Se débarraser d'optimizer pro
Résolu/Fermé
hp29
Messages postés
2
Date d'inscription
dimanche 31 mars 2013
Statut
Membre
Dernière intervention
1 avril 2013
-
31 mars 2013 à 19:34
Utilisateur anonyme - 1 avril 2013 à 17:35
Utilisateur anonyme - 1 avril 2013 à 17:35
Bonjour,
optimizer pro s'est installé sur mon ordinateur sans que je le souhaite et j'ai tout un tas de soucis depuis.
j'ai suivi les conseils d'electricien 69. et voici le rapport ZHpDiag après désinstallation de ADWC.
Rapport de ZHPDiag v2013.3.30.114 par Nicolas Coolman, Update du 30/03/2013
Run by Louln at 31/03/2013 18:36:24
State : Version à jour.
High Elevated Privileges : OK
UAC : Deactivate by program
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
GCIE: Google Chrome v26.0.1410.43 (Defaut)
---\\ Windows Product Information
~ Langage: Français
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : WQD8Q
Windows License : OK
Windows Automatic Updates : OK
---\\ System Information
~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3326 MB (38% free)
System Restore: Activé (Enable)
System drive C: has 343 GB (75%) free of 456 GB
---\\ Logged in mode
~ Computer Name: PC-DE-LOULN
~ User Name: Louln
~ All Users Names: Louln, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Louln\AppData\Roaming\
~ %Desktop% : C:\Users\Louln\Desktop\
~ %Favorites% : C:\Users\Louln\Favorites\
~ %LocalAppData% : C:\Users\Louln\AppData\Local\
~ %StartMenu% : C:\Users\Louln\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 343 Go of 456 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 10 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
K:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: Scanned in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.10/04/2009 - 23:27:38.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.19/01/2008 - 08:33:37.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.03728C624D05C2F157BBD46F6B7F6EA0] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.02/02/2013 - 04:30:21.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.10/04/2009 - 23:28:14.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.BFD3DF48C9ED81934FE21E8E3CFC2496] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2008 - 00:02:52.) -- C:\Windows\system32\Drivers\atapi.sys [21560]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.19/01/2008 - 06:28:02.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.10/04/2009 - 21:39:18.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.10/04/2009 - 21:42:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.19/01/2008 - 06:49:18.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.19/01/2008 - 06:56:28.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.10/04/2009 - 21:45:38.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.10/04/2009 - 23:32:50.) -- C:\Windows\system32\Drivers\ntfs.sys [1083880]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.19/01/2008 - 06:56:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10:03:00.) -- C:\Windows\system32\Drivers\rdpdr.sys [242688]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.10/04/2009 - 21:45:24.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.10/04/2009 - 21:45:58.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/7837
~ Mes musiques (My Musics) : 1/22
~ Mes Videos (My Videos) : 1/7
~ Mes Favoris (My Favorites) : 1/38
~ Mes Documents (My Documents) : 1/87
~ Mon Bureau (My Desktop) : 1/735
~ Menu demarrer (Programs) : 2/42
~ Hidden Files: Scanned in 00mn 09s
---\\ Processus lancés
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.2640]
[MD5.148C545849C1379A3D4448F5DE768E86] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4767304] [PID.2648]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.2684]
[MD5.A6D772AA861E673636D48B6EB452ADE3] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.exe [98696] [PID.2700]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.2808]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.2816]
[MD5.DDE5A0DFAF7C6370FB36402D7A746ED3] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [757296] [PID.2368]
[MD5.BAD663957F682F95B22C4E83AB49CB52] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe [308368] [PID.5696]
[MD5.A854BC2D2AD9856F6B84C7870FF246D9] - (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe [706776] [PID.4608]
[MD5.0051240D50ABE7922727B1E3385DF512] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [6264832] [PID.6860]
[MD5.FC20A647475874E5CEDDCA437B623456] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 175.7.) -- C:\Windows\system32\nvvsvc.exe [125472] [PID.976]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1364]
[MD5.4B555106290BD117334E9A08761C035A] - (...) -- ystem32\rundll32.exe [0] [PID.1552]
[MD5.41735B82DB57E4EBE9504EC400FD120E] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [45248] [PID.1780]
[MD5.3DEBBECF665DCDDE3A95D9B902010817] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55144] [PID.2980]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.3112]
[MD5.11A220EB53F1D42B8AF0AD1210B8241D] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [354840] [PID.3164]
[MD5.DFEFF67508D3A9AEB1A85D7B0F513B24] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728] [PID.3300]
[MD5.31E023681015C35EBFE1498B07813B87] - (.Microsoft Corporation - MsCamSvc.exe.) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe [139120] [PID.3320]
[MD5.0D26C438E2938A3E6BDD91173BC96FF0] - (.Hewlett-Packard - HP Health Check Service.) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [65536] [PID.6992]
[MD5.97D9D6A04E3AD9B6C626B9931DB78DBA] - (.Microsoft Corporation - Programme d'installation de modules Windows.) -- C:\Windows\servicing\TrustedInstaller.exe [39424] [PID.7004]
~ Processes Running: Scanned in 00mn 03s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Louln\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
~ Google Browser: Scanned in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.0.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_31 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20125.0.) -- c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.3.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3555.0308] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@veetle.com/veetleCorePlugin,version=0.9.18] - (.Veetle Inc - Version 0.9.18, Copyright 2006-2009 Veetle Inc<br><a href="http://www..) -- C:\Program Files\Veetle\plugins\npVeetle.dll
P2 - FPN: [HKLM] [@veetle.com/veetlePlayerPlugin,version=0.9.18] - (.Veetle Inc - Version 0.9.18, copyright 2006-2010 Veetle Inc<br><a href="http://www..) -- C:\Program Files\Veetle\Player\npvlc.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.0] - (.VideoLAN - VLC media player Web Plugin 2.0.0-rc.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.5.4".) -- C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
P2 - FPN: [HKLM] [yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1] - (.Yahoo! Inc. - Yahoo! activeX Plug-in Bridge.) -- C:\Program Files\Yahoo!\Common\npyaxmpb.dll
~ Firefox Browser: Scanned in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Yahoo! Inc. - Yahoo! activeX Plug-in Bridge.) (No version) -- (.not file.)
~ IE Browser: Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 03s
~ Nombre de lignes (Lines number): 10620
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} Clé orpheline
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: LyricsPal - {A3DAEB01-4C15-4AC6-A689-6406FD954EE0} . (.XingHao Software - LyricsPal.) -- C:\Program Files\XingHaoLyrics\lrcspal.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
~ BHO: Scanned in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - [HKLM]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline
O3 - Toolbar: avast! WebRep - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [hpqSRMon] Clé orpheline
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] . (.Adobe Systems, Inc. - Shockwave Helper.) -- C:\Windows\System32\Adobe\Shockwave 11\SwHelper_1103471.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-188811845-743868833-1814188236-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-188811845-743868833-1814188236-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-188811845-743868833-1814188236-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-188811845-743868833-1814188236-1000\..\RunOnce: [Shockwave Updater] . (.Adobe Systems, Inc. - Shockwave Helper.) -- C:\Windows\System32\Adobe\Shockwave 11\SwHelper_1103471.exe
~ Application: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Programs: CyberLink DVD Suite Deluxe.lnk . (.CyberLink - PowerStarter.) -- C:\Program Files\CyberLink\DVD Suite Deluxe\PowerStarter.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Programs: Update Checker.lnk . (.FileHippo.com - FileHippo.com Update Checker.) -- C:\Program Files\filehippo.com\UpdateChecker.exe
O4 - GS\Programs: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - GS\Programs: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - GS\QuickLaunch: Documents - Raccourci.lnk . (...) -- C:\Users\Louln\Desktop\Documents
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Microsoft Office Outlook.lnk . (.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.exe
O4 - GS\QuickLaunch: Spybot - Search & Destroy.lnk . (.Safer Networking Limited - Spybot - Search & Destroy.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
O4 - GS\QuickLaunch: Windows Live Mail.lnk . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\wlmail.exe
O4 - GS\QuickLaunch: Windows Live Photo Gallery.lnk . (.Microsoft Corporation - Windows Live Photo Gallery.) -- C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
O4 - GS\QuickLaunch: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - Global Startup: C:\Users\Louln\Desktop\Coloriez.com.url . (...) -- C:\Users\Louln\Desktop\Coloriez.com.url
O4 - GS\Desktop: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop: Microsoft Office Word 2007.lnk . (...) -- C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe
O4 - GS\Desktop: Optimizer Pro.lnk . (...) -- C:\Program Files\Optimizer Pro\OptimizerPro.exe (.not file.)
O4 - Global Startup: C:\Users\Louln\Desktop\Outils de diagnostic d'imprimante HP.url . (...) -- C:\Users\Louln\Desktop\Outils de diagnostic d'imprimante HP.url
O4 - GS\Desktop: Pictures.lnk . (...) -- C:\Users\Louln\Pictures
O4 - Global Startup: C:\Users\Louln\Desktop\Vrac coloriages.url . (...) -- C:\Users\Louln\Desktop\Vrac coloriages.url
O4 - GS\Desktop: Windows Live Mail.lnk . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\wlmail.exe
O4 - GS\Desktop: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - GS\Desktop: Windows Photo Gallery.lnk . (.Microsoft Corporation - Galerie de photos Windows.) -- C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe
O4 - GS\Desktop: Windows Update.lnk . (.Microsoft Corporation - Windows Update Application Launcher.) -- C:\Windows\System32\wuapp.exe
~ Global Startup: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet Explorer.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -- Clé orpheline
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
~ Winsock: 7 Legitimates Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{005AF5AB-5C03-4D85-882D-B7FC7B6E9892}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{005AF5AB-5C03-4D85-882D-B7FC7B6E9892}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{005AF5AB-5C03-4D85-882D-B7FC7B6E9892}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{005AF5AB-5C03-4D85-882D-B7FC7B6E9892}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
~ SSODL: 1 Legitimates Scanned in 00mn 00s
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: SBSD Security Center Service (SBSDWSCService) . (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
~ Services: 10 Legitimates Scanned in 00mn 10s
---\\ Enumération Active Desktop & MHTML Editor (O24)
~ Desktop Component: 1 Legitimates Scanned in 00mn 00s
---\\ BootExecute (O34)
O34 - HKLM BootExecute: (lsdelete) - File not found
~ BEX: 2 Legitimates Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\LyricsPal Update.job [382]
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Weekly)] (...) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.) [0]
[MD5.E6E9E046E65BD94F4B60AD9B3128E1B6] [APT] [HP Health Check] (.Hewlett-Packard.) -- c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [66816]
[MD5.689C6EA7A17B3AE0F2A0151465EF311E] [APT] [JavaUpdateAdministrator] (.Sun Microsystems, Inc..) -- C:\Windows\system32\jusched.exe [132760]
[MD5.689C6EA7A17B3AE0F2A0151465EF311E] [APT] [JavaUpdateLouln] (.Sun Microsystems, Inc..) -- C:\Windows\system32\jusched.exe [132760]
[MD5.7D6A0A4C51EFCBCE1E4B0F6E9A76BE83] [APT] [LyricsPal Update] (.XingHao Software.) -- C:\Program Files\XingHaoLyrics\XingHaoUpdater.exe [115200]
[MD5.CBEC06E32D0AC9C3D0A9199EDC1FB959] [APT] [{78FD73A2-FEA1-4EC0-9347-272E0A211B60}] (.Skype Technologies S.A..) -- C:\Program Files\Skype\Phone\Skype.exe [17418928]
[MD5.CBEC06E32D0AC9C3D0A9199EDC1FB959] [APT] [{7C23D1A4-16A9-4D44-89BD-C15A41C3864B}] (.Skype Technologies S.A..) -- C:\Program Files\Skype\Phone\Skype.exe [17418928]
[MD5.00000000000000000000000000000000] [APT] [{DF286EEB-157C-459A-BC80-4FF398F26C13}] (...) -- J:\everesthome220.exe (.not file.) [0]
[MD5.61D3771702DE72053FEE2A98F213A030] [APT] [Scheduled Maintenance] (.PC-Doctor, Inc..) -- C:\Program Files\PC-Doctor 5 for Windows\RunProfiler.exe [73728]
[MD5.6D0F62A4D823A36A529369257CD8C00D] [APT] [Scheduled Maintenance Swap] (...) -- C:\Program Files\PC-Doctor 5 for Windows\task_swap.bat [199]
~ Scheduled Task: 21 Legitimates Scanned in 00mn 05s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
~ Active Setup: 15 Legitimates Scanned in 00mn 00s
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
~ Drivers: 74 Legitimates Scanned in 00mn 01s
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader 9.5.4 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A95000000001}
O42 - Logiciel: Bundled software uninstaller - (...) [HKLM] -- bi_uninstaller
O42 - Logiciel: Java(TM) 6 Update 31 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216031FF}
O42 - Logiciel: Java(TM) SE Runtime Environment 6 Update 1 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160010}
O42 - Logiciel: LyricsPal - (.XingHao Software.) [HKLM] -- lrcspal@xinghao.net
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
O42 - Logiciel: SweetIM Bundle by SweetPacks - (.SweetPacks LTD.) [HKLM] -- SweetIM Bundle by SweetPacks
O42 - Logiciel: avast! Free Antivirus v8.0.1483.0 - (.AVAST Software.) [HKLM] -- avast
~ Logic: 129 Legitimates Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\BI]
[HKCU\Software\IncrediMail]
[HKCU\Software\RayV]
[HKCU\Software\SweetIM]
[HKLM\Software\SweetIM]
~ Key Software: 193 Legitimates Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 16/06/2012 - 12:11:54 - [423,390] ----D C:\Program Files\Ad-Aware Antivirus
O43 - CFD: 26/09/2008 - 10:57:23 - [0] ----D C:\Program Files\Avast4
O43 - CFD: 12/02/2010 - 14:10:05 - [0] ----D C:\Program Files\RayV
O43 - CFD: 18/11/2009 - 18:19:25 - [107,890] ----D C:\Program Files\Spybot - Search & Destroy
O43 - CFD: 14/06/2012 - 18:35:31 - [0,000] ----D C:\ProgramData\Ad-Aware Browsing Protection
O43 - CFD: 08/07/2012 - 12:14:50 - [0,120] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 14/06/2012 - 18:37:38 - [0,002] ----D C:\Users\Louln\AppData\Roaming\Ad-Aware Antivirus
O43 - CFD: 21/02/2010 - 11:37:19 - [0,003] ----D C:\Users\Louln\AppData\Roaming\RayV
O43 - CFD: 14/06/2012 - 18:35:35 - [4,417] ----D C:\Users\Louln\AppData\Local\adaware
O43 - CFD: 15/03/2013 - 18:54:51 - [0,212] ----D C:\Users\Louln\AppData\Local\Bundled software uninstaller
~ 106 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 306 Legitimates Scanned in 00mn 29s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.4CBCC1C6FFB72C606A3DD7F9E74700B4] - 31/03/2013 - 17:27:43 ---A- . (...) -- C:\aaw7boot.log [332420]
O44 - LFC:[MD5.CEDAA1296F909C019792F9C9AAA45D28] - 31/03/2013 - 17:26:02 ---A- . (...) -- C:\Windows\DeleteOnReboot.bat [130]
O44 - LFC:[MD5.BE4D946B5D8745DD7CD4CA9CA04F4989] - 27/02/2013 - 12:24:40 ---A- . (...) -- C:\Windows\System32\dmwu.exe [1013552]
O44 - LFC:[MD5.351677F04B3DC84937FBFA20CD6E958D] - 27/02/2013 - 12:21:38 ---A- . (...) -- C:\Windows\System32\ImHttpComm.dll [28160]
O44 - LFC:[MD5.188E68005ED62F32248032C65CB4DE96] - 13/05/2011 - 15:59:22 ---A- . (...) -- C:\Windows\System32\Microsoft.VC80.CRT.manifest [1870]
~ Files: 49 Legitimates Scanned in 00mn 32s
---\\ Déni du service (Local Security Authority) (O48)
~ LSA: 7 Legitimates Scanned in 00mn 00s
---\\ Contrôle du Safe Boot (CSB) (O49)
~ CBS: 13 Legitimates Scanned in 00mn 00s
---\\ Trojan Driver Search Data (HKLM) (O52)
~ TDSD: 4 Legitimates Scanned in 00mn 00s
---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\KBD [Key] . (...) -- C:\HP\KBD\KbdStub.exe
O53 - SMSR:HKLM\...\startupreg\NvCplDaemon [Key] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll
O53 - SMSR:HKLM\...\startupreg\NvMediaCenter [Key] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\system32\NvMcTray.dll
O53 - SMSR:HKLM\...\startupreg\SpybotSD TeaTimer [Key] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O53 - SMSR:HKLM\...\startupreg\VX1000 [Key] . (.Microsoft Corporation - Microsoft LifeCam Device Application.) -- C:\Windows\vVX1000.exe
O53 - SMSR:HKLM\...\startupreg\WMPNSCFG [Key] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
~ SMSR Keys: 22 Legitimates Scanned in 00mn 00s
---\\ Microsoft Control Security Providers (O54)
~ MSCP: 2 Legitimates Scanned in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ MWPS: 19 Legitimates Scanned in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLogoff"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoClose"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
~ Keys: Scanned in 00mn 00s
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 10:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [420968]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
~ Drivers: Scanned in 00mn 00s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 03/11/2011 - C:\Windows\System32\DRIVERS\Lbd.sys (Lbd) .(.Lavasoft AB - Boot Driver.) - LEGACY_LBD
O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\spoolsv.exe,-1 (Spooler) .(...) - LEGACY_SPOOLER
~ Legacy: 75 Legitimates Scanned in 00mn 00s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ Keys: Scanned in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <chrome.exe> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {93E78D18-1C6F-472C-9526-638A4B96DE44} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {EDF0ACEA-9179-4873-8E97-FC09A232FDF9} - (AOL Recherche) - http://slirsredirect.search.aol.com
O69 - SBI: SearchScopes [HKCU] {F39A6897-CC13-4739-8B91-07E5B0E2DCF8} - (Kelkoo) - http://fr.kelkoopartners.net
~ Keys: Scanned in 00mn 00s
---\\ Recherche des services démarrés par Svchost (O83)
~ Services: 31 Legitimates Scanned in 00mn 00s
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.B0E6810C33B2D18222597F1E0BD3DEF2] [SPRF][30/04/2009] (...) -- C:\ProgramData\ezsidmv.dat [56]
[MD5.21C353DA798C7E81E11A949FCA1791E6] [SPRF][31/10/2012] (...) -- C:\Users\Louln\AppData\Local\d3d9caps.dat [680]
[MD5.804E6B5F713C98B4100EB913B936E2B1] [SPRF][31/03/2013] (.Eclipse Foundation - SWT for Windows native library.) -- C:\Users\Louln\AppData\Local\Temp\swt-win32-3333.dll [303104]
[MD5.F1D3FF8443297732862DF21DC4E57262] [SPRF][12/01/2009] (...) -- C:\Users\Louln\AppData\Roaming\wklnhst.dat [4]
[MD5.B63CCB43F2779CBEA5D8D3CE2E3D90FB] [SPRF][26/10/2012] (...) -- C:\Users\Louln\Desktop\Minecraft.exe [263186]
[MD5.632E0CE38FBCADEAAE28077F4C9C45D5] [SPRF][21/10/2010] (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller 10.1 r102.) -- C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [2827728]
~ Files: Scanned in 00mn 00s
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{EFF4FD69-9889-434F-B4DD-52565C3D2016}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\CrazyLoader\crazyloader.exe (.not file.)
O87 - FAEL: "{1F2A0169-73DD-4AC7-AF98-77936CBAAA3A}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\CrazyLoader\crazyloader.exe (.not file.)
O87 - FAEL: "{BCFE8FCF-C32D-4CB9-85A4-64BFB8BF694B}" | In - Private - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
O87 - FAEL: "{24DD5B3D-544A-464B-8565-9A002343E05E}" | In - Private - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
O87 - FAEL: "{E8D79D27-C196-4B04-B95E-41A50787287A}" | In - Public - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
O87 - FAEL: "{6BDD0AE1-41E9-4AFF-B5DF-314180FE722F}" | In - Public - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
~ Firewall: 211 Legitimates Scanned in 00mn 01s
---\\ Scan Additionnel (O88)
Database Version : v2.11349 - (30/03/2013)
Clés trouvées (Keys found) : 21
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 2
Fichiers trouvés (Files found) : 0
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKLM\Software\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Classes\Interface\{db885111-f39f-4d88-9ee5-c88460b6df7b}] =>Adware.Agent
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar] =>Toolbar.Agent
[HKLM\Software\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}] =>Toolbar.ToolBand
[HKLM\Software\Classes\Interface\{DB885111-F39F-4D88-9EE5-C88460B6DF7B}] =>Toolbar.ToolBand
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller] =>Adware.MegaSearch
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\Arpcache\SweetIM Bundle by SweetPacks] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetIM Bundle by SweetPacks] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
[HKLM\Software\Mozilla\Firefox\Extensions]:crazyloader@spointer.com =>Adware.SPointer
C:\Users\Louln\AppData\Local\Bundled software uninstaller =>Adware.MegaSearch
C:\Users\Louln\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb =>Toolbar.PricePeep
~ Additionnel: Scanned in 00mn 42s
---\\ Product Upgrade Codes (O90)
~ Update Products: 128 Legitimates Scanned in 00mn 00s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 24/10/2011 55144 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 07/03/2013 45248 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Auto 30/04/2009 133104 | (gupdate1c9c9cc98f193d0) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 30/04/2009 133104 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 15/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 19/09/2007 65536 | (HP Health Check Service) . (.Hewlett-Packard.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
SR - | Demand 19/01/2008 21504 | C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 19/01/2008 21504 | C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 02/06/2008 354840 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
SS - | Demand 13/11/2011 821608 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 17/03/2009 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 19/01/2008 21504 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 16/10/2008 125472 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\System32\nvvsvc.exe
SR - | Auto 19/01/2008 21504 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Auto 26/01/2009 1153368 | (SBSDWSCService) . (.Safer Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
SS - | Auto 13/07/2012 160944 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 19/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 19/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 01s
End of the scan (624 lines in 03mn 01s)(0)
Est-ce qu'electricien 69 pourrait m'aider ensuite? ou qqun d'autre?
Un grand merci d'avance.
optimizer pro s'est installé sur mon ordinateur sans que je le souhaite et j'ai tout un tas de soucis depuis.
j'ai suivi les conseils d'electricien 69. et voici le rapport ZHpDiag après désinstallation de ADWC.
Rapport de ZHPDiag v2013.3.30.114 par Nicolas Coolman, Update du 30/03/2013
Run by Louln at 31/03/2013 18:36:24
State : Version à jour.
High Elevated Privileges : OK
UAC : Deactivate by program
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
GCIE: Google Chrome v26.0.1410.43 (Defaut)
---\\ Windows Product Information
~ Langage: Français
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : WQD8Q
Windows License : OK
Windows Automatic Updates : OK
---\\ System Information
~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3326 MB (38% free)
System Restore: Activé (Enable)
System drive C: has 343 GB (75%) free of 456 GB
---\\ Logged in mode
~ Computer Name: PC-DE-LOULN
~ User Name: Louln
~ All Users Names: Louln, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Louln\AppData\Roaming\
~ %Desktop% : C:\Users\Louln\Desktop\
~ %Favorites% : C:\Users\Louln\Favorites\
~ %LocalAppData% : C:\Users\Louln\AppData\Local\
~ %StartMenu% : C:\Users\Louln\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 343 Go of 456 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 10 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
K:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: Scanned in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.10/04/2009 - 23:27:38.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.19/01/2008 - 08:33:37.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.03728C624D05C2F157BBD46F6B7F6EA0] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.02/02/2013 - 04:30:21.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.10/04/2009 - 23:28:14.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.BFD3DF48C9ED81934FE21E8E3CFC2496] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2008 - 00:02:52.) -- C:\Windows\system32\Drivers\atapi.sys [21560]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.19/01/2008 - 06:28:02.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.10/04/2009 - 21:39:18.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.10/04/2009 - 21:42:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.19/01/2008 - 06:49:18.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.19/01/2008 - 06:56:28.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.10/04/2009 - 21:45:38.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.10/04/2009 - 23:32:50.) -- C:\Windows\system32\Drivers\ntfs.sys [1083880]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.19/01/2008 - 06:56:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10:03:00.) -- C:\Windows\system32\Drivers\rdpdr.sys [242688]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.10/04/2009 - 21:45:24.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.10/04/2009 - 21:45:58.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/7837
~ Mes musiques (My Musics) : 1/22
~ Mes Videos (My Videos) : 1/7
~ Mes Favoris (My Favorites) : 1/38
~ Mes Documents (My Documents) : 1/87
~ Mon Bureau (My Desktop) : 1/735
~ Menu demarrer (Programs) : 2/42
~ Hidden Files: Scanned in 00mn 09s
---\\ Processus lancés
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.2640]
[MD5.148C545849C1379A3D4448F5DE768E86] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4767304] [PID.2648]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.2684]
[MD5.A6D772AA861E673636D48B6EB452ADE3] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.exe [98696] [PID.2700]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.2808]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.2816]
[MD5.DDE5A0DFAF7C6370FB36402D7A746ED3] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [757296] [PID.2368]
[MD5.BAD663957F682F95B22C4E83AB49CB52] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe [308368] [PID.5696]
[MD5.A854BC2D2AD9856F6B84C7870FF246D9] - (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe [706776] [PID.4608]
[MD5.0051240D50ABE7922727B1E3385DF512] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [6264832] [PID.6860]
[MD5.FC20A647475874E5CEDDCA437B623456] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 175.7.) -- C:\Windows\system32\nvvsvc.exe [125472] [PID.976]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1364]
[MD5.4B555106290BD117334E9A08761C035A] - (...) -- ystem32\rundll32.exe [0] [PID.1552]
[MD5.41735B82DB57E4EBE9504EC400FD120E] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [45248] [PID.1780]
[MD5.3DEBBECF665DCDDE3A95D9B902010817] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55144] [PID.2980]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.3112]
[MD5.11A220EB53F1D42B8AF0AD1210B8241D] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [354840] [PID.3164]
[MD5.DFEFF67508D3A9AEB1A85D7B0F513B24] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728] [PID.3300]
[MD5.31E023681015C35EBFE1498B07813B87] - (.Microsoft Corporation - MsCamSvc.exe.) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe [139120] [PID.3320]
[MD5.0D26C438E2938A3E6BDD91173BC96FF0] - (.Hewlett-Packard - HP Health Check Service.) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [65536] [PID.6992]
[MD5.97D9D6A04E3AD9B6C626B9931DB78DBA] - (.Microsoft Corporation - Programme d'installation de modules Windows.) -- C:\Windows\servicing\TrustedInstaller.exe [39424] [PID.7004]
~ Processes Running: Scanned in 00mn 03s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Louln\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
~ Google Browser: Scanned in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.0.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_31 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20125.0.) -- c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.3.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3555.0308] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@veetle.com/veetleCorePlugin,version=0.9.18] - (.Veetle Inc - Version 0.9.18, Copyright 2006-2009 Veetle Inc<br><a href="http://www..) -- C:\Program Files\Veetle\plugins\npVeetle.dll
P2 - FPN: [HKLM] [@veetle.com/veetlePlayerPlugin,version=0.9.18] - (.Veetle Inc - Version 0.9.18, copyright 2006-2010 Veetle Inc<br><a href="http://www..) -- C:\Program Files\Veetle\Player\npvlc.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.0] - (.VideoLAN - VLC media player Web Plugin 2.0.0-rc.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.5.4".) -- C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
P2 - FPN: [HKLM] [yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1] - (.Yahoo! Inc. - Yahoo! activeX Plug-in Bridge.) -- C:\Program Files\Yahoo!\Common\npyaxmpb.dll
~ Firefox Browser: Scanned in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Yahoo! Inc. - Yahoo! activeX Plug-in Bridge.) (No version) -- (.not file.)
~ IE Browser: Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 03s
~ Nombre de lignes (Lines number): 10620
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} Clé orpheline
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: LyricsPal - {A3DAEB01-4C15-4AC6-A689-6406FD954EE0} . (.XingHao Software - LyricsPal.) -- C:\Program Files\XingHaoLyrics\lrcspal.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
~ BHO: Scanned in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - [HKLM]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline
O3 - Toolbar: avast! WebRep - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [hpqSRMon] Clé orpheline
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] . (.Adobe Systems, Inc. - Shockwave Helper.) -- C:\Windows\System32\Adobe\Shockwave 11\SwHelper_1103471.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-188811845-743868833-1814188236-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-188811845-743868833-1814188236-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-188811845-743868833-1814188236-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-188811845-743868833-1814188236-1000\..\RunOnce: [Shockwave Updater] . (.Adobe Systems, Inc. - Shockwave Helper.) -- C:\Windows\System32\Adobe\Shockwave 11\SwHelper_1103471.exe
~ Application: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Programs: CyberLink DVD Suite Deluxe.lnk . (.CyberLink - PowerStarter.) -- C:\Program Files\CyberLink\DVD Suite Deluxe\PowerStarter.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Programs: Update Checker.lnk . (.FileHippo.com - FileHippo.com Update Checker.) -- C:\Program Files\filehippo.com\UpdateChecker.exe
O4 - GS\Programs: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - GS\Programs: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - GS\QuickLaunch: Documents - Raccourci.lnk . (...) -- C:\Users\Louln\Desktop\Documents
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Microsoft Office Outlook.lnk . (.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.exe
O4 - GS\QuickLaunch: Spybot - Search & Destroy.lnk . (.Safer Networking Limited - Spybot - Search & Destroy.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
O4 - GS\QuickLaunch: Windows Live Mail.lnk . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\wlmail.exe
O4 - GS\QuickLaunch: Windows Live Photo Gallery.lnk . (.Microsoft Corporation - Windows Live Photo Gallery.) -- C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
O4 - GS\QuickLaunch: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - Global Startup: C:\Users\Louln\Desktop\Coloriez.com.url . (...) -- C:\Users\Louln\Desktop\Coloriez.com.url
O4 - GS\Desktop: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop: Microsoft Office Word 2007.lnk . (...) -- C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe
O4 - GS\Desktop: Optimizer Pro.lnk . (...) -- C:\Program Files\Optimizer Pro\OptimizerPro.exe (.not file.)
O4 - Global Startup: C:\Users\Louln\Desktop\Outils de diagnostic d'imprimante HP.url . (...) -- C:\Users\Louln\Desktop\Outils de diagnostic d'imprimante HP.url
O4 - GS\Desktop: Pictures.lnk . (...) -- C:\Users\Louln\Pictures
O4 - Global Startup: C:\Users\Louln\Desktop\Vrac coloriages.url . (...) -- C:\Users\Louln\Desktop\Vrac coloriages.url
O4 - GS\Desktop: Windows Live Mail.lnk . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\wlmail.exe
O4 - GS\Desktop: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - GS\Desktop: Windows Photo Gallery.lnk . (.Microsoft Corporation - Galerie de photos Windows.) -- C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe
O4 - GS\Desktop: Windows Update.lnk . (.Microsoft Corporation - Windows Update Application Launcher.) -- C:\Windows\System32\wuapp.exe
~ Global Startup: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet Explorer.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -- Clé orpheline
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
~ Winsock: 7 Legitimates Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{005AF5AB-5C03-4D85-882D-B7FC7B6E9892}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{005AF5AB-5C03-4D85-882D-B7FC7B6E9892}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{005AF5AB-5C03-4D85-882D-B7FC7B6E9892}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{005AF5AB-5C03-4D85-882D-B7FC7B6E9892}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
~ SSODL: 1 Legitimates Scanned in 00mn 00s
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: SBSD Security Center Service (SBSDWSCService) . (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
~ Services: 10 Legitimates Scanned in 00mn 10s
---\\ Enumération Active Desktop & MHTML Editor (O24)
~ Desktop Component: 1 Legitimates Scanned in 00mn 00s
---\\ BootExecute (O34)
O34 - HKLM BootExecute: (lsdelete) - File not found
~ BEX: 2 Legitimates Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\LyricsPal Update.job [382]
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Weekly)] (...) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.) [0]
[MD5.E6E9E046E65BD94F4B60AD9B3128E1B6] [APT] [HP Health Check] (.Hewlett-Packard.) -- c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [66816]
[MD5.689C6EA7A17B3AE0F2A0151465EF311E] [APT] [JavaUpdateAdministrator] (.Sun Microsystems, Inc..) -- C:\Windows\system32\jusched.exe [132760]
[MD5.689C6EA7A17B3AE0F2A0151465EF311E] [APT] [JavaUpdateLouln] (.Sun Microsystems, Inc..) -- C:\Windows\system32\jusched.exe [132760]
[MD5.7D6A0A4C51EFCBCE1E4B0F6E9A76BE83] [APT] [LyricsPal Update] (.XingHao Software.) -- C:\Program Files\XingHaoLyrics\XingHaoUpdater.exe [115200]
[MD5.CBEC06E32D0AC9C3D0A9199EDC1FB959] [APT] [{78FD73A2-FEA1-4EC0-9347-272E0A211B60}] (.Skype Technologies S.A..) -- C:\Program Files\Skype\Phone\Skype.exe [17418928]
[MD5.CBEC06E32D0AC9C3D0A9199EDC1FB959] [APT] [{7C23D1A4-16A9-4D44-89BD-C15A41C3864B}] (.Skype Technologies S.A..) -- C:\Program Files\Skype\Phone\Skype.exe [17418928]
[MD5.00000000000000000000000000000000] [APT] [{DF286EEB-157C-459A-BC80-4FF398F26C13}] (...) -- J:\everesthome220.exe (.not file.) [0]
[MD5.61D3771702DE72053FEE2A98F213A030] [APT] [Scheduled Maintenance] (.PC-Doctor, Inc..) -- C:\Program Files\PC-Doctor 5 for Windows\RunProfiler.exe [73728]
[MD5.6D0F62A4D823A36A529369257CD8C00D] [APT] [Scheduled Maintenance Swap] (...) -- C:\Program Files\PC-Doctor 5 for Windows\task_swap.bat [199]
~ Scheduled Task: 21 Legitimates Scanned in 00mn 05s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
~ Active Setup: 15 Legitimates Scanned in 00mn 00s
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
~ Drivers: 74 Legitimates Scanned in 00mn 01s
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader 9.5.4 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A95000000001}
O42 - Logiciel: Bundled software uninstaller - (...) [HKLM] -- bi_uninstaller
O42 - Logiciel: Java(TM) 6 Update 31 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216031FF}
O42 - Logiciel: Java(TM) SE Runtime Environment 6 Update 1 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160010}
O42 - Logiciel: LyricsPal - (.XingHao Software.) [HKLM] -- lrcspal@xinghao.net
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
O42 - Logiciel: SweetIM Bundle by SweetPacks - (.SweetPacks LTD.) [HKLM] -- SweetIM Bundle by SweetPacks
O42 - Logiciel: avast! Free Antivirus v8.0.1483.0 - (.AVAST Software.) [HKLM] -- avast
~ Logic: 129 Legitimates Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\BI]
[HKCU\Software\IncrediMail]
[HKCU\Software\RayV]
[HKCU\Software\SweetIM]
[HKLM\Software\SweetIM]
~ Key Software: 193 Legitimates Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 16/06/2012 - 12:11:54 - [423,390] ----D C:\Program Files\Ad-Aware Antivirus
O43 - CFD: 26/09/2008 - 10:57:23 - [0] ----D C:\Program Files\Avast4
O43 - CFD: 12/02/2010 - 14:10:05 - [0] ----D C:\Program Files\RayV
O43 - CFD: 18/11/2009 - 18:19:25 - [107,890] ----D C:\Program Files\Spybot - Search & Destroy
O43 - CFD: 14/06/2012 - 18:35:31 - [0,000] ----D C:\ProgramData\Ad-Aware Browsing Protection
O43 - CFD: 08/07/2012 - 12:14:50 - [0,120] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 14/06/2012 - 18:37:38 - [0,002] ----D C:\Users\Louln\AppData\Roaming\Ad-Aware Antivirus
O43 - CFD: 21/02/2010 - 11:37:19 - [0,003] ----D C:\Users\Louln\AppData\Roaming\RayV
O43 - CFD: 14/06/2012 - 18:35:35 - [4,417] ----D C:\Users\Louln\AppData\Local\adaware
O43 - CFD: 15/03/2013 - 18:54:51 - [0,212] ----D C:\Users\Louln\AppData\Local\Bundled software uninstaller
~ 106 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 306 Legitimates Scanned in 00mn 29s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.4CBCC1C6FFB72C606A3DD7F9E74700B4] - 31/03/2013 - 17:27:43 ---A- . (...) -- C:\aaw7boot.log [332420]
O44 - LFC:[MD5.CEDAA1296F909C019792F9C9AAA45D28] - 31/03/2013 - 17:26:02 ---A- . (...) -- C:\Windows\DeleteOnReboot.bat [130]
O44 - LFC:[MD5.BE4D946B5D8745DD7CD4CA9CA04F4989] - 27/02/2013 - 12:24:40 ---A- . (...) -- C:\Windows\System32\dmwu.exe [1013552]
O44 - LFC:[MD5.351677F04B3DC84937FBFA20CD6E958D] - 27/02/2013 - 12:21:38 ---A- . (...) -- C:\Windows\System32\ImHttpComm.dll [28160]
O44 - LFC:[MD5.188E68005ED62F32248032C65CB4DE96] - 13/05/2011 - 15:59:22 ---A- . (...) -- C:\Windows\System32\Microsoft.VC80.CRT.manifest [1870]
~ Files: 49 Legitimates Scanned in 00mn 32s
---\\ Déni du service (Local Security Authority) (O48)
~ LSA: 7 Legitimates Scanned in 00mn 00s
---\\ Contrôle du Safe Boot (CSB) (O49)
~ CBS: 13 Legitimates Scanned in 00mn 00s
---\\ Trojan Driver Search Data (HKLM) (O52)
~ TDSD: 4 Legitimates Scanned in 00mn 00s
---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\KBD [Key] . (...) -- C:\HP\KBD\KbdStub.exe
O53 - SMSR:HKLM\...\startupreg\NvCplDaemon [Key] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll
O53 - SMSR:HKLM\...\startupreg\NvMediaCenter [Key] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\system32\NvMcTray.dll
O53 - SMSR:HKLM\...\startupreg\SpybotSD TeaTimer [Key] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O53 - SMSR:HKLM\...\startupreg\VX1000 [Key] . (.Microsoft Corporation - Microsoft LifeCam Device Application.) -- C:\Windows\vVX1000.exe
O53 - SMSR:HKLM\...\startupreg\WMPNSCFG [Key] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
~ SMSR Keys: 22 Legitimates Scanned in 00mn 00s
---\\ Microsoft Control Security Providers (O54)
~ MSCP: 2 Legitimates Scanned in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ MWPS: 19 Legitimates Scanned in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLogoff"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoClose"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
~ Keys: Scanned in 00mn 00s
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 10:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [420968]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
~ Drivers: Scanned in 00mn 00s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 03/11/2011 - C:\Windows\System32\DRIVERS\Lbd.sys (Lbd) .(.Lavasoft AB - Boot Driver.) - LEGACY_LBD
O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\spoolsv.exe,-1 (Spooler) .(...) - LEGACY_SPOOLER
~ Legacy: 75 Legitimates Scanned in 00mn 00s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ Keys: Scanned in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <chrome.exe> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {93E78D18-1C6F-472C-9526-638A4B96DE44} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {EDF0ACEA-9179-4873-8E97-FC09A232FDF9} - (AOL Recherche) - http://slirsredirect.search.aol.com
O69 - SBI: SearchScopes [HKCU] {F39A6897-CC13-4739-8B91-07E5B0E2DCF8} - (Kelkoo) - http://fr.kelkoopartners.net
~ Keys: Scanned in 00mn 00s
---\\ Recherche des services démarrés par Svchost (O83)
~ Services: 31 Legitimates Scanned in 00mn 00s
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.B0E6810C33B2D18222597F1E0BD3DEF2] [SPRF][30/04/2009] (...) -- C:\ProgramData\ezsidmv.dat [56]
[MD5.21C353DA798C7E81E11A949FCA1791E6] [SPRF][31/10/2012] (...) -- C:\Users\Louln\AppData\Local\d3d9caps.dat [680]
[MD5.804E6B5F713C98B4100EB913B936E2B1] [SPRF][31/03/2013] (.Eclipse Foundation - SWT for Windows native library.) -- C:\Users\Louln\AppData\Local\Temp\swt-win32-3333.dll [303104]
[MD5.F1D3FF8443297732862DF21DC4E57262] [SPRF][12/01/2009] (...) -- C:\Users\Louln\AppData\Roaming\wklnhst.dat [4]
[MD5.B63CCB43F2779CBEA5D8D3CE2E3D90FB] [SPRF][26/10/2012] (...) -- C:\Users\Louln\Desktop\Minecraft.exe [263186]
[MD5.632E0CE38FBCADEAAE28077F4C9C45D5] [SPRF][21/10/2010] (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller 10.1 r102.) -- C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [2827728]
~ Files: Scanned in 00mn 00s
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{EFF4FD69-9889-434F-B4DD-52565C3D2016}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\CrazyLoader\crazyloader.exe (.not file.)
O87 - FAEL: "{1F2A0169-73DD-4AC7-AF98-77936CBAAA3A}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\CrazyLoader\crazyloader.exe (.not file.)
O87 - FAEL: "{BCFE8FCF-C32D-4CB9-85A4-64BFB8BF694B}" | In - Private - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
O87 - FAEL: "{24DD5B3D-544A-464B-8565-9A002343E05E}" | In - Private - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
O87 - FAEL: "{E8D79D27-C196-4B04-B95E-41A50787287A}" | In - Public - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
O87 - FAEL: "{6BDD0AE1-41E9-4AFF-B5DF-314180FE722F}" | In - Public - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
~ Firewall: 211 Legitimates Scanned in 00mn 01s
---\\ Scan Additionnel (O88)
Database Version : v2.11349 - (30/03/2013)
Clés trouvées (Keys found) : 21
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 2
Fichiers trouvés (Files found) : 0
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKLM\Software\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Classes\Interface\{db885111-f39f-4d88-9ee5-c88460b6df7b}] =>Adware.Agent
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar] =>Toolbar.Agent
[HKLM\Software\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}] =>Toolbar.ToolBand
[HKLM\Software\Classes\Interface\{DB885111-F39F-4D88-9EE5-C88460B6DF7B}] =>Toolbar.ToolBand
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller] =>Adware.MegaSearch
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\Arpcache\SweetIM Bundle by SweetPacks] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetIM Bundle by SweetPacks] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
[HKLM\Software\Mozilla\Firefox\Extensions]:crazyloader@spointer.com =>Adware.SPointer
C:\Users\Louln\AppData\Local\Bundled software uninstaller =>Adware.MegaSearch
C:\Users\Louln\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb =>Toolbar.PricePeep
~ Additionnel: Scanned in 00mn 42s
---\\ Product Upgrade Codes (O90)
~ Update Products: 128 Legitimates Scanned in 00mn 00s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 24/10/2011 55144 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 07/03/2013 45248 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Auto 30/04/2009 133104 | (gupdate1c9c9cc98f193d0) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 30/04/2009 133104 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 15/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 19/09/2007 65536 | (HP Health Check Service) . (.Hewlett-Packard.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
SR - | Demand 19/01/2008 21504 | C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 19/01/2008 21504 | C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 02/06/2008 354840 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
SS - | Demand 13/11/2011 821608 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 17/03/2009 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 19/01/2008 21504 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 16/10/2008 125472 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\System32\nvvsvc.exe
SR - | Auto 19/01/2008 21504 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Auto 26/01/2009 1153368 | (SBSDWSCService) . (.Safer Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
SS - | Auto 13/07/2012 160944 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 19/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 19/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 01s
End of the scan (624 lines in 03mn 01s)(0)
Est-ce qu'electricien 69 pourrait m'aider ensuite? ou qqun d'autre?
Un grand merci d'avance.
A voir également:
- Se débarraser d'optimizer pro
- Tcp optimizer - Télécharger - Optimisation
- Optimizer - Télécharger - Optimisation
- I14 pro max - Guide
- Clé d'activation windows 10 pro - Guide
- Honor magic 5 pro vs s23 ultra - Guide
3 réponses
Utilisateur anonyme
31 mars 2013 à 19:51
31 mars 2013 à 19:51
bonjour,
je pense que tu peux le désinstaller facilement depuis le panneau de configuration, programmes et fonctionnalité :D
je pense que tu peux le désinstaller facilement depuis le panneau de configuration, programmes et fonctionnalité :D
hp29
Messages postés
2
Date d'inscription
dimanche 31 mars 2013
Statut
Membre
Dernière intervention
1 avril 2013
1 avril 2013 à 14:29
1 avril 2013 à 14:29
un grand merci Electricien 69, car j'ai fait ce que tu m'as indiqué et tout semble être redevenu normal.
Merci encore!
Merci encore!
