Sujet Précédent Sujet Suivant

Erreur au démarrage

Résolu/Fermé
sapmi Messages postés 92 Date d'inscription mercredi 21 août 2013 Statut Membre Dernière intervention 25 novembre 2016 - 18 déc. 2013 à 16:43
 morelaimerick - 5 mai 2014 à 11:24
Bonjour,

C:\User\nom de l'utilisateur (c'est moi)\Appdata\Roaming\newnextme.nengine.dll
"Problème de démarrage: Le module suivant est introuvable."

Voilà ce que je retrouve sur mon écran une fois que mon ordinateur a démarré et que je dois normalement voir toutes les applications sur mon écran. Mais elles ont disparues. Lors d'une mise à jour de mon ordinateur, j'avais ensuite en effet un tableau à côté du bouton Démarrer où toutes mes applications s'y étaient placées. Mais il ne s'y trouve plus. Je pense que cela doit être ce tableau que mon ordinateur veut signifier.
Comment dois-je faire pour le retrouver? Et comment enlever ce message?

Merci pour votre aide.

53 réponses

Réponse 1 / 53
Utilisateur anonyme
18 déc. 2013 à 16:48
Bonjour

Télécharge le fichier d'installation d'Hijackthis en cliquant sur ce lien

http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download

* Enregistre HJTInstall.exe sur ton bureau.

* Double-clique sur HJTInstall.exe pour lancer le programme

Tuto : https://www.malekal.com/tutoriel-hijackthis/
http://pagesperso-orange.fr/rginformatique/section%20virus/Hijenr.gif
http://pagesperso-orange.fr/rginformatique/section%20virus/demohijack.htm

* Accepte la license en cliquant sur le bouton "I Accept"
* Choisis l'option "Do a system scan and save a log file"
* Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note
* Clique sur "Edition -> Sélectionner tout", puis sur "Edition -> Copier" pour copier tout le contenu du rapport

* Colle le rapport que tu viens de copier sur ce forum

0
morelaimerick
5 mai 2014 à 11:24
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 11:14:11, on 05/05/2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16476)

FIREFOX: 27.0.1 (fr)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\system32\SystemProtection.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe
C:\Program Files\BlueStacks\HD-Agent.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Program Files\WebAdSystem\WebAdSystem.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\morel\AppData\Roaming\uTorrent\uTorrent.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Little transparency.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Windows\system32\RunDll32.exe
C:\Program Files\Bible Verse\verse.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\WebAdSystem\WebAdSystemHttpProxy.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Windows\System32\WScript.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\BitTorrent Sync\BTSync.exe
C:\Program Files\AVG\AVG2013\avguirux.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\SoftwareDistribution\Download\Install\Windows-KB890830-V5.11-delta.exe
d:\a4bd273fa858c251e18b1716b0\mrtstub.exe
C:\Windows\system32\MRT.exe
C:\Program Files\Smadav\SM?RTP.exe
C:\Users\morel\Downloads\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=1393994557&from=amt&uid=WDCXWD3200BEVT-60A23T0_WD-WXK1A71R4183R4183
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.eazel.com/?id=AAAe0516d3de98a3b96f132a4b8780f7390&oid=14
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=1393994557&from=amt&uid=WDCXWD3200BEVT-60A23T0_WD-WXK1A71R4183R4183
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com/web/?type=ds&ts=1393994557&from=amt&uid=WDCXWD3200BEVT-60A23T0_WD-WXK1A71R4183R4183&q={searchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com/web/?type=ds&ts=1393994557&from=amt&uid=WDCXWD3200BEVT-60A23T0_WD-WXK1A71R4183R4183&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&a=dsites&cd=2XzuyEtN2Y1L1Qzu0DtD0D0Fzy0A0B0CyEzy0F0F0A0CtD0FtN0D0Tzu0CyBzyyCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1254216942&ir=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:49156
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: SaveSense - {71e129ff-6c2a-4984-818c-7e2c998b8d99} - C:\Users\morel\AppData\Local\SaveSense\SaveSenseIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\morel\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: BaseFlash Ads - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - C:\Users\morel\AppData\Roaming\BaseFlash\IE\BaseFlash.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: EazelBar Helper - {FE478DC2-E4AD-4197-8F80-5E456BEBC57F} - C:\Program Files\EazelBar\Toolbar32.dll
O3 - Toolbar: EazelBar - {EBD839AE-B08C-4fb7-859B-F54AF16C159F} - C:\Program Files\EazelBar\Toolbar32.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe -s
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NSU_agent] "C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [WebAdSystem] "C:\Program Files\WebAdSystem\WebAdSystem.exe" background
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\morel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [L08FXLRD_38280726] "C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [uTorrent] "C:\Users\morel\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [BitTorrent Sync] "C:\Program Files\BitTorrent Sync\BTSync.exe" /MINIMIZED
O4 - HKCU\..\Run: [RIMDeviceManager] C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe" -RunServer
O4 - HKCU\..\Run: [NextLive] C:\Windows\system32\rundll32.exe "C:\Users\morel\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [E09FXLRD_168821754] "C:\Program Files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE" -m
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil32_12_0_0_70_Plugin.exe -update plugin
O4 - HKLM\..\Policies\Explorer\Run: [Updates] "C:\system32\SystemProtection.exe" /e:VBScript.Encode "C:\kernel\r00t3r"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Welcome Center] C:\Windows\system32\rundll32.exe C:\Windows\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut (User 'Système')
O4 - HKUS\.DEFAULT\..\Run: [Welcome Center] C:\Windows\system32\rundll32.exe C:\Windows\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut (User 'Default user')
O4 - Startup: Alertes de surveillance de l'encre - HP Deskjet 2510 series.lnk = ?
O4 - Startup: Bible Verse.lnk = C:\Program Files\Bible Verse\verse.exe
O4 - Global Startup: Little transparency.exe
O4 - Global Startup: RocketDock.lnk = C:\Program Files\RocketDock\RocketDock.exe
O8 - Extra context menu item: &Envoyer à OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Pare-feu AVG (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-LogRotatorService.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: DefaultTabUpdate - Unknown owner - C:\Users\morel\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: SaveSenseLive Service (savesenselive) (savesenselive) - Unknown owner - C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe
O23 - Service: SaveSenseLive Service (savesenselivem) (savesenselivem) - Unknown owner - C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Protect your browser's extensions and plugins (srvProtectExtension) - Unknown owner - C:\Windows\system32\config\systemprofile\AppData\Roaming\BaseFlash\protect\ProtectExtension.exe
O23 - Service: Software Updater (SrvUpdater) - Unknown owner - C:\Program Files\SoftwareUpdater\UpdaterService.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Updater Service for EazelBar - Unknown owner - C:\Program Files\EazelBar\ToolbarUpdaterService.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Wpm Service (Wpm) - Cherished Technololgy LIMITED - C:\ProgramData\WPM\wprotectmanager.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe
0
Réponse 2 / 53
sapmi Messages postés 92 Date d'inscription mercredi 21 août 2013 Statut Membre Dernière intervention 25 novembre 2016 1
18 déc. 2013 à 18:31
Oups, j'ai oublié de dire que je suis sous Windows 7. Désolé... Je ne suis pas un pro...
0
Réponse 3 / 53
sapmi Messages postés 92 Date d'inscription mercredi 21 août 2013 Statut Membre Dernière intervention 25 novembre 2016 1
18 déc. 2013 à 19:10
J'oubliais! J'ai été infecté par un moteur de recherche de Torn.tv et j'ai réussi à l'enlever. Je ne sais toutefois pas si ce dll concerne ce virus...
0
Réponse 4 / 53
sapmi Messages postés 92 Date d'inscription mercredi 21 août 2013 Statut Membre Dernière intervention 25 novembre 2016 1
22 déc. 2013 à 11:07
Et la suite, s'il vous plait?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 53
sapmi Messages postés 92 Date d'inscription mercredi 21 août 2013 Statut Membre Dernière intervention 25 novembre 2016 1
25 déc. 2013 à 13:50
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 19:07:16, on 18.12.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
D:\Program Files (x86)\Bang & Olufsen\BeoConnect\BeoConnect.exe
C:\Users\Yvan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Users\Yvan\AppData\Roaming\Spotify\spotify.exe
C:\Users\Yvan\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
C:\Users\Yvan\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
D:\Swisscom\Quick Help\SwisscomQuickHelp.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
D:\itunes\iTunesHelper.exe
C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Repair.exe
C:\Users\Yvan\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Yvan\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Yvan\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
C:\Users\Yvan\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Yvan\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\Yvan\Downloads\HijackThis.exe
C:\Users\Yvan\Downloads\HijackThis.exe
C:\Users\Yvan\Downloads\HijackThis.exe
C:\Users\Yvan\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ch/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: AliBar BHO - {E4E012DC-1925-48E9-8010-2D195574642A} - (no file)
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll
O3 - Toolbar: (no name) - {4C350B19-6CA1-4569-B14C-296D8D65300B} - (no file)
O3 - Toolbar: (no name) - {E4E012DC-1925-48E9-8010-2D195574642A} - (no file)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll" (file missing)
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [Swisscom Quick Help] D:\Swisscom\Quick Help\SwisscomQuickHelp.exe /auto
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [UDM] "C:\Program Files (x86)\Swisscom\Unlimited Data Manager\LscaGui.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [iTunesHelper] "D:\itunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\d9914598-1778-4f71-99d6-affdefc845c7.exe /check
O4 - HKLM\..\Run: [My Swisscom Assistant] C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe /auto
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [BeoConnect] "D:\Program Files (x86)\Bang & Olufsen\BeoConnect\BeoConnect.exe"
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Yvan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\Yvan\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [AmazonMP3DownloaderHelper] C:\Users\Yvan\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
O4 - HKCU\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\Yvan\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\Yvan\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Global Startup: Bluetooth.lnk = ?
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files (x86)\AllMusicConverter\YouTubeRipper.dll
O9 - Extra 'Tools' menuitem: Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files (x86)\AllMusicConverter\YouTubeRipper.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Envoyer à Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Envoyer au périphérique &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://oas.support.microsoft.com/ActiveX/MSDcode.cab
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/CH/Core/Player/2020PlayerAX_IKEA_Win32.cab
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: GSService - Unknown owner - C:\Windows\SysWOW64\GSService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: hpqcxs08 - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service HP CUE DeviceDiscovery (hpqddsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Network Devices Support (HPSLPSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Mp3Rocket Toolbar Helper - Mp3Rocket - C:\Program Files (x86)\MP3 Rocket Toolbar\MP3RocketSvc.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: Net Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Sesam Control Service (SesamService) - Swisscom - C:\Program Files (x86)\Swisscom\Sesam\BIN\SecMIPService.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: SMServer - SMServer - C:\Windows\SysWOW64\snmvtsvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Programme d'installation pour les modules Windows (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: UDM Service - Swisscom - C:\Program Files (x86)\Swisscom\Unlimited Data Manager\DashBoardS.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update SecretSauce - Unknown owner - C:\Program Files (x86)\SecretSauce\updateSecretSauce.exe (file missing)
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: Windows Update (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe
0
Réponse 6 / 53
Utilisateur anonyme
26 déc. 2013 à 19:59
Bonsoir

Pour de plus amples informations, fait ceci stp

Ouvre ce lien et télécharge ZHPDiag de Nicolas Coolman :

https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html

Ou

https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/

en bas de la page ZHP avec un numéro de version.

Une fois le téléchargement achevé,

Double-clique sur l'icône pour lancer le programme. Sous Vista ; Seven ou Windows 8 clic droit « exécuter en tant que administrateur »


Dans la fenêtre ZHPDiag qui vient de s'ouvrir, clique sur "Configurer"

Clique sur la loupe en bas à gauche avec le signe plus pour lancer l'analyse.


Laisse l'outil travailler, il peut être assez long.

Un rapport s'ouvre. Ce rapport se trouve également sur ton bureau

Pour transmettre le rapport clique sur ce lien:
http://pjjoint.malekal.com/

Si problème utilise un des suivants

https://forums-fec.be/upload
https://www.cjoint.com/


Regarde sur le bureau

Sélectionne le fichier ZHPDiag.txt.

Clique sur "Cliquez ici pour déposer le fichier".

Un lien de cette forme :

http://www.cijoint.com/cjlink.php?file=cj200905/cijSKAP5fU.txt

est ajouté dans la page.

Copie ce lien dans ta réponse.

Merci

@+

0
Réponse 7 / 53
sapmi Messages postés 92 Date d'inscription mercredi 21 août 2013 Statut Membre Dernière intervention 25 novembre 2016 1
28 déc. 2013 à 17:08
Voilà... Excusez-moi, j'ai encore d'autres problèmes...Skype, un error log à effacer...

~ Rapport de ZHPDiag v2013.12.26.23 - Nicolas Coolman (26.12.2013)
~ Lancé par Yvan (28.12.2013 11:29:56)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16476
GCIE: Google Chrome v31.0.1650.63 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 3Q6C9
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
avast! Internet Security v9.0.2011
Windows Defender W7

---\\ Logiciels d'optimisation du système
CCleaner v3.14 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 ActiveX
Adobe Reader X
Java 7 Update 25
Java 7 Update 45

---\\ Informations sur le système
~ Processor: AMD64 Family 16 Model 5 Stepping 3, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 5882.9 MB (51% free)
System Restore: Activé (Enable)
System drive C: has 206 GB (36%) free of 572 GB

---\\ Mode de connexion au système
~ Computer Name: BOY-HP
~ User Name: Yvan
~ All Users Names: Yvan, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Yvan\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Yvan\AppData\Roaming\
~ %Desktop% : C:\Users\Yvan\Desktop\
~ %Favorites% : C:\Users\Yvan\Favorites\
~ %LocalAppData% : C:\Users\Yvan\AppData\Local\
~ %StartMenu% : C:\Users\Yvan\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 206 Go of 572 Go)
D: Hard drive, Flash drive, Thumb drive (Free 3 Go of 24 Go)
E: CD-ROM drive (Not Inserted)
F: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25.02.2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14.07.2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.9B6678DB9C6A232C5A84D2FDFFF8B0E1] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.26.11.2013 - 08:07:57.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20.11.2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20.11.2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28.09.2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14.07.2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14.07.2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20.11.2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20.11.2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20.11.2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14.07.2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14.07.2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27.04.2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20.11.2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12.04.2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14.07.2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20.11.2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14.07.2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20.11.2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20.11.2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 01s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/1413
~ Mes musiques (My Musics) : 6/51502
~ Mes Videos (My Videos) : 1/46
~ Mes Favoris (My Favorites) : 1/236
~ Mes Documents (My Documents) : 5/171
~ Mon Bureau (My Desktop) : 1/7
~ Menu demarrer (Programs) : 1/34
~ Hidden Files: Scanned in 08mn 07s



---\\ Processus lancés
[MD5.B7F55E2AE978D3D34F7876EE5D689AAE] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe [136488] [PID.2520]
[MD5.16F32849549A5D7B9F61641B6F386DBA] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128] [PID.784]
[MD5.527E642ED37B05C06F138CFEDB508B2D] - (...) -- D:\Program Files (x86)\Bang & Olufsen\BeoConnect\BeoConnect.exe [2076672] [PID.4380]
[MD5.4860117DA2E6E9B300144902629B09AC] - (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Yvan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896] [PID.4424]
[MD5.E8405C87CD06FF5D69BC6F3B24D766D0] - (...) -- C:\Users\Yvan\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704] [PID.4640]
[MD5.20B00106B7A950E7CAF9B6055FC44B41] - (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1406248] [PID.5060]
[MD5.A7E4E01F95C75FED5AE79330FDA0780E] - (.Swisscom - Swisscom Quick Help.) -- D:\Swisscom\Quick Help\SwisscomQuickHelp.exe [16668080] [PID.5000]
[MD5.C637FC4638A96165256B28D38DE7B953] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208] [PID.4332]
[MD5.B3F1E9E1C9425369C4F0A1DEFFFAADCA] - (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [587320] [PID.4636]
[MD5.225518F190EDBC37CA32197A3E94B498] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [295512] [PID.2992]
[MD5.AFEBF9E0B223FF04709F747C172D3540] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024] [PID.4536]
[MD5.BAF535F843A3E790E04A7613811B55BC] - (.Apple Inc. - iTunesHelper.) -- D:\itunes\iTunesHelper.exe [152392] [PID.5304]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ysWOW64\RunDll32.exe [0] [PID.3664]
[MD5.CCC250711E6B5F998DC1B7393233A755] - (.Broadcom Corporation. - Bluetooth Headset Skype Proxy.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe [13600] [PID.5508]
[MD5.70072B90EEDA336698CBAEBBDD216559] - (.Swisscom (Schweiz) AG - My Swisscom Assistant.) -- C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe [7512984] [PID.5604]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.5672]
[MD5.C1D63777B8D771DE73A99AB359D583D7] - (.Pas de propriétaire - My Swisscom Assistant Repair.) -- C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Repair.exe [23215000] [PID.5824]
[MD5.CC02FE4520CA886508069245D9A6962F] - (.Microsoft Corporation - Internet Low-Mic Utility Tool.) -- C:\Program Files (x86)\Internet Explorer\IELowutil.exe [222720] [PID.964]
[MD5.82496FC05D85C9C3B9ABBC66B3A97F11] - (.Microsoft Corporation - Microsoft Office Outlook.) -- D:\OFFICE11\OUTLOOK.exe [196440] [PID.4492]
[MD5.1872FA6844F7F6938C1D06988E3DE559] - (.WinZip Computing, S.L. - ZipSend Background Service.) -- C:\Program Files\WinZip\zipsendservice.exe [200560] [PID.2688]
[MD5.C8A8321292A459B0A17FB39A782A5C74] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe [806096] [PID.5500]
[MD5.53C62FB3B0BAD66EC2026977D707A2A4] - (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe [116280] [PID.5992]
[MD5.6A8E0E72D390B95EFE3A7FFA17D5C504] - (.RealNetworks, Inc. - RealDownloader.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [232608] [PID.5400]
[MD5.5441332D86DC22B6B3DB50A05FF4E41C] - (.Microsoft Corporation - Microsoft Office Word.) -- D:\Microsoft Office Standard Edition 2003\OFFICE11\WINWORD.exe [12317848] [PID.5912]
[MD5.870DF389D7676EDBB635141336A867C6] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8302080] [PID.3764]
[MD5.53A03FE645237C83074458A17B7F9F81] - (...) -- C:\Windows\SysWOW64\screenSaverX-masBO.scr [4895161] [PID.0]
[MD5.D74884939D53612FD84AC82C59CCFE27] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1512]
[MD5.1247D6B0F35AA93774CFBFD73203D857] - (.AVAST Software - avast! firewall service.) -- C:\Program Files\AVAST Software\Avast\afwServ.exe [113704] [PID.1672]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1608]
[MD5.30E3850F303EAE5C364782EA78579CC9] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624] [PID.1960]
[MD5.171000873EB522E5EA3DD4C4E0B689B2] - (.Hewlett-Packard Development Company, L.P. - HP Quick Launch WMI Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [26680] [PID.2556]
[MD5.7550D101BF49FDB1F92666A233EE36C4] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.2596]
[MD5.B048713587F0C6A85D81BFB2561798A1] - (.Mp3Rocket - Mp3Rocket Toolbar Helper Service.) -- C:\Program Files (x86)\MP3 Rocket Toolbar\MP3RocketSvc.exe [221696] [PID.2636]
[MD5.A0FF419B61AE47E26ADF3BB15DB4F2FE] - (...) -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608] [PID.3000]
[MD5.8631221AC3AF3B09C718DAA1B19EB8DD] - (.Swisscom - Service COM module.) -- C:\Program Files (x86)\Swisscom\Sesam\BIN\SecMIPService.exe [1414440] [PID.3036]
[MD5.52B42D0D13FD2DBEE4599E676B634FF6] - (.Swisscom - Service for Unlimited Data Manager.) -- C:\Program Files (x86)\Swisscom\Unlimited Data Manager\DashBoardS.exe [128296] [PID.2732]
[MD5.9B7EDD3FE7C211C36E921D34D18A3A0A] - (.Hewlett-Packard Company - HP Software Framework WMI Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [1001376] [PID.2652]
~ Processes Running: Scanned in 00mn 04s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Yvan\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js
C:\Users\Yvan\AppData\Roaming\Mozilla\Firefox\Profiles\0\user.js
C:\Users\Yvan\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js
C:\Users\Yvan\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
M3 - MFPP: Plugins - [Yvan] -- C:\Users\Yvan\AppData\Roaming\Mozilla\Firefox\Profiles\0\searchplugins\improvedsearch.xml
M3 - MFPP: Plugins - [Yvan] -- C:\Users\Yvan\AppData\Roaming\Mozilla\Firefox\Profiles\0\searchplugins\WebSearch.xml
~ Firefox Browser: 6 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
~ IE Browser: 22 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Bing Bar Helper [64Bits] - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (...) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (.not file.) =>Toolbar.Bing
~ BHO: 20 Legitimates Filtered in 00mn 01s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
O3 - Toolbar: Google Toolbar [64Bits] - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
O3 - Toolbar: WOT [64Bits] - [HKLM]{71576546-354D-41c9-AAE8-31F2EC22BF0D} . (...) -- C:\Program Files (x86)\WOT\WOT.dll
O3 - Toolbar: avast! Online Security [64Bits] - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{71576546-354D-41C9-AAE8-31F2EC22BF0D} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\QuickLaunch [Yvan]: AllMusicConverter Media Suite.lnk . (...) -- C:\Program Files (x86)\AllMusicConverter Media Suite\AMCMediaSuite.exe
O4 - GS\QuickLaunch [Yvan]: AllMusicConverter.lnk . (.Sound - Sound Module.) -- C:\Program Files (x86)\AllMusicConverter\AllMusicConverter.exe
O4 - GS\QuickLaunch [Yvan]: BitTorrent.lnk . (.BitTorrent Inc. - BitTorrent.) -- C:\Users\Yvan\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
O4 - GS\QuickLaunch [Yvan]: Disk Burner.lnk . (...) -- C:\Program Files (x86)\Disk Burner\DiskBurner.exe
O4 - GS\QuickLaunch [Yvan]: Easy Audio Cutter.lnk . (.Koyote Soft - Pas de description.) -- C:\Program Files (x86)\Free mp3 Wma Converter\Easy Audio Cutter\AudioCutter.exe
O4 - GS\QuickLaunch [Yvan]: Free CD Ripper.lnk . (.Koyote Soft - FreeCDRipper.) -- C:\Program Files (x86)\Free mp3 Wma Converter\Free CD Ripper\FreeCDRipper.exe
O4 - GS\QuickLaunch [Yvan]: Free Mp3 Wma Converter.lnk . (...) -- C:\Program Files (x86)\Free mp3 Wma Converter\FreeConverter\FreeConverter.exe (.not file.)
O4 - GS\QuickLaunch [Yvan]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Yvan]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [Yvan]: My Swisscom Assistant.lnk . (.Swisscom (Schweiz) AG - My Swisscom Assistant.) -- C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe
O4 - GS\QuickLaunch [Yvan]: RadioGet.lnk . (...) -- C:\Program Files (x86)\RadioGet\RadioGet.exe
O4 - GS\QuickLaunch [Yvan]: RipTiger.lnk . (...) -- C:\Program Files (x86)\RipTiger\RipTiger.exe
O4 - GS\QuickLaunch [Yvan]: TuneGet.lnk . (...) -- C:\Program Files (x86)\TuneGet\TuneGet.exe
O4 - GS\QuickLaunch [Yvan]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Yvan\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\TaskBar [Yvan]: AllMusicConverter.lnk . (.Sound - Sound Module.) -- C:\Program Files (x86)\AllMusicConverter\AllMusicConverter.exe
O4 - GS\TaskBar [Yvan]: BeoConnect - Copie.lnk . (.Acresso Software Inc. - InstallShield.) -- C:\Windows\Installer\{976F02B0-3E82-4A10-BCD9-A45426497DD1}\NewShortcut5_FC79E8EE66C3484C8753CC2B524D8AE0.exe
O4 - GS\TaskBar [Yvan]: Démarrer My Swisscom Assistant.lnk . (.Swisscom (Schweiz) AG - My Swisscom Assistant.) -- C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe
O4 - GS\TaskBar [Yvan]: HP MediaSmart.lnk . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (.not file.)
O4 - GS\TaskBar [Yvan]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [Yvan]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Yvan]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Global Startup: 77 Legitimates Filtered in 00mn 06s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: Bluetooth.lnk . (...) -- C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe (.not file.)
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe
O4 - HKLM\..\Run: [HPWirelessAssistant] . (...) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe
O4 - HKLM\..\Run: [SmartMenu] . (.Pas de propriétaire - SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\RunOnce: [NCPluginUpdater] . (.Hewlett-Packard - NCPluginUpdater.) -- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
O4 - HKCU\..\Run: [BeoConnect] . (...) -- D:\Program Files (x86)\Bang & Olufsen\BeoConnect\BeoConnect.exe
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (.not file.)
O4 - HKCU\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Yvan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
O4 - HKCU\..\Run: [Spotify] . (.Spotify Ltd - Spotify.) -- C:\Users\Yvan\AppData\Roaming\Spotify\spotify.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] . (.Apple Inc. - Apple Photostreams Uploader Executable.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [AmazonMP3DownloaderHelper] . (...) -- C:\Users\Yvan\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
O4 - HKCU\..\Run: [NextLive] C:\Users\Yvan\AppData\Roaming\newnext.me\nengine.dll (.not file.)
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [NBAgent] . (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
O4 - HKLM\..\Wow6432Node\Run: [Swisscom Quick Help] . (.Swisscom - Swisscom Quick Help.) -- D:\Swisscom\Quick Help\SwisscomQuickHelp.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [Dashboard] Clé orpheline
O4 - HKLM\..\Wow6432Node\Run: [UDM] . (.Swisscom - GUI for Unlimited Data Manager.) -- C:\Program Files (x86)\Swisscom\Unlimited Data Manager\LscaGui.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [HP Quick Launch] . (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe =>.RealNetworks, Inc
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- D:\itunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [20131121] . (.AVAST Software - avast! Emergency Update.) -- C:\Program Files\AVAST Software\Avast\setup\emupdate\d9914598-1778-4f71-99d6-affdefc845c7.exe
O4 - HKLM\..\Wow6432Node\Run: [My Swisscom Assistant] . (.Swisscom (Schweiz) AG - My Swisscom Assistant.) -- C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\RunOnce: [!BingBar] . (.Microsoft Corporation - Bing Bar Setup.) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0oemBingBarSetup-Partner.exe =>Toolbar.Bing
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-243810060-2880268011-3684205397-1000\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
O4 - HKUS\S-1-5-21-243810060-2880268011-3684205397-1000\..\Run: [BeoConnect] . (...) -- D:\Program Files (x86)\Bang & Olufsen\BeoConnect\BeoConnect.exe
O4 - HKUS\S-1-5-21-243810060-2880268011-3684205397-1000\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (.not file.)
O4 - HKUS\S-1-5-21-243810060-2880268011-3684205397-1000\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Yvan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
O4 - HKUS\S-1-5-21-243810060-2880268011-3684205397-1000\..\Run: [Spotify] . (.Spotify Ltd - Spotify.) -- C:\Users\Yvan\AppData\Roaming\Spotify\spotify.exe
O4 - HKUS\S-1-5-21-243810060-2880268011-3684205397-1000\..\Run: [ApplePhotoStreams] . (.Apple Inc. - Apple Photostreams Uploader Executable.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKUS\S-1-5-21-243810060-2880268011-3684205397-1000\..\Run: [AmazonMP3DownloaderHelper] . (...) -- C:\Users\Yvan\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
O4 - HKUS\S-1-5-21-243810060-2880268011-3684205397-1000\..\Run: [NextLive] C:\Users\Yvan\AppData\Roaming\newnext.me\nengine.dll (.not file.)
O4 - HKUS\S-1-5-21-243810060-2880268011-3684205397-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
~ Application: Scanned in 00mn 01s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 [64Bits] - {25510184-5A38-4A99-B273-DCA8EEF6CD08} . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\Resources\Icons\HP.ico
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 [64Bits] - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
O9 - Extra button: Free YouTube Download [64Bits] - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -- C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\dvdvideosoft.ico (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{0A905AC5-7E80-4A87-A810-5BED32F732CC}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{0A905AC5-7E80-4A87-A810-5BED32F732CC}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{0A905AC5-7E80-4A87-A810-5BED32F732CC}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wot [64Bits] - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} . (...) -- C:\Program Files\WOT\WOT.dll
O18 - Filter: text/xml [64Bits] - {807553E5-5146-11D5-A672-00B0D022E945} . (...) --
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - ,C:\Program Files (x86)\COMMON~1\JAKSTA~1\AUDIOC~1\JAUDCA~1.dll (.not file.)
~ AppInit DLL: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Mp3Rocket Toolbar Helper (Mp3Rocket Toolbar Helper) . (.Mp3Rocket - Mp3Rocket Toolbar Helper Service.) - C:\Program Files (x86)\MP3 Rocket Toolbar\MP3RocketSvc.exe
O23 - Service: Sesam Control Service (SesamService) . (.Swisscom - Service COM module.) - C:\Program Files (x86)\Swisscom\Sesam\BIN\SecMIPService.exe
O23 - Service: UDM Service (UDM Service) . (.Swisscom - Service for Unlimited Data Manager.) - C:\Program Files (x86)\Swisscom\Unlimited Data Manager\DashBoardS.exe
O23 - Service: Update SecretSauce (Update SecretSauce) . (...) - C:\Program Files (x86)\SecretSauce\updateSecretSauce.exe (.not file.) =>Adware.SecretSauce
~ Services: 22 Legitimates Filtered in 00mn 09s



---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [Express Files Updater] (...) -- C:\Program Files (x86)\ExpressFiles\EFupdater.exe (.not file.) [0] =>Adware.ExpressFiles
[MD5.00000000000000000000000000000000] [APT] [Express FilesUpdate] (...) -- C:\Program Files (x86)\ExpressFiles\EFUpdater.exe (.not file.) [0] =>Adware.ExpressFiles
[MD5.00000000000000000000000000000000] [APT] [Scheduled Update for Ask Toolbar] (...) -- C:\Program Files (x86)\Ask.com\UpdateTask.exe (.not file.) [0] =>Toolbar.Ask
[MD5.24C2479FE210E0FC084C5C59EC573655] [APT] [{3B712F24-89E6-4F92-8B6F-CE43FEFA5F17}] (.Swisscom.) -- D:\Swisscom\Quick Help\FFAddOnInstall.exe [1657808]
[MD5.527E642ED37B05C06F138CFEDB508B2D] [APT] [{59E38BC3-5EBE-49E1-AE53-0AD1B212FFFE}] (...) -- D:\Program Files (x86)\Bang & Olufsen\BeoConnect\BeoConnect.exe [2076672]
[MD5.527E642ED37B05C06F138CFEDB508B2D] [APT] [{603145A9-F53B-4842-B10D-58CCDF98A5F8}] (...) -- D:\Program Files (x86)\Bang & Olufsen\BeoConnect\BeoConnect.exe [2076672]
[MD5.00000000000000000000000000000000] [APT] [{77D5DAA7-FCCA-40B2-BE3B-5F8FCDEBF2EB}] (...) -- E:\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A67BFCA9-E180-4A87-9F17-5828A157A749}] (...) -- C:\Users\Yvan\Pictures\BeoStar_ScreenSaver.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{C2D0DEBA-E5B8-41D5-9187-CFD4614731CD}] (...) -- E:\SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{C634FE53-2DF6-44AD-8CD6-2AF804887D49}] (...) -- E:\FILES\OWC10\SETUP.exe (.not file.) [0]
[MD5.527E642ED37B05C06F138CFEDB508B2D] [APT] [{FC07A4F1-6B89-490A-A767-217AACE086E4}] (...) -- D:\Program Files (x86)\Bang & Olufsen\BeoConnect\BeoConnect.exe [2076672]
~ Scheduled Task: 33 Legitimates Filtered in 00mn 09s



---\\ Logiciels installés (O42)
O42 - Logiciel: BrowseToSave - (...) [HKLM][64Bits] -- {B6829CF1-0AC6-49F8-AB13-42E46D61BE07} =>Adware.Browse2Save
~ Logic: 25 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\5b2d7de]
[HKCU\Software\Bang & Olufsen]
[HKCU\Software\BearShare] =>PUP.BearShare
[HKCU\Software\Disk Burner]
[HKCU\Software\GinoPlayer]
[HKCU\Software\ImprovedSearch]
[HKCU\Software\IncrediMail]
[HKCU\Software\ParetoLogic] =>PUP.Paretologic
[HKCU\Software\RadioGet]
[HKCU\Software\TuneGet]
[HKCU\Software\wscontb]
[HKLM\Software\ABP_InstallChecker]
[HKLM\Software\WNLT] =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\ABP_InstallChecker]
[HKLM\Software\Wow6432Node\Disk Burner]
[HKLM\Software\Wow6432Node\FunStore]
[HKLM\Software\Wow6432Node\IncrediMail]
[HKLM\Software\Wow6432Node\Mp3Rocket]
[HKLM\Software\Wow6432Node\ParetoLogic] =>PUP.Paretologic
[HKLM\Software\Wow6432Node\RadioGet]
[HKLM\Software\Wow6432Node\TuneGet]
[HKLM\Software\Wow6432Node\b1.org]
[HKLM\Software\b1.org]
~ Key Software: 326 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 29.04.2011 - 18:15:48 - [53.091] ----D C:\Program Files (x86)\1Step DVD Copy
O43 - CFD: 29.04.2011 - 18:15:52 - [81.006] ----D C:\Program Files (x86)\Disk Burner
O43 - CFD: 11.04.2013 - 03:45:03 - [1.511] ----D C:\Program Files (x86)\FunSpace
O43 - CFD: 30.04.2011 - 00:56:48 - [1.272] ----D C:\Program Files (x86)\MP3 Rocket Toolbar
O43 - CFD: 29.04.2011 - 18:15:41 - [43.475] ----D C:\Program Files (x86)\RadioGet
O43 - CFD: 15.12.2013 - 10:32:34 - [0] ----D C:\Program Files (x86)\SecretSauce =>Adware.SecretSauce
O43 - CFD: 29.04.2011 - 18:15:35 - [33.612] ----D C:\Program Files (x86)\TuneGet
O43 - CFD: 11.07.2012 - 17:20:05 - [0.004] ----D C:\ProgramData\5AE
O43 - CFD: 23.11.2013 - 21:01:51 - [3.258] ----D C:\ProgramData\InstallMate =>PUP.Tarma
O43 - CFD: 16.12.2013 - 21:48:05 - [0] ----D C:\ProgramData\ParetoLogic =>PUP.Paretologic
O43 - CFD: 26.10.2013 - 11:24:45 - [87.730] ----D C:\ProgramData\UDM
O43 - CFD: 26.08.2011 - 13:29:59 - [24.215] ----D C:\ProgramData\UDM_17491
O43 - CFD: 11.04.2013 - 19:14:58 - [0.006] ----D C:\ProgramData\VKMusicUpd
O43 - CFD: 28.12.2013 - 11:19:55 - [0.783] ----D C:\ProgramData\WtDashboard
O43 - CFD: 27.04.2011 - 20:56:05 - [16.483] --H-D C:\ProgramData\{29743D82-2C4D-42EE-B3FB-322806E3E245}
O43 - CFD: 11.12.2013 - 21:08:21 - [30.242] --H-D C:\ProgramData\{389E09AA-EF44-4B51-8C27-5603B515A083}
O43 - CFD: 10.02.2012 - 15:23:45 - [430.363] ----D C:\Users\Yvan\AppData\Roaming\BeoConnect
O43 - CFD: 06.06.2012 - 16:20:24 - [0.001] ----D C:\Users\Yvan\AppData\Roaming\BeoMediaDatabase
O43 - CFD: 11.12.2013 - 21:09:04 - [0.026] ----D C:\Users\Yvan\AppData\Roaming\EurekaLab s.a.s
O43 - CFD: 04.06.2013 - 16:54:01 - [0.010] ----D C:\Users\Yvan\AppData\Roaming\Freecorder 8 Audio =>Riskware.Movly
O43 - CFD: 04.06.2013 - 17:08:34 - [0.010] ----D C:\Users\Yvan\AppData\Roaming\Freecorder 8 Screen =>Riskware.Movly
O43 - CFD: 04.06.2013 - 17:16:06 - [0.010] ----D C:\Users\Yvan\AppData\Roaming\Freecorder 8 Torrent =>Riskware.Movly
O43 - CFD: 19.11.2011 - 22:59:59 - [0.888] ----D C:\Users\Yvan\AppData\Roaming\FreeFox
O43 - CFD: 04.06.2013 - 17:24:42 - [1.159] ----D C:\Users\Yvan\AppData\Roaming\MP3Rocket
O43 - CFD: 15.12.2013 - 23:45:00 - [0.004] ----D C:\Users\Yvan\AppData\Roaming\newnext.me
O43 - CFD: 16.12.2013 - 20:38:10 - [0.126] ----D C:\Users\Yvan\AppData\Roaming\ParetoLogic =>PUP.Paretologic
O43 - CFD: 11.04.2013 - 14:01:08 - [0.003] ----D C:\Users\Yvan\AppData\Roaming\Rambler
O43 - CFD: 11.04.2013 - 14:02:05 - [0.252] ----D C:\Users\Yvan\AppData\Roaming\VKMusic
O43 - CFD: 04.06.2013 - 17:16:05 - [1.610] ----D C:\Users\Yvan\AppData\Local\Freecorder 8 Torrent =>Riskware.Movly
O43 - CFD: 14.12.2013 - 04:31:47 - [1.224] ----D C:\Users\Yvan\AppData\Local\genienext
O43 - CFD: 07.11.2013 - 11:25:17 - [6.994] ----D C:\Users\Yvan\AppData\Local\Program Files
O43 - CFD: 11.04.2013 - 14:01:50 - [0] ----D C:\Users\Yvan\AppData\Local\Rambler
O43 - CFD: 08.07.2013 - 21:20:17 - [0.005] ----D C:\Users\Yvan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter =>Crapware.SpyHunter
~ Program Folder: 247 Legitimates Filtered in 04mn 21s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.AD12F5C7251BB8D575D560894E73CBBA] - 13.12.2013 - 23:01:42 ---A- . (.Wondershare - Wondershare Virtual Audio Device.) -- C:\Windows\System32\Drivers\WsAudioDevice_383S(1).sys [29288]
O44 - LFC:[MD5.FA861E0D5312B075BC4E4CD2A117384C] - 15.12.2013 - 23:45:04 ----- . (...) -- C:\spyhunter.log [65431] =>Crapware.SpyHunter
O44 - LFC:[MD5.0259E953EC0A31910A10ECC5310D02AA] - 16.12.2013 - 07:51:20 ---A- . (...) -- C:\sh4_service.log [962920]
O44 - LFC:[MD5.F127EF2A0F4899C50CEE980F0C21545A] - 16.12.2013 - 19:56:27 ---A- . (...) -- C:\Windows\IE11_main.log [12641]
O44 - LFC:[MD5.0669929238083B3C00B17DBC3D35C516] - 28.12.2013 - 11:35:23 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [26192]
O44 - LFC:[MD5.0669929238083B3C00B17DBC3D35C516] - 28.12.2013 - 11:35:23 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [26192]
~ Files: 25 Legitimates Filtered in 00mn 58s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.001ED1CF0129CD7194CD72DEA4F93C2B] - 12.12.2013 - 08:07:17 ---A- - C:\Windows\Prefetch\SETUPADMIN.EXE-ED3482D1.pf
O45 - LFCP:[MD5.B5950ECC187A215B9035A0ED6DD5EA73] - 18.12.2013 - 15:01:45 ---A- - C:\Windows\Prefetch\DASHBOARDS.EXE-AA000D84.pf
O45 - LFCP:[MD5.75C1A06960EBCA97E60BA4FBCBC76A71] - 18.12.2013 - 16:00:43 ---A- - C:\Windows\Prefetch\MP3ROCKETSVC.EXE-DF77B78C.pf
O45 - LFCP:[MD5.7FC2FF86855740550F9A69540D86AE91] - 26.12.2013 - 17:05:10 ---A- - C:\Windows\Prefetch\BTITUNESPLUGIN.EXE-99726FA0.pf
O45 - LFCP:[MD5.3722049219C87B54536E5B5A52A166DE] - 26.12.2013 - 17:16:55 ---A- - C:\Windows\Prefetch\BEOCONNECT.EXE-D86D9844.pf
O45 - LFCP:[MD5.02443AEE6373F5676AD125D113612CD4] - 26.12.2013 - 20:54:01 ---A- - C:\Windows\Prefetch\YCMMIRAGE.EXE-3AAE7FF2.pf
O45 - LFCP:[MD5.94876DD567F063195E8FFA78E0C68D0F] - 28.12.2013 - 11:13:26 ---A- - C:\Windows\Prefetch\SWISSCOMQUICKHELP.EXE-6A971DF8.pf
O45 - LFCP:[MD5.D91A6B121CBF7ECB9A9350768A27FBC3] - 28.12.2013 - 11:13:27 ---A- - C:\Windows\Prefetch\LSCAGUI.EXE-B967D785.pf
O45 - LFCP:[MD5.6F361320CEC1ABB490C841C1EFB812AB] - 28.12.2013 - 11:21:55 ---A- - C:\Windows\Prefetch\SPOTIFY.EXE-EBEC82A7.pf
O45 - LFCP:[MD5.6CEE8A2BD4D03E740679F88EFCBC6DDE] - 28.12.2013 - 11:22:07 ---A- - C:\Windows\Prefetch\ZIPSENDSERVICE.EXE-5D06B041.pf
~ Prefetcher: 124 Legitimates Filtered in 00mn 03s



---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{b0ae09f1-cfde-11e0-9fda-cc52af163bf2}\AutoRun\command. (...) -- G:\Start.exe (.not file.)
O51 - MPSK:{d2f6b8d0-cfdf-11e0-b77b-cc52af163bf2}\AutoRun\command. (...) -- G:\Start.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Aimersoft Helper Compact.exe [Key] . (...) -- C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Allin1Convert_8h Browser Plugin Loader 64 [Key] . (...) -- C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbrmon64.exe (.not file.) =>Adware.Allin1Convert
O53 - SMSR:HKLM\...\startupreg\ExpressFiles [Key] . (...) -- C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe (.not file.) =>Adware.ExpressFiles
O53 - SMSR:HKLM\...\startupreg\mobilegeni daemon [Key] . (...) -- C:\Program Files (x86)\Mobogenie\DaemonProcess.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Wondershare Helper Compact.exe [Key] . (.Wondershare - Wondershare Studio.) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
~ SMSR Keys: 5 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
~ MWPS: 17 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.C65A3C67630A67A97AD26C21173BA61E] - 01.06.2013 - 12:56:58 ---A- . (.Wondershare - Wondershare Virtual Audio Device.) -- C:\Windows\System32\Drivers\Apowersoft_AudioDevice.sys [31920]
O58 - SDL:[MD5.C04F7B373881009D7994D9BF55D24AB4] - 21.10.2013 - 17:05:02 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776]
O58 - SDL:[MD5.F87990FDBDD4DC037343A80BD7E67538] - 21.10.2013 - 17:04:23 ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\Drivers\aswTap.sys [44640]
O58 - SDL:[MD5.90399625F341AB76BA4B85A5E860EB1F] - 25.12.2013 - 13:24:15 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [207904]
O58 - SDL:[MD5.9573E8C7C3B3D1625FD941841FD0859C] - 24.06.2010 - 21:32:52 ---A- . (.Windows (R) Win 7 DDK provider - CyberLink WebCam Virtual Driver.) -- C:\Windows\System32\Drivers\clwvd.sys [32880]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14.07.2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.3B32CAA07D672F8A2E0DF5CB3A873F45] - 22.06.2012 - 11:01:32 ---A- . (...) -- C:\Windows\System32\Drivers\EsgScanner.sys [22704]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10.06.2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.7520B0895B12AB785936C50621E27351] - 31.03.2011 - 23:56:28 ---A- . (.Windows (R) Codename Longhorn DDK provider - Support Device.) -- C:\Windows\System32\Drivers\MusCAudio.sys [34040]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14.07.2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:[MD5.E0428C27010305E3C54315BE7078725B] - 09.06.2010 - 10:06:18 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\Drivers\stwrt64.sys [515584]
O58 - SDL:[MD5.3C23BE0DAD748BAE77E87F18F34EBA0E] - 30.04.2013 - 09:51:09 ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [40616]
O58 - SDL:[MD5.C9E9D59C0099A9FF51697E9306A44240] - 13.12.2012 - 13:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:[MD5.AD12F5C7251BB8D575D560894E73CBBA] - 30.05.2013 - 13:56:28 ---A- . (.Wondershare - Wondershare Virtual Audio Device.) -- C:\Windows\System32\Drivers\WsAudioDevice_383S(1).sys [29288]
O58 - SDL:[MD5.F7ADA10CF0F02435B1C9E5C6FD0EC3A4] - 20.07.2009 - 15:32:06 ---A- . (.Swisscom - WtSmpAdap NDIS Miniport Driver.) -- C:\Windows\System32\Drivers\wtsmpadap.sys [56104]
O58 - SDL:[MD5.4B604168F293A6AD8CE56B528E4DAD14] - 20.07.2009 - 15:32:06 ---A- . (.Swisscom - Sesam intermediate driver.) -- C:\Windows\System32\Drivers\wtsmpflt.sys [384808]
O58 - SDL:[MD5.7520B0895B12AB785936C50621E27351] - 31.03.2011 - 23:56:28 ---A- . (.Windows (R) Codename Longhorn DDK provider - Support Device.) -- C:\Windows\System32\MusCAudio.sys [34040]
~ Drivers: 17 Legitimates Filtered in 00mn 04s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 25.12.2013 - 11:54:14 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Launcher.exe-2013-12-25-10-54-25.sil [6365]
O61 - LFC: 25.12.2013 - 11:54:31 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Repair.exe-2013-12-25-10-23-05.sil [6900]
O61 - LFC: 25.12.2013 - 11:54:31 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Repair.exe-2013-12-25-10-30-21.sil [36]
O61 - LFC: 25.12.2013 - 11:54:31 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Repair.exe-2013-12-25-10-32-17.sil [36]
O61 - LFC: 25.12.2013 - 11:54:31 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Repair.exe-2013-12-25-10-55-24.sil [612]
O61 - LFC: 25.12.2013 - 11:54:31 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Repair.exe-2013-12-25-11-01-26.sil [36]
O61 - LFC: 25.12.2013 - 11:54:31 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Repair.exe-2013-12-25-11-33-46.sil [36]
O61 - LFC: 25.12.2013 - 11:54:31 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Repair.exe-2013-12-25-12-33-07.sil [612]
O61 - LFC: 25.12.2013 - 11:54:50 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\SwisscomQuickHelp.exe-2013-12-25-10-26-01.sil [7812]
O61 - LFC: 25.12.2013 - 11:54:50 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\SwisscomQuickHelp.exe-2013-12-25-10-52-36.sil [1764]
O61 - LFC: 25.12.2013 - 11:54:50 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\SwisscomQuickHelp.exe-2013-12-25-10-56-46.sil [36]
O61 - LFC: 25.12.2013 - 11:54:51 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\SwisscomQuickHelp.exe-2013-12-25-12-41-38.sil [1764]
O61 - LFC: 26.12.2013 - 11:54:14 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Launcher.exe-2013-12-26-13-51-38.sil [6365]
O61 - LFC: 26.12.2013 - 11:54:14 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Launcher.exe-2013-12-26-17-21-09.sil [6365]
O61 - LFC: 26.12.2013 - 11:54:14 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Launcher.exe-2013-12-26-17-45-03.sil [4]
O61 - LFC: 26.12.2013 - 11:54:14 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Launcher.exe-2013-12-26-18-12-47.sil [4]
O61 - LFC: 26.12.2013 - 11:54:14 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Launcher.exe-2013-12-26-19-36-18.sil [4]
O61 - LFC: 26.12.2013 - 11:54:14 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Launcher.exe-2013-12-26-19-36-29.sil [4]
O61 - LFC: 26.12.2013 - 11:54:14 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Launcher.exe-2013-12-26-19-36-51.sil [4]
O61 - LFC: 26.12.2013 - 11:54:14 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Launcher.exe-2013-12-26-19-36-55.sil [4]
O61 - LFC: 26.12.2013 - 11:54:14 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Launcher.exe-2013-12-26-19-37-23.sil [4]
O61 - LFC: 26.12.2013 - 11:54:14 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Launcher.exe-2013-12-26-19-40-06.sil [4]
O61 - LFC: 26.12.2013 - 11:54:14 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Launcher.exe-2013-12-26-19-40-11.sil [4]
O61 - LFC: 26.12.2013 - 11:54:31 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Repair.exe-2013-12-26-13-45-28.sil [6324]
O61 - LFC: 26.12.2013 - 11:54:31 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Repair.exe-2013-12-26-13-45-30.sil [6324]
O61 - LFC: 26.12.2013 - 11:54:31 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Repair.exe-2013-12-26-13-45-30a.sil [6324]
O61 - LFC: 26.12.2013 - 11:54:31 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Repair.exe-2013-12-26-13-45-34.sil [36]
O61 - LFC: 26.12.2013 - 11:54:31 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Repair.exe-2013-12-26-13-45-35.sil [36]
O61 - LFC: 26.12.2013 - 11:54:31 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Repair.exe-2013-12-26-13-45-36.sil [36]
O61 - LFC: 26.12.2013 - 11:54:31 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Repair.exe-2013-12-26-13-45-37.sil [6324]
O61 - LFC: 26.12.2013 - 11:54:31 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Repair.exe-2013-12-26-17-45-09.sil [6900]
O61 - LFC: 26.12.2013 - 11:54:31 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Repair.exe-2013-12-26-17-55-07.sil [612]
O61 - LFC: 26.12.2013 - 11:54:31 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Repair.exe-2013-12-26-18-00-14.sil [612]
O61 - LFC: 26.12.2013 - 11:54:31 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Repair.exe-2013-12-26-18-33-08.sil [36]
O61 - LFC: 26.12.2013 - 11:54:31 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Repair.exe-2013-12-26-18-41-45.sil [36]
O61 - LFC: 26.12.2013 - 11:54:31 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Repair.exe-2013-12-26-19-32-04.sil [36]
O61 - LFC: 26.12.2013 - 11:54:31 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Repair.exe-2013-12-26-19-33-04.sil [612]
O61 - LFC: 26.12.2013 - 11:54:31 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Repair.exe-2013-12-26-19-35-24.sil [612]
O61 - LFC: 26.12.2013 - 11:54:31 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Repair.exe-2013-12-26-19-36-38.sil [36]
O61 - LFC: 26.12.2013 - 11:54:31 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Repair.exe-2013-12-26-19-36-52.sil [612]
O61 - LFC: 26.12.2013 - 11:54:31 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Repair.exe-2013-12-26-19-37-51.sil [36]
O61 - LFC: 26.12.2013 - 11:54:31 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Repair.exe-2013-12-26-19-40-03.sil [36]
O61 - LFC: 26.12.2013 - 11:54:31 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Repair.exe-2013-12-26-19-42-35.sil [612]
O61 - LFC: 26.12.2013 - 11:54:31 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Repair.exe-2013-12-26-19-42-44.sil [612]
O61 - LFC: 26.12.2013 - 11:54:31 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\MySwisscomAssistant_Repair.exe-2013-12-26-19-43-10.sil [36]
O61 - LFC: 26.12.2013 - 11:54:51 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\SwisscomQuickHelp.exe-2013-12-26-13-46-59.sil [7812]
O61 - LFC: 26.12.2013 - 11:54:51 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\SwisscomQuickHelp.exe-2013-12-26-17-33-49.sil [7812]
O61 - LFC: 26.12.2013 - 11:54:51 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\SwisscomQuickHelp.exe-2013-12-26-17-55-45.sil [36]
O61 - LFC: 26.12.2013 - 11:54:51 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\SwisscomQuickHelp.exe-2013-12-26-18-17-12.sil [1764]
O61 - LFC: 26.12.2013 - 11:54:51 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\SwisscomQuickHelp.exe-2013-12-26-18-48-09.sil [36]
O61 - LFC: 26.12.2013 - 11:54:51 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\SwisscomQuickHelp.exe-2013-12-26-19-22-39.sil [1764]
O61 - LFC: 26.12.2013 - 11:54:51 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\SwisscomQuickHelp.exe-2013-12-26-19-24-51.sil [36]
O61 - LFC: 26.12.2013 - 11:54:51 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\SwisscomQuickHelp.exe-2013-12-26-19-32-18.sil [36]
O61 - LFC: 26.12.2013 - 11:54:51 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\SwisscomQuickHelp.exe-2013-12-26-19-35-19.sil [36]
O61 - LFC: 26.12.2013 - 11:54:51 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\SwisscomQuickHelp.exe-2013-12-26-19-35-45.sil [36]
O61 - LFC: 26.12.2013 - 11:54:51 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\SwisscomQuickHelp.exe-2013-12-26-19-36-46.sil [36]
O61 - LFC: 26.12.2013 - 11:54:51 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\SwisscomQuickHelp.exe-2013-12-26-19-37-43.sil [36]
O61 - LFC: 26.12.2013 - 11:54:51 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\SwisscomQuickHelp.exe-2013-12-26-19-37-57.sil [36]
O61 - LFC: 26.12.2013 - 11:54:51 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\SwisscomQuickHelp.exe-2013-12-26-19-42-46.sil [36]
O61 - LFC: 26.12.2013 - 11:54:51 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\SwisscomQuickHelp.exe-2013-12-26-19-43-05.sil [36]
O61 - LFC: 26.12.2013 - 11:54:51 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\SwisscomQuickHelp.exe-2013-12-26-20-02-58.sil [7812]
O61 - LFC: 26.12.2013 - 11:54:51 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\SwisscomQuickHelp.exe-2013-12-26-20-03-49.sil [1764]
O61 - LFC: 26.12.2013 - 11:56:51 ---A- . (...) -- C:\Users\Yvan\AppData\Roaming\EurekaLab s.a.s\EurekaLog\Bug Reports\MySwisscomAssistant_Repair.exe\MySwisscomAssistant_Repair_BOY-HP.el [27754]
O61 - LFC: 26.12.2013 - 11:58:39 ---A- . (.Yvan.) -- C:\Users\Yvan\Documents\Traduction de la chemise en cape.doc [24576]
O61 - LFC: 28.12.2013 - 11:54:51 ---A- . (...) -- C:\Users\Yvan\AppData\Local\swisscom\SwisscomQuickHelp.exe-2013-12-28-10-27-59.sil [7812]
O61 - LFC: 28.12.2013 - 11:56:48 ---A- . (...) -- C:\Users\Yvan\AppData\Roaming\BeoConnect\Settings.xml [947]
O61 - LFC: 28.12.2013 - 11:58:31 ---A- . (...) -- C:\Users\Yvan\AppData\Roaming\ZHP\Log.txt [21521] =>.Nicolas Coolman
O61 - LFC: 28.12.2013 - 11:58:31 ---A- . (...) -- C:\Users\Yvan\AppData\Roaming\ZHP\TestsZHPDiag.txt [2827] =>.Nicolas Coolman
O61 - LFC: 28.12.2013 - 11:58:33 ---A- . (...) -- C:\Users\Yvan\Documents\Amazon MP3\logs\AMDHelperLog.txt [39058]
~ 46 Fichiers temporaires (Temporary files)
~ Files: 555 Legitimates Filtered in 37mn 58s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.DEBD7582B76FE11CDFAB575653D71A96] [SPRF][16.12.2013] (...) -- C:\Users\Yvan\AppData\Local\Temp\SHSetup.exe [46777424] =>Crapware.SpyHunter
~ Files: 3 Legitimates Filtered in 00mn 04s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{D2CB88BE-7B11-4BD8-8659-5949EA8B8611}" |In - Public - P6 - TRUE | .(...) -- C:\Users\Yvan\Downloads\MusicConverterSetup.exe (.not file.)
O87 - FAEL: "{E1A0DE85-2A1F-4C3A-8062-249D5EEE7175}" |In - Public - P17 - TRUE | .(...) -- C:\Users\Yvan\Downloads\MusicConverterSetup.exe (.not file.)
O87 - FAEL: "TCP Query User{C90B5FF0-E2DA-49C0-8725-7C5BECA8A431}C:\users\yvan\downloads\mediacrawler\mediacrawler.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\yvan\downloads\mediacrawler\mediacrawler.exe (.not file.)
O87 - FAEL: "UDP Query User{45C90BDC-2CC0-4621-9164-B5025DEE7AF1}C:\users\yvan\downloads\mediacrawler\mediacrawler.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\yvan\downloads\mediacrawler\mediacrawler.exe (.not file.)
O87 - FAEL: "TCP Query User{DECC355C-50A0-4EC7-8C8B-8EF743ECB82E}C:\program files (x86)\1clickdownload\1clickdownloader.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\1clickdownload\1clickdownloader.exe (.not file.) =>PUP.1ClickDownloader
O87 - FAEL: "UDP Query User{8ABABC64-00EE-405B-90EA-D3F911EEF477}C:\program files (x86)\1clickdownload\1clickdownloader.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\1clickdownload\1clickdownloader.exe (.not file.) =>PUP.1ClickDownloader
O87 - FAEL: "{D76978CF-FA42-4857-8605-68FBFA6B9504}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "{74585788-7FD6-4F6E-AEF4-070A604E83BB}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "{99057C58-3A68-496C-9F4C-A5E9D9F53481}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.) =>PUP.Datamngr
O87 - FAEL: "{8E23DCBB-FEAA-44EA-A15A-F22118459914}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.) =>PUP.Datamngr
O87 - FAEL: "{95611710-0129-4346-AC86-3B6CAF50BE9B}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.) =>PUP.Datamngr
O87 - FAEL: "{D4C38FDE-9A9B-42C7-AAA6-C633C49C5260}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.) =>PUP.Datamngr
O87 - FAEL: "{CE5360FC-30BF-4FAD-9D80-D34562C58EFD}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\YourFileDownloader\Downloader.exe (.not file.) =>PUP.YourFileDownloader
O87 - FAEL: "{96C1CB97-5CAA-46D0-AF29-44A52067BE9D}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\YourFileDownloader\Downloader.exe (.not file.) =>PUP.YourFileDownloader
O87 - FAEL: "{A565AD1B-5A94-4E9B-83B3-543E797500B4}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\YourFileDownloader\YourFile.exe (.not file.) =>PUP.YourFileDownloader
O87 - FAEL: "{303F7EF3-994D-4DD7-9E65-5A10613F952A}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\YourFileDownloader\YourFile.exe (.not file.) =>PUP.YourFileDownloader
O87 - FAEL: "TCP Query User{BF98F523-5EB4-48BA-9304-FBE306598CBE}C:\program files (x86)\1clickdownload\1clickdownloader.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\1clickdownload\1clickdownloader.exe (.not file.) =>PUP.1ClickDownloader
O87 - FAEL: "UDP Query User{E9C6EC05-EDFE-47D1-B4F8-7D2868DC9F18}C:\program files (x86)\1clickdownload\1clickdownloader.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\1clickdownload\1clickdownloader.exe (.not file.) =>PUP.1ClickDownloader
O87 - FAEL: "TCP Query User{1A9CF084-B08C-422E-8931-FAF7CC871CFB}C:\program files (x86)\intellidownload\tdl\easydownload.exe" | In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\intellidownload\tdl\easydownload.exe
O87 - FAEL: "UDP Query User{BA8BE533-7371-45BC-B3E8-3BE6AC365A17}C:\program files (x86)\intellidownload\tdl\easydownload.exe" | In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\intellidownload\tdl\easydownload.exe
O87 - FAEL: "TCP Query User{69BF66A7-D58A-415B-8AB9-92734B08C4DB}C:\users\yvan\appdata\local\directdownloader\directdownloader.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\yvan\appdata\local\directdownloader\directdownloader.exe (.not file.) =>PUP.DirectDownloader
O87 - FAEL: "UDP Query User{D5E8495D-6A73-4080-84A5-1B06661DFB36}C:\users\yvan\appdata\local\directdownloader\directdownloader.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\yvan\appdata\local\directdownloader\directdownloader.exe (.not file.) =>PUP.DirectDownloader
O87 - FAEL: "{54B563A4-6249-4172-AD09-300877291FF5}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files (x86)\BearShare Applications\BearShare\BearShare.exe (.not file.) =>PUP.BearShare
O87 - FAEL: "{E57E79BF-78B6-486D-9103-C02228DBEA23}" |In - Domain - P17 - TRUE | .(...) -- C:\Program Files (x86)\BearShare Applications\BearShare\BearShare.exe (.not file.) =>PUP.BearShare
O87 - FAEL: "{8D403D43-C19E-4824-AB0A-230390A20866}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\BearShare Applications\BearShare\BearShare.exe (.not file.) =>PUP.BearShare
O87 - FAEL: "{BE3A9123-2C12-49D9-8076-E2EE89AEAB1C}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\BearShare Applications\BearShare\BearShare.exe (.not file.) =>PUP.BearShare
O87 - FAEL: "TCP Query User{10C3AA01-34FE-4A6D-BFE1-8EE6DF71FC4F}C:\program files (x86)\bearshare applications\bearshare\bearshare.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\bearshare applications\bearshare\bearshare.exe (.not file.) =>PUP.BearShare
O87 - FAEL: "UDP Query User{F031EF7C-6126-4B97-B4AC-4E682D06E54D}C:\program files (x86)\bearshare applications\bearshare\bearshare.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\bearshare applications\bearshare\bearshare.exe (.not file.) =&g
0
Réponse 8 / 53
Utilisateur anonyme
Modifié par Guillaume5188 le 28/12/2013 à 17:18
Bonsoir

merci de procéder comme mentionné

@+

--------Contributeur Sécurité---------
On a tous été un jour débutant dans quelque chose.
Mais le savoir est la récompense de l'assiduité.
0
Réponse 9 / 53
sapmi Messages postés 92 Date d'inscription mercredi 21 août 2013 Statut Membre Dernière intervention 25 novembre 2016 1
29 déc. 2013 à 15:42
Aurais-je fais une erreur? J'ai fait comme vous m'avez dit...
0
Réponse 10 / 53
Utilisateur anonyme
29 déc. 2013 à 15:46
Bonjour

Le rapport n'est pas complet.
Et il est où le lien demandé?

@+
0
Réponse 11 / 53
sapmi Messages postés 92 Date d'inscription mercredi 21 août 2013 Statut Membre Dernière intervention 25 novembre 2016 1
29 déc. 2013 à 23:15
https://pjjoint.malekal.com/files.php?id=ZHPDiag_20131229_n9q14d5y6s9

Voilà ce que pjjoint.malekal.com m'a laissé après que j'aie envoyé le rapport. J'espère que c'est juste cette fois.
0
Réponse 12 / 53
Utilisateur anonyme
29 déc. 2013 à 23:19
Re

1)Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.
Lance le, clique sur [Scanner] puis patiente le temps du scan.
Une fois le scan terminé clique sur le bouton [Nettoyer]
Patiente durant le nettoyage. Lis le message qui apparaît, puis clique sur Ok . Le PC va être redémarré automatiquement et le rapport s'ouvrira à la fin du redémarrage.
Poste le rapport

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt

A lire :
Les toolbars, c'est pas obligatoire ( par Malekal ) :https://forum.malekal.com/viewtopic.php?t=6173&start=
Les programmes potentiellement indésirables :
https://forum.malekal.com/viewtopic.php?t=33776&start=
https://www.malekal.com/adwares-pup-protection/


2) Télécharge Malwaresbytes anti malware ici
https://www.malwarebytes.com/

* Installe le (choisis bien "français" ; ne modifie pas les paramètres d'installe ) et mets le à jour .

* Potasse le tuto pour te familiariser avec le prg :

https://forum.pcastuces.com/sujet.asp?f=31&s=3

(cela dis, il est très simple d'utilisation).

relance Malwaresbytes en suivant scrupuleusement ces consignes :

! Déconnecte toi et ferme toutes applications en cours !

* Lance Malwarebyte's. Sous Vista ;Seven ou Windows 8 (clic droit de la souris « exécuter en tant que administrateur »)

*Procèdes à une mise à jour

*Fais un examen dit "Rapide"

--> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
--> à la fin tu cliques sur "Afficher les résultats" " .
--> Vérifie que tous les objets infectés soient validés, puis clique sur " supprimer la sélection " .

Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !


Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwaresbytes, le dernier en date)

@+

0
Réponse 13 / 53
sapmi Messages postés 92 Date d'inscription mercredi 21 août 2013 Statut Membre Dernière intervention 25 novembre 2016 1
31 déc. 2013 à 09:50
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Version de la base de données: v2013.12.30.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Yvan :: BOY-HP [administrateur]

30.12.2013 12:35:37
mbam-log-2013-12-30 (12-35-37).txt

Type d'examen: Examen complet (C:\|D:\|F:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 1312933
Temps écoulé: 12 heure(s), 40 minute(s), 52 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> Mis en quarantaine et supprimé avec succès.

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 2
C:\Users\Yvan\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Yvan\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Mis en quarantaine et supprimé avec succès.

Fichier(s) détecté(s): 3
C:\Windows\Installer\63680.msi (PUP.Optional.Iminent.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Yvan\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Yvan\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Mis en quarantaine et supprimé avec succès.

(fin)
0
Réponse 14 / 53
sapmi Messages postés 92 Date d'inscription mercredi 21 août 2013 Statut Membre Dernière intervention 25 novembre 2016 1
31 déc. 2013 à 09:52
Oups I did it again! Je me suis trompé, j'ai fait un examen complet. Je ne pensais pas que j'avais aussi long. Mais je voulais être sûr... Voilà... Au fait, Bonne Année !
0
Réponse 15 / 53
sapmi Messages postés 92 Date d'inscription mercredi 21 août 2013 Statut Membre Dernière intervention 25 novembre 2016 1
31 déc. 2013 à 10:42
Je n'ai plus de son sur mon PC depuis, c'est normal?
0
Réponse 16 / 53
Utilisateur anonyme
31 déc. 2013 à 12:22
Bonjour

Et le rapport d'Adwcleaner !!!

@+
0
Réponse 17 / 53
sapmi Messages postés 92 Date d'inscription mercredi 21 août 2013 Statut Membre Dernière intervention 25 novembre 2016 1
31 déc. 2013 à 16:26
https://pjjoint.malekal.com/files.php?id=20131231_o13z6w7l158

Je suis désolé, je suis un peu sur les nerfs avec les fêtes et tous ces problèmes... Voilà le dernier que j'ai eu, l'autre, je ne l'ai pas trouvé...
0
Réponse 18 / 53
Utilisateur anonyme
31 déc. 2013 à 16:30
Re

Poste moi un nouveau rapport ZHPDiag,merci

Pour transmettre le rapport clique sur ce lien :


http://pjjoint.malekal.com/

Si problème utilise un des suivants

https://forums-fec.be/upload
https://www.cjoint.com/


Clique sur Parcourir et cherche le fichier : Nom_complet_du_fichier (Fichier demandé )
Clique sur Ouvrir.

Clique sur "Envoyer le fichier".

Un lien de cette forme :

http://pjjoint.malekal.com/cjlink.php?file=cj200905/cijSKAP5fU.txt

est ajouté dans la page.

Copie ce lien dans ta réponse.

@+
0
Réponse 19 / 53
sapmi Messages postés 92 Date d'inscription mercredi 21 août 2013 Statut Membre Dernière intervention 25 novembre 2016 1
31 déc. 2013 à 19:29
Le voici,

https://pjjoint.malekal.com/files.php?id=ZHPDiag_20131231_l11q9f11g6k6
0
Réponse 20 / 53
Utilisateur anonyme
31 déc. 2013 à 19:36
Re

Utilisation de l'outil ZHPFix :

* Copie tout le texte présent dans l'encadré ci-dessous (tu le sélectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C )

Script ZHPFix
ShortcutFix
[MD5.00000000000000000000000000000000] [APT] [Express Files Updater] (...) -- C:\Program Files (x86)\ExpressFiles\EFupdater.exe (.not file.) [0]
O42 - Logiciel: BrowseToSave - (...) [HKLM][64Bits] -- {B6829CF1-0AC6-49F8-AB13-42E46D61BE07}
[HKCU\Software\BearShare]
O43 - CFD: 23.11.2013 - 21:01:51 - [3.258] ----D C:\ProgramData\InstallMate
O43 - CFD: 04.06.2013 - 16:54:01 - [0.010] ----D C:\Users\Yvan\AppData\Roaming\Freecorder 8 Audio
O43 - CFD: 04.06.2013 - 17:08:34 - [0.010] ----D C:\Users\Yvan\AppData\Roaming\Freecorder 8 Screen
O43 - CFD: 04.06.2013 - 17:16:06 - [0.010] ----D C:\Users\Yvan\AppData\Roaming\Freecorder 8 Torrent
O43 - CFD: 04.06.2013 - 17:16:05 - [1.610] ----D C:\Users\Yvan\AppData\Local\Freecorder 8 Torrent
O43 - CFD: 08.07.2013 - 21:20:17 - [0.005] ----D C:\Users\Yvan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
O53 - SMSR:HKLM\...\startupreg\Allin1Convert_8h Browser Plugin Loader 64 [Key] . (...) -- C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbrmon64.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\ExpressFiles [Key] . (...) -- C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe (.not file.)
[MD5.DEBD7582B76FE11CDFAB575653D71A96] [SPRF][16.12.2013] (...) -- C:\Users\Yvan\AppData\Local\Temp\SHSetup.exe [46777424]
[MD5.22C9E7805145D0A0C4C62DDB591D2DAE] [WIS][27.06.2012] (.Babylon Ltd - BabylonObjectInstaller.) -- C:\Windows\Installer\47acba.msi [353280]
[MD5.31D36F0EBFC088B3516479BF8F97DF56] [WIS][12.01.2013] (.IMinent - IMinent Toolbar.) -- C:\Windows\Installer\63687.msi [1048576]
SR - | Auto 27.06.2013 1025408 | (SpyHunter 4 Service) . (.Enigma Software Group USA, LLC..) - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B6829CF1-0AC6-49F8-AB13-42E46D61BE07}]
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Allin1Convert_8h Browser Plugin Loader 64]
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\ExpressFiles]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\482AA67AD25E6E74E9F48BD5FBE8533C]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9]
[HKLM\SYSTEM\CurrentControlSet\Services\SpyHunter 4 Service]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\436DABD223008E24A8404BFC5C60E20B]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E4E012DC-1925-48E9-8010-2D195574642A}]
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211671166}]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311301136}]
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31111111-1111-1111-1111-110211671166}]
C:\ProgramData\InstallMate
C:\Users\Yvan\AppData\Roaming\Freecorder 8 Audio
C:\Users\Yvan\AppData\Roaming\Freecorder 8 Screen
C:\Users\Yvan\AppData\Roaming\Freecorder 8 Torrent
C:\Users\Yvan\AppData\Local\Freecorder 8 Torrent
C:\Users\Yvan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
C:\Users\Yvan\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\gophoto@gophoto.it.xpi
[HKCU\Software\BearShare]
C:\Users\Yvan\AppData\Local\Temp\SHSetup.exe
C:\Windows\Installer\47acba.msi
C:\Windows\Installer\63687.msi
O4 - GS\TaskBar [Yvan]: WinZip 17.5.lnk . (...) -- C:\Program Files (x86)\WinZip\WINZIP64.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [Dashboard] Clé orpheline
O20 - AppInit_DLLs: . (...) - ,C:\Program Files (x86)\COMMON~1\JAKSTA~1\AUDIOC~1\JAUDCA~1.dll (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{A67BFCA9-E180-4A87-9F17-5828A157A749}] (...) -- C:\Users\Yvan\Pictures\BeoStar_ScreenSaver.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{C634FE53-2DF6-44AD-8CD6-2AF804887D49}] (...) -- E:\FILES\OWC10\SETUP.exe (.not file.) [0]
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
O3 - Toolbar: Bing Bar - [HKLM]{8dcb7100-df86-4384-8842-8fa844297b3f} . (.Microsoft Corporation. - Bing Client Extensions.) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O23 - Service: Mp3Rocket Toolbar Helper (Mp3Rocket Toolbar Helper) . (.Mp3Rocket - Mp3Rocket Toolbar Helper Service.) - C:\Program Files (x86)\MP3 Rocket Toolbar\MP3RocketSvc.exe
O43 - CFD: 30.04.2011 - 00:56:48 - [1.272] ----D C:\Program Files (x86)\MP3 Rocket Toolbar
O90 - PUC: "617DD6FF01B79624F991FF0BA74CDC59" . (.Bing Bar.) -- C:\Windows\Installer\{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}\icon_installer_ico
SS - | Auto 16.12.2013 193696 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe
SR - | Demand 16.12.2013 247968 | (BBUpdate) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe
SR - | Auto 10.03.2011 221696 | (Mp3Rocket Toolbar Helper) . (.Mp3Rocket.) - C:\Program Files (x86)\MP3 Rocket Toolbar\MP3RocketSvc.exe
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\90C64EA18BA25EE488BF80DCF07F2FFD]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888]
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2]
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F}
FirewallRAZ
Emptytemp
EmptyCLSID

--------------------------------------------------------------------------------------------
Lance ZHPFix à partir du raccourci sur ton Bureau (si tu es sous Windows Vista ou Windows 7 ou 8, fais le par un clic-droit --> Exécuter en tant qu'administrateur)

Cliquer sur le bouton Importer. Le contenu du Presse-papier vient se coller dans la zone de saisie de ZHPFix

NB (W8) : Dans certains cas le script se colle automatiquement dans la zone de script et ne nécessite pas de cliquer sur le bouton "IMPORTER".

* Clique sur le bouton GO pour lancer le nettoyage.

-> laisse travailler l'outil et ne touche à rien ...
-> S'il t'est demandé de redémarrer le PC pour finir le nettoyage, fais le !


Une fois terminé, un nouveau rapport s'affiche : poste le contenu de ce dernier dans ta prochaine réponse ...
Ce rapport est copié sur le bureau

( ce rapport est en outre sauvegardé dans ce dossier :
- Pour XP : C:\Documents and Settings\username\Local Settings\Application Data\ZHP
- Depuis Vista : C:\Users\username\AppData\Roaming\ZHP\ZHPFix [R1].txt)



@+
0

Discussions similaires

Clavier bloqué au demarrage :(
Alex -
Pascale -

8 réponses
Instagram "Désolé, une erreur s'est produite"
bananamilk -
cedric.masdeb -

60 réponses
5 bips au demarage de hp
Zak12345 -
Karim -

13 réponses