Sujet Précédent Sujet Suivant

Ordi infecté

Résolu/Fermé
perle41 Messages postés 45 Date d'inscription samedi 12 juillet 2008 Statut Membre Dernière intervention 3 septembre 2017 - 28 mai 2013 à 23:49
g3n-h@ckm@n Messages postés 13238 Date d'inscription jeudi 31 janvier 2013 Statut Membre Dernière intervention 24 février 2022 - 31 mai 2013 à 19:51
Bonjour,
pouvez vous m'aider j'accede en mode sans echec sinon en normal j'ai un bloquage sur tout et un message me cit ne répond pas
voici le rapport zhpdiag

Rapport de ZHPDiag v2013.5.25.152 par Nicolas Coolman, Update du 25/05/2013
Run by matteo at 28/05/2013 00:11:53
WebSite: https://nicolascoolman.webs.com/
State :
WhiteList : Enable
High Elevated Privileges : OK
UAC : Activate by user


---\\ Web Browser
MSIE: Internet Explorer v8.0.7601.17514

---\\ Windows Product Information
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Protection
avast! Free Antivirus v8.0.1483.0
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7

---\\ System Optimizer
CCleaner v3.12 =>Piriform Ltd

---\\ Peer To Peer (P2P)

---\\ Software Update
Adobe Flash Player 11 ActiveX
Adobe Reader X

---\\ System Information
~ Processor: AMD64 Family 20 Model 1 Stepping 0, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Sans échec avec prise en charge du réseau (Fail-safe with network boot)
Total RAM: 3818 MB (67% free)
System Restore: Activé (Enable)
System drive C: has 124 GB (27%) free of 451 GB

---\\ Logged in mode
~ Computer Name: FLAVIO-PC
~ User Name: matteo
~ All Users Names: matteo, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\matteo\AppData\Roaming\
~ %Desktop% : C:\Users\matteo\Desktop\
~ %Favorites% : C:\Users\matteo\Favorites\
~ %LocalAppData% : C:\Users\matteo\AppData\Local\
~ %StartMenu% : C:\Users\matteo\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 124 Go of 451 Go)
D:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 29 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.DE03C917EDED2A999C942A4F943D3068] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.28/02/2012 - 07:39:37.) -- C:\Windows\System32\wininet.dll [1188864]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.E453ACF4E7D44E5530B5D5F2B9CA8563] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.31/08/2012 - 19:19:35.) -- C:\Windows\system32\Drivers\ntfs.sys [1659760]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/2036
~ Mes musiques (My Musics) : 24/292
~ Mes Videos (My Videos) : 2/144
~ Mes Favoris (My Favorites) : 1/47
~ Mes Documents (My Documents) : 2/1337
~ Mon Bureau (My Desktop) : 4/22
~ Menu demarrer (Programs) : 1/32
~ Hidden Files: Scanned in 00mn 16s



---\\ Processus lancés
[MD5.497F27E279C0F921E2130BB89C1CB5CA] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [18705664] [PID.1964]
[MD5.C613E69C3B191BB02C7A191741A1D024] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe [673040] [PID.768]
[MD5.F72DD84DD69DF001CF4D1B909685A136] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7402496] [PID.3996]
[MD5.1CD51AE9BCEAC9F0CEE159821A1817B8] - (...) -- C:\Users\matteo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E7KQS29K\RogueKiller[1].exe [816128] [PID.2032]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\matteo\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 0 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\matteo\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js
C:\Users\matteo\AppData\Roaming\Mozilla\Firefox\Profiles\0\user.js
C:\Users\matteo\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js (.not file.)
~ Firefox Browser: 2 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-search.com =>Toolbar.DeltaSearch
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = http://www.delta-search.com =>Toolbar.DeltaSearch
~ IE Browser: 15 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AVG SafeGuard toolbar [64Bits] - {95B7759C-8C7F-4BF1-B163-73684A933233} . (.AVG Secure Search - toolbar.dll.) -- C:\Program Files (x86)\AVG SafeGuard toolbar\15.2.0.5\AVG SafeGuard toolbar_toolbar.dll =>Toolbar.AVGSearch
O2 - BHO: delta Helper Object [64Bits] - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} . (.Delta-search.com - Pas de description.) -- C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll =>Toolbar.DeltaSearch
~ BHO: 9 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
O3 - Toolbar: Google Toolbar [64Bits] - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
~ Toolbar: Scanned in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe (.not file.)
O4 - HKLM\..\Run: [Acer ePower Management] . (.Acer Incorporated - ePowerTray.) -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
O4 - HKCU\..\Run: [OrangeInside] C:\Users\matteo\AppData\Roaming\Orange\OrangeInside\two\OrangeInside.exe (.not file.)
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\matteo\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKCU\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>Piriform Ltd
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\system32\StikyNot.exe
O4 - HKLM\..\Wow6432Node\Run: [NPSStartup] Clé orpheline
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Wow6432Node\Run: [offerbox] . (.Aedge Performance BCN SL - OfferBox.) -- C:\Program Files (x86)\OfferBox\OfferBox.exe =>PUP.OfferBox
O4 - HKLM\..\Wow6432Node\Run: [LManager] . (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Wow6432Node\Run: [BackupManagerTray] . (.NTI Corporation - Packard Bell MyBackup.) -- C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Wow6432Node\Run: [vProt] . (.AVG Secure Search - VProtect Application.) -- C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe =>Toolbar.AVGSearch
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-2666224217-976547270-1596507513-1001\..\Run: [OrangeInside] C:\Users\matteo\AppData\Roaming\Orange\OrangeInside\two\OrangeInside.exe (.not file.)
O4 - HKUS\S-1-5-21-2666224217-976547270-1596507513-1001\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\matteo\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-2666224217-976547270-1596507513-1001\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-2666224217-976547270-1596507513-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-21-2666224217-976547270-1596507513-1001\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>Piriform Ltd
O4 - HKUS\S-1-5-21-2666224217-976547270-1596507513-1001\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\system32\StikyNot.exe
~ Application: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\TaskBar: Adobe Photoshop Elements 8.0.lnk . (.Adobe Systems Incorporated - Adobe Photoshop Elements 8.0.) -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\Photoshop Elements 8.0.exe
O4 - GS\TaskBar: avast! Free Antivirus.lnk . (...) -- C:\Program Files (x86)\AVAST Software\Avast\AvastUI.exe (.not file.)
O4 - GS\TaskBar: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) -- C:\Windows\system32\calc.exe
O4 - GS\TaskBar: Internet Explorer (2).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - GS\TaskBar: Sticky Notes.lnk . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\system32\StikyNot.exe
O4 - GS\TaskBar: Video Web Camera.lnk . (.CyberLink Corp. - WebCam.) -- C:\Program Files (x86)\Video Web Camera\WebCam.exe
O4 - GS\TaskBar: VLC media player.lnk . (...) -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\Programs: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: ijji REACTOR.lnk . (.NHN Corporation - Reactor Application.) -- C:\Program Files (x86)\REACTOR\REACTOR.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: WildTangent Games App - packardbell.lnk . (.WildTangent - WildTangent Games App.) -- C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\Windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - GS\SendTo: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - Pas de description.) -- C:\Windows\System32\fsquirt.exe
O4 - GS\Desktop: 77zip.lnk . (.Igor Pavlov - 77Zip File Manager.) -- C:\Program Files (x86)\77zip\77zip.exe
O4 - GS\Desktop: EDEN 41.lnk . (...) -- C:\Users\matteo\Documents\EDEN 41
O4 - GS\Desktop: IMPRIMANTE.lnk - Clé orpheline
O4 - GS\Desktop: Mon Carnet d'Adresses.lnk . (.db2p - Mon Carnet d'Adresses.) -- C:\Program Files (x86)\Mon Carnet d'Adresses\adresses.exe
O4 - GS\Desktop: SpeedAnalysis.lnk - Clé orpheline =>PUP.SpeedAnalysis
O4 - GS\Desktop: suivi comptes 2013.lnk . (...) -- C:\Users\matteo\Documents\suivi comptes 2013.xlsx
~ Global Startup: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{BC3B451E-92A7-48B1-AEB1-CA88CF7269D8}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{BC3B451E-92A7-48B1-AEB1-CA88CF7269D8}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{BC3B451E-92A7-48B1-AEB1-CA88CF7269D8}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: AMD Reservation Manager (AMD Reservation Manager) . (.Advanced Micro Devices - RM Application.) - C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
O23 - Service: BrowserProtect (BrowserProtect) . (...) - C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe =>Toolbar.Babylon
O23 - Service: (vToolbarUpdater15.2.0) . (.AVG Secure Search - ToolbarU Application.) - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe =>Toolbar.AVGSearch
~ Services: 19 Legitimates Filtered in 00mn 10s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\EPUpdater.job [284]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\OfferBoxUpdate.job [262] =>PUP.OfferBox
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\PC Performer.job [284] =>Rogue.PCPerformer
~ Scheduled Task: 8 Legitimates Filtered in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: 77zip - (...) [HKLM][64Bits] -- 77zip
O42 - Logiciel: BrowserProtect - (.Bit89 Inc.) [HKLM][64Bits] -- {15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} =>Toolbar.Babylon
O42 - Logiciel: Delta toolbar - (.Delta.) [HKLM][64Bits] -- delta
O42 - Logiciel: Fissa - (.Aedge Performance BCN.) [HKLM][64Bits] -- {4BD271AB-66E2-4D58-AF88-80FE3B0770C4}
O42 - Logiciel: IMinent Toolbar - (.IMinent.) [HKLM][64Bits] -- {A76AA284-E52D-47E6-9E4F-B85DBF8E35C3} =>Adware.IMBooster
~ Logic: 159 Legitimates Filtered in 00mn 02s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\80dfdeb43bbd47]
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes]
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\AppDataLow\Software\searchqutoolbar] =>PUP.Datamngr
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\Cr_Installer] =>PUP.CrossRider
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\Datamngr] =>PUP.Datamngr
[HKCU\Software\Delta]
[HKCU\Software\FissaSearch]
[HKCU\Software\IM]
[HKCU\Software\ImInstaller]
[HKCU\Software\IncrediMail]
[HKCU\Software\InstallCore] =>PUP.InstallCore
[HKCU\Software\OfferBox] =>PUP.OfferBox
[HKCU\Software\PerformerSoft LLC]
[HKCU\Software\PerformerSoft]
[HKCU\Software\Reimage] =>Rogue.ReimageRepair
[HKCU\Software\Softonic]
[HKCU\Software\SpeedMaxPc] =>PUP.SpeedMaxPc
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\USyndication]
[HKCU\Software\usyndication.com]
[HKLM\Software\DataMngr] =>PUP.Datamngr
[HKLM\Software\DomaIQ] =>Toolbar.DomaIQ
[HKLM\Software\Reimage] =>Rogue.ReimageRepair
[HKLM\Software\Tarma Installer] =>Toolbar.Tarma
[HKLM\Software\Web Assistant] =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\80dfdeb43bbd47]
[HKLM\Software\Wow6432Node\Babylon] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\DataMngr] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\Delta]
[HKLM\Software\Wow6432Node\FissaSearch]
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\PerformerSoft]
[HKLM\Software\Wow6432Node\Services x86] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\SpeedMaxPc] =>PUP.SpeedMaxPc
[HKLM\Software\Wow6432Node\Supreme Savings] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Web Assistant] =>Adware.IncrediBar
~ Key Software: 278 Legitimates Filtered in 00mn 02s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 27/05/2013 - 23:54:49 - [3,592] ----D C:\Program Files (x86)\77zip
O43 - CFD: 27/05/2013 - 23:54:29 - [2,342] ----D C:\Program Files (x86)\Delta
O43 - CFD: 02/04/2013 - 17:01:42 - [4,634] ----D C:\Program Files (x86)\GUM1A53.tmp
O43 - CFD: 14/11/2011 - 20:54:14 - [3,374] ----D C:\Program Files (x86)\OfferBox =>PUP.OfferBox
O43 - CFD: 27/05/2013 - 23:54:54 - [11,876] ----D C:\Program Files (x86)\PC Performer =>Rogue.PCPerformer
O43 - CFD: 31/05/2012 - 08:59:14 - [4,604] ----D C:\ProgramData\Babylon =>Toolbar.Babylon
O43 - CFD: 25/05/2013 - 11:28:44 - [0] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 27/05/2013 - 23:54:39 - [7,805] ----D C:\ProgramData\BrowserProtect =>Toolbar.Babylon
O43 - CFD: 27/05/2013 - 23:54:11 - [0,681] ----D C:\ProgramData\IBUpdaterService =>Adware.InstallBrain
O43 - CFD: 19/05/2013 - 16:48:28 - [0] ----D C:\ProgramData\SpeedMaxPc =>PUP.SpeedMaxPc
O43 - CFD: 24/05/2013 - 14:58:25 - [0,280] ----D C:\ProgramData\Tarma Installer =>Toolbar.Tarma
O43 - CFD: 27/05/2013 - 23:54:36 - [1,573] ----D C:\Users\matteo\AppData\Roaming\BabSolution =>Hijacker.BabSolution
O43 - CFD: 19/05/2012 - 18:28:17 - [0,059] ----D C:\Users\matteo\AppData\Roaming\Babylon =>Toolbar.Babylon
O43 - CFD: 27/05/2013 - 23:54:28 - [0,259] ----D C:\Users\matteo\AppData\Roaming\Delta
O43 - CFD: 24/05/2013 - 14:53:52 - [0,059] ----D C:\Users\matteo\AppData\Roaming\ErrorTeck
O43 - CFD: 08/04/2013 - 10:07:47 - [0,308] ----D C:\Users\matteo\AppData\Roaming\File Scout
O43 - CFD: 27/11/2012 - 15:53:40 - [0,024] ----D C:\Users\matteo\AppData\Roaming\FissaSearch
O43 - CFD: 17/05/2013 - 09:15:50 - [0,335] ----D C:\Users\matteo\AppData\Roaming\OfferBox =>PUP.OfferBox
O43 - CFD: 27/05/2013 - 23:55:00 - [0,463] ----D C:\Users\matteo\AppData\Roaming\PerformerSoft
O43 - CFD: 16/02/2012 - 17:55:44 - [0,108] ----D C:\Users\matteo\AppData\Roaming\Shareaza
O43 - CFD: 27/05/2013 - 23:54:10 - [0,066] ----D C:\Users\matteo\AppData\Roaming\SpecialSavings =>PUP.SpecialSavings
O43 - CFD: 08/04/2013 - 10:08:39 - [0,076] ----D C:\Users\matteo\AppData\Roaming\SpeedanAlysis =>PUP.SpeedAnalysis
O43 - CFD: 27/05/2013 - 23:54:10 - [0,079] ----D C:\Users\matteo\AppData\Roaming\SpeedAnalysis2 =>PUP.SpeedAnalysis
O43 - CFD: 19/05/2013 - 15:15:13 - [0] ----D C:\Users\matteo\AppData\Roaming\SpeedMaxPc =>PUP.SpeedMaxPc
O43 - CFD: 26/03/2013 - 22:41:03 - [0,039] ----D C:\Users\matteo\AppData\Roaming\WebPlayerBdd =>Adware.SocialSkinz
O43 - CFD: 20/05/2012 - 12:50:25 - [0,014] ----D C:\Users\matteo\AppData\Local\Ilivid Player =>Adware.Bandoo
O43 - CFD: 27/03/2013 - 00:58:56 - [0] ----D C:\Users\matteo\AppData\Local\Services x86 =>PUP.CrossRider
O43 - CFD: 11/02/2012 - 23:19:18 - [2023,732] ----D C:\Users\matteo\AppData\Local\Shareaza
O43 - CFD: 27/05/2013 - 23:54:49 - [0,003] ----D C:\Users\matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\77zip
O43 - CFD: 27/05/2013 - 23:54:43 - [0,001] ----D C:\Users\matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect =>Toolbar.Babylon
~ 173 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 409 Legitimates Filtered in 01mn 15s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.83965B2C3553D11B10081B55E3692DEF] - 27/05/2013 - 19:30:47 ---A- . (...) -- C:\Windows\ntbtlog.txt [1012902]
O44 - LFC:[MD5.DCD82CE8C772F08A518907ECB3D29E38] - 24/05/2013 - 21:33:05 ---A- . (...) -- C:\Windows\Reimage.ini [135] =>Rogue.ReimageRepair
O44 - LFC:[MD5.BA6462F897A10C0337B9920EC2DBA1E7] - 24/05/2013 - 16:07:37 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [9920]
O44 - LFC:[MD5.BA6462F897A10C0337B9920EC2DBA1E7] - 24/05/2013 - 16:07:37 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [9920]
O44 - LFC:[MD5.BA6462F897A10C0337B9920EC2DBA1E7] - 24/05/2013 - 16:07:37 RSHAD . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [9920]
O44 - LFC:[MD5.BA6462F897A10C0337B9920EC2DBA1E7] - 24/05/2013 - 16:07:37 RSHAD . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [9920]
~ Files: 27 Legitimates Filtered in 00mn 10s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.5A1A0518723204B63D5D573074C042A3] - 03/05/2013 - 20:57:53 ---A- - C:\Windows\Prefetch\COFIRE.EXE-C2A69CED.pf
O45 - LFCP:[MD5.1BFFEABE92917E79599038399C434B91] - 23/05/2013 - 15:23:00 ---A- - C:\Windows\Prefetch\SNS.EXE-CE6A762A.pf
O45 - LFCP:[MD5.D3552DF6AB02D7ECDDAF22095C1732D8] - 23/05/2013 - 18:54:47 ---A- - C:\Windows\Prefetch\OFFERBOX.EXE-97842474.pf =>PUP.OfferBox
O45 - LFCP:[MD5.4807A6DCD9BC58F00BD82D15691294E6] - 24/05/2013 - 14:54:30 ---A- - C:\Windows\Prefetch\UPDATERSERVICE.EXE-EC463760.pf
~ Prefetcher: 141 Legitimates Filtered in 00mn 01s



---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{3c15a9e4-90f9-11e0-afc2-806e6f6e6963}\AutoRun\command. (...) -- D:\.\AutorunX\AutorunX.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:[MD5.F87FBE8B104DF9C35CD52909B8D28A4A] - 21/05/2012 - 14:39:35 ---A- . (...) -- C:\Windows\SysWOW64\drivers\fsbts.sys [33408]
~ Drivers: Scanned in 00mn 00s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 27/05/2013 - 17:05:47 ---A- C:\Users\matteo\AppData\Roaming\OfferBox\config.xml [3720] =>PUP.OfferBox
O61 - LFC: 27/05/2013 - 19:52:00 ---A- C:\Users\matteo\Documents\XAVIER BTS AEA\CV Xavier 2.docx [67322]
O61 - LFC: 27/05/2013 - 22:53:34 ---A- C:\Users\matteo\AppData\Roaming\speedanalysis.ico [30894] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:08 ---A- C:\Users\matteo\AppData\Roaming\File Scout\uninst.exe [62902]
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome.manifest [328] =>PUP.SpecialSavings
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\background.html [118] =>PUP.SpecialSavings
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\button.xml [1582] =>PUP.SpecialSavings
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\config.js [242] =>PUP.SpecialSavings
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\content.js [66] =>PUP.SpecialSavings
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\framework.js [19068] =>PUP.SpecialSavings
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\framework.xul [1921] =>PUP.SpecialSavings
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\jquery-1.6.2.min.js [91731] =>PUP.SpecialSavings
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\mz\background.js [2162] =>PUP.SpecialSavings
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\mz\content.js [1926] =>PUP.SpecialSavings
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\options.xul [1583] =>PUP.SpecialSavings
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\content\settings.json [230] =>PUP.SpecialSavings
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\chrome\skin\framework.css [1326] =>PUP.SpecialSavings
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com\install.rdf [1028] =>PUP.SpecialSavings
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome.manifest [332] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\background.html [118] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\bg.js [469] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\button.xml [1582] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\config.js [241] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\content.js [66] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\framework.js [19068] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\framework.xul [2010] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon18.ico [2862] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon24.ico [2862] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon32.ico [10134] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\jquery-1.6.2.min.js [91731] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\mz\background.js [2162] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\mz\content.js [1837] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\options.xul [1586] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\settings.json [200] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\skin\framework.css [1327] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:10 ---A- C:\Users\matteo\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\install.rdf [1000] =>PUP.SpeedAnalysis
O61 - LFC: 27/05/2013 - 22:54:44 ---A- C:\Users\matteo\AppData\Roaming\Babylon\log_file.txt [62248] =>Toolbar.Babylon
O61 - LFC: 27/05/2013 - 22:58:59 ---A- C:\Users\matteo\AppData\Roaming\PerformerSoft\PC Performer\Partial Backups\00000001.rmx [192] =>Rogue.PCPerformer
O61 - LFC: 27/05/2013 - 22:58:59 ---A- C:\Users\matteo\AppData\Roaming\PerformerSoft\PC Performer\Partial Backups\00000001.rxb [5293] =>Rogue.PCPerformer
O61 - LFC: 27/05/2013 - 22:59:24 ---A- C:\Users\matteo\AppData\Roaming\PerformerSoft\PC Performer\ExcludeList.rcp [6] =>Rogue.PCPerformer
O61 - LFC: 27/05/2013 - 22:59:24 ---A- C:\Users\matteo\AppData\Roaming\PerformerSoft\PC Performer\French_rcp.dat [54648] =>Rogue.PCPerformer
O61 - LFC: 27/05/2013 - 22:59:24 ---A- C:\Users\matteo\AppData\Roaming\PerformerSoft\PC Performer\TempHLList.rcp [6] =>Rogue.PCPerformer
O61 - LFC: 27/05/2013 - 22:59:24 ---A- C:\Users\matteo\AppData\Roaming\PerformerSoft\PC Performer\results.rcp [111282] =>Rogue.PCPerformer
~ 19 Fichiers temporaires (Temporary files)
~ 1 Fichiers cookies (Cookies files)
~ Files: 103 Legitimates Filtered in 00mn 43s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [DefaultScope] - (Delta Search) - http://www.delta-search.com =>Toolbar.DeltaSearch
~ Keys: Scanned in 00mn 00s



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.272B568DEF99F39B1FB5F15025878A1A] [SPRF][27/05/2013] (...) -- C:\Users\matteo\AppData\Local\Temp\dump.dat [1908736]
[MD5.1F8AE2FA2C80F8BEA89DEEE1ADACFABE] [SPRF][24/05/2013] (.AVG Secure Search - AVG Installer.) -- C:\Users\matteo\AppData\Local\Temp\oi_{5DC9A215-B24C-41FF-B745-D8245FFBF6A4}.exe [3238936] =>Toolbar.AVGSearch
[MD5.4D5EE039DF40AF36B8643A1388D287A8] [SPRF][24/05/2013] (.Reimage® - Reimage Repair.) -- C:\Users\matteo\AppData\Local\Temp\ReimagePackage.exe [11871520] =>Rogue.ReimageRepair
[MD5.68DCFF2A1F56D0A01056E3AFE0BA5055] [SPRF][24/05/2013] (...) -- C:\Users\matteo\AppData\Local\Temp\SkypeSetup.exe [24860672]
[MD5.DA607F815683537CB66B955FFE645DA9] [SPRF][24/03/2010] (.NHN USA - ijjiSetup Module.) -- C:\Windows\Downloaded Program Files\ijjiSetup1010.dll [143968]
[MD5.0855BE0B05AA4A4F2F7B412EB4F09E02] [SPRF][11/05/2010] (.NHN Corporation - Purple Plugin.) -- C:\Windows\Downloaded Program Files\PubPlugin.dll [173232]
~ Files: Scanned in 00mn 06s



---\\ Scan Additionnel (O88)
Database Version : v2.12362 - (25/05/2013)
Clés trouvées (Keys found) : 338
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 33
Fichiers trouvés (Files found) : 2

[HKLM\Software\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}] =>PUP.Funmoods
[HKLM\Software\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster
[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}] =>Adware.Yontoo
[HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}] =>Adware.Yontoo
[HKLM\Software\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}] =>Adware.Agent
[HKLM\Software\Wow6432Node\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}] =>Adware.Agent
[HKLM\Software\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}] =>Adware.SocialSkinz
[HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}] =>Adware.SocialSkinz
[HKLM\Software\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{4897bba6-48d9-468c-8efa-846275d7701b}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{4897bba6-48d9-468c-8efa-846275d7701b}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4BD271AB-66E2-4D58-AF88-80FE3B0770C4}] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4BD8E034-E0F4-4509-A753-467A8E854CD8}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4BD8E034-E0F4-4509-A753-467A8E854CD8}] =>Adware.IMBooster
[HKLM\Software\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}] =>Adware.SocialSkinz
[HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\{5B1881D1-D9C7-46df-B041-1E593282C7D0}] =>Adware. BullseyeToolbar
[HKLM\Software\Wow6432Node\Classes\AppID\{5B1881D1-D9C7-46df-B041-1E593282C7D0}] =>Adware. BullseyeToolbar
[HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}] =>Adware.Agent
[HKLM\Software\Wow6432Node\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}] =>Adware.Agent
[HKLM\Software\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}] =>Adware.Yontoo
[HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}] =>Adware.SocialSkinz
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}] =>Adware.IMBooster
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A047FE02-C91C-41CB-898C-4ED21B86025A}] =>Toolbar.Orange
[HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}] =>Adware.SocialSkinz
[HKLM\Software\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}] =>Hijacker.Seeearch
[HKLM\Software\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}] =>Adware.SocialSkinz
[HKLM\Software\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}] =>Toolbar.Conduit
[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] =>Toolbar.Agent
[HKLM\Software\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}] =>Hijacker.Seeearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Adware.Yontoo
[HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}] =>Adware. BullseyeToolbar
[HKLM\Software\Wow6432Node\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}] =>Adware. BullseyeToolbar
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] =>Adware.Yontoo
[HKLM\Software\Classes\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ef79f67a-6ad7-4715-a0f8-932fca442023}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ef79f67a-6ad7-4715-a0f8-932fca442023}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] =>Adware.Yontoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] =>Adware.Yontoo
[HKLM\Software\Classes\AppID\escort.dll] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\escortapp.dll] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\escorteng.dll] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\esrv.EXE] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\ScriptHelper.EXE] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\TbCommonUtils.DLL] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\TbHelper.EXE] =>Toolbar.Agent
[HKLM\Software\Classes\escort.escortIEPane] =>PUP.Funmoods
[HKLM\Software\Classes\escort.escortIEPane.1] =>PUP.Funmoods
[HKLM\Software\Classes\S] =>Toolbar.Agent
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi] =>Toolbar.Agent
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi.1] =>Toolbar.Agent
[HKLM\Software\Classes\SearchBar.Client] =>Toolbar.Agent
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE] =>Toolbar.Agent
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE.1] =>Toolbar.Agent
[HKLM\Software\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd] =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd] =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\elhjaoldnkkbifioodjndkijecdeinld] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco] =>PUP.1ClickDownloader
[HKLM\Software\Classes\Installer\Features\482AA67AD25E6E74E9F48BD5FBE8533C] =>Adware.IMBooster
[HKLM\Software\Classes\Installer\Products\482AA67AD25E6E74E9F48BD5FBE8533C] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\482AA67AD25E6E74E9F48BD5FBE8533C] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Installer\Features\482AA67AD25E6E74E9F48BD5FBE8533C] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Installer\Products\482AA67AD25E6E74E9F48BD5FBE8533C] =>Adware.IMBooster
[HKLM\Software\Classes\Installer\Features
A voir également:

38 réponses

Précédent
  • 1
  • 2
Réponse 21 / 38
g3n-h@ckm@n Messages postés 13238 Date d'inscription jeudi 31 janvier 2013 Statut Membre Dernière intervention 24 février 2022 948
30 mai 2013 à 23:25
non sans reseau tout court, ensuite redemarre en normal et mets le rapport
0
Réponse 22 / 38
perle41 Messages postés 45 Date d'inscription samedi 12 juillet 2008 Statut Membre Dernière intervention 3 septembre 2017
30 mai 2013 à 23:59
en mode sans echec normal j'ai une page noire mon bureau n'apparait pas il y apparait une fenetre noire avec des trucs de noter j'ai donc fait en mode avec prise en charge de reseau et voici le résultat

# AdwCleaner v2.301 - Rapport créé le 30/05/2013 à 23:36:41
# Mis à jour le 16/05/2013 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : matteo - FLAVIO-PC
# Mode de démarrage : Mode sans échec avec prise en charge réseau
# Exécuté depuis : C:\Users\matteo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DN5R8QTU\2-adwcleaner[1].exe
# Option [Suppression]


***** [Services] *****


***** [Fichiers / Dossiers] *****

Dossier Supprimé : C:\ProgramData\boost_interprocess

***** [Registre] *****


***** [Navigateurs] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Google Chrome v [Impossible d'obtenir la version]

Fichier : C:\Users\matteo\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Le fichier ne contient aucune entrée illégitime.

*************************

AdwCleaner[R1].txt - [1336 octets] - [29/05/2013 00:47:34]
AdwCleaner[S1].txt - [29832 octets] - [29/05/2013 00:35:03]
AdwCleaner[S2].txt - [1454 octets] - [29/05/2013 12:51:55]
AdwCleaner[S3].txt - [1135 octets] - [30/05/2013 23:36:41]

########## EOF - C:\AdwCleaner[S3].txt - [1195 octets] ##########
0
Réponse 23 / 38
g3n-h@ckm@n Messages postés 13238 Date d'inscription jeudi 31 janvier 2013 Statut Membre Dernière intervention 24 février 2022 948
31 mai 2013 à 00:15
mode sans echec pas invité de commandes en mode sans echec

enfin pas grave

(je sais pas ce qu il se passe mais les outils ont de plus en plus de mal....)

====

sélectionne les lignes ci-dessous et copie les dans le Presse-papier (Ctrl C)

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
C:\Users\matteo\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js (.not file.)
O2 - BHO: ToolbarOrange.InitToolbarBHO [64Bits] - {1d970ed5-3eda-438d-bffd-715931e2775b} . (...) -- mscoree.dll (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [NPSStartup] Clé orpheline
O4 - GS\Desktop: IMPRIMANTE.lnk - Clé orpheline
O4 - GS\Desktop: SpeedAnalysis.lnk - Clé orpheline
[MD5.00000000000000000000000000000000] [APT] [OfferBoxUpdate] (...) -- C:\Program Files (x86)\OfferBox\OfferBox.exe (.not file.) [0] =>PUP.OfferBox
[MD5.00000000000000000000000000000000] [APT] [OfferBoxUpdateTask] (...) -- C:\Program Files (x86)\OfferBox\OfferBox.exe (.not file.) [0] =>PUP.OfferBox
[MD5.00000000000000000000000000000000] [APT] [{012217D0-513A-4C19-B284-372F23E3769A}] (...) -- C:\Users\matteo\Documents\LibO_3.5.0_Win_x86_helppack_fr.msi" (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{11A42DCF-7DA8-4765-B9F8-C89AB2F96348}] (...) -- D:\CK_Installer.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{8B186397-3D4F-4818-BB04-703AEA5705E2}] (...) -- C:\Users\matteo\Documents\LibO_3.5.0_Win_x86_helppack_fr.msi" (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{925919D0-4B2B-4220-8CE2-65D8A297A107}] (...) -- C:\Users\matteo\Videos\FILMS\20080128135518500_Samsung_PC_Studio_313_HA4.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{EDC9AD62-92C3-45DA-85B9-963CB9FEF304}] (...) -- C:\Users\matteo\Documents\LibO_3.5.0_Win_x86_helppack_fr.msi" (.not file.) [0]
O42 - Logiciel: AVG SafeGuard toolbar - (.AVG Technologies.) [HKLM][64Bits] -- AVG SafeGuard toolbar
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: ToolbarFR - (.Orange.) [HKLM][64Bits] -- {A047FE02-C91C-41CB-898C-4ED21B86025A}
[HKCU\Software\77-Zip]
[HKCU\Software\BabSolution]
[HKCU\Software\AVG SafeGuard toolbar]
[HKCU\Software\PerformerSoft LLC]
[HKCU\Software\Reimage]
[HKCU\Software\SweetIM]
[HKLM\Software\BrowserChoice]
[HKLM\Software\DomaIQ]
[HKLM\Software\Wow6432Node\SweetIM]
O43 - CFD: 04/02/2012 - 13:32:05 - [4,219] ----D C:\Program Files (x86)\Avanquest_FR
O43 - CFD: 24/05/2013 - 22:31:59 - [5,819] ----D C:\Program Files (x86)\AVG SafeGuard toolbar
O43 - CFD: 02/04/2013 - 17:01:42 - [4,634] ----D C:\Program Files (x86)\GUM1A53.tmp
O43 - CFD: 24/05/2013 - 22:32:14 - [0,850] ----D C:\ProgramData\AVG SafeGuard toolbar
O43 - CFD: 30/05/2012 - 11:42:07 - [0] ----D C:\ProgramData\Software
O43 - CFD: 19/05/2013 - 15:15:13 - [0,000] ----D C:\Users\matteo\AppData\Roaming\DriverCure
O43 - CFD: 28/05/2013 - 18:53:30 - [0,611] ----D C:\Users\matteo\AppData\Local\AVG SafeGuard toolbar
O43 - CFD: 30/05/2012 - 11:37:29 - [0] ----D C:\Users\matteo\AppData\Local\Software
O44 - LFC:[MD5.B8CE22F36BE49CD724CABB7CBDD5B1F9] - 29/05/2013 - 11:52:17 ---A- . (...) -- C:\AdwCleaner[S2].txt [1454]
O44 - LFC:[MD5.6B8D55824DA592CB808723B0BD2A5856] - 28/05/2013 - 23:47:56 ---A- . (...) -- C:\AdwCleaner[R1].txt [1336]
O44 - LFC:[MD5.29AD1CE90B22A910F3C24EAD6C89D4DC] - 28/05/2013 - 23:35:39 ---A- . (...) -- C:\AdwCleaner[S1].txt [29832]
O44 - LFC:[MD5.DCD82CE8C772F08A518907ECB3D29E38] - 24/05/2013 - 21:33:05 ---A- . (...) -- C:\Windows\Reimage.ini [135]
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}]
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A047FE02-C91C-41CB-898C-4ED21B86025A}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ef79f67a-6ad7-4715-a0f8-932fca442023}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ef79f67a-6ad7-4715-a0f8-932fca442023}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\482AA67AD25E6E74E9F48BD5FBE8533C]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BA172DB42E6685D4FA8808EFB370074C]
[HKCU\Software\SweetIM]
[HKLM\Software\Wow6432Node\SweetIM]
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32]
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS]
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASAPI32]
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASMANCS]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF79F67A-6AD7-4715-A0F8-932FCA442023}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF79F67A-6AD7-4715-A0F8-932FCA442023}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar]
[HKCU\Software\AVG SafeGuard toolbar]
[HKLM\Software\Wow6432Node\AVG SafeGuard toolbar]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D970ED5-3EDA-438D-BFFD-715931E2775B}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1D970ED5-3EDA-438D-BFFD-715931E2775B}]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D970ED5-3EDA-438D-BFFD-715931E2775B}]
[HKCU\Software\Reimage]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494]
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179}]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211701196}]
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011441179}]
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211701196}]
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211701196}]
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31111111-1111-1111-1111-110211701196}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC]
C:\ProgramData\Software
C:\Users\matteo\AppData\Local\Software
C:\Users\matteo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog
C:\Users\matteo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon
EMPTYTEMP
EMPTYCLSID

Pour Xp : Double clique sur l'icône ZHPFix.exe sur ton Bureau.

Pour Vista : Clique droit sur l'icône ZHPFix.exe sur ton Bureau,
puis sélectionne 'Exécuter en tant qu'administrateur'.

- Clique sur l'icone représentant la lettre H (« coller les lignes Helper »)
- Les lignes se collent automatiquement dans ZHPFix, sinon colle les lignes
- Clique sur le bouton « GO » pour lancer le nettoyage,
- Copie/colle la totalité du rapport dans ta prochaine réponse
0
Réponse 24 / 38
perle41 Messages postés 45 Date d'inscription samedi 12 juillet 2008 Statut Membre Dernière intervention 3 septembre 2017
31 mai 2013 à 00:29
j'ai un bloc note et je vois pas le presse papier pourtant cela me parle
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 38
g3n-h@ckm@n Messages postés 13238 Date d'inscription jeudi 31 janvier 2013 Statut Membre Dernière intervention 24 février 2022 948
Modifié par g3n-h@ckm@n le 31/05/2013 à 00:38
le presse papier c'esst la mémoire de la souris donc tu selectionnes , puis CTRL + C (ca fait copier) ensuite tu suis les consignes

¤¤¤¤¤¤¤¤¤¤_Pre_Scan_Concept_¤¤¤¤¤¤¤¤¤¤
Windows 8 => meme flop que Vista X 10
0
Réponse 26 / 38
perle41 Messages postés 45 Date d'inscription samedi 12 juillet 2008 Statut Membre Dernière intervention 3 septembre 2017
31 mai 2013 à 00:42
Rapport de ZHPFix 2013.5.24.2 par Nicolas Coolman, Update du 24/05/2013
Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-31-05-2013-00-39-05.txt
Run by matteo at 31/05/2013 00:39:03
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Corbeille vidée

========== Logiciel(s) ==========
ABSENT Uninstall Process: c:\program files (x86)\avg safeguard toolbar\uninstall.exe
SUPPRIME Google Toolbar for Internet Explorer
SUPPRIME Google Update Helper
SUPPRIME ToolbarFR

========== Clé(s) du Registre ==========
SUPPRIME [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar]
SUPPRIME [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}]
SUPPRIME [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}]
SUPPRIME [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A047FE02-C91C-41CB-898C-4ED21B86025A}]
SUPPRIME Key: CLSID BHO: {1d970ed5-3eda-438d-bffd-715931e2775b}
SUPPRIME Key: HKCU\Software\77-Zip
SUPPRIME Key: HKCU\Software\BabSolution
SUPPRIME Key: HKCU\Software\AVG SafeGuard toolbar
SUPPRIME Key: HKCU\Software\PerformerSoft LLC
SUPPRIME Key: HKCU\Software\Reimage
SUPPRIME Key: HKCU\Software\SweetIM
SUPPRIME Key*: HKLM\Software\BrowserChoice
SUPPRIME Key*: HKLM\Software\DomaIQ
SUPPRIME Key: HKLM\Software\Wow6432Node\SweetIM
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A047FE02-C91C-41CB-898C-4ED21B86025A}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ef79f67a-6ad7-4715-a0f8-932fca442023}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ef79f67a-6ad7-4715-a0f8-932fca442023}
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\482AA67AD25E6E74E9F48BD5FBE8533C
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BA172DB42E6685D4FA8808EFB370074C
SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32
SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS
SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASAPI32
SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASMANCS
ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF79F67A-6AD7-4715-A0F8-932FCA442023}
ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF79F67A-6AD7-4715-A0F8-932FCA442023}
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
SUPPRIME Key: HKLM\Software\Wow6432Node\AVG SafeGuard toolbar
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D970ED5-3EDA-438D-BFFD-715931E2775B}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1D970ED5-3EDA-438D-BFFD-715931E2775B}
ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D970ED5-3EDA-438D-BFFD-715931E2775B}
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494
SUPPRIME Key: HKLM\Software\Wow6432Node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179}
SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211701196}
SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011441179}
SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211701196}
SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211701196}
SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31111111-1111-1111-1111-110211701196}
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC

========== Valeur(s) du Registre ==========
SUPPRIME RunValue: NPSStartup
SUPPRIME MWPE Value: NoActiveDesktop
SUPPRIME MWPE Value: NoActiveDesktopChanges

========== Elément(s) de donnée du Registre ==========
REMPLACE Value NoActiveDesktopChanges : Good (0) - Bad (1)

========== Dossier(s) ==========
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{01242776-B5A3-45B0-B2DD-2718D4AC490A}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{04966CE9-A2CE-4352-96C0-D2C67A4EFB34}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{06F751CF-D6F4-4054-BE6B-D32318FB6C3A}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{08A00B63-56BF-4E59-85DF-EDFC2249FEDB}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{0C28C82A-FAE3-4706-9617-8DCFCE5C8DCD}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{0E10A625-E502-420A-BC5C-18E238DDC8AA}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{1161837F-9A0C-4566-8342-CBFAE4FC4837}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{11B65A17-718F-4D08-B035-3E6D3F0EE64A}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{123057CB-D5D3-40B7-8A96-090169E0ECF4}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{13B61AEC-47E2-40C1-A753-3C872B3C8284}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{14919399-CE13-4EBA-8A3F-4B5B69A5F1D3}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{14C7F80A-D689-47D1-A355-17CAC7155C17}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{153F61BD-0B3C-4E3E-B08D-E4895D6E1E33}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{1671AA04-5285-4A82-A988-9E6D6F35603E}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{173D9996-8CCF-4591-A1DD-43FEA0DD5973}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{18612D4F-A910-40AF-A81B-693C4F6A829D}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{1B4CF6E9-786A-4CBB-846A-C56F8BF134B6}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{1E094DA8-6884-4099-8D05-5F83DCCEE6C7}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{1F91B76D-9D0A-47F6-81C7-D841D98BBF21}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{211006FC-C69C-4454-91D0-4F6996B3E090}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{217C76C1-4E34-4EA1-AD07-362C68E3F405}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{2395844E-19E9-4F09-8069-FA0B3346EE3F}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{2428E1CC-95C9-47EE-BAEA-D3F2C2213A62}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{2494066F-9F00-4A80-8E0A-5678759B0C87}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{258BDD20-ECC0-402B-9CD9-89264F4499C7}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{25CB8BFE-0945-435B-A811-1533C32F2F06}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{26C69BD1-49BD-4E5F-86D0-FD858B5793F8}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{277D07A3-9CF8-43D1-809E-323708AF129A}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{2A0199E0-5437-4995-8A2A-0FD374FBFB33}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{2B399C40-404C-42CF-861D-CA6051202409}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{2B61D4D4-9E41-4B7F-9E25-5500ABD893B9}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{2BC0153B-9A5D-48CB-9B84-A7FC1113A27A}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{2C05AA2A-205D-4440-8F76-43762FE31E3D}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{2D42E8D9-D582-4CC3-9D26-1227C9E3F118}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{2D6FB164-55E4-491C-ADBC-F23F7CA18CE4}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{2DA8EC6C-75D8-4A51-A393-83B8FDFD55AD}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{2E2E510E-FD88-49F2-B3A8-C6C554B89072}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{2E51B74E-BA1D-441C-A314-F9E46D683249}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{2F3BEAE5-3EC4-4E5D-9015-DA3AA7ADC5F4}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{300F870F-44D4-4228-A3A1-784E6A380B79}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{3085EA1E-3EAD-4013-A342-3C41ABE4EBB4}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{327CB252-D04F-4055-ACD4-E509E03640A7}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{3426088C-1542-4BB5-B7A7-9E4ECEF8257C}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{381CC735-5F36-47B7-B80D-DB2DD6717632}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{39162563-2F6C-4440-A4B2-216BEA74312E}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{3BB1E058-694D-47E2-A352-E117BCAF3613}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{3BE51A76-C31C-4F4B-A78A-E932F0CF346B}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{3D686D17-F725-4407-9A39-2D24C1A50924}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{41D5A980-BABB-41E8-A0BC-CF6F5E2465DC}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{43079697-148D-41B0-8E53-1B5F52E8D456}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{4448EBE8-8830-41E9-B2D9-0B405430554F}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{44BF263F-9DE9-4A15-9F2D-C3AEC1844870}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{45C0C340-2BEC-47B4-B148-5443F0CAB4C2}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{462D60C2-FAF4-4EBE-9AD0-76557C47AACB}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{4664692F-21FE-4A34-8D79-1EA5E6FF6443}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{46B06A67-B63C-45DF-B288-B59CA680C205}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{46C1097B-2CA2-47E6-AFA4-B1276286301F}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{47246FE3-20D7-4D19-98BB-556F1FA8C577}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{49894BAA-8BB4-4546-80CC-41D257D25881}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{4BAC3DDB-1EC7-4306-AB83-0DCC8BFB35B9}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{4C4FBD78-E3C4-4A27-87F6-BAE31BE37E52}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{4C7409B4-BB42-4C16-8ECE-F8BD3E4372FD}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{4CBD7E9E-ECF4-4E4A-9F53-C69BEC997B00}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{4DCC7FF7-C14B-4C7E-A726-2DFA4ADC6C5B}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{4FA069CE-08EA-4B42-9C0D-222B7E32F008}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{5055119E-127D-4E32-9224-A77E2648219F}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{50AB4389-98EF-441B-AEE3-27D0DF5DAB15}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{50CFA384-A43D-4FB6-917E-FA6401C460A6}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{51896F4D-8970-4A80-8C5A-3C31AABC22BC}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{521477BF-FEF9-4D2C-8378-6D3BDC96DBEA}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{551E97F0-8D4E-42B2-96E8-B7075F282F7F}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{552541B8-4A6C-48B5-B021-016B3785E68D}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{556465F2-5B9A-4BE3-9CDD-912EA269DB9C}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{56CCFC4C-7180-4500-928D-DD30C52CE044}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{585D7B3C-55DB-4EB6-8317-1C9811C47CBF}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{5E93BCFB-A512-4397-9672-EA6C5C1EF7EA}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{5F21C03A-67D5-4943-8C7C-E4888BAEE493}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{5FF22E36-379D-413B-9618-0A74BDF4BB5F}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{611975C9-F730-4209-B957-6E08B0DB3ED0}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{62DB04F4-D025-4737-8D5F-7C7C6ECEF9A7}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{63EC7DB4-6F62-4F30-B041-9E01A9792A3D}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{64A4B371-9072-4C70-8AC4-00F9571C326F}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{65A4CFB7-D325-457E-84F6-2804C35E8E06}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{6767CB21-99C6-40D4-9A9C-C72DAB9D36B0}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{69049D8C-0CC1-467A-8319-EF2445FFEF3A}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{6C649F29-EC45-4097-B88E-D3E1CBE5E7D9}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{6E8FA059-48AC-4A0C-B34A-F100B4B9AA6B}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{6F8A3DE6-8391-4E95-8606-5CAF6FAD0F69}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{6FB91444-AC9B-4EAB-97A6-48A3BEE04F4F}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{70458E7C-93F0-4D92-8587-78DF5F5CDAEC}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{706D1538-9657-4487-97E9-C53A74C41193}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{73940793-60AF-4BDD-8ED4-6B14AF40BF0D}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{73E930C8-8E19-4BF4-881E-87A953BB1A74}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{774E1B00-4322-4378-A6AE-1540A289C4C8}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{785C6771-2DED-466C-85B5-FF0C7B2F7A6A}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{7885A2A7-252E-499F-8A76-8A127D3C1286}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{7B744CC9-C7F7-4F2B-927A-5A25503D2CED}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{7B94A312-8C51-422A-830F-3CD21ADE26B8}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{7CEA08BF-1473-4D4C-85F0-9888D7CF8D30}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{7E6F37FB-4898-4ABF-A937-0CF7FBDB4861}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{8012D4D9-5CAD-40AE-BBC9-11E7CD581944}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{805B63CC-8960-4D7C-9A18-0E53AA8C8451}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{81038622-6E04-4821-892C-DF35454CAFFB}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{825C8960-5327-447C-B860-37FDB71A0DDB}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{84C7F748-219F-45BA-B90A-E74125F5659F}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{84EC046A-7947-4DCB-B99D-C51C2AEF259B}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{85C18BA4-84C1-4A86-8113-47C9DE16D20A}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{8611FE07-3FF4-445A-B017-3DB7BF3CB5BE}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{875969B4-176B-4554-ACA6-E81412A036B2}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{877C3164-44ED-4019-A2E9-7149DA5157C4}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{87856899-74D7-4620-8E80-D02F2B6522DB}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{881F6169-DBEB-4F43-AD01-2A6FD2E8E0D0}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{891EA3B5-237D-4012-8930-0EF8AFFC3D16}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{8967738B-79FD-42B9-AC7A-B6757EFAFC85}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{8B691B2F-3E2B-4740-A4E8-6F89CA9C91D1}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{8C9291D3-8E4A-4B2A-9485-4FF5630300D0}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{8CF72E84-392D-4FBA-BE00-E77EE62ECE23}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{8D93F659-A36D-47E9-ADBA-83F75B85F27F}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{912F0B07-37B8-4EEE-B9CB-D2796C285808}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{945C8CFA-8008-4C42-9B0C-11EFDF0F754C}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{94D37BB8-F437-4BB0-918F-E3D167EB428B}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{952150AD-F613-4A42-94D0-B4184E344F62}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{955E7788-1F32-48B1-8784-33511D205203}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{95694DAD-6500-4394-9148-CDD653EE6FB4}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{97A371E0-FBC4-4BA6-99A0-7E4052409BB2}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{982AD326-F9F7-41A6-A0F4-B1B599873DA2}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{9D4F3CFE-1F6C-420E-B598-7F0D3736C9B6}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{9DF6BBDB-EEC4-48F5-990D-A213B0B31782}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{9E0B54B0-B951-4CFD-86EE-EF25776AEED0}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{A0B18DC4-EFC6-44FF-936B-776367261350}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{A178D4F7-8CE9-434E-8691-2579D3FA3A73}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{A4084A43-FC21-41D0-962A-23CAD3C515D4}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{A7332317-0E77-4F18-9537-DAE52A581701}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{A7E393D8-995B-45EE-B4DD-1001A6BD4126}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{AE3B3794-C80F-4E49-8D1C-A2B6D6183AD5}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{B0BDAF38-FF48-4DAE-B98F-4C0458FF676E}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{B0D5FAEE-C962-41AD-AACE-8235DAEFB105}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{B4DFC371-C241-4067-8871-9CA61C3F54CE}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{BA5575CC-9D5C-4291-9054-A565568DCF69}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{BAB081B2-85C6-40C1-A56F-22CEFB8088FD}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{BB7BD8C3-980A-4202-B8F6-3FA245E80FF8}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{BBD3D0BF-D76E-4DAE-B91C-A006D092FF93}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{BC9CC26E-0BC4-4FF3-A229-950B39AE0C26}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{BE19BDF6-2F41-4BDA-9AD7-6B5087E303F8}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{BE2A3A50-A13F-4DF9-910C-F21A6E6ADE03}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{BE48F9FF-E25C-42F6-B58E-736BB832F1E8}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{BEDF731C-1E32-4978-9A03-967889ED6956}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{C129D033-F0BF-41DC-9126-46B69B174F65}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{C48EB743-6599-4D70-9654-70EE8A6BEA50}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{C7482553-0583-4DFE-93DD-1A47FABE9397}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{C7922271-4C1C-465A-87D6-03A599ADA165}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{C7FE8896-6143-437C-905F-75E1DEC585DD}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{C93DD769-60A2-4968-BFA8-B041F65527A9}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{CA41D7A0-398E-46F9-B284-18FAC84DDF7A}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{CA76BE75-7F45-4FF6-B8CB-A83BCBE20715}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{CAF2D4DC-B975-4C24-A7D0-E0155A0DDC3A}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{CB156D02-AFE5-43E9-B8AD-ADBE3F8DFAF8}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{CB95E50A-B035-4D53-A6D3-31917B47C605}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{CC0D2669-AFDA-4012-91E9-8814DD9D3845}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{CC26CC3F-6A9B-4F14-BCE8-DF0C1B15CB75}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{CC532449-762D-46E8-A845-6A963AF16392}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{CC7E7942-3BCF-4D53-B246-5971C01B2D60}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{CF3597CE-66F8-4092-BB3D-198BD17F302D}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{D20FFCF1-6E74-48E1-98B3-A455236F198C}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{D3EBEAB1-E411-40CF-AECF-B6A8235A9B2A}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{D6E9B5C7-E76E-4D1D-8195-70583C30BD56}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{D73AEC33-0F91-481E-97CC-8F900897DBFA}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{D92E14C1-3C0C-45EE-91AC-7623E77889C6}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{D9D0270F-AB8C-4F16-A9BB-6E280192FA1D}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{DAEAFF31-7F21-47A9-8A05-2E4CCAF104C7}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{DD67C214-F9C2-447F-8707-70ED905B5F30}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{DDE0ACAB-F11C-4F50-A5B2-BEFEF8EC3DE4}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{E1B7CC16-4A98-489F-B269-F62DF5786712}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{E2630D2C-24FD-41DC-98DF-6B788387A46C}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{E283F873-D1C0-4EA7-ADB7-8CF5A57956C9}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{E3F80879-6841-4C99-BD4D-2D91C960F317}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{E3FFCCAF-AF09-49E5-9232-1BB186F5C4B6}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{E4E77D00-3FC2-4B46-AF52-046E7A333286}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{E795A86B-AF78-4F9F-8234-1663C336785C}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{E8FFB7B5-6FAD-43C9-B5AD-78ED962037DD}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{EB5B9FD5-AC44-4012-9C4A-3857E3B2FB7B}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{ECDC4AF9-8EBC-4840-9F34-CD70F330B8BA}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{EE531EEC-3850-473E-9B49-43DC4428723F}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{EF583E82-9484-4F9C-8115-C4DB84B1797E}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{F0218788-DC2F-4D14-939F-EC304FD11C03}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{F0C4E6A6-D8CA-48AF-8CC3-578D9FE6E1D5}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{F487148B-47C6-41FE-81BD-80CA25C489F6}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{F49E5A04-C5AC-4662-8C3C-34E913D79F7E}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{F583F433-E44D-466F-92CC-47C353FEEDE1}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{F632672E-9CAB-4226-8E6E-601E38D30C1E}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{F6C695A5-8BFA-4A47-9A8E-63B009064D0C}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{F90143E1-EBFD-49CB-AE31-92320CE1E3B3}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{F95E9E52-0F2C-4666-B0C8-7212386DCCEA}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{FAA4EFF8-B14C-491D-B74D-392545E18863}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{FB37B172-646F-4532-A4B0-A39A54318C90}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{FC25D65C-C722-496C-AA36-34D66D2FC1FC}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{FE33CFA9-24F9-47EC-8EB4-3E7108021340}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{FECD4256-B480-458D-9D0E-16D834FD09AA}
SUPPRIME Folder: C:\Users\matteo\AppData\Local\{FEE7BCBD-2772-496C-A388-E993451DC785}

========== Fichier(s) ==========
ABSENT Folder/File: c:\users\matteo\appdata\roaming\mozilla\firefox\profiles\extensions\prefs.js (.not file.)
ABSENT File: mscoree.dll
SUPPRIME File: c:\users\matteo\desktop\imprimante.lnk
SUPPRIME File: c:\users\matteo\desktop\speedanalysis.lnk
SUPPRIME File: c:\adwcleaner[s2].txt
SUPPRIME File: c:\adwcleaner[r1].txt
SUPPRIME File: c:\adwcleaner[s1].txt
SUPPRIME File: c:\windows\reimage.ini
ABSENT Folder/File: c:\programdata\software
ABSENT Folder/File: c:\users\matteo\appdata\local\software
SUPPRIME Temporaires Windows

========== Tache planifiée ==========
SUPPRIME Task: OfferBoxUpdate
SUPPRIME Task: OfferBoxUpdateTask
SUPPRIME Task: {012217D0-513A-4C19-B284-372F23E3769A}
SUPPRIME Task: {11A42DCF-7DA8-4765-B9F8-C89AB2F96348}
SUPPRIME Task: {8B186397-3D4F-4818-BB04-703AEA5705E2}
SUPPRIME Task: {925919D0-4B2B-4220-8CE2-65D8A297A107}
SUPPRIME Task: {EDC9AD62-92C3-45DA-85B9-963CB9FEF304}


========== Récapitulatif ==========
48 : Clé(s) du Registre
3 : Valeur(s) du Registre
1 : Elément(s) de donnée du Registre
199 : Dossier(s)
11 : Fichier(s)
4 : Logiciel(s)
7 : Tache planifiée


End of clean in 02mn 39s

========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 31/05/2013 00:39:05 [24345]
0
Réponse 27 / 38
g3n-h@ckm@n Messages postés 13238 Date d'inscription jeudi 31 janvier 2013 Statut Membre Dernière intervention 24 février 2022 948
31 mai 2013 à 00:45
tu peux faire le menage je pense :

https://forums-fec.be/entraide/viewtopic.php?f=11&t=229
0
Réponse 28 / 38
perle41 Messages postés 45 Date d'inscription samedi 12 juillet 2008 Statut Membre Dernière intervention 3 septembre 2017
31 mai 2013 à 00:53
je suis la marche à suivre du nettoyage et je te dit mais peu etre demain car il se fait tard je te remercie de ton aide

la j'installe java

bonne fin de soirée a plus
0
g3n-h@ckm@n Messages postés 13238 Date d'inscription jeudi 31 janvier 2013 Statut Membre Dernière intervention 24 février 2022 948
31 mai 2013 à 00:55
ok s'il ne te sert pas c'est pas indispensable
0
Réponse 29 / 38
perle41 Messages postés 45 Date d'inscription samedi 12 juillet 2008 Statut Membre Dernière intervention 3 septembre 2017
31 mai 2013 à 01:03
ra# DelFix v10.2 - Rapport créé le 31/05/2013 à 01:02:12
# Mis à jour le 02/04/2013 par Xplode
# Nom d'utilisateur : matteo - FLAVIO-PC
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Suppression des outils de désinfection ...

Supprimé : C:\ZHP
Supprimé : C:\Users\matteo\RK_Quarantine
Supprimé : C:\Program Files (x86)\ZHPDiag
Supprimé : C:\AdwCleaner[S3].txt
Supprimé : C:\PhysicalDisk0_MBR.bin
Supprimé : C:\Users\matteo\Desktop\AdwCleaner[S3].txt
Supprimé : C:\Users\matteo\Desktop\ZHPDiag.txt
Supprimé : C:\Users\matteo\Desktop\ZHPFixReport.txt
Supprimé : C:\Users\Public\Desktop\MBRCheck.lnk
Supprimé : C:\Users\Public\Desktop\ZHPDiag.lnk
Supprimé : C:\Users\Public\Desktop\ZHPFix.lnk
Supprimée : HKLM\SOFTWARE\AdwCleaner
Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1

########## - EOF - ####
0
Réponse 30 / 38
g3n-h@ckm@n Messages postés 13238 Date d'inscription jeudi 31 janvier 2013 Statut Membre Dernière intervention 24 février 2022 948
31 mai 2013 à 01:05
t'as pas tout coché sur delfix ^^
0
Réponse 31 / 38
perle41 Messages postés 45 Date d'inscription samedi 12 juillet 2008 Statut Membre Dernière intervention 3 septembre 2017
31 mai 2013 à 01:23
je pense avoir tt fait enfin j'ai essayé de faire au mieux mais pas tjr évident maintenant y a t il une vérif a faire merci d'avance bonne nuit a plus
0
Réponse 32 / 38
g3n-h@ckm@n Messages postés 13238 Date d'inscription jeudi 31 janvier 2013 Statut Membre Dernière intervention 24 février 2022 948
31 mai 2013 à 01:27
nan c'est bon....
0
Réponse 33 / 38
perle41 Messages postés 45 Date d'inscription samedi 12 juillet 2008 Statut Membre Dernière intervention 3 septembre 2017
31 mai 2013 à 12:57
ok je vous remerci pour votre aide tout à lair de fonctionner encore merci bonne journée
0
g3n-h@ckm@n Messages postés 13238 Date d'inscription jeudi 31 janvier 2013 Statut Membre Dernière intervention 24 février 2022 948
31 mai 2013 à 13:18
itou :)
0
Réponse 34 / 38
perle41 Messages postés 45 Date d'inscription samedi 12 juillet 2008 Statut Membre Dernière intervention 3 septembre 2017
31 mai 2013 à 13:24
cc c'est encor moi aprés vérif je ne crois pas avoi decocher de delfix est ce important
0
Réponse 35 / 38
g3n-h@ckm@n Messages postés 13238 Date d'inscription jeudi 31 janvier 2013 Statut Membre Dernière intervention 24 février 2022 948
31 mai 2013 à 13:27
non pas tant que ca...

tant que les outils ont été virés...
0
Réponse 36 / 38
perle41 Messages postés 45 Date d'inscription samedi 12 juillet 2008 Statut Membre Dernière intervention 3 septembre 2017
31 mai 2013 à 13:41
tu veux dire tt ce qui été mis sur le bureau pendant les manip
oui tt est partis sauf alwarebytes
0
Réponse 37 / 38
g3n-h@ckm@n Messages postés 13238 Date d'inscription jeudi 31 janvier 2013 Statut Membre Dernière intervention 24 février 2022 948
31 mai 2013 à 13:51
parfait , un scan par semaine après mise à jour ca ira très bien :)
0
Réponse 38 / 38
perle41 Messages postés 45 Date d'inscription samedi 12 juillet 2008 Statut Membre Dernière intervention 3 septembre 2017
31 mai 2013 à 14:50
ok encore merci davoir resolu mon souci :)
0
g3n-h@ckm@n Messages postés 13238 Date d'inscription jeudi 31 janvier 2013 Statut Membre Dernière intervention 24 février 2022 948
31 mai 2013 à 19:51
:p
0