Win Explorer cesse de foncionner

Túrhop Messages postés 5 Statut Membre -  
 Utilisateur anonyme -
Bonsoir à tous. J'ai un asus eeepc 1101ha, 2gb de ram, win 7 32 bits.

J'ai un problème avec Win explorer. Si je tente de copier des fichiers depuis une clé usb,
Win Explorer s'arrête de fonctionner et redémarre 30 à 40 secondes.

Je suis allé dans les propriétés et les propriétés du système du pc afin d'exclure Explorer pour le redémarrage mais rien ni fait.

Je vous remercie d'avance pour toute aide que vous pourriez m'octroyer.

7 réponses

  1. Utilisateur anonyme
     
    Bonsoir

    Pour de plus amples informations, fait ceci stp

    Ouvre ce lien et télécharge ZHPDiag de Nicolas Coolman :

    https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html

    Ou

    https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/

    en bas de la page ZHP avec un numéro de version.

    Une fois le téléchargement achevé,

    Double-clique sur l'icône pour lancer le programme. Sous Vista ; Seven ou Windows 8 clic droit « exécuter en tant que administrateur »

    Dans la fenêtre ZHPDiag qui vient de s'ouvrir, clique sur "Configurer"

    Clique sur la loupe en bas à gauche avec le signe plus pour lancer l'analyse.

    Laisse l'outil travailler, il peut être assez long.

    Un rapport s'ouvre. Ce rapport se trouve également sur ton bureau

    Pour transmettre le rapport clique sur ce lien:
    http://pjjoint.malekal.com/

    Si problème utilise un des suivants

    https://forums-fec.be/upload
    https://www.cjoint.com/

    Regarde sur le bureau

    Sélectionne le fichier ZHPDiag.txt.

    Clique sur "Cliquez ici pour déposer le fichier".

    Un lien de cette forme :

    http://www.cijoint.com/cjlink.php?file=cj200905/cijSKAP5fU.txt

    est ajouté dans la page.

    Copie ce lien dans ta réponse.

    Merci

    @+
    0
  2. Túrhop Messages postés 5 Statut Membre
     
    Bonjour es merci pour ton aide. Je t'envois le liens pour le rapport.

    https://pjjoint.malekal.com/files.php?id=20140122_k12q10r13t10x11

    Je te copie aussi ds ce message le rapport.... je ne sais pas bien si je fais bien...

    On ce rattrape. Turop

    ~ Report of ZHPDiag v2014.1.17.19 - Nicolas Coolman (17/01/2014)
    ~ Launched by Yhouè (21/01/2014 20:45:45)
    ~ Web site address : https://nicolascoolman.webs.com/
    ~ Free support forums for disinfection : https://nicolascoolman.webs.com/
    ~ Translated by
    ~ Version State :
    ~ White List : Activate by program
    ~ Elevation of privilege : OK
    ~ User Account Control : Deactivate by user

    ---\\ Internet browsers
    MSIE: Internet Explorer v11.0.9600.16476
    GCIE: Google Chrome v32.0.1700.76 (Defaut)

    ---\\ Windows product information
    ~ Langage: Anglais
    Windows 7 Home Premium, 32-bit Service Pack 1 (Build 7601)
    Windows Server License Manager Script : OK
    Software Protection Service (Protection logicielle) : OK
    Windows Automatic Updates : OK
    Windows Activation Technologies : OK

    ---\\ System protection software
    avast! Internet Security v9.0.2011
    Malwarebytes Anti-Malware versión 1.75.0.1300
    Windows Defender W7

    ---\\ System optimization software

    ---\\ Sharing software PeerToPeer

    ---\\ Surveillance software
    Adobe Flash Player 12 ActiveX

    ---\\ Information on the system
    ~ Processor: x86 Family 6 Model 28 Stepping 2, GenuineIntel
    ~ Operating System: 32 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 2037 MB (47% free)
    System Restore: Activé (Enable)
    System drive C: has 116 GB (77%) free of 149 GB

    ---\\ Connection to the system mode
    ~ Computer Name: YHOUÈ-PC
    ~ User Name: Yhouè
    ~ All Users Names: Yhouè, Invitado, HomeGroupUser$, Administrador,
    ~ Unselected Option: None
    Logged in as Administrator

    ---\\ Environment variables
    ~ System Unit : C:\
    ~ %AppZHP% : C:\Users\Yhouè\AppData\Roaming\ZHP\
    ~ %AppData% : C:\Users\Yhouè\AppData\Roaming\
    ~ %Desktop% : C:\Users\Yhouè\Desktop\
    ~ %Favorites% : C:\Users\Yhouè\Favorites\
    ~ %LocalAppData% : C:\Users\Yhouè\AppData\Local\
    ~ %StartMenu% : C:\Users\Yhouè\AppData\Roaming\Microsoft\Windows\Start Menu\
    ~ %Windir% : C:\Windows\
    ~ %System% : C:\Windows\System32\

    ---\\ Enumeration of the disk units
    C: Hard drive, Flash drive, Thumb drive (Free 116 Go of 149 Go)

    ---\\ State of the Windows Security Center
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
    ~ Security Center: 46 Legitimates Filtered in 00mn 00s

    ---\\ Search Generic System Files
    [MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorador de Windows.) (.24/02/2011 - 23:30:54.) -- C:\Windows\Explorer.exe [2616320]
    [MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicación de inicio de Windows.) (.13/07/2009 - 19:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
    [MD5.927FA6456AD6D7630F6854828D2FD16B] - (.Microsoft Corporation - Extensiones de Internet para Win32.) (.26/11/2013 - 0:33:33.) -- C:\Windows\System32\wininet.dll [1820160]
    [MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Aplicación de inicio de sesión de Windows.) (.20/11/2010 - 6:17:54.) -- C:\Windows\System32\Winlogon.exe [286720]
    [MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de licencias de software.) (.20/11/2010 - 6:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
    [MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/09/2013 - 18:48:58.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
    [MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 19:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
    [MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 17:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
    [MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 2:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
    [MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 2:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
    [MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 3:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
    [MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Controlador de puerto de i8042.) (.13/07/2009 - 17:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
    [MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 17:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
    [MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 20:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
    [MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 2:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
    [MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - Controlador del sistema de archivos NTFS.) (.12/04/2013 - 7:45:29.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752]
    [MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Controlador de puerto paralelo.) (.13/07/2009 - 17:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
    [MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 17:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
    [MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 17:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
    [MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 2:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
    [MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Controlador de instantánea de volumen.) (.20/11/2010 - 6:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
    ~ Generic Processes: Scanned in 00mn 00s

    ---\\ Hidden files state (Hidden/Total)
    ~ Mes Favoris (My Favorites) : 1/28
    ~ Mes Documents (My Documents) : 1/3
    ~ Mon Bureau (My Desktop) : 1/11
    ~ Menu demarrer (Programs) : 1/30
    ~ Hidden Files: Scanned in 00mn 00s

    ---\\ Process running
    [MD5.17C1F00C2FF5EB421202AABE4F504DA9] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [137752] [PID.456]
    [MD5.95BF86349F025960293FC7B5082D7535] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [354840] [PID.428]
    [MD5.2E86071D074339BE1386DC7DB032557B] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1594664] [PID.1184]
    [MD5.D523A9BB4D1C1DEF96A3555AE472BFF1] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [103720] [PID.1928]
    [MD5.93190A2F166DB15FF8A9D7C260F2806F] - (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7744032] [PID.2020]
    [MD5.4D2987AFADD5A32417BD744C34ADF9FF] - (.Synaptics Incorporated - Asus Custom Acpi Monitor Application.) -- C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [83240] [PID.108]
    [MD5.AFEBF9E0B223FF04709F747C172D3540] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024] [PID.956]
    [MD5.9FAF1377619583B191BD08287F03737E] - (.ultracopier.first-world.info - Ultracopier under GPL3.) -- C:\Program Files\Ultracopier\ultracopier.exe [204288] [PID.2076]
    [MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.2540]
    [MD5.52EA6C0C8A124BFB1065482392C8E1F5] - (.Wondershare - Wondershare Studio.) -- C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1743648] [PID.340]
    [MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53784] [PID.3184]
    [MD5.C8A8321292A459B0A17FB39A782A5C74] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [806096] [PID.1452]
    [MD5.8E5651B04BE775696B32F7F1F5DA8871] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8336896] [PID.4332]
    [MD5.D74884939D53612FD84AC82C59CCFE27] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1332]
    [MD5.1247D6B0F35AA93774CFBFD73203D857] - (.AVAST Software - avast! firewall service.) -- C:\Program Files\AVAST Software\Avast\afwServ.exe [113704] [PID.1464]
    [MD5.C4FB2613D3C75364BB159B9C23A00E7A] - (...) -- C:\Windows\System32\AsusService.exe [219136] [PID.2292]
    [MD5.6CB874AA6E4D0F91811EDA2AA272A685] - (.ASUSTeK Computer Inc. - Asus Eee PC Hotkey Service.) -- C:\Program Files\EeePC\HotkeyService\HotkeyService.exe [752056] [PID.2388]
    [MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.2396]
    [MD5.710AB764FEAC87B4EB4BE3A6A5480BD0] - (.ASUSTeK Computer Inc. - HotkeyMon.) -- C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe [100328] [PID.2404]
    [MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.2444]
    [MD5.CF87A1DE791347E75B98885214CED2B8] - (.Microsoft Corporation - Servicio de plataforma de protección de sof.) -- C:\Windows\system32\sppsvc.exe [3179520] [PID.2772]
    ~ Processes Running: Scanned in 00mn 03s

    ---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2)
    C:\Users\Yhouè\AppData\Local\Google\Chrome\User Data\Default\Preferences
    G1 - GCS: Preference [User Data\Default] http://ww7.nationzoom.com =>Hijacker.NationZoom
    G2 - GCE: Preference [User Data\Default] [chgdeabpmphfhkoemjjglmilajldekbp] Wondershare Video Converter Ultimate v.6.0.0 (Désactivé)
    G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
    ~ Google Browser: 13 Legitimates Filtered in 00mn 03s

    ---\\ Internet Explorer, Proxy Management (R5)
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s

    ---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs
    F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
    F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
    F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
    ~ Keys: Scanned in 00mn 00s

    ---\\ Hosts file redirection (O1)
    ~ Le fichier hosts est sain (The hosts file is clean).
    ~ Hosts File: Scanned in 00mn 00s
    ~ Nombre de lignes (Lines number): 21

    ---\\ Browser Helper Objects (O2)
    O2 - BHO: WsSVRIEHelper - {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} . (.Wondershare Software Co., Ltd. - Wondershare Video Converter Ultimate Plugin.) -- C:\Program Files\Wondershare\Video Converter Ultimate\SVRIEPlugin.dll
    ~ BHO: 4 Legitimates Filtered in 00mn 00s

    ---\\ Internet Explorer toolbars (O3)
    O3 - Toolbar: avast! Online Security - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    ~ Toolbar: Scanned in 00mn 00s

    ---\\ Other User Links (O4)
    O4 - GS\Desktop [Public]: E-Cam.lnk . (.AzureWave - E-CAM MFC Application.) -- C:\Program Files\E-Cam\E-CAM.exe
    O4 - GS\Desktop [Public]: Wondershare Video Converter Ultimate.lnk . (.Wondershare Software - Wondershare Video Converter.) -- C:\Program Files\Wondershare\Video Converter Ultimate\WSVCUSplash.exe
    O4 - GS\QuickLaunch [Yhouè]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe http://ww7.nationzoom.com =>Hijacker.NationZoom
    O4 - GS\QuickLaunch [Yhouè]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://ww7.nationzoom.com =>Hijacker.NationZoom
    O4 - GS\QuickLaunch [Yhouè]: Wondershare Video Converter Ultimate.lnk . (.Wondershare Software - Wondershare Video Converter Ultimate.) -- C:\Program Files\Wondershare\Video Converter Ultimate\VideoConverterUltimate.exe
    O4 - GS\TaskBar [Yhouè]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe http://ww7.nationzoom.com =>Hijacker.NationZoom
    O4 - GS\TaskBar [Yhouè]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://ww7.nationzoom.com =>Hijacker.NationZoom
    O4 - GS\TaskBar [Yhouè]: Wondershare Video Converter Ultimate.lnk . (.Wondershare Software - Wondershare Video Converter Ultimate.) -- C:\Program Files\Wondershare\Video Converter Ultimate\VideoConverterUltimate.exe
    O4 - GS\Program [Yhouè]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://ww7.nationzoom.com =>Hijacker.NationZoom
    O4 - GS\Program [Yhouè]: Lollipop.lnk . (...) -- C:\Users\Yhouè\AppData\Local\Lollipop\Lollipop.exe (.not file.) =>Adware.Lollipop
    O4 - GS\SystemTools [Yhouè]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://ww7.nationzoom.com =>Hijacker.NationZoom
    O4 - GS\SendTo [Yhouè]: Transferencia de archivos Bluetooth.LNK . (.Microsoft Corporation - No Comment.) -- C:\Windows\System32\fsquirt.exe
    O4 - GS\Desktop [Yhouè]: Continue Software Setup.lnk . (...) -- C:\Users\Yhouè\AppData\Local\Temp\DownloadManager.exe (.not file.)
    ~ Global Startup: 59 Legitimates Filtered in 00mn 02s

    ---\\ Auto loading programs from Registry and folders (O4)
    O4 - GS\Startup [Yhouè]: lollipop.lnk . (...) -- C:\Users\Yhouè\AppData\Local\Lollipop\Lollipop.exe (.not file.) =>Adware.Lollipop
    O4 - HKLM\..\Run: [HotkeyService] . (.ASUSTeK Computer Inc. - Asus Eee PC Hotkey Service.) -- C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
    O4 - HKLM\..\Run: [HotKeyMon] . (.ASUSTeK Computer Inc. - HotkeyMon.) -- C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
    O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [IgfxExt] . (.Intel Corporation - igfxext Module.) -- C:\Windows\system32\IgfxExt.exe
    O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    O4 - HKLM\..\Run: [SynAsusAcpi] . (.Synaptics Incorporated - Asus Custom Acpi Monitor Application.) -- C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
    O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
    O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe (.not file.)
    O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] . (.Wondershare - Wondershare Studio.) -- C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
    O4 - HKLM\..\Run: [BrowserPlugInHelper] . (...) -- C:\Program Files\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe
    O4 - HKLM\..\RunOnce: [20131224] . (.AVAST Software - avast! Emergency Update.) -- C:\Program Files\AVAST Software\Avast\setup\emupdate\f20b7fb0-9a45-4828-a568-fe522bca67f8.exe
    O4 - HKCU\..\Run: [ultracopier] . (.ultracopier.first-world.info - Ultracopier under GPL3.) -- C:\Program Files\Ultracopier\ultracopier.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets de escritorio de Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets de escritorio de Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
    O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
    O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
    O4 - HKUS\S-1-5-21-2533852307-1158591561-3514118382-1001\..\Run: [ultracopier] . (.ultracopier.first-world.info - Ultracopier under GPL3.) -- C:\Program Files\Ultracopier\ultracopier.exe
    ~ Application: Scanned in 00mn 00s

    ---\\ Lop.com/Domain Hijackers (O17)
    O17 - HKLM\System\CCS\Services\Tcpip\..\{0515FC97-D06B-4C43-822C-57AAAB3BB396}: DhcpNameServer = 10.3.9.242 10.3.1.100
    O17 - HKLM\System\CCS\Services\Tcpip\..\{1114F116-A0C3-4122-882B-F373BC150C14}: DhcpNameServer = 10.3.9.242 10.3.1.100
    O17 - HKLM\System\CS1\Services\Tcpip\..\{0515FC97-D06B-4C43-822C-57AAAB3BB396}: DhcpNameServer = 10.3.9.242 10.3.1.100
    O17 - HKLM\System\CS1\Services\Tcpip\..\{1114F116-A0C3-4122-882B-F373BC150C14}: DhcpNameServer = 10.3.9.242 10.3.1.100
    O17 - HKLM\System\CS2\Services\Tcpip\..\{0515FC97-D06B-4C43-822C-57AAAB3BB396}: DhcpNameServer = 10.3.9.242 10.3.1.100
    O17 - HKLM\System\CS2\Services\Tcpip\..\{1114F116-A0C3-4122-882B-F373BC150C14}: DhcpNameServer = 10.3.9.242 10.3.1.100
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.3.9.242 10.3.1.100
    ~ Domain: Scanned in 00mn 00s

    ---\\ Extra protocols (O18)
    O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visor HTML de Microsoft (R).) -- C:\Windows\System32\mshtml.dll
    O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
    ~ Protocole Additionnel: Scanned in 00mn 00s

    ---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23)
    O23 - Service: Asus Launcher Service (AsusService) . (...) - C:\Windows\System32\AsusService.exe
    O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    ~ Services: 6 Legitimates Filtered in 00mn 41s

    ---\\ HKCU & HKLM Software Keys
    [HKCU\Software\AppWork]
    [HKCU\Software\Baidu Security] =>Adware.BDSearch
    [HKCU\Software\DefaultTab] =>Adware.Bandoo
    [HKCU\Software\WSVCUPlugin]
    [HKCU\Software\lollipop] =>Adware.Lollipop
    [HKLM\Software\Baidu_Drp_pos] =>Adware.BDSearch
    [HKLM\Software\DefaultTab] =>Adware.Bandoo
    [HKLM\Software\supWPM] =>PUP.WpManager
    ~ Key Software: 110 Legitimates Filtered in 00mn 01s

    ---\\ Contents of the Common Files folders (O43)
    O43 - CFD: 16/01/2014 - 20:50:24 - [0] ----D C:\Program Files\Baidu Security =>Adware.BDSearch
    O43 - CFD: 16/01/2014 - 20:50:24 - [0] ----D C:\ProgramData\Baidu Security =>Adware.BDSearch
    O43 - CFD: 20/01/2014 - 17:31:37 - [0] ----D C:\ProgramData\WPM =>PUP.WpManager
    O43 - CFD: 20/01/2014 - 17:31:37 - [0] ----D C:\Users\Yhouè\AppData\Roaming\DefaultTab =>Adware.Bandoo
    O43 - CFD: 20/01/2014 - 13:04:15 - [0] ----D C:\Users\Yhouè\AppData\Roaming\Desk 365 =>Hijacker.22Find
    O43 - CFD: 20/01/2014 - 15:31:44 - [0] ----D C:\Users\Yhouè\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
    O43 - CFD: 16/01/2014 - 12:08:44 - [0] -SH-D C:\Users\Yhouè\AppData\Local\Archivos temporales de Internet
    O43 - CFD: 20/01/2014 - 10:20:00 - [1,224] ----D C:\Users\Yhouè\AppData\Local\genienext
    ~ Program Folder: 95 Legitimates Filtered in 00mn 17s

    ---\\ Last modified or created files under Windows and System32 (O44)
    O44 - LFC:[MD5.C71C33A290769C671353732F77B83C23] - 16/01/2014 - 11:58:08 ---A- . (...) -- C:\Windows\DtcInstall.log [1774]
    O44 - LFC:[MD5.11CDEEC350BD99A9DAC5C5AF5883818A] - 16/01/2014 - 12:01:39 ---A- . (...) -- C:\Windows\TSSysprep.log [1313]
    O44 - LFC:[MD5.38489F463AB7FF6BFA1E0A68CDF5D636] - 16/01/2014 - 19:27:41 ---A- . (...) -- C:\Windows\AsAcpiSvrLang.ini [21864]
    O44 - LFC:[MD5.C4FB2613D3C75364BB159B9C23A00E7A] - 16/01/2014 - 19:27:41 ---A- . (...) -- C:\Windows\System32\AsusService.exe [219136]
    O44 - LFC:[MD5.E67493490466B5F04B58C22D2590E8CA] - 16/01/2014 - 19:29:32 ---A- . (...) -- C:\Windows\System32\Drivers\AsUpIO.sys [11448]
    O44 - LFC:[MD5.718FECF22BF4BD4FC05B79AA4BEC75D0] - 16/01/2014 - 19:33:54 ---A- . (...) -- C:\Windows\Language_trs.ini [1769]
    O44 - LFC:[MD5.6B8221036573494A9234B91B9D7B3F7B] - 16/01/2014 - 19:34:32 ---A- . (...) -- C:\Windows\System32\lpgun.ini [13020]
    O44 - LFC:[MD5.DAD43771BA3FD8CE25A412FFF53206E8] - 16/01/2014 - 19:49:20 ---A- . (...) -- C:\Windows\DPINST.LOG [4818]
    O44 - LFC:[MD5.053F63B767B355F36C37BE9597937AED] - 16/01/2014 - 19:51:56 ---A- . (...) -- C:\Windows\System32\Drivers\SamSfPa.dat [4692]
    O44 - LFC:[MD5.9AE4E8FD213A92CBB58FDF968D988404] - 16/01/2014 - 20:05:27 ---A- . (...) -- C:\Windows\System32\athrext.cat [49563]
    O44 - LFC:[MD5.FBF20603EE0C48AA1A58E448E6928FFD] - 16/01/2014 - 20:05:27 ---A- . (...) -- C:\Windows\System32\netathr.inf [293373]
    O44 - LFC:[MD5.03783D0840B2C54D7665248425C74417] - 17/01/2014 - 18:20:27 ---A- . (...) -- C:\Windows\System32\dosx.exe [53600]
    O44 - LFC:[MD5.C236A8735A48B165A2A7724357DBE332] - 17/01/2014 - 18:20:37 ---A- . (...) -- C:\Windows\System32\RacRules.xml [105559]
    O44 - LFC:[MD5.B8CBB46B42570D373C9933FBDF25EBCE] - 17/01/2014 - 18:20:47 ---A- . (...) -- C:\Windows\System32\systemsf.ebd [146852]
    O44 - LFC:[MD5.5C18CD22BE4628865FCB63337A6E5EF6] - 17/01/2014 - 18:20:53 ---A- . (...) -- C:\Windows\System32\ScavengeSpace.xml [10429]
    O44 - LFC:[MD5.4B223CC51C91B7159B3AD6F66EC85399] - 18/01/2014 - 12:07:14 ---A- . (...) -- C:\Windows\IE9_main.log [9056]
    O44 - LFC:[MD5.1A84414B5E7AB90F929083C2CE8E235F] - 18/01/2014 - 16:40:46 ---A- . (...) -- C:\Windows\IE10_main.log [11812]
    O44 - LFC:[MD5.F862CD08F1AD4EE39BD506853F3C6103] - 18/01/2014 - 19:59:31 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [16284]
    O44 - LFC:[MD5.0201AAC4157E376B2884E485874CA251] - 18/01/2014 - 20:07:51 ---A- . (...) -- C:\Windows\IE11_main.log [18314]
    O44 - LFC:[MD5.81674239BC81FB7DBEE85B8A35F5C863] - 20/01/2014 - 13:01:45 ---A- . (...) -- C:\Windows\System32\_WSCM32.dll [214528]
    O44 - LFC:[MD5.5F5FFD142DE69616EE8610811182D075] - 20/01/2014 - 13:01:45 ---A- . (...) -- C:\Windows\System32\_WSCM64.dll [721263]
    O44 - LFC:[MD5.6310E7A993CE5958FA20179DDADDA1C5] - 20/01/2014 - 18:03:51 --HA- . (...) -- C:\1101HA.ROM [1048576]
    O44 - LFC:[MD5.81674239BC81FB7DBEE85B8A35F5C863] - 20/01/2014 - 18:51:51 ---A- . (...) -- C:\Windows\System32\WSCM32.dll [214528]
    O44 - LFC:[MD5.5F5FFD142DE69616EE8610811182D075] - 20/01/2014 - 18:51:51 ---A- . (...) -- C:\Windows\System32\WSCM64.dll [721263]
    ~ Files: 1091 Legitimates Filtered in 00mn 51s

    ---\\ Last files created in Windows Prefetcher (O45)
    O45 - LFCP:[MD5.F72D37E369CEBE7C887970927C771510] - 21/01/2014 - 20:36:44 ---A- - C:\Windows\Prefetch\INSTUP.EXE-7E543EAF.pf
    ~ Prefetcher: 81 Legitimates Filtered in 00mn 00s

    ---\\ Microsoft Windows Policies System (MWPS) (O55)
    O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
    O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
    O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
    O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
    ~ MWPS: 18 Legitimates Filtered in 00mn 00s

    ---\\ System Drivers List (SDL) (O58)
    O58 - SDL:[MD5.E67493490466B5F04B58C22D2590E8CA] - 06/07/2009 - 3:48:02 ---A- . (...) -- C:\Windows\System32\Drivers\AsUpIO.sys [11448]
    O58 - SDL:[MD5.F385467DF95D0A73775CB3B076B8B969] - 16/01/2014 - 20:26:02 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [49944]
    O58 - SDL:[MD5.1B0662514A68C3A42E60D240C5ABEF28] - 16/01/2014 - 20:26:02 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [180248]
    O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 13/07/2009 - 19:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
    O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 13/07/2009 - 16:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
    O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 13/07/2009 - 19:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
    O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 15:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
    O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 15:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
    O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 15:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
    O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 15:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
    O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 15:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
    O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 15:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
    O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 15:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
    O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 15:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
    O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 15:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
    O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 15:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
    O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 15:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
    O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 15:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
    O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 15:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
    O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 15:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
    O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 15:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
    ~ Drivers: 18 Legitimates Filtered in 00mn 04s

    ---\\ Last modified or created user files (O61)
    O61 - LFC: 18/01/2014 - 20:52:24 ---A- . (...) -- C:\Users\Yhouè\Links\Desktop.lnk [483]
    O61 - LFC: 18/01/2014 - 20:52:24 ---A- . (...) -- C:\Users\Yhouè\Links\Downloads.lnk [894]
    O61 - LFC: 18/01/2014 - 20:52:24 ---A- . (...) -- C:\Users\Yhouè\Links\RecentPlaces.lnk [383]
    O61 - LFC: 19/01/2014 - 20:48:57 ---A- . (...) -- C:\Users\Yhouè\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdm.dll [6940304]
    O61 - LFC: 19/01/2014 - 20:48:57 ---A- . (...) -- C:\Users\Yhouè\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\manifest.fingerprint [66]
    O61 - LFC: 19/01/2014 - 20:48:57 ---A- . (...) -- C:\Users\Yhouè\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\manifest.json [845]
    O61 - LFC: 20/01/2014 - 20:48:49 ---A- . (...) -- C:\Users\Yhouè\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [273221]
    O61 - LFC: 20/01/2014 - 20:52:24 ---A- . (...) -- C:\Users\Yhouè\Downloads\1101HA-ASUS-0323.zip [441780]
    O61 - LFC: 20/01/2014 - 20:52:24 ---A- . (...) -- C:\Users\Yhouè\Downloads\574rk.7r3k.72Op.by.The.Lucho.part1.rar [681574400]
    O61 - LFC: 20/01/2014 - 20:52:24 ---A- . (...) -- C:\Users\Yhouè\Downloads\574rk.7r3k.72Op.by.The.Lucho.part2.rar [579585096]
    O61 - LFC: 20/01/2014 - 20:52:24 ---A- . (...) -- C:\Users\Yhouè\daemonprocess.txt [1039]
    O61 - LFC: 20/01/2014 - 20:52:24 ---A- . (.AppWork GmbH.) -- C:\Users\Yhouè\Downloads\WebInstallerJD2.exe [77976]
    O61 - LFC: 20/01/2014 - 20:52:24 ---A- . (.Free Time.) -- C:\Users\Yhouè\Downloads\FFSetup3.2.1.0.exe [61746892]
    O61 - LFC: 20/01/2014 - 20:52:24 RSHA- . (...) -- C:\Users\Yhouè\ntuser.pol [282]
    O61 - LFC: 21/01/2014 - 20:48:49 ---A- . (...) -- C:\Users\Yhouè\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt [5]
    O61 - LFC: 21/01/2014 - 20:48:56 ---A- . (...) -- C:\Users\Yhouè\AppData\Local\Google\Chrome\User Data\Local State [54336]
    O61 - LFC: 21/01/2014 - 20:52:24 ---A- . (...) -- C:\Users\Yhouè\AppData\Roaming\ZHP\Log.txt [16068] =>.Nicolas Coolman
    O61 - LFC: 21/01/2014 - 20:52:24 ---A- . (...) -- C:\Users\Yhouè\AppData\Roaming\ZHP\TestsZHPDiag.txt [2836] =>.Nicolas Coolman
    O61 - LFC: 21/01/2014 - 20:52:24 ---A- . (...) -- C:\Users\Yhouè\Documents\Flims\s74r.7r3k.1n70.d4rkn355.hd.72Op.by.The.Lucho(1).mp4 [2608022976]
    ~ 128 Fichiers temporaires (Temporary files)
    ~ 1 Fichiers cookies (Cookies files)
    ~ Files: 6554 Legitimates Filtered in 03mn 35s

    ---\\ List all tools cleaner (LATC) (O63)
    O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
    ~ ADS: Scanned in 00mn 00s

    ---\\ File Associations Shell Spawning (O67)
    O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
    ~ FASS Keys: 11 Legitimates Filtered in 00mn 00s

    ---\\ Start Menu Internet (SMI) (O68)
    O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Google\Chrome\Application\chrome.exe" http://ww7.nationzoom.com =>Hijacker.NationZoom
    O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe
    ~ Keys: Scanned in 00mn 00s

    ---\\ Search Browser Infection (SBI) (O69)
    O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
    O69 - SBI: SearchScopes [HKCU] {4F8F19D4-3AC5-461F-9651-500BC5ADF0AA} [DefaultScope] - (Google) - https://www.google.com/?gws_rd=ssl
    ~ Keys: Scanned in 00mn 00s

    ---\\ Search Particular Root Folder (SPRF) (O84)
    [MD5.DC167DDDAF5C1A457D5A4FEBF94F67BC] [SPRF][20/01/2014] (...) -- C:\Users\Yhouè\AppData\Local\Temp\1_Offer_3.exe [19207976]
    [MD5.B5B2829B37336BB266B179700398B421] [SPRF][13/09/2013] (.Ask.com - Offercast - APN Install Manager.) -- C:\Users\Yhouè\AppData\Local\Temp\AskPIP_FF_.exe [1021872]
    [MD5.4EDE0214A9AD5EE2B6E60D7E9CE786B2] [SPRF][20/01/2014] (.Skytech Co., Ltd. - Skytech.) -- C:\Users\Yhouè\AppData\Local\Temp\epom2_nationzoom_20131128171912.exe [564888] =>Hijacker.NationZoom
    [MD5.22736CB1C85CD187A2419F0E55DEBBF7] [SPRF][20/01/2014] (...) -- C:\Users\Yhouè\AppData\Local\Temp\proxy_vole917517203174721683.dll [43520]
    [MD5.3DF9C822FFD4245403113A555A27357F] [SPRF][12/01/2014] (...) -- C:\Users\Yhouè\AppData\Local\Temp\Quarantine.exe [360073]
    [MD5.18F801F7C60935D77B24E601F124986B] [SPRF][16/01/2014] (.Baidu Inc. - Baidu PC Faster MiniSetup.) -- C:\Users\Yhouè\AppData\Local\Temp\UNTD6CF.exe [1484832] =>Adware.BDSearch
    [MD5.535402C574026FDA1C8638794CC117B8] [SPRF][16/01/2014] (...) -- C:\Users\Yhouè\AppData\Local\Temp\UNTD6E1.exe [19207976]
    [MD5.18F801F7C60935D77B24E601F124986B] [SPRF][20/01/2014] (.Baidu Inc. - Baidu PC Faster MiniSetup.) -- C:\Users\Yhouè\AppData\Local\Temp\UNTD86B.exe [1484832] =>Adware.BDSearch
    [MD5.535402C574026FDA1C8638794CC117B8] [SPRF][20/01/2014] (...) -- C:\Users\Yhouè\AppData\Local\Temp\UNTD87D.exe [19207976]
    ~ Files: 10 Legitimates Filtered in 00mn 02s

    ---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped)
    SS - | Demand 21/01/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    SS - | Auto 16/01/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
    SS - | Demand 16/01/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

    SR - | Auto 18/08/2009 219136 | (AsusService) . (...) - C:\Windows\System32\AsusService.exe
    SR - | Auto 16/01/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    SR - | Auto 16/01/2014 113704 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
    SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
    SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    SR - | Auto 13/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
    SR - | Auto 13/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

    ~ Services: Scanned in 00mn 02s

    ---\\ Search Master Boot Record Infection (MBR)(O80)
    Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net

    ~ MBR: 1 Legitimates Filtered in 00mn 02s

    ---\\ Scan Additionnel (O88)
    Database Version : 13024 - (17/01/2014)
    Clés trouvées (Keys found) : 4
    Valeurs trouvées (Values found) : 8
    Dossiers trouvés (Folders found) : 6
    Fichiers trouvés (Files found) : 8

    [HKCU\Software\defaulttab] =>Adware.IMBooster
    [HKLM\Software\defaulttab] =>Adware.IMBooster
    [HKCU\Software\lollipop] =>Adware.Lollipop
    [HKLM\Software\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc] =>Adware.Bandoo
    C:\Program Files\Baidu Security =>Adware.BDSearch^
    C:\ProgramData\Baidu Security =>Adware.BDSearch^
    C:\ProgramData\WPM =>PUP.WpManager^
    C:\Users\Yhouè\AppData\Roaming\DefaultTab =>Adware.Bandoo^
    C:\Users\Yhouè\AppData\Roaming\Desk 365 =>Hijacker.22Find^
    C:\Users\Yhouè\AppData\Local\Temp\Desk365 =>Hijacker.22find
    [HKCU\Software\Baidu Security] =>Adware.BDSearch^
    [HKCU\Software\DefaultTab] =>Adware.Bandoo^
    [HKLM\Software\Baidu_Drp_pos] =>Adware.BDSearch^
    [HKLM\Software\DefaultTab] =>Adware.Bandoo^
    [HKLM\Software\supWPM] =>PUP.WpManager^
    C:\Users\Yhouè\AppData\Local\Temp\epom2_nationzoom_20131128171912.exe =>Hijacker.NationZoom^
    C:\Users\Yhouè\AppData\Local\Temp\UNTD6CF.exe =>Adware.BDSearch^
    C:\Users\Yhouè\AppData\Local\Temp\UNTD86B.exe =>Adware.BDSearch^
    ~ Additionnel Scan: 124554 Items scanned in 01mn 28s

    ---\\ Summary of the detections found on your workstation
    ~ http://nicolascoolman.webs.com/apps/blog/show/38126906-hijacker-nationzoom =>Hijacker.NationZoom
    ~ http://nicolascoolman.webs.com/apps/blog/show/26630902-adware-lollipop =>Adware.Lollipop
    ~ http://nicolascoolman.webs.com/apps/blog/show/28158343-adware-bdsearch =>Adware.BDSearch
    ~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo
    ~ http://nicolascoolman.webs.com/apps/blog/show/38737316-pup-wpmanager =>PUP.WpManager
    ~ http://nicolascoolman.webs.com/apps/blog/show/26630379-hijacker-22find =>Hijacker.22Find
    ~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
    ~ MSI: 7 link(s) detected in 01mn 28s

    ~ 8448 Legitimates filtered by white list
    End of the scan (478 lines in 08mn 49s)(0)
    0
  3. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  4. Utilisateur anonyme
     
    Bonjour baladur13 et merci ;-)

    @ Túrhop

    1)Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.
    Lance le, clique sur [Scanner] puis patiente le temps du scan.
    Une fois le scan terminé clique sur le bouton [Nettoyer]
    Patiente durant le nettoyage. Lis le message qui apparaît, puis clique sur Ok . Le PC va être redémarré automatiquement et le rapport s'ouvrira à la fin du redémarrage.
    Poste le rapport

    Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt

    A lire :
    Les programmes potentiellement indésirables :
    https://www.malekal.com/adwares-pup-protection/

    Les toolbars, c'est pas obligatoire ( par Malekal ) :https://forum.malekal.com/viewtopic.php?t=6173&start=


    2)
    Tu disposes de Malwaresbytes
    Met le à jour et lance une analyse rapide
    Poste moi ce rapport après suppression

    @+
    0
  5. Túrhop Messages postés 5 Statut Membre
     
    bonjour. Voila les deux resultat.

    On ce rattrape.

    AdwCleaner

    # AdwCleaner v3.017 - Reporte Creado 22/01/2014 en 19:30:26
    # Actualizado 12/01/2014 por Xplode
    # Sistema Operativo : Windows 7 Home Premium Service Pack 1 (32 bits)
    # Nombre de usuario : Yhouè - YHOUÈ-PC
    # Ejecutado desde : C:\Users\Yhouè\Downloads\AdwCleaner (1).exe
    # Opción : Limpiar

    ***** [ Servicios ] *****

    ***** [ Archivos / Carpetas ] *****

    Carpeta Borrar : C:\ProgramData\WPM
    Carpeta Borrar : C:\Program Files\Mobogenie
    Carpeta Borrar : C:\Users\Yhouè\AppData\Local\genienext
    Carpeta Borrar : C:\Users\Yhouè\AppData\Local\Mobogenie
    Carpeta Borrar : C:\Users\YHOU~1\AppData\Local\Temp\Desk365
    Carpeta Borrar : C:\Users\Yhouè\AppData\Roaming\DefaultTab
    Carpeta Borrar : C:\Users\Yhouè\AppData\Roaming\Desk 365
    Carpeta Borrar : C:\Users\Yhouè\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
    Archivo Borrar : C:\Users\Yhouè\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\lollipop.lnk
    Archivo Borrar : C:\Users\Yhouè\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lollipop.lnk
    Archivo Borrar : C:\Users\Yhouè\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx

    ***** [ Accesos directos ] *****

    Acceso directo Desinfectado : C:\Users\Yhouè\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    Acceso directo Desinfectado : C:\Users\Yhouè\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
    Acceso directo Desinfectado : C:\Users\Yhouè\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    Acceso directo Desinfectado : C:\Users\Yhouè\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
    Acceso directo Desinfectado : C:\Users\Yhouè\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
    Acceso directo Desinfectado : C:\Users\Yhouè\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk

    ***** [ Registro ] *****

    Clave Borrar : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
    Clave Borrar : HKCU\Software\Classes\Applications\lollipop.exe
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
    Valor Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
    Datos Restaurado : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
    Clave Borrar : HKCU\Software\DefaultTab
    Clave Borrar : HKCU\Software\lollipop
    Clave Borrar : HKLM\Software\DefaultTab
    Clave Borrar : HKLM\Software\supWPM

    ***** [ Navegadores ] *****

    -\\ Internet Explorer v11.0.9600.16428

    -\\ Google Chrome v32.0.1700.76

    [ Archivo : C:\Users\Yhouè\AppData\Local\Google\Chrome\User Data\Default\preferences ]

    Borrar : search_url
    Borrar : keyword

    *************************

    AdwCleaner[R0].txt - [5923 octets] - [19/01/2014 18:54:55]
    AdwCleaner[R1].txt - [4467 octets] - [22/01/2014 19:27:46]
    AdwCleaner[S0].txt - [4454 octets] - [19/01/2014 18:57:41]
    AdwCleaner[S1].txt - [3448 octets] - [22/01/2014 19:30:26]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3508 octets] ##########

    Malwarebytes Anti-Malware

    Malwarebytes Anti-Malware (Versión de Prueba) 1.75.0.1300
    www.malwarebytes.org

    Versión de la Base de Datos: v2014.01.24.05

    Windows 7 Service Pack 1 x86 NTFS
    Internet Explorer 11.0.9600.16476
    Yhouè :: YHOUÈ-PC [administrador]

    Protección: Habilitado

    24/01/2014 9:30:00
    mbam-log-2014-01-24 (09-30-00).txt

    Tipos de Análisis: Análisis Rápido
    Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
    Opciones de análisis desactivados: P2P
    Objetos examinados: 189196
    Tiempo transcurrido: 13 minuto(s),

    Procesos en Memoria Detectados: 0
    (No se han detectado elementos maliciosos)

    Módulos de Memoria Detectados: 0
    (No se han detectado elementos maliciosos)

    Claves del Registro Detectados: 0
    (No se han detectado elementos maliciosos)

    Valores del Registro Detectados: 0
    (No se han detectado elementos maliciosos)

    Elementos de Datos del Registro Detectados: 0
    (No se han detectado elementos maliciosos)

    Carpetas Detectadas: 0
    (No se han detectado elementos maliciosos)

    Archivos Detectados: 0
    (No se han detectado elementos maliciosos)

    fin)
    0
  6. Utilisateur anonyme
     
    Bonjour

    Poste moi un nouveau rapport ZHPDiag;merci
    Pour transmettre le rapport clique sur ce lien :

    http://pjjoint.malekal.com/

    Si problème utilise un des suivants

    https://forums-fec.be/upload
    https://www.cjoint.com/

    Clique sur Parcourir et cherche le fichier : Nom_complet_du_fichier (Fichier demandé )
    Clique sur Ouvrir.

    Clique sur "Envoyer le fichier".

    Un lien de cette forme :

    http://pjjoint.malekal.com/cjlink.php?file=cj200905/cijSKAP5fU.txt

    est ajouté dans la page.

    Copie ce lien dans ta réponse.

    @+
    0