re
1/ a desinstaller sbybot obsolete
Quel est ton antivirus panda defender autres?
2/Lance Farbar
http://zupimages.net/viewer.php?id=18/07/kpov.png
https://zupimages.net/up/18/07/kpov.png
Copies les lignes suivantes dans le cadre rouge
start::
CloseProcesses:
CreateRestorePoint:
C:\Users\jean-\AppData\Local\Temp\~nsu.tmp\Au_.exe
C:\Users\jean-\AppData\Local\Temp\~nsu.tmp\Bu_.exe
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTIONHKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
FF ProfilePath: C:\Users\jean-\AppData\Roaming\Mozilla\Firefox\Profiles\gc3ym74i.default [non trouvé(e)] <==== ATTENTION
FF ProfilePath: C:\Users\jean-\AppData\Roaming\Mozilla\Firefox\Profiles\ngtg853a.dev-edition-default [non trouvé(e)] <==== ATTENTION
FF HKU\S-1-5-21-4265624635-2019933758-61733912-1001\...\SeaMonkey\Extensions: [
mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => non trouvé(e)
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
OPR Extension: (360 Internet Protection) - C:\Users\jean-\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnpeghmjdfdmneiljeibjnemfdkojdhl [2017-12-21]
OPR Extension: (Amazon Assistant for Opera) - C:\Users\jean-\AppData\Roaming\Opera Software\Opera Stable\Extensions\mmmbddcnnndpbdflpccgcknaaabgldak [2017-12-25]
S3 clwvdVM; \SystemRoot\system32\DRIVERS\clwvdVM.sys [X]
S1 epp; \??\Y:\lfs hyper annexe, u mortar de widen & barrow 5\bin64\epp.sys [X]
S3 WinRing0_1_2_0; \??\C:\Users\jean-\AppData\Local\Temp\tmp871.tmp [X] <==== ATTENTION
2018-02-01 17:51 - 2018-02-01 17:51 - 000001133 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2018-02-01 17:51 - 2018-02-01 17:51 - 000000348 _____ C:\WINDOWS\Tasks\GlaryInitialize 5.job
2018-01-31 21:05 - 2018-01-31 21:05 - 000000000 ____D C:\ProgramData\GlarySoft
2018-01-26 09:32 - 2018-01-26 18:02 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2018-01-26 01:02 - 2018-02-02 03:42 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2018-01-26 01:01 - 2018-02-01 17:58 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
ShellIconOverlayIdentifiers: [COSDriveIconOverlay] -> {5FDACB62-6B7B-4116-9403-C5E0D3852A57} => -> Pas de fichier
ShellIconOverlayIdentifiers: [COSSyncItemInSyncIconOverlay] -> {68F287EF-DA6D-4595-AF52-90FF6CE52AFE} => -> Pas de fichier
ShellIconOverlayIdentifiers: [COSSyncItemModifiedIconOverlay] -> {AE67D273-7253-4236-B55E-D40055B305D6} => -> Pas de fichier
ShellIconOverlayIdentifiers: [COSSyncItemNewIconOverlay] -> {022F23E9-DA0F-4A86-A728-CAF6150C0B63} => -> Pas de fichier
ShellIconOverlayIdentifiers: [COSSyncItemUnsynchronizedIconOverlay] -> {4D7EE7CF-E7A1-45FE-8F80-3A37574918D7} => -> Pas de fichier
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiLogger\ZAMShellExt64.dll -> Pas de fichier
ContextMenuHandlers1: [AFPMenu] -> {A99A80A9-C66D-4848-AC5D-4804323868A8} => C:\Program Files (x86)\Anvisoft\Anvi Folder Locker\x64\PwdHelper64.dll -> Pas de fichier
ContextMenuHandlers1: [Anvi Smart Defender] -> {0BB37A67-F062-4F69-8C52-80ADDD64281F} => -> Pas de fichier
ContextMenuHandlers1-x32: [CELERITASWMSecureExt] -> {871722EA-997E-4277-B1F0-C2CB37D2E585} => C:\Program Files (x86)\SupersonicPC\SolvusoftWMSecureShell.dll -> Pas de fichier
ContextMenuHandlers1-x32: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers1-x32: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers1-x32: [SecureExt] -> {D23C3BA7-6DC3-4DDF-9BDF-12599E852A40} => -> Pas de fichier
ContextMenuHandlers1-x32: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> Pas de fichier
ContextMenuHandlers2-x32: [Glarysoft MalwareHunter] -> {EA847F47-97F1-4D78-AB99-C63CA1C327F0} => C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\MHContextHandlerx64.dll -> Pas de fichier
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiLogger\ZAMShellExt64.dll -> Pas de fichier
ContextMenuHandlers6: [AFPMenu] -> {A99A80A9-C66D-4848-AC5D-4804323868A8} => C:\Program Files (x86)\Anvisoft\Anvi Folder Locker\x64\PwdHelper64.dll -> Pas de fichier
ContextMenuHandlers6-x32: [CELERITASWMSecureExt] -> {871722EA-997E-4277-B1F0-C2CB37D2E585} => C:\Program Files (x86)\SupersonicPC\SolvusoftWMSecureShell.dll -> Pas de fichier
Task: {2EE7960D-9861-4C98-AE82-65536BF26597} - \Wondershare\1-Click PC Care\Check 1-Click PC Care subscription expired for jean- -> Pas de fichier <==== ATTENTION
Task: C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
2018-02-05 17:31 - 2018-01-02 18:12 - 000058125 _____ () C:\Users\jean-\AppData\Local\Temp\~nsu.tmp\Au_.exe
2018-02-05 17:34 - 2017-08-18 08:47 - 000180672 _____ () C:\Users\jean-\AppData\Local\Temp\~nsu.tmp\Bu_.exe
DeleteKey: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\UFH_is1
DeleteKey: HKLM\SOFTWARE\Speedchecker Limited
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Speedchecker Limited
DeleteKey: HKCU\SOFTWARE\Speedchecker Limited
C:\Program Files\WebBarMedia
C:\Program Files (x86)\QuickTime
C:\Program Files (x86)\Unknown File Handler
C:\WINDOWS\Prefetch\EASYDOCMERGE.CD1E728186CA4153-4A9ADCDC.pf
DeleteKey: HKLM\Software\Classes\Installer\Products\DF0BF511A0A162C4287A6A86A997B99B
DeleteKey: HKLM\Software\Classes\Installer\Futures\DF0BF511A0A162C4287A6A86A997B99B
DeleteKey: HKCU\Software\Microsoft\Installer\Products\DF0BF511A0A162C4287A6A86A997B99B
DeleteKey: HKCU\Software\Microsoft\Installer\Futures\DF0BF511A0A162C4287A6A86A997B99B
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\UFH_is1
DeleteKey: HKCU\Software\Microsoft\Installer\Products\DF0BF511A0A162C4287A6A86A997B99B
DeleteKey: HKCU\Software\Microsoft\Installer\Features\DF0BF511A0A162C4287A6A86A997B99B
DeleteKey: HKU\S-1-5-21-4265624635-2019933758-61733912-1001\Software\Microsoft\Installer\Products\DF0BF511A0A162C4287A6A86A997B99B
DeleteKey: HKU\S-1-5-21-4265624635-2019933758-61733912-1001\Software\Microsoft\Installer\Features\DF0BF511A0A162C4287A6A86A997B99B
DeleteKey: HKLM\SYSTEM\CurrentControlSet\Services\Suite Service
C:\Program Files (x86)\Fighters\FighterSuiteService.exe
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{196691DB-6FF1-4981-A250-223B66A25BB0}
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{196691DB-6FF1-4981-A250-223B66A25BB0}
C:\Windows\System32\Tasks\SoftwareInformerService
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B812215-72CE-4B75-932F-2897A86AB54E}
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{3B812215-72CE-4B75-932F-2897A86AB54E}
C:\Windows\System32\Tasks\Avira_Antivirus_Systray
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{723C2983-975F-4053-8B7C-AC0BBE2CC948}
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{723C2983-975F-4053-8B7C-AC0BBE2CC948}
C:\Windows\System32\Tasks\Advance-PC-Care_Logon
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C27CD216-698B-48F1-B145-485F1C7BCF01}
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{C27CD216-698B-48F1-B145-485F1C7BCF01}
C:\Windows\System32\Tasks\ByteFence
DeleteValue: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|TweakBit\Internet Optimizer\Start Internet Optimizer ?n logon
DeleteValue: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|WinSweep
U:\WinSweeper\WinSweeper.exe
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|PSUAMain
DeleteValue: HKU\S-1-5-21-4265624635-2019933758-61733912-1001\Software\Microsoft\Windows\CurrentVersion\Run|TweakBit\Internet Optimizer\Start Internet Optimizer ?n logon
DeleteValue: HKU\S-1-5-21-4265624635-2019933758-61733912-1001\Software\Microsoft\Windows\CurrentVersion\Run|WinSweep
C:\Program Files (x86)\Accelerer PC\PCSUService.exe
C:\Users\Administrateur\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WinSweeper.lnk
C:\Users\jean-\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WinSweeper.lnk
C:\Users\WDAGUtilityAccount\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WinSweeper.lnk
C:\Users\Public\Desktop\WinSweeper.lnk
DeleteKey: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1 {38DAA78A576DABBDCD8F1241733FE17F}
DeleteKey: HKCU\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\EasyDocMergeTooltab Uninstall Internet Explorer
DeleteKey: HKLM\SOFTWARE\SlimWare Utilities Inc
DeleteKey: HKLM\SOFTWARE\WOW6432Node\SlimWare Utilities Inc
DeleteKey: HKCU\SOFTWARE\Bitberry
DeleteKey: HKCU\SOFTWARE\EasyDocMerge
DeleteKey: HKCU\SOFTWARE\Smart PC Solutions
C:\Program Files\WinZip Driver Updater
C:\Program Files (x86)\Accelerer PC {38DAA78A576DABBDCD8F1241733FE17F}
C:\Program Files (x86)\Fighters
C:\Program Files (x86)\GreenTree Applications
C:\Program Files (x86)\Smart Privacy Cleaner
C:\Program Files (x86)\Webteh
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accelerer PC
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
C:\ProgramData\Fighters
C:\Users\jean-\AppData\Roaming\Fighters
C:\Users\jean-\AppData\Local\AdvinstAnalytics
C:\WINDOWS\Prefetch\PCSUSD.EXE-C9AFF73D.pf
C:\WINDOWS\Prefetch\PCSUSERVICE.EXE-80603897.pf
C:\WINDOWS\Prefetch\PCSUSPEEDTEST.EXE-D62B7527.pf
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Anvi Smart Defender
DeleteKey: HKLM\Software\Classes\CLSID\{0BB37A67-F062-4F69-8C52-80ADDD64281F} <== Reinstall Software Anvi Smart Defender
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\CELERITASWMSecureExt
DeleteKey: HKLM\Software\Classes\CLSID\{871722EA-997E-4277-B1F0-C2CB37D2E585} <== Reinstall Software CELERITASWMSecureExt
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\s <== Reinstall Software s
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SecureExt
DeleteKey: HKLM\Software\Classes\CLSID\{D23C3BA7-6DC3-4DDF-9BDF-12599E852A40} <== Reinstall Software SecureExt
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\UAContextMenu
DeleteKey: HKLM\Software\Classes\CLSID\{A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} <== Reinstall Software UAContextMenu
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32
DeleteKey: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} <== Reinstall Software WinRAR32
DeleteKey: HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\FAExt
DeleteKey: HKLM\Software\Classes\CLSID\{05672D66-9736-42F5-8BEB-FA1DD3CA51C4} <== Reinstall Software FAExt
DeleteKey: HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\s <== Reinstall Software s
DeleteKey: HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\SysToolsContextMenu
DeleteKey: HKLM\Software\Classes\CLSID\{6EF0A369-CCC5-4AC4-8B42-525F10722D9E} <== Reinstall Software SysToolsContextMenu
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\CELERITASWMSecureExt
DeleteKey: HKLM\Software\Classes\CLSID\{871722EA-997E-4277-B1F0-C2CB37D2E585} <== Reinstall Software CELERITASWMSecureExt
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\FolderShine
DeleteKey: HKLM\Software\Classes\CLSID\{4EF063FB-1F91-4FD1-996B-05E65220D36B} <== Reinstall Software FolderShine
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32
DeleteKey: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} <== Reinstall Software WinRAR32
DeleteKey: HKLM\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\CELERITASWMSecureExt
DeleteKey: HKLM\Software\Classes\CLSID\{871722EA-997E-4277-B1F0-C2CB37D2E585} <== Reinstall Software CELERITASWMSecureExt
DeleteKey: HKLM\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\s <== Reinstall Software s
C:\Users\jean-\Desktop\pcspeedup_0d0fb4c3fe3646d489cbb872e8b00b70_.exe
DeleteKey: HKLM\SOFTWARE\Wow6432Node\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1
DeleteKey: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\EasyDocMergeTooltab Uninstall Internet Explorer
C:\Program Files (x86)\Accelerer PC
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\2.0 Zemana AntiMalware
DeleteKey: HKLM\Software\Classes\CLSID\{6ABB1C11-E261-4CEA-BBB5-3836225689DD}
DeleteKey: HKLM\Software\Wow6432Node\Classes\CLSID\{6ABB1C11-E261-4CEA-BBB5-3836225689DD}
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\AFPMenu
DeleteKey: HKLM\Software\Wow6432Node\Classes\CLSID\{A99A80A9-C66D-4848-AC5D-4804323868A8}
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Anvi Smart Defender
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\CELERITASWMSecureExt
DeleteKey: HKLM\Software\Classes\CLSID\{871722EA-997E-4277-B1F0-C2CB37D2E585}
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Glarysoft MalwareHunter
DeleteKey: HKLM\Software\Classes\CLSID\{EA847F47-97F1-4D78-AB99-C63CA1C327F0}
DeleteKey: HKLM\Software\Wow6432Node\Classes\CLSID\{EA847F47-97F1-4D78-AB99-C63CA1C327F0}
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Meo
DeleteKey: HKLM\Software\Wow6432Node\Classes\CLSID\{52E78CED-AA61-7C26-A51D-67C4D96349B9}
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\s
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SecureExt
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\UAContextMenu
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32
DeleteKey: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
DeleteKey: HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\FAExt
DeleteKey: HKLM\Software\Classes\CLSID\{05672D66-9736-42F5-8BEB-FA1DD3CA51C4}
DeleteKey: HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\s
DeleteKey: HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\SysToolsContextMenu
DeleteKey: HKLM\Software\Classes\CLSID\{6EF0A369-CCC5-4AC4-8B42-525F10722D9E}
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\2.0 Zemana AntiMalware
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\AFPMenu
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\CELERITASWMSecureExt
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\FolderShine
DeleteKey: HKLM\Software\Classes\CLSID\{4EF063FB-1F91-4FD1-996B-05E65220D36B}
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Glarysoft MalwareHunter
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Meo
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32
DeleteKey: HKLM\Software\Classes\Drive\shellex\ContextMenuHandlers\AFPMenu
DeleteKey: HKLM\Software\Classes\Drive\shellex\ContextMenuHandlers\CELERITASWMSecureExt
DeleteKey: HKLM\Software\Classes\Drive\shellex\ContextMenuHandlers\Glarysoft MalwareHunter
DeleteKey: HKLM\Software\Classes\Drive\shellex\ContextMenuHandlers\s
EmptyTemp:
end::
Corrige et heberge le rapport fixlog
@+
Télécharge ZHPCleaner de Nicolas Coolman sur ton bureau
FLTL_BYEl Magnifico
