Diagnostique possibilité virus. Fermé

Question

Bonjour, 
Je penses que mon pc est infesté de virus car il rame beaucoup et est très lent. 
voici le diagnostique fait avec ZHPDiag.

http://www.cijoint.fr/cjlink.php?file=cj201111/cijR5BZSyY.txt

Merci d'avance pour le temps que vous m'accorderez. 

Configuration: Windows XP / Firefox 7.0.1

Utilisateur anonyme · Answer

slt
je n'ai rien sur ton lien,as tu fait un scan malawer?

Utilisateur anonyme · Answer

bonjour,

?	Télécharger et enregistre ADWcleaner sur ton bureau (Merci à Xplode) :

http://general-changelog-team.fr/telechargements/logiciels/viewdownload/75-outils-de-xplode/28-adwcleaner


Lance le, 
clique sur rechercher et poste son rapport.

juju666 · Answer

Bonjour, 

C'est bien infecté. 
bonne chasse jedi ^^
 .::. Contributeur Sécurité .::.

Deep_alone · Answer

Rapport de ZHPDiag v1.28.2221 par Nicolas Coolman, Update du 06/11/2011
Run by Sylvie at 06/11/2011 13:57:44
Web site :  http://www.premiumorange.com/zeb-help-process/zhpdiag.html
State : Version à jour.


---\ Web Browser
MSIE: Internet Explorer v6.0.2900.2180
MFIE: Mozilla Firefox 7.0.1 v7.0.1 (Defaut)

---\ Windows Product Information
Windows XP Professional Service Pack 2 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK

---\ System Information
~ Processor: x86 Family 15 Model 79 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 446 MB (24% free)
System Restore: Activé (Enable)
System drive C: has 82 GB (57%) free of 142 GB

---\ Logged in mode
~ Computer Name: NOM-FB9B15D2723
~ User Name: Sylvie
~ All Users Names: Sylvie, SUPPORT_fddfa904, SUPPORT_388945a0, kévin, IWAM_NOM-FB9B15D2723, IUSR_NOM-FB9B15D2723, HelpAssistant, ASPNET, Administrateur, 
~ Unselected Option: O45,O61,O62,O65,O66,O82,O89
Logged in as Administrator

---\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\Sylvie\Application Data\
~ %Desktop% : C:\Documents and Settings\Sylvie\Bureau\
~ %Favorites% : C:\Documents and Settings\Sylvie\Favoris\
~ %LocalAppData% : C:\Documents and Settings\Sylvie\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\Sylvie\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 82 Go of 142 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 7 Go)
E:\ CD-ROM drive (Free 0 Go of 3 Go)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)



---\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc :  Modified
~ Scan Security Center in 00mn 00s



---\ Recherche particulière de fichiers génériques
[MD5.D0288319660EDCFED07C7E74C4EA38A5] - (.Microsoft Corporation - Explorateur Windows.) (.06/11/2011 - 14:22:28.) -- C:\WINDOWS\Explorer.exe [1037312]
[MD5.F5402CD47B7389DDC21F92119A906EEE] - (....) (.06/11/2011 - 12:00:00.) -- C:\WINDOWS\system32undll32.exe [33792]
[MD5.230EB19059FD2C744132C1F907EBBC37] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.06/11/2011 - 16:21:29.) -- C:\WINDOWS\system32\wininet.dll [672768]
[MD5.D2DE785AEAB0BB8CA4C14A8A199DBE4E] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.06/11/2011 - 12:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [506368]
[MD5.55E6E1C51B6D30E54335750955453702] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.06/11/2011 - 10:51:43.) -- C:\WINDOWS\system32\drivers\AFD.sys [138368]
[MD5.CDFE4411A69C224BD1D11B2DA92DAC51] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.06/11/2011 - 05:59:44.) -- C:\WINDOWS\system32\drivers\atapi.sys [95360]
[MD5.CD7D5152DF32B47F4E36F710B35AAE02] - (.Microsoft Corporation - CD-ROM File System Driver.) (.06/11/2011 - 12:00:00.) -- C:\WINDOWS\system32\drivers\Cdfs.sys [63744]
[MD5.AF9C19B3100FE010496B1A27181FBF72] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.06/11/2011 - 12:00:00.) -- C:\WINDOWS\system32\drivers\Cdrom.sys [49536]
[MD5.8B121FF880683607AB2AEF0340721718] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.06/11/2011 - 05:00:00.) -- C:\WINDOWS\system32\drivers\Fips.sys [35072]
[MD5.3FCC124B6E08EE0E9351F717DD136939] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.06/11/2011 - 00:07:18.) -- C:\WINDOWS\system32\drivers\HDAudBus.sys [138752]
[MD5.D1EFCBD693B5BA21314D06368C471070] - (.Microsoft Corporation - Pilote de port i8042.) (.06/11/2011 - 00:41:24.) -- C:\WINDOWS\system32\drivers\i8042prt.sys [54400]
[MD5.F8AA320C6A0409C0380E5D8A99D76EC6] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.06/11/2011 - 12:00:00.) -- C:\WINDOWS\system32\drivers\Imapi.sys [41856]
[MD5.E2168CBC7098FFE963C6F23F472A3593] - (.Microsoft Corporation - IP Network Address Translator.) (.06/11/2011 - 23:28:37.) -- C:\WINDOWS\system32\drivers\IpNat.sys [134912]
[MD5.64537AA5C003A6AFEEE1DF819062D0D1] - (.Microsoft Corporation - IPSec Driver.) (.06/11/2011 - 12:00:00.) -- C:\WINDOWS\system32\drivers\IPSec.sys [74752]
[MD5.FB6C89BB3CE282B08BDB1E3C179E1C39] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.06/11/2011 - 13:31:30.) -- C:\WINDOWS\system32\drivers\MRxSmb.sys [454016]
[MD5.0C80E410CD2F47134407EE7DD19CC86B] - (.Microsoft Corporation - MBT Transport driver.) (.06/11/2011 - 12:00:00.) -- C:\WINDOWS\system32\drivers
etBT.sys [162816]
[MD5.19A811EF5F1ED5C926A028CE107FF1AF] - (.Microsoft Corporation - NT File System Driver.) (.06/11/2011 - 12:10:35.) -- C:\WINDOWS\system32\drivers
tfs.sys [574464]
[MD5.318696359AC7DF48D1E51974EC527DD2] - (.Microsoft Corporation - Pilote de port parallèle.) (.06/11/2011 - 12:00:00.) -- C:\WINDOWS\system32\drivers\Parport.sys [80384]
[MD5.98FAEB4A4DCF812BA1C6FCA4AA3E115C] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.06/11/2011 - 12:00:00.) -- C:\WINDOWS\system32\drivers\Rasl2tp.sys [51328]
[MD5.A2CAE2C60BC37E0751EF9DDA7CEAF4AD] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.06/11/2011 - 21:01:16.) -- C:\WINDOWS\system32\driversdpdr.sys [196864]
[MD5.2CC30B68DD62B73D444A41322CD7FC4C] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.06/11/2011 - 00:39:44.) -- C:\WINDOWS\system32\driversedbook.sys [58496]
~ Scan Generic Processes in 00mn 07s



---\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 0/7
~ Mes musiques (My Musics) : 0/38
~ Mes Videos (My Video) : 0/5
~ Mes Favoris (My Favorites) : 0/10
~ Mes Documents (My Documents) : 0/1089
~ Mon Bureau (My Desktop) : 0/2908
~ Menu demarrer (Programs) : 0/34
~ Scan Hidden Files in 00mn 10s



---\ Processus lancés
[MD5.436F416AECA76315EFBB6BCFEA374DEF] - (.Symantec Corporation - Symantec Settings Manager Service.) -- c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe   [169584] [PID.]
[MD5.937EB691B1F69936FD6F124B49821E83] - (.Symantec Corporation - Symantec Event Manager Service.) -- c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe   [192112] [PID.]
[MD5.25FB74EABCE5EC7836BA3CFB3C58449A] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe   [40384] [PID.]
[MD5.5AA788D5A2C6737BB9C45933985BC1B8] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe   [37664] [PID.]
[MD5.9F9AA480BAAF48695B920C425FFE5425] - (.Microsoft - ARSVC Application.) -- C:\WINDOWS\arservice.exe   [58880] [PID.]
[MD5.F832F1505AD8B83474BD9A5B1B985E01] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe   [345376] [PID.]
[MD5.D24F6382F5171B07705364812E9459E2] - (.Microsoft Corporation - Content Index service.) -- C:\WINDOWS\system32\cisvc.exe   [5632] [PID.]
[MD5.D039A0C347632622934906BD59A4E1EA] - (.Microsoft Corporation - Media Center Receiver Service.) -- C:\WINDOWS\eHome\ehRecvr.exe   [237568] [PID.]
[MD5.980EEEA91776357518892C5544768E2B] - (.Microsoft Corporation - Service de planification Media Center.) -- C:\WINDOWS\eHome\ehSched.exe   [103424] [PID.]
[MD5.13F79611400A265D9F6931A42C9A3978] - (.Microsoft Corporation - Services Internet (IIS).) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe   [15872] [PID.]
[MD5.9AE07549A0D691A103FAF8946554BDB7] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe   [153376] [PID.]
[MD5.5D4B38A8D8525356798F5E560C3A3090] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe   [49152] [PID.]
[MD5.B0903C021BFCD6055C053A569EF98AEF] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 82.08.) -- C:\WINDOWS\system32
vsvc32.exe   [131139] [PID.]
[MD5.D31F88C5F19EEFA366A415D6BC5F2ABC] - (.HP - PML Driver.) -- C:\WINDOWS\system32\HPZipm12.exe   [69632] [PID.]
[MD5.16713686A3C7FE73DDFC553EB4D21829] - (.Microsoft Corporation - Service SNMP.) -- C:\WINDOWS\System32\snmp.exe   [33280] [PID.]
[MD5.D66259C3BCEFC9CAEB481ED52A4EAC74] - (.Microsoft Corporation - COM Surrogate.) -- C:\WINDOWS\system32\dllhost.exe   [5120] [PID.]
[MD5.7B878518590E826F1F3A5B1D61D405F8] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe   [3396624] [PID.3268]
[MD5.9A6BE6536C8E758DD9E0451437495261] - (.Guillemot Corporation S.A. - CamService Application.) -- C:\Program Files\Hercules\Deluxe Optical Glass\Camservice.exe   [81920] [PID.3452]
[MD5.F3DEAA1F2FCF70FAF6DE3757CA343FA5] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe   [421160] [PID.532]
[MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe   [932288] [PID.3628]
[MD5.90A3525C7399B7784D28F99EA1A51C4C] - (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe   [673616] [PID.2308]
[MD5.C81BE1B951C36E97D3DA90DA745DA5F7] - (.Hewlett-Packard Company - KBD EXE.) -- C:\HP\KBD\KBD.EXE   [61440] [PID.3800]
[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe   [53472] [PID.3872]
[MD5.06A1ECB63DF139EC639E084D4AB3C9D7] - (.Hewlett-Packard Company - hpsysdrv.) -- C:\windows\system\hpsysdrv.exe   [52736] [PID.2276]
[MD5.7636713B4F0944045AB4AF7CED5245AB] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe   [1230704] [PID.3888]
[MD5.8BE7AF668EDC9C65C11FB367F4B74942] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE   [199680] [PID.1268]
[MD5.89F7C30A91E5581BDF14C62AB46A2B2D] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe   [255536] [PID.3328]
[MD5.8E5E5A8CC84DA3F683E3BBC045138D52] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe   [820008] [PID.]
[MD5.11E8D8272FDBE213ADE3DAD91427CE35] - (.OpenOffice.org - OpenOffice.org 3.3.) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe   [11322880] [PID.1400]
[MD5.2337EC951C4AF6E1AF65D10BD9615BEB] - (.OpenOffice.org - OpenOffice.org 3.3.) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin   [11314688] [PID.1404]
[MD5.72999AA48322DA948CE50C08B414A0EC] - (.Microsoft Corporation - Indexing Service filter daemon.) -- C:\WINDOWS\system32\cidaemon.exe   [8192] [PID.]
[MD5.4E5585800B561FBEF64B27425365A36F] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe   [924632] [PID.2156]
[MD5.F5402CD47B7389DDC21F92119A906EEE] - (...) -- C:\WINDOWS\system32undll32.exe   [33792] [PID.2164]
[MD5.83F4BA8B8CDA4F063AA2002955A508A9] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe   [16856] [PID.944]
[MD5.7E9CC482832D7076D5F0418FBDAB3C6D] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [702464] [PID.3016]
~ Scan Processes Running in 00mn 06s



---\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\Sylvie\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
~ Scan Google Browser in 00mn 00s



---\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
C:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\gwjim7as.default\prefs.js
C:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\gwjim7as.default\user.js
M3 - MFPP: Plugins - [Sylvie] -- C:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\gwjim7as.default\searchplugins\live-search.xml
M3 - MFPP: Plugins - [Sylvie] -- C:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\gwjim7as.default\searchplugins\Yoog Search.xml
M3 - MFPP: Plugins - [Sylvie] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Sylvie] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Sylvie] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Sylvie] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Sylvie] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Sylvie] -- C:\Program Files\Mozilla FireFox\searchplugins\lost.xml
M3 - MFPP: Plugins - [Sylvie] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Sylvie] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [Sylvie - gwjim7as.default] https://www.google.fr/?gws_rd=ssl
M2 - MFEP: prefs.js [Sylvie - gwjim7as.default\{3112ca9c-de6d-4884-a869-9855de68056c}] [] Google Toolbar for Firefox v3.1.20081127W (.Google Inc..)
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins
p-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins
pdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.Pas de propriétaire - Mozilla ActiveX control and plugin module.) -- C:\Program Files\Mozilla Firefox\Plugins
pmozax.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape.) -- C:\Program Files\Mozilla Firefox\Plugins
ppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins
pqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins
pqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins
pqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins
pqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins
pqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins
pqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins
pqtplugin7.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins
pqtplugin8.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins
pitunes.dll
P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX, LLC - DivX Web Player version 2.1.1.94.) -- C:\Program Files\DivX\DivX Plus Web Player
pdivx32.dll
P2 - FPN: [HKLM] [@divx.com/DivX Content Upload Plugin,version=1.0.0] - (...) -- C:\Program Files\DivX\DivX Content Uploader
pUpload.dll (.not file.)
P2 - FPN: [HKLM] [@divx.com/DivX VOD Helper,version=1.0.0] - (.DivX, LLC. - DivX VOD Helper Plug-in.) -- C:\Program Files\DivX\DivX OVS Helper
povshelper.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_22 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin
ew_plugin
pjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60831.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60831.0
pctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.81
pGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.81
pGoogleUpdate3.dll
~ Scan Firefox Browser in 00mn 02s



---\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://r.orange.fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = http://ads.eorezo.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} . (...) (No version) -- C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
~ Scan IE Browser in 00mn 00s



---\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s



---\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s



---\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1DBD4862-3951-49C7-92F7-056260280A9E} Clé orpheline
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} . (.DivX, LLC - DivX Web Player version 2.1.1.94.) -- C:\Program Files\DivX\DivX Plus Web Player
pdivx32.dll
O2 - BHO: (no name) - {46A2F587-CE36-45EA-BE1B-10A43238B4B9} Clé orpheline
O2 - BHO: (no name) - {524C7CCE-67FB-4F05-B4E2-DD61971AF7E2} Clé orpheline
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} . (.DivX, LLC - DivX Web Player version 2.1.1.94.) -- C:\Program Files\DivX\DivX Plus Web
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} Clé orpheline
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\uTorrentBar\prxtbuTo2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} . (.SEIKO EPSON CORPORATION - EPSON Web-To-Page.) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
~ Scan BHO in 00mn 01s



---\ Internet Explorer Toolbars (O3)
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\uTorrentBar\prxtbuTo2.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} . (.SEIKO EPSON CORPORATION - EPSON Web-To-Page.) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
~ Scan Toolbar in 00mn 00s



---\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll 
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe (.not file.) 
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (.not file.) 
O4 - HKLM\..\Run: [Spooler SubSystem App] C:\WINDOWS\system32\spoolsvc.exe (.not file.) 
O4 - HKLM\..\Run: [68d74b00] C:\WINDOWS\system32\uywtndbx.dll (.not file.) 
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe (.not file.) 
O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe 
O4 - HKLM\..\Run: [CamserviceDeluxe2] . (.Guillemot Corporation S.A. - CamService Application.) -- C:\Program Files\Hercules\Deluxe Optical Glass\Camservice.exe 
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe 
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe 
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe 
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe 
O4 - HKLM\..\Run: [EEventManager] . (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe 
O4 - HKLM\..\Run: [KBD] . (.Hewlett-Packard Company - KBD EXE.) -- C:\HP\KBD\KBD.exe 
O4 - HKLM\..\Run: [ALCMTR] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- C:\WINDOWS\ALCMTR.exe 
O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard Company - hpsysdrv.) -- c:\windows\system\hpsysdrv.exe 
O4 - HKLM\..\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe 
O4 - HKLM\..\Run: [FREEzeFrogSA] . (...) -- C:\Program Files\FREEzeFrog\bin\2.0.13.0\FREEzeFrogSA.exe 
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (.not file.) 
O4 - HKCU\..\Run: [Salestart] C:\Program Files\Fichiers communs\ErreurChasseur\strpmon.exe (.not file.) 
O4 - HKCU\..\Run: [zbwuaz] c:\windows\system32\zbwuaz.exe (.not file.) 
O4 - HKCU\..\Run: [WeatherDPA] C:\Program Files\Hotbar\bin\10.2.236.0\Weather.exe (.not file.) 
O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe (.not file.) 
O4 - HKCU\..\Run: [EPSON SX510W Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFIE.exe 
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] . (.Microsoft Corporation - Watson Subscriber for SENS Network Notifica.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe 
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] . (.Microsoft Corporation - Watson Subscriber for SENS Network Notifica.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe 
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe 
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe 
O4 - HKUS\S-1-5-21-2922241631-450079970-1404125644-1008\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (.not file.) 
O4 - HKUS\S-1-5-21-2922241631-450079970-1404125644-1008\..\Run: [Salestart] C:\Program Files\Fichiers communs\ErreurChasseur\strpmon.exe (.not file.) 
O4 - HKUS\S-1-5-21-2922241631-450079970-1404125644-1008\..\Run: [zbwuaz] c:\windows\system32\zbwuaz.exe (.not file.) 
O4 - HKUS\S-1-5-21-2922241631-450079970-1404125644-1008\..\Run: [WeatherDPA] C:\Program Files\Hotbar\bin\10.2.236.0\Weather.exe (.not file.) 
O4 - HKUS\S-1-5-21-2922241631-450079970-1404125644-1008\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe (.not file.) 
O4 - HKUS\S-1-5-21-2922241631-450079970-1404125644-1008\..\Run: [EPSON SX510W Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFIE.exe 
~ Scan Application in 00mn 00s



---\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 8.lnk . (...)  -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A82000000003}\SC_Reader.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...)  -- C:\WINDOWS\Installer\{C41300B9-185D-475E-BFEC-39EF732F19B1}\AppleSoftwareUpdateIco.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk . (.Mozilla Corporation.)  -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Documents And Settings\Sylvie\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.)  -- C:\WINDOWS\system32cimlby.exe
O4 - Global Startup: C:\Documents And Settings\Sylvie\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Internet Explorer\IEXPLORE.EXE
O4 - Global Startup: C:\Documents And Settings\Sylvie\Menu Démarrer\Programmes\Lecteur Windows Media.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Scan Global Startup in 00mn 01s



---\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: &Search - (.not file.) - http:\edits.mywebsearch.com	oolbaredits\menusearch.jhtml?p=ZKfox000
O8 - Extra context menu item: Annoter avec Bamboo Link - (.not file.) - C:\Program Files\Wacom\Bamboo Link\AnnotateWithErgo.html
~ Scan IE Menu Contextuel in 00mn 00s



---\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: SmartShopper - Compare product prices - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} . (.SmartShopper Networks - Pas de description.) -- C:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll
O9 - Extra button: SmartShopper - Compare product prices - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} . (.SmartShopper Networks - Pas de description.) -- C:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} . (...) -- C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\conn_support.ico
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ Scan IE Extra Buttons in 00mn 00s



---\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
~ Scan Winsock in 00mn 00s



---\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains\www] http.orange.fr
~ Scan IE Zone Confiance in 00mn 00s



---\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: Microsoft XML Parser for Java -  (Microsoft XML Parser for Java) - (.not file.) - file:\C:\WINDOWS\Java\classes\xmldso.cab
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} () - http://codecs.microsoft.com/codecs/i386/fhg.CAB
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
~ Scan Objets ActiveX in 00mn 00s



---\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1CEDAE29-FA41-4AE6-BD3D-D3CBBA6A701C}: DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
O17 - HKLM\System\CCS\Services\Tcpip\..\{77649656-BFC9-4B9A-A227-68C3D70F5904}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{1CEDAE29-FA41-4AE6-BD3D-D3CBBA6A701C}: DhcpDomain = americas.hpqcorp.net
O17 - HKLM\System\CCS\Services\Tcpip\..\{77649656-BFC9-4B9A-A227-68C3D70F5904}: DhcpDomain = lan
O17 - HKLM\System\CS1\Services\Tcpip\..\{1CEDAE29-FA41-4AE6-BD3D-D3CBBA6A701C}: DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
O17 - HKLM\System\CS1\Services\Tcpip\..\{77649656-BFC9-4B9A-A227-68C3D70F5904}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{1CEDAE29-FA41-4AE6-BD3D-D3CBBA6A701C}: DhcpDomain = americas.hpqcorp.net
O17 - HKLM\System\CS1\Services\Tcpip\..\{77649656-BFC9-4B9A-A227-68C3D70F5904}: DhcpDomain = lan
O17 - HKLM\System\CS3\Services\Tcpip\..\{1CEDAE29-FA41-4AE6-BD3D-D3CBBA6A701C}: DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
O17 - HKLM\System\CS3\Services\Tcpip\..\{77649656-BFC9-4B9A-A227-68C3D70F5904}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS3\Services\Tcpip\..\{1CEDAE29-FA41-4AE6-BD3D-D3CBBA6A701C}: DhcpDomain = americas.hpqcorp.net
O17 - HKLM\System\CS3\Services\Tcpip\..\{77649656-BFC9-4B9A-A227-68C3D70F5904}: DhcpDomain = lan
~ Scan Domain in 00mn 00s



---\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
~ Scan Protocole Additionnel in 00mn 00s



---\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: nnnljkLc . (...) -- nnnljkLc.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\WINDOWS\system32\WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Scan Winlogon in 00mn 00s



---\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
~ Scan SSODL in 00mn 00s



---\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s



---\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ARSVC (ARSVC) . (.Microsoft - ARSVC Application.) - C:\WINDOWS\arservice.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) . (.Symantec Corporation - Symantec Event Manager Service.) - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) . (.Symantec Corporation - Symantec Settings Manager Service.) - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - Pas de description.) - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) . (...) - c:\Program Files\Norton Internet Security\Norton AntiVirus
avapsvc.exe (.not file.)
O23 - Service: NVIDIA Display Driver Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 82.08.) - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: Pml Driver HPZ12 (Pml Driver HPZ12) . (.HP - PML Driver.) - C:\WINDOWS\system32\HPZipm12.exe
~ Scan Services in 00mn 00s



---\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop Component 0: Item created by Ulead GIF Animator - file:C:\WINDOWS\system32\gaadi001.gif
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
~ Scan Desktop Component in 00mn 00s



---\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s



---\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
O39 - APT:Automatic Planified Task  - C:\WINDOWS\Tasks\Epson Printer Software Downloader.job
O39 - APT:Automatic Planified Task  - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task  - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task  - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2922241631-450079970-1404125644-1014Core.job
O39 - APT:Automatic Planified Task  - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2922241631-450079970-1404125644-1014UA.job
O39 - APT:Automatic Planified Task  - C:\WINDOWS\Tasks\Norton AntiVirus - Effectuer une analyse complète du système - Noemie.job
[MD5.187E0D2AB859AD03393DDD731076BE81] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
[MD5.E7FAF17B920ACCE36C191B9151B10AB4] [APT] [Epson Printer Software Downloader] (.SEIKO EPSON CORPORATION.) -- C:\Program Files\EPSON\EPAPDL\E_SAPDL2.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskUserS-1-5-21-2922241631-450079970-1404125644-1014Core] (...) -- C:\Documents and Settings\Sylvie\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskUserS-1-5-21-2922241631-450079970-1404125644-1014UA] (...) -- C:\Documents and Settings\Sylvie\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [Norton AntiVirus - Effectuer une analyse complSte du systSme - Noemie] (...) -- c:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exe (.not file.)
~ Scan Scheduled Task in 00mn 02s



---\ Pilotes lancés au démarrage (O41)
O41 - Driver:  (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver:  (AmdK8) . (.Advanced Micro Devices - AMD Processor Driver.) - C:\WINDOWS\system32\DRIVERS\AmdK8.sys
O41 - Driver:  (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver:  (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver:  (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver:  (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver:  (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver:  (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver:  (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver:  (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS
etbios.sys
O41 - Driver:  (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS
etbt.sys
O41 - Driver:  (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\processr.sys
O41 - Driver:  (prodrv06) . (.Protection Technology - StarForce Protection Environment Driver.) - C:\WINDOWS\system32\drivers\prodrv06.sys
O41 - Driver:  (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERSasacd.sys
O41 - Driver:  (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERSdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver:  (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERSedbook.sys
O41 - Driver:  (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS	cpip.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS	ermdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
~ Scan Drivers in 00mn 00s



---\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 8.2.0 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A82000000003}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {EE6097DD-05F4-4178-9719-D3170BF098E8}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {5BF5F9C5-E95B-4AFA-94BE-F2A9CA73B61D}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {2A981294-F14C-4F0F-9627-D793270922F8}
O42 - Logiciel: BroadJump Client Foundation - (.Pas de propriétaire.) [HKLM] -- BroadJump Client Foundation
O42 - Logiciel: Browser Optimizer Adzgalore - (.Pas de propriétaire.) [HKLM] -- adzgalore
O42 - Logiciel: Browser Optimizer Dcads - (.Pas de propriétaire.) [HKLM] -- dcads
O42 - Logiciel: CC_ccProxyExt - (.Symantec.) [HKLM] -- {2EBF25F1-F8A2-40EA-92BE-931C142A44E2}
O42 - Logiciel: Configuration DivX - (.DivX, LLC.) [HKLM] -- DivX Setup.divx.com
O42 - Logiciel: Contextual Tool Adzgalore - (.Pas de propriétaire.) [HKLM] -- 89da7df1-32de-2ef4-381b-80681c3621bd
O42 - Logiciel: Contextual Tool Adzgalore - (.Pas de propriétaire.) [HKLM] -- cont_adzgalore
O42 - Logiciel: DVD Decoder Pak for Windows XP - (.roddy2000@hotbox.ru.) [HKLM] -- {92C5DB3D-9D6F-4324-BB11-57825F4C2635}
O42 - Logiciel: Désinstaller l'imprimante EPSON SX510W Series - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON SX510W Series
O42 - Logiciel: EA Download Manager - (.Electronic Arts, Inc..) [HKLM] -- EADM
O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM] -- EPSON Scanner
O42 - Logiciel: EPSON Web-To-Page - (.Pas de propriétaire.) [HKLM] -- {7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}
O42 - Logiciel: Enhanced Multimedia Keyboard Solution - (.Pas de propriétaire.) [HKLM] -- KBD
O42 - Logiciel: Enhancement Browser Tools Cpmsky - (.Pas de propriétaire.) [HKLM] -- cpmsky
O42 - Logiciel: Enhancement Browser Tools Superiorads - (.Pas de propriétaire.) [HKLM] -- superiorads
O42 - Logiciel: Epson Easy Photo Print 2 - (.SEIKO EPSON CORPORATION.) [HKLM] -- {87C2248A-C7DD-49ED-9BCD-B312A9D0819E}
O42 - Logiciel: Epson Event Manager - (.SEIKO EPSON Corporation.) [HKLM] -- {48F22622-1CC2-4A83-9C1E-644DD96F832D}
O42 - Logiciel: Epson Printer Software Downloader - (.Pas de propriétaire.) [HKLM] -- Epson Printer Software Downloader
O42 - Logiciel: Epson Printer Software Downloader - (.SEIKO EPSON CORPORATION.) [HKLM] -- {B6A98E5F-D6A7-46FB-9E9D-1F7BF4434001}
O42 - Logiciel: Epson Stylus SX510W_TX550W Manuel - (.Pas de propriétaire.) [HKLM] -- Epson Stylus SX510W_TX550W Guide d'utilisation
O42 - Logiciel: EpsonNet Print - (.SEIKO EPSON CORPORATION.) [HKLM] -- {3E31400D-274E-4647-916C-2CACC3741799}
O42 - Logiciel: EpsonNet Setup - (.SEIKO EPSON CORPORATION.) [HKLM] -- {FFFAE01B-466F-4C07-9821-A94FD753BDDA}
O42 - Logiciel: Ergo Print Monitor xp86 - (.Your Company Name.) [HKLM] -- {D4126659-643C-461C-AB2C-5E3B6EDA23D9}
O42 - Logiciel: FREEzeFrog - (.Pinball Corporation..) [HKLM] -- FREEzeFrogSA
O42 - Logiciel: Fashion Rush fr - (.Boonty.) [HKLM] -- Fashion Rush_is1
O42 - Logiciel: Favorit (eiqai) - (.Pas de propriétaire.) [HKLM] -- eiqai
O42 - Logiciel: GalleryPlayer Images - (.GalleryPlayer.) [HKLM] -- GalleryPlayer Images
O42 - Logiciel: GemMaster Mystic - (.Pas de propriétaire.) [HKLM] -- 99A88D57-2C93-491B-87B8-E41A870FB6BE
O42 - Logiciel: Google Toolbar for Firefox - (.Google.) [HKLM] -- {2CCBABCB-6427-4A55-B091-49864623C43F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Hercules Deluxe Optical Glass - (.Hercules.) [HKLM] -- {56298F72-C2CC-4FE5-ACEA-30C7A866BF4C}
O42 - Logiciel: High Definition Audio - KB888111 - (.Microsoft Corporation.) [HKLM] -- KB888111WXPSP2
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399
O42 - Logiciel: Hotfix for Windows Media Player 10 (KB903157) - (.Microsoft Corporation.) [HKLM] -- KB903157
O42 - Logiciel: Hotfix for Windows XP (KB915800) - (.Microsoft Corporation.) [HKLM] -- KB915800
O42 - Logiciel: Hotfix for Windows XP (KB915865) - (.Microsoft Corporation.) [HKLM] -- KB915865
O42 - Logiciel: Hotfix for Windows XP (KB926239) - (.Microsoft Corporation.) [HKLM] -- KB926239
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5
O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8}
O42 - Logiciel: Java Runtime Environment 1.1 - (.Pas de propriétaire.) [HKLM] -- JRE 1.1
O42 - Logiciel: Java(TM) 6 Update 22 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216022FF}
O42 - Logiciel: Les Simpson - Le film Screen Saver - (.Pas de propriétaire.) [HKLM] -- Les Simpson - Le film
O42 - Logiciel: Les Sims 2 - (.Pas de propriétaire.) [HKLM] -- {6E7DD182-9FC6-4651-0095-2E666CC6AF35}
O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM] -- {C04E32E0-0416-434D-AFB9-6969D703A9EF}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: MSXML 6 Service Pack 2 (KB973686) - (.Microsoft Corporation.) [HKLM] -- {56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}
O42 - Logiciel: Macromedia Flash Player 8 - (.Macromedia.) [HKLM] -- {6815FCDD-401D-481E-BA88-31B4754C2B46}
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM] -- McAfee Security Scan
O42 - Logiciel: Microsoft .NET Framework 1.0 Hotfix (KB887998) - (.Microsoft Corporation.) [HKLM] -- KB887998
O42 - Logiciel: Microsoft .NET Framework 1.0 Hotfix (KB930494) - (.Microsoft Corporation.) [HKLM] -- KB930494
O42 - Logiciel: Microsoft .NET Framework 1.0 Hotfix (KB953295) - (.Microsoft Corporation.) [HKLM] -- KB953295
O42 - Logiciel: Microsoft .NET Framework 1.0 Hotfix (KB979904) - (.Microsoft Corporation.) [HKLM] -- KB979904
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1  (1033)
O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) [HKLM] -- {9A394342-4A68-4EBA-85A6-55B559F4E700}
O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft Away Mode - (.Microsoft Corporation.) [HKLM] -- AwayMode160
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1
O42 - Logiciel: Microsoft Office Excel Viewer 2003 - (.Microsoft Corporation.) [HKLM] -- {9084040C-6000-11D3-8CFE-0150048383C9}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft SQL Server Compact 3.5 SP1 ???? - (.Microsoft Corporation.) [HKLM] -- {0BE37B03-93EF-4B46-A4F3-30ED22569D1A}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Sync Framework Runtime v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {A8BD5A60-E843-46DC-8271-ABF20756BE0F}
O42 - Logiciel: Microsoft Sync Framework Services v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {03CAB33F-D1C2-48C6-8766-DAE84DFC25FE}
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {A49F249F-0C91-497F-86DF-B2585E8E76B7}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Visual J# 2.0 Redistributable Package - SE - (.Microsoft Corporation.) [HKLM] -- Microsoft Visual J# 2.0 Redistributable Package - SE
O42 - Logiciel: Microsoft WSE 3.0 Runtime - (.Microsoft Corp..) [HKLM] -- {E3E71D07-CD27-46CB-8448-16D4FB29AA13}
O42 - Logiciel: Mozilla Firefox 7.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 7.0.1 (x86 fr)
O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: Norton AntiSpam - (.Symantec Corporation.) [HKLM] -- {5677563D-0CB1-485F-9E18-C5025306BB3F}
O42 - Logiciel: Norton Internet Security - (.Symantec Corporation.) [HKLM] -- {3672B097-EA69-4bfe-B92F-29AE6D9D2B34}
O42 - Logiciel: Norton Internet Security - (.Symantec Corporation.) [HKLM] -- {AADFE0B9-F905-4d5f-A144-0ADB2EFA747B}
O42 - Logiciel: Norton Internet Security - (.Symantec Corporation.) [HKLM] -- {FFB4DD53-28B7-4981-BFF0-9BD801F61095}
O42 - Logiciel: Norton Protection Center - (.Symantec Corp.) [HKLM] -- {82A5BF38-8461-4A5C-B2C9-24F5256D92A6}
O42 - Logiciel: OCR Software by I.R.I.S 7.0 - (.HP.) [HKLM] -- HPOCR
O42 - Logiciel: OpenOffice.org 3.3 - (.OpenOffice.org.) [HKLM] -- {7E0610A2-E336-40B3-B685-C4905E97EC9A}
O42 - Logiciel: Otto - (.Pas de propriétaire.) [HKLM] -- 0D20D36D-A11C-444c-9AF7-70CBFED42ECF
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: Package de pilotes Windows - ACER Incorporated (qcusbser) Modem  (10/12/2009 2.0.6.6) - (.ACER Incorporated.) [HKLM] -- B2FCCBF3739130D032A0617CC6098523C6073B61
O42 - Logiciel: Package de pilotes Windows - ACER Incorporated (qcusbser) Ports  (10/12/2009 2.0.6.6) - (.ACER Incorporated.) [HKLM] -- 59972B5CC101974ED6E51C08E0CC89A01960039A
O42 - Logiciel: Package de pilotes Windows - Acer, Inc (androidusb) USB  (10/12/2009 1.0.0010.00000) - (.Acer, Inc.) [HKLM] -- 75397A2EC23E9AD977B09CAD2C2683A60DF981B5
O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKCU] -- PhotoFiltre
O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKLM] -- PhotoFiltre
O42 - Logiciel: Python 2.2 pywin32 extensions (build 203) - (.Pas de propriétaire.) [HKLM] -- pywin32-py2.2
O42 - Logiciel: Python 2.2.3 - (.PythonLabs at Zope Corporation.) [HKLM] -- Python 2.2.3
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C}

Utilisateur anonyme · Answer

re juju padawan  :D

Deep_alone :

https://forums.commentcamarche.net/forum/affich-23587182-diagnostique-possibilite-virus#2

Deep_alone · Answer

Voici le rapport : 

# AdwCleaner v1.317 - Rapport créé le 06/11/2011 à 14:43:43
# Mis à jour le 06/11/11 à 14h par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 2 (32 bits)
# Nom d'utilisateur : Sylvie - NOM-FB9B15D2723 (Administrateur)
# Exécuté depuis : C:\Documents and Settings\Sylvie\Mes documents\Téléchargements\adwcleaner.exe
# Option [Recherche]


***** [Services] *****


***** [Fichiers / Dossiers] *****

Dossier Présent : C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
Dossier Présent : C:\Documents and Settings\All Users\Application Data\FREEzeFrogSA
Dossier Présent : C:\Documents and Settings\All Users\Application Data\ResultBar
Dossier Présent : C:\Documents and Settings\Sylvie\Application Data\EoRezo
Dossier Présent : C:\Documents and Settings\Sylvie\Application Data\FREEzeFrog
Dossier Présent : C:\Documents and Settings\Sylvie\Application Data\ShopperReports3
Dossier Présent : C:\Documents and Settings\Sylvie\Application Data\PriceGong
Dossier Présent : C:\Documents and Settings\Sylvie\Application Data\WeatherDPA
Dossier Présent : C:\Documents and Settings\Sylvie\Local Settings\Application Data\Conduit
Dossier Présent : C:\Documents and Settings\Sylvie\Local Settings\Application Data\ConduitEngine
Dossier Présent : C:\Program Files\Ask.com
Dossier Présent : C:\Program Files\Conduit
Dossier Présent : C:\Program Files\FREEzefrog
Dossier Présent : C:\Program Files\ResultBar
Dossier Présent : C:\Program Files\ShopperReports3
Dossier Présent : C:\Program Files\Mozilla Firefox\Extensions\{34EFA911-B536-4C08-BECE-CD5E55C875B0}

***** [Registre] *****

Clé Présente : HKCU\Toolbar
Clé Présente : HKCU\Software\Conduit
Clé Présente : HKCU\Software\EoRezo
Clé Présente : HKCU\Software\FREEzeFrogSA
Clé Présente : HKCU\Software\hotbarsa
Clé Présente : HKCU\Software\PriceGong
Clé Présente : HKCU\Software\ShopperReports3
Clé Présente : HKLM\SOFTWARE\Conduit
Clé Présente : HKLM\SOFTWARE\EoRezo
Clé Présente : HKLM\SOFTWARE\FREEzeFrog
Clé Présente : HKLM\SOFTWARE\ItsLabel
Clé Présente : HKLM\SOFTWARE\ShopperReports3
Clé Présente : HKLM\SOFTWARE\Classes\Conduit.Engine
Clé Présente : HKLM\SOFTWARE\Classes\FREEzeFrogAx.Info.1
Clé Présente : HKLM\SOFTWARE\Classes\FREEzeFrogAx.Info
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.AsyncReporter
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.AsyncReporter.1
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.CntntDic
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.CntntDic.1
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.CntntDisp
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.CntntDisp.1
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.Dwnldr
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.Dwnldr.1
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.HbAx
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.HbAx.1
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.HbGuru
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.HbGuru.1
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.HbInfoBand
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.HbInfoBand.1
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.IEButton
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.IEButton.1
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.IEButtonA
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.IEButtonA.1
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.KOPFF
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.KOPFF.1
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.MozillaNvgtnTrpr
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.MozillaNvgtnTrpr.1
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.MozillaPSExecuter
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.MozillaPSExecuter.1
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.ReportData
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.ReportData.1
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.Reporter
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.Reporter.1
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.RprtCtrl
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.RprtCtrl.1
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.Scopes
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.Scopes.1
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.Stock
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.Stock.1
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.TriggerImmidiate
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.TriggerImmidiate.1
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.TriggerImmidiateOrRandomTS
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.TriggerImmidiateOrRandomTS.1
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.TriggerOnceInDay
Clé Présente : HKLM\SOFTWARE\Classes\ShopperReports.TriggerOnceInDay.1
Clé Présente : HKLM\SOFTWARE\Classes\AppID\BRNstIE.DLL
Clé Présente : HKLM\SOFTWARE\Classes\AppID\CmndFF.DLL
Clé Présente : HKLM\SOFTWARE\Classes\AppID\mozillaps.dll
Clé Présente : HKLM\SOFTWARE\Classes\AppID\Pltfrm.DLL
Clé Présente : HKLM\SOFTWARE\Classes\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227}
Clé Présente : HKLM\SOFTWARE\Classes\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D}
Clé Présente : HKLM\SOFTWARE\Classes\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE}
Clé Présente : HKLM\SOFTWARE\Classes\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{09325003-167C-483d-A4BA-8B3122ABB432}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{100EB1FD-D03E-47fd-81F3-EE91287F9465}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{20EA9658-6BC3-4599-A87D-6371FE9295FC}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{6DD76B7B-6423-4df0-9A07-84A6CAD973A0}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{7F6CFB6A-9227-4bb8-B941-F2B067E76F51}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{A16AD1E9-F69A-45af-9462-B1C286708842}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{AB0EE208-DF60-4fa7-A617-C4269760033E}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{C9CCBB35-D123-4a31-AFFC-9B2933132116}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{E12AEAB6-7D12-4c07-8E36-5892EFB4DAFB}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{E2F2C137-A782-4fb5-81AF-086156F5EB0A}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{F1D06C9F-51F0-4476-BEDE-5DDF91BE304E}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{F3A32DF2-7413-4fb1-B575-1AC920A17B76}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{2721A8E5-BFDB-4562-9912-9E0531CA616C}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{396CFC12-932D-496b-A0A8-5D7201E105E1}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{74C22317-5B90-471f-9AD2-FEC049870A16}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239}
Clé Présente : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{453DB0C5-F41C-4D97-8DD6-CC72ECD5F699}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{4AFC07D0-59BB-46B8-B097-1A46E88EEF71}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{6511CE4C-4722-40D0-AD3D-4AFA2F50978A}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{9BEC9B38-BF39-4899-806E-A1C5DFEB60A2}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{AEBF09E2-0C15-43C8-99BF-928C645D98A0}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{B86D82BF-D39F-439A-A07C-43EDDC6F6EA6}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{D8560AC2-21B5-4C1A-BDD4-BD12BC83B082}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{DA6305B9-0869-4235-8C1D-533A65E639E5}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{E25DA6D6-C365-46CF-ABAF-DC5893135D7A}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{E6961C59-CFCE-4CCD-B794-BC78DB98413A}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{71E02280-5212-45C3-B174-4D5A35DA254F}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{65A16874-2ED0-460E-A547-5FE2EC3A13A7}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{ACC62306-9A63-4864-BD2F-C8825D2D7EA6}
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2}
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF}
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{E343EDFC-1E6C-4CB5-AA29-E9C922641C80}
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{F1A1892C-2A6C-4817-98B4-FF81443CBA20}
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{573F4ABB-A1A2-44ED-9BA9-A8DAD40AAC46}
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{5FE0CEAE-CB69-40AF-A323-40F94257DACB}
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B2}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B3}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44cf-8957-5838F569A31D}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127}
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7}
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Clé Présente : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4f36-8D02-8C43722EE5DA}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89F88394-3828-4D03-A0CF-8203604C3DA6}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4233F04-1789-483C-A137-731E8F113DD5}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FREEzeFrogSA
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperReportsSA
Valeur Présente : HKCU\Software\Microsoft\Internet Explorer\Extensions\CmdMapping [{c5428486-50a0-4a02-9d20-520b59a9f9b2}]
Valeur Présente : HKCU\Software\Microsoft\Internet Explorer\Extensions\CmdMapping [{c5428486-50a0-4a02-9d20-520b59a9f9b3}]
Valeur Présente : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Valeur Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [WeatherDPA]
Valeur Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [FREEzeFrogSA]
Valeur Présente : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ShopperReports@ShopperReports.com]

***** [Navigateurs] *****

-\ Internet Explorer v6.0.2900.2180

[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://resultsmaster.com/SmartOffers/Services/resultsmaster/ResultsMasterHomeLeftPane.htm

-\ Mozilla Firefox v7.0.1 (fr)

Profil : gwjim7as.default
Fichier : C:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\gwjim7as.default\prefs.js

[OK] Le fichier ne contient aucune entrée illégitime.

-\ Google Chrome v [Impossible d'obtenir la version]

Fichier : C:\Documents and Settings\Sylvie\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] Le fichier ne contient aucune entrée illégitime.

*************************

AdwCleaner[R1].txt - [13918 octets] - [06/11/2011 14:43:43]

########## EOF - C:\AdwCleaner[R1].txt - [14047 octets] ##########

Utilisateur anonyme · Answer

relance ADWC, clique sur supprimer, poste son rapport  :D 


O.o°*??? Membre, Contributeur sécurité CCMo°.Oø¤º°'°º¤ø  

O.o°* ??? Réspire à fond, Rédige ton message en bon français et de manière claire.Ca va bien se passer, tu verras, enfin on essaie !!! o°.Oø¤º°'°º¤ø

Utilisateur anonyme · Answer

Télécharge Malwarebytes' Anti-Malware et enregistre le sur ton bureau:
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
 
ou ici :
 https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/

 
. Double cliques sur le fichier téléchargé pour lancer le processus d'installation. 
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour 
. si le pare-feu demande l'autorisation de se connecter pour malwarebytes, acceptes 
. Une fois la mise à jour terminé
. rend-toi dans l'onglet, Recherche 
. Sélectionnes Exécuter un examen complet
. Cliques sur Rechercher
. Le scan démarre. 
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés. 
. Cliques sur Ok pour poursuivre. 
. Si des malwares ont été détectés, cliques sur Afficher les résultats 
. Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine. 
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse. 
. rends toi dans l'onglet rapport/log 
. tu cliques dessus pour l'afficher une fois affiché 
. tu cliques sur edition en haut du boc notes,et puis sur sélectionner tous 
. tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse 
. Tu cliques droit dans le cadre de la réponse et coller 
. À la fin du scan, il se peut que MBAM ait besoin de redémarrer le pc pour finaliser la suppression, donc pas de panique, redémarre ton pc !!!

Si tu as besoin d'aide regarde ce tutoriel : 
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

Utilisateur anonyme · Answer

laisse le términer, selon la taille de ton disque dure, ça peut prendre du temps, donc patience  :-)

Deep_alone · Answer

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Version de la base de données: 8096

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

06/11/2011 17:45:20
mbam-log-2011-11-06 (17-45-19).txt

Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 335985
Temps écoulé: 2 heure(s), 12 minute(s), 57 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 100
Valeur(s) du Registre infectée(s): 13
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 29
Fichier(s) infecté(s): 51

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\AppID\{8D71EEB8-A1A7-4733-8FA2-1CAC015C967D} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{410D416D-6BCC-4ddf-8501-937D68850CB5} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{12CE6895-E925-4498-9537-302FC7B02A35} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{44D78D61-8C97-401C-ADC6-7FCF0A7366B5} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Sidepanel.Panel.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Sidepanel.Panel (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4CF088BD-BE95-40A5-BE9B-677F8683EDEA} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{305C6CB1-9D31-4489-881D-5A8E2DC3FE14} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{E79B1445-DFEA-4BEF-A786-E0C0F33C863B} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Smart-Shopper.IEButtonA.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Smart-Shopper.IEButtonA (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{60DA826C-B1C6-4358-BDEC-4837CED45470} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D794CB4-C7CD-4C6F-BFDC-9B77AFBDC02C} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6D794CB4-C7CD-4C6F-BFDC-9B77AFBDC02C} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6FAC4823-815E-4361-836E-46D65ED2550B} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Smart-Shopper.IEButton.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Smart-Shopper.IEButton (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6FC3C36D-7635-4D43-BA62-0D9D2F2CD06E} (Adware.Fotomoto) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{4EEF6CF8-8332-434A-B32D-11269CC262A9} (Adware.Fotomoto) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8B05763C-E4EB-4ECC-A10C-EE950C797C47} (Adware.Fotomoto) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\dc_ads.ads.1 (Adware.Fotomoto) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\dc_ads.ads (Adware.Fotomoto) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6FC3C36D-7635-4D43-BA62-0D9D2F2CD06E} (Adware.Fotomoto) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6FC3C36D-7635-4D43-BA62-0D9D2F2CD06E} (Adware.Fotomoto) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8BCB5337-EC01-4E38-840C-A964F174255B} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Smart-Shopper.HbInfoBand.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Smart-Shopper.HbInfoBand (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{8BCB5337-EC01-4E38-840C-A964F174255B} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{911F251E-34FD-465E-B6CE-DF00FF49A6BE} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Smart-Shopper.HbAx.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Smart-Shopper.HbAx (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{994B5FB4-0103-44A6-B6B3-C73572B362BC} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{49BCC77A-79EB-4D50-A6DB-04E8202921C4} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{BD219B90-626B-40F4-BFDD-420240DFCA2C} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\adzgalore.optimizer.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\adzgalore.optimizer (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{994B5FB4-0103-44A6-B6B3-C73572B362BC} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{BCA95E31-1FBF-4F84-8F23-1BA653007A1E} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{20C4186A-D226-4496-8104-226D80D16B9B} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{31E330FA-AEEB-43AC-B245-9C598C135322} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Quax.Kalpol.1 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Quax.Kalpol (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BCA95E31-1FBF-4F84-8F23-1BA653007A1E} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BCA95E31-1FBF-4F84-8F23-1BA653007A1E} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{C1089F63-7AFC-4538-B0EB-BEA0F4225A57} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{C17E102B-BD29-4e92-B699-1A21D2CB8E6C} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Sidepanel.Logic.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Sidepanel.Logic (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C17E102B-BD29-4E92-B699-1A21D2CB8E6C} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C17E102B-BD29-4E92-B699-1A21D2CB8E6C} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{CC7BD6F1-565C-47ce-A5BB-9C935E77B59D} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{02AED140-2B62-4b49-8B3B-179020CC39B9} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{17BF1E05-C0E8-413C-BD1F-A481EEA3B8E9} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{CFC16189-8A92-4a29-A940-60248385F426} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{DEE758B4-C3FB-4a5b-9939-848B9C77A2FB} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{FE4F1649-8909-49C0-87BA-24D65120DB46} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Smart-Shopper.IEButtonB.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Smart-Shopper.IEButtonB (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{022C671F-6CBA-4A03-A8F9-3B3A361B235A} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{8AD815FC-607B-419F-8B70-D345A507A54E} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{90F62EF7-58D1-4E8E-BB3E-CFB10BA9E47B} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4D7B-9389-0F166788785A} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CC3D8FE-F0E0-4DD1-A69A-8C56BCC7BEBF} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3CC3D8FE-F0E0-4DD1-A69A-8C56BCC7BEBF} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CC3D8FE-F0E0-4DD1-A69A-8C56BCC7BEC0} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3CC3D8FE-F0E0-4DD1-A69A-8C56BCC7BEC0} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A7C84E2-E95C-43C6-8DD3-03ABCD0EB60E} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{28ABC5C0-4FCB-11CF-AAX5-21CX5C574571} (Worm.AutoRun) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{28ABC5C0-4FCB-11CF-AAX5-21CX5C574571} (Worm.AutoRun) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adzgalore (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\cpmsky (Adware.AdPanel) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\dcads (Adware.Fotomoto) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\superiorads (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1D99AB88-468B-7648-187D-E1489A817E19} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Smart-Shopper.Smrt-ShprCtrl (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Smart-Shopper.Smrt-ShprCtrl.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\Sidebar.DLL (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MySidesearch (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Smart-Shopper (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\adzgalore (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\cs41275 (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Purchased Products (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Relevant Knowledge (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ResultBar (Adware.ResultBar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Smart-Shopper (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoftdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ResultBar (Adware.ResultBar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Smart-Shopper (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_RESULTBAR_SERVICE (Adware.ResultBar) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6D794CB4-C7CD-4C6F-BFDC-9B77AFBDC02C} (Trojan.Vundo) -> Value: {6D794CB4-C7CD-4C6F-BFDC-9B77AFBDC02C} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{3CC3D8FE-F0E0-4DD1-A69A-8C56BCC7BEBF} (Adware.SmartShopper) -> Value: {3CC3D8FE-F0E0-4DD1-A69A-8C56BCC7BEBF} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{3CC3D8FE-F0E0-4DD1-A69A-8C56BCC7BEC0} (Adware.SmartShopper) -> Value: {3CC3D8FE-F0E0-4DD1-A69A-8C56BCC7BEC0} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} (Adware.SmartShopper) -> Value: {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} (Adware.SmartShopper) -> Value: {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} (Trojan.Vundo) -> Value: {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Salestart (Rogue.Multiple) -> Value: Salestart -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\ShopperReports 3.0.517.0 (Adware.HotBar) -> Value: ShopperReports 3.0.517.0 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\SRS_IT_E8790476B5765B503FAD93 (Malware.Trace) -> Value: SRS_IT_E8790476B5765B503FAD93 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\SRS_IT_E8790476B5765B5433AC93 (Malware.Trace) -> Value: SRS_IT_E8790476B5765B5433AC93 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\SRS_IT_E8790476B576545336AA94 (Malware.Trace) -> Value: SRS_IT_E8790476B576545336AA94 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Spooler SubSystem App (Backdoor.Bot) -> Value: Spooler SubSystem App -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\68d74b00 (Trojan.Agent) -> Value: 68d74b00 -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
c:\documents and settings\Sylvie\application data\funwebproducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\documents and settings\Sylvie\application data\funwebproducts\Data (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\documents and settings\Sylvie\application data\funwebproducts\Data\Sylvie (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\salesmonitor (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\salesmonitor\Data (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\documents and settings\kévin\application data\smart-shopper (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\documents and settings\kévin\application data\smart-shopper\cs (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\documents and settings\kévin\application data\smart-shopper\cs\db (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\documents and settings\kévin\application data\smart-shopper\cs\dwld (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\documents and settings\kévin\application data\smart-shopper\cseport (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\documents and settings\kévin\application data\smart-shopper\cses1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\documents and settings\Sylvie\application data\smart-shopper (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\documents and settings\Sylvie\application data\smart-shopper\cs (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\documents and settings\Sylvie\application data\smart-shopper\cs\db (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\documents and settings\Sylvie\application data\smart-shopper\cs\dwld (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\documents and settings\Sylvie\application data\smart-shopper\cseport (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\documents and settings\Sylvie\application data\smart-shopper\cses1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\config\systemprofile\application data\smart-shopper (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\config\systemprofile\application data\smart-shopper\cs (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\config\systemprofile\application data\smart-shopper\cs\db (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\config\systemprofile\application data\smart-shopper\cs\dwld (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\config\systemprofile\application data\smart-shopper\cseport (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\program files\smart-shopper (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\program files\smart-shopper\Bin (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\program files\smart-shopper\Bin\2.5.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\program files\smart-shopper\cs (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\program files\smart-shopper\cs\antiphishing (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\program files\video activex object (Trojan.Zlob) -> Quarantined and deleted successfully.
c:\CONFIG\s-1-5-21-1482476501-1644491937-682003330-1013 (Backdoor.IRCBot) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
c:\program files\smart-shopper\Bin\2.5.1\smrt-shpr.dll (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\documents and settings\kévin\local settings	emp	mpcd7d.tmp (Trojan.BHO) -> Quarantined and deleted successfully.
c:\documents and settings\kévin\local settings\Temp\component update 635 (Adware.BHO) -> Quarantined and deleted successfully.
c:\program files\windows live\messengeriched20.dll (PUP.FunWebProducts) -> Not selected for removal.
c:\system volume information\_restore{512df77d-45b5-4ae1-9c2a-ec48b0f584c1}\RP725\A1150297.exe (Adware.ResultBar) -> Quarantined and deleted successfully.
c:\system volume information\_restore{512df77d-45b5-4ae1-9c2a-ec48b0f584c1}p725\a1150309.exe (Adware.Agent.ZGen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{512df77d-45b5-4ae1-9c2a-ec48b0f584c1}\RP725\A1150311.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{512df77d-45b5-4ae1-9c2a-ec48b0f584c1}\RP725\A1150312.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{512df77d-45b5-4ae1-9c2a-ec48b0f584c1}\RP725\A1150313.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{512df77d-45b5-4ae1-9c2a-ec48b0f584c1}\RP725\A1150315.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{512df77d-45b5-4ae1-9c2a-ec48b0f584c1}\RP725\A1150316.exe (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{512df77d-45b5-4ae1-9c2a-ec48b0f584c1}\RP725\A1150318.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\windows\system32\adzgalore-remove.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\cpmsky-uninst.exe (Adware.AdPanel) -> Quarantined and deleted successfully.
c:\windows\system32\dcads-remove.exe (Adware.Fotomoto) -> Quarantined and deleted successfully.
c:\WINDOWS\system32
rsknpppznujjwga.dll-uninst.exe (Trojan.BHO) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\superiorads-uninst.exe (Adware.AdRotator) -> Quarantined and deleted successfully.
c:\windows\system32\u_nrsknpppznujjwga.dll.exe (Trojan.BHO) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\WhoisCL.exe (Trojan.BHO) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\components
sdnser.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\adzgalorednhelper-uninstall.exe (Trojan.BHO) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\mysidesearch_sidebar_uninstall.exe (Trojan.BHO) -> Quarantined and deleted successfully.
c:\WINDOWS\system32
vs2.inf (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\TMP2.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\documents and settings\kévin\application data\smart-shopper\cs\Config.xml (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\documents and settings\kévin\application data\smart-shopper\cs\db\Aliases.dbs (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\documents and settings\kévin\application data\smart-shopper\cs\db\Sites.dbs (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\documents and settings\kévin\application data\smart-shopper\cs\dwld\phishinglist.xip (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\documents and settings\kévin\application data\smart-shopper\cs\dwld\whitelist.xip (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\documents and settings\kévin\application data\smart-shopper\cseport\aggr_storage.xml (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\documents and settings\kévin\application data\smart-shopper\cseport\send_storage.xml (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\documents and settings\kévin\application data\smart-shopper\cses1\whitelist.dbs (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\documents and settings\Sylvie\application data\smart-shopper\cs\Config.xml (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\documents and settings\Sylvie\application data\smart-shopper\cs\db\Aliases.dbs (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\documents and settings\Sylvie\application data\smart-shopper\cs\db\Sites.dbs (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\documents and settings\Sylvie\application data\smart-shopper\cs\dwld\phishinglist.xip (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\documents and settings\Sylvie\application data\smart-shopper\cs\dwld\whitelist.xip (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\documents and settings\Sylvie\application data\smart-shopper\cseport\aggr_storage.xml (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\documents and settings\Sylvie\application data\smart-shopper\cseport\send_storage.xml (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\documents and settings\Sylvie\application data\smart-shopper\cses1\whitelist.dbs (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\config\systemprofile\application data\smart-shopper\cs\Config.xml (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\config\systemprofile\application data\smart-shopper\cs\db\Aliases.dbs (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\config\systemprofile\application data\smart-shopper\cseport\aggr_storage.xml (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\config\systemprofile\application data\smart-shopper\cseport\send_storage.xml (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\program files\smart-shopper\Uninst.exe (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\program files\smart-shopper\cs\antiphishing\antiphishing.html (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\program files\smart-shopper\cs\antiphishing\phishalert.gif (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\program files\smart-shopper\cs\antiphishing\x.gif (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\program files\smart-shopper\cs\antiphishing\xActive.gif (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\CONFIG\s-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini (Backdoor.IRCBot) -> Quarantined and deleted successfully.

Utilisateur anonyme · Answer

redemarre ton pc,

relance MBAM, vide sa quarantaine seulement ,


relance zhpdiag, 


* Clique sur l'icône représentant une loupe (« Lancer le diagnostic ») 
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette 
* Héberge le rapport ZHPDiag.txt sur Cijoint, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum :
http://www.cijoint.fr/
ou :
http://dl.free.fr
ou :
http://ww38.toofiles.com/fr/documents-upload.html
ou : 
https://www.terafiles.net/

Utilisateur anonyme · Answer

* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette 
* Héberge le rapport ZHPDiag.txt sur Cijoint, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum : 
http://www.cijoint.fr/ 
ou : 
http://dl.free.fr 
ou : 
http://ww38.toofiles.com/fr/documents-upload.html 
ou : 
https://www.terafiles.net/

Deep_alone · Answer

Voili voilou le lien :D

http://www.cijoint.fr/cjlink.php?file=cj201111/ciju8n9SmU.txt

Utilisateur anonyme · Answer

tu as 446 Mo de ram, insuffisant pour faire fonctionner ton pc correctement !


tu as également symentec, MAcafric et avast sur ton pc :

turisques d'avoir un confli logciel et plantage, donc 2 antivirus à désinstaller !





*	Lance ZHPFix (soit via le raccourci sur ton Bureau, soit via ZHPDiag en cliquant sur l'écusson vert) 

*	Clique sur l'icone représentant la lettre H (« coller les lignes Helper ») 
Copie et colle les lignes suivantes en gras dans Zhpfix : 

---------------------------------------------------------- 


M3 - MFPP: Plugins - [Sylvie] -- C:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\gwjim7as.default\searchplugins\Yoog Search.xml    
M3 - MFPP: Plugins - [Sylvie] -- C:\Program Files\Mozilla FireFox\searchplugins\lost.xml    
O20 - Winlogon Notify: nnnljkLc . (...) -- nnnljkLc.dll    
O42 - Logiciel: Contextual Tool Adzgalore - (.Pas de propriÃ©taire.) [HKLM] -- 89da7df1-32de-2ef4-381b-80681c3621bd   
O42 - Logiciel: Contextual Tool Adzgalore - (.Pas de propriÃ©taire.) [HKLM] -- cont_adzgalore   
O42 - Logiciel: Favorit (eiqai) - (.Pas de propriÃ©taire.) [HKLM] -- eiqai   
[HKCU\Software\FREEzeFrog]  
[HKCU\Software\LanConfig]    
[HKLM\Software\InstUf]    
[HKLM\Software\Totem]    
O43 - CFD: 03/11/2010 - 16:15:12 - [0] ----D- C:\Program Files\Fichiers Communs\ErreurChasseur    => Infection Rogue (Rogue.ErreurChasseur)
O43 - CFD: 03/11/2007 - 20:26:44 - [1833472] ----D- C:\Program Files\Fichiers Communs\Totem Shared    
O59 - HSMI:Heuristic Search MagicControl Infection - (...) -- C:\WINDOWS\system32\lbtdthqek_nav.dat  
O59 - HSMI:Heuristic Search MagicControl Infection - (...) -- C:\WINDOWS\system32\lbtdthqek_navps.dat   
O59 - HSMI:Heuristic Search MagicControl Infection - (...) -- C:\WINDOWS\system32\zbwuaz_nav.dat    
O59 - HSMI:Heuristic Search MagicControl Infection - (...) -- C:\WINDOWS\system32\zbwuaz_navps.dat    
O59 - HSMI:Heuristic Search MagicControl Infection - C:\WINDOWS\pack.epk    
O69 - SBI: C:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\gwjim7as.default\searchplugins\Yoog Search.xml    
O69 - SBI: prefs.js [Sylvie - gwjim7as.default] user_pref("browser.search.defaultenginename", "Yoog Search");    
O69 - SBI: prefs.js [Sylvie - gwjim7as.default] user_pref("browser.search.selectedEngine", "Yoog Search");    
O69 - SBI: SearchScopes [HKCU] {11EACB2C-2BEE-42EC-A17E-DE65BB6A9DC4} - (My Web Search) - http://www.mywebsearch.com    
[HKLM\Software\Classes\TypeLib\{090ACFA1-1580-11D1-8AC0-00C0F00910F9}]   =>Adware.AdRotator    
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1648E328-3E5A-4EA5-A9C6-E5F09EE272DA}]   =>Adware.AdRotator   
[HKLM\Software\Classes\Interface\{b0d071a1-36b3-4757-a126-14c89c56013a}]   =>PUP.Eorezo    
[HKLM\Software\Classes\Interface\{B2B92BC9-E149-4EE8-A93E-0B8CFB329808}]   =>Adware.SmartShopper   
[HKLM\Software\Classes\TypeLib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}]   =>PUP.Eorezo   
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DDFA1356-E6ED-42a5-9D62-93211D424A90}]   =>Adware.AdRotator    
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine]   =>Toolbar.Conduit    => 
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\cont_adzgalore]   =>Adware.AdRotator    => 
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ShopperReportsSA]   =>Adware.ClickPotato    => 
[HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\62119ef862c6b3a0d853419b87eb3e2f6c78640a]   =>Adware.Navipromo    => 
[HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\7ee743314c844c7f445b8b1d7617612df1fdd50f]   =>Adware.Navipromo    => 
[HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\E6A6A4A475FCE37F8B5AC2F1244DEB2BFCA5615A]   =>Adware.Navipromo    => 
[HKLM\Software\Classes\eorezobho.eobho]   =>PUP.Eorezo    => 
[HKLM\Software\Classes\eorezobho.eobho.1]   =>PUP.Eorezo    => 
[HKLM\Software\Classes\Toolbar.CT2786678]   =>Toolbar.Agent    => 
[HKLM\Software\Classes\Interface\{83b2fe06-ba20-4f7d-96c6-6fc3a4e877d3}]   =>Adware.SmartShopper    => 
[HKLM\Software\Classes\Interface\{b32966a2-f7c2-4362-a6cf-399ec8b44110}]   =>Adware.SmartShopper    => 
[HKLM\Software\Classes\Interface\{f8b4ec8a-2407-4be0-aee2-0f430d65a90d}]   =>Adware.ClickPotato    => 
[HKCU\Software\Microsoft\Quax]   =>Adware.Cpmsky    => 
[HKCU\Software\FREEzeFrog]   =>Adware.FreezeFrog    => 
[HKLM\Software\InstUf]   =>Adware.VirtualGirl    => 
[HKCU\Software\LanConfig]   =>Adware.Navipromo    => 
[HKLM\Software\Totem]   =>Adware.VirtualGirl    => 
C:\Documents and Settings\Sylvie\Application Data\Mozilla\Firefox\Profiles\gwjim7as.default\SearchPlugins\Yoog Search.xml   =>Adware.Yoog    => 



Emptytemp






---------------------------------------------------------- 
 
- Clique sur le bouton « GO » pour lancer le nettoyage,
- Copie/colle la totalité du rapport dans ta prochaine réponse
Tuto :

http://www.premiumorange.com/zeb-help-process/zhpfix.html

Utilisateur anonyme · Answer

tu as mis un mot de passe pour le rapport, dont je n'ai pas pu le voir !


héberge le rapport ici :

https://www.cjoint.com/

Utilisateur anonyme · Answer

comment se comporte le pc?

est ec qu'il fonctionne correctement ?

Utilisateur anonyme · Answer

il faut investire dans la berettes de mémoire  :D

relance MBAM, vide sa quarantaine,


refais une j=nouvelle mise à jour et lance un nouveau scan complet, s'il trouve encore des choses, mets tout en quarantaine, poste son rapport  :D

Utilisateur anonyme · Answer

super,

comme va le pc? 
est ce qu'il fonctionne bien  ?

Utilisateur anonyme · Answer

80 € pour lancer un formatage ou une réparation du système !

est ce qu'il y a du matériel endommagé à remplacer ?

s'il ne faut que le reformatage ou réparation du système, ce n'est pas sorcier :

tu lances le cd ou DVD de windows et tu réparer le système !



à voir ce qu'il a marqué sur son devis et voir également s'il prevoit de remplacer des pièces, si oui, les quelles ?




	/!\ Attention : 
de plus en plus de programmes propose l'installation des barres d'outils (Toolbars, case précochée), donc n'oublie pas de décocher la/les cases correspondantes pendant l'installation.




* pour supprimer les outils de désinfection 
: 
Télecharge Delfix sur ton bureau : 

https://www.commentcamarche.net/telecharger/securite/7111-delfix/ 

*Clique sur le bouton «  Suppression » et poste son rapport sur ton prochain message 
**Pour le désinstaller, il suffit de le relancer et cliquer sur le bouton de désinstallation. 
	
	
  
. télécharges Ccleaner à partir de cette adresse et enregistres le sur le bureau 

https://www.commentcamarche.net/telecharger/utilitaires/5647-ccleaner/  

.double-cliques sur le fichier pour lancer l'installation 

/!\ regarde bien qu'au moment d'installation, on ne t'installe pas les barres d'outils, si c'est le cas, décoche la case correspondante ! 
 

.sur la fenêtre de l'installation langage bien choisir français et OK  
.cliques sur suivant  
.lis la licence et j'accepte  
.cliques sur suivant  
.la tu ne gardes de coché que mettre un raccourci sur le bureau et puis contrôler automatiquement les mises à jour de Ccleaner  
.cliques sur installer  
.cliques sur fermer  
.double-cliques sur l'icône de Ccleaner pour l'ouvrir  
.une fois ouvert tu cliques sur option et puis avancé  
.tu décoches effacer uniquement les fichiers, du dossier temp de windows plus vieux que 24 heures  
.cliques sur nettoyeur  
.cliques sur windows et dans la colonne avancé  
.coches la première case vieilles données du perfetch que celle-la ce qui te donnes la case vielles données du perfetch et la case avancé qui c'est coché automatiquement mais que celle-la  
.cliques sur analyse une fois l'analyse terminé  
.cliques sur lancer le nettoyage et sur la demande de confirmation OK il vas falloir que tu le refasses une autre fois une fois fini vériffis en appuiant de nouveau sur analyse pour être sur qu'il n'y est plus rien  
.cliques maintenant sur registre et puis sur rechercher les erreurs  
.laisses tout cochées et cliques sur réparrer les erreurs sélectionnées  
.il te demande de sauvegarder OUI  
.tu lui donnes un nom pour pouvoir la retrouver et enregistre  
.cliques sur corriger toutes les erreurs sélectionnées et sur la demande de confirmation OK  
.il supprime et fermer tu vérifies en relançant rechercher les erreurs  
.tu retournes dans option et tu recoches la case effacer uniquement les fichiers, du dossier temp de windows plus vieux que 48 heures et sur nettoyeur, windows sous avancé tu décoches la première case vieilles données du perfetch  
.tu peux fermer Ccleaner 

tuto installation & nettoyage :  
https://www.donnemoilinfo.com/tuto/CCleaner/ 



* Désactivation, puis Réactivation de la restauration système après désinfection :  

Il est nécessaire de désactiver puis réactiver la restauration système pour la purger car les points de restauration peuvent être infectés : 

Pour XP :
 https://www.commentcamarche.net/faq/5097-virus-system-volume-information



* fais une mise à jour de ton antivirus, lance un scan complet de ton pc, tiens moi au courant du résultat :-)

Diagnostique possibilité virus.

19 réponses

Discussions similaires