Publicité
Publicité
Format du document : text/plain
Prévisualisation
Script ZHPFix
Lignes indésirables :
M0 - MFSP: prefs.js [Adam - driak909.default] https://mysearch.avg.com?cid={D7AB00CB-57F5-441F-8AD2-EB1EEF603362}&mid=e551e14f99c347cd86f6a9837f2c6111-f19c80e56f975f2b4708405712c74117c8eeb0ec&lang=fr&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2015-01-29 09:42:01&v=4.1.0.411&pid=wtu&sg=&sap=hp => Adware.MyWebSearch*
O42 - Logiciel: Video Downloader version 1.9.0.24 - (.Video Downloader.) [HKLM][64Bits] -- Video Downloader_is1 =>PUP.VideoDownloader
O42 - Logiciel: FlashPlayer - (.Tuguu SL.) [HKLM][64Bits] -- {BA8B8ADA-084F-4F79-A0CA-6E58A0808794} => PUP.VAFPlayer
HKLM\SOFTWARE\Wow6432Node\BoostSoftware => Infection PUP (PUP.PCHealthBoost)
HKLM\SOFTWARE\Wow6432Node\Systweak =>PUP.Systweak
HKCU\SOFTWARE\Tuguu SL =>PUP.VAFPlayer
HKCU\SOFTWARE\AppDataLow\Software\Conduit =>PUP.Conduit
HKCU\SOFTWARE\AppDataLow\Software\Smartbar =>Hijacker.SmartBar
O43 - CFD: 2013/03/26 - 15:41:47 - [] D -- C:\Program Files (x86)\Tuguu SL =>PUP.VAFPlayer
O43 - CFD: 2013/12/15 - 16:12:17 - [] D -- C:\Program Files (x86)\Video Downloader => PUP.VideoDownloader
O43 - CFD: 2013/01/01 - 22:29:14 - [0] D -- C:\Program Files (x86)\WinZip Registry Optimizer =>Crapware.WinZipRegistry
O43 - CFD: 2013/12/15 - 16:12:18 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Downloader => PUP.VideoDownloader
O43 - CFD: 2014/12/13 - 19:43:57 - [0] D -- C:\ProgramData\BoostSoftware =>PUP.PCHealthBoost
O43 - CFD: 2014/09/21 - 15:11:50 - [0] D -- C:\Users\Adam\AppData\Roaming\Systweak =>PUP.Systweak
O43 - CFD: 2012/01/08 - 19:10:49 - [0] D -- C:\Users\Adam\AppData\Local\PackageAware =>PUP.BearShare
O43 - CFD: 2014/09/01 - 19:26:05 - [0] D -- C:\Users\Adam\AppData\Local\StormFall =>Adware.StormFall
O43 - CFD: 2015/06/25 - 00:20:13 - [] D -- C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Downloader => PUP.VideoDownloader
O61 - LFC: 2012/01/08 - 19:27:41 A . (.Bandoo Media Inc..) -- C:\Users\Adam\Downloads\iLividSetupV1.exe [2063040] =>Adware.Bandoo
O61 - LFC: 2014/09/05 - 17:11:08 A . (.Reimage®.) -- C:\Users\Adam\Downloads\ReimageRepair (1).exe [853960] =>PUP.ReImageRepair
O61 - LFC: 2014/09/05 - 17:10:35 A . (.Reimage®.) -- C:\Users\Adam\Downloads\ReimageRepair.exe [853960] =>PUP.ReImageRepair
O61 - LFC: 1998/10/28 - 23:50:38 A . (..) -- C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\COKTEL\Configuration 3D.exe [269824] => Infection Diverse (Possible)
O61 - LFC: 1998/07/16 - 17:28:30 A . (..) -- C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\COKTEL\Désinstalleur Coktel.exe [370176] => Infection Diverse (Possible)
O61 - LFC: 1997/07/30 - 14:46:46 A . (..) -- C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\COKTEL\Désinstalleur_Coktel.exe [387584] => Infection Diverse (Possible)
O61 - LFC: 2013/03/05 - 08:36:54 A . (.Conduit Ltd..) -- C:\Users\Adam\AppData\LocalLow\Vgrabber_v1\hktbVgra.dll [1081600] =>PUP.vGrabber
O61 - LFC: 2013/03/05 - 08:37:12 A . (.Conduit Ltd..) -- C:\Users\Adam\AppData\LocalLow\Vgrabber_v1\ldrtbVgra.dll [334080] =>PUP.vGrabber
O61 - LFC: 2013/03/05 - 08:36:52 A . (.Conduit Ltd..) -- C:\Users\Adam\AppData\LocalLow\Vgrabber_v1\tbVgra.dll [5060864] =>PUP.vGrabber
O61 - LFC: 2013/02/04 - 10:21:24 A . (.PriceGong.) -- C:\Users\Adam\AppData\LocalLow\Vgrabber_v1\plugins\5E1360DC-8FA8-40df-A8CD-FC3831B3634B\3.6.8\bin\PriceGongIE.dll [462904] =>PUP.vGrabber
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3220468.isPerformedSmartBarTransition", "true"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3220468.originalSearchAddressUrl", "http://dts.search-results.com/sr?src=ffb&gct=ds&appid=394&systemid=406&apn_dtid=B[...] =>Adware.Bandoo
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3220468.smartbar.CTID", "CT3220468"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3220468.smartbar.Uninstall", "0"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3220468.smartbar.homepage", true); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3220468.smartbar.toolbarName", "uTorrentControl_v2 "); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3268934.mam_gk_appState_PriceGong.enc", "b24="); =>Adware.PriceGong
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3268934.mam_gk_appState_WindowShopper.enc", "b24="); =>Adware.ShoppingReport
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3268934.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"http://Vgrabber[...] =>PUP.vGrabber
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3268934.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"Vgrabber v1\"}"[...] =>PUP.vGrabber
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3268934.smartbar.CTID", "CT3268934"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3268934.smartbar.Uninstall", "0"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3268934.smartbar.homepage", true); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3268934.smartbar.toolbarName", "Vgrabber v1 "); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3287768.mam_gk_appState_PriceGong.enc", "b24="); =>Adware.PriceGong
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3287768.mam_gk_appState_WindowShopper.enc", "b24="); =>Adware.ShoppingReport
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3287768.originalSearchAddressUrl", "http://dts.search-results.com/sr?src=ffb&gct=ds&appid=394&systemid=406&apn_dtid=B[...] =>Adware.Bandoo
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3287768.smartbar.CTID", "CT3287768"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3287768.smartbar.Uninstall", "0"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3287768.smartbar.homepage", true); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3287768.smartbar.toolbarName", "MixiDJ V4 "); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("DataMngr.Updater.Enabled", "true"); =>PUP.Datamngr
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("Smartbar.SearchFromAddressBarSavedUrl", "http://dts.search-results.com/sr?src=ffb&appid=210&systemid=406&sr=0&q="); =>Adware.Bandoo
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("Smartbar.TBHomepagesList", ""); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("Smartbar.TBSearchEngineList", ""); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("Smartbar.TBSearchUrlList", ""); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("Smartbar.keywordURLSelectedCTID", "CT3287768"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("extensions.srchlsrn.hmpgUrl", "http://Lasaoren.com/?f=1&a=lrn_clickconnect_14_46_ie&cd=2XzuyEtN2Y1L1Qzu0Czz0B0C0Czz0B0A[...] =>PUP.Lasaoren
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("extensions.srchlsrn.newTabUrl", "http://Lasaoren.com/?f=2&a=lrn_clickconnect_14_46_ie&cd=2XzuyEtN2Y1L1Qzu0Czz0B0C0Czz0B[...] =>PUP.Lasaoren
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("extensions.srchlsrn.prtnrId", "WSE_Lasaoren"); =>PUP.Lasaoren
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("extensions.srchlsrn.srchPrvdr", "Lasaoren"); =>PUP.Lasaoren
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("extensions.srchlsrn.tlbrSrchUrl", "http://Lasaoren.com/?f=3&a=lrn_clickconnect_14_46_ie&cd=2XzuyEtN2Y1L1Qzu0Czz0B0C0Czz[...] =>PUP.Lasaoren
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("smartBar.searchInNewTabOwner", "CT3287768"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("smartbar.addressBarOwnerCTID", "CT3287768"); =>Hijacker.SmartBar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetup[1]_RASAPI32 =>Adware.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetup[1]_RASMANCS =>Adware.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Video Downloader_is1 =>PUP.VideoDownloader
HKLM\SOFTWARE\Wow6432Node\Systweak =>PUP.Systweak
HKCU\SOFTWARE\Tuguu SL =>PUP.VAFPlayer
HKCU\SOFTWARE\AppDataLow\Software\Conduit =>PUP.Conduit =>PUP.Conduit
HKCU\SOFTWARE\AppDataLow\Software\Smartbar =>Hijacker.SmartBar =>Hijacker.SmartBar
C:\Program Files (x86)\Tuguu SL =>PUP.VAFPlayer
C:\Program Files (x86)\WinZip Registry Optimizer =>Crapware.WinZipRegistry
C:\ProgramData\BoostSoftware =>PUP.PCHealthBoost
C:\Users\Adam\AppData\Roaming\Systweak =>PUP.Systweak
C:\Users\Adam\AppData\Local\PackageAware =>PUP.BearShare
C:\Users\Adam\AppData\Local\StormFall =>Adware.StormFall
C:\Users\Adam\Downloads\iLividSetupV1.exe =>Adware.Bandoo
C:\Users\Adam\Downloads\ReimageRepair (1).exe =>PUP.ReImageRepair
C:\Users\Adam\Downloads\ReimageRepair.exe =>PUP.ReImageRepair
C:\Users\Adam\AppData\LocalLow\Vgrabber_v1\hktbVgra.dll =>PUP.vGrabber
C:\Users\Adam\AppData\LocalLow\Vgrabber_v1\ldrtbVgra.dll =>PUP.vGrabber
C:\Users\Adam\AppData\LocalLow\Vgrabber_v1\tbVgra.dll =>PUP.vGrabber
C:\Users\Adam\AppData\LocalLow\Vgrabber_v1\plugins\5E1360DC-8FA8-40df-A8CD-FC3831B3634B\3.6.8\bin\PriceGongIE.dll =>PUP.vGrabber
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetup[1]_RASAPI32 =>Adware.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetup[1]_RASMANCS =>Adware.Bandoo
P2 - FPN: [HKLM] [@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] - (...) -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.4.0\\npsitesafety.dll
O42 - Logiciel: AVG Web TuneUp - (.AVG Technologies.) [HKLM][64Bits] -- AVG Web TuneUp
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
HKLM\SOFTWARE\Wow6432Node\AVG Web TuneUp
HKCU\SOFTWARE\AVG Web TuneUp
HKCU\SOFTWARE\AppDataLow\Software\BackgroundContainer
O43 - CFD: 2015/07/03 - 19:48:11 - [] D -- C:\Program Files (x86)\AVG Web TuneUp
O43 - CFD: 2015/01/29 - 10:42:16 - [] D -- C:\ProgramData\AVG Web TuneUp
O43 - CFD: 2015/01/30 - 23:11:27 - [] D -- C:\Users\Adam\AppData\Local\AVG Web TuneUp
O61 - LFC: 2011/07/24 - 04:25:34 A . (.Conduit Ltd..) -- C:\Users\Adam\AppData\LocalLow\WeLoveFilms_-_US\ldrtbWeLo.dll [263464]
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("browser.search.defaultenginename", "AVG Secure Search");
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("browser.search.order.1", "Ask.com");
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("browser.search.selectedEngine", "AVG Secure Search");
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp
HKLM\SOFTWARE\Wow6432Node\AVG Web TuneUp
HKCU\SOFTWARE\AVG Web TuneUp
C:\Program Files (x86)\AVG Web TuneUp
C:\ProgramData\AVG Web TuneUp
C:\Users\Adam\AppData\Local\AVG Web TuneUp
Lignes superflues ou inutiles :
M1 - SPR:Search Page Redirection - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak
O2 - BHO: WeLoveFilms - US [64Bits] - {064b7c36-a156-4233-8d06-921f8a60fb6a} (Orphean)
O2 - BHO: (no name) [64Bits] - {451C804F-C205-4F03-B48E-537EC94937BF} (Orphean)
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
O3 - Toolbar: WeLoveFilms - US Toolbar - [HKLM]{064b7c36-a156-4233-8d06-921f8a60fb6a} . (...) -- (.not file.) => Fichier absent
O3 - Toolbar: FreezbGames B Toolbar - [HKLM]{15183e47-09e8-49a5-b8c2-f4dd9356c3e8} . (...) -- (.not file.) => Fichier absent
HKCU\SOFTWARE\UpdateStar => UpdateStar
O61 - LFC: 2015/06/24 - 22:12:50 RA . (..) -- C:\Users\Adam\Downloads\@VG_PC_TuneUp_2015.0.1001.518\AVG.PC.TuneUp.2015.Keygen.REPT\Keygen.exe [684544]
Lignes d'optimisation du démarrage :
EmptyClsid
Proxyfix
FirewallRaz
ShortcutFix
emptytemp
emptyflash
Lignes indésirables :
M0 - MFSP: prefs.js [Adam - driak909.default] https://mysearch.avg.com?cid={D7AB00CB-57F5-441F-8AD2-EB1EEF603362}&mid=e551e14f99c347cd86f6a9837f2c6111-f19c80e56f975f2b4708405712c74117c8eeb0ec&lang=fr&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2015-01-29 09:42:01&v=4.1.0.411&pid=wtu&sg=&sap=hp => Adware.MyWebSearch*
O42 - Logiciel: Video Downloader version 1.9.0.24 - (.Video Downloader.) [HKLM][64Bits] -- Video Downloader_is1 =>PUP.VideoDownloader
O42 - Logiciel: FlashPlayer - (.Tuguu SL.) [HKLM][64Bits] -- {BA8B8ADA-084F-4F79-A0CA-6E58A0808794} => PUP.VAFPlayer
HKLM\SOFTWARE\Wow6432Node\BoostSoftware => Infection PUP (PUP.PCHealthBoost)
HKLM\SOFTWARE\Wow6432Node\Systweak =>PUP.Systweak
HKCU\SOFTWARE\Tuguu SL =>PUP.VAFPlayer
HKCU\SOFTWARE\AppDataLow\Software\Conduit =>PUP.Conduit
HKCU\SOFTWARE\AppDataLow\Software\Smartbar =>Hijacker.SmartBar
O43 - CFD: 2013/03/26 - 15:41:47 - [] D -- C:\Program Files (x86)\Tuguu SL =>PUP.VAFPlayer
O43 - CFD: 2013/12/15 - 16:12:17 - [] D -- C:\Program Files (x86)\Video Downloader => PUP.VideoDownloader
O43 - CFD: 2013/01/01 - 22:29:14 - [0] D -- C:\Program Files (x86)\WinZip Registry Optimizer =>Crapware.WinZipRegistry
O43 - CFD: 2013/12/15 - 16:12:18 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Downloader => PUP.VideoDownloader
O43 - CFD: 2014/12/13 - 19:43:57 - [0] D -- C:\ProgramData\BoostSoftware =>PUP.PCHealthBoost
O43 - CFD: 2014/09/21 - 15:11:50 - [0] D -- C:\Users\Adam\AppData\Roaming\Systweak =>PUP.Systweak
O43 - CFD: 2012/01/08 - 19:10:49 - [0] D -- C:\Users\Adam\AppData\Local\PackageAware =>PUP.BearShare
O43 - CFD: 2014/09/01 - 19:26:05 - [0] D -- C:\Users\Adam\AppData\Local\StormFall =>Adware.StormFall
O43 - CFD: 2015/06/25 - 00:20:13 - [] D -- C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Downloader => PUP.VideoDownloader
O61 - LFC: 2012/01/08 - 19:27:41 A . (.Bandoo Media Inc..) -- C:\Users\Adam\Downloads\iLividSetupV1.exe [2063040] =>Adware.Bandoo
O61 - LFC: 2014/09/05 - 17:11:08 A . (.Reimage®.) -- C:\Users\Adam\Downloads\ReimageRepair (1).exe [853960] =>PUP.ReImageRepair
O61 - LFC: 2014/09/05 - 17:10:35 A . (.Reimage®.) -- C:\Users\Adam\Downloads\ReimageRepair.exe [853960] =>PUP.ReImageRepair
O61 - LFC: 1998/10/28 - 23:50:38 A . (..) -- C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\COKTEL\Configuration 3D.exe [269824] => Infection Diverse (Possible)
O61 - LFC: 1998/07/16 - 17:28:30 A . (..) -- C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\COKTEL\Désinstalleur Coktel.exe [370176] => Infection Diverse (Possible)
O61 - LFC: 1997/07/30 - 14:46:46 A . (..) -- C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\COKTEL\Désinstalleur_Coktel.exe [387584] => Infection Diverse (Possible)
O61 - LFC: 2013/03/05 - 08:36:54 A . (.Conduit Ltd..) -- C:\Users\Adam\AppData\LocalLow\Vgrabber_v1\hktbVgra.dll [1081600] =>PUP.vGrabber
O61 - LFC: 2013/03/05 - 08:37:12 A . (.Conduit Ltd..) -- C:\Users\Adam\AppData\LocalLow\Vgrabber_v1\ldrtbVgra.dll [334080] =>PUP.vGrabber
O61 - LFC: 2013/03/05 - 08:36:52 A . (.Conduit Ltd..) -- C:\Users\Adam\AppData\LocalLow\Vgrabber_v1\tbVgra.dll [5060864] =>PUP.vGrabber
O61 - LFC: 2013/02/04 - 10:21:24 A . (.PriceGong.) -- C:\Users\Adam\AppData\LocalLow\Vgrabber_v1\plugins\5E1360DC-8FA8-40df-A8CD-FC3831B3634B\3.6.8\bin\PriceGongIE.dll [462904] =>PUP.vGrabber
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3220468.isPerformedSmartBarTransition", "true"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3220468.originalSearchAddressUrl", "http://dts.search-results.com/sr?src=ffb&gct=ds&appid=394&systemid=406&apn_dtid=B[...] =>Adware.Bandoo
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3220468.smartbar.CTID", "CT3220468"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3220468.smartbar.Uninstall", "0"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3220468.smartbar.homepage", true); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3220468.smartbar.toolbarName", "uTorrentControl_v2 "); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3268934.mam_gk_appState_PriceGong.enc", "b24="); =>Adware.PriceGong
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3268934.mam_gk_appState_WindowShopper.enc", "b24="); =>Adware.ShoppingReport
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3268934.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"http://Vgrabber[...] =>PUP.vGrabber
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3268934.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"Vgrabber v1\"}"[...] =>PUP.vGrabber
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3268934.smartbar.CTID", "CT3268934"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3268934.smartbar.Uninstall", "0"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3268934.smartbar.homepage", true); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3268934.smartbar.toolbarName", "Vgrabber v1 "); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3287768.mam_gk_appState_PriceGong.enc", "b24="); =>Adware.PriceGong
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3287768.mam_gk_appState_WindowShopper.enc", "b24="); =>Adware.ShoppingReport
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3287768.originalSearchAddressUrl", "http://dts.search-results.com/sr?src=ffb&gct=ds&appid=394&systemid=406&apn_dtid=B[...] =>Adware.Bandoo
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3287768.smartbar.CTID", "CT3287768"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3287768.smartbar.Uninstall", "0"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3287768.smartbar.homepage", true); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("CT3287768.smartbar.toolbarName", "MixiDJ V4 "); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("DataMngr.Updater.Enabled", "true"); =>PUP.Datamngr
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("Smartbar.SearchFromAddressBarSavedUrl", "http://dts.search-results.com/sr?src=ffb&appid=210&systemid=406&sr=0&q="); =>Adware.Bandoo
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("Smartbar.TBHomepagesList", ""); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("Smartbar.TBSearchEngineList", ""); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("Smartbar.TBSearchUrlList", ""); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("Smartbar.keywordURLSelectedCTID", "CT3287768"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("extensions.srchlsrn.hmpgUrl", "http://Lasaoren.com/?f=1&a=lrn_clickconnect_14_46_ie&cd=2XzuyEtN2Y1L1Qzu0Czz0B0C0Czz0B0A[...] =>PUP.Lasaoren
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("extensions.srchlsrn.newTabUrl", "http://Lasaoren.com/?f=2&a=lrn_clickconnect_14_46_ie&cd=2XzuyEtN2Y1L1Qzu0Czz0B0C0Czz0B[...] =>PUP.Lasaoren
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("extensions.srchlsrn.prtnrId", "WSE_Lasaoren"); =>PUP.Lasaoren
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("extensions.srchlsrn.srchPrvdr", "Lasaoren"); =>PUP.Lasaoren
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("extensions.srchlsrn.tlbrSrchUrl", "http://Lasaoren.com/?f=3&a=lrn_clickconnect_14_46_ie&cd=2XzuyEtN2Y1L1Qzu0Czz0B0C0Czz[...] =>PUP.Lasaoren
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("smartBar.searchInNewTabOwner", "CT3287768"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("smartbar.addressBarOwnerCTID", "CT3287768"); =>Hijacker.SmartBar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetup[1]_RASAPI32 =>Adware.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetup[1]_RASMANCS =>Adware.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Video Downloader_is1 =>PUP.VideoDownloader
HKLM\SOFTWARE\Wow6432Node\Systweak =>PUP.Systweak
HKCU\SOFTWARE\Tuguu SL =>PUP.VAFPlayer
HKCU\SOFTWARE\AppDataLow\Software\Conduit =>PUP.Conduit =>PUP.Conduit
HKCU\SOFTWARE\AppDataLow\Software\Smartbar =>Hijacker.SmartBar =>Hijacker.SmartBar
C:\Program Files (x86)\Tuguu SL =>PUP.VAFPlayer
C:\Program Files (x86)\WinZip Registry Optimizer =>Crapware.WinZipRegistry
C:\ProgramData\BoostSoftware =>PUP.PCHealthBoost
C:\Users\Adam\AppData\Roaming\Systweak =>PUP.Systweak
C:\Users\Adam\AppData\Local\PackageAware =>PUP.BearShare
C:\Users\Adam\AppData\Local\StormFall =>Adware.StormFall
C:\Users\Adam\Downloads\iLividSetupV1.exe =>Adware.Bandoo
C:\Users\Adam\Downloads\ReimageRepair (1).exe =>PUP.ReImageRepair
C:\Users\Adam\Downloads\ReimageRepair.exe =>PUP.ReImageRepair
C:\Users\Adam\AppData\LocalLow\Vgrabber_v1\hktbVgra.dll =>PUP.vGrabber
C:\Users\Adam\AppData\LocalLow\Vgrabber_v1\ldrtbVgra.dll =>PUP.vGrabber
C:\Users\Adam\AppData\LocalLow\Vgrabber_v1\tbVgra.dll =>PUP.vGrabber
C:\Users\Adam\AppData\LocalLow\Vgrabber_v1\plugins\5E1360DC-8FA8-40df-A8CD-FC3831B3634B\3.6.8\bin\PriceGongIE.dll =>PUP.vGrabber
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetup[1]_RASAPI32 =>Adware.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetup[1]_RASMANCS =>Adware.Bandoo
P2 - FPN: [HKLM] [@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] - (...) -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.4.0\\npsitesafety.dll
O42 - Logiciel: AVG Web TuneUp - (.AVG Technologies.) [HKLM][64Bits] -- AVG Web TuneUp
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
HKLM\SOFTWARE\Wow6432Node\AVG Web TuneUp
HKCU\SOFTWARE\AVG Web TuneUp
HKCU\SOFTWARE\AppDataLow\Software\BackgroundContainer
O43 - CFD: 2015/07/03 - 19:48:11 - [] D -- C:\Program Files (x86)\AVG Web TuneUp
O43 - CFD: 2015/01/29 - 10:42:16 - [] D -- C:\ProgramData\AVG Web TuneUp
O43 - CFD: 2015/01/30 - 23:11:27 - [] D -- C:\Users\Adam\AppData\Local\AVG Web TuneUp
O61 - LFC: 2011/07/24 - 04:25:34 A . (.Conduit Ltd..) -- C:\Users\Adam\AppData\LocalLow\WeLoveFilms_-_US\ldrtbWeLo.dll [263464]
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("browser.search.defaultenginename", "AVG Secure Search");
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("browser.search.order.1", "Ask.com");
O69 - SBI: prefs.js [Adam - driak909.default] user_pref("browser.search.selectedEngine", "AVG Secure Search");
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp
HKLM\SOFTWARE\Wow6432Node\AVG Web TuneUp
HKCU\SOFTWARE\AVG Web TuneUp
C:\Program Files (x86)\AVG Web TuneUp
C:\ProgramData\AVG Web TuneUp
C:\Users\Adam\AppData\Local\AVG Web TuneUp
Lignes superflues ou inutiles :
M1 - SPR:Search Page Redirection - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak
O2 - BHO: WeLoveFilms - US [64Bits] - {064b7c36-a156-4233-8d06-921f8a60fb6a} (Orphean)
O2 - BHO: (no name) [64Bits] - {451C804F-C205-4F03-B48E-537EC94937BF} (Orphean)
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
O3 - Toolbar: WeLoveFilms - US Toolbar - [HKLM]{064b7c36-a156-4233-8d06-921f8a60fb6a} . (...) -- (.not file.) => Fichier absent
O3 - Toolbar: FreezbGames B Toolbar - [HKLM]{15183e47-09e8-49a5-b8c2-f4dd9356c3e8} . (...) -- (.not file.) => Fichier absent
HKCU\SOFTWARE\UpdateStar => UpdateStar
O61 - LFC: 2015/06/24 - 22:12:50 RA . (..) -- C:\Users\Adam\Downloads\@VG_PC_TuneUp_2015.0.1001.518\AVG.PC.TuneUp.2015.Keygen.REPT\Keygen.exe [684544]
Lignes d'optimisation du démarrage :
EmptyClsid
Proxyfix
FirewallRaz
ShortcutFix
emptytemp
emptyflash