Problèmes sur applications

Résolu
unmaxdemontagne -  
billmaxime Messages postés 50523 Date d'inscription   Statut Contributeur Dernière intervention   -
Bonjour,

à l'ouverture de certaines applications telles que Youtube, Météo France etc, il apparait la page ci-jointe. comment rémédier à ce problème? le vous remercie..

21 réponses

  • 1
  • 2
  1. unmaxdemontagne
     
    Je n'arrive pas à poster la capture d'écran qui concerne le problème
    0
    1. unmaxdemontagne
       
      Rapport de ZHPDiag v2013.9.14.26 - Nicolas Coolman (14/09/2013)
      ~ Lancé par carladous.max@orange (15/09/2013 08:36:23)
      ~ Adresse du Site Web http://nicolascoolman.webs.com
      ~ Traduit par Nicolas Coolman
      ~ Etat de la version :
      ~ Liste blanche : Activée par le programme
      ~ Elévation des Privilèges : OK
      ~ User Account Control (UAC): Deactivate by program


      ---\\ Navigateurs Internet
      MSIE: Internet Explorer v9.0.8112.16421

      ---\\ Informations sur les produits Windows
      ~ Langage: Français
      Windows Vista Home Premium Edition, 64-bit Service Pack 2 (Build 6002)
      Windows Server License Manager Script : OK
      ~ Vista, OEM_SLP channel
      System Locked Preinstallation (OEM_SLP) : OK
      Windows ID Activation : OK
      ~ Windows Partial Key : WQD8Q
      Windows License : OK
      Windows Automatic Updates : OK

      ---\\ Logiciels de protection du système
      Malwarebytes Anti-Malware version 1.75.0.1300

      ---\\ Logiciels d'optimisation du système
      CCleaner =>Piriform Ltd

      ---\\ Logiciels de partage PeerToPeer

      ---\\ Surveillance de Logiciels
      Adobe Flash Player 11 Plugin
      Adobe Reader 9.5.5 - Français

      ---\\ Informations sur le système
      ~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
      ~ Operating System: 64 Bits
      Boot mode: Normal (Normal boot)
      Total RAM: 4093 MB (61% free)
      System Restore: Activé (Enable)
      System drive C: has 754 GB (82%) free of 918 GB

      ---\\ Mode de connexion au système
      ~ Computer Name: PC-DE-MAX
      ~ User Name: carladous.max@orange
      ~ All Users Names: carladous.max@orange, Administrateur,
      ~ Unselected Option: None
      Logged in as Administrator

      ---\\ Variables d'environnement
      ~ System Unit : C:\
      ~ %AppData% : C:\Users\carladous.max@orange\AppData\Roaming\
      ~ %Desktop% : C:\Users\carladous.max@orange\Desktop\
      ~ %Favorites% : C:\Users\carladous.max@orange\Favorites\
      ~ %LocalAppData% : C:\Users\carladous.max@orange\AppData\Local\
      ~ %StartMenu% : C:\Users\carladous.max@orange\AppData\Roaming\Microsoft\Windows\Start Menu\
      ~ %Windir% : C:\Windows\
      ~ %System% : C:\Windows\System32\

      ---\\ Enumération des unités disques
      C:\ Hard drive, Flash drive, Thumb drive (Free 754 Go of 918 Go)
      D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 14 Go)
      E:\ CD-ROM drive (Not Inserted)
      F:\ Floppy drive, Flash card reader, USB Key (Free 7 Go of 7 Go)



      ---\\ Etat du Centre de Sécurité Windows
      [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: Modified
      [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: Modified
      ~ Security Center: 37 Legitimates Filtered in 00mn 00s



      ---\\ Recherche particulière de fichiers génériques
      [MD5.6B08E54A451B3F95E4109DBA7E594270] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 08:10:17.) -- C:\Windows\Explorer.exe [3079168]
      [MD5.117EA87DF785CA1B9D821F6F213DCE07] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:50:23.) -- C:\Windows\System32\Wininit.exe [123904]
      [MD5.75F110F4005DAE430AECA787FDEA9CBB] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.31/07/2013 - 14:19:03.) -- C:\Windows\System32\wininet.dll [1392128]
      [MD5.6D0773A3A65D28B663F334C90441D01A] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 08:11:08.) -- C:\Windows\System32\Winlogon.exe [405504]
      [MD5.C4F6CE6087760AD70960C9EB130E7943] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.03/01/2012 - 15:25:21.) -- C:\Windows\system32\Drivers\AFD.sys [404992]
      [MD5.E68D9B3A3905619732F7FE039466A623] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 08:15:00.) -- C:\Windows\system32\Drivers\atapi.sys [20952]
      [MD5.B4D787DB8D30793A4D4DF9FEED18F136] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:50:39.) -- C:\Windows\system32\Drivers\Cdfs.sys [90624]
      [MD5.C025AA69BE3D0D25C7A2E746EF6F94FC] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 06:34:39.) -- C:\Windows\system32\Drivers\Cdrom.sys [79872]
      [MD5.8B722BA35205C71E7951CDC4CDBADE19] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 16:14:19.) -- C:\Windows\system32\Drivers\DfsC.sys [97792]
      [MD5.F942C5820205F2FB453243EDFEC82A3D] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 06:39:41.) -- C:\Windows\system32\Drivers\HDAudBus.sys [948736]
      [MD5.CBB597659A2713CE0C9CC20C88C7591F] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:46:59.) -- C:\Windows\system32\Drivers\i8042prt.sys [64000]
      [MD5.B7E6212F581EA5F6AB0C3A6CEEEB89BE] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:48:45.) -- C:\Windows\system32\Drivers\IpNat.sys [115712]
      [MD5.1485811B320FF8C7EDAD1CAEBB1C6C2B] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:39:34.) -- C:\Windows\system32\Drivers\MRxSmb.sys [135680]
      [MD5.FC2C792EBDDC8E28DF939D6A92C83D61] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 06:42:33.) -- C:\Windows\system32\Drivers\netBT.sys [248320]
      [MD5.2ACCAA3C3C55370A32F17B3595E1A217] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:13:14.) -- C:\Windows\system32\Drivers\ntfs.sys [1513320]
      [MD5.AECD57F94C887F58919F307C35498EA0] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 10:37:57.) -- C:\Windows\system32\Drivers\Parport.sys [96768]
      [MD5.AC7BC4D42A7E558718DFDEC599BBFC2C] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.11/04/2009 - 06:43:38.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
      [MD5.C045D1FB111C28DF0D1BE8D4BDA22C06] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:46:51.) -- C:\Windows\system32\Drivers\rdpdr.sys [314368]
      [MD5.290B6F6A0EC4FCDFC90F5CB6D7020473] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 06:42:19.) -- C:\Windows\system32\Drivers\smb.sys [88064]
      [MD5.458919C8C42E398DC4802178D5FFEE27] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 06:43:00.) -- C:\Windows\system32\Drivers\tdx.sys [94720]
      [MD5.582F710097B46140F5A89A19A6573D4B] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:50:57.) -- C:\Windows\system32\Drivers\volsnap.sys [267648]
      ~ Generic Processes: Scanned in 00mn 00s



      ---\\ Etat des fichiers cachés (Caché/Total)
      ~ Mes images (My Pictures) : 2/5612
      ~ Mes musiques (My Musics) : 7/29
      ~ Mes Videos (My Videos) : 1/2
      ~ Mes Favoris (My Favorites) : 1/50
      ~ Mes Documents (My Documents) : 2/2550
      ~ Mon Bureau (My Desktop) : 1/22
      ~ Menu demarrer (Programs) : 1/80
      ~ Hidden Files: Scanned in 00mn 00s



      ---\\ Processus lancés
      [MD5.D5543E09953C8A8B12801A3A7AFEE155] - (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720] [PID.2072]
      [MD5.CC37819A9C45FDF9E0577D71D8044319] - (.Apple Inc. - ApplePhotoStreams.exe.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720] [PID.2084]
      [MD5.A1993250DD28B823D0B2477CFE9B331F] - (.Apple Inc. - BookmarkDAV_client.exe.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe [59720] [PID.2092]
      [MD5.6FD13B36C8E7CBD5E09F95220484E71D] - (.Panasonic Corporation - AutoStartService.) -- C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe [174064] [PID.2108]
      [MD5.749949494676218FFA99501F4AA22ECC] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\program\soffice.exe [10376704] [PID.2164]
      [MD5.554A50B5310E702029D3A675459108FF] - (.Hewlett-Packard - hpsysdrv.) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768] [PID.2184]
      [MD5.A9F9D081518AC03A51C1195986076F42] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.2308]
      [MD5.4EE367B8B1964160A1F1B80095183D3A] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\program\soffice.bin [10368512] [PID.2692]
      [MD5.61E4289E91E88C90478D7F4BEB10DCF7] - (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720] [PID.3520]
      [MD5.D645B082E49F8655F14C61DB4EEBBA1D] - (.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe [367016] [PID.4916]
      [MD5.59A409BAB55E72D33409A8A99F50DB17] - (.IncrediMail, Ltd. - IncrediMail Tray Application.) -- C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe [264616] [PID.4800]
      [MD5.D0D60548015BA79AD371BA4A562E79CB] - (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_8_800_174_ActiveX.exe [815496] [PID.5156]
      [MD5.D15FE044EF9776466FBA00D7FBD7B7B6] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7953408] [PID.4356]
      [MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\SysWOW64\conime.exe [69120] [PID.5372]
      [MD5.ADC420616C501B45D26C0FD3EF1E54E4] - (.ArcSoft Inc. - ArcSoft Connect Service.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152] [PID.2404]
      [MD5.4FE5C6D40664AE07BE5105874357D2ED] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [57008] [PID.2420]
      ~ Processes Running: Scanned in 00mn 00s



      ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
      C:\Users\carladous.max@orange\AppData\Local\Google\Chrome\User Data\Default\Preferences
      G1 - GCS: Preference [User Data\Default] http://www.softonic.fr =>Toolbar.Conduit
      G0 - GCSP: Preference [User Data\Default][HomePage] http://www.aol.fr
      G0 - GCSP: Preference [User Data\Default] http://www.aol.fr
      G2 - GCE: Preference [User Data\Default] [pbjcbkbcncfkoljakenekllbfdonhjef] LyricsSay-1 v.1.24.15, (Activé) =>Adware.AddLyrics
      ~ Google Browser: 27 Legitimates Filtered in 00mn 18s



      ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
      C:\Users\carladous.max@orange\AppData\Roaming\Mozilla\Firefox\Profiles\hxt27szr.default\prefs.js
      C:\Users\carladous.max@orange\AppData\Roaming\Mozilla\Firefox\Profiles\sq8szelx.default\prefs.js
      M2 - MFEP: prefs.js [carladous.max@orange - hxt27szr.default\***@***] [] LyricsSay-1 v (..) =>Adware.AddLyrics
      ~ Firefox Browser: 22 Legitimates Filtered in 00mn 00s



      ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
      R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1
      ~ IE Browser: 16 Legitimates Filtered in 00mn 00s



      ---\\ Internet Explorer, Proxy Management (R5)
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 116.50.60.6:3128
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
      ~ Proxy management: Scanned in 00mn 00s



      ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
      F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe
      F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
      F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
      ~ Keys: Scanned in 00mn 00s



      ---\\ Hosts file redirection (O1)
      ~ Le fichier hosts est sain (The hosts file is clean).
      ~ Hosts File: Scanned in 00mn 00s
      ~ Nombre de lignes (Lines number): 20



      ---\\ Internet Explorer Toolbars (O3)
      O3 - Toolbar: Google Toolbar [64Bits] - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll =>Toolbar.Google
      O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{DE9C389F-3316-41A7-809B-AA305ED9D922} Clé orpheline
      O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} Clé orpheline
      O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{D3028143-6145-4318-99D3-3EDCE54A95A9} Clé orpheline
      O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline
      ~ Toolbar: Scanned in 00mn 00s



      ---\\ Autres liens utilisateurs (O4)
      O4 - GS\Desktop [Public]: IncrediMail.lnk . (.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
      O4 - GS\Desktop [Public]: PHOTOfunSTUDIO 6.0.lnk . (.Panasonic Corporation - PHOTOfunSTUDIO.) -- C:\Program Files (x86)\Panasonic\PHOTOfunSTUDIO 6.0\PHOTOfunSTUDIO.exe
      O4 - GS\Program [Public]: IncrediMail.lnk . (.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
      O4 - GS\QuickLaunch [carladous.max@orange]: CompeGPS LAND (2).lnk . (...) -- C:\Program Files\CompeGPS\CompeGPSLAND.exe (.not file.)
      O4 - GS\QuickLaunch [carladous.max@orange]: CompeGPS LAND (3).lnk . (...) -- C:\Program Files\CompeGPS\CompeGPSLAND.exe (.not file.)
      O4 - GS\QuickLaunch [carladous.max@orange]: CompeGPS LAND (4).lnk . (...) -- C:\Program Files\CompeGPS\CompeGPSLAND.exe (.not file.)
      O4 - GS\QuickLaunch [carladous.max@orange]: CompeGPS LAND.lnk . (...) -- C:\Program Files\CompeGPS\CompeGPSLAND.exe (.not file.)
      O4 - GS\QuickLaunch [carladous.max@orange]: GIMP 2.lnk . (...) -- C:\Program Files\GIMP 2\bin\gimp-2.8.exe (.not file.)
      O4 - GS\QuickLaunch [carladous.max@orange]: GOM Player.lnk . (...) -- C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe
      O4 - GS\QuickLaunch [carladous.max@orange]: GOM Video Converter.lnk . (.Gretech Corporation - Launcher.) -- C:\Program Files (x86)\GRETECH\GOMVideoConverter\GomVC.exe
      O4 - GS\QuickLaunch [carladous.max@orange]: IncrediMail 2.0.lnk . (.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
      O4 - GS\QuickLaunch [carladous.max@orange]: incredimail_install - Raccourci.lnk . (...) -- C:\Users\carladous.max@orange\Downloads\incredimail_install.exe
      O4 - GS\QuickLaunch [carladous.max@orange]: iTunes64Setup - Raccourci.lnk . (...) -- C:\Users\carladous.max@orange\Documents\Downloads\iTunes64Setup.exe (.not file.)
      O4 - GS\QuickLaunch [carladous.max@orange]: IZArc.lnk . (.IZSoftware - IZArc Archiver.) -- C:\Program Files (x86)\IZArc\IZArc.exe
      O4 - GS\QuickLaunch [carladous.max@orange]: Outil de mise à jour Google (2).lnk . (.Google - Google Updater.) -- C:\Program Files (x86)\Google\Google Updater\GoogleUpdater.exe
      O4 - GS\QuickLaunch [carladous.max@orange]: Outil de mise à jour Google.lnk . (.Google - Google Updater.) -- C:\Program Files (x86)\Google\Google Updater\GoogleUpdater.exe
      O4 - GS\QuickLaunch [carladous.max@orange]: SOS Photos perdues.lnk . (.GetData Pty Ltd - SOS Photos perdues.) -- C:\Program Files (x86)\Micro Application\SOS Photos perdues\RecoverMyPhotos.exe
      O4 - GS\QuickLaunch [carladous.max@orange]: SpeedUpMyPC.lnk . (...) -- C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe (.not file.) =>Rogue SpeedUpMyPC
      O4 - GS\Desktop [carladous.max@orange]: AD-R.lnk . (...) -- C:\Program Files (x86)\Ad-Remover\main.exe
      O4 - GS\Desktop [carladous.max@orange]: Assistance Livebox.lnk . (...) -- C:\Program Files (x86)\Orange\Assistance Livebox\AssistanceLivebox.exe
      O4 - GS\Desktop [carladous.max@orange]: CompeGPS LAND.lnk . (.CompeGPS TEAM, S.L. - CompeGPSLAND Application.) -- C:\Program Files (x86)\CompeGPS\CompeGPSLAND.exe
      O4 - GS\Desktop [carladous.max@orange]: Kizo-Player.lnk . (...) -- C:\Program Files (x86)\Kizoa\kizoastarter.exe
      O4 - GS\Desktop [carladous.max@orange]: Maxthon Cloud Browser.lnk . (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
      ~ Global Startup: 97 Legitimates Filtered in 00mn 00s



      ---\\ Applications lancées au démarrage du sytème (O4)
      O4 - GS\Startup [Public]: PHOTOfunSTUDIO 6.0.lnk . (.Panasonic Corporation - AutoStartService.) -- C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
      O4 - GS\Startup [carladous.max@orange]: OpenOffice.org 3.4.1.lnk . (...) -- C:\Program Files (x86)\program\quickstart.exe
      O4 - HKLM\..\Run: [Windows Defender] C:\Program Files (x86)\Windows Defender\MSASCui.exe (.not file.)
      O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll
      O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
      O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
      O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
      O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (.not file.)
      O4 - HKCU\..\Run: [iCloudServices] . (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
      O4 - HKCU\..\Run: [ApplePhotoStreams] . (.Apple Inc. - ApplePhotoStreams.exe.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
      O4 - HKCU\..\Run: [com.apple.dav.bookmarks.daemon] . (.Apple Inc. - BookmarkDAV_client.exe.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
      O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe (.not file.)
      O4 - HKLM\..\Wow6432Node\Run: [hpsysdrv] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
      O4 - HKLM\..\Wow6432Node\Run: [Best-Softs] Clé orpheline
      O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
      O4 - HKLM\..\Wow6432Node\Run: [Nikon Message Center 2] . (.Nikon Corporation - Nikon Message Center 2.) -- C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe
      O4 - HKLM\..\Wow6432Node\Run: [ArcSoft Connection Service] . (.ArcSoft Inc. - ArcSoft Connect Daemon.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
      O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
      O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
      O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
      O4 - HKLM\..\Wow6432Node\Run: [CompeGPSDev] Clé orpheline
      O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
      O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
      O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
      O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
      O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
      O4 - HKUS\S-1-5-21-791831690-1571322809-2409202431-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
      O4 - HKUS\S-1-5-21-791831690-1571322809-2409202431-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      O4 - HKUS\S-1-5-21-791831690-1571322809-2409202431-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
      O4 - HKUS\S-1-5-21-791831690-1571322809-2409202431-1000\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (.not file.)
      O4 - HKUS\S-1-5-21-791831690-1571322809-2409202431-1000\..\Run: [iCloudServices] . (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
      O4 - HKUS\S-1-5-21-791831690-1571322809-2409202431-1000\..\Run: [ApplePhotoStreams] . (.Apple Inc. - ApplePhotoStreams.exe.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
      O4 - HKUS\S-1-5-21-791831690-1571322809-2409202431-1000\..\Run: [com.apple.dav.bookmarks.daemon] . (.Apple Inc. - BookmarkDAV_client.exe.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
      O4 - HKUS\S-1-5-21-791831690-1571322809-2409202431-1000\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe (.not file.)
      ~ Application: Scanned in 00mn 00s



      ---\\ Modification Domaine/Adresses DNS (O17)
      O17 - HKLM\System\CCS\Services\Tcpip\..\{D2DE97D4-4318-4858-8003-62BD44881886}: DhcpNameServer = 192.168.1.1 192.168.1.1
      O17 - HKLM\System\CS1\Services\Tcpip\..\{D2DE97D4-4318-4858-8003-62BD44881886}: DhcpNameServer = 192.168.1.1 192.168.1.1
      O17 - HKLM\System\CS2\Services\Tcpip\..\{D2DE97D4-4318-4858-8003-62BD44881886}: DhcpNameServer = 192.168.1.1 192.168.1.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
      ~ Domain: Scanned in 00mn 00s



      ---\\ Protocole additionnel (O18)
      O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
      O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
      ~ Protocole Additionnel: Scanned in 00mn 00s



      ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
      O22 - SharedTaskScheduler: Component Categories cache daemon [64Bits] - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
      ~ STS/SSO: Scanned in 00mn 00s



      ---\\ Liste des services NT non Microsoft et non désactivés (O23)
      O23 - Service: Update BrowseFox (Update BrowseFox) . (...) - C:\Program Files (x86)\BrowseFox\updateBrowseFox.exe (.not file.) =>Adware.BrowseFox
      O23 - Service: (vToolbarUpdater15.5.0) . (...) - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe (.not file.) =>Toolbar.AVGSearch
      ~ Services: 8 Legitimates Filtered in 00mn 03s



      ---\\ Enumération Active Desktop & MHTML Editor (O24)
      O24 - Desktop General: BackupWallPaper - .(...) - C:\Users\carladous.max@orange\Pictures\1239940_464792853621557_288929909_n.jpg
      O24 - Desktop General: WallPaper - .(...) - C:\Users\carladous.max@orange\Pictures\1239940_464792853621557_288929909_n.jpg
      ~ Desktop Component: 4 Legitimates Filtered in 00mn 00s



      ---\\ Enumère les données de BootExecute (BEX) (O34)
      O34 - HKLM BootExecute: (lsdelete) - File not found
      ~ BEX: 2 Legitimates Filtered in 00mn 00s



      ---\\ Tâches planifiées en automatique (O39)
      O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job [350]
      O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job [350]
      O39 - APT:Automatic Planified Task - C:\Windows\Tasks\LyricsSay-1-chromeinstaller.job [1932] =>Adware.AddLyrics
      O39 - APT:Automatic Planified Task - C:\Windows\Tasks\LyricsSay-1-codedownloader.job [1224] =>Adware.AddLyrics
      O39 - APT:Automatic Planified Task - C:\Windows\Tasks\LyricsSay-1-enabler.job [1124] =>Adware.AddLyrics
      O39 - APT:Automatic Planified Task - C:\Windows\Tasks\LyricsSay-1-firefoxinstaller.job [1856] =>Adware.AddLyrics
      O39 - APT:Automatic Planified Task - C:\Windows\Tasks\LyricsSay-1-updater.job [1320] =>Adware.AddLyrics
      O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Registry ***@*** [412]
      [MD5.00000000000000000000000000000000] [APT] [AVG-Secure-Search-Update_JUNE2013_HP_rmv] (...) -- C:\Windows\TEMP\{30B0F3C4-270A-4B67-9652-073EB8C54189}.exe (.not file.) [0]
      [MD5.00000000000000000000000000000000] [APT] [AVG-Secure-Search-Update_JUNE2013_TB_rmv] (...) -- C:\Windows\TEMP\{0E20BBD1-8E30-4EE3-AB0D-F3CC077B9AA5}.exe (.not file.) [0]
      [MD5.D794902B7FA2EF438AB0A700361F0D1A] [APT] [LyricsSay-1-chromeinstaller] (.Lyrics.) -- C:\Program Files (x86)\LyricsSay-1\LyricsSay-1-chromeinstaller.exe [484864] =>Adware.AddLyrics
      [MD5.481A4D54F8EBD1703C2D5A014A7C7973] [APT] [LyricsSay-1-codedownloader] (.Lyrics.) -- C:\Program Files (x86)\LyricsSay-1\LyricsSay-1-codedownloader.exe [487424] =>Adware.AddLyrics
      [MD5.7936A4812E09EFC385DD2A2B73230685] [APT] [LyricsSay-1-enabler] (.Lyrics.) -- C:\Program Files (x86)\LyricsSay-1\LyricsSay-1-enabler.exe [343552] =>Adware.AddLyrics
      [MD5.4BF0E1879D0544D182722AAB76D441E9] [APT] [LyricsSay-1-firefoxinstaller] (.Lyrics.) -- C:\Program Files (x86)\LyricsSay-1\LyricsSay-1-firefoxinstaller.exe [722944] =>Adware.AddLyrics
      [MD5.658E14CF34A75C4523D86DF124DC64B5] [APT] [LyricsSay-1-updater] (.Lyrics.) -- C:\Program Files (x86)\LyricsSay-1\LyricsSay-1-updater.exe [363520] =>Adware.AddLyrics
      [MD5.00000000000000000000000000000000] [APT] [{32EED65C-4C17-4F8E-B778-CEE74A029B5E}] (...) -- C:\Program Files (x86)\INCRED~2\UNWISE.exe (.not file.) [0]
      [MD5.00000000000000000000000000000000] [APT] [{697F19FA-5284-4E2A-80AD-6A08D7E07FE2}] (...) -- C:\Windows\Kiriasse\Uninstal.exe (.not file.) [0]
      [MD5.00000000000000000000000000000000] [APT] [{6C1A72E7-DB6B-4C47-8BA2-26C420F70A5A}] (...) -- C:\Users\carladous.max@orange\gps\Setup_TwoNavPocket_2.1.2.exe (.not file.) [0]
      ~ Scheduled Task: 88 Legitimates Filtered in 00mn 01s



      ---\\ Logiciels installés (O42)
      O42 - Logiciel: GPS TrackMaker - (.Geo Studio Technology Ltd.) [HKLM][64Bits] -- {4AA1480E-2789-47F2-8963-C5AAB60C563E}
      O42 - Logiciel: IncrediMail - (.IncrediMail.) [HKLM][64Bits] -- {2CF22C94-1369-4C04-9A5F-A4BC6D91B508}
      O42 - Logiciel: IncrediMail 2.0 - (.IncrediMail Ltd..) [HKLM][64Bits] -- IncrediMail
      O42 - Logiciel: LyricsSay-1 - (.Lyrics.) [HKLM][64Bits] -- LyricsSay-1 =>Adware.AddLyrics
      O42 - Logiciel: MPEG2 Codec(libmpeg2/mad) - (...) [HKLM][64Bits] -- MPEG2 Codec(libmpeg2/mad)
      O42 - Logiciel: Super LoiLoScope WebShortcut - (.LoiLo.) [HKLM][64Bits] -- {AC589470-884E-4E15-96D8-437780F8185D}
      O42 - Logiciel: UpdateBest-Softs 1.3 - (.Best-Softs.) [HKLM][64Bits] -- UpdateBest-Softs_is1
      ~ Logic: 151 Legitimates Filtered in 00mn 00s



      ---\\ HKCU & HKLM Software Keys
      [HKCU\Software\Best-Softs]
      [HKCU\Software\Error Handlers]
      [HKCU\Software\Filters]
      [HKCU\Software\IncrediMail]
      [HKCU\Software\InstalledThirdPartyPrograms]
      [HKCU\Software\KeepVid]
      [HKCU\Software\yahooinstall] =>Toolbar.Yahoo
      [HKCU\Software\fAfvfSfP [fVf#f" fEfBfU [fh'Å ¶ ¬'³'ê'½f [fJf< fAfvfSfP [fVf#f"]
      [HKLM\Software\InstalledThirdPartyPrograms]
      [HKLM\Software\Wow6432Node\Best-Softs]
      [HKLM\Software\Wow6432Node\WiseConvert_1.5] =>Toolbar.Conduit
      ~ Key Software: 281 Legitimates Filtered in 00mn 00s



      ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
      O43 - CFD: 13/09/2013 - 11:23:15 - [0] ----D C:\Program Files (x86)\IminentToolbar =>Adware.IMBooster
      O43 - CFD: 15/02/2013 - 19:34:24 - [25,082] ----D C:\Program Files (x86)\IncrediMail
      O43 - CFD: 13/09/2013 - 11:16:47 - [8,349] ----D C:\Program Files (x86)\LyricsSay-1 =>Adware.AddLyrics
      O43 - CFD: 09/09/2010 - 15:51:05 - [0,139] ----D C:\Program Files (x86)\MSNFix
      O43 - CFD: 27/04/2010 - 10:36:14 - [7,741] ----D C:\Program Files (x86)\TrackMaker
      O43 - CFD: 14/12/2012 - 11:43:23 - [0] ----D C:\Program Files (x86)\WiseConvert_1.5 =>Toolbar.Conduit
      O43 - CFD: 09/12/2010 - 14:56:16 - [0,000] ----D C:\ProgramData\IM
      O43 - CFD: 09/12/2010 - 14:52:19 - [6,530] ----D C:\ProgramData\IncrediMail
      O43 - CFD: 05/05/2010 - 06:07:12 - [2,039] ----D C:\Users\carladous.max@orange\AppData\Roaming\Best-Softs
      O43 - CFD: 12/05/2010 - 15:37:31 - [0] ----D C:\Users\carladous.max@orange\AppData\Local\ICS
      O43 - CFD: 14/12/2010 - 17:14:25 - [399,453] ----D C:\Users\carladous.max@orange\AppData\Local\IM
      O43 - CFD: 09/12/2010 - 15:55:37 - [0,001] ----D C:\Users\carladous.max@orange\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\christmas_wallpaper1
      O43 - CFD: 16/01/2012 - 09:04:33 - [0] ----D C:\Users\carladous.max@orange\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GOM Video Converter
      O43 - CFD: 27/04/2010 - 10:36:17 - [0,003] ----D C:\Users\carladous.max@orange\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GPS TrackMaker
      ~ Program Folder: 257 Legitimates Filtered in 00mn 02s



      ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
      O44 - LFC:[MD5.ECFB4023046201000BFBA37D9364C82E] - 15/09/2013 - 06:56:06 ---A- . (...) -- C:\Ad-Report-CLEAN[23].txt [4183]
      ~ Files: 63 Legitimates Filtered in 00mn 01s



      ---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
      O45 - LFCP:[MD5.46B8262494DFB7201CE7CDCD92DFAB32] - 15/09/2013 - 04:15:10 ---A- - C:\Windows\Prefetch\LYRICSSAY-1-FIREFOXINSTALLER.-76099BCC.pf =>Adware.AddLyrics
      O45 - LFCP:[MD5.5B4D5F03D5AB1FD08D9EC7F812CCCCFE] - 15/09/2013 - 04:16:00 ---A- - C:\Windows\Prefetch\LYRICSSAY-1-CODEDOWNLOADER.EX-27881B71.pf =>Adware.AddLyrics
      O45 - LFCP:[MD5.0F0360CCF3390364E2C581BFC57018DF] - 15/09/2013 - 04:16:00 ---A- - C:\Windows\Prefetch\LYRICSSAY-1-ENABLER.EXE-D5FEC2FC.pf =>Adware.AddLyrics
      O45 - LFCP:[MD5.5C3B8BFFCEBBA716AC9D685D634449AA] - 15/09/2013 - 07:01:41 ---A- - C:\Windows\Prefetch\INCMAIL.EXE-DC2B876B.pf
      O45 - LFCP:[MD5.16C3CB74C09F307837D326CF5D59119B] - 15/09/2013 - 07:01:46 ---A- - C:\Windows\Prefetch\IMAPP.EXE-7F79DBD5.pf
      O45 - LFCP:[MD5.556B7A100447DF3E9E167E580FD8FAD7] - 15/09/2013 - 07:01:49 ---A- - C:\Windows\Prefetch\IMLPP.EXE-0A75031C.pf
      O45 - LFCP:[MD5.52707D4B78642C039E57A739E6B5C63C] - 15/09/2013 - 07:16:11 ---A- - C:\Windows\Prefetch\WINDOWSPHOTOGALLERY.EXE-11A60553.pf
      O45 - LFCP:[MD5.2B45ADB62C2DFE12364DB484D084EB78] - 15/09/2013 - 07:21:32 ---A- - C:\Windows\Prefetch\IMNOTFY.EXE-36EF4378.pf
      O45 - LFCP:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 29/11/2659 - 07:51:09 - C:\Windows\Prefetch\ReadyBoot
      ~ Prefetcher: 116 Legitimates Filtered in 00mn 00s



      ---\\ Export de clé d'application autorisée (O47)
      O47 - AAKE:Key Export SP - "C:\PROGRA~2\Kizoa\kizoastarter.exe" [Enabled] .(.Pas de propriétaire.) -- C:\Program Files (x86)\Kizoa\kizoastarter.exe
      O47 - AAKE:Key Export SP - "C:\PROGRA~2\Kizoa\kizoplayer.exe" [Enabled] .(.Pas de propriétaire.) -- C:\Program Files (x86)\Kizoa\kizoplayer.exe
      O47 - AAKE:Key Export SP - "C:\PROGRA~2\Kizoa\tools\ffmpeg.exe" [Enabled] .(...) -- C:\Program Files (x86)\Kizoa\tools\ffmpeg.exe (.not file.)
      ~ Keys Export: 4 Legitimates Filtered in 00mn 00s



      ---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
      O51 - MPSK:{4b9cabbe-9f98-11df-b65b-002421ad7963}\AutoRun\command. (...) -- G:\pccompanion\Startme.exe (.not file.)
      ~ Keys: Scanned in 00mn 00s



      ---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
      O53 - SMSR:HKLM\...\startupreg\PowerArchiver Tray [Key] . (.ConeXware, Inc. - PowerArchiver Starter.) -- C:\Program Files (x86)\PowerArchiver\PASTARTER.exe
      ~ SMSR Keys: 14 Legitimates Filtered in 00mn 00s



      ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
      O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
      O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
      O55 - MWPS:[HKLM\...\Policies\System] - "HideFastUserSwitching"=1
      O55 - MWPS:[HKCU\...\Policies\System] - "DisableLockWorkstation"=1
      O55 - MWPS:[HKCU\...\Policies\System] - "DisableChangePassword"=1
      ~ MWPS: 19 Legitimates Filtered in 00mn 00s



      ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
      O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLogoff"=1
      O56 - MWPE:[HKCU\...\policies\Explorer] - "NoClose"=1
      ~ MWPE Keys: 8 Legitimates Filtered in 00mn 00s



      ---\\ Liste des pilotes du système (SDL) (O58)
      O58 - SDL:[MD5.40014A6251A68D1EC48001B1653CCEE0] - 21/01/2008 - 03:47:30 . (...) -- C:\Windows\System32\Drivers\bdasup.sys [15616]
      ~ Drivers: 19 Legitimates Filtered in 00mn 00s



      ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
      O61 - LFC: 12/09/2013 - 12:43:07 ---A- . (...) -- C:\Users\carladous.max@orange\Downloads\pci_filerecovery.exe [3462033]
      O61 - LFC: 12/09/2013 - 12:44:12 ---A- . (.Rene.e Laboratory.) -- C:\Users\carladous.max@orange\Downloads\ReneeUndeleter_2013.exe [6819392]
      O61 - LFC: 12/09/2013 - 13:29:59 ---A- . (.Asoftech Photo Recovery.) -- C:\Users\carladous.max@orange\Downloads\apr.exe [4311560]
      O61 - LFC: 13/09/2013 - 10:11:46 ---A- . (. Firseria.) -- C:\Users\carladous.max@orange\Downloads\Microsoft%20SkyDrive.exe [233272]
      O61 - LFC: 13/09/2013 - 15:18:31 ---A- . (...) -- C:\Users\carladous.max@orange\Downloads\hommage à camille.mp4.b2942rc.partial [14525513]
      O61 - LFC: 13/09/2013 - 15:37:12 ---A- . (...) -- C:\Users\carladous.max@orange\Downloads\hommage à camille (1).mp4 [237271318]
      O61 - LFC: 15/09/2013 - 06:43:39 ---A- . (...) -- C:\Users\carladous.max@orange\AppData\Local\Google\Chrome\User Data\Local State [41981]
      O61 - LFC: 15/09/2013 - 06:43:40 ---A- . (...) -- C:\Users\carladous.max@orange\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt [4]
      O61 - LFC: 15/09/2013 - 07:01:39 ---A- . (...) -- C:\Users\carladous.max@orange\AppData\Local\IM\content.xml [45885]
      ~ 1055 Fichiers temporaires (Temporary files)
      ~ Files: 1083 Legitimates Filtered in 00mn 09s



      ---\\ Liste des outils de désinfection (LATC) (O63)
      O63 - Logiciel: Ad-Remover By C_XX - (.C_XX.) [HKLM] -- Ad-Remover
      O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
      O63 - Logiciel: RSIT - (.random/random.)
      ~ ADS: Scanned in 00mn 00s



      ---\\ Associations Shell Spawning (O67)
      O67 - Shell Spawning: <.html> <OperaStable>[HKLM\..\open\Command] (.Not Key.)
      O67 - Shell Spawning: <.exe> <exefile>[HKCU\..\open\Command] (.Not Key.)
      O67 - Shell Spawning: <.html> <OperaStable>[HKCU\..\open\Command] (...) -- C:\Program Files (x86)\Opera\Launcher.exe
      O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
      O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
      O67 - Shell Spawning: <.html> <OperaStable>[HKCR\..\open\Command] (...) -- C:\Program Files (x86)\Opera\Launcher.exe
      ~ FASS Keys: 22 Legitimates Filtered in 00mn 00s



      ---\\ Menu de démarrage Internet (SMI) (O68)
      O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
      ~ Keys: Scanned in 00mn 00s



      ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
      O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - http://search.live.com
      O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
      ~ Keys: Scanned in 00mn 00s



      ---\\ Recherche particulière à la racine du système (SPRF) (O84)
      [MD5.C441C310511CDFD000562EDE6EE7AAEA] [SPRF][15/09/2013] (...) -- C:\ProgramData\nvModes.dat [268542]
      [MD5.55FA5CED6B47A3AD7596F9EEB3DFC198] [SPRF][09/09/2010] (...) -- C:\Users\carladous.max@orange\AppData\Local\d3d9caps64.dat [732]
      [MD5.E152C2E083BB18DF3770DE4040E3F391] [SPRF][09/09/2010] (...) -- C:\Users\carladous.max@orange\AppData\Roaming\SetValue.bat [35]
      ~ Files: 4 Legitimates Filtered in 00mn 00s



      ---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
      O87 - FAEL: "TCP Query User{B4D15047-4C13-4B54-8AE4-55BC158A1ACE}C:\windows\lmiba52.tmp\lmi_rescue.exe" |In - Private - P6 - TRUE | .(...) -- C:\windows\lmiba52.tmp\lmi_rescue.exe (.not file.)
      O87 - FAEL: "UDP Query User{291C1AB5-BC85-4B2C-91DD-06610CF4BC3F}C:\windows\lmiba52.tmp\lmi_rescue.exe" |In - Private - P17 - TRUE | .(...) -- C:\windows\lmiba52.tmp\lmi_rescue.exe (.not file.)
      O87 - FAEL: "{D847D9F1-8F11-4A5B-B042-69E04FBBD205}" | In - Private - P6 - FALSE | .(.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
      O87 - FAEL: "{147EABFA-C645-45C4-BC4A-0648112AD30C}" | In - Private - P17 - FALSE | .(.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
      O87 - FAEL: "{FF73DE77-98F7-429A-B80E-F6FE43A9EF4B}" | In - Private - P6 - FALSE | .(.IncrediMail, Ltd. - IncrediMail Tray Application.) -- C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
      O87 - FAEL: "{2EEF46F9-720F-494C-90BC-5E5C5B1496F8}" | In - Private - P17 - FALSE | .(.IncrediMail, Ltd. - IncrediMail Tray Application.) -- C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
      O87 - FAEL: "{00E34BA1-051E-4F9C-B63E-EE3EA37F82D2}" | In - Private - P6 - FALSE | .(.IncrediMail, Ltd. - IncrediMail Content Importer.) -- C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
      O87 - FAEL: "{6641E62A-79C8-4385-97B5-37724464DD0E}" | In - Private - P17 - FALSE | .(.IncrediMail, Ltd. - IncrediMail Content Importer.) -- C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
      O87 - FAEL: "{49EDC58A-975D-4C36-B624-EA6B053624A8}" | In - Private - P6 - FALSE | .(.IncrediMail, Ltd. - IncrediMail Content Importer.) -- C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
      O87 - FAEL: "{102556C8-489B-44DD-98A9-4A4300ECCC16}" | In - Private - P6 - FALSE | .(.IncrediMail, Ltd. - IncrediMail Content Importer.) -- C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
      O87 - FAEL: "{41FB8225-EC8A-4044-B26E-1211743716F6}" | In - Private - P6 - FALSE | .(.IncrediMail, Ltd. - IncrediMail Content Importer.) -- C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
      O87 - FAEL: "{72BE3CF5-DD63-4944-8F7E-2274AD2C3B6F}" | In - Private - P17 - FALSE | .(.IncrediMail, Ltd. - IncrediMail Content Importer.) -- C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
      O87 - FAEL: "{02749E85-FCFD-4AF8-92E9-3CD95CCEADA5}" | In - Private - P17 - FALSE | .(.IncrediMail, Ltd. - IncrediMail Content Importer.) -- C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
      O87 - FAEL: "{983B4281-FBF7-4F25-9CBF-0F442EC03BEF}" | In - Private - P17 - FALSE | .(.IncrediMail, Ltd. - IncrediMail Content Importer.) -- C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
      O87 - FAEL: "{99F8CAC7-C69C-43E5-893B-D8F84911CBD3}" | In - Private - P17 - FALSE | .(.IncrediMail, Ltd. - IncrediMail Content Importer.) -- C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
      ~ Firewall: 225 Legitimates Filtered in 00mn 00s



      ---\\ Enumère les codes produits des logiciels (PUC) (O90)
      O90 - PUC: "074985CAE48851E4698D3477088F81D5" . (.Super LoiLoScope WebShortcut.) -- C:\Windows\Installer\{AC589470-884E-4E15-96D8-437780F8185D}\_6FEFF9B68218417F98F549.exe
      O90 - PUC: "49C22FC2963140C4A9F54ACBD6195B80" . (.IncrediMail.) -- C:\Windows\Installer\{2CF22C94-1369-4C04-9A5F-A4BC6D91B508}\ARPPRODUCTICON.exe
      ~ Update Products: 72 Legitimates Filtered in 00mn 00s



      ---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
      [MD5.4729F44A902F98DB253697C0B7B1ED73] [WIS][17/02/2011] (.LG PC Suite - Blank Project Template.) -- C:\Windows\Installer\1f334f3.msi [196096]
      [MD5.E3E9AA702E91264BAC37F279622C27E7] [WIS][15/02/2013] (.IncrediMail - IncrediMail.) -- C:\Windows\Installer\2bc8e86.msi [2683904]
      [MD5.98A21E7CDE9A4F90E8FE11D741248518] [WIS][24/07/2013] (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Windows\Installer\44b18.msi [24064] =>Toolbar.Google
      [MD5.E0452A80CA2048D448BA7816CC845BBA] [WIS][07/12/2009] (.eSupportQFolder - eSupportQFolder.) -- C:\Windows\Installer\73b51.msi [121344]
      [MD5.1309CC665B5DF2556F24644316592FD3] [WIS][23/06/2010] (.ConeXware, Inc. - PowerArchiver 2010 French.) -- C:\Windows\Installer\bab5dd.msi [389120]
      ~ WIS: 75 Legitimates Filtered in 00mn 00s



      ---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
      SR - | Auto 18/03/2010 113152 | (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
      SS - | Demand 13/09/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
      SR - | Auto 21/12/2012 57008 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
      SR - | Auto 21/01/2008 27648 | C:\Windows\System32\ezsvc7.dll (ezSharedSvc) . (.EasyBits Sofware AS.) - C:\Windows\System32\svchost.exe
      SS - | Disabled 09/12/2008 242424 | (GameConsoleService) . (.WildTangent, Inc..) - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
      SS - | Auto 26/05/2010 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      SS - | Demand 26/05/2010 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      SS - | Auto 24/07/2013 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
      SR - | Auto 04/12/2008 94208 | (HP Health Check Service) . (.Hewlett-Packard.) - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
      SS - | Demand 21/01/2008 27648 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
      SS - | Demand 04/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
      SR - | Demand 31/05/2013 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
      SS - | Disabled 17/03/2009 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
      SS - | Demand 17/08/2013 117656 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
      SR - | Auto 21/01/2008 27648 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
      SR - | Auto 01/05/2009 381984 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
      SS - | Auto 29/08/2013 1073160 | (Orange update Core Service) . (.Orange SA.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
      SS - | Demand 02/02/2009 23536 | (PCDSRVC{F36B3A4C-F95654BD-06000000}_0) . (.PC-Doctor, Inc..) - c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms
      SR - | Auto 21/01/2008 27648 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
      SS - | Disabled 29/01/2008 394704 | (Symantec RemoteAssist) . (.Symantec, Inc..) - C:\Program Files (x86)\Common Files\Symantec Shared\Support Controls\ssrc.exe
      SS - | Auto 10/07/1658 0 | (Update BrowseFox) . (...) - C:\Program Files (x86)\BrowseFox\updateBrowseFox.exe =>Adware.BrowseFox
      SS - | Auto 10/07/1658 0 | (vToolbarUpdater15.5.0) . (...) - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe =>Toolbar.AVGSearch
      SR - | Auto 21/01/2008 27648 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
      SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
      SR - | Auto 21/01/2008 27648 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
      ~ Services: Scanned in 00mn 01s



      ---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
      Run by carladous.max@orange at 15/09/2013 08:37:41
      ~ OS 64 not supported by MBR tool
      ~ MBR: 0 Legitimates Filtered in 00mn 00s



      ---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
      Written by ad13, http://ad13.geekstog
      Run by carladous.max@orange at 15/09/2013 08:37:43

      ********* Dump file Name *********
      C:\PhysicalDisk0_MBR.bin
      ~ MBR: Scanned in 00mn 02s



      ---\\ Scan Additionnel (O88)
      Database Version : 12917 - (14/09/2013)
      Clés trouvées (Keys found) : 18
      Valeurs trouvées (Values found) : 1
      Dossiers trouvés (Folders found) : 4
      Fichiers trouvés (Files found) : 19

      [HKLM\Software\Google\Chrome\Extensions\pbjcbkbcncfkoljakenekllbfdonhjef] =>Adware.AddLyrics^
      [HKLM\SYSTEM\CurrentControlSet\Services\Update BrowseFox] =>Adware.BrowseFox^
      [HKLM\SYSTEM\CurrentControlSet\Services\vToolbarUpdater15.5.0] =>Toolbar.AVGSearch^
      [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\LyricsSay-1] =>Adware.AddLyrics^
      [HKLM\Software\Wow6432Node\WiseConvert_1.5] =>Toolbar.Conduit
      [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>Toolbar.Tarma
      [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>Toolbar.Tarma
      [HKLM\Software\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}] =>Toolbar.Babylon
      [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4AEF748E79236FE469A405B26E2B5A04] =>Adware.IMBooster
      [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D92398073AB35641B056738A78E8772] =>Adware.IMBooster
      [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\824013852C6ECBB4BAC41F54837AA901] =>Adware.IMBooster
      [HKLM\Software\Classes\IncrediSpooler.DeltaSync] =>Toolbar.DeltaSearch
      [HKLM\Software\Classes\IncrediSpooler.DeltaSync.1] =>Toolbar.DeltaSearch
      [HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220422152252}] =>PUP.CrossRider
      [HKLM\Software\Wow6432Node\Classes\IncrediSpooler.DeltaSync] =>Toolbar.DeltaSearch
      [HKLM\Software\Wow6432Node\Classes\IncrediSpooler.DeltaSync.1] =>Toolbar.DeltaSearch
      [HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220322712280}] =>PUP.CrossRider
      [HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220422152252}] =>PUP.CrossRider
      [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
      C:\Users\carladous.max@orange\AppData\Roaming\Mozilla\Firefox\Profiles\hxt27szr.default\***@*** =>Adware.AddLyrics^
      C:\Program Files (x86)\IminentToolbar =>Adware.IMBooster^
      C:\Program Files (x86)\LyricsSay-1 =>Adware.AddLyrics^
      C:\Program Files (x86)\WiseConvert_1.5 =>Toolbar.Conduit^
      C:\Users\carladous.max@orange\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjcbkbcncfkoljakenekllbfdonhjef =>Adware.AddLyrics^
      C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll =>Toolbar.Google^
      C:\Windows\Tasks\LyricsSay-1-chromeinstaller.job =>Adware.AddLyrics^
      C:\Windows\Tasks\LyricsSay-1-codedownloader.job =>Adware.AddLyrics^
      C:\Windows\Tasks\LyricsSay-1-enabler.job =>Adware.AddLyrics^
      C:\Windows\Tasks\LyricsSay-1-firefoxinstaller.job =>Adware.AddLyrics^
      C:\Windows\Tasks\LyricsSay-1-updater.job =>Adware.AddLyrics^
      C:\Program Files (x86)\LyricsSay-1\LyricsSay-1-chromeinstaller.exe =>Adware.AddLyrics^
      C:\Program Files (x86)\LyricsSay-1\LyricsSay-1-codedownloader.exe =>Adware.AddLyrics^
      C:\Program Files (x86)\LyricsSay-1\LyricsSay-1-enabler.exe =>Adware.AddLyrics^
      C:\Program Files (x86)\LyricsSay-1\LyricsSay-1-firefoxinstaller.exe =>Adware.AddLyrics^
      C:\Program Files (x86)\LyricsSay-1\LyricsSay-1-updater.exe =>Adware.AddLyrics^
      [HKCU\Software\yahooinstall] =>Toolbar.Yahoo^
      C:\Windows\Prefetch\LYRICSSAY-1-FIREFOXINSTALLER.-76099BCC.pf =>Adware.AddLyrics^
      C:\Windows\Prefetch\LYRICSSAY-1-CODEDOWNLOADER.EX-27881B71.pf =>Adware.AddLyrics^
      C:\Windows\Prefetch\LYRICSSAY-1-ENABLER.EXE-D5FEC2FC.pf =>Adware.AddLyrics^
      C:\Windows\Installer\44b18.msi =>Toolbar.Google^
      C:\Program Files (x86)\BrowseFox\updateBrowseFox.exe =>Adware.BrowseFox^
      C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe =>Toolbar.AVGSearch^
      ~ Additionnel Scan: 331679 Items scanned in 00mn 24s



      ---\\ Récapitulatif des détections trouvées sur votre station
      ~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
      ~ http://nicolascoolman.webs.com/apps/blog/show/26601058-adware-addlyrics =>Adware.AddLyrics
      ~ http://nicolascoolman.webs.com/apps/blog/show/32384220-toolbar-google =>Toolbar.Google
      ~ http://nicolascoolman.webs.com/apps/blog/show/32363262-adware-browsefox =>Adware.BrowseFox
      ~ http://nicolascoolman.webs.com/apps/blog/show/30268689-toolbar-yahoo =>Toolbar.Yahoo
      ~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
      ~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>Toolbar.Tarma
      ~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>Toolbar.Babylon
      ~ http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch
      ~ http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider =>PUP.CrossRider
      ~ MSI: 10 link(s) detected in 00mn 24s



      ~ 2582 Legitimates filtered by white list
      End of the scan (648 lines in 01mn 44s)(0)
      0
  2. billmaxime Messages postés 50523 Date d'inscription   Statut Contributeur Dernière intervention   6 150
     
    salut

    pour en savoir plus sur ton problème, fais ceci s'il te plaît

    télécharge zhpdiag sur ton bureau (outil de diagnostic)

    le lien https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/

    le tuto http://www.security-helpzone.com/forum/Thread-ZHPDiag-Generer-un-rapport

    utilisateurs vista-w7-w8 exécuter en tant qu'administrateur (clic droit)

    clique sur configurer et dans la page qui s'ouvre, clique sur la loupe avec le +

    le rapport s'affichera sur ton bureau et dans C:\zhpdiag.txt

    poste le rapport via ce lien https://www.cjoint.com/

    @+

    0
  3. unmaxdemontagne
     
    Je ne trouve pas l'endroit où mettre l'utilisateur dans le 2ème lien w7 etc......
    0
  4. billmaxime Messages postés 50523 Date d'inscription   Statut Contributeur Dernière intervention   6 150
     
    re

    c'est bon, j'ai le rapport complet

    fais ceci s'il te plaît

    télécharge adwcleaner sur ton bureau (clique sur la flèche verte)

    le lien http://general-changelog-team.fr/fr/downloads/viewdownload/20-outils-de-xplode/2-adwcleaner

    utlisateurs vista-w7-w8 exécuter en tant qu'administrateur (clic droit)

    clique sur Scanner puis patiente le temps du scan

    une fois le scan terminé clique sur le bouton Nettoyer

    clique sur rapport pour qu'il s'affiche sur ton bureau

    le rapport est aussi sauvegarder dans C:\AdwCleaner[S0].txt

    poste le rapport via 1 copier/coller

    @+

    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Utilisateur anonyme
     
    bonjour,

    il est inutile de créer de doublon, je transfère tes rapports ici :

    Voici le lien du rapport ZHPDiag
    https://www.cjoint.com/?CIpjlgoT7Rq

    pour répondre à ce sujet, il suffit de cliquer sur le bouton bleu "répondre au sujet" !

    bonne continuation :-)

    0
    1. billmaxime Messages postés 50523 Date d'inscription   Statut Contributeur Dernière intervention   6 150
       
      salut Elec,

      merci et bonne journée

      @+
      0
    2. Utilisateur anonyme
       
      ;-)
      0
  7. unmaxdemontagne
     
    # AdwCleaner v3.004 - Rapport créé le 15/09/2013 à 09:19:55
    # Mis à jour le 15/09/2013 par Xplode
    # Système d'exploitation : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)
    # Nom d'utilisateur : carladous.max@orange - PC-DE-MAX
    # Exécuté depuis : C:\Users\carladous.max@orange\Downloads\adwcleaner (1).exe
    # Option : Nettoyer

    ***** [ Services ] *****

    [#] Service Supprimé : Update BrowseFox

    ***** [ Fichiers / Dossiers ] *****

    [!] Dossier Supprimé : C:\Program Files (x86)\IminentToolbar
    [!] Dossier Supprimé : C:\Users\carladous.max@orange\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bubble Dock

    ***** [ Raccourcis ] *****

    ***** [ Registre ] *****

    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

    ***** [ Navigateurs ] *****

    -\\ Internet Explorer v9.0.8112.16506

    -\\ Mozilla Firefox v23.0.1 (fr)

    [ Fichier : C:\Users\carladous.max@orange\AppData\Roaming\Mozilla\Firefox\Profiles\hxt27szr.default\prefs.js ]

    [ Fichier : C:\Users\carladous.max@orange\AppData\Roaming\Mozilla\Firefox\Profiles\sq8szelx.default\prefs.js ]

    -\\ Google Chrome v29.0.1547.66

    [ Fichier : C:\Users\carladous.max@orange\AppData\Local\Google\Chrome\User Data\Default\preferences ]

    Supprimée : search_url
    Supprimée : suggest_url
    Supprimée : keyword

    *************************

    AdwCleaner[R0].txt - [24121 octets] - [01/09/2013 07:15:33]
    AdwCleaner[R1].txt - [1250 octets] - [01/09/2013 07:24:44]
    AdwCleaner[R2].txt - [1431 octets] - [13/09/2013 05:40:21]
    AdwCleaner[R3].txt - [5059 octets] - [13/09/2013 11:58:21]
    AdwCleaner[R4].txt - [1930 octets] - [15/09/2013 09:19:22]
    AdwCleaner[S0].txt - [23358 octets] - [01/09/2013 07:16:21]
    AdwCleaner[S1].txt - [1311 octets] - [01/09/2013 07:25:17]
    AdwCleaner[S2].txt - [4989 octets] - [13/09/2013 11:58:53]
    AdwCleaner[S3].txt - [1877 octets] - [15/09/2013 09:19:55]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1937 octets] ##########
    0
  8. billmaxime Messages postés 50523 Date d'inscription   Statut Contributeur Dernière intervention   6 150
     
    re

    relance adwcleaner et choisis désinstaller

    ensuite fais ceci

    http://www.security-helpzone.com/gen-hackman/tutos-canneds/junkware-removal-tool/

    poste le rapport via 1 copier/coller

    @+
    0
  9. unmaxdemontagne
     
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.0.1 (09.15.2013:1)
    OS: Windows (TM) Vista Home Premium x64
    Ran by carladous.max@orange on 15/09/2013 at 9:38:17,61
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    ~~~ Services

    ~~~ Registry Values

    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-791831690-1571322809-2409202431-1000\Software\IB Updater
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-791831690-1571322809-2409202431-1000\Software\Wajam
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322712280}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220422152252}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550355715580}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550455155552}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366716680}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660466156652}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440344714480}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440444154452}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220322712280}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220422152252}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550355715580}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550455155552}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660366716680}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660466156652}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440344714480}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440444154452}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550355715580}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550455155552}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366716680}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660466156652}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440344714480}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440444154452}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550355715580}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550455155552}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660366716680}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660466156652}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440344714480}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440444154452}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0D66C07F-C3B8-4341-B9AB-EF84AE59D476}

    ~~~ Files

    Successfully deleted: [File] C:\Windows\Tasks\LyricsSay-1-chromeinstaller.job
    Successfully deleted: [File] C:\Windows\Tasks\LyricsSay-1-codedownloader.job
    Successfully deleted: [File] C:\Windows\Tasks\LyricsSay-1-enabler.job
    Successfully deleted: [File] C:\Windows\Tasks\LyricsSay-1-firefoxinstaller.job
    Successfully deleted: [File] C:\Windows\Tasks\LyricsSay-1-updater.job
    Successfully deleted: [File] "C:\Users\carladous.max@orange\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\speedupmypc.lnk"

    ~~~ Folders

    Successfully deleted: [Folder] "C:\Program Files (x86)\lyricssay-1"
    Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\uniblue"

    ~~~ FireFox

    Successfully deleted: [File] C:\user.js
    Successfully deleted the following from C:\Users\carladous.max@orange\AppData\Roaming\mozilla\firefox\profiles\hxt27szr.default\prefs.js

    user_pref("extensions.ad822269819e54827b79e0a077ea8eb7a7b662f6d389941e488646393447568dacom37180.37180.internaldb.cache/d5baae4ef839769f8eb7e9f9d82d8a40_FR.value", "%22var%20ca
    user_pref("extensions.iminent.admin", false);
    user_pref("extensions.iminent.aflt", "orgnl");
    user_pref("extensions.iminent.appId", "{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}");
    user_pref("extensions.iminent.autoRvrt", "false");
    user_pref("extensions.iminent.dfltLng", "");
    user_pref("extensions.iminent.excTlbr", false);
    user_pref("extensions.iminent.ffxUnstlRst", false);
    user_pref("extensions.iminent.id", "3c3bdb46000000000000002421ad7963");
    user_pref("extensions.iminent.instlDay", "15961");
    user_pref("extensions.iminent.instlRef", "");
    user_pref("extensions.iminent.newTab", false);
    user_pref("extensions.iminent.prdct", "iminent");
    user_pref("extensions.iminent.prtnrId", "iminent");
    user_pref("extensions.iminent.rvrt", "false");
    user_pref("extensions.iminent.smplGrp", "none");
    user_pref("extensions.iminent.tlbrId", "base");
    user_pref("extensions.iminent.tlbrSrchUrl", "hxxp://start.iminent.com/?ref=toolbarm#q=");
    user_pref("extensions.iminent.vrsn", "1.8.25.0");
    user_pref("extensions.iminent.vrsnTs", "1.8.25.011:17:23");
    user_pref("extensions.iminent.vrsni", "1.8.25.0");
    user_pref("iminent.LayoutId", "1");
    user_pref("iminent.version", "7.36.1.1");
    user_pref("iminent.versioning", "{\"CurrentVersion\":\"7.36.1.1\",\"InstallEventCTime\":1379064124702,\"InstallEvent\":\"True\"}");
    Emptied folder: C:\Users\carladous.max@orange\AppData\Roaming\mozilla\firefox\profiles\hxt27szr.default\minidumps [283 files]

    ~~~ Event Viewer Logs were cleared

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 15/09/2013 at 9:43:59,81
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    0
  10. billmaxime Messages postés 50523 Date d'inscription   Statut Contributeur Dernière intervention   6 150
     
    re

    ok, fais ceci s'il te plaît

    Télécharge roguekiller sur ton bureau

    prends le x64>>regarde l'image

    Le lien https://www.luanagames.com/index.fr.html

    Le tuto http://tigzyrk.blogspot.be/2012/10/fr-roguekiller-tutoriel-officiel.html

    Quitte tous tes programmes en cours

    Lance roguekiller (utilisateurs vista-w7-w8 exécuter en tant qu'administrateur- clic droit)

    Laisse faire le prescan

    Clique sur scan

    Le rapport s'affichera sur ton bureau et dans C: RKReport[#].txt

    Poste le rapport via 1 copier/coller

    @+

    0
  11. unmaxdemontagne
     
    RogueKiller V8.6.11 [Sep 11 2013] par Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Remontees : http://www.adlice.com/forum/
    Site Web : http://www.sur-la-toile.com/RogueKiller/
    Blog : http://tigzyrk.blogspot.com/

    Systeme d'exploitation : Windows Vista (6.0.6002 Service Pack 2) 64 bits version
    Demarrage : Mode normal
    Utilisateur : carladous.max@orange [Droits d'admin]
    Mode : Recherche -- Date : 09/15/2013 10:12:07
    | ARK || FAK || MBR |

    ¤¤¤ Processus malicieux : 2 ¤¤¤
    [SUSP PATH] BitGuard.exe -- C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [7] -> TUÉ [TermProc]
    [SUSP PATH] BitGuard.exe -- C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [7] -> TUÉ [TermProc]

    ¤¤¤ Entrees de registre : 10 ¤¤¤
    [PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (116.50.60.6:3128) -> TROUVÉ
    [HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> TROUVÉ
    [HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> TROUVÉ
    [HJ SECU] HKLM\[...]\Security Center : AntiVirusDisableNotify (0x00000000) -> TROUVÉ
    [HJ SECU] HKLM\[...]\Security Center : FirewallDisableNotify (0x00000000) -> TROUVÉ
    [HJ SECU] HKLM\[...]\Security Center : UpdatesDisableNotify (0x00000000) -> TROUVÉ
    [HJ SMENU] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> TROUVÉ
    [HJ SMENU] HKCU\[...]\Advanced : Start_ShowRun (0) -> TROUVÉ
    [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
    [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ

    ¤¤¤ Tâches planifiées : 5 ¤¤¤
    [V1][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv.job : C:\Windows\TEMP\{0E20BBD1-8E30-4EE3-AB0D-F3CC077B9AA5}.exe - --uninstall=1 [x] -> TROUVÉ
    [V1][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_HP_rmv.job : C:\Windows\TEMP\{30B0F3C4-270A-4B67-9652-073EB8C54189}.exe - --uninstall=1 [x] -> TROUVÉ
    [V2][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_HP_rmv : C:\Windows\TEMP\{30B0F3C4-270A-4B67-9652-073EB8C54189}.exe - --uninstall=1 [x] -> TROUVÉ
    [V2][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv : C:\Windows\TEMP\{0E20BBD1-8E30-4EE3-AB0D-F3CC077B9AA5}.exe - --uninstall=1 [x] -> TROUVÉ
    [V2][SUSP PATH] EPUpdater : C:\Users\CARLAD~1.MAX\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [7] -> TROUVÉ

    ¤¤¤ Entrées Startup : 0 ¤¤¤

    ¤¤¤ Navigateurs web : 0 ¤¤¤

    ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

    ¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤

    ¤¤¤ Ruches Externes: ¤¤¤

    ¤¤¤ Infection : ¤¤¤

    ¤¤¤ Fichier HOSTS: ¤¤¤
    --> %SystemRoot%\System32\drivers\etc\hosts

    127.0.0.1 localhost
    ::1 localhost

    ¤¤¤ MBR Verif: ¤¤¤

    +++++ PhysicalDrive0: WDC WD10EADS-65L5B1 ATA Device +++++
    --- User ---
    [MBR] 3b443bbf6665b4fdcceeb3ed87c698a5
    [BSP] cbe1a3892920c024e3e7b9efc684338e : MBR Code unknown
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 939743 Mo
    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1924594560 | Size: 14123 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    +++++ PhysicalDrive1: WDC WD10EADS-65L5B1 ATA Device +++++
    --- User ---
    [MBR] 8a4a3f84a9eda68451f8bdccda84c484
    [BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
    Partition table:
    0 - [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 8192 | Size: 7576 Mo
    User = LL1 ... OK!
    Error reading LL2 MBR!

    Termine : << RKreport[0]_S_09152013_101207.txt >>
    0
  12. billmaxime Messages postés 50523 Date d'inscription   Statut Contributeur Dernière intervention   6 150
     
    re

    relance roguekiller et clique sur suppression>>regarde l'image
    fais la même chose en cliquant sur proxy raz>> regarde l'image

    ps: vérifie que tout soit coché avant de supprimer

    poste les rapports via 1 copier/coller

    merci

    @+
    0
  13. unmaxdemontagne
     
    RogueKiller V8.6.11 [Sep 11 2013] par Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Remontees : http://www.adlice.com/forum/
    Site Web : http://www.sur-la-toile.com/RogueKiller/
    Blog : http://tigzyrk.blogspot.com/

    Systeme d'exploitation : Windows Vista (6.0.6002 Service Pack 2) 64 bits version
    Demarrage : Mode normal
    Utilisateur : carladous.max@orange [Droits d'admin]
    Mode : Suppression -- Date : 09/15/2013 10:53:32
    | ARK || FAK || MBR |

    ¤¤¤ Processus malicieux : 2 ¤¤¤
    [SUSP PATH] BitGuard.exe -- C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [7] -> TUÉ [TermProc]
    [SUSP PATH] BitGuard.exe -- C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [7] -> TUÉ [TermProc]

    ¤¤¤ Entrees de registre : 3 ¤¤¤
    [HJ SECU] HKLM\[...]\Security Center : AntiVirusDisableNotify () -> REMPLACÉ ()
    [HJ SECU] HKLM\[...]\Security Center : FirewallDisableNotify () -> REMPLACÉ ()
    [HJ SECU] HKLM\[...]\Security Center : UpdatesDisableNotify () -> REMPLACÉ ()

    ¤¤¤ Tâches planifiées : 0 ¤¤¤

    ¤¤¤ Entrées Startup : 0 ¤¤¤

    ¤¤¤ Navigateurs web : 0 ¤¤¤

    ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

    ¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤

    ¤¤¤ Ruches Externes: ¤¤¤

    ¤¤¤ Infection : ¤¤¤

    ¤¤¤ Fichier HOSTS: ¤¤¤
    --> %SystemRoot%\System32\drivers\etc\hosts

    127.0.0.1 localhost
    ::1 localhost

    ¤¤¤ MBR Verif: ¤¤¤

    +++++ PhysicalDrive0: WDC WD10EADS-65L5B1 ATA Device +++++
    --- User ---
    [MBR] 3b443bbf6665b4fdcceeb3ed87c698a5
    [BSP] cbe1a3892920c024e3e7b9efc684338e : MBR Code unknown
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 939743 Mo
    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1924594560 | Size: 14123 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    +++++ PhysicalDrive1: WDC WD10EADS-65L5B1 ATA Device +++++
    --- User ---
    [MBR] 8a4a3f84a9eda68451f8bdccda84c484
    [BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
    Partition table:
    0 - [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 8192 | Size: 7576 Mo
    User = LL1 ... OK!
    Error reading LL2 MBR!

    Termine : << RKreport[0]_D_09152013_105332.txt >>
    RKreport[0]_D_09152013_104901.txt;RKreport[0]_D_09152013_105119.txt;RKreport[0]_S_09152013_101207.txt
    RKreport[0]_S_09152013_104852.txt;RKreport[0]_S_09152013_105104.txt;RKreport[0]_S_09152013_105318.txt
    0
  14. billmaxime Messages postés 50523 Date d'inscription   Statut Contributeur Dernière intervention   6 150
     
    re

    il faut encore le rapport de proxy raz

    @+
    0
  15. unmaxdemontagne
     
    En tout cas, un grand merci pour ton aide et à +
    0
  16. billmaxime Messages postés 50523 Date d'inscription   Statut Contributeur Dernière intervention   6 150
     
    re

    de rien mais ce n'est pas fini^^

    poste le rapport de roguekiller apreès suppression avec proxy raz

    merci

    @+
    0
  17. unmaxdemontagne
     
    RogueKiller V8.6.11 _x64_ [Sep 11 2013] par Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Remontees : http://www.adlice.com/forum/
    Site Web : http://www.sur-la-toile.com/RogueKiller/
    Blog : http://tigzyrk.blogspot.com/

    Systeme d'exploitation : Windows Vista (6.0.6002 Service Pack 2) 64 bits version
    Demarrage : Mode normal
    Utilisateur : carladous.max@orange [Droits d'admin]
    Mode : Suppression -- Date : 09/15/2013 11:46:12
    | ARK || FAK || MBR |

    ¤¤¤ Processus malicieux : 2 ¤¤¤
    [SUSP PATH] BitGuard.exe -- C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [7] -> TUÉ [TermProc]
    [SUSP PATH] BitGuard.exe -- C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [7] -> TUÉ [TermProc]

    ¤¤¤ Entrees de registre : 3 ¤¤¤
    [HJ SECU] HKLM\[...]\Security Center : AntiVirusDisableNotify () -> REMPLACÉ ()
    [HJ SECU] HKLM\[...]\Security Center : FirewallDisableNotify () -> REMPLACÉ ()
    [HJ SECU] HKLM\[...]\Security Center : UpdatesDisableNotify () -> REMPLACÉ ()

    ¤¤¤ Tâches planifiées : 0 ¤¤¤

    ¤¤¤ Entrées Startup : 0 ¤¤¤

    ¤¤¤ Navigateurs web : 0 ¤¤¤

    ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

    ¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤

    ¤¤¤ Ruches Externes: ¤¤¤

    ¤¤¤ Infection : ¤¤¤

    ¤¤¤ Fichier HOSTS: ¤¤¤
    --> %SystemRoot%\System32\drivers\etc\hosts

    127.0.0.1 localhost
    ::1 localhost

    ¤¤¤ MBR Verif: ¤¤¤

    +++++ PhysicalDrive0: WDC WD10EADS-65L5B1 ATA Device +++++
    --- User ---
    [MBR] 3b443bbf6665b4fdcceeb3ed87c698a5
    [BSP] cbe1a3892920c024e3e7b9efc684338e : MBR Code unknown
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 939743 Mo
    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1924594560 | Size: 14123 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    +++++ PhysicalDrive1: WDC WD10EADS-65L5B1 ATA Device +++++
    --- User ---
    [MBR] 8a4a3f84a9eda68451f8bdccda84c484
    [BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
    Partition table:
    0 - [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 8192 | Size: 7576 Mo
    User = LL1 ... OK!
    Error reading LL2 MBR!

    Termine : << RKreport[0]_D_09152013_114612.txt >>
    RKreport[0]_D_09152013_114444.txt;RKreport[0]_S_09152013_114437.txt;RKreport[0]_S_09152013_114554.txt
    0
  18. billmaxime Messages postés 50523 Date d'inscription   Statut Contributeur Dernière intervention   6 150
     
    re

    tu as posté le rapport de suppression et j'ai demandé le rapport avec proxy raz

    (Mode : Suppression -- Date : 09/15/2013 11:46:12 )

    regarde l'image

    @+
    0
  19. unmax de mpntagne
     
    Est-ce que c'est ça que tu attends?

    RogueKiller V8.6.11 _x64_ [Sep 11 2013] par Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Remontees : http://www.adlice.com/forum/
    Site Web : http://www.sur-la-toile.com/RogueKiller/
    Blog : http://tigzyrk.blogspot.com/

    Systeme d'exploitation : Windows Vista (6.0.6002 Service Pack 2) 64 bits version
    Demarrage : Mode normal
    Utilisateur : carladous.max@orange [Droits d'admin]
    Mode : DNS RAZ -- Date : 09/15/2013 12:00:15
    | ARK || FAK || MBR |

    ¤¤¤ Processus malicieux : 2 ¤¤¤
    [SUSP PATH] BitGuard.exe -- C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [7] -> TUÉ [TermProc]
    [SUSP PATH] BitGuard.exe -- C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [7] -> TUÉ [TermProc]

    ¤¤¤ Entrees de registre : 0 ¤¤¤

    ¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤

    ¤¤¤ Ruches Externes: ¤¤¤

    ¤¤¤ Infection : ¤¤¤

    Termine : << RKreport[0]_DN_09152013_120015.txt >>
    RKreport[0]_D_09152013_120011.txt;RKreport[0]_S_09152013_120010.txt
    0
  20. billmaxime Messages postés 50523 Date d'inscription   Statut Contributeur Dernière intervention   6 150
     
    re

    non, ça c'est DNS RAZ et je demande que tu cliques sur PROXY RAZ

    Mode : DNS RAZ -- Date : 09/15/2013 12:00:15

    je te met l'image

    dis moi si tu trouves

    @+
    0
  21. unmaxdemontagne
     
    RogueKiller V8.6.11 _x64_ [Sep 11 2013] par Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Remontees : http://www.adlice.com/forum/
    Site Web : http://www.sur-la-toile.com/RogueKiller/
    Blog : http://tigzyrk.blogspot.com/

    Systeme d'exploitation : Windows Vista (6.0.6002 Service Pack 2) 64 bits version
    Demarrage : Mode normal
    Utilisateur : carladous.max@orange [Droits d'admin]
    Mode : Proxy RAZ -- Date : 09/15/2013 12:19:49
    | ARK || FAK || MBR |

    ¤¤¤ Processus malicieux : 2 ¤¤¤
    [SUSP PATH] BitGuard.exe -- C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [7] -> TUÉ [TermProc]
    [SUSP PATH] BitGuard.exe -- C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [7] -> TUÉ [TermProc]

    ¤¤¤ Entrees de registre : 0 ¤¤¤

    ¤¤¤ Navigateurs web : 0 ¤¤¤

    ¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤

    ¤¤¤ Ruches Externes: ¤¤¤

    ¤¤¤ Infection : ¤¤¤

    Termine : << RKreport[0]_PR_09152013_121949.txt >>
    RKreport[0]_D_09152013_121942.txt;RKreport[0]_S_09152013_121934.txt
    0
  • 1
  • 2