Script ZHPFix Lignes indésirables : G2 - GCE: Preference [User Data\Default] [bakijjialdiiboeaknfpmflphhmljfkd] Speedial v.9.4.25, (Désactivé) =>Adware.SearchYa G2 - GCE: Preference [User Data\Default] [pflphaooapbgpeakohlggbpidpppgdff] MySearchDial v.9.4.24, (Désactivé) =>Adware.MyWebSearch M3 - MFPP: Plugins - [Roland] -- C:\Users\Roland\AppData\Roaming\Mozilla\Firefox\Profiles\ug0tw076.default\searchplugins\default-search.xml =>Hijacker.Browsers M3 - MFPP: Plugins - [Roland] -- C:\Users\Roland\AppData\Roaming\Mozilla\Firefox\Profiles\ug0tw076.default\searchplugins\Mysearchdial.xml =>Adware.MyWebSearch M3 - MFPP: Plugins - [Roland] -- C:\Users\Roland\AppData\Roaming\Mozilla\Firefox\Profiles\ug0tw076.default\searchplugins\Speedial.xml =>Adware.SearchYa M2 - MFEP: Extension [Roland - ug0tw076.default] {ad9a41d2-9a49-4fa6-a79e-71a0785364c8} => Adware.MyWebSearch R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securedsearch2.lavasoft.com => PUP.LavasoftSecureSearch O4 - HKLM\..\Run: [Search Protection] C:\ProgramData\Search Protection\SearchProtection.exe (.not file.) =>PUP.SearchProtect O23 - Service: Util webget (Util webget) . (...) - C:\Program Files\webget\bin\utilwebget.exe (.not file.) =>PUP.WebGet O36 - AppCertDlls: (x64) . (...) -- c:\program files\settings manager\systemk\x64\sysapcrt.dll =>PUP.SystemK O39 - APT: - (..) -- C:\Windows\Tasks\Speedial.job [296] =>Adware.SearchYa O39 - APT: - (..) -- C:\Windows\System32\Tasks\Speedial [296] =>Adware.SearchYa O41 - Driver: ({9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw.sys =>PUP.LinkiDoo [HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] => PUP.OptimizerPro [HKCU\Software\InstallCore] =>Adware.InstallCore [HKCU\Software\Linkey] =>PUP.LinkeySearch [HKCU\Software\Vittalia] =>PUP.Vittalia [HKLM\Software\InstallCore] =>Adware.InstallCore [HKLM\Software\LevelQualityWatcher] =>PUP.LevelQualityWatcher [HKLM\Software\SystemK] =>PUP.SystemK O43 - CFD: 23/05/2014 - 15:00:31 - [0] ----D C:\Program Files\004 =>PUP.AdPeak O43 - CFD: 23/05/2014 - 11:54:12 - [0] ----D C:\Program Files\Toolbar Cleaner =>PUP.ToolbarCleaner O43 - CFD: 21/05/2014 - 11:10:09 - [0] ----D C:\Program Files\webget =>PUP.WebGet O43 - CFD: 20/05/2014 - 10:00:55 - [] ----D C:\Users\Roland\AppData\Roaming\0V1L2Z2Z1T1I1L1T =>Adware.InstallCore O43 - CFD: 06/05/2014 - 12:16:11 - [] ----D C:\Users\Roland\AppData\Roaming\mysearchdial =>Adware.MyWebSearch O43 - CFD: 14/05/2014 - 16:01:19 - [] ----D C:\Users\Roland\AppData\Roaming\Speedial =>Adware.SearchYa O50 - IFEO:Image File Execution Options - bitguard.exe - tasklist.exe =>PUP.BitGuard O50 - IFEO:Image File Execution Options - bprotect.exe - tasklist.exe => PUP.VideoPerformer O50 - IFEO:Image File Execution Options - bpsvc.exe - tasklist.exe O50 - IFEO:Image File Execution Options - browserdefender.exe - tasklist.exe =>Hijacker.Eazel O50 - IFEO:Image File Execution Options - browserprotect.exe - tasklist.exe =>Hijacker.Eazel O50 - IFEO:Image File Execution Options - browsersafeguard.exe - tasklist.exe =>PUP.BrowserSafeguard O50 - IFEO:Image File Execution Options - dprotectsvc.exe - tasklist.exe =>Trojan.Staser O50 - IFEO:Image File Execution Options - jumpflip - tasklist.exe =>PUP.JumpFlip O50 - IFEO:Image File Execution Options - protectedsearch.exe - tasklist.exe =>Spyware.ProtectedSearch O50 - IFEO:Image File Execution Options - searchinstaller.exe - tasklist.exe => PUP.Babylon O50 - IFEO:Image File Execution Options - searchprotection.exe - tasklist.exe =>PUP.SearchProtect O50 - IFEO:Image File Execution Options - searchprotector.exe - tasklist.exe =>PUP.SearchProtect O50 - IFEO:Image File Execution Options - searchsettings.exe - tasklist.exe =>Adware.SearchSettings O50 - IFEO:Image File Execution Options - searchsettings64.exe - tasklist.exe =>Adware.SearchSettings O50 - IFEO:Image File Execution Options - snapdo.exe - tasklist.exe =>Hijacker.SmartBar O50 - IFEO:Image File Execution Options - stinst32.exe - tasklist.exe O50 - IFEO:Image File Execution Options - stinst64.exe - tasklist.exe O50 - IFEO:Image File Execution Options - umbrella.exe - tasklist.exe =>Adware.IMBooster O50 - IFEO:Image File Execution Options - utiljumpflip.exe - tasklist.exe =>PUP.JumpFlip O50 - IFEO:Image File Execution Options - volaro - tasklist.exe =>Trojan.Vonteera O50 - IFEO:Image File Execution Options - vonteera - tasklist.exe =>Trojan.Vonteera O50 - IFEO:Image File Execution Options - websteroids.exe - tasklist.exe =>PUP.TubeDimmer O50 - IFEO:Image File Execution Options - websteroidsservice.exe - tasklist.exe =>PUP.TubeDimmer O51 - MPSK:{a490800a-db70-11e3-9a3e-94de807d5099}\AutoRun\command. (...) -- G:\AutoPlay.exe (.not file.) => Infection USB (Trojan.USB) O58 - SDL:28/04/2014 - 09:23:34 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw.sys [52920] =>PUP.LinkiDoo O64 - Services: CurCS - 28/04/2014 - C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw.sys ({9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw) .(.StdLib - StdLib.) - LEGACY_{9EDD0EA8-2819-47C2-8320-B007D5996F8A}GW =>PUP.LinkiDoo O69 - SBI: SearchScopes [HKCU] {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} - (SecureSearch) - http://securedsearch2.lavasoft.com => Adware.ToolbarCleaner HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.MyPCBackup HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.MyPCBackup HKLM\SOFTWARE\Microsoft\Tracing\updatewebget_RASAPI32 =>PUP.WebGet HKLM\SOFTWARE\Microsoft\Tracing\updatewebget_RASMANCS =>PUP.WebGet HKLM\SOFTWARE\Microsoft\Tracing\utilwebget_RASAPI32 =>PUP.WebGet HKLM\SOFTWARE\Microsoft\Tracing\utilwebget_RASMANCS =>PUP.WebGet HKLM\SOFTWARE\Microsoft\Tracing\webget_RASAPI32 =>PUP.WebGet HKLM\SOFTWARE\Microsoft\Tracing\webget_RASMANCS =>PUP.WebGet SS - | Auto 10/07/1658 0 | (Util webget) . (...) - C:\Program Files\webget\bin\utilwebget.exe =>PUP.WebGet [HKLM\Software\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd] =>Adware.SearchYa^ [HKLM\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff] =>Adware.MyWebSearch^ [HKLM\SYSTEM\CurrentControlSet\Services\Util webget] =>PUP.WebGet^ [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}] =>PUP.ToolbarCleaner [HKLM\Software\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke [HKLM\Software\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke [HKLM\Software\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}] =>PUP.Babylon [HKLM\Software\Classes\setup.player] =>Spyware.MarketScore [HKLM\Software\Classes\setup.player.2k2] =>Spyware.MarketScore [HKLM\Software\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>PUP.Babylon [HKCU\Software\InstallCore] =>Adware.InstallCore [HKLM\Software\InstallCore] =>Adware.InstallCore [HKLM\Software\Classes\AppID\secman.DLL] =>PUP.Babylon [HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro [HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro [HKLM\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}] =>Adware.BrowseFox [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Search Protection =>PUP.SearchProtect^ C:\Users\Roland\AppData\Local\Google\Chrome\User Data\Default\Extensions\bakijjialdiiboeaknfpmflphhmljfkd =>Adware.SearchYa^ C:\Users\Roland\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff =>Adware.MyWebSearch^ C:\Program Files\004 =>PUP.AdPeak^ C:\Program Files\Toolbar Cleaner =>PUP.ToolbarCleaner^ C:\Program Files\webget =>PUP.WebGet^ C:\Users\Roland\AppData\Roaming\0V1L2Z2Z1T1I1L1T =>Adware.InstallCore^ C:\Users\Roland\AppData\Roaming\mysearchdial =>Adware.MyWebSearch^ C:\Users\Roland\AppData\Roaming\Speedial =>Adware.SearchYa^ C:\Windows\Tasks\Speedial.job =>Adware.SearchYa^ C:\Windows\System32\Tasks\Speedial =>Adware.SearchYa^ [HKCU\Software\Linkey] =>PUP.LinkeySearch^ [HKCU\Software\Vittalia] =>PUP.Vittalia^ [HKLM\Software\LevelQualityWatcher] =>PUP.LevelQualityWatcher^ [HKLM\Software\SystemK] =>PUP.SystemK^ [HKCU\Software\Softonic] =>Toolbar.Conduit [HKLM\Software\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}] =>Toolbar.Agent [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6c97a91e-4524-4019-86af-2aa2d567bf5c}] =>Toolbar.AdAware [HKCU\Software\Softonic] =>Toolbar.Conduit Lignes superflues ou inutiles : [MD5.00000000000000000000000000000000] [APT] [{2204AF09-83AA-4235-87DE-8D3CC911FA3E}] (...) -- C:\Users\Roland\Desktop\Adaware_Installer.exe (.not file.) [0] => Lavasoft Ad-Aware [MD5.00000000000000000000000000000000] [APT] [{7CB14936-9C45-4344-AEBA-DC7DB3DC5D1E}] (...) -- E:\Photoshop 7\Alcohol 120% v1.9.2.1705 Francais + Serial [By Tueurpure77]\Alcohol 120% v1.9.2.1705 Multilanguage + serial (OK)\Alcohol120_retail_1_9_2_1705.exe (.not file.) [0] => Fichier absent [MD5.00000000000000000000000000000000] [APT] [{DAA4506F-9CA4-4597-8BBB-32F92F237973}] (...) -- D:\Utility\GIGABYTE\@BIOS\setup.exe (.not file.) [0] => Fichier absent [HKCU\Software\AppDataLow\Software\adawarebp] => Lavasoft Ad-Aware O43 - CFD: 23/05/2014 - 12:27:32 - [] ----D C:\Program Files\Spybot - Search & Destroy 2 => Safer Networking Ltd - Spybot S&D O43 - CFD: 23/05/2014 - 11:47:13 - [] ----D C:\ProgramData\Spybot - Search & Destroy => Safer Networking Ltd - Spybot S&D O61 - LFC: 27/08/2014 - 11:23:53 ---A- . (...) -- C:\Users\Roland\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\4efb409cba728e5c8b8fb59296463130_fce8395c8fd8a86c_15f74c7777689be5_0_0.bin [16384] => Temporary file not necessary O61 - LFC: 27/08/2014 - 11:23:53 ---A- . (...) -- C:\Users\Roland\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\4efb409cba728e5c8b8fb59296463130_fce8395c8fd8a86c_15f74c7777689be5_0_1.bin [1048576] => Temporary file not necessary O61 - LFC: 28/08/2014 - 11:23:50 ---A- . (...) -- C:\Users\Roland\AppData\Local\Temp\edb2e77a-a6e5-409b-a7ed-9225df124a14\CliSecureRT.dll [113498] => Temporary file not necessary Lignes d'optimisation du démarrage : OPT:O4 - HKLM\..\Run: [ISUSScheduler] . (.InstallShield Software Corporation - InstallShield Update Service Scheduler.) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe OPT:O4 - HKCU\..\Run: [ISUSPM Startup] . (.InstallShield Software Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe OPT:O4 - HKUS\S-1-5-21-544581668-953849167-3677732340-1003\..\Run: [ISUSPM Startup] . (.InstallShield Software Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [HKLM\Software\BrowserChoice] EmptyClsid Ifeofix Proxyfix FirewallRaz ShortcutFix emptytemp emptyflash