Aide pour corriger mon ordi

Bonjour,

bonjour voici mon rapport sur ZHPDiag.
Merci de votre aide.

~ Rapport de ZHPDiag v2013.10.11.30 - Nicolas Coolman (11/10/2013)
~ Lancé par BUREAU (11/10/2013 18:09:03)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16721
MFIE: Mozilla Firefox 24.0 (Defaut)
GCIE: Google Chrome v30.0.1599.69

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_COA_NSLP channel
Windows ID Activation : OK
~ Windows Partial Key : T4XMJ
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
avast! Free Antivirus v8.0.1497.0
Windows Defender W7

---\\ Logiciels d'optimisation du système
CCleaner v3.14 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer
Pando Media Booster v2.6.0.7

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 40

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4008 MB (49% free)
System Restore: Activé (Enable)
System drive C: has 26 GB (26%) free of 98 GB

---\\ Mode de connexion au système
~ Computer Name: BUREAU-PC
~ User Name: BUREAU
~ All Users Names: NeroMediaHomeUser.4, BUREAU, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\BUREAU\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\BUREAU\AppData\Roaming\
~ %Desktop% : C:\Users\BUREAU\Desktop\
~ %Favorites% : C:\Users\BUREAU\Favorites\
~ %LocalAppData% : C:\Users\BUREAU\AppData\Local\
~ %StartMenu% : C:\Users\BUREAU\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 26 Go of 98 Go)
D: CD-ROM drive (Not Inserted)
E: Hard drive, Flash drive, Thumb drive (Free 307 Go of 834 Go)
G: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 30 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.D28B35DE88D27EFB27DF4B1E8319E3C0] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/09/2013 - 23:55:10.) -- C:\Windows\System32\wininet.dll [2241024]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.314C17917AC8523EC77A710215012A65] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.14/09/2013 - 02:10:19.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/4
~ Mes musiques (My Musics) : 7/49
~ Mes Videos (My Videos) : 1/5
~ Mes Favoris (My Favorites) : 1/39
~ Mes Documents (My Documents) : 1/855
~ Mon Bureau (My Desktop) : 1/1458
~ Menu demarrer (Programs) : 1/47
~ Hidden Files: Scanned in 00mn 02s



---\\ Processus lancés
[MD5.36ECDDCCE9585FE8936DC5A90B0FE1C8] - (.Siber Systems - RoboForm TaskBar Icon.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe [109296] [PID.2688]
[MD5.24AEB20C4D857A431FE82AAC1A95C005] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\BUREAU\AppData\Roaming\uTorrent\uTorrent.exe [902736] [PID.2704] =>P2P.BitTorrent
[MD5.CFBBF2CF26F7E55EC11D4B1DB17A9F38] - (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248208] [PID.2068]
[MD5.BA29C7E7AFCBCBAF7290B02B683706D5] - (.Pas de propriétaire - sysTPL.) -- C:\Program Files (x86)\sysTPL\sysTPL.exe [503576] [PID.2192]
[MD5.CBC7D8E5416AD30CF16DC2FD4A6AA399] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968] [PID.2164]
[MD5.94171331B984EF16FDB0890AA995A4DE] - (.D-Link Corp. - D-Link WLAN Application.) -- C:\Program Files (x86)\D-Link\DWA-131 revA\wirelesscm.exe [505152] [PID.1620]
[MD5.48BE298F7FD1BEF4D8FBACB04D8D95C4] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576] [PID.2200]
[MD5.8FFDB89A0FB7C8ABC3A8825E38047341] - (.Logitech Inc. - Logitech Webcam Software.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136] [PID.508]
[MD5.F0EA603E7B91046CA48EA4B3593A007D] - (.Micro Application - Pas de description.) -- C:\Program Files (x86)\Micro Application\LauncherMA.exe [485376] [PID.1124]
[MD5.3CD9C60B23D870700F63AD4755364902] - (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2345296] [PID.2556]
[MD5.11E8D8272FDBE213ADE3DAD91427CE35] - (.OpenOffice.org - OpenOffice.org 3.3.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe [11322880] [PID.1016]
[MD5.E4C53CE8409DCFF708C790A0AC76398D] - (...) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe [264040] [PID.3028]
[MD5.2337EC951C4AF6E1AF65D10BD9615BEB] - (.OpenOffice.org - OpenOffice.org 3.3.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin [11314688] [PID.2720]
[MD5.5397E32E882C0148CEC13D9EACFB7157] - (.Microsoft Corporation - Internet Low-Mic Utility Tool.) -- C:\Program Files (x86)\Internet Explorer\IELowutil.exe [222208] [PID.3280]
[MD5.0E8F60BE218F60CDA959B02DA9C404AD] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [20687728] [PID.4852]
[MD5.A9182CE59CFC56F9C1DDE8B3C0AE8378] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [274840] [PID.4160]
[MD5.12FD4EF8F2CBBF98E0A5CED88258DDF3] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [17816] [PID.376]
[MD5.D8425B8D6DC2AA8D871363B0775BCF18] - (.Adobe Systems, Inc. - Adobe Flash Player 11.8 r800.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe [1861512] [PID.3312]
[MD5.9EB95DA9674E4E454FF5A137FC963D05] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8073216] [PID.4936]
[MD5.9330941C8F6DF417F6DBBE998DB6687E] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808] [PID.1324]
[MD5.F720502AAA03FAB627A96E5EAADAA28D] - (.Taiwan Shui Mu Chih Ching Technology Limite - update service.) -- C:\Program Files (x86)\WinZipper\winzipersvc.exe [424104] [PID.1392]
[MD5.6FF3CFB85B18C032AF8F242498DFC8D9] - (.Wsys Co., Ltd. - Wsys Control 10.2.1.2612.) -- C:\ProgramData\eSafe\eGdpSvc.exe [303680] [PID.1508] =>PUP.eSafeSecurity
[MD5.F02A533F517EB38333CB12A9E8963773] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176] [PID.1536]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.3208]
[MD5.9608A0281C5886F5FB23FB086D31C5EA] - (.Pas de propriétaire - HPText.AssemblyTitleMonitor.) -- C:\Program Files (x86)\sysTPL\sysTPLMonitor.exe [29976] [PID.3688]
[MD5.A7CA51EBFDAE8D4610D4E1E3A82A4C6A] - (.Pas de propriétaire - sysTPLService.) -- C:\Program Files (x86)\sysTPL\sysTPLService.exe [32024] [PID.3784]
[MD5.9512B0ED87A530A786B4DDB97D22DB17] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [93072] [PID.3840]
[MD5.C71EE856C4F5B52E2D094F494CEE4936] - (.Pas de propriétaire - WlanSvc Application.) -- C:\Program Files (x86)\D-Link\DWA-131 revA\WlanWpsSvc.exe [167936] [PID.3924]
[MD5.DD0042F0C3B606A6A8B92D49AFB18AD6] - (.Yahoo! Inc. - AutoUpater Service Module.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe [602392] [PID.4076]
[MD5.7F32D4C47A50E7223491E8FB9359907D] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [325656] [PID.3088]
[MD5.2C16648A12999AE69A9EBF41974B0BA2] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2656280] [PID.4352]
~ Processes Running: Scanned in 00mn 01s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\BUREAU\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [dffhljlmcohcioeilbnpmbchdcbhifdh] WiseConvert 1.5 v.2.3.16.7 (Désactivé) =>Toolbar.Conduit
~ Google Browser: 15 Legitimates Filtered in 00mn 08s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\BUREAU\AppData\Roaming\Mozilla\Firefox\Profiles\0227ko7h.default-1381434566755\prefs.js
C:\Users\BUREAU\AppData\Roaming\Mozilla\Firefox\Profiles\dnmqjibj.default\prefs.js
M3 - MFPP: Plugins - [BUREAU] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\delta-homes.xml =>Toolbar.DeltaSearch
~ Firefox Browser: 6 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8877;https=127.0.0.1:8877 =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: e-Carte Bleue Browser Helper Object [64Bits] - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} . (.Orbiscom Ltd. All rights reserved. - FTO CMB.) -- C:\Windows\SysWow64\BhoECart.dll
~ BHO: 10 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} Clé orpheline
O3 - Toolbar: &RoboForm Toolbar [64Bits] - [HKLM]{724d43a0-0d85-11d4-9908-00400523e39a} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{724D43A0-0D85-11D4-9908-00400523E39A} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: EPSON Scan.lnk . (.SEIKO EPSON CORP. - EPSON Scan.) -- C:\Windows\twain_32\escndv\escndv.exe
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.delta-homes.com =>Toolbar.DeltaSearch
O4 - GS\QuickLaunch [NeroMediaHomeUser.4]: Bandicam.lnk . (...) -- C:\Users\BUREAU\Desktop\Dossier Maxime\Bandicam\bdcam.exe (.not file.)
O4 - GS\QuickLaunch [NeroMediaHomeUser.4]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [NeroMediaHomeUser.4]: Bandicam.lnk . (...) -- C:\Users\BUREAU\Desktop\Dossier Maxime\Bandicam\bdcam.exe (.not file.)
O4 - GS\QuickLaunch [BUREAU]: Bandicam.lnk . (...) -- C:\Users\BUREAU\Desktop\Dossier Maxime\Bandicam\bdcam.exe (.not file.)
O4 - GS\QuickLaunch [BUREAU]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [BUREAU]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.delta-homes.com =>Toolbar.DeltaSearch
O4 - GS\QuickLaunch [BUREAU]: WeGame.lnk . (.WeGame.com, Inc. - WeGame Client.) -- C:\WeGame\wegame.exe
O4 - GS\QuickLaunch [BUREAU]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\BUREAU\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\TaskBar [BUREAU]: Ascentia.lnk . (...) -- C:\Users\BUREAU\Downloads\Ascentia.exe
O4 - GS\TaskBar [BUREAU]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [BUREAU]: Imagine Your Craft - Launcher.lnk . (...) -- C:\Users\BUREAU\Downloads\Launcher-IYC.exe
O4 - GS\TaskBar [BUREAU]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.delta-homes.com =>Toolbar.DeltaSearch
O4 - GS\TaskBar [BUREAU]: Ironfight.lnk . (...) -- E:\Dossier Maxime\Ironfight.exe
O4 - GS\TaskBar [BUREAU]: Launcher_Unplugged.lnk . (...) -- C:\Users\BUREAU\Downloads\Launcher_Unplugged.exe
O4 - GS\TaskBar [BUREAU]: Minecraft(1).lnk . (...) -- C:\Users\BUREAU\Desktop\Minecraft(1).exe
O4 - GS\TaskBar [BUREAU]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.delta-homes.com =>Toolbar.DeltaSearch
O4 - GS\TaskBar [BUREAU]: Pipix-3.lnk . (...) -- E:\Dossier Maxime\Pipix\Pipix-3.exe
O4 - GS\Program [BUREAU]: Create Amazing Presentations.lnk - Clé orpheline
O4 - GS\Program [BUREAU]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.delta-homes.com =>Toolbar.DeltaSearch
O4 - GS\SystemTools [BUREAU]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.delta-homes.com =>Toolbar.DeltaSearch
O4 - GS\SendTo [BUREAU]: Desk 365.lnk . (...) -- C:\Program Files (x86)\Desk 365\desk365.exe (.not file.) =>Hijacker.22Find
O4 - GS\Desktop [BUREAU]: disque E.lnk . (...) -- E:\
O4 - GS\Desktop [BUREAU]: Dossier Cédric.lnk . (...) -- E:\cedric
O4 - GS\Desktop [BUREAU]: Dossier Marie.lnk . (...) -- E:\marie
O4 - GS\Desktop [BUREAU]: Dossier Maxime.lnk . (...) -- E:\Dossier Maxime
O4 - GS\Desktop [BUREAU]: Free Video to MP3 Converter.lnk . (.DVDVideoSoft Ltd. - Free All Converter.) -- C:\Program Files (x86)\DVDVideoSoft\Free Video to MP3 Converter\FreeVideoToMP3Converter.exe
O4 - GS\Desktop [BUREAU]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\BUREAU\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 94 Legitimates Filtered in 00mn 01s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: WeGame.lnk . (.WeGame.com, Inc. - WeGame Client.) -- C:\WeGame\wegame.exe
O4 - GS\Startup [Public]: Wireless Connection Manager.lnk . (.D-Link Corp. - D-Link WLAN Application.) -- C:\Program Files (x86)\D-Link\DWA-131 revA\wirelesscm.exe
O4 - GS\Startup [BUREAU]: Lanceur.lnk . (.Micro Application - Pas de description.) -- C:\Program Files (x86)\Micro Application\LauncherMA.exe
O4 - GS\Startup [BUREAU]: OpenOffice.org 3.3.lnk . (...) -- C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [EPSON BX620FWD Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGBU.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [RoboForm] . (.Siber Systems - RoboForm TaskBar Icon.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\BUREAU\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKCU\..\Run: [EPSON5A3483 (Epson Stylus Office BX620FWD)] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGBU.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [Nero MediaHome 4] . (.Nero AG - Nero MediaHome.) -- C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe
O4 - HKCU\..\Run: [C:\Users\BUREAU\Downloads\PANASONIC-KX-TG2521FR.exe] . (.Tlapia - This installer database contains the logic.) -- C:\Users\BUREAU\Downloads\PANASONIC-KX-TG2521FR.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\BUREAU\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_8_800_94_Plugin.exe
O4 - HKLM\..\Wow6432Node\Run: [sysTPL] . (.Pas de propriétaire - sysTPL.) -- C:\Program Files (x86)\sysTPL\sysTPL.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [LWS] . (.Logitech Inc. - Logitech Webcam Software.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
O4 - HKLM\..\Wow6432Node\Run: [LogMeIn Hamachi Ui] . (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1494022874-267673802-2611412170-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1494022874-267673802-2611412170-1000\..\Run: [EPSON BX620FWD Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGBU.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-1494022874-267673802-2611412170-1000\..\Run: [RoboForm] . (.Siber Systems - RoboForm TaskBar Icon.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
O4 - HKUS\S-1-5-21-1494022874-267673802-2611412170-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\BUREAU\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-1494022874-267673802-2611412170-1000\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKUS\S-1-5-21-1494022874-267673802-2611412170-1000\..\Run: [EPSON5A3483 (Epson Stylus Office BX620FWD)] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGBU.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-1494022874-267673802-2611412170-1000\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1494022874-267673802-2611412170-1000\..\Run: [Nero MediaHome 4] . (.Nero AG - Nero MediaHome.) -- C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe
O4 - HKUS\S-1-5-21-1494022874-267673802-2611412170-1000\..\Run: [C:\Users\BUREAU\Downloads\PANASONIC-KX-TG2521FR.exe] . (.Tlapia - This installer database contains the logic.) -- C:\Users\BUREAU\Downloads\PANASONIC-KX-TG2521FR.exe
O4 - HKUS\S-1-5-21-1494022874-267673802-2611412170-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\BUREAU\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-1494022874-267673802-2611412170-1000\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKUS\S-1-5-21-1494022874-267673802-2611412170-1000\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_8_800_94_Plugin.exe
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Remplir les formulaires [64Bits] - {320AF880-6646-11D3-ABEE-C5DBF3571F46} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Enregistrer les formulaires [64Bits] - {320AF880-6646-11D3-ABEE-C5DBF3571F49} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: À propos de Digital Connections [64Bits] - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} -- Clé orpheline
O9 - Extra button: Barre RoboForm [64Bits] - {724d43aa-0d85-11d4-9908-00400523e39a} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Free YouTube Download [64Bits] - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} . (...) -- C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\dvdvideosoft.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{FB3AFEFD-BD1F-4484-A0E2-42D2C0F539A6}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{FB3AFEFD-BD1F-4484-A0E2-42D2C0F539A6}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{FB3AFEFD-BD1F-4484-A0E2-42D2C0F539A6}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll (.not file.) =>Toolbar.Conduit
~ AppInit DLL: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: WinZiper service (winzipersvc) . (.Taiwan Shui Mu Chih Ching Technology Limite - update service.) - C:\Program Files (x86)\WinZipper\winzipersvc.exe
O23 - Service: Wsys Service (WsysSvc) . (.Wsys Co., Ltd. - Wsys Control 10.2.1.2612.) - C:\ProgramData\eSafe\eGdpSvc.exe =>PUP.eSafeSecurity
~ Services: 14 Legitimates Filtered in 00mn 04s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Plus-HD-2.5-chromeinstaller.job [1906] =>Adware.PlusHD
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Plus-HD-2.5-codedownloader.job [1200] =>Adware.PlusHD
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Plus-HD-2.5-enabler.job [1100] =>Adware.PlusHD
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Plus-HD-2.5-firefoxinstaller.job [1832] =>Adware.PlusHD
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Plus-HD-2.5-updater.job [1196] =>Adware.PlusHD
[MD5.00000000000000000000000000000000] [APT] [Desk 365 RunAsStdUser] (...) -- C:\Program Files (x86)\Desk 365\desk365.exe (.not file.) [0] =>Hijacker.22Find
[MD5.00000000000000000000000000000000] [APT] [EPUpdater] (...) -- C:\Users\BUREAU\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe (.not file.) [0] =>Hijacker.BabSolution
[MD5.5D388ED5E133821EC3AC377A60E95D99] [APT] [Plus-HD-2.5-chromeinstaller] (.Plus HD.) -- C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-chromeinstaller.exe [464232] =>Adware.PlusHD
[MD5.B1F354DB01C23D835B95E26537849A12] [APT] [Plus-HD-2.5-codedownloader] (.Plus HD.) -- C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-codedownloader.exe [478568] =>Adware.PlusHD
[MD5.ECF61426FB297CDB1BEF0264DC15FFCF] [APT] [Plus-HD-2.5-enabler] (.Plus HD.) -- C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-enabler.exe [345960] =>Adware.PlusHD
[MD5.61DF8843F5A2919B774E977A6E60F125] [APT] [Plus-HD-2.5-firefoxinstaller] (.Plus HD.) -- C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-firefoxinstaller.exe [725352] =>Adware.PlusHD
[MD5.C9865F1E5B2FD32094B4D6E0A5030029] [APT] [Plus-HD-2.5-updater] (.Plus HD.) -- C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-updater.exe [364392] =>Adware.PlusHD
[MD5.00000000000000000000000000000000] [APT] [Searchya] (...) -- C:\Users\BUREAU\AppData\Roaming\Searchya\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>Adware.SearchYa
[MD5.00000000000000000000000000000000] [APT] [{17FFF273-4DD5-4C38-AEB3-FBC3BE8BD05F}] (...) -- D:\MazeGames.exe (.not file.) [0]
[MD5.43BDF1B20A0C2061340438AA5E8FB255] [APT] [{1A64DC3D-6EBA-47FD-B487-5389DED5F9E0}] (...) -- E:\telechagements utorrent\fichiers utorrent\World Riddles - Secrets of the Ages\World Riddles - Secrets of the Ages\World Riddles.exe [3233112] =>P2P.µTorrent
[MD5.77C55664C2718424D2502E67ED15C7E0] [APT] [{40B78214-ECF8-4A65-92EE-A746EB5F0447}] (...) -- E:\cedric\Pratiquez le Bricolage Malin - Peinture et Decoration\Pratiquez le Bricolage Malin - Peinture et Decoration\install.exe [7765105]
[MD5.00000000000000000000000000000000] [APT] [{E1F42F11-27B8-4B5B-B6BC-91CCD52026C9}] (...) -- C:\Users\BUREAU\Downloads\MM-LDDM-EC(1)\Midnight Mysteries - Le D'mon du Mississippi - Edition Collector\launcher.exe (.not file.) [0]
~ Scheduled Task: 36 Legitimates Filtered in 00mn 02s



---\\ Logiciels installés (O42)
O42 - Logiciel: AutoScreenShot - (...) [HKLM][64Bits] -- AutoScreenShot
O42 - Logiciel: Death on the Nile - (...) [HKLM][64Bits] -- Death on the Nile
O42 - Logiciel: LEGO® Indiana Jones(TM) - (.LucasArts.) [HKLM][64Bits] -- InstallShield_{A14C40E7-F7E5-498D-B8BD-A3EAE942EED0}
O42 - Logiciel: La Lagune perdue 2 : Entre Oubli et Malédiction - (.INTENIUM GmbH.) [HKLM][64Bits] -- La Lagune perdue 2 : Entre Oubli et Malédiction
O42 - Logiciel: La maison aux 1000 portes - Secrets de famille EC version 1.0 - (.Team RD09.) [HKLM][64Bits] -- {44B757E4-9C1D-4A9B-B509-55049C5F497E}_is1
O42 - Logiciel: Meteo Fusion 1.5.9.11 - (.Eggiz.) [HKLM][64Bits] -- Meteo Fusion _is1
O42 - Logiciel: Plus-HD-2.5 - (.Plus HD.) [HKLM][64Bits] -- Plus-HD-2.5 =>Adware.PlusHD
O42 - Logiciel: QuickShare - (.Linkury Inc..) [HKLM][64Bits] -- {04DB50FA-EA80-4256-85F9-540C582E280D} =>PUP.QuickShare
O42 - Logiciel: World Mosaics 2 - (...) [HKLM][64Bits] -- World Mosaics 2_is1
~ Logic: 156 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\IncrediMail]
[HKCU\Software\Mixi.DJ]
[HKCU\Software\Pando Networks]
[HKCU\Software\Yahoo]
[HKLM\Software\DomaIQ] =>Adware.DomaIQ
[HKLM\Software\IB Updater] =>Adware.InstallBrain
[HKLM\Software\Nurago]
[HKLM\Software\Wow6432Node\IncrediMail]
[HKLM\Software\Wow6432Node\PCTools]
[HKLM\Software\Wow6432Node\Pando Networks]
[HKLM\Software\Wow6432Node\Plus-HD-2.6] =>Adware.PlusHD
[HKLM\Software\Wow6432Node\VBMZ]
[HKLM\Software\Wow6432Node\Yahoo]
[HKLM\Software\Wow6432Node\eSafeSecControl] =>PUP.eSafeSecurity
~ Key Software: 297 Legitimates Filtered in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 29/05/2013 - 23:37:31 - [4,465] ----D C:\Program Files (x86)\AutoScreenShot
O43 - CFD: 31/01/2012 - 13:59:03 - [2,687] ----D C:\Program Files (x86)\Digital Connections
O43 - CFD: 29/09/2013 - 20:48:30 - [0,024] ----D C:\Program Files (x86)\GestProdRemb
O43 - CFD: 06/11/2012 - 18:53:27 - [473,697] ----D C:\Program Files (x86)\La maison aux 1000 portes - Secrets de famille EC
O43 - CFD: 12/08/2013 - 08:19:50 - [0,015] ----D C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup
O43 - CFD: 01/08/2013 - 13:14:59 - [7,182] ----D C:\Program Files (x86)\Pando Networks
O43 - CFD: 14/07/2013 - 18:10:55 - [7,267] ----D C:\Program Files (x86)\Plus-HD-2.5 =>Adware.PlusHD
O43 - CFD: 06/03/2012 - 06:47:28 - [0,071] ----D C:\Program Files (x86)\Psykos 7
O43 - CFD: 05/08/2013 - 22:36:05 - [32,897] ----D C:\Program Files (x86)\World Mosaics 2
O43 - CFD: 07/02/2012 - 06:54:00 - [0,728] ----D C:\Program Files (x86)\Yahoo!
O43 - CFD: 06/09/2013 - 17:41:47 - [0] ----D C:\ProgramData\Braintonik
O43 - CFD: 11/10/2013 - 11:27:34 - [1,086] ----D C:\ProgramData\eSafe =>PUP.eSafeSecurity
O43 - CFD: 07/02/2012 - 06:54:00 - [0,004] ----D C:\ProgramData\Yahoo!
O43 - CFD: 05/10/2013 - 12:49:28 - [60,918] ----D C:\Users\BUREAU\AppData\Roaming\.ironfight
O43 - CFD: 11/09/2013 - 18:22:03 - [64,591] ----D C:\Users\BUREAU\AppData\Roaming\.unplugged
O43 - CFD: 06/09/2013 - 17:41:47 - [0,008] ----D C:\Users\BUREAU\AppData\Roaming\Braintonik
O43 - CFD: 16/10/2012 - 23:12:37 - [0] ----D C:\Users\BUREAU\AppData\Local\tuto4pc_fr_8 =>PUP.Eorezo
O43 - CFD: 17/09/2011 - 12:38:52 - [0] ----D C:\Users\BUREAU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Death on the Nile
O43 - CFD: 17/09/2013 - 12:22:49 - [0] ----D C:\Users\BUREAU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GJ Games
~ 271 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 626 Legitimates Filtered in 00mn 46s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.541C9E0B531F9A701C471141995C521C] - 01/10/2013 - 09:09:23 ---A- . (...) -- C:\DiskDefrag.log [75]
O44 - LFC:[MD5.5FE6A0E1109606870D6A2E36C2081391] - 10/10/2013 - 15:07:30 ---A- . (...) -- C:\Windows\DeleteOnReboot.bat [453]
~ Files: 105 Legitimates Filtered in 00mn 24s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.286193DC28CFB4CEB8D378E20A0850A9] - 30/08/2013 - 08:48:10 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65336]
O58 - SDL:[MD5.19166026A93206F9C6A8CD3A1F010AE4] - 02/04/2009 - 13:30:14 ---A- . (...) -- C:\Windows\SysWOW64\drivers\ASUSHWIO.SYS [10296]
~ Drivers: 16 Legitimates Filtered in 00mn 00s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} - (Conduit Search) - http://search.conduit.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {0E57175C-A54E-83B9-2ECB-00E6C65A1B41} - ({0E57175C-A54E-83B9-2ECB-00E6C65A1B41}) - http://www.delta-search.com =>Toolbar.DeltaSearch
O69 - SBI: SearchScopes [HKCU] {41A787DD-0845-4EC6-AEEB-DCFFAF2E0E67} - (MixiDJ V30 Customized Web Search) - http://search.conduit.com =>Toolbar.MixiDJ
O69 - SBI: SearchScopes [HKCU] {4772D8E5-2889-F5B9-AFB1-5E7295D3783C} - ({4772D8E5-2889-F5B9-AFB1-5E7295D3783C}) - http://www.delta-search.com =>Toolbar.DeltaSearch
O69 - SBI: SearchScopes [HKCU] {5F06D1F1-1377-471E-90E5-347AE5B6E878} - (Search) - http://start.funmoods.com =>PUP.Funmoods
O69 - SBI: SearchScopes [HKCU] {61E8688A-3B3C-487E-85B4-DDEA6C508533} - (Search the web (Softonic)) - https://en.softonic.com =>Adware.IMBooster
O69 - SBI: SearchScopes [HKCU] {91CB9026-C1AC-4D0D-9FBB-9D774B81E5DB} - (Ask Search) - http://www.search.ask.com/?o=10148&l=dis =>Toolbar.Ask
O69 - SBI: SearchScopes [HKCU] {B44B6CAC-E7EB-42D3-8D0A-7560A7C034D4} - (Google) - https://www.google.com/?gws_rd=ssl
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.295206BCBEF09873DC45B26E8C1CF84F] [SPRF][06/10/2013] (.Conduit - Search Protect by Conduit.) -- C:\Users\BUREAU\AppData\Local\Temp\SPSetup.exe [5616616] =>Toolbar.Conduit
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][01/10/2013] (...) -- C:\Users\BUREAU\AppData\Local\Temp\~upgrade.dat [0]
[MD5.0ACFF8B9208623E18D9882C0C16997AC] [SPRF][19/02/2013] (...) -- C:\Users\BUREAU\Desktop\Conjugaison.exe [635392]
[MD5.B63CCB43F2779CBEA5D8D3CE2E3D90FB] [SPRF][24/07/2013] (...) -- C:\Users\BUREAU\Desktop\Minecraft(1).exe [263186]
[MD5.B63CCB43F2779CBEA5D8D3CE2E3D90FB] [SPRF][15/07/2013] (...) -- C:\Users\BUREAU\Desktop\Minecraft.exe [263186]
~ Files: 5 Legitimates Filtered in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{364FC929-3552-4E61-B777-BE1A1FBF5E7B}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "{9C137BB8-A692-423A-BDEE-F7389D04E407}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "{9BF93B2A-4552-4867-81FF-E9239A342277}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Xi\NetXfer\NetTransport.exe (.not file.)
O87 - FAEL: "{0AF100B9-8C9F-42E3-BE4E-C817F6B6B007}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Xi\NetXfer\NetTransport.exe (.not file.)
O87 - FAEL: "{21923879-35F3-499D-90C3-27DD6EA6EC38}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Xi\NetXfer\FTPTransport.exe (.not file.)
O87 - FAEL: "{330538EA-B459-45A2-B367-234621B5EDD8}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Xi\NetXfer\FTPTransport.exe (.not file.)
O87 - FAEL: "TCP Query User{6FE20335-3D1D-4C77-A0EE-3D53FBE28EEF}C:\program files (x86)\relevantknowledge\rlvknlg.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\relevantknowledge\rlvknlg.exe (.not file.) =>Adware.RelevantKnowledge
O87 - FAEL: "UDP Query User{FBE4A89A-B286-432E-A406-B535EC33D246}C:\program files (x86)\relevantknowledge\rlvknlg.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\relevantknowledge\rlvknlg.exe (.not file.) =>Adware.RelevantKnowledge
O87 - FAEL: "{168F296C-B3E6-457E-9A2C-047145AB6C25}" | In - Public - P6 - TRUE | .(.Wsys Co., Ltd. - Wsys Control 10.2.1.2612.) -- C:\ProgramData\eSafe\eGdpSvc.exe =>PUP.eSafeSecurity
O87 - FAEL: "{016AA91F-83E4-40A1-A98E-42EDDBD65252}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe (.not file.) =>Adware.RelevantKnowledge
O87 - FAEL: "{7F96336C-B993-46BC-8EAE-09BE60FCA05F}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe (.not file.) =>Adware.RelevantKnowledge
O87 - FAEL: "TCP Query User{C9032CB0-A412-48B1-A1F3-77F7A64B91F6}C:\users\bureau\appdata\local\temp\rar$exa0.525\server.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\bureau\appdata\local\temp\rar$exa0.525\server.exe (.not file.)
O87 - FAEL: "UDP Query User{ED0803EF-BA89-44E3-B0D0-C612C1432728}C:\users\bureau\appdata\local\temp\rar$exa0.525\server.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\bureau\appdata\local\temp\rar$exa0.525\server.exe (.not file.)
~ Firewall: 231 Legitimates Filtered in 00mn 00s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "A1F2428C468389B47AD0E50937911AEF" . (.Les Aventures de Robinson Crusoe.) -- C:\Windows\Installer\{C8242F1A-3864-4B98-A70D-5E907319A1FE}\controlPanelIcon.exe
~ Update Products: 91 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.B67811645C5A3B8E4E4B1A1DB1EE271C] [WIS][17/11/2012] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\1b945d2.msi [45056] =>Adware.Boxore
[MD5.EDD21B7C504C7E3F36DE766B31BD3178] [WIS][14/10/2012] (.SweetIM Technologies Ltd. - SweetPacks Toolbar for Internet Explorer 4.0.) -- C:\Windows\Installer\236c21.msi [3304960] =>PUP.SweetIM
[MD5.3CD19859CD377AD00B30E4BEE49D374E] [WIS][14/10/2012] (.SweetIM Technologies Ltd. - Sweetpacks Communicator 1.1.) -- C:\Windows\Installer\236c36.msi [2997248] =>PUP.SweetIM
[MD5.1DA3AFDF337058DFAEE5C372406C0C9D] [WIS][14/07/2013] (.Linkury Inc. - QuickShare Widget.) -- C:\Windows\Installer\5db4d87.msi [8880128] =>PUP.QuickShare
[MD5.120F985880029DE70425AE42A216F7E7] [WIS][08/05/2008] (.LucasArts - LEGO® Indiana Jones(TM).) -- C:\Windows\Installer\602f0.msi [1383424]
~ WIS: 98 Legitimates Filtered in 00mn 13s



---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 10/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 30/08/2013 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SS - | Demand 19/03/2012 276248 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 30/05/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 30/05/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SR - | Auto 01/10/2013 2746704 | (Hamachi2Svc) . (.LogMeIn Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
SR - | Auto 20/12/2010 325656 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SS - | Demand 02/10/2013 118680 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 26/10/2010 517416 | (NeroMediaHomeService.4) . (.Nero AG.) - C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe
SS - | Auto 25/07/2013 162672 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 16/05/2013 29976 | (sysTPLMonitor.exe) . (...) - C:\Program Files (x86)\sysTPL\sysTPLMonitor.exe
SR - | Auto 16/05/2013 32024 | (sysTPLService.exe) . (...) - C:\Program Files (x86)\sysTPL\sysTPLService.exe
SR - | Auto 02/07/2013 93072 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
SR - | Auto 20/12/2010 2656280 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 24/08/2013 424104 | (winzipersvc) . (.Taiwan Shui Mu Chih Ching Technology Limite.) - C:\Program Files (x86)\WinZipper\winzipersvc.exe
SR - | Auto 26/06/2008 167936 | (WlanWpsSvc) . (...) - C:\Program Files (x86)\D-Link\DWA-131 revA\WlanWpsSvc.exe
SR - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 22/08/2013 303680 | (WsysSvc) . (.Wsys Co., Ltd..) - C:\ProgramData\eSafe\eGdpSvc.exe =>PUP.eSafeSecurity
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 09/11/2008 602392 | (YahooAUService) . (.Yahoo! Inc..) - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
~ Services: Scanned in 00mn 15s



---\\ Scan Additionnel (O88)
Database Version : 12946 - (11/10/2013)
Clés trouvées (Keys found) : 64
Valeurs trouvées (Values found) : 7
Dossiers trouvés (Folders found) : 8
Fichiers trouvés (Files found) : 24

[HKLM\Software\Google\Chrome\Extensions\dffhljlmcohcioeilbnpmbchdcbhifdh] =>Toolbar.Conduit^
[HKLM\SYSTEM\CurrentControlSet\Services\WsysSvc] =>PUP.eSafeSecurity^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-2.5] =>Adware.PlusHD^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{04DB50FA-EA80-4256-85F9-540C582E280D}] =>PUP.QuickShare^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\niogeckbkdcabhnapjbkeiklablhjoca] =>Adware.IncrediBar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Zuma's Revenge!1.0] =>Adware.PopCap
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASAPI32] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASMANCS] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxUpdateService_RASAPI32] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxUpdateService_RASMANCS] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\VBMZ] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKCU\Software\Classes\MF] =>PUP.MediaFinder
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\desksvc] =>Hijacker.22find
[HKCU\Software\Mixi.DJ] =>Toolbar.MixiDJ
[HKLM\Software\Wow6432Node\eSafeSecControl] =>PUP.eSafeSecurity
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo] =>PUP.Elex
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\dcmagccbogebndpoodhhhafmofelpffh] =>PUP.RewardsArcade
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc] =>PUP.eSafeSecurity
[HKLM\Software\Classes\RewardsArcade.BHO] =>PUP.RewardsArcade
[HKLM\Software\Classes\RewardsArcade.Sandbox] =>PUP.RewardsArcade
[HKLM\Software\Classes\RewardsArcade.Sandbox.1] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\RewardsArcade.BHO] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\RewardsArcade.Sandbox] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\RewardsArcade.Sandbox.1] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111991162}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111991162}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110111991162}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836] =>PUP.SweetIM^
C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup^
C:\Program Files (x86)\Plus-HD-2.5 =>Adware.PlusHD^
C:\ProgramData\eSafe =>PUP.eSafeSecurity^
C:\Users\BUREAU\AppData\Local\tuto4pc_fr_8 =>PUP.Eorezo^
C:\Program Files (x86)\Zuma's Revenge! =>Adware.PopCap
C:\Program Files (x86)\OneStopSoft.com =>PUP.Dealio
C:\Users\BUREAU\AppData\Local\Software =>Adware.Boxore
C:\Users\BUREAU\AppData\Local\Google\Chrome\User Data\Default\Extensions\dffhljlmcohcioeilbnpmbchdcbhifdh =>Toolbar.Conduit
C:\ProgramData\eSafe\eGdpSvc.exe =>PUP.eSafeSecurity^
C:\Program Files (x86)\Mozilla FireFox\searchplugins\delta-homes.xml =>Toolbar.DeltaSearch^
C:\Windows\Tasks\Plus-HD-2.5-chromeinstaller.job =>Adware.PlusHD^
C:\Windows\Tasks\Plus-HD-2.5-codedownloader.job =>Adware.PlusHD^
C:\Windows\Tasks\Plus-HD-2.5-enabler.job =>Adware.PlusHD^
C:\Windows\Tasks\Plus-HD-2.5-firefoxinstaller.job =>Adware.PlusHD^
C:\Windows\Tasks\Plus-HD-2.5-updater.job =>Adware.PlusHD^
C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-chromeinstaller.exe =>Adware.PlusHD^
C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-codedownloader.exe =>Adware.PlusHD^
C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-enabler.exe =>Adware.PlusHD^
C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-firefoxinstaller.exe =>Adware.PlusHD^
C:\Program Files (x86)\Plus-HD-2.5\Plus-HD-2.5-updater.exe =>Adware.PlusHD^
[HKLM\Software\DomaIQ] =>Adware.DomaIQ^
[HKLM\Software\IB Updater] =>Adware.InstallBrain^
[HKLM\Software\Wow6432Node\Plus-HD-2.6] =>Adware.PlusHD^
C:\Users\BUREAU\AppData\Local\Temp\SPSetup.exe =>Toolbar.Conduit^
C:\Windows\Installer\1b945d2.msi =>Adware.Boxore^
C:\Windows\Installer\236c21.msi =>PUP.SweetIM^
C:\Windows\Installer\236c36.msi =>PUP.SweetIM^
C:\Windows\Installer\5db4d87.msi =>PUP.QuickShare^
C:\Users\BUREAU\Downloads\flvmplayer.exe =>PUP.Offerware
C:\Users\BUREAU\AppData\Local\Temp\X4IcUPpW.exe.part =>PUP.SweetIM
~ Additionnel Scan: 257765 Items scanned in 00mn 13s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/27588628-pup-esafesecurity =>PUP.eSafeSecurity
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/27232411-hijacker-proxy =>Hijacker.Proxy
~ http://nicolascoolman.webs.com/apps/blog/show/26630379-hijacker-22find =>Hijacker.22Find
~ http://nicolascoolman.webs.com/apps/blog/show/28138048-adware-plushd =>Adware.PlusHD
~ http://nicolascoolman.webs.com/apps/blog/show/26678994-hijacker-babsolution =>Hijacker.BabSolution
~ http://nicolascoolman.webs.com/apps/blog/show/27529784-adware-searchya =>Adware.SearchYa
~ http://nicolascoolman.webs.com/apps/blog/show/28577022-pup-quickshare =>PUP.QuickShare
~ http://nicolascoolman.webs.com/apps/blog/show/30393137-adware-domaiq =>Adware.DomaIQ
~ http://nicolascoolman.webs.com/apps/blog/show/26907365-adware-installbrain =>Adware.InstallBrain
~ http://nicolascoolman.webs.com/apps/blog/show/32174815-pup-mypcbackup =>PUP.MyPCBackup
~ http://nicolascoolman.webs.com/apps/blog/show/27469224-pup-eorezo =>PUP.EoRezo
~ http://nicolascoolman.webs.com/apps/blog/show/27630986-pup-funmoods =>PUP.Funmoods
~ http://nicolascoolman.webs.com/apps/blog/show/26

Afficher la suite