Script ZHPFix Lignes indésirables : G2 - GCE: Preference [User Data\Default] [DUMMYimkiojpjcoiiipekfjaopchhjga] Simple New Tab v.1.0.0 (Désactivé) => PUP.SimpleNewTab M2 - MFEP: RegExtension {437cc291-6bf0-4b1c-982c-9a49b610b9e2} . (...) -- C:\Program Files (x86)\LyricsContainer\131.xpi (.not file.) =>Adware.AddLyrics R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback> =>Hijacker.Proxy O4 - HKLM\..\Wow6432Node\Run: [startertv_fr_10] Clé orpheline =>Adware.StarterTV O23 - Service: Performance Optimizer (892cc6a3) . (...) - c:\progra~3\perfor~1\PerformanceOptimizerSvc.dll (.not file.) =>PUP.PerformanceOptimizer [MD5.00000000000000000000000000000000] [APT] [{126C21E6-3369-49DE-8FD3-0709ADFA31F7}] (...) -- C:\ProgramData\BetterSoft\SaveByClick\SaveByClick.exe (.not file.) [0] =>Hijacker.SaveByclick [MD5.00000000000000000000000000000000] [APT] [{3E7D7CA9-DBD3-4098-95B0-D8B729446A6B}] (...) -- C:\Users\Steeve\AppData\Roaming\webssearches\UninstallManager.exe (.not file.) [0] =>Hijacker.WebsSearches O42 - Logiciel: RandomDealApp - (.RandomDealApp.) [HKLM][64Bits] -- {37476589-E48E-439E-A706-56189E2ED4C4}_is1 => DealsFactor O42 - Logiciel: SaveByClick - (.SaveByClick.) [HKLM][64Bits] -- {CF9B5944-2147-40BC-A257-696514787BB2} =>Hijacker.SaveByclick [HKCU\Software\SimpleNewTab] =>PUP.SimpleNewTab [HKCU\Software\Snoozer] =>PUP.LuaRT O43 - CFD: 06/08/2014 - 14:47:42 - [] -SH-D C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} => PUP.Agent [MD5.25A0F1AD26B3084607BC2B30D913412C] [SPRF][18/08/2014] (.Software Installer - Software Installer.) -- C:\Users\Steeve\AppData\Roaming\setup.exe [146432] => Infection Diverse (Trojan.Agent) [MD5.A91D34375B4647FF0F57E8076EC72B1B] [WIS][08/08/2012] (.Babylon Ltd - BabylonObjectInstaller.) -- C:\Windows\Installer\151b9d8.msi [343040] =>PUP.Babylon HKLM\SOFTWARE\Microsoft\Tracing\srvBrowserProtect_RASAPI32 =>Hijacker.Eazel HKLM\SOFTWARE\Microsoft\Tracing\srvBrowserProtect_RASMANCS =>Hijacker.Eazel HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseFox_RASAPI32 =>Adware.BrowseFox HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseFox_RASMANCS =>Adware.BrowseFox HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BrowserSafeguard_RASAPI32 =>PUP.BrowserSafeguard HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BrowserSafeguard_RASMANCS =>PUP.BrowserSafeguard HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LollipopInstaller_RASAPI32 =>Adware.Lollipop HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LollipopInstaller_RASMANCS =>Adware.Lollipop HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\pricepeep_RASAPI32 =>Adware.PricePeep HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\pricepeep_RASMANCS =>Adware.PricePeep HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SecondOffer1_RASAPI32 =>PUP.Linkular HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SecondOffer1_RASMANCS =>PUP.Linkular HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yontoo-C4-05C4_RASAPI32 =>Adware.Yontoo HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yontoo-C4-05C4_RASMANCS =>Adware.Yontoo SS - | Auto 10/07/1658 0 | (892cc6a3) . (...) - c:\progra~3\perfor~1\PerformanceOptimizerSvc.dll => PUP.PerformanceOptimizer [HKLM\SYSTEM\CurrentControlSet\Services\892cc6a3] =>PUP.PerformanceOptimizer^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CF9B5944-2147-40BC-A257-696514787BB2}] =>Hijacker.SaveByclick^ [HKLM\Software\Microsoft\Tracing\updateBrowseFox_RASMANCS] =>Adware.BrowseFox [HKLM\Software\Microsoft\Tracing\updateBrowseFox_RASAPI32] =>Adware.BrowseFox [HKLM\Software\Wow6432Node\Phyxion.net\OpenCandy] =>Adware.OpenCandy [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:startertv_fr_10 =>Adware.StarterTV^ [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]:GM4IE =>PUP.Facemoi C:\Users\Steeve\AppData\Roaming\Mozilla\Firefox\Profiles\EP: RegExtension {437cc291-6bf0-4b1c-982c-9a49b610b9e2} . (...) -- C:\extensions\Program Files (x86)\LyricsContainer\131.xpi (.not file.) =>Adware.AddLyrics^ [HKCU\Software\SimpleNewTab] =>PUP.SimpleNewTab^ [HKCU\Software\Snoozer] =>PUP.LuaRT^ C:\Windows\Installer\151b9d8.msi =>PUP.Babylon^ C:\Users\Steeve\AppData\Local\Temp\instloffer.exe =>PUP.OfferBox C:\Users\Steeve\AppData\Local\Temp\uninst1.exe =>PUP.Babylon C:\Users\Steeve\AppData\Local\Temp\BabylonMngr.xpi =>PUP.SweetIM C:\Users\Steeve\AppData\Local\Temp\GoogleToolbarInstaller1.log =>PUP.Babylon C:\Users\Steeve\AppData\Local\Temp\GoogleToolbarInstaller2.log =>PUP.Babylon C:\Users\Steeve\AppData\Local\Temp\ToolbarInstaller.exe =>PUP.Babylon C:\Users\Steeve\AppData\Local\Temp\blabbers-ff-le.xpi =>PUP.Blabbers C:\Users\Steeve\AppData\Local\Temp\ins7993.tmp.exe_t.exe =>Spyware.AgenceExclusive G2 - GCE: Preference [User Data\Default] [kmhkepipobnjllejbafajoemahjejdcm] iGraal v.1.6.2 (Activé) => Toolbar.iGraal* O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline => Toolbar.Google [HKCU\Software\Condut] => Toolbar.Conduit [HKLM\Software\Wow6432Node\mamverifier] => Toolbar.Mamverifier O43 - CFD: 29/08/2013 - 14:20:30 - [] -SH-D C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} => Toolbar.TuneUp C:\Users\Steeve\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm =>Toolbar.iGraal C:\Users\Steeve\AppData\Local\Temp\01NET.com.exe =>Toolbar.Conduit C:\Users\Steeve\AppData\Local\Temp\conduitinstaller.exe =>Toolbar.Conduit C:\Users\Steeve\AppData\Local\Temp\dlLogic.exe =>Toolbar.Conduit C:\Users\Steeve\AppData\Local\Temp\nse8292.exe =>Toolbar.Conduit C:\Users\Steeve\AppData\Local\Temp\nsjEA7.exe =>Toolbar.Conduit C:\Users\Steeve\AppData\Local\Temp\nso1491.exe =>Toolbar.Conduit C:\Users\Steeve\AppData\Local\Temp\nso8689.exe =>Toolbar.Conduit C:\Users\Steeve\AppData\Local\Temp\nsoC6A4.exe =>Toolbar.Conduit C:\Users\Steeve\AppData\Local\Temp\nsqD918.exe =>Toolbar.Conduit C:\Users\Steeve\AppData\Local\Temp\nsuDF7C.exe =>Toolbar.Conduit C:\Users\Steeve\AppData\Local\Temp\nsv6EF.exe =>Toolbar.Conduit C:\Users\Steeve\AppData\Local\Temp\nsvC6C.exe =>Toolbar.Conduit C:\Users\Steeve\AppData\Local\Temp\nsvDF50.exe =>Toolbar.Conduit C:\Users\Steeve\AppData\Local\Temp\tb01NE.dll =>Toolbar.Conduit Lignes superflues ou inutiles : [MD5.F884ADE2532330098DD3076CB46D0F2E] - (.Pas de propriétaire - DFService.) -- C:\ProgramData\Promo-détective\DFService.exe [141312] [PID.2528] O4 - HKCU\..\Run: [AdobeBridge] Clé orpheline => Orphean Key not necessary O4 - HKUS\S-1-5-21-3557539193-1062163848-3560784203-1000\..\Run: [AdobeBridge] Clé orpheline => Orphean Key not necessary O23 - Service: DiscountfinderService (DiscountfinderService) . (.Pas de propriétaire - DFService.) - C:\ProgramData\Promo-détective\DFService.exe [MD5.00000000000000000000000000000000] [APT] [4801] (...) -- C:\Users\Steeve\AppData\Local\Temp\launchie.vbs \\B (.not file.) [0] => Fichier absent [MD5.00000000000000000000000000000000] [APT] [{4675EBE7-FEC4-4BC6-B3ED-A3103391ED18}] (...) -- C:\Program Files (x86)\Adesign\unins000.exe (.not file.) [0] => Fichier absent [MD5.00000000000000000000000000000000] [APT] [{97A253E2-C0C3-4424-B92D-B2674295E075}] (...) -- C:\Users\Steeve\Desktop\OutlookConnector.exe (.not file.) [0] => Fichier absent [HKCU\Software\MoneyMillionnaire] => MoneyMillionnaire O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Boutique-JOA\boutique-joa.exe (.not file.) => Fichier absent SR - | Auto 22/11/2013 141312 | (DiscountfinderService) . (...) - C:\ProgramData\Promo-détective\DFService.exe => Promo-détective%Discount Finder Service Lignes d'optimisation du démarrage : OPT:O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe OPT:O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe OPT:SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe EmptyClsid Ifeofix Proxyfix FirewallRaz ShortcutFix emptytemp emptyflash