rapport Fermé

Question

Bonjour, 
qui peux regarder mon rapport svp merci
http://cjoint.com/?CEqjMTaeZwM


Configuration: Windows XP / Firefox 20.0

tatitato · Answer

Bonjour, 

http://pjjoint.malekal.com/

met ton rapport et demande l'analyse. il te dirai ou sont les problémes.

cdt

Destrio5 · Answer

Bonjour,

--> Télécharge et lance  AdwCleaner (d'Xplode), choisis l'option "Suppression" et poste le rapport.

martine03 · Answer

# AdwCleaner v2.300 - Rapport créé le 16/05/2013 à 11:36:54
# Mis à jour le 28/04/2013 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (32 bits)
# Nom d'utilisateur : Nathalie - PC-DE-NATHALIE
# Mode de démarrage : Normal
# Exécuté depuis : C:\Users\Nathalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\30N7V0IL\adwcleaner.exe
# Option [Suppression]


***** [Services] *****


***** [Fichiers / Dossiers] *****

Dossier Supprimé : C:\Program Files\DomaIQ Uninstaller
Dossier Supprimé : C:\Program Files\Supreme Savings
Dossier Supprimé : C:\ProgramData\Babylon
Dossier Supprimé : C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnmdgidklhhnmppphpohildcefnaaflp
Dossier Supprimé : C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Dossier Supprimé : C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihkeoookbpemkdccdccdmacnidhooohk
Dossier Supprimé : C:\Users\Nathalie\AppData\Local\lollipop
Dossier Supprimé : C:\Users\Nathalie\AppData\Local\Updater19962
Dossier Supprimé : C:\Users\Nathalie\AppData\Roaming\Babylon

***** [Registre] *****

Clé Supprimée : HKCU\Software\AppDataLow\Software\Crossrider
Clé Supprimée : HKCU\Software\AppDataLow\Software\Supreme Savings
Clé Supprimée : HKCU\Software\BabylonToolbar
Clé Supprimée : HKCU\Software\DataMngr
Clé Supprimée : HKCU\Software\InstalledBrowserExtensions
Clé Supprimée : HKCU\Software\lollipop
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110111991162}
Clé Supprimée : HKLM\Software\Babylon
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110111991162}
Clé Supprimée : HKLM\SOFTWARE\Classes\CrossriderApp0019962.BHO
Clé Supprimée : HKLM\SOFTWARE\Classes\CrossriderApp0019962.BHO.1
Clé Supprimée : HKLM\SOFTWARE\Classes\CrossriderApp0019962.Sandbox
Clé Supprimée : HKLM\SOFTWARE\Classes\CrossriderApp0019962.Sandbox.1
Clé Supprimée : HKLM\SOFTWARE\Classes\Prod.cap
Clé Supprimée : HKLM\Software\DataMngr
Clé Supprimée : HKLM\Software\DomaIQ
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110111991162}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111991162}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Supreme Savings
Clé Supprimée : HKLM\Software\Supreme Savings

***** [Navigateurs] *****

-\ Internet Explorer v10.0.9200.16576

[OK] Le registre ne contient aucune entrée illégitime.

-\ Google Chrome v26.0.1410.64

Fichier : C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Le fichier ne contient aucune entrée illégitime.

*************************

AdwCleaner[S1].txt - [9043 octets] - [15/05/2013 20:30:16]
AdwCleaner[S2].txt - [3161 octets] - [16/05/2013 11:36:54]

########## EOF - C:\AdwCleaner[S2].txt - [3221 octets] ##########

Destrio5 · Answer

--> Relance AdwCleaner et choisis "Désinstaller".

--> Je voudrais un nouveau rapport ZHPDiag.

martine03 · Answer

http://cjoint.com/?CEqmhjQDERP

Destrio5 · Answer

--> Copie tout le texte présent en gras ci-dessous (Sélectionne-le, clique droit dessus et choisis "Copier").


SysRestore
G1 - GCS: Preference [User Data\Default] http://www1.delta-search.com  
O4 - GS\Programs: Webplayer.lnk . (...)  -- C:\Users\Nathalie\AppData\Roaming\Microsoft\Installer\{9937E55B-6331-4804-93EF-77E992F204BD}\_3F7CDAE07E1639C4AEA7A8.exe 
[MD5.00000000000000000000000000000000] [APT] [Updater19962.exe] (...) -- C:\Users\Nathalie\AppData\Local\Updater19962\Updater19962.exe (.not file.)   [0]  
[MD5.00000000000000000000000000000000] [APT] [Updater27096.exe] (...) -- C:\Users\Nathalie\AppData\Local\Updater27096\Updater27096.exe (.not file.)   [0]  
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://portail.sfr/      
O53 - SMSR:HKLM\...\startupreg\lollipop  [Key] . (...) -- c:\users
athalie\appdata\local\lollipop\lollipop.exe (.not file.)   
O53 - SMSR:HKLM\...\startupreg\Optimizer Pro  [Key] . (...) -- C:\Program Files\Optimizer Pro\OptProLauncher.exe (.not file.)  
C:\Users\Nathalie\Downloads\flvmplayer.exe  
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]   
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]  
[HKLM\Software\Classes\CLSID\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]   
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]  
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\lollipop]   
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220122992262}]   
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111991162}]  
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211701196}]   
[HKCU\Software\YahooPartnerToolbar]
EmptyCLSID
EmptyFlash
EmptyTemp


--> Puis lance ZHPFix depuis le raccourci situé sur ton Bureau.

--> Clique sur le bouton "Coller le presse-papier". 

--> Dans l'encadré principal, tu verras donc les lignes que tu as copié précédemment apparaître. Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.

--> Clique sur "GO" pour lancer le nettoyage. Laisse l'outil travailler et ne touche à rien.

--> Accepte la désinstallation des programmes si proposé, mais refuse le redémarrage de ton PC si également proposé, car cela stopperait ZHPFix.

--> Une fois terminé, copie-colle le rapport dans ton prochain message.

martine03 · Answer

SysRestore
G1 - GCS: Preference [User Data\Default] http://www1.delta-search.com
O4 - GS\Programs: Webplayer.lnk . (...) -- C:\Users\Nathalie\AppData\Roaming\Microsoft\Installer\{9937E55B-6331-4804-93EF-77E992F204BD}\_3F7CDAE07E1639C4AEA7A8.exe
[MD5.00000000000000000000000000000000] [APT] [Updater19962.exe] (...) -- C:\Users\Nathalie\AppData\Local\Updater19962\Updater19962.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Updater27096.exe] (...) -- C:\Users\Nathalie\AppData\Local\Updater27096\Updater27096.exe (.not file.) [0]
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://portail.sfr/
O53 - SMSR:HKLM\...\startupreg\lollipop [Key] . (...) -- c:\users
athalie\appdata\local\lollipop\lollipop.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Optimizer Pro [Key] . (...) -- C:\Program Files\Optimizer Pro\OptProLauncher.exe (.not file.)
C:\Users\Nathalie\Downloads\flvmplayer.exe
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]
[HKLM\Software\Classes\CLSID\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\lollipop]
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220122992262}]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111991162}]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211701196}]
[HKCU\Software\YahooPartnerToolbar]
EmptyCLSID
EmptyFlash
EmptyTemp

Destrio5 · Answer

Ça, c'est le script.

martine03 · Answer

voici le raport
Rapport de ZHPFix 2013.5.11.1 par Nicolas Coolman, Update du 11/05/2013
Fichier d'export Registre : 
Run by Nathalie at 16/05/2013 14:42:45
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 32-bit Service Pack 1 (Build 7601)

Corbeille vidée

========== Processus mémoire ==========
SUPPRIME Memory Process: C:\Users\Nathalie\Downloads\flvmplayer.exe

========== Clé(s) du Registre ==========
SUPPRIME Key:  StartupReg: lollipop
SUPPRIME Key:  StartupReg: Optimizer Pro
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}
SUPPRIME Key: HKLM\Software\Classes\CLSID\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}
ABSENT Key: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\lollipop
SUPPRIME Key: HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220122992262}
SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111991162}
SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211701196}
SUPPRIME Key: HKCU\Software\YahooPartnerToolbar

========== Elément(s) de donnée du Registre ==========
SUPPRIME R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page

========== Préférences navigateur ==========
PRESENT Chrome File: C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Preferences
SUPPRIME Chrome Site: http://www1.delta-search.com

========== Dossier(s) ==========
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{068783BB-EC3F-4C24-BE5B-F0C9E9C5EE75}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{076E0152-41A4-445A-9221-9BD78DB14FC7}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{07A5807D-9CBF-4A29-9E4F-58DE216E4DAC}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{092222C7-6CBA-4E63-9EA4-E941884C25FF}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{0A787260-C418-4C10-8304-580088A1235C}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{0C48C288-155E-4F49-B287-70D88CB82F61}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{0C819176-A5E0-4B09-BF02-753DE160A47F}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{0EB7DA15-5C8F-4EEE-893F-48DE10A8C447}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{0FB574A9-A392-4A3B-9E1F-862B721D989A}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{1187F9E2-38E6-4725-B03F-286736E09C3A}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{1337E197-2208-4842-8E6E-271BCE315A67}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{1415C8BD-3F7D-421C-8A01-2093B4AEFD31}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{1EC9C7ED-6FB4-41B6-A013-46D1A40D4E98}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{2294FDC3-4198-48D1-9DB3-F1FDDC15AE13}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{2596486B-B847-4F38-BBDE-BE9A66D022D8}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{267EF291-4978-4BAE-BBCE-30EA04864AC7}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{2D3DFDC3-61FE-4806-817B-7CAD5E66E661}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{309C4813-5091-4D8F-9AA6-98F139CF38FB}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{3835311A-89B7-494B-94D9-36851F116830}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{396A463C-08F0-4240-B204-331F501C88C9}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{40FA0D8A-467A-400C-BAAD-06BC6A9D14EF}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{4293269E-2ADA-45C3-81B1-4699F282CB98}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{45FE7EC0-C3B3-4148-8360-B69B7EDEF411}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{48D84C30-1974-4956-9729-3B0CBDE186D9}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{4AF44C38-8925-4E8F-A182-88325301DC45}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{4CC41AA8-5F9E-4867-B4F6-46C47C8F4051}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{4D85B60A-092B-4BA0-B408-D5AD0A01264E}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{4EA2C804-528D-4BD9-A254-8863ED90C75E}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{54AA64B2-DD89-46ED-8A09-5FC2816B776B}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{59F83024-BE8E-4CE3-AAFF-43597D05C9B6}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{5ACD8335-1E85-49E8-A058-A355171EB1D1}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{5B3B6FB5-B83C-4F69-8CDF-A3752497F3AA}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{5D3112CF-356E-4616-8C7C-F713EDA53913}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{5E5FB354-2620-47D3-9445-BC3094B712EF}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{68560409-C227-4110-861D-0993C4BAA9D6}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{6A2A4FF1-2968-49D5-AFBB-F19EB4C7C113}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{6CDA322F-8C3D-4665-B888-C80366001D4D}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{6D2EBFBD-2362-420D-B0AD-8A9F24000A9E}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{70882EEA-097E-45E5-AFA5-75E07C9CA349}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{72B797D4-60F4-45F3-BA3D-9D6982529103}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{74C3037B-FDA9-41BA-A009-301892142A92}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{7568F12E-3131-4B6D-AB50-9CD5001A9EE6}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{779FDDE1-87AB-4159-8094-5B2638CFF8AD}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{7A6BCF95-F2C1-4A23-90D4-90AE543612E3}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{7DA5C4CF-5328-487E-9D0A-FCA8C0D6A9BA}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{871EFBCC-DBCE-4136-BF63-0613C11A422D}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{89C253CB-5C65-4F49-A270-C6EA6DA30010}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{8C8731C0-5AF5-40DE-85D8-A76EB748B821}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{8D0BCB78-8CA8-49CC-B203-C33805219630}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{9037BE28-E50C-497F-BA81-6D3F27D95258}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{92CCBA7E-5A59-4110-9FD5-510DF55003B4}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{97F37B5A-87D3-4F6B-B88B-E633D0366783}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{9939F38F-E697-45AC-B7E3-A2C9B7BEB126}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{9AF1DEC7-05C9-4A5A-A292-519852E63C3C}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{9CED4979-6078-44D2-BEC9-370050EB96FF}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{A2729AE2-7292-4B16-9A0C-27F1842B0AF0}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{A59C3C1E-4255-4C97-80FA-282D61A0833B}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{A61CEAAC-B62B-45CD-9E4F-8521C02B5F6A}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{A65A7802-9794-4D9D-A601-8C5BBCF5285A}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{A7315A1D-8F67-4141-B3D3-BC21E9F49C8A}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{AC3BAAF0-3CC5-44C5-84CC-DB55A9EE800E}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{AD68FD66-7BD9-47A4-8819-0C319E751E0E}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{AE4987EB-7552-4778-BCE6-D5CF47B4A885}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{AE9F73D6-5995-427E-8371-204E1D9C445F}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{AFAF08C3-BCD0-4BEF-A498-8CA8B57BF5F2}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{B957AF8F-896A-4802-A751-45AAE5D0D953}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{BBDE5010-0538-4ACE-B543-1D4F1DA4A9BB}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{BE090A9D-D247-4CB8-94BE-30CE7CFF78EB}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{BE51069F-6006-48B1-8CC2-9956FC402E52}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{BFA6D799-7BA3-4F83-95A4-62A423687FF2}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{C0B7180E-05F3-447B-9FB4-3632199DAE18}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{C4363E7F-787F-4423-A947-D35673CC059B}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{C46DEE2A-870E-4C74-BC9D-71397468D5D1}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{C5F898DE-7ABE-4086-B3A9-8AE65A84D5D5}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{C9185C71-E0D0-4313-8554-7C122F49252E}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{CB3101B2-5976-42BB-83DB-49E7F2D98D5D}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{CE55096E-7264-4A8E-AA5D-361B32E1A50B}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{D17A5DC6-5497-4ACC-939B-C94C1B638905}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{D33C37EF-FB59-4F81-965B-17D9BAEB422A}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{D40B6031-5B9E-4E71-8BF5-F6D201CEFA56}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{D7D7AF6A-5FC9-4FDC-9666-715E91E5AB1C}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{D93B462C-A88C-4B5B-A16C-6A79B32B31CF}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{D95DE9EE-E77B-4B78-942F-E902A784D485}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{DE8FD641-3B64-45E2-8706-60E7016B7607}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{DF45B32B-2EB1-4E30-A428-D22BFAA0916F}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{E4424BEE-956E-4F6B-865B-A8F60911B209}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{EDFFD719-DEE2-42B8-A71D-AB06B67ECDBD}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{EEA2709E-38B9-4364-8C93-24F47AAE537F}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{EF3A9853-7C6E-42A1-B414-4505A05ED9A6}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{F3AFA3F0-E611-4E4D-9771-8D59A7D868AB}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{F4771C5E-A49C-43A7-8911-A9B4BA933759}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{F6245029-12C0-4358-8C5F-7FF0B32ABEB8}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{F8F7190C-3477-4E97-BA8D-FAABB73E9B7E}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{F90589B1-A2DA-4528-8917-8B961FDFD422}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{FCDB865A-FBD8-4205-9A60-FD26F9BC5828}
SUPPRIME Folder: C:\Users\Nathalie\AppData\Local\{FFDEA757-F2B1-4D2D-8381-E355222E63C0}
SUPPRIME Flash Cookies
SUPPRIME Temporaires Windows

========== Fichier(s) ==========
SUPPRIME File: c:\users
athalie\appdataoaming\microsoft\windows\start menu\programs\webplayer.lnk 
SUPPRIME File: c:\users
athalie\appdataoaming\microsoft\installer\{9937e55b-6331-4804-93ef-77e992f204bd}\_3f7cdae07e1639c4aea7a8.exe 
ABSENT File: c:\users
athalie\appdata\local\lollipop\lollipop.exe
ABSENT File: c:\program files\optimizer pro\optprolauncher.exe
SUPPRIME File: c:\users
athalie\downloads\flvmplayer.exe
SUPPRIME Flash Cookies
SUPPRIME Temporaires Windows

========== Tache planifiée ==========
SUPPRIME Task: Updater19962.exe
SUPPRIME Task: Updater27096.exe

========== Restauration Système ==========
Point de restauration du système créé avec succès


========== Récapitulatif ==========
1 : Processus mémoire
11 : Clé(s) du Registre
1 : Elément(s) de donnée du Registre
98 : Dossier(s)
7 : Fichier(s)
2 : Préférences navigateur
2 : Tache planifiée
1 : Restauration Système


End of clean in 03mn 28s

========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 16/05/2013 14:42:48 [11409]

Destrio5 · Answer

Plus de souci ?

Un nouveau rapport ZHPDiag s'il te plaît ;)

martine03 · Answer

Rapport de ZHPDiag v2013.5.15.122 par Nicolas Coolman, Update du 14/05/2013
Run by Nathalie at 16/05/2013 14:52:28
WebSite: http://nicolascoolman.wix.com/nicolascoolman
State : Version à jour.
WhiteList : Disable
High Elevated Privileges : OK
UAC : Activate by user


---\ Web Browser
MSIE: Internet Explorer v10.0.9200.16576
MFIE: Mozilla Firefox 21.0 (Defaut)
GCIE: Google Chrome v26.0.1410.64

---\ Windows Product Information
~ Langage: Français
Windows 7 Home Premium Edition, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_COA_SLP channel
Windows ID Activation : OK
~ Windows Partial Key : YKJH7
Windows License : OK
~ Windows Remaining Initializations Number : 5
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\ System Protection
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft Security Client FR-FR Language Pack v2.1.1116.0
Windows Defender W7

---\ System Optimizer
CCleaner v4.01   =>Piriform Ltd

---\ Peer To Peer (P2P)
eMule

---\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader XI

---\ System Information
~ Processor: x86 Family 15 Model 95 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1502 MB (37% free)
System Restore: Activé (Enable)
System drive C: has 50 GB (50%) free of 98 GB

---\ Logged in mode
~ Computer Name: PC-DE-NATHALIE
~ User Name: Nathalie
~ All Users Names: UpdatusUser, Nathalie, Administrateur, 
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Nathalie\AppData\Roaming\
~ %Desktop% : C:\Users\Nathalie\Desktop\
~ %Favorites% : C:\Users\Nathalie\Favorites\
~ %LocalAppData% : C:\Users\Nathalie\AppData\Local\
~ %StartMenu% : C:\Users\Nathalie\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 50 Go of 98 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 134 Go of 135 Go)
E:\ CD-ROM drive (Not Inserted)



---\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  OK
~ Security Center: 28 Scanned in 00mn 00s



---\ Recherche particulière de fichiers génériques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.5ABB3F36AF17007F33FA275E96A2C95E] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.15/05/2013 - 20:49:53.) -- C:\Windows\System32\wininet.dll [1767424]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/01/2011 - 20:36:30.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/01/2011 - 20:36:54.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.9EBBBA55060F786F0FCAA3893BFA2806] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.25/04/2011 - 03:18:03.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/01/2011 - 20:36:24.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/01/2011 - 20:36:31.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/01/2011 - 20:36:24.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/01/2011 - 20:36:32.) -- C:\Windows\system32\Drivers
etBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 14:45:29.) -- C:\Windows\system32\Drivers
tfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/01/2011 - 20:36:30.) -- C:\Windows\system32\Drivers	dx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/01/2011 - 20:36:24.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes:  Scanned in 00mn 01s



---\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 3/3934
~ Mes musiques (My Musics) : 1/5
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/116
~ Mes Documents (My Documents) : 1/7251
~ Mon Bureau (My Desktop) : 1/54
~ Menu demarrer (Programs) : 1/22
~ Hidden Files:  Scanned in 01mn 01s



---\ Processus lancés
[MD5.1568FF282E268082C67CF0C3EBCC9179] - (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe   [976320] [PID.304]
[MD5.F6573840989C4E8ED2EBF8B0644CF500] - (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files\SFR\Kit\9props.exe   [959880] [PID.768]
[MD5.B776DFE408E415AA901030C022EEB7DA] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display
vtray.exe   [1821472] [PID.2136]
[MD5.7BB7E26DDC7E4AB9DC1559E17DD0A3BA] - (.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files\TeamViewer\Version8\TeamViewer.exe   [10244448] [PID.2600]
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\system32\DllHost.exe   [7168] [PID.1860]
[MD5.534A3CB0847BA114F0D8A5F2BB2EF6D0] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe   [887432] [PID.1256]
[MD5.B55DCF7999A220D2C6F3EC4621318AFD] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [7354880] [PID.5008]
~ Processes Running:  Scanned in 00mn 02s



---\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] https://www.google.fr/?gws_rd=ssl
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Chrome Web Store v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
~ Google Browser: 6 Scanned in 00mn 00s



---\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
C:\Users\Nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\yf8htx6j.default\prefs.js
M0 - MFSP: prefs.js [Nathalie - yf8htx6j.default] https://www.sfr.fr/
M2 - MFEP: prefs.js [Nathalie - yf8htx6j.default\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}] [WOT] WOT v20130515 (..)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_29 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin
ew_plugin
pjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20125.0.) -- C:\Program Files\Microsoft Silverlight\5.1.20125.0
pctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.145
pGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.145
pGoogleUpdate3.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.03.) -- C:\Program Files\Adobe\Reader 11.0\Reader\AIR
ppdf32.dll
~ Firefox Browser: 9 Scanned in 00mn 00s



---\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fhome.microsoft.com%2fintl%2fbr%2faccess%2fallinone.asp%3f
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.03.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 11 Scanned in 00mn 00s



---\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20



---\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AdblockIE - {90EFF544-3981-4d46-85C9-C0361D0931D6} . (...) -- mscoree.dll (.not file.)
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} . (...) -- C:\Program Files\WOT\WOT.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
~ BHO: 6 Scanned in 00mn 00s



---\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Easy Photo Print - [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: WOT - [HKLM]{71576546-354D-41c9-AAE8-31F2EC22BF0D} . (...) -- C:\Program Files\WOT\WOT.dll
~ Toolbar:  Scanned in 00mn 00s



---\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [EEventManager] . (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe 
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe 
O4 - HKCU\..\Run: [Connexion SFR 9props.exe] . (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files\SFR\Kit\9props.exe 
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehTray.exe 
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe 
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe 
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe 
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe 
O4 - HKUS\S-1-5-21-1243578493-3138545665-2837266019-1000\..\Run: [Connexion SFR 9props.exe] . (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files\SFR\Kit\9props.exe 
O4 - HKUS\S-1-5-21-1243578493-3138545665-2837266019-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehTray.exe 
~ Application:  Scanned in 00mn 00s



---\ Autres liens utilisateurs (O4)
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.)  -- C:\Windows\system32\eudcedit.exe 
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft  Windows Fax and Scan.)  -- C:\Windows\system32\WFS.exe 
O4 - GS\TaskBar: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Program Files\Google\Chrome\Application\chrome.exe 
O4 - GS\TaskBar: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.)  -- C:\Program Files\Mozilla Firefox\firefox.exe 
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.)  -- C:\Windows\explorer.exe 
O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.)  -- C:\Program Files\Windows Media Player\wmplayer.exe 
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe 
O4 - GS\QuickLaunch: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Program Files\Google\Chrome\Application\chrome.exe 
O4 - GS\QuickLaunch: Launch Internet Explorer Browser (2).lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe 
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe 
O4 - GS\QuickLaunch: Microsoft Office Outlook.lnk . (.Microsoft Corporation - Microsoft Office Outlook.)  -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.exe 
O4 - GS\QuickLaunch: Nero Home.lnk . (.Nero AG - Nero Home.)  -- C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe 
O4 - GS\QuickLaunch: Nero StartSmart.lnk . (.Nero AG - Nero StartSmart.)  -- C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe 
O4 - GS\QuickLaunch: Samsung New PC Studio.lnk . (.Samsung Electronics Co., Ltd. - New PC Studio.)  -- C:\Program Files\Samsung\Samsung New PC Studio\NPSGuide.exe 
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe 
O4 - GS\Desktop: 9Giga Synchro.lnk . (.Agematis - 9Giga Synchro.)  -- C:\Program Files\SFR\9Giga Synchro\9Giga_Synchro.exe 
O4 - GS\Desktop: Continue Video Downloader Installation.lnk . (...)  -- C:\Users\Nathalie\Downloads\video_downloader (1).exe
O4 - GS\Desktop: Disque local (D) - Raccourci.lnk . (...)  -- D:\ 
O4 - GS\Desktop: Epson Easy Photo Print.lnk . (.SEIKO EPSON CORPORATION - Pas de description.)  -- C:\Program Files\Epson Software\Easy Photo Print\EPQuicker.exe 
O4 - GS\Desktop: fichiers emule telechargés - Raccourci.lnk . (...)  -- D:\fichiers emule telechargés 
O4 - Global Startup: C:\Users\Nathalie\Desktop\Home - Adecco - Recrutement, Intérim et développement des compétences.url . (.FLVMPlayer - FLV Media Player Setup.)  -- C:\Users\Nathalie\Desktop\Home - Adecco - Recrutement, Intérim et développement des compétences.url
O4 - GS\Desktop: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe 
O4 - GS\Desktop: Media Center.lnk . (.Microsoft Corporation - Windows Media Center.)  -- C:\Windows\ehome\ehshell.exe 
O4 - GS\Desktop: Microsoft Office Access 2007.lnk . (...)  -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\accicons.exe
O4 - GS\Desktop: Microsoft Office Excel 2007.lnk . (...)  -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe
O4 - GS\Desktop: Microsoft Office InfoPath 2007.lnk . (...)  -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\inficon.exe
O4 - GS\Desktop: Microsoft Office Outlook 2007.lnk . (...)  -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe
O4 - GS\Desktop: Microsoft Office PowerPoint 2007.lnk . (...)  -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe
O4 - GS\Desktop: Microsoft Office Publisher 2007.lnk . (...)  -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pubs.exe
O4 - GS\Desktop: Microsoft Office Word 2007 - Copie.lnk . (...)  -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe
O4 - GS\Desktop: PhotoFiltre.lnk . (.Antonio Da Cruz - PhotoFiltre.)  -- C:\Program Files\PhotoFiltre\PhotoFiltre.exe 
O4 - GS\Desktop: Récapitulatif kms - Raccourci (2).lnk . (...)  -- C:\Users\Nathalie\Documents\Récapitulatif kms.xls 
O4 - GS\Desktop: sauvegardes Nathalie - Raccourci.lnk . (...)  -- D:\sauvegardes Nathalie 
O4 - Global Startup: C:\Users\Nathalie\Desktop\SFR - Copie.url . (...)  -- C:\Users\Nathalie\Desktop\SFR - Copie.url
O4 - Global Startup: C:\Users\Nathalie\Desktop\SFR.url . (...)  -- C:\Users\Nathalie\Desktop\SFR.url
O4 - GS\Desktop: Windows Live Messenger  - Copie.lnk . (.Microsoft Corporation - Windows Live Messenger.)  -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe 
~ Global Startup:  Scanned in 00mn 02s



---\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons:  Scanned in 00mn 00s



---\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32
apinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 6 Scanned in 00mn 00s



---\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} ((no name)) - https://www.bitdefender.com/toolbox/
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} ((no name)) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ((no name)) - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} ((no name)) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
~ Objets ActiveX:  Scanned in 00mn 00s



---\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{2353D648-58AA-4BC1-9655-ED67EBBB9309}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{40098829-945B-4360-A5A7-662EE49F7B78}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{2353D648-58AA-4BC1-9655-ED67EBBB9309}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{40098829-945B-4360-A5A7-662EE49F7B78}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{2353D648-58AA-4BC1-9655-ED67EBBB9309}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{40098829-945B-4360-A5A7-662EE49F7B78}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain:  Scanned in 00mn 00s



---\ Protocole additionnel (O18)
O18 - Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} . (...) -- C:\Program Files\WOT\WOT.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll
~ Protocole Additionnel:  Scanned in 00mn 00s



---\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: FsUsbExService (FsUsbExService) . (.Teruten - FsUsbDevice.) - C:\Windows\system32\FsUsbExService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 307.8.) - C:\Windows\system32
vvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: TeamViewer 8 (TeamViewer8) . (.TeamViewer GmbH - TeamViewer 8.) - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
~ Services: 6 Scanned in 00mn 12s



---\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\Adobe Flash Player Updater.job   [1002]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job   [1056]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job   [1060]
[MD5.F040037B149FD0F5A5044AE563390FA7] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe   [256904]
[MD5.42BC01952E1ED3152DDE0C0C9C2012D4] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe   [3545880]   =>Piriform Ltd
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe   [136176]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe   [136176]
~ Scheduled Task: 8 Scanned in 00mn 05s



---\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\binegutils.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32	hemeui.dll
O40 - ASIC: Internet Explorer - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe
O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
~ Active Setup: 12 Scanned in 00mn 00s



---\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver:  (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver:  (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS
etbios.sys
O41 - Driver: C:\Windows\System32\drivers
etbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS
etbt.sys
O41 - Driver: C:\Windows\System32\drivers
siproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers
siproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERSdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\driversdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\driversdprefmp.sys
O41 - Driver: C:\Windows\System32	cpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS	dx.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS	ermdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: C:\Windows\System32ascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver:  (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 57 Scanned in 00mn 01s



---\ Logiciels installés (O42)
O42 - Logiciel: 9Giga Synchro v2.9.2 - (.SFR.) [HKLM] -- {D9267488-4DC9-4D6B-866D-40E19A23CC04}_is1
O42 - Logiciel: ABBYY FineReader 6.0 Sprint - (.ABBYY Software House.) [HKLM] -- {ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
O42 - Logiciel: AdblockIE - (.af0.net.) [HKLM] -- {5508128A-2C7B-46B5-81F9-58E8E8115F0B}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader XI (11.0.03) - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AB0000000001}
O42 - Logiciel: Beezik - (.Beezik entertainment.) [HKLM] -- {2B5E94EB-7D72-4DD1-B9FA-15A7B1746636}_is1
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner   =>Piriform Ltd
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: EPSON SX125 Series Manuel - (...) [HKLM] -- EPSON SX125 Series Manual
O42 - Logiciel: EPSON SX125 Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON SX125 Series
O42 - Logiciel: EPSON Scan - (.Seiko Epson Corporation.) [HKLM] -- EPSON Scanner
O42 - Logiciel: Epson Easy Photo Print 2 - (.SEIKO EPSON CORPORATION.) [HKLM] -- {310C1558-F6B5-4889-98B0-7471966BA7F2}
O42 - Logiciel: Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) - (.SEIKO EPSON CORPORATION.) [HKLM] -- {B2D55EB8-32C5-4B43-9006-9E97DECBA178}
O42 - Logiciel: Epson Event Manager - (.SEIKO EPSON CORPORATION.) [HKLM] -- {03B8AA32-F23C-4178-B8E6-09ECD07EAA47}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Java(TM) 6 Update 29 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216013FF}
O42 - Logiciel: Java(TM) 6 Update 3 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160030}
O42 - Logiciel: Java(TM) 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070}
O42 - Logiciel: K-Lite Codec Pack 9.0.2 (Basic) - (...) [HKLM] -- KLiteCodecPack_is1
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM] -- {C04E32E0-0416-434D-AFB9-6969D703A9EF}
O42 - Logiciel: MSXML 4.0 SP2 (KB941833) - (.Microsoft Corporation.) [HKLM] -- {C523D256-313D-4866-B36A-F3DE528246EF}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Messenger Plus! Live - (.Patchou.) [HKLM] -- Messenger Plus! Live
O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8}
O42 - Logiciel: Microsoft Corporation - (.Microsoft Corporation.) [HKLM] -- {B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}
O42 - Logiciel: Microsoft LifeCam - (.Microsoft Corporation.) [HKLM] -- {5FC7AB5C-61FC-42DF-A923-5139BCF10D42}
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {390DD8BB-BB57-4942-A029-2D913E4E9D74}
O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {50779A29-834E-4E36-BBEB-B7CABC67A825}
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Mises à jour NVIDIA 1.10.8 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update
O42 - Logiciel: Mozilla Firefox 21.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 21.0 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: NVIDIA Pilote graphique 307.83 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: Nero 7 Ultra Edition - (.Nero AG.) [HKLM] -- {43FFE159-3199-4188-A1CD-629166AD1036}
O42 - Logiciel: OpenOffice.org Installer 1.0 - (.Sun Microsystems.) [HKLM] -- {3A2AF807-9F9F-43C9-A24A-17B617238B74}
O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM] -- {AC599724-5755-48C1-ABE7-ABB857652930}
O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd  (10/12/2007 6.85.4.0) - (.Nokia.) [HKLM] -- 3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F
O42 - Logiciel: PhotoFiltre - (...) [HKLM] -- PhotoFiltre
O42 - Logiciel: SAMSUNG Mobile Composite Device Software - (...) [HKLM] -- SAMSUNG Mobile Composite Device
O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (...) [HKLM] -- SAMSUNG Mobile Modem
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (...) [HKLM] -- SAMSUNG Mobile USB Modem 1.0
O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (...) [HKLM] -- SAMSUNG Mobile USB Modem
O42 - Logiciel: SAMSUNG USB Mobile Device Software - (...) [HKLM] -- SAMSUNG USB Mobile Device
O42 - Logiciel: SFR - Kit de connexion - (.SFR.) [HKLM] -- SFR_Kit
O42 - Logiciel: Samsung Mobile Modem Device Software - (...) [HKLM] -- Samsung Mobile Modem Device
O42 - Logiciel: Samsung Mobile phone USB driver Software - (...) [HKLM] -- Samsung Mobile phone USB driver
O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}
O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM] -- {F193FC0E-9E18-40FC-A974-509A1BDD240A}
O42 - Logiciel: Samsung New PC Studio USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}
O42 - Logiciel: Samsung New PC Studio USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {AF7E85DC-317C-47F5-810E-B82EE093A612}
O42 - Logiciel: SamsungConnectivityCableDriver - (.Samsung.) [HKLM] -- {7E84FAC8-C518-40F9-9807-7455301D6D25}
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}
O42 - Logiciel: TeamViewer 8 - (.TeamViewer.) [HKLM] -- TeamViewer 8
O42 - Logiciel: WOT for Internet Explorer - (.WOT Services Oy.) [HKLM] -- {DCAEC601-735C-41AE-B84F-D792F09FB7D1}
O42 - Logiciel: eMule - (...) [HKLM] -- eMule
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
~ Logic: 112 Scanned in 00mn 01s



---\ HKCU & HKLM Software Keys
[HKCU\Software\ABBYY]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow]
[HKCU\Software\Beezik]
[HKCU\Software\Classes.crx]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\EPSON]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\GlarySoft]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\HookNetwork]
[HKCU\Software\IM Providers]
[HKCU\Software\Icaros]
[HKCU\Software\JavaSoft]
[HKCU\Software\LexmarkInkjet]
[HKCU\Software\Lexmark]
[HKCU\Software\MCAFEE]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Mobileleader]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\Neuf]
[HKCU\Software\Northcode Inc]
[HKCU\Software\ODBC]
[HKCU\Software\Patchou]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\SFR]
[HKCU\Software\Samsung]
[HKCU\Software\Sun Microsystems]
[HKCU\Software\TeamViewer]
[HKCU\Software\Trolltech]
[HKCU\Software\Yass]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\eMule]
[HKCU\Software\ej-technologies]
[HKCU\Software\kde.org]
[HKCU\Software\mozilla]
[HKLM\Software\ABBYY]
[HKLM\Software\ASUS]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Ahead]
[HKLM\Software\BeezikApplication]
[HKLM\Software\BrowserChoice]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\EPSON]
[HKLM\Software\GNU]
[HKLM\Software\Google]
[HKLM\Software\HaaliMkx]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\KLCodecPack]
[HKLM\Software\Khronos]
[HKLM\Software\LAV]
[HKLM\Software\Lexmark]
[HKLM\Software\Licenses]
[HKLM\Software\MCCI]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MarkAny]
[HKLM\Software\McAfee.com]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Nero]
[HKLM\Software\Neuf]
[HKLM\Software\ODBC]
[HKLM\Software\PC Connectivity Solution]
[HKLM\Software\PCSuite]
[HKLM\Software\Patchou]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RT 7 Lite]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SEIKO EPSON CORPORATION]
[HKLM\Software\Samsung]
[HKLM\Software\Sonic]
[HKLM\Software\Sony Corporation]
[HKLM\Software\Sun Microsystems]
[HKLM\Software\TeamViewer]
[HKLM\Software\Volatile]
[HKLM\Software\Windows]
[HKLM\Software\Wow6432Node]
[HKLM\Software\mozilla.org]
~ Key Software: 145 Scanned in 00mn 01s



---\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 30/11/2012 - 17:44:34 - [115,559] ----D C:\Program Files\Abbyy FineReader 6.0 Sprint
O43 - CFD: 15/05/2013 - 21:34:59 - [116,143] ----D C:\Program Files\Adobe
O43 - CFD: 16/05/2013 - 09:47:31 - [9,472] ----D C:\Program Files\af0.net
O43 - CFD: 30/11/2012 - 17:44:40 - [0] ----D C:\Program Files\Alwil Software
O43 - CFD: 16/05/2013 - 08:48:07 - [5,540] ----D C:\Program Files\CCleaner   =>Piriform Ltd
O43 - CFD: 30/11/2012 - 17:45:00 - [535,131] ----D C:\Program Files\Common Files
O43 - CFD: 30/11/2012 - 17:45:00 - [1,231] ----D C:\Program Files\DAEMON Tools
O43 - CFD: 30/11/2012 - 17:45:00 - [0,758] ----D C:\Program Files\DIFX
O43 - CFD: 20/01/2011 - 21:41:54 - [79,371] ----D C:\Program Files\DVD Maker
O43 - CFD: 30/11/2012 - 17:45:00 - [10,687] ----D C:\Program Files\eMule
O43 - CFD: 30/11/2012 - 17:45:02 - [14,220] ----D C:\Program Files\epson
O43 - CFD: 30/11/2012 - 17:45:20 - [160,832] ----D C:\Program Files\Epson Software
O43 - CFD: 30/11/2012 - 18:32:48 - [0] R---D C:\Program Files\Fichiers communs
O43 - CFD: 04/02/2013 - 13:00:48 - [288,088] ----D C:\Program Files\Google
O43 - CFD: 30/11/2012 - 17:45:35 - [29,686] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 15/05/2013 - 21:57:05 - [5,223] ----D C:\Program Files\Internet Explorer
O43 - CFD: 30/11/2012 - 17:45:45 - [238,526] ----D C:\Program Files\Java
O43 - CFD: 27/01/2013 - 17:49:22 - [42,837] ----D C:\Program Files\K-Lite Codec Pack
O43 - CFD: 15/05/2013 - 18:55:07 - [13,251] ----D C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 30/11/2012 - 17:45:53 - [0,211] ----D C:\Program Files\MarkAny
O43 - CFD: 30/11/2012 - 17:45:53 - [12,714] ----D C:\Program Files\Messenger Plus! Live
O43 - CFD: 30/11/2012 - 17:45:54 - [140,966] ----D C:\Program Files\Microsoft Games
O43 - CFD: 01/12/2012 - 19:38:47 - [50,217] ----D C:\Program Files\Microsoft LifeCam
O43 - CFD: 30/11/2012 - 17:46:31 - [561,107] ----D C:\Program Files\Microsoft Office
O43 - CFD: 18/02/2013 - 23:16:38 - [21,713] ----D C:\Program Files\Microsoft Security Client
O43 - CFD: 14/03/2013 - 15:34:21 - [40,835] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 30/11/2012 - 17:46:35 - [0,014] ----D C:\Program Files\Microsoft Visual Studio
O43 - CFD: 30/11/2012 - 17:46:35 - [1,323] ----D C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 30/11/2012 - 17:46:35 - [3,554] ----D C:\Program Files\Microsoft Works
O43 - CFD: 30/11/2012 - 18:38:42 - [7,797] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 16/05/2013 - 14:06:36 - [45,969] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 16/05/2013 - 14:07:32 - [0,214] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 30/11/2012 - 17:46:36 - [0,025] ----D C:\Program Files\MSBuild
O43 - CFD: 31/01/2012 - 12:45:29 - [0] ----D C:\Program Files\MSXML 4.0
O43 - CFD: 30/11/2012 - 17:46:36 - [376,977] ----D C:\Program Files\Nero
O43 - CFD: 14/04/2013 - 22:04:54 - [1289,283] ----D C:\Program Files\NVIDIA Corporation
O43 - CFD: 30/11/2012 - 17:47:04 - [9,319] ----D C:\Program Files\PC Connectivity Solution
O43 - CFD: 30/11/2012 - 17:47:04 - [3,385] ----D C:\Program Files\PhotoFiltre
O43 - CFD: 14/07/2009 - 06:52:30 - [37,450] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 30/11/2012 - 17:47:06 - [167,614] ----D C:\Program Files\Samsung
O43 - CFD: 30/11/2012 - 17:47:14 - [29,173] ----D C:\Program Files\SFR
O43 - CFD: 30/11/2012 - 17:47:15 - [2,430] ----D C:\Program Files\Sun
O43 - CFD: 15/05/2013 - 18:23:31 - [22,754] ----D C:\Program Files\TeamViewer
O43 - CFD: 14/07/2009 - 06:53:23 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 30/11/2012 - 17:47:15 - [0] ----D C:\Program Files\Windows Calendar
O43 - CFD: 30/11/2012 - 17:47:16 - [0] ----D C:\Program Files\Windows Collaboration
O43 - CFD: 20/01/2011 - 21:41:49 - [2,909] ----D C:\Program Files\Windows Defender
O43 - CFD: 01/12/2012 - 04:17:15 - [6,689] ----D C:\Program Files\Windows Journal
O43 - CFD: 30/11/2012 - 17:47:17 - [59,535] ----D C:\Program Files\Windows Live
O43 - CFD: 20/01/2011 - 21:41:55 - [5,895] ----D C:\Program Files\Windows Mail
O43 - CFD: 20/01/2011 - 21:41:53 - [6,298] ----D C:\Program Files\Windows Media Player
O43 - CFD: 30/11/2012 - 18:32:48 - [11,632] ----D C:\Program Files\Windows NT
O43 - CFD: 30/11/2012 - 17:47:17 - [0] ----D C:\Program Files\Windows Photo Gallery
O43 - CFD: 20/01/2011 - 21:41:52 - [4,213] ----D C:\Program Files\Windows Photo Viewer
O43 - CFD: 20/01/2011 - 21:41:53 - [0,181] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 20/01/2011 - 21:41:54 - [6,374] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 16/05/2013 - 11:00:57 - [1,540] ----D C:\Program Files\WOT
O43 - CFD: 16/05/2013 - 14:53:56 - [16,745] ----D C:\Program Files\ZHPDiag
O43 - CFD: 15/05/2013 - 21:35:39 - [7,514] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 30/11/2012 - 17:44:50 - [112,427] ----D C:\Program Files\Common Files\Ahead
O43 - CFD: 30/11/2012 - 17:44:50 - [0,089] ----D C:\Program Files\Common Files\DESIGNER
O43 - CFD: 30/11/2012 - 17:44:50 - [0,263] ----D C:\Program Files\Common Files\EPSON
O43 - CFD: 30/11/2012 - 17:44:51 - [37,714] ----D C:\Program Files\Common Files\Java
O43 - CFD: 30/11/2012 - 17:44:58 - [260,560] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 14/07/2009 - 04:37:05 - [0,003] ----D C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 04:37:05 - [39,200] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 01/12/2012 - 04:17:18 - [42,254] ----D C:\Program Files\Common Files\System
O43 - CFD: 30/11/2012 - 17:44:59 - [0] ----D C:\Program Files\Common Files\Windows Live
O43 - CFD: 30/11/2012 - 17:45:00 - [35,109] -SH-D C:\Program Files\Common Files\WindowsLiveInstaller
O43 - CFD: 16/05/2013 - 14:20:27 - [143,774] ----D C:\ProgramData\Adobe
O43 - CFD: 14/07/2009 - 06:53:55 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 30/11/2012 - 17:47:17 - [0,201] ----D C:\ProgramData\Avira
O43 - CFD: 30/11/2012 - 18:32:48 - [0] --H-D C:\ProgramData\Bureau
O43 - CFD: 14/07/2009 - 06:53:55 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 06:53:55 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 30/11/2012 - 17:47:17 - [0] ----D C:\ProgramData\eMule
O43 - CFD: 30/11/2012 - 17:47:17 - [8,677] ----D C:\ProgramData\EPSON
O43 - CFD: 30/11/2012 - 18:32:48 - [0] --H-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 06:53:55 - [0] --H-D C:\ProgramData\Favorites
O43 - CFD: 30/11/2012 - 17:47:17 - [0] ----D C:\ProgramData\FaxCtr
O43 - CFD: 04/02/2013 - 12:59:49 - [0,012] ----D C:\ProgramData\Google
O43 - CFD: 30/11/2012 - 17:47:17 - [0,002] ----D C:\ProgramData\Lexmark 2600 Series
O43 - CFD: 30/11/2012 - 17:47:18 - [0,012] ----D C:\ProgramData\Lx_cats
O43 - CFD: 30/11/2012 - 17:47:18 - [16,655] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 16/02/2013 - 17:36:23 - [0,000] ----D C:\ProgramData\McAfee
O43 - CFD: 30/11/2012 - 18:32:48 - [0] --H-D C:\ProgramData\Menu Démarrer
O43 - CFD: 30/11/2012 - 17:47:22 - [0,578] ----D C:\ProgramData\Messenger Plus!
O43 - CFD: 30/11/2012 - 17:47:36 - [484,873] -S--D C:\ProgramData\Microsoft
O43 - CFD: 15/05/2013 - 13:48:44 - [0,061] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 30/11/2012 - 18:32:48 - [0] --H-D C:\ProgramData\Modèles
O43 - CFD: 16/05/2013 - 14:07:30 - [0,000] ----D C:\ProgramData\Mozilla
O43 - CFD: 30/11/2012 - 17:47:36 - [4,715] ----D C:\ProgramData\Nero
O43 - CFD: 14/04/2013 - 22:06:46 - [0,962] ----D C:\ProgramData\NVIDIA
O43 - CFD: 30/11/2012 - 17:40:21 - [2,402] ----D C:\ProgramData\NVIDIA Corporation
O43 - CFD: 30/11/2012 - 17:47:37 - [0] ----D C:\ProgramData\PC Suite
O43 - CFD: 30/11/2012 - 17:47:37 - [0,000] ----D C:\ProgramData\SFR
O43 - CFD: 14/07/2009 - 06:53:55 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 30/11/2012 - 17:47:37 - [0,000] ----D C:\ProgramData\Sun
O43 - CFD: 16/05/2013 - 08:54:42 - [0] ----D C:\ProgramData\TEMP
O43 - CFD: 14/07/2009 - 06:53:55 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 30/11/2012 - 17:47:37 - [0,003] ----D C:\ProgramData\UDL
O43 - CFD: 30/11/2012 - 17:47:37 - [0] ----D C:\ProgramData\WindowsSearch
O43 - CFD: 30/11/2012 - 17:47:37 - [0,504] ----D C:\ProgramData\WLInstaller
O43 - CFD: 15/05/2013 - 21:41:01 - [12,432] ----D C:\Users\Nathalie\AppData\Roaming\Adobe
O43 - CFD: 30/11/2012 - 17:59:45 - [0,045] ----D C:\Users\Nathalie\AppData\Roaming\Ahead
O43 - CFD: 30/11/2012 - 17:59:45 - [0,450] ----D C:\Users\Nathalie\AppData\Roaming\ClonySoft
O43 - CFD: 30/11/2012 - 17:59:45 - [0,003] ----D C:\Users\Nathalie\AppData\Roaming\eMule
O43 - CFD: 30/11/2012 - 17:59:45 - [0,007] ----D C:\Users\Nathalie\AppData\Roaming\Epson
O43 - CFD: 30/11/2012 - 17:59:46 - [0,072] ----D C:\Users\Nathalie\AppData\Roaming\FaxCtr
O43 - CFD: 30/11/2012 - 17:59:46 - [0] ----D C:\Users\Nathalie\AppData\Roaming\GlarySoft
O43 - CFD: 04/02/2013 - 16:11:52 - [0] ----D C:\Users\Nathalie\AppData\Roaming\Identities
O43 - CFD: 30/11/2012 - 17:59:46 - [0] ----D C:\Users\Nathalie\AppData\Roaming\InstallShield
O43 - CFD: 30/11/2012 - 17:59:46 - [0,129] ----D C:\Users\Nathalie\AppData\Roaming\Lexmark Productivity Studio
O43 - CFD: 30/11/2012 - 17:59:46 - [0,001] ----D C:\Users\Nathalie\AppData\Roaming\Macromedia
O43 - CFD: 30/11/2012 - 18:00:06 - [3,824] ----D C:\Users\Nathalie\AppData\Roaming\Malwarebytes
O43 - CFD: 14/07/2009 - 11:00:22 - [0] ----D C:\Users\Nathalie\AppData\Roaming\Media Center Programs
O43 - CFD: 16/05/2013 - 14:21:11 - [2,311] -S--D C:\Users\Nathalie\AppData\Roaming\Microsoft
O43 - CFD: 16/05/2013 - 14:08:16 - [18,651] ----D C:\Users\Nathalie\AppData\Roaming\Mozilla
O43 - CFD: 30/11/2012 - 18:00:11 - [0,000] ----D C:\Users\Nathalie\AppData\Roaming\PC Suite
O43 - CFD: 16/05/2013 - 10:16:05 - [0,017] ----D C:\Users\Nathalie\AppData\Roaming\player
O43 - CFD: 30/11/2012 - 18:00:11 - [3,195] ----D C:\Users\Nathalie\AppData\Roaming\Samsung
O43 - CFD: 30/11/2012 - 18:00:11 - [1,012] --H-D C:\Users\Nathalie\AppData\Roaming\Yass
O43 - CFD: 15/05/2013 - 21:32:32 - [14,300] ----D C:\Users\Nathalie\AppData\Local\Adobe
O43 - CFD: 30/11/2012 - 17:58:23 - [14,800] ----D C:\Users\Nathalie\AppData\Local\Ahead
O43 - CFD: 30/11/2012 - 17:42:35 - [0] ----D C:\Users\Nathalie\AppData\Local\Application Data
O43 - CFD: 30/11/2012 - 17:58:23 - [2,676] ----D C:\Users\Nathalie\AppData\Local\Apps
O43 - CFD: 27/01/2013 - 17:49:51 - [80,283] ----D C:\Users\Nathalie\AppData\Local\Beezik
O43 - CFD: 27/02/2013 - 15:23:54 - [0] ----D C:\Users\Nathalie\AppData\Local\Deployment
O43 - CFD: 10/12/2012 - 19:12:15 - [12,102] ----D C:\Users\Nathalie\AppData\Local\Diagnostics
O43 - CFD: 30/11/2012 - 17:58:24 - [96,736] ----D C:\Users\Nathalie\AppData\Local\Downloaded Installations
O43 - CFD: 30/11/2012 - 17:58:24 - [0,760] ----D C:\Users\Nathalie\AppData\Local\eMule
O43 - CFD: 04/02/2013 - 13:00:52 - [50,922] ----D C:\Users\Nathalie\AppData\Local\Google
O43 - CFD: 30/11/2012 - 17:42:35 - [0] ----D C:\Users\Nathalie\AppData\Local\Historique
O43 - CFD: 16/05/2013 - 14:21:11 - [0] ----D C:\Users\Nathalie\AppData\Local\Macromedia
O43 - CFD: 16/05/2013 - 14:21:11 - [999,261] ----D C:\Users\Nathalie\AppData\Local\Microsoft
O43 - CFD: 30/11/2012 - 17:59:31 - [0,013] ----D C:\Users\Nathalie\AppData\Local\Microsoft Corporation
O43 - CFD: 30/12/2012 - 16:40:20 - [0,742] ----D C:\Users\Nathalie\AppData\Local\Microsoft Games
O43 - CFD: 30/11/2012 - 17:59:32 - [0,265] ----D C:\Users\Nathalie\AppData\Local\Microsoft Help
O43 - CFD: 16/05/2013 - 14:07:54 - [19,346] ----D C:\Users\Nathalie\AppData\Local\Mozilla
O43 - CFD: 22/04/2013 - 15:04:56 - [0] ----D C:\Users\Nathalie\AppData\Local\Programs
O43 - CFD: 30/11/2012 - 17:59:32 - [7,702] ----D C:\Users\Nathalie\AppData\Local\SFR
O43 - CFD: 16/05/2013 - 14:50:39 - [0,359] ----D C:\Users\Nathalie\AppData\Local\Temp
O43 - CFD: 30/11/2012 - 17:42:35 - [0] ----D C:\Users\Nathalie\AppData\Local\Temporary Internet Files
O43 - CFD: 30/11/2012 - 17:59:32 - [18,896] ----D C:\Users\Nathalie\AppData\Local\VirtualStore
O43 - CFD: 26/02/2013 - 18:15:22 - [0,027] ----D C:\Users\Nathalie\AppData\Local\Windows Live
O43 - CFD: 14/07/2009 - 06:42:04 - [0,014] R---D C:\Users\Nathalie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 15/05/2013 - 18:05:02 - [0,000] R---D C:\Users\Nathalie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 14/07/2009 - 06:37:42 - [0,001] R---D C:\Users\Nathalie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 15/05/2013 - 18:05:02 - [0,000] R---D C:\Users\Nathalie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
~ Program Folder: 149 Scanned in 00mn 26s



---\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.B2B1408623E9DD8A7B71FF33C7827CEE] - 16/05/2013 - 13:20:15 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerApp.exe   [692104]
O44 - LFC:[MD5.04F7ECBC25864372B797570D62CA9218] - 16/05/2013 - 13:20:14 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerCPLApp.cpl   [71048]
O44 - LFC:[MD5.0DB7527DB188C7D967A37BB51BBF3963] - 16/05/2013 - 12:43:32 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\Drivers\mbamswissarmy.sys   [40776]
O44 - LFC:[MD5.A4055AE9C2CC60D80FB93587CC62BB53] - 16/05/2013 - 10:45:42 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI   [1661710]
O44 - LFC:[MD5.867C984695C260F07854296BD8629A1A] - 16/05/2013 - 10:45:42 ---A- . (...) -- C:\Windows\System32\perfc009.dat   [120870]
O44 - LFC:[MD5.EAD5726471D719D6E9FB96AF6ACC57BD] - 16/05/2013 - 10:45:42 ---A- . (...) -- C:\Windows\System32\perfc00C.dat   [148574]
O44 - LFC:[MD5.6C96A1E3BCBA2CAD95088972B80F0924] - 16/05/2013 - 10:45:42 ---A- . (...) -- C:\Windows\System32\perfh009.dat   [651938]
O44 - LFC:[MD5.0DAA19BF68FDBB5CD96EE71607D08224] - 16/05/2013 - 10:45:42 ---A- . (...) -- C:\Windows\System32\perfh00C.dat   [745056]
O44 - LFC:[MD5.87584973AF63B79C6AC8CD15B81DD63D] - 16/05/2013 - 10:42:28 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [1211540]
O44 - LFC:[MD5.67580DF71FE2C01E71C9F3B51A1F0765] - 16/05/2013 - 10:38:52 ---A- . (...) -- C:\Windows\setupact.log   [4268]
O44 - LFC:[MD5.069E89E6D61ABC37E29B658070DF7788] - 16/05/2013 - 10:38:49 -S-A- . (...) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.ED0729A8723BD7B69547142671D8A49F] - 16/05/2013 - 10:37:33 ---A- . (...) -- C:\AdwCleaner[S2].txt   [3290]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 16/05/2013 - 09:50:51 ---A- . (...) -- C:\Windows\setuperr.log   [0]
O44 - LFC:[MD5.78270218CB120BB9FA0A1CC86238A545] - 16/05/2013 - 09:50:36 ---A- . (...) -- C:\Windows\PFRO.log   [3842]
O44 - LFC:[MD5.0402BFC25AB49E02256BC24E32829773] - 15/05/2013 - 20:49:55 ---A- . (.Microsoft Corporation - ELS Hyphenation Service.) -- C:\Windows\System32\elshyph.dll   [185344]
O44 - LFC:[MD5.4417377CEDABD9BD161FA7EDEDA175D4] - 15/05/2013 - 20:49:55 ---A- . (.Microsoft Corporation - Microsoft Spell Checking Facility.) -- C:\Windows\System32\MsSpellCheckingFacility.exe   [745472]
O44 - LFC:[MD5.65C95886E1B17001ADDF163AC18C5525] - 15/05/2013 - 20:49:54 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll   [1130496]
O44 - LFC:[MD5.C225E5307D8D4982A1687F2702C37C78] - 15/05/2013 - 20:49:54 ---A- . (.Microsoft Corporation - Microsoft Line Services library file.) -- C:\Windows\System32\msls31.dll   [158720]
O44 - LFC:[MD5.5915AA67DECA289F7B4AFB686CDB09E9] - 15/05/2013 - 20:49:54 ---A- . (.Microsoft Corporation - Registers custom PKEYs for IE.) -- C:\Windows\System32\RegisterIEPKEYs.exe   [71680]
O44 - LFC:[MD5.52A7D73D5570F757D865DDECD087FB41] - 15/05/2013 - 20:49:53 ---A- . (.Microsoft Corporation - Auto-extracteur de fichier CAB Win32.) -- C:\Windows\System32\wextract.exe   [138752]
O44 - LFC:[MD5.87E71F2A83681F41B796CA685818EF2D] - 15/05/2013 - 20:49:53 ---A- . (.Microsoft Corporation - DLL de gestion d'utilisateur local et de co.) -- C:\Windows\System32\msrating.dll   [163840]
O44 - LFC:[MD5.5ABB3F36AF17007F33FA275E96A2C95E] - 15/05/2013 - 20:49:53 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll   [1767424]
O44 - LFC:[MD5.03180AFD271BFD88813F428421BC4A1A] - 15/05/2013 - 20:49:53 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll   [39424]
O44 - LFC:[MD5.52AA8A8DA4175580F365D275EB53DBE3] - 15/05/2013 - 20:49:53 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll   [493056]
O44 - LFC:[MD5.AF0332E09DDBE0172237D1958A7DADB8] - 15/05/2013 - 20:49:53 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll   [79872]
O44 - LFC:[MD5.338520304B99471BD0ED121954FE7863] - 15/05/2013 - 20:49:53 ---A- . (.Microsoft Corporation - Moteur d'installation.) -- C:\Windows\System32\inseng.dll   [82432]
O44 - LFC:[MD5.F59A16A9418044C1D505C53DA370B099] - 15/05/2013 - 20:49:53 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\System32\iertutil.dll   [2046976]
O44 - LFC:[MD5.038F76279EC64878A072D988DE13C7B2] - 15/05/2013 - 20:49:53 ---A- . (.Microsoft Corporation - Wizard.) -- C:\Windows\System32\iexpress.exe   [150528]
O44 - LFC:[MD5.96E0F0BED5D9EBABB899D8CA83C36A7E] - 15/05/2013 - 20:49:52 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\System32\vbscript.dll   [523264]
O44 - LFC:[MD5.49834B94A8E8383B700EDDEF46C2AE6A] - 15/05/2013 - 20:49:52 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\S

martine03 · Answer

je lui refais une analyse avec malwarebyte et il a trouvè un fichier infectè encore!!elle a un souci aussi avec internet explorer la page d acceuil et toujours petite au demarage j ai tout essayè et impossible de la mettre en grand directe donc je lui ai installè firefox et là j ai installè wot il est bien activè mais n apparait pas a cotè des site comme il devrait????

martine03 · Answer

http://cjoint.com/?CEqpxf20GTG

lilidurhone · Answer

Hello Destrio

Pour info elle a ouvert un sujet https://forums.commentcamarche.net/forum/affich-27818653-mon-pc-rame#p27820410

Ce sont les mêmes rapports

Destrio5 · Answer

"je lui refais une analyse avec malwarebyte et il a trouvè un fichier infectè encore!!"

--> Il a trouvé quoi ?

https://addons.mozilla.org/fr/firefox/addon/wot-safe-browsing-tool/

@ lilidurhone, merci ;)

Destrio5 · Answer

Outils > Modules complémentaires > Extensions.

Vérifie qu'il est activé. Si c'est déjà le cas, clique sur Options et regarde dans les paramètres.

Rapport

16 réponses

Discussions similaires