start CloseProcesses: CreateRestorePoint: (Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeSvc.exe (Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeSvc2.exe (Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeTray.exe (Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe (Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe () C:\Program Files\WebConnect\updateWebConnect.exe () C:\Program Files\WebConnect\bin\utilWebConnect.exe (MyPCBackup.com) C:\Program Files\MyPC Backup\MyPC Backup.exe HKLM\...\Run: [DATAMNGR] => C:\PROGRA~1\SEARCH~1\Datamngr\DATAMN~2.EXE (APN) C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe HKLM\...\Run: [ApnTBMon] => C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2004360 2015-04-28] (APN) AppInit_DLLs: c:\progra~2\wincert\win32c~1.dll => Pas de fichier IFEO\b9eg190.exe: [Debugger] TaskList.exe IFEO\bbqleads.exe: [Debugger] TaskList.exe IFEO\bbqleadsapplication.exe: [Debugger] TaskList.exe IFEO\bbqleadsservice.exe: [Debugger] TaskList.exe IFEO\bbqquotes.exe: [Debugger] TaskList.exe IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\ContentExplorer.exe: [Debugger] TaskList.exe IFEO\donutleads.exe: [Debugger] TaskList.exe IFEO\donutquotes.exe: [Debugger] TaskList.exe IFEO\internetenhancer.exe: [Debugger] TaskList.exe IFEO\internetenhancerservice.exe: [Debugger] TaskList.exe IFEO\pastaleads.exe: [Debugger] TaskList.exe IFEO\pastaquotes.exe: [Debugger] TaskList.exe IFEO\spyhunter.exe: [Debugger] TaskList.exe IFEO\theanswerfinder.exe: [Debugger] TaskList.exe IFEO\wajam.exe: [Debugger] TaskList.exe IFEO\wajaminternetenhancer.exe: [Debugger] TaskList.exe IFEO\WajamInternetEnhancerApp.exe: [Debugger] TaskList.exe IFEO\WajamInternetEnhancerAppservice.exe: [Debugger] TaskList.exe IFEO\wajaminternetenhancerservice.exe: [Debugger] TaskList.exe Startup: C:\Users\Mélanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk [2014-09-23] ShortcutTarget: MyPC Backup.lnk -> C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com) GroupPolicy: Stratégie de groupe sur Chrome détecté(e) <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Stratégie de restriction <======= ATTENTION CHR HKU\S-1-5-21-3178174881-3027134443-3683558660-1000\SOFTWARE\Policies\Google: Stratégie de restriction <======= ATTENTION SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=390&systemid=406&v=a9396-115&apn_uid=0031002252334234&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms} SearchScopes: HKU\S-1-5-21-3178174881-3027134443-3683558660-1000 -> {061F1591-E193-402D-AAC0-19DCB4869149} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-3178174881-3027134443-3683558660-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-3178174881-3027134443-3683558660-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-3178174881-3027134443-3683558660-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://fr.search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=pr-bir-is__alt__ddc_dss_bd_com&p={searchTerms} SearchScopes: HKU\S-1-5-21-3178174881-3027134443-3683558660-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-3178174881-3027134443-3683558660-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-3178174881-3027134443-3683558660-1000 -> {D60A9C2F-A0D3-4076-BBC2-FCC07C189699} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-3178174881-3027134443-3683558660-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} BHO: WebConnect 1.0.0.6 -> {2316c625-b487-4410-a1a5-ff040b65245f} -> C:\Program Files\WebConnect\WebConnectBHO.dll Pas de fichier BHO: Search-Results Toolbar -> {377e5d4d-77e5-476a-8716-7e70a9272da0} -> C:\PROGRA~1\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll Pas de fichier Toolbar: HKLM - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.24.6\deltaTlbr.dll Pas de fichier Winsock: Catalog9 01 C:\Windows\system32\MyOSProtect.dll Pas de fichier Winsock: Catalog9 02 C:\Windows\system32\MyOSProtect.dll Pas de fichier Winsock: Catalog9 03 C:\Windows\system32\MyOSProtect.dll Pas de fichier Winsock: Catalog9 04 C:\Windows\system32\MyOSProtect.dll Pas de fichier Winsock: Catalog9 29 C:\Windows\system32\MyOSProtect.dll Pas de fichier FF SearchEngineOrder.1: Ask Search FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml [2013-09-24] FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\delta-homes.xml [2015-05-20] FF Extension: Delta Toolbar - C:\Users\Mélanie\AppData\Roaming\Mozilla\Firefox\Profiles\cdf3ywap.default\Extensions\ffxtlbr@delta.com [2013-09-23] FF Extension: Search-Results Toolbar - C:\Users\Mélanie\AppData\Roaming\Mozilla\Firefox\Profiles\cdf3ywap.default\Extensions\{377e5d4d-77e5-476a-8716-7e70a9272da0} [2013-06-20] FF Extension: Ask Toolbar - C:\Users\Mélanie\AppData\Roaming\Mozilla\Firefox\Profiles\cdf3ywap.default\Extensions\toolbar_ORJ-V7@apn.ask.com.xpi [2013-06-07] FF Extension: Pas de nom - C:\Users\Mélanie\AppData\Roaming\Mozilla\Firefox\Profiles\cdf3ywap.default\extensions\{C4A4F5A0-4B89-4392-AFAC-D58010E349AF}.xpi [non trouvé(e)] FF Extension: Pas de nom - C:\Users\Mélanie\AppData\Roaming\Mozilla\Firefox\Profiles\cdf3ywap.default\extensions\{f365189d-3e18-4f01-8423-a1ed102ed962}.xpi [non trouvé(e)] CHR Extension: (Quick start) - C:\Users\Mélanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-09-23] CHR HKLM\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Mélanie\AppData\Roaming\BabSolution\CR\Delta.crx CHR HKLM\...\Chrome\Extension: [ieakfmpjhljbpbfpldjkddkjmmgjmgon] - C:\Program Files\WebConnect\ieakfmpjhljbpbfpldjkddkjmmgjmgon.crx CHR HKLM\...\Chrome\Extension: [jbajpeofkjjeiamcglnmldoboonfkiol] - C:\Program Files\Search Results Toolbar\Datamngr\chromeExtension.crx R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [6324208 2015-08-19] (Reimage®) R2 Update WebConnect; C:\Program Files\WebConnect\updateWebConnect.exe [461736 2015-08-28] () R2 Util WebConnect; C:\Program Files\WebConnect\bin\utilWebConnect.exe [461736 2015-08-28] () R1 iSafeKrnl; C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys [225896 2015-05-14] (Elex do Brasil Participações Ltda) S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [50280 2015-08-19] (Elex do Brasil Participações Ltda) R1 iSafeKrnlKit; C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys [97912 2015-08-19] (Elex do Brasil Participações Ltda) R1 iSafeKrnlMon; C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys [45032 2015-08-19] (Elex do Brasil Participações Ltda) R1 iSafeKrnlR3; C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys [73232 2015-08-19] (Elex do Brasil Participações Ltda) R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [44712 2015-06-30] (Elex do Brasil Participações Ltda) R1 pcwatch; C:\Windows\system32\Drivers\pcwatch.sys [20480 2014-09-01] () [Fichier non signé] <==== ATTENTION S3 cpuz134; \??\C:\Users\MLANIE~1\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X] 2015-08-27 11:50 - 2015-08-19 09:02 - 00050280 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys 2015-08-27 11:50 - 2015-06-30 04:50 - 00044712 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys 2015-08-27 11:48 - 2015-08-27 11:48 - 00000000 ____D C:\Users\Mélanie\AppData\Roaming\Elex-tech 2015-08-27 11:48 - 2015-08-27 11:48 - 00000000 ____D C:\Program Files\Elex-tech 2015-08-23 17:01 - 2015-08-23 17:03 - 00000000 ____D C:\ProgramData\Reimage Protector 2015-08-23 17:01 - 2015-08-23 17:01 - 00002070 _____ C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk 2015-08-23 17:00 - 2015-08-23 17:02 - 00000000 ____D C:\Program Files\Reimage 2015-08-23 16:58 - 2015-08-23 17:04 - 00000139 _____ C:\Windows\Reimage.ini 2015-08-23 16:56 - 2015-08-23 16:56 - 00772016 _____ (Reimage®) C:\Users\Mélanie\Downloads\ReimageRepair (1).exe 2015-08-23 16:54 - 2015-08-23 16:56 - 00772016 _____ (Reimage®) C:\Users\Mélanie\Downloads\ReimageRepair.exe iLivid (HKLM\...\iLivid) (Version: 4.0.0.2901 - Bandoo Media Inc) <==== ATTENTION MyPC Backup (HKLM\...\MyPC Backup) (Version: - JDi Backup Ltd) <==== ATTENTION Reimage Repair (HKLM\...\Reimage Repair) (Version: 1.8.2.1 - Reimage) <==== ATTENTION Search-Results Toolbar (HKLM\...\ilividtoolbargaw) (Version: 1.2.0.0 - APN LLC) <==== ATTENTION Web Protect for Windows (HKLM\...\wp-adinject-adk) (Version: 10.0.0 - Web Protect) <==== ATTENTION WebConnect 3.0.0 (HKLM\...\WebConnect) (Version: 3.0.0 - Web Connect) <==== ATTENTION WinZipper (HKLM\...\WinZipper) (Version: 1.5.111 - Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION YAC(Yet Another Cleaner!) (HKLM\...\iSafe) (Version: - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== ATTENTION Task: {06376EEB-3561-4B64-A231-58772559D199} - System32\Tasks\RocketTab => cmd.exe /C start "" "C:\Program Files\Search Extensions\Client.exe" /Preferred=true <==== ATTENTION Task: {27EBB0D0-A49E-40B2-8B62-A8426A788EC3} - System32\Tasks\EPUpdater => C:\Users\Mélanie\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-08-04] () <==== ATTENTION Task: {76B70B40-A155-49E1-B0C7-EA8D3524D4DA} - System32\Tasks\LaunchSignup => C:\Program Files\MyPC Backup\Signup Wizard.exe <==== ATTENTION Task: {A0146A3F-A1C7-4102-ACEF-18B204B8E8F8} - System32\Tasks\Reimage Reminder => C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe [2015-08-18] (Reimage ltd.) <==== ATTENTION Task: {B5E01FAE-565B-440A-85B6-FA6CEFE430B7} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-08-19] (Reimage®) <==== ATTENTION Task: {B6AE0892-8B0B-430A-919E-201F044A7D7F} - System32\Tasks\{C383E1EA-F8C5-4164-A0CD-C51360F01197} => pcalua.exe -a C:\Users\Mélanie\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=adks <==== ATTENTION Task: {C2479324-36A1-44E6-B87D-D09A3A7BFE6A} - System32\Tasks\Safe-Ads Updater => Wscript.exe //B "C:\Users\Mélanie\AppData\Local\delta\delta\1.3.28.0\..\updt.js" 2015-08-27 11:49 - 2015-08-19 08:59 - 00065696 _____ () C:\Program Files\Elex-tech\YAC\zlib1.dll 2015-08-27 11:49 - 2015-06-30 04:50 - 00176976 _____ () C:\Program Files\Elex-tech\YAC\tws\unrar.dll 2015-08-27 11:49 - 2015-06-30 04:50 - 00087744 _____ () C:\Program Files\Elex-tech\YAC\tws\unacev2.dll 2015-08-27 11:49 - 2015-08-19 08:59 - 00179200 _____ () C:\Program Files\Elex-tech\YAC\libpng.dll 2013-08-30 04:16 - 2015-08-28 16:57 - 00461736 _____ () C:\Program Files\WebConnect\updateWebConnect.exe 2015-05-20 20:10 - 2015-08-28 18:10 - 00461736 _____ () C:\Program Files\WebConnect\bin\utilWebConnect.exe 2014-11-13 11:59 - 2014-11-13 11:58 - 00012288 _____ () C:\Program Files\MyPC Backup\GetText.dll 2014-11-13 11:59 - 2014-11-13 11:57 - 00060928 _____ () C:\Program Files\MyPC Backup\LinqBridge.dll 2014-11-13 11:59 - 2014-11-13 11:57 - 00270336 _____ () C:\Program Files\MyPC Backup\AlphaFS.dll HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\pcwatch.sys => ""="Driver" <==== ATTENTION HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MyOSProtect => ""="service" <==== ATTENTION HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\pcwatch.sys => ""="Driver" <==== ATTENTION FirewallRules: [{3F0DBD2F-153E-4368-AD1C-9A4A991F8209}] => (Allow) C:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\dtUser.exe FirewallRules: [{90371DC0-320B-442E-8596-88B9F93715F9}] => (Allow) C:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\dtUser.exe cmd: netsh reset catalog EmptyTemp: end