-05-01 20:55 . 2013-05-01 20:55 1509376 ----a-w- c:\windows\system32\inetcpl.cp​l
 2013-05-01 20:55 . 2013-05-01 20:55 149504 ----a-w- c:\windows\system32\occache.dl​l
 2013-05-01 20:55 . 2013-05-01 20:55 144896 ----a-w- c:\windows\system32\wextract.e​xe
 2013-05-01 20:55 . 2013-05-01 20:55 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cp​l
 2013-05-01 20:55 . 2013-05-01 20:55 1400416 ----a-w- c:\windows\system32\ieapfltr.d​at
 2013-05-01 20:55 . 2013-05-01 20:55 13824 ----a-w- c:\windows\system32\mshta.exe
 2013-05-01 20:55 . 2013-05-01 20:55 136192 ----a-w- c:\windows\system32\iepeers.dl​l
 2013-05-01 20:55 . 2013-05-01 20:55 135680 ----a-w- c:\windows\system32\IEAdvpack.​dll
 2013-05-01 20:55 . 2013-05-01 20:55 12800 ----a-w- c:\windows\system32\msfeedssyn​c.exe
 2013-05-01 20:55 . 2013-05-01 20:55 102912 ----a-w- c:\windows\system32\inseng.dll
 2013-04-13 05:49 . 2013-05-14 17:48 135168 ----a-w- c:\windows\apppatch\AppPatch64​\AcXtrnal.dll
 2013-04-13 05:49 . 2013-05-14 17:48 308736 ----a-w- c:\windows\apppatch\AppPatch64​\AcGenral.dll
 2013-04-13 05:49 . 2013-05-14 17:48 350208 ----a-w- c:\windows\apppatch\AppPatch64​\AcLayers.dll
 2013-04-13 05:49 . 2013-05-14 17:48 111104 ----a-w- c:\windows\apppatch\AppPatch64​\acspecfc.dll
 2013-04-13 04:45 . 2013-05-14 17:48 474624 ----a-w- c:\windows\apppatch\AcSpecfc.d​ll
 2013-04-13 04:45 . 2013-05-14 17:48 2176512 ----a-w- c:\windows\apppatch\AcGenral.d​ll
 2013-04-12 14:45 . 2013-04-30 19:34 1656680 ----a-w- c:\windows\system32\drivers\nt​fs.sys
 2013-04-05 17:43 . 2013-04-05 17:44 95648 ----a-w- c:\windows\SysWow64\WindowsAcc​essBridge-32.dll
 2013-04-05 17:43 . 2012-10-17 22:50 861088 ----a-w- c:\windows\SysWow64\npDeployJa​va1.dll
 2013-04-05 17:43 . 2011-08-05 09:04 782240 ----a-w- c:\windows\SysWow64\deployJava​1.dll
 2013-04-03 14:10 . 2013-04-03 14:10 91264 ----a-w- c:\windows\SysWow64\EasyHook32​.dll
 2013-03-23 01:09 . 2013-03-23 01:09 354656 ----a-w- c:\windows\SysWow64\DivXContro​lPanelApplet.cpl
 2013-03-19 06:04 . 2013-04-29 20:21 5550424 ----a-w- c:\windows\system32\ntoskrnl.e​xe
 2013-03-19 05:46 . 2013-04-29 20:21 43520 ----a-w- c:\windows\system32\csrsrv.dll
 2013-03-19 05:04 . 2013-04-29 20:21 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.e​xe
 2013-03-19 05:04 . 2013-04-29 20:21 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.e​xe
 2013-03-19 04:47 . 2013-04-29 20:21 6656 ----a-w- c:\windows\SysWow64\apisetsche​ma.dll
 2013-03-19 03:06 . 2013-04-29 20:21 112640 ----a-w- c:\windows\system32\smss.exe
 .
 .
 ((((((((((((((((((((((((((((((​(((   Points de chargement Reg   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .
 .
 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
 REGEDIT4
 .
 [HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Run]
 "SFR Mediacenter"="c:\program files (x86)\SFR\Mediacenter Evolution\MediaCenter.exe" [2013-02-26 2688368]
 "Neuf Media Center"="c:\program files (x86)\SFR\Media Center\MediaCenter.exe" [2010-04-29 742720]
 .
 [HKEY_LOCAL_MACHINE\SOFTWARE\Wo​w6432Node\Microsoft\Windows\Cu​rrentVersion\Run]
 "CANAL+ CANALSAT A LA DEMANDE"="c:\program files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\Launcher.exe" [2010-05-03 163992]
 "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-04-05 345312]
 "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]
 "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.e​xe" [2013-04-04 958576]
 .
 [HKEY_LOCAL_MACHINE\SOFTWARE\Wo​w6432Node\Microsoft\Windows\Cu​rrentVersion\RunOnce]
 "removeSearchqutoolbar"="RD" [X]
 .
 [HKEY_LOCAL_MACHINE\software\mi​crosoft\windows\currentversion​\policies\system]
 "ConsentPromptBehaviorUser"= 3 (0x3)
 "EnableUIADesktopToggle"= 0 (0x0)
 "PromptOnSecureDesktop"= 0 (0x0)
 .
 [HKEY_LOCAL_MACHINE\software\wo​w6432node\microsoft\windows nt\currentversion\windows]
 "LoadAppInit_DLLs"=1 (0x1)
 .
 [HKEY_LOCAL_MACHINE\software\wo​w6432node\microsoft\windows nt\currentversion\drivers32]
 "aux7"=wdmaud.drv
 .
 [HKEY_LOCAL_MACHINE\software\wo​w6432node\microsoft\windows\cu​rrentversion\run-]
 "SunJavaUpdateSched"="c:\progr​am files (x86)\Common Files\Java\Java Update\jusched.exe"
 "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.e​xe"
 .
 [HKEY_LOCAL_MACHINE\software\wo​w6432node\microsoft\windows\cu​rrentversion\run-disabled]
 "Hotkey Utility"=c:\program files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe
 "SunJavaUpdateSched"="c:\progr​am files (x86)\Common Files\Java\Java Update\jusched.exe"
 "AdobeCS6ServiceManager"="c:\p​rogram files (x86)\Common Files\Adobe\CS6ServiceManager\​CS6ServiceManager.exe" -launchedbylogin
 "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
 "DivXMediaServer"=c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
 .
 R2 clr_optimization_v4.0.30319_64​;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Micr​osoft.NET\Framework64\v4.0.303​19\mscorsvw.exe;c:\windows\Mic​rosoft.NET\Framework64\v4.0.30​319\mscorsvw.exe [x]
 R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys;c​:\program files (x86)\LogMeIn\x64\RaInfo.sys [x]
 R2 MySQLo;MySQLo;c:\program files\MySQL\MySQL Server 5.1\bin\mysqld --defaults-file=c:\program files\MySQL\MySQL Server 5.1\my.ini MySQLo;c:\program files\MySQL\MySQL Server 5.1\bin\mysqld --defaults-file=c:\program files\MySQL\MySQL Server 5.1\my.ini MySQLo [x]
 R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.ex​e;c:\program files (x86)\Skype\Updater\Updater.ex​e [x]
 R2 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system​32\Wat\WatAdminSvc.exe;c:\wind​ows\SYSNATIVE\Wat\WatAdminSvc.​exe [x]
 R3 BthAudioHF;Service BthAudioHF;c:\windows\system32​\DRIVERS\BthAudioHF.sys;c:\win​dows\SYSNATIVE\DRIVERS\BthAudi​oHF.sys [x]
 R3 DCamUSBVM;Lenovo Q350 USB PC Camera;c:\windows\system32\Dri​vers\usbVM31b.sys;c:\windows\S​YSNATIVE\Drivers\usbVM31b.sys [x]
 R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIV​ERS\ssudbus.sys;c:\windows\SYS​NATIVE\DRIVERS\ssudbus.sys [x]
 R3 GamesAppService;GamesAppServic​e;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;​c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
 R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\dri​vers\rdpvideominiport.sys;c:\w​indows\SYSNATIVE\drivers\rdpvi​deominiport.sys [x]
 R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIV​ERS\ssudmdm.sys;c:\windows\SYS​NATIVE\DRIVERS\ssudmdm.sys [x]
 R3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\DRIV​ERS\ssudserd.sys;c:\windows\SY​SNATIVE\DRIVERS\ssudserd.sys [x]
 R3 TFsExDisk;TFsExDisk;c:\windows​\System32\Drivers\TFsExDisk.sy​s;c:\windows\SYSNATIVE\Drivers​\TFsExDisk.sys [x]
 R3 TsUsbFlt;TsUsbFlt;c:\windows\s​ystem32\drivers\tsusbflt.sys;c​:\windows\SYSNATIVE\drivers\ts​usbflt.sys [x]
 R4 MSSQLServerADHelper100;Service SQL Active Directory Helper;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE​;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
 R4 RsFx0151;RsFx0151 Driver;c:\windows\system32\DRI​VERS\RsFx0151.sys;c:\windows\S​YSNATIVE\DRIVERS\RsFx0151.sys [x]
 R4 SQLAgent$EBP;Agent SQL Server (EBP);c:\program files\Microsoft SQL Server\MSSQL10_50.EBP\MSSQL\Bi​nn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10_50.EBP\MSSQL\Bi​nn\SQLAGENT.EXE [x]
 S1 aswKbd;aswKbd; [x]
 S1 avkmgr;avkmgr;c:\windows\syste​m32\DRIVERS\avkmgr.sys;c:\wind​ows\SYSNATIVE\DRIVERS\avkmgr.s​ys [x]
 S2 AntiVirSchedulerService;Avira Planificateur;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
 S2 CanalPlus.VOD;CanalPlus.VOD;c:​\program files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe;​c:\program files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe [x]
 S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
 S2 dgdersvc;Device Error Recovery Service;c:\windows\system32\dg​dersvc.exe;c:\windows\SYSNATIV​E\dgdersvc.exe [x]
 S2 Greg_Service;GRegService;c:\pr​ogram files (x86)\eMachines\Registration\G​regHSRW.exe;c:\program files (x86)\eMachines\Registration\G​regHSRW.exe [x]
 S2 HFGService;Handsfree Headset Service;c:\windows\system32\sv​chost.exe;c:\windows\SYSNATIVE​\svchost.exe [x]
 S2 MSSQL$EBP;SQL Server (EBP);c:\program files\Microsoft SQL Server\MSSQL10_50.EBP\MSSQL\Bi​nn\sqlservr.exe;c:\program files\Microsoft SQL Server\MSSQL10_50.EBP\MSSQL\Bi​nn\sqlservr.exe [x]
 S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
 S2 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
 S2 Updater Service;Updater Service;c:\program files\eMachines\eMachines Updater\UpdaterService.exe;c:\​program files\eMachines\eMachines Updater\UpdaterService.exe [x]
 S3 DCamUSBNovatek;USB2.0 HD UVC Camera;c:\windows\system32\Dri​vers\nvtcam.sys;c:\windows\SYS​NATIVE\Drivers\nvtcam.sys [x]
 S3 dgderdrv;dgderdrv;c:\windows\s​ystem32\drivers\dgderdrv.sys;c​:\windows\SYSNATIVE\drivers\dg​derdrv.sys [x]
 S3 hxctlflt;hxctlflt;c:\windows\s​ystem32\Drivers\hxctlflt.sys;c​:\windows\SYSNATIVE\Drivers\hx​ctlflt.sys [x]
 S3 RDPDISPM;RDPDISPM;c:\windows\s​ystem32\DRIVERS\rdpdispm.sys;c​:\windows\SYSNATIVE\DRIVERS\rd​pdispm.sys [x]
 S3 Sftfs;Sftfs;c:\windows\system3​2\DRIVERS\Sftfslh.sys;c:\windo​ws\SYSNATIVE\DRIVERS\Sftfslh.s​ys [x]
 S3 Sftplay;Sftplay;c:\windows\sys​tem32\DRIVERS\Sftplaylh.sys;c:​\windows\SYSNATIVE\DRIVERS\Sft​playlh.sys [x]
 S3 Sftredir;Sftredir;c:\windows\s​ystem32\DRIVERS\Sftredirlh.sys​;c:\windows\SYSNATIVE\DRIVERS\​Sftredirlh.sys [x]
 S3 Sftvol;Sftvol;c:\windows\syste​m32\DRIVERS\Sftvollh.sys;c:\wi​ndows\SYSNATIVE\DRIVERS\Sftvol​lh.sys [x]
 .
 .
 Contenu du dossier 'Tâches planifiées'
 .
 2013-06-04 c:\windows\Tasks\Adobe Flash Player Updater.job
 - c:\windows\SysWOW64\Macromed\F​lash\FlashPlayerUpdateService.​exe [2012-04-09 18:04]
 .
 2013-05-28 c:\windows\Tasks\GlaryInitiali​ze.job
 - c:\program files (x86)\Glary Utilities\initialize.exe [2013-03-26 23:41]
 .
 2013-06-04 c:\windows\Tasks\GoogleUpdateT​askMachineCore.job
 - c:\program files (x86)\Google\Update\GoogleUpda​te.exe [2013-05-14 19:12]
 .
 2013-06-04 c:\windows\Tasks\GoogleUpdateT​askMachineUA.job
 - c:\program files (x86)\Google\Update\GoogleUpda​te.exe [2013-05-14 19:12]
 .
 2013-06-04 c:\windows\Tasks\GoogleUpdateT​askUserS-1-5-21-394289090-4520​47857-422948220-1000Core.job
 - c:\users\lazur\AppData\Local\G​oogle\Update\GoogleUpdate.exe [2012-11-09 17:33]
 .
 2013-06-04 c:\windows\Tasks\GoogleUpdateT​askUserS-1-5-21-394289090-4520​47857-422948220-1000UA.job
 - c:\users\lazur\AppData\Local\G​oogle\Update\GoogleUpdate.exe [2012-11-09 17:33]
 .
 .
 --------- X64 Entries -----------
 .
 .
 [HKEY_LOCAL_MACHINE\software\mi​crosoft\windows\currentversion​\explorer\shelliconoverlayiden​tifiers\GDriveBlacklistedOverl​ay]
 @="{81539FE6-33C7-4CE7-90C7-1C​7B8F2F2D42}"
 [HKEY_CLASSES_ROOT\CLSID\{81539​FE6-33C7-4CE7-90C7-1C7B8F2F2D4​2}]
 2013-04-16 14:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrive​sync64.dll
 .
 [HKEY_LOCAL_MACHINE\software\mi​crosoft\windows\currentversion​\explorer\shelliconoverlayiden​tifiers\GDriveSharedOverlay]
 @="{81539FE6-33C7-4CE7-90C7-1C​7B8F2F2D44}"
 [HKEY_CLASSES_ROOT\CLSID\{81539​FE6-33C7-4CE7-90C7-1C7B8F2F2D4​4}]
 2013-04-16 14:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrive​sync64.dll
 .
 [HKEY_LOCAL_MACHINE\software\mi​crosoft\windows\currentversion​\explorer\shelliconoverlayiden​tifiers\GDriveSyncedOverlay]
 @="{81539FE6-33C7-4CE7-90C7-1C​7B8F2F2D40}"
 [HKEY_CLASSES_ROOT\CLSID\{81539​FE6-33C7-4CE7-90C7-1C7B8F2F2D4​0}]
 2013-04-16 14:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrive​sync64.dll
 .
 [HKEY_LOCAL_MACHINE\software\mi​crosoft\windows\currentversion​\explorer\shelliconoverlayiden​tifiers\GDriveSyncingOverlay]
 @="{81539FE6-33C7-4CE7-90C7-1C​7B8F2F2D41}"
 [HKEY_CLASSES_ROOT\CLSID\{81539​FE6-33C7-4CE7-90C7-1C7B8F2F2D4​1}]
 2013-04-16 14:10 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrive​sync64.dll
 .
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Run]
 "AdobeAAMUpdater-1.0"="c:\prog​ram files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\Upd​aterStartupUtility.exe" [2012-09-20 444904]
 "Windows Mobile Device Center"="c:\windows\WindowsMob​ile\wmdc.exe" [2007-05-31 660360]
 "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl​64.exe" [2010-02-09 10060320]
 .
 ------- Examen supplémentaire -------
 .
 uLocal Page = c:\windows\system32\blank.htm
 mLocal Page = c:\windows\SysWOW64\blank.htm
 uInternet Settings,ProxyOverride = *.local
 mSearchAssistant = hxxp://search.live.com/sphome.​aspx
 IE: Télécharger avec Mipony - file://c:\program files (x86)\MiPony\Browser\IEContext​.htm
 TCP: DhcpNameServer = 192.168.1.1
 TCP: Interfaces\{70B2A71F-8C03-469D​-9028-E4E45B8A181E}: NameServer = 8.8.8.8,8.8.4.4
 FF - ProfilePath - c:\users\lazur\AppData\Roaming​\Mozilla\Firefox\Profiles\jdq5​s30c.default\
 FF - prefs.js: browser.search.defaulturl - hxxp://go.speedbit.com/search.​aspx?s=D45b&q=
 FF - prefs.js: browser.search.selectedEngine - Google
 FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
 FF - prefs.js: keyword.URL - hxxp://go.speedbit.com/search.​aspx?s=D45b&q=
 FF - user.js: extensions.BabylonToolbar_i.id - 189f3a1300000000000000262d40d6​10
 FF - user.js: extensions.BabylonToolbar_i.ha​rdId - 189f3a1300000000000000262d40d6​10
 FF - user.js: extensions.BabylonToolbar_i.in​stlDay - 15498
 FF - user.js: extensions.BabylonToolbar_i.vr​sn - 1.5.3.17
 FF - user.js: extensions.BabylonToolbar_i.vr​sni - 1.5.3.17
 FF - user.js: extensions.BabylonToolbar_i.pr​tnrId - babylon
 FF - user.js: extensions.BabylonToolbar_i.pr​dct - BabylonToolbar
 FF - user.js: extensions.BabylonToolbar_i.af​lt - babsst
 FF - user.js: extensions.BabylonToolbar_i.tl​brId - tb9
 FF - user.js: extensions.BabylonToolbar_i.in​stlRef - sst
 FF - user.js: extensions.BabylonToolbar.auto​Rvrt - false
 FF - user.js: extensions.BabylonToolbar_i.ne​wTab - false
 FF - user.js: extensions.BabylonToolbar.tlbr​SrchUrl - hxxp://www.google.com/search?b​absrc=TB_ggl&q=
 FF - user.js: extensions.BabylonToolbar.id - 189f3a1300000000000000262d40d6​10
 FF - user.js: extensions.BabylonToolbar.inst​lDay - 15545
 FF - user.js: extensions.BabylonToolbar.vrsn - 1.5.29.1
 FF - user.js: extensions.BabylonToolbar.vrsn​i - 1.5.29.1
 FF - user.js: extensions.BabylonToolbar_i.vr​snTs - 1.5.29.110:05
 FF - user.js: extensions.BabylonToolbar.prtn​rId - babylon
 FF - user.js: extensions.BabylonToolbar.prdc​t - BabylonToolbar
 FF - user.js: extensions.BabylonToolbar.aflt - babsst
 FF - user.js: extensions.BabylonToolbar_i.sm​plGrp - none
 FF - user.js: extensions.BabylonToolbar.tlbr​Id - base
 FF - user.js: extensions.BabylonToolbar.inst​lRef - sst
 FF - user.js: extensions.BabylonToolbar.dflt​Lng - en
 FF - user.js: extensions.BabylonToolbar.excT​lbr - false
 FF - user.js: extensions.BabylonToolbar.admi​n - false
 FF - user.js: extensions.BabylonToolbar_i.ba​bTrack - affID=112543&tt=190712_n_mont_​3012_7
 FF - user.js: extensions.BabylonToolbar_i.ba​bExt -
 FF - user.js: extensions.BabylonToolbar_i.sr​cExt - ss
 FF - user.js: network.http.max-persistent-co​nnections-per-server - 4
 FF - user.js: nglayout.initialpaint.delay - 600
 FF - user.js: content.notify.interval - 600000
 FF - user.js: content.max.tokenizing.time - 1800000
 FF - user.js: content.switch.threshold - 600000
 .
 - - - - ORPHELINS SUPPRIMES - - - -
 .
 URLSearchHooks-{6ec85fcf-87ad-​41d7-ae1f-f116f8ad4848} - (no file)
 URLSearchHooks-{66bd2442-241b-​44cd-8c7a-b51037053cdb} - (no file)
 URLSearchHooks-{8e5025c2-8ea3-​430d-80b8-a14151068a6d} - (no file)
 URLSearchHooks-{d7f26d0e-9801-​45c3-a091-8a65e4ed73b5} - (no file)
 BHO-{0F6E720A-1A6B-40E1-A294-1​D4D19F156C8} - (no file)
 BHO-{30F9B915-B755-4826-820B-0​8FBA6BD249D} - c:\program files (x86)\ConduitEngine\ConduitEng​ine.dll
 Toolbar-Locked - (no file)
 Toolbar-{99079a25-328f-4bd4-be​04-00955acaa0a7} - c:\progra~2\WI3C8A~1\ToolBar\s​earchqudtx.dll
 Toolbar-10 - (no file)
 Toolbar-{30F9B915-B755-4826-82​0B-08FBA6BD249D} - c:\program files (x86)\ConduitEngine\ConduitEng​ine.dll
 HKLM_Wow6432Node-ActiveSetup-{​2D46B6DC-2207-486B-B523-A557E6​D54B47} - start
 Toolbar-Locked - (no file)
 Toolbar-10 - (no file)
 AddRemove-conduitEngine - c:\program files (x86)\ConduitEngine\ConduitEng​ineUninstall.exe
 .
 .
 .
 [HKEY_LOCAL_MACHINE\system\Cont​rolSet001\services\MySQLo]
 "ImagePath"="\"c:\program files\MySQL\MySQL Server 5.1\bin\mysqld\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.1\my.ini\" MySQLo"
 .
 --------------------- CLES DE REGISTRE BLOQUEES ---------------------
 .
 [HKEY_USERS\S-1-5-21-394289090-​452047857-422948220-1000\Softw​are\Microsoft\Notification de cadeaux MSN]
 @DACL=(02 0000)
 .
 [HKEY_USERS\S-1-5-21-394289090-​452047857-422948220-1000\Softw​are\Microsoft\Windows\CurrentV​ersion\Explorer\FileExts\.htm\​UserChoice]
 @Denied: (2) (S-1-5-21-394289090-452047857-​422948220-1000)
 @Denied: (2) (LocalSystem)
 "Progid"="FirefoxHTML"
 .
 [HKEY_USERS\S-1-5-21-394289090-​452047857-422948220-1000\Softw​are\Microsoft\Windows\CurrentV​ersion\Explorer\FileExts\.html​\UserChoice]
 @Denied: (2) (S-1-5-21-394289090-452047857-​422948220-1000)
 @Denied: (2) (LocalSystem)
 "Progid"="FirefoxHTML"
 .
 [HKEY_USERS\S-1-5-21-394289090-​452047857-422948220-1000\Softw​are\Microsoft\Windows\CurrentV​ersion\Explorer\FileExts\.shtm​l\UserChoice]
 @Denied: (2) (S-1-5-21-394289090-452047857-​422948220-1000)
 @Denied: (2) (LocalSystem)
 "Progid"="FirefoxHTML"
 .
 [HKEY_USERS\S-1-5-21-394289090-​452047857-422948220-1000\Softw​are\Microsoft\Windows\CurrentV​ersion\Explorer\FileExts\.vcf\​UserChoice]
 @Denied: (2) (LocalSystem)
 "Progid"="WindowsLiveMail.VCar​d.1"
 .
 [HKEY_USERS\S-1-5-21-394289090-​452047857-422948220-1000\Softw​are\Microsoft\Windows\CurrentV​ersion\Explorer\FileExts\.xht\​UserChoice]
 @Denied: (2) (S-1-5-21-394289090-452047857-​422948220-1000)
 @Denied: (2) (LocalSystem)
 "Progid"="FirefoxHTML"
 .
 [HKEY_USERS\S-1-5-21-394289090-​452047857-422948220-1000\Softw​are\Microsoft\Windows\CurrentV​ersion\Explorer\FileExts\.xhtm​l\UserChoice]
 @Denied: (2) (S-1-5-21-394289090-452047857-​422948220-1000)
 @Denied: (2) (LocalSystem)
 "Progid"="FirefoxHTML"
 .
 [HKEY_LOCAL_MACHINE\software\Cl​asses\CLSID\{73C9DFA0-750D-11E​1-B0C4-0800200C9A66}]
 @Denied: (A 2) (Everyone)
 @="FlashBroker"
 "LocalizedString"="@c:\\Window​s\\system32\\Macromed\\Flash\\​FlashUtil64_11_7_700_202_Activ​eX.exe,-101"
 .
 [HKEY_LOCAL_MACHINE\software\Cl​asses\CLSID\{73C9DFA0-750D-11E​1-B0C4-0800200C9A66}\Elevation​]
 "Enabled"=dword:00000001
 .
 [HKEY_LOCAL_MACHINE\software\Cl​asses\CLSID\{73C9DFA0-750D-11E​1-B0C4-0800200C9A66}\LocalServ​er32]
 @="c:\\Windows\\system32\\Macr​omed\\Flash\\FlashUtil64_11_7_​700_202_ActiveX.exe"
 .
 [HKEY_LOCAL_MACHINE\software\Cl​asses\CLSID\{73C9DFA0-750D-11E​1-B0C4-0800200C9A66}\TypeLib]
 @="{FAB3E735-69C7-453B-A446-B6​823C6DF1C9}"
 .
 [HKEY_LOCAL_MACHINE\software\Cl​asses\Interface\{6AE38AE0-750C​-11E1-B0C4-0800200C9A66}]
 @Denied: (A 2) (Everyone)
 @="IFlashBroker5"
 .
 [HKEY_LOCAL_MACHINE\software\Cl​asses\Interface\{6AE38AE0-750C​-11E1-B0C4-0800200C9A66}\Proxy​StubClsid32]
 @="{00020424-0000-0000-C000-00​0000000046}"
 .
 [HKEY_LOCAL_MACHINE\software\Cl​asses\Interface\{6AE38AE0-750C​-11E1-B0C4-0800200C9A66}\TypeL​ib]
 @="{FAB3E735-69C7-453B-A446-B6​823C6DF1C9}"
 "Version"="1.0"
 .
 [HKEY_LOCAL_MACHINE\software\Cl​asses\Wow6432Node\CLSID\{73C9D​FA0-750D-11E1-B0C4-0800200C9A6​6}]
 @Denied: (A 2) (Everyone)
 @="FlashBroker"
 "LocalizedString"="@c:\\Window​s\\SysWOW64\\Macromed\\Flash\\​FlashUtil32_11_7_700_202_Activ​eX.exe,-101"
 .
 [HKEY_LOCAL_MACHINE\software\Cl​asses\Wow6432Node\CLSID\{73C9D​FA0-750D-11E1-B0C4-0800200C9A6​6}\Elevation]
 "Enabled"=dword:00000001
 .
 [HKEY_LOCAL_MACHINE\software\Cl​asses\Wow6432Node\CLSID\{73C9D​FA0-750D-11E1-B0C4-0800200C9A6​6}\LocalServer32]
 @="c:\\Windows\\SysWOW64\\Macr​omed\\Flash\\FlashUtil32_11_7_​700_202_ActiveX.exe"
 .
 [HKEY_LOCAL_MACHINE\software\Cl​asses\Wow6432Node\CLSID\{73C9D​FA0-750D-11E1-B0C4-0800200C9A6​6}\TypeLib]
 @="{FAB3E735-69C7-453B-A446-B6​823C6DF1C9}"
 .
 [HKEY_LOCAL_MACHINE\software\Cl​asses\Wow6432Node\CLSID\{D27CD​B6E-AE6D-11cf-96B8-44455354000​0}]
 @Denied: (A 2) (Everyone)
 @="Shockwave Flash Object"
 .
 [HKEY_LOCAL_MACHINE\software\Cl​asses\Wow6432Node\CLSID\{D27CD​B6E-AE6D-11cf-96B8-44455354000​0}\InprocServer32]
 @="c:\\Windows\\SysWOW64\\Macr​omed\\Flash\\Flash32_11_7_700_​202.ocx"
 "ThreadingModel"="Apartment"
 .
 [HKEY_LOCAL_MACHINE\software\Cl​asses\Wow6432Node\CLSID\{D27CD​B6E-AE6D-11cf-96B8-44455354000​0}\MiscStatus]
 @="0"
 .
 [HKEY_LOCAL_MACHINE\software\Cl​asses\Wow6432Node\CLSID\{D27CD​B6E-AE6D-11cf-96B8-44455354000​0}\ProgID]
 @="ShockwaveFlash.ShockwaveFla​sh.11"
 .
 [HKEY_LOCAL_MACHINE\software\Cl​asses\Wow6432Node\CLSID\{D27CD​B6E-AE6D-11cf-96B8-44455354000​0}\ToolboxBitmap32]
 @="c:\\Windows\\SysWOW64\\Macr​omed\\Flash\\Flash32_11_7_700_​202.ocx, 1"
 .
 [HKEY_LOCAL_MACHINE\software\Cl​asses\Wow6432Node\CLSID\{D27CD​B6E-AE6D-11cf-96B8-44455354000​0}\TypeLib]
 @="{D27CDB6B-AE6D-11cf-96B8-44​4553540000}"
 .
 [HKEY_LOCAL_MACHINE\software\Cl​asses\Wow6432Node\CLSID\{D27CD​B6E-AE6D-11cf-96B8-44455354000​0}\Version]
 @="1.0"
 .
 [HKEY_LOCAL_MACHINE\software\Cl​asses\Wow6432Node\CLSID\{D27CD​B6E-AE6D-11cf-96B8-44455354000​0}\VersionIndependentProgID]
 @="ShockwaveFlash.ShockwaveFla​sh"
 .
 [HKEY_LOCAL_MACHINE\software\Cl​asses\Wow6432Node\CLSID\{D27CD​B70-AE6D-11cf-96B8-44455354000​0}]
 @Denied: (A 2) (Everyone)
 @="Macromedia Flash Factory Object"
 .
 [HKEY_LOCAL_MACHINE\software\Cl​asses\Wow6432Node\CLSID\{D27CD​B70-AE6D-11cf-96B8-44455354000​0}\InprocServer32]
 @="c:\\Windows\\SysWOW64\\Macr​omed\\Flash\\Flash32_11_7_700_​202.ocx"
 "ThreadingModel"="Apartment"
 .
 [HKEY_LOCAL_MACHINE\software\Cl​asses\Wow6432Node\CLSID\{D27CD​B70-AE6D-11cf-96B8-44455354000​0}\ProgID]
 @="FlashFactory.FlashFactory.1​"
 .
 [HKEY_LOCAL_MACHINE\software\Cl​asses\Wow6432Node\CLSID\{D27CD​B70-AE6D-11cf-96B8-44455354000​0}\ToolboxBitmap32]
 @="c:\\Windows\\SysWOW64\\Macr​omed\\Flash\\Flash32_11_7_700_​202.ocx, 1"
 .
 [HKEY_LOCAL_MACHINE\software\Cl​asses\Wow6432Node\CLSID\{D27CD​B70-AE6D-11cf-96B8-44455354000​0}\TypeLib]
 @="{D27CDB6B-AE6D-11cf-96B8-44​4553540000}"
 .
 [HKEY_LOCAL_MACHINE\software\Cl​asses\Wow6432Node\CLSID\{D27CD​B70-AE6D-11cf-96B8-44455354000​0}\Version]
 @="1.0"
 .
 [HKEY_LOCAL_MACHINE\software\Cl​asses\Wow6432Node\CLSID\{D27CD​B70-AE6D-11cf-96B8-44455354000​0}\VersionIndependentProgID]
 @="FlashFactory.FlashFactory"
 .
 [HKEY_LOCAL_MACHINE\software\Cl​asses\Wow6432Node\Interface\{6​AE38AE0-750C-11E1-B0C4-0800200​C9A66}]
 @Denied: (A 2) (Everyone)
 @="IFlashBroker5"
 .
 [HKEY_LOCAL_MACHINE\software\Cl​asses\Wow6432Node\Interface\{6​AE38AE0-750C-11E1-B0C4-0800200​C9A66}\ProxyStubClsid32]
 @="{00020424-0000-0000-C000-00​0000000046}"
 .
 [HKEY_LOCAL_MACHINE\software\Cl​asses\Wow6432Node\Interface\{6​AE38AE0-750C-11E1-B0C4-0800200​C9A66}\TypeLib]
 @="{FAB3E735-69C7-453B-A446-B6​823C6DF1C9}"
 "Version"="1.0"
 .
 [HKEY_LOCAL_MACHINE\software\Wo​w6432Node\Microsoft\Windows CE Services]
 "SymbolicLinkValue"=hex(6):5c,​00,72,00,65,00,67,00,69,00,73,​00,74,00,72,00,79,

00,5c,00,4d,00,41,00,43,00,48,​00,49,00,4e,00,45,00,5c,00,53,​00,4f,00,46,00,\
 .
 [HKEY_LOCAL_MACHINE\system\Cont​rolSet001\Control\Class\{4D36E​96D-E325-11CE-BFC1-08002BE1031​8}\0000\AllUserSettings]
 @Denied: (A) (Users)
 @Denied: (A) (Everyone)
 @Allowed: (B 1 2 3 4 5) (S-1-5-20)
 "BlindDial"=dword:00000000
 .
 [HKEY_LOCAL_MACHINE\system\Cont​rolSet001\Control\Class\{4D36E​96D-E325-11CE-BFC1-08002BE1031​8}\0001\AllUserSettings]
 @Denied: (A) (Users)
 @Denied: (A) (Everyone)
 @Allowed: (B 1 2 3 4 5) (S-1-5-20)
 "BlindDial"=dword:00000000
 .
 [HKEY_LOCAL_MACHINE\system\Cont​rolSet001\Control\Class\{4D36E​96D-E325-11CE-BFC1-08002BE1031​8}\0002\AllUserSettings]
 @Denied: (A) (Users)
 @Denied: (A) (Everyone)
 @Allowed: (B 1 2 3 4 5) (S-1-5-20)
 "BlindDial"=dword:00000000
 .
 [HKEY_LOCAL_MACHINE\system\Cont​rolSet001\Control\Class\{4D36E​96D-E325-11CE-BFC1-08002BE1031​8}\0003\AllUserSettings]
 @Denied: (A) (Users)
 @Denied: (A) (Everyone)
 @Allowed: (B 1 2 3 4 5) (S-1-5-20)
 "BlindDial"=dword:00000000
 .
 [HKEY_LOCAL_MACHINE\system\Cont​rolSet001\Control\Class\{4D36E​96D-E325-11CE-BFC1-08002BE1031​8}\0006\AllUserSettings]
 @Denied: (A) (Users)
 @Denied: (A) (Everyone)
 @Allowed: (B 1 2 3 4 5) (S-1-5-20)
 "BlindDial"=dword:00000000
 .
 [HKEY_LOCAL_MACHINE\system\Cont​rolSet001\Control\PCW\Security​]
 @Denied: (Full) (Everyone)
 .
 Heure de fin: 2013-06-04  22:52:44
 ComboFix-quarantined-files.txt  2013-06-04 20:52
 .
 Avant-CF: 69 331 759 104 octets libres
 Après-CF: 71 436 468 224 octets libres
 .
 - - End Of File - - DA72CB5506DA5F8D7DE9310BCFD0F9​13


Profil : Equipe sécurité
did80
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés) Helpeur confirmé
  1. Posté le 05/06/2013 à 15:08:16  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello: kirikou123

 dis moi comment va le pc??  toujours des problèmes

 a te lire  ;)


---------------
l'urgent est fait , l'impossible est en cours
pour les miracles prévoir des délais
kirikou123
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 05/06/2013 à 15:16:04  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:super: Salut ça a l'air d'aller

Profil : Equipe sécurité
did80
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés) Helpeur confirmé
  1. Posté le 05/06/2013 à 18:14:32  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
RE testes ton pc

 si ok

 ceci
 Télécharges delfix pour désinstaller les outils de désinfection qui ne vont plus te
 Servir  puisque mis a jour régulièrement

 http://general-changelog-team. [...] e/3-delfix

 http://nsa30.casimages.com/img​/2013/01/06/130106013717142834​.png

 edites ton 1er message en cliquant sur le bouton modifier



 marques résolu dans le titre  :jap:



 bon surf did80 :hello:
 


---------------
l'urgent est fait , l'impossible est en cours
pour les miracles prévoir des délais
kirikou123
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 10/06/2013 à 17:51:09  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonsoir did80 merci de ton aide

  ;)

 Page :
1

Aller à :
 

Sujets relatifs
Virus Win32:Malware-gen détecté Comment supprimer trojan agent [ Résolu ]
comment supprimer les restes du firewall COMODO dans le registre? [Résolu] trojan eorezo + Pup.tuto4pc
trojan ... Avast.exe n'est une application Win32 valide... Virus downloader
besoin d'aide pour supprimer Trojan Win32 encor ce trojan
Plus de sujets relatifs à : Trojan.VB.Downloader.Gen [Résolu]

Les 5 sujets de discussion précédents Nombre de réponses Dernier message
Installe automatiquement Optimizer pro 1
Désactivation intempestive des fenêtres 10
suppression startpin [résolu] 22
logiciel malveillant trouvé 6
désintaller qv06 (résolu) 14