Sujet Précédent Sujet Suivant

Fbdownloader search

eyores Messages postés 77 Statut Membre -  
 Utilisateur anonyme -
Bonjour,



J'ai un virus fbdowloader search qui me pourrit la vie de mon ordinateur; comment fiare pour m'en débarasser ?

merci de l'aider.
A voir également:

85 réponses

Précédent
Réponse 21 / 85
Utilisateur anonyme
 
il n'y a pas de problème, ce que tu ne lis pas ce que je te demande de faire !!!

Zhpfix n'est pas Zhpdiag !

https://forums.commentcamarche.net/forum/affich-27406172-fbdownloader-search#14
0
Réponse 22 / 85
eyores Messages postés 77 Statut Membre
 
Mais dans Zfix, vous me dites d'appuyer sur go mais je ne vois pas le bouton go ni même un bouton nettoyage.

Voilà ce que j'ai comme interface :

[URL=http://www.hostingpics.net/viewer.php?id=232724zhpfix.jpg][IMG]http://img11.hostingpics.net/pics/232724zhpfix.jpg[/IMG][/URL]
0
Réponse 23 / 85
Utilisateur anonyme
 
Si tu ne trouves pas le bouton GO, clique sur l'icone représentant le presse-papier (L'icone entre l'appareil photo et le parchemin, en haut à droite de la page d'outil)
0
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
salut,
en haut à gauche ^^
0
Réponse 24 / 85
eyores Messages postés 77 Statut Membre
 
Merci. :)
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 85
Utilisateur anonyme
 
ok,

lance zhpfix avec ce qui se suis :

https://forums.commentcamarche.net/forum/affich-27406172-fbdownloader-search?full#9
0
Réponse 26 / 85
eyores Messages postés 77 Statut Membre
 
fb downloader search est toujours là. HELP.
0
Réponse 27 / 85
Utilisateur anonyme
 
il ne va pas disparaitre si tu ne lances pas ceci :

https://forums.commentcamarche.net/forum/affich-27406172-fbdownloader-search?full#9

à toi de voir !

0
Réponse 28 / 85
eyores Messages postés 77 Statut Membre
 
voici le rapport vendredi 12 avril . Merci.

R0 - HKCU\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main,Start Page = http://seeearch.com
[MD5.00000000000000000000000000000000] [APT] [{797C6753-C5AD-44D4-A377-2A2C74A76EF5}] (...) -- C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\uninstbb.exe (.not file.) [0]
[HKCU\Software\AppDataLow\Software\mediabarbs]
[HKCU\Software\BearShare]
[HKCU\Software\DM]
[HKCU\Software\Protector]
[HKCU\Software\Smart PC Cleaner]
[HKCU\Software\SweetIM]
[HKLM\Software\IB Updater]
[HKLM\Software\WNLT]
O43 - CFD: 28/01/2012 - 20:13:26 - [0] ----D C:\Program Files (x86)\BearShare Applications
O43 - CFD: 23/10/2012 - 16:56:37 - [23,480] ----D C:\Program Files (x86)\Smart PC Cleaner
[MD5.08EFEA8B46935AAA890AD1600B3510A8] [SPRF][07/02/2013] (...) -- C:\ProgramData\1360244169.692.bin [104017]
[MD5.2D3F145B357E282F01ED3B1DD0CD21E1] [SPRF][20/03/2013] (...) -- C:\Users\Lucie\AppData\Local\Temp\SHSetup.exe [45937744]
O87 - FAEL: "{E69A6B27-AF6A-4794-9BA6-E32EE54BD28F}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.)
O87 - FAEL: "{B95E3DA8-7DB7-437C-9CD2-79183B075982}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.)
[HKCU\Software\DM] => Infection PUP (PUP.BearShare)
[HKCU\Software\Smart PC Cleaner] => Infection Rogue (Rogue.SmartPCCleaner)
[HKCU\Software\SweetIM]
[HKLM\Software\WNLT]
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32]
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS]
[HKLM\Software\Wow6432Node\Microsoft\Tracing\offerbox_RASAPI32]
[HKLM\Software\Wow6432Node\Microsoft\Tracing\offerbox_RASMANCS]
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASAPI32]
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASMANCS]
[HKCU\Software\Protector]
C:\Program Files (x86)\BearShare Applications
O2 - BHO: ToolKit IE Helper [64Bits] - {70EA269E-56DF-49C2-86B2-1A1924ED88B4} . (...) -- C:\Program Files (x86)\ToolKitService\splash.dll (.not file.)
[HKLM\Software\Wow6432Node\InstallIQ] [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{70EA269E-56DF-49C2-86B2-1A1924ED88B4}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{70EA269E-56DF-49C2-86B2-1A1924ED88B4}]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{70EA269E-56DF-49C2-86B2-1A1924ED88B4}]
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\HssSrv]
[HKLM\Software\Wow6432Node\InstallIQ] [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5]
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
[MD5.00000000000000000000000000000000] [APT] [{1622020D-6DF9-4454-A87B-30916DF9E762}] (...) -- D:\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{2BC47C32-6D9A-462E-8B92-8F61B890AA5F}] (...) -- D:\SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{42390C61-BFCE-4BAE-8136-BAAAB12E7646}] (...) -- D:\SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{543B6D7E-9CCC-4198-AE70-0D20577DA5A2}] (...) -- D:\SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{7452D48C-41FB-440E-B62B-D8C1A5D3612B}] (...) -- D:\SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{DB094F0B-F10B-4F1E-A325-FF998B993F37}] (...) -- D:\SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{3E72E67C-E4F2-43D4-B5ED-985FFD76A8DD}] (...) -- C:\Program Files (x86)\Norton Bootable Recovery Tool Wizard\Engine\4.1.0.15\Gear\GEARDIFx.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{6D5C12DE-093E-4941-8457-D6A6D02E48EF}] (...) -- C:\Users\Lucie\Downloads\qc848enu (1).exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{7BD158E1-176C-4737-8EEB-9B4714125735}] (...) -- C:\Users\Lucie\Downloads\cursiv.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{8C19275B-2B7F-44C7-A68C-C86751B19E9C}] (...) -- C:\Users\Lucie\Downloads\RegCleaner.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B7B33A06-238E-49CF-92A5-E1E041F6B176}] (...) -- C:\Program Files (x86)\InstallShield Installation Information\{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{D81BA444-33F5-4849-9F16-2E00BC9BF428}] (...) -- C:\Users\Lucie\Downloads\LeTarotInstallation_Win(2).exe (.not file.) [0]
O43 - CFD: 31/01/2013 - 13:25:23 - [13,817] ----D C:\Program Files (x86)\Spybot - Search & Destroy
O43 - CFD: 31/01/2013 - 15:43:21 - [1,294] ----D C:\Program Files (x86)\Spybot - Search & Destroy 2
O43 - CFD: 31/01/2013 - 15:34:14 - [1,490] ----D C:\ProgramData\Spybot - Search & Destroy
OPT:O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
Emptytemp
EmptyClsid
Firewallraz
0
Réponse 29 / 85
Utilisateur anonyme
 
fais la même chose, mais dans la fenêtre de Zhpfix :D

https://forums.commentcamarche.net/forum/affich-27406172-fbdownloader-search?full#9
0
Réponse 30 / 85
eyores Messages postés 77 Statut Membre
 
Voici le rapport De Zhpfix : D

Rapport de ZHPDiag v2013.4.3.12 par Nicolas Coolman, Update du 03/04/2013
Run by Lucie at 24/04/2013 18:13:51
State : Nouvelle version disponible
High Elevated Privileges : OK
UAC : Deactivate by user

---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 20.0.1 v20.0.1 (Defaut)

---\\ Windows Product Information
~ Langage: Français
Windows Vista Home Premium Edition, 64-bit (Build 6000)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7QJB7
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK

---\\ System Information
~ Processor: AMD64 Family 16 Model 6 Stepping 3, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1786 MB (25% free)
System Restore: Activé (Enable)
System drive C: has 154 GB (70%) free of 219 GB

---\\ Logged in mode
~ Computer Name: LUCIEPC
~ User Name: Lucie
~ All Users Names: Lucie, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Lucie\AppData\Roaming\
~ %Desktop% : C:\Users\Lucie\Desktop\
~ %Favorites% : C:\Users\Lucie\Favorites\
~ %LocalAppData% : C:\Users\Lucie\AppData\Local\
~ %StartMenu% : C:\Users\Lucie\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 154 Go of 219 Go)
D:\ CD-ROM drive (Not Inserted)

---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: Scanned in 00mn 00s

---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.A4F6142CABA82FB7293ECE5FF864B440] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/02/2013 - 07:20:51.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s

---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/344
~ Mes musiques (My Musics) : 17/542
~ Mes Videos (My Videos) : 1/7
~ Mes Favoris (My Favorites) : 1/15
~ Mes Documents (My Documents) : 6/170
~ Mon Bureau (My Desktop) : 10/2152
~ Menu demarrer (Programs) : 1/40
~ Hidden Files: Scanned in 00mn 02s

---\\ Processus lancés
[MD5.75102FC486595CF486DFD7239BE30DD5] - (.Pas de propriétaire - DefaultSettingEXE MFC Application.) -- C:\Windows\PLFSetI.exe [206208] [PID.3208]
[MD5.B54921381A950C8215FB363B485C432B] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [270336] [PID.3704]
[MD5.21293443961A4E2597453EE7A9347F22] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe [54840] [PID.3996]
[MD5.A7810B302294793DE88542AAE177D1B1] - (.ArcSoft Inc. - ArcSoft Connect Daemon.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424] [PID.4024]
[MD5.6AFD3970A41F48306874DB23991A4955] - (.Wireless Service - ANIWZCS2 launcher for Windows..) -- C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe [49152] [PID.4072]
[MD5.D8EBCE395ECA465ACBAADDA3640B16F7] - (.One.com - OnecomCloudDrive.) -- C:\Program Files (x86)\OnecomCloudDrive\Dlls\OnecomCloudDrive.exe [9725864] [PID.2344]
[MD5.3D5D73B3E89A2AEA63C5A1164BCCD228] - (.D-Link - D-Link Wireless LAN Monitor.) -- C:\Program Files (x86)\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe [1662976] [PID.3120]
[MD5.8E2A7F1F62467A7DCB8AB2C0642F47CA] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.3164]
[MD5.F16EEA6CCA9D8A7D1193AE80E43FBBC7] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe [168960] [PID.4460]
[MD5.8A9FACCB684500829F7D0BCC67B386CC] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe [559104] [PID.4500]
[MD5.883008A9B5BFF94A153D99DBA54CB5C1] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe [362496] [PID.4560]
[MD5.6F5386A655598F71BAAB2D6B63A69D6A] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [920472] [PID.3564]
[MD5.E47FFCA0909871AC1BFF0D446FF63CA9] - (.Kaspersky Lab ZAO - Kaspersky Security Scan.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202296] [PID.6124]
[MD5.C35DA74B42B017D19CBB02863DCAC6E7] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [6440960] [PID.5604]
[MD5.ADC420616C501B45D26C0FD3EF1E54E4] - (.ArcSoft Inc. - ArcSoft Connect Service.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152] [PID.2028]
[MD5.4FE5C6D40664AE07BE5105874357D2ED] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [57008] [PID.1444]
[MD5.3C8B6609712F4FF78E521F6DCFC4032B] - (.Creative Technology Ltd - Creative Service for CDROM Access.) -- C:\Windows\SysWOW64\CTsvcCDA.exe [44032] [PID.1680]
[MD5.0191DEE9B9EB7902AF2CF4F67301095D] - (.Acer Incorporated - Global Registration Service.) -- C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [23584] [PID.1688]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.2092]
[MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.exe [322120] [PID.2244]
[MD5.F9EC9ACD504D823D9B9CA98A4F8D3CA2] - (.Acer Group - Updater Service.) -- C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [243232] [PID.2496]
[MD5.5DAF7081A4BB112FA3F1915819330A3E] - (...) -- C:\Program Files (x86)\ZHPDiag\pv.exe [61440] [PID.0]
~ Processes Running: Scanned in 00mn 01s

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Google Browser: Scanned in 00mn 00s

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Lucie\AppData\Roaming\Mozilla\Firefox\Profiles\tz5w5qss.default-1363721027281\prefs.js
C:\Users\Lucie\AppData\Roaming\Mozilla\Firefox\Profiles\tz5w5qss.default-1363721027281\user.js
M3 - MFPP: Plugins - [Lucie] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Lucie] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\babylon.xml =>Toolbar.Babylon
M3 - MFPP: Plugins - [Lucie] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Lucie] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Lucie] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Lucie] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Lucie] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Lucie] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.3.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.21.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.21.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.21.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20125.0.) -- c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.2] - (.VideoLAN - VLC media player Web Plugin 2.0.2.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll
P2 - FPN: [HKCU] [amazon.com/AmazonMP3DownloaderPlugin] - (.Amazon.com, Inc. - Amazon MP3 Downloader Plugin 1.0.17.) -- C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll
~ Firefox Browser: Scanned in 00mn 00s

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.b1.org
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\SOFTWARE\Policies\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main,Start Page = http://ww10.seeearch.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.b1.org
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://search.safefinder.com/?q= =>Hijacker.SmartBar
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: Scanned in 00mn 00s

---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;localhost
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 26

---\\ Browser Helper Objects de navigateur (O2)
~ BHO: 6 Legitimates Scanned in 00mn 00s

---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{ae07101b-46d4-4a98-af68-0333ea26e113} Clé orpheline
~ Toolbar: Scanned in 00mn 00s

---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [PLFSetI] . (.Pas de propriétaire - DefaultSettingEXE MFC Application.) -- C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [Acer ePower Management] . (.Acer Incorporated - ePowerTray.) -- C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe
O4 - HKLM\..\Run: [Bdagent] . (.Bitdefender - Bitdefender Agent.) -- C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
O4 - HKCU\..\Run: [One.com] . (...) -- C:\Program Files (x86)\OnecomCloudDrive\Dlls\AppLauncher.exe
O4 - HKCU\..\Run: [SCheck] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\Lucie\AppData\Roaming\SCheck\SCheck.exe
O4 - HKCU\..\Run: [SSync] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\Lucie\AppData\Roaming\SSync\SSync.exe
O4 - HKCU\..\Run: [Wallpaper Changer] . (.Pas de propriétaire - Wallpaper Changer.) -- C:\Program Files (x86)\Wallpaper Changer\Wallpaper Changer.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [FreeCall] C:\Program Files (x86)\FreeCall.com\FreeCall\FreeCall.exe (.not file.)
O4 - HKCU\..\Run: [Bubble Dock] C:\Users\Lucie\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe (.not file.)
O4 - HKCU\..\Run: [KSS] . (.Kaspersky Lab ZAO - Kaspersky Security Scan.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Wow6432Node\Run: [hpqSRMon] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Wow6432Node\Run: [ArcSoft Connection Service] . (.ArcSoft Inc. - ArcSoft Connect Daemon.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [ANIWZCS2Service] . (.Wireless Service - ANIWZCS2 launcher for Windows..) -- C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Wow6432Node\Run: [D-Link D-Link Wireless G DWA-110] . (.D-Link - D-Link Wireless LAN Monitor.) -- C:\Program Files (x86)\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-23088844-1148055684-1297641894-1000\..\Run: [One.com] . (...) -- C:\Program Files (x86)\OnecomCloudDrive\Dlls\AppLauncher.exe
O4 - HKUS\S-1-5-21-23088844-1148055684-1297641894-1000\..\Run: [SCheck] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\Lucie\AppData\Roaming\SCheck\SCheck.exe
O4 - HKUS\S-1-5-21-23088844-1148055684-1297641894-1000\..\Run: [SSync] . (.Pas de propriétaire - Lua Launcher.) -- C:\Users\Lucie\AppData\Roaming\SSync\SSync.exe
O4 - HKUS\S-1-5-21-23088844-1148055684-1297641894-1000\..\Run: [Wallpaper Changer] . (.Pas de propriétaire - Wallpaper Changer.) -- C:\Program Files (x86)\Wallpaper Changer\Wallpaper Changer.exe
O4 - HKUS\S-1-5-21-23088844-1148055684-1297641894-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-23088844-1148055684-1297641894-1000\..\Run: [FreeCall] C:\Program Files (x86)\FreeCall.com\FreeCall\FreeCall.exe (.not file.)
O4 - HKUS\S-1-5-21-23088844-1148055684-1297641894-1000\..\Run: [Bubble Dock] C:\Users\Lucie\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe (.not file.)
O4 - HKUS\S-1-5-21-23088844-1148055684-1297641894-1000\..\Run: [KSS] . (.Kaspersky Lab ZAO - Kaspersky Security Scan.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
~ Application: Scanned in 00mn 00s

---\\ Autres liens utilisateurs (O4)
O4 - GS\TaskBar: Google Chrome.lnk . (...) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (.not file.)
O4 - GS\TaskBar: iChrono.lnk . (...) -- C:\Users\Lucie\AppData\Local\Temp\Rar$EXa0.791\iChrono.exe (.not file.)
O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\TaskBar: PhotoFiltre (2).lnk . (.Antonio Da Cruz - PhotoFiltre.) -- C:\Program Files (x86)\PhotoFiltre\PhotoFiltre.exe
O4 - GS\TaskBar: PhotoFiltre.lnk . (.Antonio Da Cruz - PhotoFiltre.) -- C:\Program Files (x86)\PhotoFiltre\PhotoFiltre.exe
O4 - GS\TaskBar: Update Checker.lnk . (.FileHippo.com - FileHippo.com Update Checker.) -- C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
O4 - GS\Programs: eBay - Achetez et vendez vos objets neufs ou d'occasion.lnk . (...) -- C:\Users\Lucie\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.)
O4 - GS\Programs: Google - Historique Web.lnk . (...) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (.not file.)
O4 - GS\Programs: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Programs: Update Checker.lnk . (.FileHippo.com - FileHippo.com Update Checker.) -- C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
O4 - GS\QuickLaunch: FreeFileViewer.lnk . (.Bitberry Software - Free File Viewer.) -- C:\Program Files (x86)\FreeFileViewer\FreeFileViewer.exe
O4 - GS\QuickLaunch: KompoZer.lnk . (.Mozilla Foundation - KompoZer.) -- C:\Program Files (x86)\KompoZer\kompozer.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
O4 - GS\QuickLaunch: MediaHuman YouTube to MP3 Converter.lnk . (...) -- C:\Program Files (x86)\MediaHuman\YouTube to MP3 Converter\YouTubeToMp3.exe
O4 - GS\QuickLaunch: monAlbumPhoto.lnk . (.monAlbumPhoto - monAlbumPhoto.) -- C:\Program Files (x86)\monAlbumPhoto\monAlbumphoto.exe
O4 - GS\QuickLaunch: WampServer.lnk . (.Aestan Software - Aestan Tray Menu.) -- C:\wamp\wampmanager.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\Windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
O4 - GS\Desktop: bureau.lnk . (...) -- C:\Users\Lucie\Desktop
O4 - GS\Desktop: introduction site.doc - Raccourci.lnk . (...) -- C:\Users\Lucie\Desktop\introduction site.doc (.not file.)
O4 - GS\Desktop: Kaspersky Security Scan.lnk . (.Kaspersky Lab ZAO - Kaspersky Security Scan.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
O4 - GS\Desktop: Notepad++.lnk . (.Don HO don.h@free.fr - Notepad++ : a free (GNU) source code editor.) -- C:\Program Files (x86)\Notepad++\notepad++.exe
O4 - GS\Desktop: photos.doc - Raccourci.lnk . (...) -- C:\Users\Lucie\Desktop\photos\photos.doc (.not file.)
O4 - GS\Desktop: WampServer.lnk . (.Aestan Software - Aestan Tray Menu.) -- C:\wamp\wampmanager.exe
~ Global Startup: Scanned in 00mn 00s

---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
~ IE Control Panel: 1 Legitimates Scanned in 00mn 00s

---\\ Winsock hijacker (Layered Service Provider) (O10)
~ Winsock: 6 Legitimates Scanned in 00mn 00s

---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A6CDA8FD-D233-4BB4-83F3-EFC2298E86A1}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{CF4F34D2-30A4-45D5-9250-18B28DDB1822}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{A6CDA8FD-D233-4BB4-83F3-EFC2298E86A1}: DhcpDomain = netgear.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{CF4F34D2-30A4-45D5-9250-18B28DDB1822}: DhcpDomain = netgear.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{A6CDA8FD-D233-4BB4-83F3-EFC2298E86A1}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{CF4F34D2-30A4-45D5-9250-18B28DDB1822}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A6CDA8FD-D233-4BB4-83F3-EFC2298E86A1}: DhcpDomain = netgear.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{CF4F34D2-30A4-45D5-9250-18B28DDB1822}: DhcpDomain = netgear.com
O17 - HKLM\System\CS2\Services\Tcpip\..\{A6CDA8FD-D233-4BB4-83F3-EFC2298E86A1}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{CF4F34D2-30A4-45D5-9250-18B28DDB1822}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{A6CDA8FD-D233-4BB4-83F3-EFC2298E86A1}: DhcpDomain = netgear.com
O17 - HKLM\System\CS2\Services\Tcpip\..\{CF4F34D2-30A4-45D5-9250-18B28DDB1822}: DhcpDomain = netgear.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
~ Domain: Scanned in 00mn 00s

---\\ Protocole additionnel (O18)
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (...) --
O18 - Filter: text/xml [64Bits] - {807553E5-5146-11D5-A672-00B0D022E945} . (...) --
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
~ SSODL: 1 Legitimates Scanned in 00mn 00s

---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Creative Service for CDROM Access (Creative Service for CDROM Access) . (.Creative Technology Ltd - Creative Service for CDROM Access.) - C:\Windows\SysWOW64\CTsvcCDA.exe
O23 - Service: (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
~ Services: 13 Legitimates Scanned in 00mn 39s

---\\ Enumération Active Desktop & MHTML Editor (O24)
~ Desktop Component: 1 Legitimates Scanned in 00mn 00s

---\\ BootExecute (O34)
~ BEX: 1 Legitimates Scanned in 00mn 00s

---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FreeFileViewerUpdateChecker.job [402]
[MD5.AD1D6D9736F109DBDBA254C0C74FA554] [APT] [FreeFileViewerUpdateChecker] (.Bitberry Software.) -- C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe [1545592]
[MD5.00000000000000000000000000000000] [APT] [GoforFilesUpdate] (...) -- C:\Program Files (x86)\GoforFiles\GFFUpdater.exe (.not file.) [0]
[MD5.CEC66E3CA216A4783C6FC54B4FE36DBD] [APT] [ProgramRefresh-ATFST] (...) -- C:\Program Files (x86)\File Type Assistant\tsasetup.exe [1492080]
[MD5.16B895A88ABDAF5E30D8BAFA9F43AEDF] [APT] [Reimage Reminder] (.Reimage ltd..) -- C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe [4303200]
[MD5.75AB64C53A0C6E64261940EA4440E67C] [APT] [Reimage ScanAgent] (.Reimage®.) -- C:\Program Files\Reimage\Reimage Repair\Rei_ScanAgent.exe [6904320]
[MD5.D72D08898E2BA14B8FD6E9533C714385] [APT] [{13122369-CF5D-468E-A255-7F96D95AE472}] (.FileHippo.com.) -- C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [307712]
[MD5.3D5D73B3E89A2AEA63C5A1164BCCD228] [APT] [{2CC92DD1-0816-4E44-A7B7-133420E23597}] (.D-Link.) -- C:\Program Files (x86)\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe [1662976]
[MD5.00000000000000000000000000000000] [APT] [{3AE636C1-E28B-4E51-95CA-D44EB0EB09B1}] (...) -- C:\Program Files (x86)\Logitech\Video\Launcher.exe (.not file.) [0]
[MD5.0533829C445CDB638690A1E5308EEEC0] [APT] [{428AAFC8-6DA4-4BC5-9220-56BFAF7C8660}] (.ArkMicro.) -- C:\Program Files (x86)\USB 2.0 PC CAMERA\Camera Capture.exe [174592]
[MD5.00000000000000000000000000000000] [APT] [{49126B81-EF9C-45F2-9AE0-358C83D5239A}] (...) -- C:\Program Files (x86)\Logitech\Video\Launcher.exe (.not file.) [0]
[MD5.0533829C445CDB638690A1E5308EEEC0] [APT] [{494B4770-65A1-4B74-9C2E-42D91CBBFB0F}] (.ArkMicro.) -- C:\Program Files (x86)\USB 2.0 PC CAMERA\Camera Capture.exe [174592]
[MD5.00000000000000000000000000000000] [APT] [{51D750FB-553B-4336-B5B1-51D312DE7EE5}] (...) -- C:\Program Files (x86)\Logitech\Video\Launcher.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{679A2E6E-E656-4E5A-B195-025397CAF2E3}] (...) -- C:\Program Files (x86)\Logitech\Video\Launcher.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{67B86D6E-EDA3-4F6B-95F4-5CC41B0C8A9B}] (...) -- C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe (.not file.) [0]
[MD5.3D5D73B3E89A2AEA63C5A1164BCCD228] [APT] [{6B832546-8F64-439E-8640-CECA349010D2}] (.D-Link.) -- C:\Program Files (x86)\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe [1662976]
[MD5.00000000000000000000000000000000] [APT] [{756974C1-EAD2-4C5A-B62B-BB11B5334A60}] (...) -- C:\Program Files (x86)\Logitech\Video\Launcher.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{7F1546F6-D9B7-4975-BE02-7A7D5EA34393}] (...) -- C:\Program Files (x86)\Logitech\Video\Launcher.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{849ADAB2-75A6-4A59-9B56-0BB8F7BF7CDF}] (...) -- C:\Program Files (x86)\Logitech\Video\Launcher.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{8A7998BB-5918-4E12-9656-B766283286DD}] (...) -- C:\Program Files (x86)\Logitech\Video\Launcher.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{93EDA0B8-7DB9-4924-8EAD-078131BE266B}] (...) -- C:\Program Files (x86)\Logitech\Video\Launcher.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A6B11427-27C7-4106-BCC3-FBF8D46E148C}] (...) -- C:\Program Files (x86)\Logitech\Video\Launcher.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B5E9A18F-4CF0-4AB5-A4CA-F02551CCBDDE}] (...) -- C:\Program Files (x86)\Logitech\Video\Launcher.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B5F101CF-A712-4FFB-AE2F-F091F3E7457D}] (...) -- C:\Program Files (x86)\Logitech\Video\Launcher.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B5F480F9-A7E7-4A4F-892D-26101E660292}] (...) -- C:\Program Files (x86)\Logitech\Video\Launcher.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{C0EDE16D-6A5C-46D2-B54A-93BA87054539}] (...) -- C:\Program Files (x86)\Logitech\Video\Launcher.exe (.not file.) [0]
[MD5.854563425495A29FB4B198A6ABEBE06D] [APT] [{D301E6D2-0A98-490A-851B-F28977846BFC}] (.Apple Inc..) -- C:\Program Files (x86)\iTunes\iTunes.exe [9789256]
[MD5.00000000000000000000000000000000] [APT] [{E71E45D2-FC55-46D5-92FE-363FE0927D38}] (...) -- C:\Program Files (x86)\Logitech\Video\Launcher.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{EF675A95-BC48-454D-845D-0B373F28EFEA}] (...) -- C:\Program Files (x86)\Logitech\Video\Launcher.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{EFC36F6E-44C4-427E-A44E-64C75E5161B8}] (...) -- C:\Program Files (x86)\Logitech\Video\Launcher.exe (.not file.) [0]
[MD5.0533829C445CDB638690A1E5308EEEC0] [APT] [{F70625F0-9341-4C2E-A88A-39C18F67B043}] (.ArkMicro.) -- C:\Program Files (x86)\USB 2.0 PC CAMERA\Camera Capture.exe [174592]
~ Scheduled Task: 44 Legitimates Scanned in 00mn 42s

---\\ Composants installés (ActiveSetup Installed Components) (O40)
~ Active Setup: 11 Legitimates Scanned in 00mn 00s

---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (SASDIFSV) . (. - .) - C:\Program Files\SUPERAntiSpyware\SASDIFSV64.sys (.not file.)
~ Drivers: 72 Legitimates Scanned in 00mn 00s

---\\ Logiciels installés (O42)
O42 - Logiciel: ANIWZCS2 Service - (...) [HKLM][64Bits] -- {4C590030-7469-453E-8589-D15DA9D03F52}
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Free File Viewer 2012 - (.Bitberry Software.) [HKLM][64Bits] -- FreeFileViewer_is1
O42 - Logiciel: Java 7 Update 17 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217017FF}
O42 - Logiciel: Java 7 Update 21 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86417021FF}
O42 - Logiciel: Kaspersky Security Scan - (.Kaspersky Lab.) [HKLM][64Bits] -- InstallWIX_{56009CA3-423B-41F8-884A-E5B049534F15}
O42 - Logiciel: Kaspersky Security Scan - (.Kaspersky Lab.) [HKLM][64Bits] -- {56009CA3-423B-41F8-884A-E5B049534F15}
O42 - Logiciel: MediaHuman YouTube to MP3 Converter version 2.6.5 - (...) [HKLM][64Bits] -- MediaHuman YouTube to MP3 Converter_is1
O42 - Logiciel: Mediaplayer Lite v1.0 - (...) [HKLM][64Bits] -- Mediaplayer Lite_is1
O42 - Logiciel: One.com Cloud Drive 0.3.15.31225 - (.one.com, Inc..) [HKCU][64Bits] -- OnecomCloudDrive
O42 - Logiciel: Video Web Camera - (.Suyin Optronics Corp.) [HKLM][64Bits] -- {7760D94E-B1B5-40A0-9AA0-ABF942108755}
O42 - Logiciel: ZENcast Organizer - (...) [HKLM][64Bits] -- ZENcast Organizer
~ Logic: 157 Legitimates Scanned in 00mn 01s

---\\ HKCU & HKLM Software Keys
[HKCU\Software\APN PIP]
[HKCU\Software\Amazon]
[HKCU\Software\BabylonToolbar] =>Toolbar.Babylon
[HKCU\Software\DataMngr] =>PUP.Datamngr
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\E-CONCEPT]
[HKCU\Software\FotoWire]
[HKCU\Software\Free Tarot]
[HKCU\Software\FreeCall]
[HKCU\Software\GoforFiles]
[HKCU\Software\Greatis]
[HKCU\Software\IncrediMail]
[HKCU\Software\KeepVid]
[HKCU\Software\MediaHuman]
[HKCU\Software\Passware]
[HKCU\Software\Protector]
[HKCU\Software\Regrun]
[HKCU\Software\SUPERAntiSpyware.com]
[HKCU\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\Softonic]
[HKCU\Software\Tarobot]
[HKCU\Software\Terravirtual]
[HKCU\Software\VB6Dock]
[HKCU\Software\Wallpaper Changer]
[HKCU\Software\WebTarot]
[HKCU\Software\d57dadbbc68e848]
[HKCU\Software\jZip]
[HKLM\Software\SUPERAntiSpyware.com]
[HKLM\Software\Wow6432Node\Alpha Networks]
[HKLM\Software\Wow6432Node\Amazon]
[HKLM\Software\Wow6432Node\Babylon] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Boonty]
[HKLM\Software\Wow6432Node\CentricDevelopment]
[HKLM\Software\Wow6432Node\Computer Updater]
[HKLM\Software\Wow6432Node\DataMngr] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\DelphineSoft]
[HKLM\Software\Wow6432Node\DotEmu]
[HKLM\Software\Wow6432Node\GoforFiles]
[HKLM\Software\Wow6432Node\Greatis]
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\InstallIQ]
[HKLM\Software\Wow6432Node\OnecomCloudDrive]
[HKLM\Software\Wow6432Node\PIP]
[HKLM\Software\Wow6432Node\Summitsoft]
[HKLM\Software\Wow6432Node\Xpiral]
[HKLM\Software\Wow6432Node\afplanet]
[HKLM\Software\Wow6432Node\d57dadbbc68e848]
~ Key Software: 371 Legitimates Scanned in 00mn 01s

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 19/03/2013 - 22:22:34 - [0] ----D C:\Program Files (x86)\Amaya
O43 - CFD: 20/04/2013 - 01:03:23 - [86,613] ----D C:\Program Files (x86)\Amazon
O43 - CFD: 15/11/2012 - 21:27:49 - [0] ----D C:\Program Files (x86)\AnglaisFacile.com
O43 - CFD: 11/06/2011 - 21:21:17 - [0,071] ----D C:\Program Files (x86)\CHRYOPROD
O43 - CFD: 11/06/2012 - 15:04:32 - [0] ----D C:\Program Files (x86)\eMule
O43 - CFD: 28/02/2013 - 01:57:38 - [51,687] ----D C:\Program Files (x86)\FreeFileViewer
O43 - CFD: 23/02/2013 - 01:06:03 - [5,134] ----D C:\Program Files (x86)\GoforFiles
O43 - CFD: 15/05/2012 - 19:15:36 - [7,811] ----D C:\Program Files (x86)\LeTarot
O43 - CFD: 14/11/2011 - 14:57:07 - [0] ----D C:\Program Files (x86)\LimeWire
O43 - CFD: 25/03/2013 - 21:19:08 - [41,415] ----D C:\Program Files (x86)\MediaHuman
O43 - CFD: 18/08/2011 - 15:25:40 - [3,768] ----D C:\Program Files (x86)\Mediaplayer Lite
O43 - CFD: 10/02/2013 - 01:51:55 - [3,374] ----D C:\Program Files (x86)\Multiupload Batch Uploader
O43 - CFD: 11/02/2013 - 19:50:02 - [49,787] ----D C:\Program Files (x86)\OnecomCloudDrive
O43 - CFD: 22/03/2012 - 20:42:20 - [0,490] ----D C:\Program Files (x86)\Passware
O43 - CFD: 11/06/2012 - 14:00:12 - [12,352] ----D C:\Program Files (x86)\pese_courrier
O43 - CFD: 04/04/2013 - 17:20:50 - [1,053] ----D C:\Program Files (x86)\UnHackMe
O43 - CFD: 01/03/2013 - 15:54:52 - [1,795] ----D C:\Program Files (x86)\Wallpaper Changer
O43 - CFD: 13/05/2012 - 22:56:22 - [0,002] ----D C:\Program Files (x86)\Webtarot
O43 - CFD: 05/09/2012 - 00:36:30 - [0,053] ----D C:\Program Files (x86)\Yawcam
O43 - CFD: 06/04/2013 - 00:14:57 - [0] ----D C:\ProgramData\Babylon =>Toolbar.Babylon
O43 - CFD: 28/02/2013 - 01:56:42 - [2,000] ----D C:\ProgramData\Computer Updater
O43 - CFD: 11/06/2012 - 15:04:32 - [0] ----D C:\ProgramData\eMule
O43 - CFD: 23/02/2013 - 21:03:50 - [0,000] ----D C:\ProgramData\IM
O43 - CFD: 31/12/2012 - 15:58:32 - [0,012] ----D C:\ProgramData\IncrediMail
O43 - CFD: 04/04/2013 - 17:17:43 - [0] ----D C:\ProgramData\RegRun
O43 - CFD: 24/02/2013 - 23:26:41 - [0,004] ----D C:\ProgramData\SUPERAntiSpyware.com
O43 - CFD: 02/11/2011 - 14:42:56 - [0,077] ----D C:\Users\Lucie\AppData\Roaming\aHisoft
O43 - CFD: 03/02/2013 - 02:58:28 - [0,010] ----D C:\Users\Lucie\AppData\Roaming\Amazon
O43 - CFD: 19/04/2013 - 23:04:12 - [0,457] ----D C:\Users\Lucie\AppData\Roaming\B1Toolbar
O43 - CFD: 06/04/2013 - 00:14:56 - [0,009] ----D C:\Users\Lucie\AppData\Roaming\Babylon =>Toolbar.Babylon
O43 - CFD: 29/01/2012 - 00:04:29 - [0,586] ----D C:\Users\Lucie\AppData\Roaming\BitTorrent
O43 - CFD: 06/04/2013 - 00:15:06 - [0,308] ----D C:\Users\Lucie\AppData\Roaming\File Scout
O43 - CFD: 24/03/2013 - 03:14:05 - [0,000] ----D C:\Users\Lucie\AppData\Roaming\FreeFileViewer
O43 - CFD: 23/02/2013 - 01:03:31 - [0,001] ----D C:\Users\Lucie\AppData\Roaming\GoforFiles
O43 - CFD: 14/11/2011 - 14:40:22 - [22,434] ----D C:\Users\Lucie\AppData\Roaming\LimeWire
O43 - CFD: 24/04/2013 - 16:55:17 - [19,422] ----D C:\Users\Lucie\AppData\Roaming\OnecomCloudDrive
O43 - CFD: 25/03/2013 - 21:19:10 - [15,787] ----D C:\Users\Lucie\AppData\Roaming\OpenCandy =>Adware.OpenCandy
O43 - CFD: 06/04/2013 - 00:21:55 - [0] ----D C:\Users\Lucie\AppData\Roaming\PerformerSoft
O43 - CFD: 01/03/2013 - 00:28:09 - [0] ----D C:\Users\Lucie\AppData\Roaming\Summitsoft
O43 - CFD: 24/02/2013 - 23:26:47 - [0] ----D C:\Users\Lucie\AppData\Roaming\SUPERAntiSpyware.com
O43 - CFD: 12/05/2012 - 22:41:49 - [0] ----D C:\Users\Lucie\AppData\Roaming\Webtarot
O43 - CFD: 12/03/2013 - 04:53:11 - [0,179] ----D C:\Users\Lucie\AppData\Local\Amazon
O43 - CFD: 19/04/2013 - 23:04:19 - [0,163] ----D C:\Users\Lucie\AppData\Local\B1E
O43 - CFD: 11/06/2012 - 15:04:32 - [0] ----D C:\Users\Lucie\AppData\Local\eMule
O43 - CFD: 28/02/2013 - 02:11:15 - [0,000] ----D C:\Users\Lucie\AppData\Local\FreeFileViewer
O43 - CFD: 31/03/2012 - 15:26:01 - [0,034] ----D C:\Users\Lucie\AppData\Local\Halite
O43 - CFD: 23/02/2013 - 21:27:22 - [34,998] ----D C:\Users\Lucie\AppData\Local\IM
O43 - CFD: 10/02/2013 - 01:48:39 - [0,001] ----D C:\Users\Lucie\AppData\Local\multiupload
O43 - CFD: 24/02/2013 - 13:04:00 - [0,002] ----D C:\Users\Lucie\AppData\Local\WPFBChanger
O43 - CFD: 20/04/2013 - 01:03:29 - [0,004] ----D C:\Users\Lucie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
O43 - CFD: 24/04/2013 - 17:27:28 - [0,006] ----D C:\Users\Lucie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan
O43 - CFD: 25/01/2013 - 01:20:07 - [0,004] ----D C:\Users\Lucie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\One.com Cloud Drive
~ Program Folder: 299 Legitimates Scanned in 00mn 58s

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.6FFC6A003F13EDB5195307AD8935543F] - 24/04/2013 - 16:50:02 ---A- . (...) -- C:\Windows\Reimage.ini [162]
O44 - LFC:[MD5.17F73AB233C02B0B33BA3483E1AA3231] - 24/04/2013 - 12:53:00 ---A- . (...) -- C:\bdlog.txt [107615]
O44 - LFC:[MD5.D12C5B2652110B0FC9AB360FA589710C] - 19/04/2013 - 22:32:56 ---A- . (...) -- C:\Windows\unins000.dat [81311]
O44 - LFC:[MD5.5D55C33BBBA029002741D7B8958E1543] - 19/04/2013 - 22:32:35 ---A- . (.Pas de propriétaire - Setup/Uninstall.) -- C:\Windows\unins000.exe [1169609]
O44 - LFC:[MD5.7ADB9E41548DEEB9312F397753AFFE3C] - 19/04/2013 - 22:04:21 ---A- . (...) -- C:\chid [47]
O44 - LFC:[MD5.E2EDE3179AC4AEF53CE38FB9FD22FC75] - 13/04/2013 - 16:29:26 ---A- . (...) -- C:\fbook.png [324332]
O44 - LFC:[MD5.8F3385D2F7E9E5C0095B8955BE8F5EC7] - 13/04/2013 - 15:47:02 ---A- . (...) -- C:\google 2.png [209804]
O44 - LFC:[MD5.59B30D2CA80A73C29198AC30DCF5C84F] - 13/04/2013 - 15:45:48 ---A- . (...) -- C:\google analytics.png [19621]
O44 - LFC:[MD5.4B8191BBE5AF162FDBF0FE5B4BA754F2] - 08/04/2013 - 19:40:39 --HA- . (...) -- C:\bdr-cf01 [684]
O44 - LFC:[MD5.8E83A0EAB3AD8599EA4CC21F18564B2D] - 08/04/2013 - 19:40:39 --HA- . (...) -- C:\bdr-ld01 [253404]
O44 - LFC:[MD5.0F6AA65A6E1037C915DD38A8109ACAFE] - 08/04/2013 - 19:40:39 --HA- . (...) -- C:\bdr-ld01.mbr [9216]
O44 - LFC:[MD5.81051BCC2CF1BEDF378224B0A93E2877] - 04/04/2013 - 15:28:03 RSHA- . (...) -- C:\Windows\winstart.bat [2]
O44 - LFC:[MD5.CDD862092CDA309A99D3B04C0A9FF563] - 15/08/2012 - 13:28:18 --HA- . (...) -- C:\bdr-bz01 [2510608]
~ Files: 96 Legitimates Scanned in 00mn 30s

---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - MSOIDSSP.) -- C:\Windows\System32\msoidssp.dll
~ LSA: 9 Legitimates Scanned in 00mn 00s

---\\ Contrôle du Safe Boot (CSB) (O49)
~ CBS: 13 Legitimates Scanned in 00mn 00s

---\\ Trojan Driver Search Data (HKLM) (O52)
~ TDSD: 2 Legitimates Scanned in 00mn 01s

---\\ Microsoft Control Security Providers (O54)
~ MSCP: 2 Legitimates Scanned in 00mn 00s

---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Scanned in 00mn 00s

---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Scanned in 00mn 00s

---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:[MD5.6CCD1135320109D6B219F1A6E04AD9F6] - 14/11/2006 - 10:31:00 ---A- . (.Arcsoft, Inc. - Arcsoft(R) ASPI Shell.) -- C:\Windows\SysWOW64\drivers\afc.sys [22784]
~ Drivers: Scanned in 00mn 00s

---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s

---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 12/09/2011 - C:\Windows\system32\Drivers\toolkitdisk.sys (ToolkitDisk) .(.Toolkit Development, Ltd. - Toolkit Virtual Disk Driver.) - LEGACY_TOOLKITDISK
~ Legacy: 97 Legitimates Scanned in 00mn 04s

---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ Keys: Scanned in 00mn 01s

---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome.DA4ZCVBQJTBOFIP27RN3SIGTGA> <Google Chrome>[HKLM\..\Shell\open\Command] (.Not Key.)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s

---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {006ee092-9658-4fd6-bd8e-a21a348e59f5} [DefaultScope] - (Web Search) - https://search.safefinder.com/?q= =>Hijacker.SmartBar
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Hola Search) - http://www.holasearch.com
~ Keys: Scanned in 00mn 00s

---\\ Recherche des services démarrés par Svchost (O83)
~ Services: 32 Legitimates Scanned in 00mn 03s

---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.1090A8B1D3E2A64082FDE7EC5F04EDE2] [SPRF][07/02/2013] (...) -- C:\ProgramData\1360244169.2224.bin [125997]
[MD5.4C2B01EB34E605819B02AE7FE45E8FA7] [SPRF][07/02/2013] (...) -- C:\ProgramData\1360244169.2228.bin [17155]
[MD5.22E56608CDECDBA5BA4AE7D36E4551BF] [SPRF][07/02/2013] (...) -- C:\ProgramData\1360244169.2244.bin [1090]
[MD5.6DA7A05B5BF040423CAF804B5E678588] [SPRF][07/02/2013] (...) -- C:\ProgramData\1360244169.2260.bin [15334]
[MD5.75C3D37E6819EE23ED52A76E96D7C0B2] [SPRF][07/02/2013] (...) -- C:\ProgramData\1360244169.2264.bin [1090]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][07/02/2013] (...) -- C:\ProgramData\1360244169.2276.bin [0]
[MD5.8E7D8890865DBCEF3DC30E5CB8351CF7] [SPRF][07/02/2013] (...) -- C:\ProgramData\1360244169.2280.bin [7850]
[MD5.7EF9A2D2F3C304FA822BC5A5802FF573] [SPRF][07/02/2013] (...) -- C:\ProgramData\1360244169.2284.bin [272040]
[MD5.D4FD30F13F0042E923CE256D7E17F32C] [SPRF][07/02/2013] (...) -- C:\ProgramData\1360244169.2288.bin [2275]
[MD5.702E1489BDF19343BFA185C26B9F809C] [SPRF][07/02/2013] (...) -- C:\ProgramData\1360244169.2412.bin [19851]
[MD5.A35257C03F648FB34035B669AC1D6C04] [SPRF][07/02/2013] (...) -- C:\ProgramData\1360244169.4564.bin [8927]
[MD5.80B91780F32DB2FB9A6E2501FE783215] [SPRF][07/02/2013] (...) -- C:\ProgramData\1360245217.bdinstall.bin [259925]
[MD5.E2ABC0EC23EF91BD4AE6D8BEB2A37875] [SPRF][07/02/2013] (...) -- C:\ProgramData\1360246059.bdinstall.bin [439552]
[MD5.0A994CCA07FD47BCA71D6B2BE06EDAEF] [SPRF][08/03/2013] (...) -- C:\ProgramData\1362737421.bdinstall.bin [234287]
[MD5.21398EAEEA6ACF9B6D0367954FE34133] [SPRF][08/03/2013] (...) -- C:\ProgramData\1362739280.bdinstall.bin [502]
[MD5.FBD373B769AC572DC8EC5008B30643CA] [SPRF][08/03/2013] (...) -- C:\ProgramData\1362739466.bdinstall.bin [2617857]
[MD5.A61428FB32BFABC7643E525EE1DC6F83] [SPRF][09/03/2013] (...) -- C:\ProgramData\1362836658.bdinstall.bin [84319]
[MD5.6E1CDA0E3854780ECBA528FE732CF58C] [SPRF][09/03/2013] (...) -- C:\ProgramData\1362836777.bdinstall.bin [235291]
[MD5.8422F57D6E48D13A4438055F702A5F95] [SPRF][09/03/2013] (...) -- C:\ProgramData\1362837092.bdinstall.bin [1549]
[MD5.0241915B27C6D74DAC691D0563D11EE3] [SPRF][09/03/2013] (...) -- C:\ProgramData\1362837356.bdinstall.bin [2846948]
[MD5.579FDC0EE10CC5D9B6DF1F7CC5E5F608] [SPRF][08/04/2013] (...) -- C:\ProgramData\1365434852.bdinstall.bin [233342]
[MD5.7149083D516B403C7A260F57FBFD6FE7] [SPRF][08/04/2013] (...) -- C:\ProgramData\1365441310.bdinstall.bin [945416]
[MD5.2540A168BEFA0AE5C1A9453E39B29434] [SPRF][08/04/2013] (...) -- C:\ProgramData\1365443872.bdinstall.bin [250864]
[MD5.71AF00C0A0096FE6C79D1D1F9AA15ECA] [SPRF][08/04/2013] (...) -- C:\ProgramData\1365444832.bdinstall.bin [464430]
[MD5.7AF23185660F35D932FFD8009F37C2E8] [SPRF][08/04/2013] (...) -- C:\ProgramData\1365445369.bdinstall.bin [58978]
[MD5.67ABEE8DBE716E7B97E8EAD8E16DA429] [SPRF][08/04/2013] (...) -- C:\ProgramData\1365445764.bdinstall.bin [926118]
[MD5.4D5EE039DF40AF36B8643A1388D287A8] [SPRF][24/04/2013] (.Reimage® - Reimage Repair.) -- C:\Users\Lucie\AppData\Local\Temp\ReimagePackage.exe [11871520]
[MD5.6A0D9ED46BD49B5928B2DD6CB1F22D36] [SPRF][24/04/2013] (.Reimage® - Reimage Downloader.) -- C:\Users\Lucie\AppData\Local\Temp\ReimageRepair.exe [710696]
~ Files: Scanned in 00mn 20s

---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{9B3E1611-A864-42F3-8B84-C019286CFAD4}" | In - Private - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
O87 - FAEL: "{14DBE51B-E25A-4BD0-A656-D9701E42C3B5}" | In - Private - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
O87 - FAEL: "{76056504-4A6D-4911-9D36-B66C7CB3B266}" | In - Public - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
O87 - FAEL: "{BB2770D6-4AD4-4CA0-A624-708FEA7007D9}" | In - Public - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
O87 - FAEL: "{1AD7D07F-5BA8-4ACF-A62B-37319D6F86B2}" | In - None - P6 - TRUE | .(.Bitberry Software - Bitberry Software Update Checker.) -- C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe
~ Firewall: 205 Legitimates Scanned in 00mn 07s

---\\ Scan Additionnel (O88)
Database Version : v2.11376 - (03/04/2013)
Clés trouvées (Keys found) : 22
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 6
Fichiers trouvés (Files found) : 0

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}] =>Hijacker.SmartBar
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}] =>Hijacker.SmartBar
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SnapDo_RASAPI32] =>Hijacker.SmartBar
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SnapDo_RASMANCS] =>Hijacker.SmartBar
[HKLM\Software\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent
[HKCU\Software\APN PIP] =>Toolbar.Ask
[HKCU\Software\BabylonToolbar] =>Toolbar.Babylon
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\DataMngr] =>Adware.Bandoo
[HKCU\Software\DataMngr_Toolbar] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\PIP] =>Toolbar.Ask
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS] =>Toolbar.Babylon
[HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\InstallIQ] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>Toolbar.Agent
[HKCU\Software\Protector] =>PUP.AdvancedSystemProtector
[HKLM\Software\Classes\Toolbar.CT3281675] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Toolbar.CT3281675] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Run]:Bubble Dock =>Adware.SPointer
C:\ProgramData\Babylon =>Toolbar.Babylon
C:\Users\Lucie\AppData\Roaming\Babylon =>Toolbar.Babylon
C:\Users\Lucie\AppData\Roaming\OpenCandy =>Adware.OpenCandy
C:\Users\Lucie\AppData\Roaming\B1Toolbar =>Toolbar.BrotherSoft
C:\Users\Lucie\AppData\Local\B1E =>Toolbar.BrotherSoft
C:\Users\Lucie\AppData\LocalLow\Conduit =>Toolbar.Conduit
~ Additionnel: Scanned in 01mn 14s

---\\ Product Upgrade Codes (O90)
O90 - PUC: "79407899D9A1CF9449F9CE4F89A6ABF1" . (.ForceDownload.) -- C:\Windows\Installer\{99870497-1A9D-49FC-949F-ECF4986ABA1F}\ARPPRODUCTICON.exe
~ Update Products: 105 Legitimates Scanned in 00mn 00s

---\\ Random Export Key (O91)
[HKCU\Software\d57dadbbc68e848\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
[HKCU\Software\d57dadbbc68e848\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:version="2.6.1125.80"
[HKCU\Software\d57dadbbc68e848] =>Toolbar.Babylon^
[HKLM\Software\Wow6432Node\d57dadbbc68e848] => Clé orpheline
~ Export Key Software: Scanned in 00mn 00s

---\\ MyComputer Name Space (O92)
O92 - MNS: One.com Cloud Drive - {209F971E-F11E-41E8-B6ED-592E85DBA1E4}
O92 - MNS: ZEN V Series Media Explorer - {24849e2f-0a86-40cd-a62a-b12f161882db}
~ MNS: Scanned in 00mn 00s

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 18/03/2010 113152 | (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
SR - | Auto 21/04/2010 202752 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 21/12/2012 57008 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SS - | Disabled 08/04/2013 69392 | (BdDesktopParental) . (.Bitdefender.) - C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe
SR - | Auto 13/12/1999 44032 | (Creative Service for CDROM Access) . (.Creative Technology Ltd.) - C:\Windows\SysWOW64\CTsvcCDA.exe
SR - | Auto 11/06/2010 868896 | (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe
SS - | Demand 15/07/2010 655624 | (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SR - | Auto 08/01/2010 23584 | (GREGService) . (.Acer Incorporated.) - C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
SR - | Demand 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Demand 20/02/2013 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 25/04/2012 202296 | (KSS) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SS - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Demand 12/04/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Pa
0
Réponse 31 / 85
Utilisateur anonyme
 
il s'est passé pas mal de choses depuis plus de 10 jours !

relance Zhpdiag,

/!\Utilisateur de Vista, Seven et W8 :

* Clique droit sur le logo de ZHPdiag, « exécuter en tant qu'Administrateur »

* Clique sur la flèche verte pour lancer une mise à jour

* Clique sur le tourne vis , sélectionne tous les modules.

* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
<gras>* Héberge le rapport ZHPDiag.txt sur Cjoint, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum :

https://www.cjoint.com/ => https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers</gras>
0
Réponse 32 / 85
eyores
 
Bonjour,

je dois dire que je suis assez découragée par ce virus.
Déjà, je vous montre ce que j'ai comme interface de ZHP DIAg comme ça, tout sera clair - pour moi. :)

r

Le lien a été créé: http://cjoint.com/?CDywxKazUu9
0
Réponse 33 / 85
Utilisateur anonyme
 
tu vois la flèche verte en haut à droite ? ceci permet de faire une mise à jour,

puis tu cliques sur le tourne vis, sélectionne tous les modules, puis clique sue la loupe, laisse l'outil travailler,

une fois le scan terminé, héberge le rapport sur Cjoint, c'est aussi simple que ça ;-)

0
Réponse 34 / 85
eyores
 
Désolée, cela a pris du temps :

Le lien a été créé: http://cjoint.com/?CDywUBbsPTz
0
Réponse 35 / 85
eyores
 
Je ne sais pas si l'envoi du rapport est passé; je l'envoie de nouveau

Le lien a été créé: http://cjoint.com/?CDywUBbsPTz

(
0
Réponse 36 / 85
Utilisateur anonyme
 
super,

installe les mises à jour de Windows,

installe également la dernière version de java depuis son site dédié !

* /!\ Avertissement /!\,
* ce script est seulement valable pour ce pc, en cours du nettoyage, à ne pas utiliser sur un autre pc, risque de plantage !

* Lance ZHPFix via le raccourci sur ton Bureau

/!\Utilisateur de Vista, Seven et W8 :

* Clique droit sur le logo de ZHPfix, « exécuter en tant qu'Administrateur »

* * Copie ( Ctrl + C ) et colle ( Ctrl + V ) les lignes suivantes en gras dans Zhpfix :
---------------------------------------------------------

[HKCU\Software\APN PIP]
[HKCU\Software\Softonic]
[HKLM\Software\Wow6432Node\InstallIQ]
[HKLM\Software\Wow6432Node\PIP]
O43 - CFD: 19/04/2013 - 23:04:12 - [0,457] ----D C:\Users\Lucie\AppData\Roaming\B1Toolbar
O43 - CFD: 19/04/2013 - 23:04:19 - [0,163] ----D C:\Users\Lucie\AppData\Local\B1E
[HKCU\Software\APN PIP]
[HKLM\Software\Wow6432Node\PIP]
[HKCU\Software\Softonic]
[HKLM\Software\Wow6432Node\InstallIQ] [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375]
[HKLM\Software\Classes\Toolbar.CT3281675]
[HKLM\Software\Wow6432Node\Classes\Toolbar.CT3281675]
C:\Users\Lucie\AppData\Roaming\B1Toolbar
C:\Users\Lucie\AppData\Local\B1E
C:\Users\Lucie\AppData\LocalLow\Conduit
O43 - CFD: 23/08/2011 - 13:59:47 - [0] ----D C:\ProgramData\McAfee
O43 - CFD: 04/04/2013 - 17:17:43 - [0] ----D C:\ProgramData\RegRun
O43 - CFD: 24/02/2013 - 23:26:41 - [0,004] ----D C:\ProgramData\SUPERAntiSpyware.com
[HKCU\Software\MCAFEE]
[HKCU\Software\Regrun]
M3 - MFPP: Plugins - [Lucie] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\babylon.xml
R0 - HKCU\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main,Start Page = http://ww10.seeearch.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://search.safefinder.com/?q=
O3 - Toolbar: (no name) [64Bits] - [HKLM]{ae07101b-46d4-4a98-af68-0333ea26e113} Clé orpheline
[HKCU\Software\BabylonToolbar]
[HKCU\Software\DataMngr]
[HKCU\Software\DataMngr_Toolbar]
[HKCU\Software\Protector]
[HKCU\Software\Smartbar]
[HKLM\Software\Wow6432Node\Babylon]
[HKLM\Software\Wow6432Node\DataMngr] [HKLM\Software\Wow6432Node\Iminent]
O43 - CFD: 06/04/2013 - 00:14:57 - [0] ----D C:\ProgramData\Babylon
O43 - CFD: 06/04/2013 - 00:14:56 - [0,009] ----D C:\Users\Lucie\AppData\Roaming\Babylon
O43 - CFD: 25/03/2013 - 21:19:10 - [15,787] ----D C:\Users\Lucie\AppData\Roaming\OpenCandy
O69 - SBI: SearchScopes [HKCU] {006ee092-9658-4fd6-bd8e-a21a348e59f5} [DefaultScope] - (Web Search) - https://search.safefinder.com/?q=
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Hola Search) - http://www.holasearch.com
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}] => Infection PUP (Hijacker.SnapDo)
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}]
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] => Infection BT (PUP.ClaroSearch)
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SnapDo_RASAPI32]
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SnapDo_RASMANCS]
[HKLM\Software\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}] => Infection BT (Trojan.Delf)
[HKCU\Software\BabylonToolbar]
[HKCU\Software\DataMngr]
[HKLM\Software\Wow6432Node\DataMngr]
[HKCU\Software\DataMngr_Toolbar]
[HKLM\Software\Wow6432Node\Iminent]
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32]
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS] => Infection PUP (Toolbar.Babylon)*
[HKLM\Software\Classes\Prod.cap]
[HKCU\Software\Protector]
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OpenCandyHelperRunOnce]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}]
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Run]:Bubble Dock
C:\ProgramData\Babylon
C:\Users\Lucie\AppData\Roaming\Babylon
C:\Users\Lucie\AppData\Roaming\OpenCandy
[HKCU\Software\d57dadbbc68e848\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" )
[HKCU\Software\d57dadbbc68e848\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:version="2.6.1125.80"
[HKLM\Software\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASAPI32]
[HKLM\Software\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASMANCS]
Emptytemp
EmptyClsid


----------------------------------------------------------

- Si tu ne trouves pas le bouton GO, clique sur l'icone représentant le presse-papier (L'icone entre l'appareil photo et le parchemin, en haut à gauche de la page d'outil)

- Clique sur le bouton « GO » pour lancer le nettoyage,
- confirme le nettoyage
- Copie/colle la totalité du rapport dans ta prochaine réponse

0
Réponse 37 / 85
eyores
 
Comment installe-t-on les mises à jour de windows ?
0
Réponse 38 / 85
Utilisateur anonyme
 
depuis Windows Update, dans le menu démarrer, tous les programmes, Windows update

0
Réponse 39 / 85
eyores
 
j'ai installé Java et les mises à jour sont en train de se faire. Merci pour votre aide.
0
Réponse 40 / 85
eyores
 
voilà; les mises à jour sont faites; j'ai du redémarrer l'ordinateur donc cela amis du temps.
0

Discussions similaires

processus searchfilterhost
sisylphe -
Xblade -

4 réponses
prèlèvement Reversa - GB Londres 47,90 EURO
Lecalier -
brucine -

36 réponses
PC bloqué sur logo "asus in search of incredible"
mikado -
Yasko972 -

1 réponse
windows search
giheller -
MisteryBean -

5 réponses
Désinstaller Search Protect
iphone29 -
verderame -

34 réponses