Parfeu avira

Réponse 1 / 35

Marou81 Messages postés 4175 Date d'inscription Statut Membre Dernière intervention 198

Bonjour,

Peux-tu utiliser ce logiciel de diagnostic, ça me permettra de t'aider :

▶ Télécharge ZHPDiag (de Nicolas Coolman)
▶ Lance le (si tu es sous Windows Vista ou Windows 7, fais le par un clic-droit --> Exécuter en temps qu'administrateur)
▶ Laisse toi guider lors de l'installation (pense à cocher la case pour créer un raccourci sur le Bureau). Il se lancera automatiquement à la fin de l'installation.
▶ Clique sur configurer puis sur l'icône représentant une loupe («Diagnostic par défaut avec légitimes») et accepte le "rapport full options"
▶ le rapport se trouve sur ton Bureau
▶ Rends toi sur ce site, clique sur "Parcourir", sélectionne le rapport de ZHPDiag et clique sur Envoyer le fichier. Patiente pendant l'envoi du fichier, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.

Si tu as besoin d'aide, suis ce tuto : http://www.sosvirus.net/canned-speech-zhpdiag-t712.html. Confond pas ZHPFix et ZHPDiag !

A+

coco66

bonsoir,
J'ai retrouvé et telechargé ZHP Diag, normalement je l'ai transmis par un lien, je ne sais pas si ça a marché. Une fois telechargé comment dois-je m'en servir ? Merci

Réponse 2 / 35

coco66

Bonsoir,
J'ai regardé mais impossible de telecharger ZHPDiag, je tombe sur C Clean et a l'adresse du tutorat, j'aboutie à un site ou il ya un monstre vert et rien ne se télécharge. Merci de me dire s ce sont bien ces logiciels qui marche avec ZHP Diag et s'il arrangera bien mon problème de parfeu.

Réponse 3 / 35

Marou81 Messages postés 4175 Date d'inscription Statut Membre Dernière intervention 198

Bonsoir,

▶ Télécharge RogueKiller (de Tigzy) sur le Bureau
▶ Quitte tous tes programmes en cours
▶ Lance le (si tu utilises Windows Vista ou 7 : fais un clic-droit dessus et choisis "Exécuter en tant qu'administrateur")
▶ Patiente pendant le pre-scan, puis clique sur le bouton "Scan"
▶ A la fin, vérifie que tous les éléments sont cochés puis clique sur "Suppression"
▶ Un rapport (RKreport.txt) doit être créé sur le Bureau, poste le dans ta prochaine réponse.
▶ Redémarre le pc si demandé

A+

Réponse 4 / 35

coco66

Merci, je ferai ça demain , je vous recontacterai si cela ne vous dérange pas.

Marou81 Messages postés 4175 Date d'inscription Statut Membre Dernière intervention 198

ok ça marche

Marou81 Messages postés 4175 Date d'inscription Statut Membre Dernière intervention 198

C'est cool par contre faut me donner le lien ici :)

Réponse 5 / 35

coco66

Escusez moi, je ne sais comment faire. Je ne suis pas toujours douée. Merci

Marou81 Messages postés 4175 Date d'inscription Statut Membre Dernière intervention 198

Tu selectionne tout le contenu de ton rapport CTRL+C puis CTRL+V ici.

A+

Réponse 6 / 35

coco66

Je suis arrivé à le selectionner mais ctrl V ne fonctionne pas, j'ai essayé sur ma messagerie et sur le compte comment ça marche c parteil, impossible de faire un copier coller, peut être, si cela ne vous dérange pas que je vous l'envoie sur votre adresse mail. ça soule!! merci de votre patiente;

Marou81 Messages postés 4175 Date d'inscription Statut Membre Dernière intervention 198

ou sinon tu l'héberge sur https://www.cjoint.com/ et tu créer lien et tu me le donne ici

jacques.gache Messages postés 33461 Date d'inscription Statut Contributeur sécurité Dernière intervention 1 617

bonjour, avant de faire ctrl + c il faut sélectionner le texte en mettant en surbriant , tu peux le faire avec ctrl + a pour sélectionner tous le rapport puis ctrl + c pour copier et ctrl + v pour coller

Réponse 7 / 35

coco66

J'ai réussi a faire ctrlA, CRTL Cet V mais ça n'apparait pas sous votre réponse du site comment ça marche, aprés le ctrl V je clique droit sous votre réponse mais rien ne me permet de coller, j'ai retour merciRapport de ZHPFix 2014.1.17.2 par Nicolas Coolman, Update du 17/01/2014
Fichier d'export Registre :
Run by corinne at 04/02/2014 19:29:34
High Elevated Privileges : OK
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)

Corbeille vidée (00mn 04s)

========== Dossiers ==========
SUPPRIMÉS Temporaires Windows (135)

========== Fichiers ==========
SUPPRIMÉS Temporaires Windows (303) (43 688 009 octets)

========== Récapitulatif ==========
1 : Dossiers
1 : Fichiers

End of clean in 29mn 38s

========== Chemin de fichier rapport ==========
C:\Users\corinne\AppData\Roaming\ZHP\ZHPFix[R1].txt - 04/02/2014 19:29:38 [587]
9a yest je crois que c bon, n'est ce pas ? sinon je m'arrache les cheveux!!

jacques.gache Messages postés 33461 Date d'inscription Statut Contributeur sécurité Dernière intervention 1 617

bonjour, pour faire ctrl v il faut que tu viennes ici tu cliques sur ajouter un commentaire et puis après clique dans le cadre de reponse et une fois que tu as le petit curseur pour écrire tu fais ctrl v et normalement il devriat se coller !!

Marou81 Messages postés 4175 Date d'inscription Statut Membre Dernière intervention 198

pourquoi tu fais ZHPFix j'ai demandé ZHPDiag !!! Lis ce que j'ai marqué scupuleusement !

Aide toi du tuto car là tu es hors sujet.

Réponse 8 / 35

coco66

Avec le lien cv joint, ils demande mon mail et combien de temps je veux concerver ce bloc note mais ensuite on me parle de download a installer et pdf creator que j'ai déjà.

jacques.gache Messages postés 33461 Date d'inscription Statut Contributeur sécurité Dernière intervention 1 617

non sur ce lien https://www.cjoint.com/ tu as juste à cliquer sur choissiez un fichier une fois sélectionner tu cliques sur créer le lien cjoint tu le sélectionne et tu le copies et tu viens ici le coller tu ne fais rien de plus tu mets pas ton adresse Email ,et tu laisses coché comme c'est !!

Réponse 9 / 35

coco66

j'espère que c bon, merci

coco66

~ Rapport de ZHPDiag v2014.1.25.26 - Nicolas Coolman (25/01/2014)
~ Lancé par corinne (04/02/2014 18:26:55)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC):

---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
GCIE: Google Chrome v32.0.1700.107 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Vista (TM) Home Premium, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_COA_NSLP channel
Windows ID Activation : OK
~ Windows Partial Key : Q27TJ
Windows License : OK
Windows Automatic Updates : OK

---\\ Logiciels de protection du système
Microsoft Security Client v4.4.0304.0

---\\ Logiciels d'optimisation du système
CCleaner v2.28 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 ActiveX
Adobe Reader X
Java 7 Update 51

---\\ Informations sur le système
~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2046 MB (45% free)
System Restore: Activé (Enable)
System drive C: has 66 GB (50%) free of 129 GB

---\\ Mode de connexion au système
~ Computer Name: PC-DE-CORINNE
~ User Name: corinne
~ All Users Names: UpdatusUser, corinne, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\corinne\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\corinne\AppData\Roaming\
~ %Desktop% : C:\Users\corinne\Desktop\
~ %Favorites% : C:\Users\corinne\Favorites\
~ %LocalAppData% : C:\Users\corinne\AppData\Local\
~ %StartMenu% : C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 66 Go of 129 Go)
D: CD-ROM drive (Not Inserted)
E: Hard drive, Flash drive, Thumb drive (Free 92 Go of 104 Go)

---\\ Etat du Centre de Sécurité Windows
~ Security Center: 42 Legitimates Filtered in 00mn 00s

---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.19/01/2008 - 08:33:37.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.4CC9DF09C3D915BA0A101A11DB684F26] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.14/11/2013 - 23:42:41.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.19/01/2008 - 06:28:02.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.19/01/2008 - 06:49:18.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.19/01/2008 - 06:56:28.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
[MD5.8A79FDF04A73428597E2CAF9D0D67850] - (.Microsoft Corporation - Pilote de port parallèle.) (.19/01/2008 - 06:49:33.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.19/01/2008 - 06:56:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10:03:00.) -- C:\Windows\system32\Drivers\rdpdr.sys [242688]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 00s

---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/313
Mes musiques (My Musics) : 15/15 (Modified)
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/81
~ Mes Documents (My Documents) : 4/116
~ Mon Bureau (My Desktop) : 2/481
~ Menu demarrer (Programs) : 1/39
~ Hidden Files: Scanned in 00mn 00s

---\\ Processus lancés
[MD5.16AE89DB056690B77252A722023D506B] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [4431872] [PID.2296]
[MD5.0E34B7BB1FCF22BCC1E394D16F9E992B] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040] [PID.2324]
[MD5.40A329FE101AE594F879D2133E223D0A] - (.Discordia, LTD - Data Manager.) -- C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe [1115536] [PID.2380] =>PUP.Datamngr
[MD5.6EA1BF3F6E6B0613351411A3EB6B85A2] - (.Ask - Ask Updater.) -- C:\Program Files\Ask.com\Updater\Updater.exe [1561768] [PID.2396]
[MD5.2E068599FCF51B3F4640458950A069FC] - (.Pas de propriétaire - VProtect Application.) -- C:\Program Files\AVG Secure Search\vprot.exe [2420248] [PID.2404] =>Toolbar.AVGSearch
[MD5.01D92A226791867F2DED688F25271905] - (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files\EPSON Software\Event Manager\EEventManager.exe [1058400] [PID.2412]
[MD5.33BE35574E1081A91EACD2B98E0A472A] - (.APN - Ask Toolbar Notifier.) -- C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1778640] [PID.2444] =>Toolbar.Ask
[MD5.DD231039B13EC2ABDE315D76E658EF0E] - (.Avira Operations GmbH & Co. KG - Antivirus System Tray Tool (Desktop).) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [684600] [PID.2460]
[MD5.47C9EF1600EDD9EBD8155EB6B5206B6B] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [1821984] [PID.2504]
[MD5.5F2B7DEB7263CC6D65871675FBF31F66] - (.Inbox.com, Inc. - Inbox Toolbar.) -- C:\Program Files\Inbox Toolbar\Inbox.exe [1380328] [PID.2520]
[MD5.9D826FE5B102A4DF5225786DB5E586C9] - (...) -- C:\Program Files\ASUS\AASP\1.00.33\aaCenter.exe [603648] [PID.2528]
[MD5.C407F87EDD7F08D7C8B900A4C6C6C719] - (.Crawler.com - Online Vault Tray.) -- C:\Program Files\OnlineVault\OVTray.exe [371808] [PID.2672]
[MD5.F6573840989C4E8ED2EBF8B0644CF500] - (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files\SFR\Kit\9props.exe [959880] [PID.2824]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.2840]
[MD5.4B555106290BD117334E9A08761C035A] - (...) -- ystem32\rundll32.exe [0] [PID.2864]
[MD5.665CE80D2173C774EE80FEAC4B20C860] - (.Ralink Technology, Corp. - RaUI MFC Application.) -- C:\Program Files\Ralink\Common\RaUI.exe [1560576] [PID.2888]
[MD5.50BD5E267657BE1090FB667B7A4500CE] - (.Microsoft Corporation - Microsoft Office Groove.) -- C:\Program Files\Microsoft Office\Office12\GROOVE.exe [337264] [PID.2908]
[MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.exe [97680] [PID.2924]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.3096]
[MD5.43E6F2A7FB182F2D7CB0CE5B8F1005CF] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [757488] [PID.2700]
[MD5.F7480FE0B17C75FED24F2C11A5DB5F1E] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FARNILE.exe [264800] [PID.7220]
[MD5.5640B4C10682FBC39C86C8C7A8392B5E] - (.Google Inc. - Google Chrome.) -- C:\Users\corinne\AppData\Local\Google\Chrome\Application\chrome.exe [866632] [PID.2712]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.4216]
[MD5.CA25CAEEBDBE25D85565877219F684F8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8339968] [PID.4896]
[MD5.E4284FCF99FEA13A7E1836F87AE356F6] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 311.0.) -- C:\Windows\system32\nvvsvc.exe [639776] [PID.952]
[MD5.5A19667A580B1CE886EAF968B9743F45] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [383264] [PID.968]
[MD5.B0F49DA36F30922F5DDC3B623B778FCE] - (.Microsoft Corporation - Antimalware Service Executable.) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208] [PID.1048]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1412]
[MD5.8619BE54EC51A74A2C3F82B313AB445E] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [873248] [PID.1636]
[MD5.FE79366FECD444A16CCA9979134DBEA8] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376] [PID.656]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.2948]
[MD5.2297460EC100F34DC455CC0EFD21D442] - (.Avira Operations GmbH & Co. KG - Firewall NT service process.) -- C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe [1012280] [PID.2972]
[MD5.FDE9C7030FB1E9E2715E113EE6A10F90] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376] [PID.3040]
[MD5.B342CD9AA44E4AE99E2368EBDBC2E17A] - (.APN LLC. - APN Updater.) -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352] [PID.3120] =>Toolbar.Ask
[MD5.D503DF3ABA595F551B98B9BAE017A271] - (.Apple Inc. - Apple Mobile Device Service.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [144672] [PID.3136]
[MD5.E9EFCB47B90FD5498695BB7FEFD36CAE] - (.Seiko Epson Corporation - Epson Scanner Service (32bit).) -- C:\Windows\system32\EscSvc.exe [122000] [PID.3164]
[MD5.78073F606AE3B24F6C1F555759AA8511] - (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [877864] [PID.3212]
[MD5.C7F5C284B6F46FCAF6910EA4E644700B] - (.Nero AG - Nero BackItUp.) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [935208] [PID.3212]
[MD5.FD306FBCCE7ADB1077B709742E7148E9] - (...) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096] [PID.3436]
[MD5.875E4E0661F3A5994DF9E5E3A0A4F96B] - (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) -- C:\Windows\system32\IoctlSvc.exe [81920] [PID.3468]
[MD5.E155E09229624C69A1A6609C0CB3641F] - (.Ralink Technology, Corp. - RalinkRegistryWriter.) -- C:\Program Files\Ralink\Common\RaRegistry.exe [185632] [PID.3524]
[MD5.D6BFF86F1946B0E473BAE244FB1BB07F] - (.AVG Secure Search - ToolbarU Application.) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe [1734680] [PID.3596] =>Toolbar.AVGSearch
[MD5.14240D6730C6BA73AD569F2CD759B504] - (.Pas de propriétaire - loggings Application.) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\loggingserver.exe [159768] [PID.3900] =>Toolbar.AVGSearch
[MD5.6F1E9AB820B3DD8BD38C0190A206205D] - (.Avira Operations GmbH & Co. KG - AntiVir shadow copy service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [431672] [PID.2272]
[MD5.0DD3DDCAEBEA9B0B3B8D008F6973185F] - (.Avira Operations GmbH & Co. KG - Antivirus MailScanner LSP Service.) -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [896056] [PID.2288]
[MD5.29D956C8CB67222D678FAF20D485B25B] - (.Avira Operations GmbH & Co. KG - AntiVir WebGuard Service.) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.exe [1011768] [PID.1188]
[MD5.42D33042371BFB1A7D40834590CAFD30] - (.Microsoft Corporation - Microsoft Network Realtime Inspection Servi.) -- C:\Program Files\Microsoft Security Client\NisSrv.exe [280288] [PID.552]
~ Processes Running: Scanned in 00mn 02s

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\corinne\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://toolbar.inbox.com
G2 - GCE: Preference [User Data\Default] [aaaaacalgebmfelllfiaoknifldpngjh] Avira SearchFree Toolbar plus Web Protection v.30.2, (Désactivé) =>Toolbar.Avira
G2 - GCE: Preference [User Data\Default] [apgjagobplilmcdfelodhgefiidomnfl] Inbox Toolbar v.1.0.0.12 (Désactivé)
G2 - GCE: Preference [User Data\Default] [bdcfkjjffkboloijgealjeijakofmalg] Interest Recognizer for Freecompressor v.3.1.1489.132 (Désactivé) =>Adware.SPointer
G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.5.1 (Désactivé) =>Toolbar.DeltaSearch
G2 - GCE: Preference [User Data\Default] [iahagolkpaghhinaljhjihagjgomdokb] La barre d'outils de Marche.fr v.1.3, (Désactivé)
G2 - GCE: Preference [User Data\Default] [kincjchfokkeneeofpeefomkikfkiedl] Facetheme v.1.0 (Désactivé) =>PUP.FCTPlugin
G2 - GCE: Preference [User Data\Default] [ndibdjnfmopecpmkdieinmbadjfpblof] AVG Secure Search v.17.1.2.1 (Désactivé) =>Toolbar.AVGSearch
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
~ Google Browser: 18 Legitimates Filtered in 00mn 10s

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\corinne\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\prefs.js
P2 - FPN: [HKLM] [@ei.Allin1Convert_8h.com/Plugin] - (.Allin1Convert - Allin1Convert Installer Plugin Stub for 32-bit Windows.) -- C:\Program Files\Allin1Convert_8hEI\Installr\1.bin\NP8hEISB.dll =>Adware.Allin1Convert
~ Firefox Browser: 21 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://cherchermp3.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr
~ IE Browser: 15 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s

---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} . (.AVG Secure Search - toolbar.dll.) -- C:\Program Files\AVG Secure Search\17.1.2.1\AVG Secure Search_toolbar.dll =>Toolbar.AVGSearch
O2 - BHO: WiseConvert 1.5 B2 - {e483a649-efc1-4ceb-bff6-8be71582056d} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\WiseConvert_1.5_B2\prxtbWise.dll =>Toolbar.Conduit
~ BHO: 18 Legitimates Filtered in 00mn 03s

---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - [HKLM]{FE063DB9-4EC0-403e-8DD8-394C54984B2C} Clé orpheline
O3 - Toolbar: DVDVideoSoftTB Toolbar - [HKLM]{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} . (...) -- C:\Program Files\DVDVideoSoft\tbDVDV.dll
O3 - Toolbar: Streaming Chercher MP3 Toolbar - [HKLM]{C86FF9FA-AEED-451B-A9CC-39A53173AE2E} . (.Pas de propriétaire - IE Toolbar Engine.) -- C:\Program Files\Streaming Chercher MP3 Toolbar\tbcore3.dll
O3 - Toolbar: Searchqu Toolbar - [HKLM]{99079a25-328f-4bd4-be04-00955acaa0a7} . (.Pas de propriétaire - dtx Dynamic Link Library.) -- C:\Program Files\Windows iLivid Toolbar\ToolBar\searchqudtx.dll =>PUP.Datamngr
O3 - Toolbar: Ask Toolbar - [HKLM]{D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Ask Toolbar.) -- C:\Program Files\Ask.com\GenericAskToolbar.dll =>Toolbar.Ask
O3 - Toolbar: AVG Security Toolbar - [HKLM]{95B7759C-8C7F-4BF1-B163-73684A933233} . (.AVG Secure Search - toolbar.dll.) -- C:\Program Files\AVG Secure Search\17.1.2.1\AVG Secure Search_toolbar.dll =>Toolbar.AVGSearch
O3 - Toolbar: Easy Photo Print - [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: E-Web Print - [HKLM]{201CF130-E29C-4E5C-A73F-CD197DEFA6AE} . (.SEIKO EPSON CORPORATION - ewps_tb.) -- C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll
O3 - Toolbar: Avira SearchFree Toolbar - [HKLM]{41564952-412D-5637-00A7-7A786E7484D7} . (.APN LLC. - Passport.) -- C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll =>Toolbar.Ask
O3 - Toolbar: WiseConvert 1.5 B2 Toolbar - [HKLM]{e483a649-efc1-4ceb-bff6-8be71582056d} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\WiseConvert_1.5_B2\prxtbWise.dll =>Toolbar.Conduit
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D4027C7F-154A-4066-A1AD-4243D8127440} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{FE063DB9-4EC0-403E-8DD8-394C54984B2C} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{C86FF9FA-AEED-451B-A9CC-39A53173AE2E} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{E483A649-EFC1-4CEB-BFF6-8BE71582056D} Clé orpheline
~ Toolbar: Scanned in 00mn 03s

---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Epson Easy Photo Print.lnk . (.SEIKO EPSON CORPORATION - Pas de description.) -- C:\Program Files\EPSON Software\Easy Photo Print\EPQuicker.exe
O4 - GS\Desktop [Public]: EPSON Scan.lnk . (.SEIKO EPSON CORP. - EPSON Scan.) -- C:\Windows\twain_32\escndv\escndv.exe
O4 - GS\Desktop [Public]: FreeCompressor.lnk . (...) -- C:\Program Files\TUGzip\TUGZip.exe
O4 - GS\Desktop [Public]: Guide d'utilisation EPSON XP-205 207 Series.lnk . (...) -- C:\Program Files\EPSON Software\Epson Manual\EPSON XP-205 207 Series\fr\Useg\index.htm
O4 - GS\Desktop [Public]: Guide réseau EPSON XP-205 207 Series.lnk . (...) -- C:\Program Files\EPSON Software\Epson Manual\EPSON XP-205 207 Series\fr\Netg\index.htm
O4 - GS\QuickLaunch [corinne]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\corinne\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [corinne]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [corinne]: SFR Cloud.lnk . (...) -- C:\Users\corinne\AppData\Local\F-Secure\SFR Cloud\Application\SFR Cloud.exe (.not file.)
O4 - GS\QuickLaunch [corinne]: SpeedMaxPc.lnk . (.SpeedMaxPc - SpeedMaxPc.) -- C:\Users\corinne\SpeedMaxPc\SpeedMaxPc.exe =>PUP.SpeedMaxPc
O4 - GS\Program [corinne]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [corinne]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [corinne]: Agent X - Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\corinne\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [corinne]: AttestationsScolaire - Raccourci.lnk . (...) -- C:\Users\corinne\Documents\Downloads\AttestationsScolaire.pdf
O4 - GS\Desktop [corinne]: coco - Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\corinne\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [corinne]: Corbeille - Raccourci.lnk - Clé orpheline
~ Global Startup: 68 Legitimates Filtered in 00mn 01s

---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: Ralink Wireless Utility.lnk . (.Ralink Technology, Corp. - RaUI MFC Application.) -- C:\Program Files\Ralink\Common\RaUI.exe
O4 - GS\Startup [corinne]: Microsoft Office Groove.lnk . (.Microsoft Corporation - Microsoft Office Groove.) -- C:\Program Files\Microsoft Office\Office12\GROOVE.exe
O4 - GS\Startup [corinne]: OneNote 2007 - Capture d'écran et lancement.lnk . (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.exe
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [EoEngine] Clé orpheline
O4 - HKLM\..\Run: [NWEReboot] Clé orpheline
O4 - HKLM\..\Run: [NBKeyScan] . (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
O4 - HKLM\..\Run: [eorezo] Clé orpheline =>PUP.Eorezo
O4 - HKLM\..\Run: [RDesc] Clé orpheline
O4 - HKLM\..\Run: [DATAMNGR] . (.Discordia, LTD - Data Manager.) -- C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe =>PUP.Datamngr
O4 - HKLM\..\Run: [ApnUpdater] . (.Ask - Ask Updater.) -- C:\Program Files\Ask.com\Updater\Updater.exe
O4 - HKLM\..\Run: [vProt] . (.Pas de propriétaire - VProtect Application.) -- C:\Program Files\AVG Secure Search\vprot.exe =>Toolbar.AVGSearch
O4 - HKLM\..\Run: [EEventManager] . (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
O4 - HKLM\..\Run: [ApnTBMon] . (.APN - Ask Toolbar Notifier.) -- C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe =>Toolbar.Ask
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Antivirus System Tray Tool (Desktop).) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [SearchSettings] . (.Spigot, Inc. - Search Settings.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe =>PUP.Dealio
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [InboxToolbar] . (.Inbox.com, Inc. - Inbox Toolbar.) -- C:\Program Files\Inbox Toolbar\Inbox.exe
O4 - HKLM\..\Run: [Online Vault] . (.Crawler.com - Online Vault Tray.) -- C:\Program Files\OnlineVault\OVTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [Connexion SFR 9props.exe] . (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files\SFR\Kit\9props.exe
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.)
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\corinne\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\corinne\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [NTRedirect] . (.Pas de propriétaire - enhancedNT.) -- C:\Users\corinne\AppData\Roaming\BabSolution\Shared\enhancedNT.dll =>Hijacker.BabSolution
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [Connexion SFR 9props.exe] . (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files\SFR\Kit\9props.exe
O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [msnmsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.)
O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\corinne\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\corinne\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [NTRedirect] . (.Pas de propriétaire - enhancedNT.) -- C:\Users\corinne\AppData\Roaming\BabSolution\Shared\enhancedNT.dll =>Hijacker.BabSolution
~ Application: Scanned in 00mn 00s

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: Streaming Chercher MP3 Toolbar - {C86FF9FA-AEED-451B-A9CC-39A53173AE2E} . (...) -- C:\Program Files\Streaming Chercher MP3 Toolbar\favicon.ico
~ IE Extra Buttons: Scanned in 00mn 00s

---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ((no name)) - http://www.ma-config.com/plugins/MaConfig_6_0_1_1.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
~ Objets ActiveX: Scanned in 00mn 00s

---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{26CC9913-151B-4770-A5A9-005A2300254F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{26CC9913-151B-4770-A5A9-005A2300254F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{26CC9913-151B-4770-A5A9-005A2300254F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s

---\\ Protocole additionnel (O18)
O18 - Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} . (.AVG Secure Search - Pas de description.) -- C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.1.2\ViProtocol.dll =>Toolbar.AVGSearch
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s

---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Service de mise à jour Ask (APNMCP) . (.APN LLC. - APN Updater.) - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe =>Toolbar.Ask
O23 - Service: (vToolbarUpdater17.1.2) . (.AVG Secure Search - ToolbarU Application.) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe =>Toolbar.AVGSearch
~ Services: 19 Legitimates Filtered in 00mn 19s

---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job [350]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job [350]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SpeedMaxPc Registration3.job [444] =>PUP.SpeedMaxPc
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SpeedMaxPc Update3.job [402] =>PUP.SpeedMaxPc
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SpeedMaxPc.job [336] =>Hijacker.iHaveNet
[MD5.00000000000000000000000000000000] [APT] [Advanced System Protector] (...) -- C:\Program Files\RegClean Pro\SystweakASP.exe (.not file.) [0] =>PUP.AdvancedSystemProtector
[MD5.00000000000000000000000000000000] [APT] [AVG-Secure-Search-Update_JUNE2013_HP_rmv] (...) -- C:\Windows\TEMP\{DD139D03-5DC0-430C-974A-B4CB947908A8}.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [AVG-Secure-Search-Update_JUNE2013_TB_rmv] (...) -- C:\Windows\TEMP\{67DAA24A-73FF-4FC8-B23B-3CF6F8940773}.exe (.not file.) [0]
[MD5.ADB62392BC0711707E58E70186CC4AC2] [APT] [EPUpdater] (...) -- C:\Users\corinne\AppData\Roaming\BabSolution\Shared\BabMaint.exe [10224] =>Hijacker.BabSolution
[MD5.00000000000000000000000000000000] [APT] [Maintenance en 1 clic] (...) -- C:\Program Files\TuneUp Utilities 2009\OneClickStarter.exe (.not file.) [0]
[MD5.013414E136AC76598B19552DC31DE718] [APT] [Scheduled Update for Ask Toolbar] (...) -- C:\Program Files\Ask.com\UpdateTask.exe [135336] =>Toolbar.Ask
[MD5.7BC313B855B469B918B75CB3F058CC66] [APT] [SpeedMaxPc] (.SpeedMaxPc.) -- C:\Users\corinne\SpeedMaxPc\SpeedMaxPc.exe [5004064] =>PUP.SpeedMaxPc
[MD5.1DE3E324847390D51970264CBFCAC1D8] [APT] [SpeedMaxPc Update3] (.SpeedMaxPc.) -- C:\Program Files\Common Files\SpeedMaxPc\UUS3\Update3.exe [660768] =>PUP.SpeedMaxPc
[MD5.00000000000000000000000000000000] [APT] [{3545F003-AAD7-4EFA-92A4-460073A3B532}] (...) -- C:\Users\corinne\Desktop\93.71_forceware_winxp2k_international_whql.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{4D79829A-4087-45F9-B3A1-D4F6E13D64CC}] (...) -- C:\Users\corinne\Desktop\Auto-'cole 3D\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{5C8C302B-B8E3-4CB2-998B-FBE18091AE17}] (...) -- C:\Users\corinne\Desktop\SoftonicToolbar.exe (.not file.) [0] =>Toolbar.Conduit
[MD5.00000000000000000000000000000000] [APT] [{C916364F-1A39-48C2-863D-D97A3F85E98C}] (...) -- D:\Drivers\Lan\Utility\setup.exe (.not file.) [0]
[MD5.9D826FE5B102A4DF5225786DB5E586C9] [APT] [ASUS ACPI Service Provider] (...) -- C:\Program Files\ASUS\AASP\1.00.33\aaCenter.exe [603648]
[MD5.2E5039A6599CAF0C4A406ED9460F80A1] [APT] [ASUS RegRun Loader] (...) -- C:\Program Files\ASUS\AASP\1.00.33\AsLoader.exe [363008]
~ Scheduled Task: 43 Legitimates Filtered in 00mn 07s

---\\ Logiciels installés (O42)
O42 - Logiciel: Ask Toolbar - (.Ask.com.) [HKLM] -- {86D4B82A-ABED-442A-BE86-96357B70F4FE} =>Toolbar.Ask
O42 - Logiciel: Ask.com Search Assistant 1.0.2 - (.Ask.com.) [HKLM] -- Ask.com Search Assistant
O42 - Logiciel: AutocompletePro - (...) [HKLM] -- AutocompletePro3_is1 =>Adware.PredictAd
O42 - Logiciel: BitGuard - (.MediaTechSoft Inc..) [HKLM] -- {15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} =>PUP.BitGuard
O42 - Logiciel: DVDVideoSoft Toolbar - (...) [HKLM] -- DVDVideoSoft Toolbar
O42 - Logiciel: Facemoods - (.Secure Digital Services.) [HKLM] -- {D0198889-7766-424B-AB81-F16F8EDDFEF4} =>Adware.Facemoods
O42 - Logiciel: Facetheme - (.facetheme.com.) [HKLM] -- facetheme =>PUP.FCTPlugin
O42 - Logiciel: Inbox Toolbar - (.Inbox.com, Inc..) [HKLM] -- {612AD33D-9824-4E87-8396-92374E91C4BB}_is1
O42 - Logiciel: ItsTV 3.0 - (.Its Label.) [HKLM] -- ItsTV_is1
O42 - Logiciel: Online Vault - (.PCRx.com, LLC.) [HKLM] -- {FE60B87C-63A2-4A45-AC06-FFEFD5DB7846}_is1 =>PUP.PCRx
O42 - Logiciel: SpeedMaxPc - (.SpeedMaxPc.) [HKLM] -- {D894938C-8EE1-4854-9254-8F9AEF2BFE46} =>PUP.SpeedMaxPc
O42 - Logiciel: Streaming Chercher MP3 Toolbar - (.Abingerdale, Ltd..) [HKLM] -- TBSB07458.TBSB07458Toolbar
O42 - Logiciel: SweetIM for Messenger 3.6 - (.SweetIM Technologies Ltd..) [HKLM] -- {A81A974F-8A22-43E6-9243-5198FF758DA1} =>PUP.SweetIM
O42 - Logiciel: Windows iLivid Toolbar - (.Bandoo Media, Inc.) [HKLM] -- Searchqu 406 MediaBar =>PUP.Datamngr
O42 - Logiciel: WiseConvert 1.5 B2 Toolbar for IE - (.WiseConvert 1.5 B2.) [HKLM] -- IECT3297966 =>Toolbar.Conduit
O42 - Logiciel: eoJet 1.1 - (.EoRezo.) [HKLM] -- eoJet_is1 =>PUP.Eorezo
~ Logic: 22 Legitimates Filtered in 00mn 02s

---\\ HKCU & HKLM Software Keys
[HKCU\Software\5f53d6d8e66dbe15] =>Hijacker.Eazel
[HKCU\Software\APN]
[HKCU\Software\Alexa Internet]
[HKCU\Software\Ask.com]
[HKCU\Software\AskPartnerNetwork]
[HKCU\Software\AskSearchAsst]
[HKCU\Software\AutocompleteProBHO] =>Adware.PredictAd
[HKCU\Software\AutocompletePro] =>Adware.PredictAd
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\DataMngr] =>PUP.Datamngr
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\EoRezo] =>PUP.Eorezo
[HKCU\Software\FileScout] =>PUP.FileScout
[HKCU\Software\FissaSearch] =>PUP.OfferBox
[HKCU\Software\Inbox Toolbar]
[HKCU\Software\ItsLabel] =>PUP.ItsLabel
[HKCU\Software\OfferBox] =>PUP.OfferBox
[HKCU\Software\Search Settings] =>Adware.SearchSettings
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\SpeedMaxPc] =>PUP.SpeedMaxPc
[HKCU\Software\WLANUtil]
[HKCU\Software\WideStream] =>Adware.SPointer
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\eojet] =>PUP.Eorezo
[HKCU\Software\ilivid] =>Adware.Bandoo
[HKLM\Software\5f53d6d8e66dbe15] =>Hijacker.Eazel
[HKLM\Software\APN]
[HKLM\Software\Allin1Convert_8hEI] =>Adware.Allin1Convert
[HKLM\Software\AskPartnerNetwork]
[HKLM\Software\AskToolbar]
[HKLM\Software\Bandoo] =>Adware.Bandoo
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\DataMngr] =>PUP.Datamngr
[HKLM\Software\EoRezo] =>PUP.Eorezo
[HKLM\Software\Inbox Toolbar]
[HKLM\Software\Search Settings] =>Adware.SearchSettings
[HKLM\Software\SearchquMediabarTb] =>PUP.Datamngr
[HKLM\Software\SpeedMaxPc] =>PUP.SpeedMaxPc
[HKLM\Software\WiseConvert_1.5_B2] =>Toolbar.Conduit
~ Key Software: 365 Legitimates Filtered in 00mn 02s

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 15/08/2013 - 14:49:19 - [0,789] ----D C:\Program Files\Allin1Convert_8hEI =>Adware.Allin1Convert
O43 - CFD: 07/08/2010 - 10:01:35 - [0,120] ----D C:\Program Files\Ask Search Assistant
O43 - CFD: 05/09/2012 - 15:47:39 - [3,428] ----D C:\Program Files\Ask.com
O43 - CFD: 24/07/2013 - 15:36:08 - [14,206] ----D C:\Program Files\AskPartnerNetwork
O43 - CFD: 11/03/2010 - 13:41:28 - [0] ----D C:\Program Files\Audio Video Converter
O43 - CFD: 08/09/2010 - 17:11:05 - [0,824] ----D C:\Program Files\AutocompletePro =>Adware.PredictAd
O43 - CFD: 12/02/2010 - 19:38:33 - [1,603] ----D C:\Program Files\Conduit
O43 - CFD: 25/05/2013 - 19:59:46 - [0,109] ----D C:\Program Files\EoRezo =>PUP.Eorezo
O43 - CFD: 22/08/2010 - 12:37:30 - [0] ----D C:\Program Files\Fluendo =>Adware.SPointer
O43 - CFD: 17/12/2013 - 13:34:33 - [6,870] ----D C:\Program Files\Inbox Toolbar
O43 - CFD: 13/02/2010 - 19:34:08 - [3,635] ----D C:\Program Files\ItsLabel =>PUP.ItsLabel
O43 - CFD: 06/12/2010 - 11:59:08 - [0,020] ----D C:\Program Files\LimeWire
O43 - CFD: 11/09/2012 - 12:11:24 - [0,065] ----D C:\Program Files\Object
O43 - CFD: 29/05/2010 - 15:04:58 - [7,103] ----D C:\Program Files\Streaming Chercher MP3 Toolbar
O43 - CFD: 30/01/2011 - 15:22:53 - [0,217] ----D C:\Program Files\Widestream6 =>Adware.SPointer
O43 - CFD: 02/06/2011 - 07:48:43 - [6,288] ----D C:\Program Files\Windows iLivid Toolbar =>Adware.Bandoo
O43 - CFD: 01/11/2013 - 11:48:53 - [7,784] ----D C:\Program Files\WiseConvert_1.5_B2 =>Toolbar.Conduit
O43 - CFD: 11/03/2010 - 13:41:28 - [10,116] ----D C:\Program Files\Common Files\ArmDic
O43 - CFD: 28/01/2014 - 11:43:13 - [1,612] ----D C:\Program Files\Common Files\SpeedMaxPc =>PUP.SpeedMaxPc
O43 - CFD: 13/08/2013 - 14:20:01 - [1,355] ----D C:\Program Files\Common Files\Spigot =>PUP.Dealio
O43 - CFD: 24/07/2013 - 15:35:20 - [0] ----D C:\ProgramData\APN
O43 - CFD: 23/10/2011 - 11:54:21 - [0] ----D C:\ProgramData\Ask
O43 - CFD: 24/07/2013 - 15:36:08 - [2,503] ----D C:\ProgramData\AskPartnerNetwork
O43 - CFD: 25/07/2013 - 16:04:03 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 02/10/2013 - 17:22:07 - [0,082] ----D C:\ProgramData\BitGuard =>PUP.BitGuard
O43 - CFD: 01/11/2013 - 11:48:54 - [1,686] ----D C:\ProgramData\Conduit
O43 - CFD: 15/08/2013 - 14:58:18 - [0,003] ----D C:\ProgramData\IBUpdaterService =>Adware.InstallBrain
O43 - CFD: 28/01/2014 - 11:43:13 - [0,020] ----D C:\ProgramData\SpeedMaxPc =>PUP.SpeedMaxPc
O43 - CFD: 19/09/2012 - 17:12:23 - [3,425] --H-D C:\ProgramData\{EF2D8223-8F3C-423E-BFA7-5E8BEEA8A6C2}
O43 - CFD: 24/08/2013 - 15:50:05 - [0] ----D C:\Users\corinne\AppData\Roaming\Advanced System Protector =>PUP.AdvancedSystemProtector
O43 - CFD: 15/08/2013 - 14:58:43 - [1,566] ----D C:\Users\corinne\AppData\Roaming\BabSolution =>Hijacker.BabSolution
O43 - CFD: 25/07/2013 - 16:04:03 - [0,007] ----D C:\Users\corinne\AppData\Roaming\Babylon =>PUP.Babylon
O43 - CFD: 21/06/2010 - 15:35:47 - [240,845] ----D C:\Users\corinne\AppData\Roaming\EoRezo =>PUP.Eorezo
O43 - CFD: 15/08/2013 - 15:08:24 - [0,308] ----D C:\Users\corinne\AppData\Roaming\File Scout =>PUP.FileScout
O43 - CFD: 15/08/2010 - 13:27:59 - [0,035] ----D C:\Users\corinne\AppData\Roaming\FissaSearch =>PUP.OfferBox
O43 - CFD: 14/02/2010 - 13:29:39 - [0,206] ----D C:\Users\corinne\AppData\Roaming\ItsLabel =>PUP.ItsLabel
O43 - CFD: 23/08/2011 - 16:26:28 - [0,013] ----D C:\Users\corinne\AppData\Roaming\Kalifoo.0158780AE3ACB0DC5B6FDCEC9DBFE5182B05BD40.1
O43 - CFD: 23/08/2013 - 14:59:59 - [0] ----D C:\Users\corinne\AppData\Roaming\OfferBox =>PUP.OfferBox
O43 - CFD: 15/08/2013 - 15:18:17 - [21,042] ----D C:\Users\corinne\AppData\Roaming\OpenCandy =>Adware.OpenCandy
O43 - CFD: 15/08/2013 - 14:58:15 - [0,081] ----D C:\Users\corinne\AppData\Roaming\SpeedAnalysis2 =>PUP.SpeedAnalysis
O43 - CFD: 02/12/2013 - 15:37:09 - [0] ----D C:\Users\corinne\AppData\Roaming\SpeedMaxPc =>PUP.SpeedMaxPc
O43 - CFD: 17/04/2010 - 19:37:12 - [0,001] ----D C:\Users\corinne\AppData\Roaming\widestream =>Adware.SPointer
O43 - CFD: 25/12/2013 - 16:53:07 - [0,371] ----D C:\Users\corinne\AppData\Local\Alexa
O43 - CFD: 25/07/2013 - 16:04:08 - [5,806] ----D C:\Users\corinne\AppData\Local\Babylon =>PUP.Babylon
O43 - CFD: 01/11/2013 - 11:48:50 - [2,692] ----D C:\Users\corinne\AppData\Local\Conduit
O43 - CFD: 16/10/2011 - 11:56:31 - [1,131] ----D C:\Users\corinne\AppData\Local\eojet =>PUP.Eorezo
O43 - CFD: 16/01/2014 - 18:40:04 - [0,003] ----D C:\Users\corinne\AppData\Local\iLivid =>Adware.Bandoo
O43 - CFD: 19/09/2012 - 17:11:22 - [0,014] ----D C:\Users\corinne\AppData\Local\Ilivid Player =>Adware.Bandoo
O43 - CFD: 30/01/2011 - 15:20:28 - [0,163] ----D C:\Users\corinne\AppData\Local\widestream6 Air =>Adware.SPointer
O43 - CFD: 07/08/2010 - 10:01:35 - [0,002] ----D C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ask Search Assistant
O43 - CFD: 13/10/2013 - 19:01:35 - [0] ----D C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard =>PUP.BitGuard
O43 - CFD: 28/01/2014 - 11:43:21 - [0,001] ----D C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc =>PUP.SpeedMaxPc
~ 55 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 335 Legitimates Filtered in 00mn 06s

---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
~ ShellExecuteHooks: Scanned in 00mn 00s

---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{6a14f727-70e0-11df-b5cd-001bfcfe3b34}\AutoRun\command. (...) -- G:\LaunchU3.exe (.not file.)
O51 - MPSK:{afe1c1c5-0f43-11e0-a474-001bfcfe3b34}\AutoRun\command - Clé orpheline
~ Keys: Scanned in 00mn 00s

---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ MWPS: 15 Legitimates Filtered in 00mn 00s

---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.DCDAAB8697A47894A554050CE18D0B56] - 18/10/2006 - 06:44:48 ---A- . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- C:\Windows\System32\Drivers\ASACPI.sys [7680]
O58 - SDL:[MD5.310C1844D7B7144288196DCF19FF578C] - 19/10/2006 - 03:11:12 ---A- . (...) -- C:\Windows\System32\Drivers\AsInsHelp32.sys [10304]
O58 - SDL:[MD5.51E2A3E5CE3F7D63845E06832E627F2D] - 19/10/2006 - 03:11:30 ---A- . (...) -- C:\Windows\System32\Drivers\AsInsHelp64.sys [12096]
O58 - SDL:[MD5.663F2FB92608073824EE3106886120F3] - 18/10/2006 - 20:12:16 R--A- . (...) -- C:\Windows\System32\Drivers\AsIO.sys [12664]
O58 - SDL:[MD5.C2A6683C9FF46AA70E2C2092B008EDC7] - 11/10/2006 - 04:33:58 ---A- . (...) -- C:\Windows\System32\Drivers\ASUSHWIO.SYS [10288]
O58 - SDL:[MD5.662ECAEC0FAE2C2069B75EF8A762BE87] - 08/08/2013 - 18:34:12 ---A- . (.Avira GmbH - Packet filtering kernel driver ( NDIS IM ).) -- C:\Windows\System32\Drivers\avfwim.sys [92448]
O58 - SDL:[MD5.E4DC0228AB7492086B96FCC8298CF3B6] - 08/08/2013 - 18:34:12 ---A- . (.Avira GmbH - TDI filtering kernel driver.) -- C:\Windows\System32\Drivers\avfwot.sys [113024]
O58 - SDL:[MD5.E8F3F21A71720C84BCF423B80028359F] - 02/11/2006 - 10:51:34 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [316520]
O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\System32\Drivers\iteatapi.sys [35944]
O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\System32\Drivers\iteraid.sys [35944]
O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 08/08/2013 - 18:34:13 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\System32\Drivers\ssmdrv.sys [28520]
O58 - SDL:[MD5.F92254B0BCFCD10CAAC7BCCC7CB7F467] - 12/11/2009 - 13:48:56 ---A- . (...) -- C:\Windows\System32\Drivers\StarOpen.sys [7168]
O58 - SDL:[MD5.3CD4EA35A6221B85DCC25DAA46313F8D] - 02/11/2006 - 10:51:25 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\System32\Drivers\uliahci.sys [235112]
O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\System32\Drivers\ulsata.sys [98408]
O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 02/11/2006 - 10:50:45 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\System32\Drivers\ulsata2.sys [115816]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 15 Legitimates Filtered in 00mn 04s

---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\corinne\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s

---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] 263EB1DA9C6A45DB82841E2D6A8C8007 - (Yahoo! Search) - http://fr.search.yahoo.com
O69 - SBI: SearchScopes [HKCU] 917275CB17CB4FAB99963AC0E747610A - (Amazon) - http://www.amazon.frch
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Delta Search) - http://www1.delta-search.com =>Toolbar.DeltaSearch
O69 - SBI: SearchScopes [HKCU] {361EC19A-B1D5-48D7-A46C-3E5F64D65FD8} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {8A96AF9E-4074-43b7-BEA3-87217BDA7406} - (Web Search) - http://www.searchqu.com =>PUP.Datamngr
O69 - SBI: SearchScopes [HKCU] {95B7759C-8C7F-4BF1-B163-73684A933233} - (AVG Secure Search) - http://isearch.avg.com =>Toolbar.AVGSearch
O69 - SBI: SearchScopes [HKCU] {A531D99C-5A22-449b-83DA-872725C6D0ED} - (Recherche alOt) - http://search.alot.com
O69 - SBI: SearchScopes [HKCU] {EF5833B6-08B1-49E4-91EE-DF722F79EF77} - (Live Search) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {F3D844A1-3EA4-46AE-BAD4-DF59A7DB0C73} - (Ask Search) - http://avira.search.ask.com
~ Keys: Scanned in 00mn 00s

---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.607C0C229A5AED4A019D8736E1261E3B] [SPRF][21/11/2011] (...) -- C:\Users\corinne\AppData\Local\d3d9caps.dat [1356]
[MD5.A15CB6D9953E3A7766156B92012537F0] [SPRF][26/01/2014] (...) -- C:\Users\corinne\AppData\Local\Temp\defaultCache.reg [81586]
[MD5.8F13E62A5E662B44E0C5E74265DBDFCF] [SPRF][23/05/2009] (.SilentNight Network and Security Tool - Standalone CD/DVD Burner.) -- C:\Users\corinne\Desktop\copier cd dvd.exe [1503744]
~ Files: 4 Legitimates Filtered in 00mn 00s

---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{AA94EC3F-F430-4B76-ABA2-F7568CE67187}C:\program files\fluendo\moovida\moovida.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\fluendo\moovida\moovida.exe (.not file.) =>Adware.SPointer
O87 - FAEL: "UDP Query User{215084E8-1FBD-40BD-B82A-855839151943}C:\program files\fluendo\moovida\moovida.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\fluendo\moovida\moovida.exe (.not file.) =>Adware.SPointer
O87 - FAEL: "{74ABB953-4F7A-47C7-B51F-39CD376C4C54}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\LimeWire\LimeWire.exe (.not file.)
O87 - FAEL: "{24C6491D-06A3-44A6-9DFA-0E7F6FF1DDFE}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\LimeWire\LimeWire.exe (.not file.)
O87 - FAEL: "{98F68253-D4DA-423B-B194-F1EFC9CE26A7}" | In - Public - P6 - TRUE | .(.Visicom Media Inc. - DTX broker.) -- C:\Program Files\Windows iLivid Toolbar\ToolBar\dtUser.exe =>Adware.Bandoo
O87 - FAEL: "{CA9E88CF-A2D4-4C23-BCBD-D0196119DD22}" | In - Public - P17 - TRUE | .(.Visicom Media Inc. - DTX broker.) -- C:\Program Files\Windows iLivid Toolbar\ToolBar\dtUser.exe =>Adware.Bandoo
~ Firewall: 196 Legitimates Filtered in 00mn 05s

---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "02639FE151B44BD40BAE88E9F2810718" . (.FreeCompressor.) -- C:\Windows\Installer\{1EF93620-4B15-4DB4-B0EA-889E2F187081}\ARPPRODUCTICON.exe
O90 - PUC: "25946514D2147365007A7A857BC0A000" . (.Avira SearchFree Toolbar.) -- C:\Windows\Installer\{41564952-412D-5637-00A7-A758B70C0A00}\ToolbarIcon.exe =>Toolbar.Avira
O90 - PUC: "9888910D6677B424BA181FF6E8DDEF4F" . (.Facemoods.) -- C:\Windows\Installer\{D0198889-7766-424B-AB81-F16F8EDDFEF4}\ARPPRODUCTICON.exe =>Adware.Facemoods
O90 - PUC: "A28B4D68DEBAA244EB686953B7074FEF" . (.Ask Toolbar.) -- C:\Program Files\Ask.com\favicon.ico =>Toolbar.Ask
O90 - PUC: "E0710AC8E9E65A34EAF1588A82028B74" . (.FreeCompressor.) -- C:\Windows\Installer\{8CA0170E-6E9E-43A5-AE1F-85A82820B847}\ARPPRODUCTICON.exe
O90 - PUC: "FA20CB7A821113A4CB8FA1E38E303D3B" . (.SweetIM Toolbar for Internet Explorer 4.2.) -- C:\Windows\Installer\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}\ARPPRODUCTICON.exe =>PUP.SweetIM
~ Update Products: 104 Legitimates Filtered in 00mn 00s

---\\ Export de clés de registre aléatoires (O91)
[HKCU\Software\5f53d6d8e66dbe15\2.6.1673.238\upd]:="upd=1" =>Hijacker.Eazel
[HKCU\Software\5f53d6d8e66dbe15\2.6.1694.246\upd]:="upd=1" =>Hijacker.Eazel
[HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1519.190]:dllName="BrowserDefender.dll" =>Hijacker.Eazel
[HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1519.190]:exeName="BrowserDefender.exe" =>Hijacker.Eazel
[HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1519.190]:folderName="BrowserDefender" =>Hijacker.Eazel
[HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1519.190]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1519.190]:serviceName="BrowserDefendert" =>PUA.BrowserDefendert
[HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1519.190]:version="2.6.1519.190" =>Hijacker.Eazel
[HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:dllName="BitGuard.dll" =>PUP.BitGuard
[HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:exeName="BitGuard.exe" =>PUP.BitGuard
[HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:folderName="BitGuard" =>PUP.BitGuard
[HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:serviceName="BitGuard" =>PUP.BitGuard
[HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:version="2.6.1673.238" =>Hijacker.Eazel
[HKCU\Software\5f53d6d8e66dbe15]:version="2.6.1694.246" =>Hijacker.Eazel
[HKLM\Software\5f53d6d8e66dbe15]:version="2.6.1694.246" =>Hijacker.Eazel
~ Export Key Software: Scanned in 00mn 00s

---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.E6C81BAC8BDBCA158FFA224A40EA3F7F] [WIS][13/08/2013] (.Spigot, Inc. - Widgi Toolbar.) -- C:\Windows\Installer\17de69.msi [1462272] =>PUP.Dealio
[MD5.AE5C5BD1ABC76C73F5C8BF6965281B65] [WIS][24/07/2010] (.Secure Digital Services - FreeCompressor.) -- C:\Windows\Installer\1adbf1.msi [3413504] =>Adware.SPointer
[MD5.E2848C16D95A1E060C0D018FAE9EF598] [WIS][04/07/2010] (.Secure Digital Services - FreeCompressor.) -- C:\Windows\Installer\25cb2.msi [2588672] =>Adware.SPointer
[MD5.16AA6129639915714A7F56296606E751] [WIS][22/12/2013] (.APN, LLC - Avira SearchFree Toolbar.) -- C:\Windows\Installer\30a7f.msi [809472] =>Toolbar.Avira
[MD5.94C044E15F74CC06760F25D33307A252] [WIS][28/10/2011] (.SweetIM Technologies Ltd. - SweetIM for Messenger 3.6.) -- C:\Windows\Installer\410025.msi [1947136] =>PUP.SweetIM
[MD5.3BD9B3A689C9505B844B07F52B19A9C1] [WIS][28/10/2011] (.SweetIM Technologies Ltd. - SweetIM Toolbar for Internet Explorer 4.0.) -- C:\Windows\Installer\41002b.msi [1837056] =>PUP.SweetIM
[MD5.07C1BBF5E73DA7FEAC2BB897DD2A8110] [WIS][15/08/2010] (.SweetIM Technologies Ltd. - SweetIM for Messenger 3.1.) -- C:\Windows\Installer\ba5a6.msi [1377792] =>PUP.SweetIM
[MD5.96C7D828E5DF1AB3F016B2611DFB9E81] [WIS][15/08/2010] (.SweetIM Technologies Ltd. - SweetIM Toolbar for Internet Explorer 3.9.) -- C:\Windows\Installer\ba5ac.msi [1146880] =>PUP.SweetIM
[MD5.8AAE00C6020D344416D50DFC4D893573] [WIS][27/02/2011] (.Secure Digital Services - Facemoods.) -- C:\Windows\Installer\dd63b9.msi [1837568] =>Adware.Facemoods
~ WIS: 110 Legitimates Filtered in 00mn 12s

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 11/12/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 06/03/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 06/03/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 14/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 12/12/2008 537896 | (NMIndexingService) . (.Nero AG.) - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
SS - | Auto 25/02/2013 1260320 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SS - | Demand 10/07/1658 0 | (rpcapd) . (...) - C:\Program Files\WinPcap\rpcapd.exe
SS - | Auto 19/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 18/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 13/01/2014 1012280 | (AntiVirFirewallService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
SR - | Auto 13/01/2014 896056 | (AntiVirMailService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
SR - | Auto 13/01/2014 440376 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 27/11/2013 440376 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 13/01/2014 1011768 | (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.exe
SR - | Auto 20/12/2013 166352 | (APNMCP) . (.APN LLC..) - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe =>Toolbar.Ask
SR - | Auto 16/04/2010 144672 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

Marou81 Messages postés 4175 Date d'inscription Statut Membre Dernière intervention 198

le rapport est incomplet, va sur http://cjoint.com, tu met parcourir tu met le fichier, tu clique créer lien et tu copie/colle le lien crée.

A+

coco66

: http://cjoint.com/?DBmse7C3x4m

Réponse 10 / 35

coco66

c'est bon ?

Réponse 11 / 35

Marou81 Messages postés 4175 Date d'inscription Statut Membre Dernière intervention 198

Bonsoir,

Désinstalle : Ask Toolbar , Ask.com Search , AutocompletePro , BitGuard , Facemoods , Facetheme Online Vault, SpeedMaxPc, Streaming Chercher MP3 Toolbar, SweetIM for Messenger, Windows iLivid, WiseConvert, eoJet

Eh beh avec tout ce que tu as, je comprend que ton pc ne veuille pas fonctionne correctement.

▶ Télécharge RogueKiller (de Tigzy) sur le Bureau
▶ Quitte tous tes programmes en cours
▶ Lance le (si tu utilises Windows Vista ou 7 : fais un clic-droit dessus et choisis "Exécuter en tant qu'administrateur")
▶ Patiente pendant le pre-scan, puis clique sur le bouton "Scan"
▶ A la fin, vérifie que tous les éléments sont cochés puis clique sur "Suppression"
▶ Un rapport (RKreport.txt) doit être créé sur le Bureau, poste le dans ta prochaine réponse.
▶ Redémarre le pc

Utilise cet outil de désinfection spécifique aux logiciels publicitaires :

▶ Télécharge AdwCleaner (de Xplode) sur ton Bureau.
▶ Lance le, clique sur Nettoyer puis patiente le temps du scan.
▶ Une fois le nettoyage terminée, un message de prévention va s'afficher, je te conseille de le lire attentivement (n'hésite pas à me poser des questions si tu n'as pas compris certaines choses dans ce message).
▶ Ensuite, le rapport s'ouvrira : poste le dans ta prochaine réponse.

Ensuite télécharge Junk Removal Tool. Suis ce tuto et poste moi le rapport :
https://forum.security-x.fr/tutoriels-317/tutoriel-junkware-removal-tool

Utilise ce logiciel de désinfection généraliste :

Utilise ce logiciel de désinfection généraliste :

▶ Télécharge et installe Malwarebytes' Anti-Malware
▶ A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée. Par contre, il n'est pas nécessaire d'activer l'essai gratuit pour la protection.
▶ Lance MBAM et laisse les Mises à jour se télécharger (sinon fais les manuellement au lancement du programme)
▶ Puis va dans l'onglet "Recherche", coche "Exécuter un examen complet" puis "Rechercher"
▶ Sélectionne tes disques durs puis clique sur "Lancer l'examen"
▶ A la fin de l'analyse, clique sur Afficher les résultats
▶ Coche tous les éléments détectés puis clique sur Supprimer la sélection
▶ S'il t'est demandé de redémarrer l'ordinateur, accepte.
▶ Poste dans ta prochaine réponse le rapport apparaissant après la suppression.

Reparamètre tes navigateurs WEB :

▶ Internet Explorer et modules complémentaires / moteurs de recherche : https://forum.malekal.com/viewtopic.php?t=41399&start=
▶ Firefox : https://www.malekal.com/reparer-firefox/?t=36057&start=
▶ Google Chrome : https://www.malekal.com/reparer-google-chrome/?t=35837&start=

A+

coco66

bonjour,
J'ai pu tout supprimer mais au lieu de facemoods j'ai facetherme.com? es-ce ça ? je nh'ai pas encore les manipulations demandées par manque de temps. Sinon, l'ordi depuis ce matin est encore plus ,long a démarrer même aprés ces suppressions, j'ai droit a une page noire pendant 2 ou 3 minutes ensuite ça vient, la messagerie est toujours aussi longue a démarrer. Quand je l'allume il me sort une erreur et setting qui s'est arréter de fonctionner et que windows cherche une solution mais ne la propose jamais donc je clique sur annuler. je vous recontacte quand j'aurai fait les manipulations.Merci

Marou81 Messages postés 4175 Date d'inscription Statut Membre Dernière intervention 198

j'ai mis les deux, faut lire ... bah faut faire les manip ^^

coco66

quand j'aurai fait tout ça, puis-je tout désinstaller avec ZHP Diaz et ZHP Fix ?

Marou81 Messages postés 4175 Date d'inscription Statut Membre Dernière intervention 198

je te le dirais tu fais rien sans que je te le demande et surtout rien installer d'autres ^^

coco66

je viens de commencer a telecharger Rguekiller mais Avira le bloque, voilà ce ki ce dit : "contenant le virus ou programme indésirable APPL/Firseria.A 5cloud) a été bloqué" et j'ai eu aussi C:\users\corinne\Downloads\Roguekiller.exe n'est pas 1 application win 32 valide.

Réponse 12 / 35

coco66

désolée mais ou est la zone d'identification?
Quand je clique sue tutoriel, il y a une bande grise avec FR, un dessin de prise, un autre d'un haut parleur et une bande progressive avec une date et l'heure mais rien ne bouge, merci

Marou81 Messages postés 4175 Date d'inscription Statut Membre Dernière intervention 198

Pour désactiver avira,

Clique sur la flèche dans la zone de notification
Clique droit sur l'icône de AVIRA
Clique sur "Antivir Guard enable"

coco66

mais qu'est ce la zone de notification ?

Marou81 Messages postés 4175 Date d'inscription Statut Membre Dernière intervention 198

en bas à droit, l'icone d'avira (le parapluie)

coco66

RogueKiller V8.8.7 [Feb 11 2014] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : http://forum.adlice.com
Site Web : http://www.sur-la-toile.com/RogueKiller/
Blog : http://www.adlice.com

Systeme d'exploitation : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Demarrage : Mode normal
Utilisateur : corinne [Droits d'admin]
Mode : Recherche -- Date : 02/17/2014 17:01:04
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 1 ¤¤¤
[SUSP PATH][DLL] rundll32.exe -- C:\Users\corinne\AppData\Roaming\BabSolution\Shared\enhancedNT.dll [7] -> rundll32.exe TUÉ [TermProc]

¤¤¤ Entrees de registre : 8 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : NTRedirect (C:\Windows\system32\rundll32.exe "C:\Users\corinne\AppData\Roaming\BabSolution\Shared\enhancedNT.dll",Run [7][7]) -> TROUVÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\[...]\Run : NTRedirect (C:\Windows\system32\rundll32.exe "C:\Users\corinne\AppData\Roaming\BabSolution\Shared\enhancedNT.dll",Run [7][7]) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> TROUVÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ

¤¤¤ Tâches planifiées : 5 ¤¤¤
[V1][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_HP_rmv.job : C:\Windows\TEMP\{DD139D03-5DC0-430C-974A-B4CB947908A8}.exe - --uninstall=1 [x] -> TROUVÉ
[V1][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv.job : C:\Windows\TEMP\{67DAA24A-73FF-4FC8-B23B-3CF6F8940773}.exe - --uninstall=1 [x] -> TROUVÉ
[V2][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_HP_rmv : C:\Windows\TEMP\{DD139D03-5DC0-430C-974A-B4CB947908A8}.exe - --uninstall=1 [x] -> TROUVÉ
[V2][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv : C:\Windows\TEMP\{67DAA24A-73FF-4FC8-B23B-3CF6F8940773}.exe - --uninstall=1 [x] -> TROUVÉ
[V2][SUSP PATH] EPUpdater : C:\Users\corinne\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [7] -> TROUVÉ

¤¤¤ Entrées Startup : 0 ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Addons navigateur : 0 ¤¤¤

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [CHARGE] ¤¤¤
[Address] SSDT[75] : NtCreateSection @ 0x82642F95 -> HOOKED (Unknown @ 0x8AA6856E)
[Address] SSDT[77] : NtCreateSymbolicLinkObject @ 0x825D1349 -> HOOKED (Unknown @ 0x8AA68546)
[Address] SSDT[165] : NtLoadDriver @ 0x8257CE12 -> HOOKED (Unknown @ 0x8AA6854B)
[Address] SSDT[197] : NtOpenSection @ 0x8262278C -> HOOKED (Unknown @ 0x8AA68541)
[Address] SSDT[276] : NtRequestWaitReplyPort @ 0x82655132 -> HOOKED (Unknown @ 0x8AA68578)
[Address] SSDT[289] : NtSetContextThread @ 0x826A42CF -> HOOKED (Unknown @ 0x8AA68573)
[Address] SSDT[314] : NtSetSecurityObject @ 0x825D1027 -> HOOKED (Unknown @ 0x8AA6857D)
[Address] SSDT[317] : NtSetSystemInformation @ 0x825F7F1E -> HOOKED (Unknown @ 0x8AA68550)
[Address] SSDT[332] : NtSystemDebugControl @ 0x82609EE9 -> HOOKED (Unknown @ 0x8AA68582)
[Address] SSDT[334] : NtTerminateProcess @ 0x8260216B -> HOOKED (Unknown @ 0x8AA6850F)
[Address] SSDT[358] : NtWriteVirtualMemory @ 0x8261EA27 -> HOOKED (Unknown @ 0x8AA6850A)
[Address] Shadow SSDT[573] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0x8AA68596)
[Address] Shadow SSDT[576] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0x8AA6859B)
[Inline] ***@*** (FwDoNothingOnObject) : FirewallAPI.dll -> HOOKED (Unknown @ 0x35E69E66)
[Inline] ***@*** (FwEnableMemTracing) : FirewallAPI.dll -> HOOKED (Unknown @ 0x35E69E66)
[Inline] ***@*** (FwSetMemLeakPolicy) : FirewallAPI.dll -> HOOKED (Unknown @ 0x35E69E66)

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST3250310AS ATA Device +++++
--- User ---
[MBR] 4b4de369ca8959509ba60c19f0be7572
[BSP] 990acc7ba0e741e7560de1f0a4fc762e : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 132000 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 270338048 | Size: 106473 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Termine : << RKreport[0]_S_02172014_170104.txt >>

RogueKiller V8.8.7 [Feb 11 2014] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : http://forum.adlice.com
Site Web : http://www.sur-la-toile.com/RogueKiller/
Blog : http://www.adlice.com

Systeme d'exploitation : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Demarrage : Mode normal
Utilisateur : corinne [Droits d'admin]
Mode : Suppression -- Date : 02/17/2014 17:02:01
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 1 ¤¤¤
[SUSP PATH][DLL] rundll32.exe -- C:\Users\corinne\AppData\Roaming\BabSolution\Shared\enhancedNT.dll [7] -> rundll32.exe TUÉ [TermProc]

¤¤¤ Entrees de registre : 8 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : NTRedirect (C:\Windows\system32\rundll32.exe "C:\Users\corinne\AppData\Roaming\BabSolution\Shared\enhancedNT.dll",Run [7][7]) -> SUPPRIMÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\[...]\Run : NTRedirect (C:\Windows\system32\rundll32.exe "C:\Users\corinne\AppData\Roaming\BabSolution\Shared\enhancedNT.dll",Run [7][7]) -> [0x2] Le fichier spécifié est introuvable.
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REMPLACÉ (0)
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REMPLACÉ (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REMPLACÉ (0)

¤¤¤ Tâches planifiées : 5 ¤¤¤
[V1][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_HP_rmv.job : C:\Windows\TEMP\{DD139D03-5DC0-430C-974A-B4CB947908A8}.exe - --uninstall=1 [x] -> SUPPRIMÉ
[V1][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv.job : C:\Windows\TEMP\{67DAA24A-73FF-4FC8-B23B-3CF6F8940773}.exe - --uninstall=1 [x] -> SUPPRIMÉ
[V2][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_HP_rmv : C:\Windows\TEMP\{DD139D03-5DC0-430C-974A-B4CB947908A8}.exe - --uninstall=1 [x] -> SUPPRIMÉ
[V2][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv : C:\Windows\TEMP\{67DAA24A-73FF-4FC8-B23B-3CF6F8940773}.exe - --uninstall=1 [x] -> ERROR DELETING TASK
[V2][SUSP PATH] EPUpdater : C:\Users\corinne\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [7] -> SUPPRIMÉ

¤¤¤ Entrées Startup : 0 ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Addons navigateur : 0 ¤¤¤

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [CHARGE] ¤¤¤
[Address] SSDT[75] : NtCreateSection @ 0x82642F95 -> HOOKED (Unknown @ 0x8AA6856E)
[Address] SSDT[77] : NtCreateSymbolicLinkObject @ 0x825D1349 -> HOOKED (Unknown @ 0x8AA68546)
[Address] SSDT[165] : NtLoadDriver @ 0x8257CE12 -> HOOKED (Unknown @ 0x8AA6854B)
[Address] SSDT[197] : NtOpenSection @ 0x8262278C -> HOOKED (Unknown @ 0x8AA68541)
[Address] SSDT[276] : NtRequestWaitReplyPort @ 0x82655132 -> HOOKED (Unknown @ 0x8AA68578)
[Address] SSDT[289] : NtSetContextThread @ 0x826A42CF -> HOOKED (Unknown @ 0x8AA68573)
[Address] SSDT[314] : NtSetSecurityObject @ 0x825D1027 -> HOOKED (Unknown @ 0x8AA6857D)
[Address] SSDT[317] : NtSetSystemInformation @ 0x825F7F1E -> HOOKED (Unknown @ 0x8AA68550)
[Address] SSDT[332] : NtSystemDebugControl @ 0x82609EE9 -> HOOKED (Unknown @ 0x8AA68582)
[Address] SSDT[334] : NtTerminateProcess @ 0x8260216B -> HOOKED (Unknown @ 0x8AA6850F)
[Address] SSDT[358] : NtWriteVirtualMemory @ 0x8261EA27 -> HOOKED (Unknown @ 0x8AA6850A)
[Address] Shadow SSDT[573] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0x8AA68596)
[Address] Shadow SSDT[576] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0x8AA6859B)
[Inline] ***@*** (FwDoNothingOnObject) : FirewallAPI.dll -> HOOKED (Unknown @ 0x35E69E66)
[Inline] ***@*** (FwEnableMemTracing) : FirewallAPI.dll -> HOOKED (Unknown @ 0x35E69E66)
[Inline] ***@*** (FwSetMemLeakPolicy) : FirewallAPI.dll -> HOOKED (Unknown @ 0x35E69E66)

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST3250310AS ATA Device +++++
--- User ---
[MBR] 4b4de369ca8959509ba60c19f0be7572
[BSP] 990acc7ba0e741e7560de1f0a4fc762e : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 132000 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 270338048 | Size: 106473 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Termine : << RKreport[0]_D_02172014_170201.txt >>
RKreport[0]_S_02172014_170104.txt

RogueKiller V8.8.7 [Feb 11 2014] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : http://forum.adlice.com
Site Web : http://www.sur-la-toile.com/RogueKiller/
Blog : http://www.adlice.com

Systeme d'exploitation : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Demarrage : Mode normal
Utilisateur : corinne [Droits d'admin]
Mode : Suppression -- Date : 02/17/2014 17:02:01
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 1 ¤¤¤
[SUSP PATH][DLL] rundll32.exe -- C:\Users\corinne\AppData\Roaming\BabSolution\Shared\enhancedNT.dll [7] -> rundll32.exe TUÉ [TermProc]

¤¤¤ Entrees de registre : 8 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : NTRedirect (C:\Windows\system32\rundll32.exe "C:\Users\corinne\AppData\Roaming\BabSolution\Shared\enhancedNT.dll",Run [7][7]) -> SUPPRIMÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\[...]\Run : NTRedirect (C:\Windows\system32\rundll32.exe "C:\Users\corinne\AppData\Roaming\BabSolution\Shared\enhancedNT.dll",Run [7][7]) -> [0x2] Le fichier spécifié est introuvable.
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REMPLACÉ (0)
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REMPLACÉ (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REMPLACÉ (0)

¤¤¤ Tâches planifiées : 5 ¤¤¤
[V1][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_HP_rmv.job : C:\Windows\TEMP\{DD139D03-5DC0-430C-974A-B4CB947908A8}.exe - --uninstall=1 [x] -> SUPPRIMÉ
[V1][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv.job : C:\Windows\TEMP\{67DAA24A-73FF-4FC8-B23B-3CF6F8940773}.exe - --uninstall=1 [x] -> SUPPRIMÉ
[V2][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_HP_rmv : C:\Windows\TEMP\{DD139D03-5DC0-430C-974A-B4CB947908A8}.exe - --uninstall=1 [x] -> SUPPRIMÉ
[V2][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv : C:\Windows\TEMP\{67DAA24A-73FF-4FC8-B23B-3CF6F8940773}.exe - --uninstall=1 [x] -> ERROR DELETING TASK
[V2][SUSP PATH] EPUpdater : C:\Users\corinne\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [7] -> SUPPRIMÉ

¤¤¤ Entrées Startup : 0 ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Addons navigateur : 0 ¤¤¤

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [CHARGE] ¤¤¤
[Address] SSDT[75] : NtCreateSection @ 0x82642F95 -> HOOKED (Unknown @ 0x8AA6856E)
[Address] SSDT[77] : NtCreateSymbolicLinkObject @ 0x825D1349 -> HOOKED (Unknown @ 0x8AA68546)
[Address] SSDT[165] : NtLoadDriver @ 0x8257CE12 -> HOOKED (Unknown @ 0x8AA6854B)
[Address] SSDT[197] : NtOpenSection @ 0x8262278C -> HOOKED (Unknown @ 0x8AA68541)
[Address] SSDT[276] : NtRequestWaitReplyPort @ 0x82655132 -> HOOKED (Unknown @ 0x8AA68578)
[Address] SSDT[289] : NtSetContextThread @ 0x826A42CF -> HOOKED (Unknown @ 0x8AA68573)
[Address] SSDT[314] : NtSetSecurityObject @ 0x825D1027 -> HOOKED (Unknown @ 0x8AA6857D)
[Address] SSDT[317] : NtSetSystemInformation @ 0x825F7F1E -> HOOKED (Unknown @ 0x8AA68550)
[Address] SSDT[332] : NtSystemDebugControl @ 0x82609EE9 -> HOOKED (Unknown @ 0x8AA68582)
[Address] SSDT[334] : NtTerminateProcess @ 0x8260216B -> HOOKED (Unknown @ 0x8AA6850F)
[Address] SSDT[358] : NtWriteVirtualMemory @ 0x8261EA27 -> HOOKED (Unknown @ 0x8AA6850A)
[Address] Shadow SSDT[573] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0x8AA68596)
[Address] Shadow SSDT[576] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0x8AA6859B)
[Inline] ***@*** (FwDoNothingOnObject) : FirewallAPI.dll -> HOOKED (Unknown @ 0x35E69E66)
[Inline] ***@*** (FwEnableMemTracing) : FirewallAPI.dll -> HOOKED (Unknown @ 0x35E69E66)
[Inline] ***@*** (FwSetMemLeakPolicy) : FirewallAPI.dll -> HOOKED (Unknown @ 0x35E69E66)

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST3250310AS ATA Device +++++
--- User ---
[MBR] 4b4de369ca8959509ba60c19f0be7572
[BSP] 990acc7ba0e741e7560de1f0a4fc762e : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 132000 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 270338048 | Size: 106473 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Termine : << RKreport[0]_D_02172014_170201.txt >>
RKreport[0]_S_02172014_170104.txt

RogueKiller V8.8.7 [Feb 11 2014] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : http://forum.adlice.com
Site Web : http://www.sur-la-toile.com/RogueKiller/
Blog : http://www.adlice.com

Systeme d'exploitation : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Demarrage : Mode normal
Utilisateur : corinne [Droits d'admin]
Mode : Suppression -- Date : 02/17/2014 17:02:01
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 1 ¤¤¤
[SUSP PATH][DLL] rundll32.exe -- C:\Users\corinne\AppData\Roaming\BabSolution\Shared\enhancedNT.dll [7] -> rundll32.exe TUÉ [TermProc]

¤¤¤ Entrees de registre : 8 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : NTRedirect (C:\Windows\system32\rundll32.exe "C:\Users\corinne\AppData\Roaming\BabSolution\Shared\enhancedNT.dll",Run [7][7]) -> SUPPRIMÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\[...]\Run : NTRedirect (C:\Windows\system32\rundll32.exe "C:\Users\corinne\AppData\Roaming\BabSolution\Shared\enhancedNT.dll",Run [7][7]) -> [0x2] Le fichier spécifié est introuvable.
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REMPLACÉ (0)
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REMPLACÉ (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REMPLACÉ (0)

¤¤¤ Tâches planifiées : 5 ¤¤¤
[V1][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_HP_rmv.job : C:\Windows\TEMP\{DD139D03-5DC0-430C-974A-B4CB947908A8}.exe - --uninstall=1 [x] -> SUPPRIMÉ
[V1][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv.job : C:\Windows\TEMP\{67DAA24A-73FF-4FC8-B23B-3CF6F8940773}.exe - --uninstall=1 [x] -> SUPPRIMÉ
[V2][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_HP_rmv : C:\Windows\TEMP\{DD139D03-5DC0-430C-974A-B4CB947908A8}.exe - --uninstall=1 [x] -> SUPPRIMÉ
[V2][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv : C:\Windows\TEMP\{67DAA24A-73FF-4FC8-B23B-3CF6F8940773}.exe - --uninstall=1 [x] -> ERROR DELETING TASK
[V2][SUSP PATH] EPUpdater : C:\Users\corinne\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [7] -> SUPPRIMÉ

¤¤¤ Entrées Startup : 0 ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Addons navigateur : 0 ¤¤¤

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [CHARGE] ¤¤¤
[Address] SSDT[75] : NtCreateSection @ 0x82642F95 -> HOOKED (Unknown @ 0x8AA6856E)
[Address] SSDT[77] : NtCreateSymbolicLinkObject @ 0x825D1349 -> HOOKED (Unknown @ 0x8AA68546)
[Address] SSDT[165] : NtLoadDriver @ 0x8257CE12 -> HOOKED (Unknown @ 0x8AA6854B)
[Address] SSDT[197] : NtOpenSection @ 0x8262278C -> HOOKED (Unknown @ 0x8AA68541)
[Address] SSDT[276] : NtRequestWaitReplyPort @ 0x82655132 -> HOOKED (Unknown @ 0x8AA68578)
[Address] SSDT[289] : NtSetContextThread @ 0x826A42CF -> HOOKED (Unknown @ 0x8AA68573)
[Address] SSDT[314] : NtSetSecurityObject @ 0x825D1027 -> HOOKED (Unknown @ 0x8AA6857D)
[Address] SSDT[317] : NtSetSystemInformation @ 0x825F7F1E -> HOOKED (Unknown @ 0x8AA68550)
[Address] SSDT[332] : NtSystemDebugControl @ 0x82609EE9 -> HOOKED (Unknown @ 0x8AA68582)
[Address] SSDT[334] : NtTerminateProcess @ 0x8260216B -> HOOKED (Unknown @ 0x8AA6850F)
[Address] SSDT[358] : NtWriteVirtualMemory @ 0x8261EA27 -> HOOKED (Unknown @ 0x8AA6850A)
[Address] Shadow SSDT[573] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0x8AA68596)
[Address] Shadow SSDT[576] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0x8AA6859B)
[Inline] ***@*** (FwDoNothingOnObject) : FirewallAPI.dll -> HOOKED (Unknown @ 0x35E69E66)
[Inline] ***@*** (FwEnableMemTracing) : FirewallAPI.dll -> HOOKED (Unknown @ 0x35E69E66)
[Inline] ***@*** (FwSetMemLeakPolicy) : FirewallAPI.dll -> HOOKED (Unknown @ 0x35E69E66)

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST3250310AS ATA Device +++++
--- User ---
[MBR] 4b4de369ca8959509ba60c19f0be7572
[BSP] 990acc7ba0e741e7560de1f0a4fc762e : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 132000 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 270338048 | Size: 106473 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Termine : << RKreport[0]_D_02172014_170201.txt >>
RKreport[0]_S_02172014_170104.txt

Réponse 13 / 35

coco66

finalement, je l'avais trouvé mais une le clic droit sur avira rien ne me permet de cliquer sur antivir guard enable

Marou81 Messages postés 4175 Date d'inscription Statut Membre Dernière intervention 198

regarde ici : https://support.avira.com/hc/en-us
protection en temps réel : tu désactive

coco66

vous l'avez au dessus de votre dernière réponse.puis__________-je continuer avec adwcleaner ou vous préférer lire d'abord se rapport ? est-ce dangereux si je garde avira inactif le temps de faire tout ça car ce n'est pas dit que je le face de suite, d'affiler car c long et je ne pourrais peut être pas sur l'ordi en constant. Si je veux consulter otre chose doi-je obilgatoirement le réactiver ?

coco66

finalement, j'ai eu adwcleaner sur comment ça marche mais bizarrement j'ai pu faire un nettoyage et comme réponse j'ai eu une erreur mais en plus il ne s'est téléchargé car je ne l'ai pas sur le bureau , je l'ai cherché mais introuvable. Puis-je réactiver avira ? si vous ne pouvez pas me répondre dans la soirée je le réactive car je laisse mon ordi allumé car il est long à démarrer.

coco66

j'ai retrouvé adwcleaner, je l'ai remis en marche. aprés le nettoyage, il m'est sorti des recommendations, j'ai cliqué sur OK de là, l'orinateur s'est éteind et rallumé et une fois rallumé j'ai eu ce ra# AdwCleaner v3.019 - Rapport créé le 17/02/2014 à 18:48:05
# Mis à jour le 17/02/2014 par Xplode
# Système d'exploitation : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Nom d'utilisateur : corinne - PC-DE-CORINNE
# Exécuté depuis : C:\Users\corinne\Documents\Downloads\adwcleaner.exe
# Option : Nettoyer

***** [ Services ] *****

***** [ Fichiers / Dossiers ] *****

***** [ Raccourcis ] *****

***** [ Registre ] *****

Valeur Supprimée : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Valeur Supprimée : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [***@***]
Valeur Supprimée : HKCU\Software\Mozilla\Firefox\Extensions [***@***]
Valeur Supprimée : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [***@***]
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{34FCB76F-5764-44B5-9C65-E88808AD6057}
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{34FCB76F-5764-44B5-9C65-E88808AD6057}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Clé Supprimée : HKCU\Toolbar
Clé Supprimée : HKLM\SOFTWARE\Classes\*\shell\filescout
Clé Supprimée : HKLM\SOFTWARE\Classes\AlxSSB.AlxTBSSB
Clé Supprimée : HKLM\SOFTWARE\Classes\AlxSSB.AlxTBSSB.1
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\NCTAudioFile3.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Clé Supprimée : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Clé Supprimée : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Clé Supprimée : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
Clé Supprimée : HKLM\SOFTWARE\Classes\EoRezoBHO.EoBho
Clé Supprimée : HKLM\SOFTWARE\Classes\EoRezoBHO.EoBho.1
Clé Supprimée : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Clé Supprimée : HKLM\SOFTWARE\Classes\Freecompressor.Spointer
Clé Supprimée : HKLM\SOFTWARE\Classes\Freecompressor.SpointerCtrl
Clé Supprimée : HKLM\SOFTWARE\Classes\Freecompressor.SpointerWebDisp
Clé Supprimée : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Clé Supprimée : HKLM\SOFTWARE\Classes\inbox.appserver
Clé Supprimée : HKLM\SOFTWARE\Classes\inbox.ibx404
Clé Supprimée : HKLM\SOFTWARE\Classes\Inbox.JSServer
Clé Supprimée : HKLM\SOFTWARE\Classes\Inbox.Toolbar
Clé Supprimée : HKLM\SOFTWARE\Classes\Prod.cap
Clé Supprimée : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Clé Supprimée : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Clé Supprimée : HKLM\SOFTWARE\Classes\protocols\handler\inbox
Clé Supprimée : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Clé Supprimée : HKLM\SOFTWARE\Classes\S
Clé Supprimée : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Clé Supprimée : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Clé Supprimée : HKLM\SOFTWARE\Classes\sim-packages
Clé Supprimée : HKLM\SOFTWARE\Classes\Speed Analysis 2.BackgroundHostObject
Clé Supprimée : HKLM\SOFTWARE\Classes\Speed Analysis 2.BackgroundHostObject.1
Clé Supprimée : HKLM\SOFTWARE\Classes\speedupmypc
Clé Supprimée : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Clé Supprimée : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [EoEngine]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [EoRezo]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [InboxToolbar]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Clé Supprimée : HKCU\Software\5f53d6d8e66dbe15
Clé Supprimée : HKLM\SOFTWARE\5f53d6d8e66dbe15
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2124320
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2542115
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2567681
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT3297966
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{1F02FB61-2BE5-4C16-8199-AEAA16EB0342}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{5E50AE1D-BC76-418B-94C4-EFEAC0CEF80C}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{20FE21D0-8895-4F5F-A5D2-709170290006}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{6AD30CB8-7064-4664-8039-D9BB95CBA878}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{85FE1096-281B-4CB9-82B6-D8EBA5830035}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{87BEF026-9269-413C-A5B3-11F35451380E}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A83C3565-302C-4BF8-B000-6B6F1811D892}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E9E9C4BC-BD4D-4486-9092-C43FDF8F911B}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{EB93AADE-9884-47F0-AA9D-0920E1D1203F}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{F011F437-EE07-463C-8217-97C0522117AB}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{20FE21D0-8895-4F5F-A5D2-709170290006}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{7713A018-8482-48FA-8BD3-46A9D319693F}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{7894081D-0CF3-4663-B371-79DB59C32FC3}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{9D2F73EA-AA92-4C9C-9FA5-666B725E8E75}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C382B99A-E317-4842-8448-70ADDAC750CA}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E6E1D9F5-DC91-458F-89B8-FACFBD132A91}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E9E9C4BC-BD4D-4486-9092-C43FDF8F911B}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{11109EB1-7D52-4512-88AD-9D837AEED46F}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{615E8AA1-6BB8-4A3D-A1CC-373194DB612C}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{BB30FEA7-5866-406A-B47D-FB69E1AF8FD7}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{DA9FC525-41ED-4C00-B046-946DA7CDD305}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{DD68F52E-1436-4C5C-8191-A1FA6AE566D4}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{ED846B6D-C294-4DFF-9AF6-44BDA49C0ED1}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A83C3565-302C-4BF8-B000-6B6F1811D892}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A531D99C-5A22-449B-83DA-872725C6D0ED}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A83C3565-302C-4BF8-B000-6B6F1811D892}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6AD30CB8-7064-4664-8039-D9BB95CBA878}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{85FE1096-281B-4CB9-82B6-D8EBA5830035}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B13E6377-EC0A-4C07-AC89-DCD48B57203D}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43B7-BEA3-87217BDA7406}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A531D99C-5A22-449B-83DA-872725C6D0ED}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43B7-BEA3-87217BDA7406}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FE063DB9-4EC0-403E-8DD8-394C54984B2C}]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FE063DB9-4EC0-403E-8DD8-394C54984B2C}]
Clé Supprimée : HKCU\Software\Alexa Internet
Clé Supprimée : HKCU\Software\AutocompleteProBHO
Clé Supprimée : HKCU\Software\AVG Secure Search
Clé Supprimée : HKCU\Software\BabSolution
Clé Supprimée : HKCU\Software\caphyon
Clé Supprimée : HKCU\Software\Conduit
Clé Supprimée : HKCU\Software\DataMngr
Clé Supprimée : HKCU\Software\distromatic
Clé Supprimée : HKCU\Software\eoJet
Clé Supprimée : HKCU\Software\EoRezo
Clé Supprimée : HKCU\Software\filescout
Clé Supprimée : HKCU\Software\FissaSearch
Clé Supprimée : HKCU\Software\FreeCompressor
Clé Supprimée : HKCU\Software\ilivid
Clé Supprimée : HKCU\Software\Inbox Toolbar
Clé Supprimée : HKCU\Software\ItsLabel
Clé Supprimée : HKCU\Software\Myfree Codec
Clé Supprimée : HKCU\Software\Offerbox
Clé Supprimée : HKCU\Software\pdfforge
Clé Supprimée : HKCU\Software\Search Settings
Clé Supprimée : HKCU\Software\Softonic
Clé Supprimée : HKCU\Software\SpeedMaxPC
Clé Supprimée : HKCU\Software\Spointer
Clé Supprimée : HKCU\Software\WideStream
Clé Supprimée : HKCU\Software\YahooPartnerToolbar
Clé Supprimée : HKCU\Software\AppDataLow\Software\Allin1Convert_8hEI
Clé Supprimée : HKCU\Software\AppDataLow\Software\Conduit
Clé Supprimée : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Clé Supprimée : HKCU\Software\AppDataLow\Software\searchqutoolbar
Clé Supprimée : HKCU\Software\AppDataLow\Software\SmartBar
Clé Supprimée : HKLM\Software\Allin1Convert_8hEI
Clé Supprimée : HKLM\Software\AVG Secure Search
Clé Supprimée : HKLM\Software\AVG Security Toolbar
Clé Supprimée : HKLM\Software\Bandoo
Clé Supprimée : HKLM\Software\Conduit
Clé Supprimée : HKLM\Software\EoRezo
Clé Supprimée : HKLM\Software\FreeCompressor
Clé Supprimée : HKLM\Software\Inbox Toolbar
Clé Supprimée : HKLM\Software\Myfree Codec
Clé Supprimée : HKLM\Software\pdfforge
Clé Supprimée : HKLM\Software\Search Settings
Clé Supprimée : HKLM\Software\SpeedMaxPC
Clé Supprimée : HKLM\Software\systweak
Clé Supprimée : HKLM\Software\Uniblue
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1EF93620-4B15-4DB4-B0EA-889E2F187081}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D0198889-7766-424B-AB81-F16F8EDDFEF4}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Amazon Browser Settings
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eoJet_is1
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\facetheme
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1CD4D45E-4851-496D-840F-2C2E752ECFB7}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1EF93620-4B15-4DB4-B0EA-889E2F187081}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A0B139A7-E8D5-49E8-A7BF-12421E652208}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{BE7785D6-045F-44FB-A1E4-3FA555874415}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{DA95E878-B181-4366-A433-6145592707A8}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Amazon Browser Settings
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Chrome Toolbar
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\eoJet_is1
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\facemoods
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\facetheme
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyFreeCodec
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdate_is1
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0

***** [ Navigateurs ] *****

-\\ Internet Explorer v9.0.8112.16533

-\\ Mozilla Firefox v

[ Fichier : C:\Users\corinne\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\prefs.js ]

-\\ Google Chrome v

[ Fichier : C:\Users\corinne\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [40066 octets] - [17/02/2014 17:37:18]
AdwCleaner[R1].txt - [34526 octets] - [17/02/2014 18:46:13]
AdwCleaner[S0].txt - [5832 octets] - [17/02/2014 17:38:47]
AdwCleaner[S1].txt - [34776 octets] - [17/02/2014 18:48:05]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [34837 octets] ##########
pport

Marou81 Messages postés 4175 Date d'inscription Statut Membre Dernière intervention 198

on continue

Réponse 14 / 35

Marou81 Messages postés 4175 Date d'inscription Statut Membre Dernière intervention 198

Bonsoir,

Télécharge SFTGC ici http://www.archive-host.com
Enregistrez le fichier sur le bureau.
Ouvrez SFTGC.exe et patientez durant l'initialisation du logiciel :
Pour lancer le nettoyage, il suffit de cliquer sur Go.

Refais moi un nouveau zhpdiag et poste le rapport.

A+

coco66

Rapport de SFTGC (Pierre13) du Jeudi 20 Fevrier 2014 à 13:20:40 version : 2.0.0.66
Mis à jour le 07/02/2014
Outil lancé en Mode normal et En tant qu'administrateur
Windows Vista (TM) Home Premium Service Pack 2 32 bits

Tool start in C:\Users\corinne\Documents\Downloads

1569 éléments supprimés => 777.15 Mo libérés. (2 mn 51 s)

Warning !! **/!\** C:\Users\corinne\AppData\Local\Temp\avgnt.exe **/!\**
Warning !! **/!\** C:\Users\corinne\AppData\LocalLow\Sun\Java\JRERunOnce.exe **/!\**
Warning !! **/!\** C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\Flash Player 12.exe.xcp1fdg.lnk **/!\**
C:\Users\corinne\AppData\Local\Temp\1444_25244
C:\Users\corinne\AppData\Local\Temp\AdobeARM.log
C:\Users\corinne\AppData\Local\Temp\avgnt.exe
C:\Users\corinne\AppData\Local\Temp\corinne.bmp
C:\Users\corinne\AppData\Local\Temp\jusched.log
C:\Users\corinne\AppData\Local\Temp\Low
C:\Users\corinne\AppData\Local\Temp\TWAIN.LOG
C:\Users\corinne\AppData\Local\Temp\Twain001.Mtx
C:\Users\corinne\AppData\Local\Temp\Twunk001.MTX
C:\Users\corinne\AppData\Local\Temp\Twunk002.MTX
C:\Users\corinne\AppData\Local\Temp\WPDNSE
C:\Users\corinne\AppData\Local\Temp\nro.log\log
C:\Users\corinne\AppData\Local\Temp\nro.log\log\ShellManager_Log.txt
C:\Users\corinne\AppData\Local\Temp\Low\JavaDeployReg.log
C:\Users\corinne\AppData\Local\Temp\1444_25244\crl-set
C:\Users\corinne\AppData\Local\Temp\1444_25244\manifest.fingerprint
C:\Users\corinne\AppData\Local\Temp\1444_25244\manifest.json
C:\Users\corinne\AppData\LocalLow\desktop.ini
C:\Users\corinne\AppData\LocalLow\IEXPLORE
C:\Users\corinne\AppData\LocalLow\Temp\.contenta\0.tmp
C:\Users\corinne\AppData\LocalLow\Temp\.contenta\last.cfg
C:\Users\corinne\AppData\LocalLow\Temp\.contenta\preview.png
C:\Users\corinne\AppData\LocalLow\Temp\.contenta\w.png
C:\Users\corinne\AppData\LocalLow\Temp\.contenta\thumbs\C\Users\corinne\Documents
C:\Users\corinne\AppData\LocalLow\Temp\.contenta\thumbs\C\Users\corinne\Documents\SAM_0021.JPG.jpg
C:\Users\corinne\AppData\LocalLow\Temp\.contenta\thumbs\C\Users\corinne\Documents\SAM_0028.JPG.jpg
C:\Users\corinne\AppData\LocalLow\Temp\.contenta\thumbs\C\Users\corinne\Documents\SAM_0031.JPG.jpg
C:\Users\corinne\AppData\LocalLow\Sun\Java\AU
C:\Users\corinne\AppData\LocalLow\Sun\Java\jinstall.cfg
C:\Users\corinne\AppData\LocalLow\Sun\Java\jre1.6.0_18
C:\Users\corinne\AppData\LocalLow\Sun\Java\jre1.6.0_20
C:\Users\corinne\AppData\LocalLow\Sun\Java\jre1.6.0_21
C:\Users\corinne\AppData\LocalLow\Sun\Java\jre1.6.0_22
C:\Users\corinne\AppData\LocalLow\Sun\Java\jre1.6.0_23
C:\Users\corinne\AppData\LocalLow\Sun\Java\jre1.6.0_24
C:\Users\corinne\AppData\LocalLow\Sun\Java\jre1.6.0_26
C:\Users\corinne\AppData\LocalLow\Sun\Java\jre1.6.0_29
C:\Users\corinne\AppData\LocalLow\Sun\Java\jre1.6.0_31
C:\Users\corinne\AppData\LocalLow\Sun\Java\jre1.6.0_37
C:\Users\corinne\AppData\LocalLow\Sun\Java\jre1.6.0_39
C:\Users\corinne\AppData\LocalLow\Sun\Java\jre1.7.0_06
C:\Users\corinne\AppData\LocalLow\Sun\Java\jre1.7.0_15
C:\Users\corinne\AppData\LocalLow\Sun\Java\jre1.7.0_51
C:\Users\corinne\AppData\LocalLow\Sun\Java\JRERunOnce.exe
C:\Users\corinne\AppData\LocalLow\Sun\Java\jre1.7.0_51\Data1.cab
C:\Users\corinne\AppData\LocalLow\Sun\Java\jre1.7.0_51\jre1.7.0_51.msi
C:\Users\corinne\AppData\LocalLow\Sun\Java\jre1.7.0_51\jre1036.MST
C:\Users\corinne\AppData\Local\Microsoft\Windows\History\desktop.ini
C:\Users\corinne\AppData\Local\Microsoft\Windows\History\Low\desktop.ini
C:\Users\corinne\AppData\Local\Microsoft\Windows\History\Low\History.IE5
C:\Users\corinne\AppData\Local\Microsoft\Windows\History\Low\History.IE5\desktop.ini
C:\Users\corinne\AppData\Local\Microsoft\Windows\History\Low\History.IE5\index.dat
C:\Users\corinne\AppData\Local\Microsoft\Windows\History\History.IE5\desktop.ini
C:\Users\corinne\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012014012720140203
C:\Users\corinne\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012014020320140210
C:\Users\corinne\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012014021020140217
C:\Users\corinne\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012014021720140218
C:\Users\corinne\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012014021820140219
C:\Users\corinne\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012014021920140220
C:\Users\corinne\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012014021920140220\index.dat
C:\Users\corinne\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012014021820140219\index.dat
C:\Users\corinne\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012014021720140218\index.dat
C:\Users\corinne\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012014021020140217\index.dat
C:\Users\corinne\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012014020320140210\index.dat
C:\Users\corinne\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012014012720140203\index.dat
C:\Users\corinne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO
C:\Users\corinne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word
C:\Users\corinne\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini
C:\Users\corinne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\corinne\AppData\Roaming\Real\RealMediaSDK
C:\Users\corinne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\corinne\AppData\Roaming\Microsoft\Windows\PrivacIE\Low
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\100___11.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\101___12.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\14072103 à Mont Juset (4).lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\2012_04_16_CCM_LB_security.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\2013-11-16 anniversaire Mamie Denise 80 ans.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\20130621_223427.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\@FissaPlugin.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\AC-3.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\ac3dx.ax.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\Accusé de réception.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\Add-in Express.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\AdwCleaner.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\AdwCleaner[S1].lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\adxregistrator.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\annonce pole emploi.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\AppData.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\Applications.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\AttestationsScolaire (1).lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\AttestationsScolaire.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\attestationViePriveeArbitrage (1).lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\attestationViePriveeArbitrage.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\attestationViePriveeArbitrage[1].lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\Avira Internet Security.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\AVIRA_QUIKGUIDE_2013_EN_ONLINE.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\Bernard MONTAUDON S2CU.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\Bernard MONTAUDON AXA.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\Contacts.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\content.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\Contestation ACS.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\Contestation sécu ALD Bernard.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\corinne (2).lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\corinne.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\CV CORINNE (2).lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\CV CORINNE.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\default.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\desktop.ini
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\Downloads.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\Dry - Le choix (feat. Maître Gims).lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\Ellie Goulding - Burn.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\Eminem - Berzerk (Audio).lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\Eminem - Monster (Audio) ft. Rihanna.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\EoAdv.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\EoRezoBho.old.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\even0rood.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\even1rood.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\even3rood.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\fissasearch.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\Flash Player 12.exe.xcp1fdg.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\furets à Ribot.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\Images.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\img001.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\IMG_0080.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\IMG_0109.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\index.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\install.rdf.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\Jason Derulo - "Talk Dirty" feat. 2Chainz (Official HD Music Video).lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\Jean Patrick Capdevielle - Chiquita.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\JRT.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\La Fouine - Quand je partirai.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\Lac.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\Lecteur CD.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\lettre pour jardin.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\loader.sfr.min.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\LUMIERES DE NOEL JAUDE.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\mai à juillet 2013.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\Maif_15.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\Maif_18.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\messagerie.xd.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\messagerie_fr.xd.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\Microsoft_SR-1231552190.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\Mister You - J'Voulais.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\mmm.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\Motivation Aide à Domicile Corinne (2).lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\Motivation Aide à Domicile Corinne.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\Motivation ASH Corinne.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\Netg.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\ntuser.dat.LOG1.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\Ours.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\overlay.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\Par défaut.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\parfeu avira.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\PDFCreator (2).lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\PDFCreator.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\photo henri côte d'azur.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\photos d'Henri Côte d'Azur.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\QT3ASSET.X32.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\Rechercher parmi les résultats dans Emplacements indexés.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\RECHERCHES EMPLOIS CORINNE (2).lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\RECHERCHES EMPLOIS CORINNE.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\RepristinateSettingsFX.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\RepristinateSettingsIE.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\RKreport[0]_D_02172014_170201.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\RKreport[0]_S_02172014_170104.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\Saint Saturnin,Lac d'Eydat, lac Lacassière.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\SamsungAppsLocalDB14.db3.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\SAM_0262.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\setDefaults.lnk
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Recent\SetupLog.lnk
C:\Users\corinne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\corinne\AppData\Roaming\Real
C:\Users\corinne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\corinne\AppData\Roaming\Microsoft\Windows\PrivacIE
C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\History\desktop.ini
C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\History\History.IE5
C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\History\History.IE5\desktop.ini
C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini
C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D862LF71
C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini
C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J382WXMB
C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SKA50PGL
C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UXCUT4Y1
C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UXCUT4Y1\42[1]
C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UXCUT4Y1\desktop.ini
C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SKA50PGL\desktop.ini
C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J382WXMB\desktop.ini
C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D862LF71\desktop.ini
C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
C:\Users\corinne\AppData\Local\Temp\avgnt.exe
C:\Users\corinne\AppData\Local\Temp\nro.log
C:\Windows\TEMP\2013080800005872.zip
C:\Windows\TEMP\75B782BE-9B83-4C80-A1A0-BD9F5FE63C25-Sigs
C:\Windows\TEMP\ASPNETSetup_00000.log
C:\Windows\TEMP\ASPNETSetup_00001.log
C:\Windows\TEMP\avg-secure-search.xml
C:\Windows\TEMP\avg_secure_search.log
C:\Windows\TEMP\avg_secure_search.log.1
C:\Windows\TEMP\avg_secure_search.log.2
C:\Windows\TEMP\avg_secure_search.log.3
C:\Windows\TEMP\avg_secure_search.log.4
C:\Windows\TEMP\AVSETUP_52da92b0
C:\Windows\TEMP\contentDATs.exe
C:\Windows\TEMP\Cookies
C:\Windows\TEMP\dd_clwireg.txt
C:\Windows\TEMP\dd_dotNetFx40LP_Client_x86fr_decompression_log.txt
C:\Windows\TEMP\dd_NDP45-KB2898869-x86_decompression_log.txt
C:\Windows\TEMP\dd_NDP45-KB2901126-x86_decompression_log.txt
C:\Windows\TEMP\dd_NDP451-KB2858725-x86-x64-ENU_decompression_log.txt
C:\Windows\TEMP\dd_SetupUtility.txt
C:\Windows\TEMP\dd_wcf_CA_smci_20140126_155417_652.txt
C:\Windows\TEMP\defaultCache.reg
C:\Windows\TEMP\ehprivjob.log
C:\Windows\TEMP\ehprivjob1.log
C:\Windows\TEMP\FireFoxSearchXml.tmp
C:\Windows\TEMP\Google Toolbar
C:\Windows\TEMP\GoogleToolbarInstaller1.log
C:\Windows\TEMP\GoogleToolbarInstaller2.log
C:\Windows\TEMP\GoogleUpdateSetup.exe2594b0
C:\Windows\TEMP\HFI24B6.tmp.html
C:\Windows\TEMP\Hx7F1E.tmp
C:\Windows\TEMP\ichcop
C:\Windows\TEMP\InstallHelp
C:\Windows\TEMP\KB2836939v3_10.0.30319
C:\Windows\TEMP\KB2836939v3_20131011_081650463-Microsoft .NET Framework 4 Client Profile-MSP0.txt
C:\Windows\TEMP\KB2836939v3_20131011_081650463.html
C:\Windows\TEMP\KB2836939_10.0.30319
C:\Windows\TEMP\KB2836939_20130831_172413773-Microsoft .NET Framework 4 Client Profile-MSP0.txt
C:\Windows\TEMP\KB2836939_20130831_172413773.html
C:\Windows\TEMP\KB2840628v2_10.0.30319
C:\Windows\TEMP\KB2840628v2_20130815_180811856-Microsoft .NET Framework 4 Client Profile-MSP0.txt
C:\Windows\TEMP\KB2840628v2_20130815_180811856.html
C:\Windows\TEMP\KB2840628v2_20130817_193508739-Microsoft .NET Framework 4 Client Profile-MSP0.txt
C:\Windows\TEMP\KB2840628v2_20130817_193508739.html
C:\Windows\TEMP\KB2858302v2_10.0.30319
C:\Windows\TEMP\KB2858302v2_20131011_080536277-Microsoft .NET Framework 4 Client Profile-MSP0.txt
C:\Windows\TEMP\KB2858302v2_20131011_080536277.html
C:\Windows\TEMP\KB2861188_10.0.30319
C:\Windows\TEMP\KB2861188_20131011_090842866-Microsoft .NET Framework 4 Client Profile-MSP0.txt
C:\Windows\TEMP\KB2861188_20131011_090842866.html
C:\Windows\TEMP\KB2898869_20140212_202456144-Microsoft .NET Framework 4.5.1-MSP0.txt
C:\Windows\TEMP\KB2898869_20140212_202456144.html
C:\Windows\TEMP\KB2901126_20140212_202255275-Microsoft .NET Framework 4.5.1-MSP0.txt
C:\Windows\TEMP\KB2901126_20140212_202255275.html
C:\Windows\TEMP\malware(4760).tmp
C:\Windows\TEMP\malware(6384).tmp
C:\Windows\TEMP\Microsoft .NET Framework 3.5-KB2836940_20130831_152930625-Msi0.txt
C:\Windows\TEMP\Microsoft .NET Framework 3.5-KB2836940_20130831_152930625.html
C:\Windows\TEMP\Microsoft .NET Framework 3.5-KB2861697_20131011_065957333-Msi0.txt
C:\Windows\TEMP\Microsoft .NET Framework 3.5-KB2861697_20131011_065957333.html
C:\Windows\TEMP\Microsoft .NET Framework 4.5.1 Setup_20140126_164840635-MSI_netfx_Full_GDR_x86.msi.txt
C:\Windows\TEMP\Microsoft .NET Framework 4.5.1 Setup_20140126_164840635.html
C:\Windows\TEMP\Microsoft .NET Framework Client Profile Language Pack Setup_20140127_133130863-MSI_netfx_CoreLP_x86.msi.txt
C:\Windows\TEMP\Microsoft .NET Framework Client Profile Language Pack Setup_20140127_133130863.html
C:\Windows\TEMP\Microsoft .NET Framework Client Profile Language Pack Setup_4.0.30319
C:\Windows\TEMP\MpCmdRun.log
C:\Windows\TEMP\MPInstrumentation
C:\Windows\TEMP\MpSigStub.log
C:\Windows\TEMP\MPTelemetrySubmit
C:\Windows\TEMP\MSIbdb02.LOG
C:\Windows\TEMP\pdfforgeToolbar.exe
C:\Windows\TEMP\scaninfo(2860).tmp
C:\Windows\TEMP\scaninfo(4160).tmp
C:\Windows\TEMP\scaninfo(5016).tmp
C:\Windows\TEMP\scaninfo(5652).tmp
C:\Windows\TEMP\SecurityScan_Release.exe
C:\Windows\TEMP\SFT8DB2.tmp
C:\Windows\TEMP\Silverlight0.log
C:\Windows\TEMP\SilverlightMSI.log
C:\Windows\TEMP\TMP000000014D6469775B32DAA5
C:\Windows\TEMP\TMP000000076881BE7B16EC03CC
C:\Windows\TEMP\TMP0000000BF0A2A5364A77FE04
C:\Windows\TEMP\TMP000000101385CC06D516112A
C:\Windows\TEMP\TMP0000026FA787D6AB252085B5
C:\Windows\TEMP\toolbar_log.txt
C:\Windows\TEMP\UpdateMgrLog.txt
C:\Windows\TEMP\{14CED77E-E2DC-4D43-BB59-A20823BDFF59}.exe
C:\Windows\TEMP\{746697E6-BC44-4342-9446-40927ECF5B0F}.exe
C:\Windows\TEMP\{9575BF9F-1911-455D-A7CE-5C22D6A08146}.exe
C:\Windows\TEMP\{D7C3A5C6-BF9A-4F79-A50D-3433AF59A93F}.exe
C:\Windows\TEMP\InstallHelp\SecurityScanner32.dll
C:\Windows\TEMP\History\desktop.ini
C:\Windows\TEMP\History\History.IE5
C:\Windows\TEMP\History\History.IE5\desktop.ini
C:\Windows\TEMP\History\History.IE5\index.dat
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\79W2M8GL
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\desktop.ini
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\index.dat
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\K8HOA9E9
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\O8M5AE4F
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\QRUBHK7T
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\QRUBHK7T\1040650975[1].htm
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\QRUBHK7T\avira-internet-security-plus-2013-cd[1].png
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\QRUBHK7T\bg[1].jpg
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\QRUBHK7T\bg_mainnav_level2_double_separator[1].gif
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\QRUBHK7T\bg_mainnav_level3_separator[1].gif
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\QRUBHK7T\bg_standardpage_body[1].png
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\QRUBHK7T\cf6ac57595da3c211be0e0141544f60e_ie[1].css
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\QRUBHK7T\desktop.ini
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\QRUBHK7T\enhanced-menu-faded-map[1].jpg
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\QRUBHK7T\footernav-seperator[1].gif
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\QRUBHK7T\ga[1].js
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\QRUBHK7T\large-column-blue-bg[1].jpg
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\QRUBHK7T\tab_active_left[1].gif
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\QRUBHK7T\vertical-splitter[1].jpg
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\O8M5AE4F\avira-antivirus[1].png
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\O8M5AE4F\avira-internet-security-2013[1].png
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\O8M5AE4F\bg_dropdown_arrow_grey[1].gif
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\O8M5AE4F\bg_round_corners_transparent[1].gif
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\O8M5AE4F\buttons-sprite[1].png
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\O8M5AE4F\desktop.ini
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\O8M5AE4F\flags[1].png
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\O8M5AE4F\grey-pattern[1].png
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\O8M5AE4F\KievitWeb-Bold[1].woff
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\O8M5AE4F\link-arrows[1].png
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\O8M5AE4F\magnifier[1].gif
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\O8M5AE4F\mya-faders[1].png
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\O8M5AE4F\mya-sprite[1].png
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\O8M5AE4F\pages_tabs_border[1].png
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\O8M5AE4F\pages_tabs_shadow_right[1].jpg
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\K8HOA9E9\1040650975[1].htm
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\K8HOA9E9\arrow-main-menu[1].png
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\K8HOA9E9\bg_standardpage_bottom[1].png
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\K8HOA9E9\bg_standardpage_middle[1].png
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\K8HOA9E9\bg_standardpage_top[1].png
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\K8HOA9E9\cf6ac57595da3c211be0e0141544f60e_1[1].css
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\K8HOA9E9\conversion[1].js
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\K8HOA9E9\desktop.ini
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\K8HOA9E9\enhanced-menu-partners-image[1].png
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\K8HOA9E9\icon-set[1].gif
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\K8HOA9E9\KievitWeb-Book[1].woff
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\K8HOA9E9\mainnav_bg[1].gif
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\K8HOA9E9\new-btn-d-right[1].png
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\K8HOA9E9\pagea_tabs_bg[1].png
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\K8HOA9E9\pages_tabs_shadow_first[1].jpg
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\K8HOA9E9\threats[1].htm
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\79W2M8GL\7ce2d5e4423e2836a58ffbba54b739e0[1].js
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\79W2M8GL\avira-antivirus-premium-2013[1].png
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\79W2M8GL\bg_dark_mainnav_level2_standardpage_long[1].png
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\79W2M8GL\bg_directsearch[1].gif
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\79W2M8GL\bg_mainnav_level2_separator[1].gif
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\79W2M8GL\bg_mainnav_level3[1].png
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\79W2M8GL\cf6ac57595da3c211be0e0141544f60e_2[1].css
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\79W2M8GL\desktop.ini
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\79W2M8GL\enhance-menu-wide-50-years-fr-banner[1].png
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\79W2M8GL\enhanced-menu-shadow[1].png
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\79W2M8GL\menu-blue-bg-stripe2[1].png
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\79W2M8GL\mya-modal[1].css
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\79W2M8GL\new-btn-d-left[1].png
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\79W2M8GL\right-corner-white-shaded[1].png
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\79W2M8GL\secure-lock[1].png
C:\Windows\TEMP\Fichiers Internet temporaires\Content.IE5\79W2M8GL\tab_active_right[1].gif
C:\Windows\TEMP\Cookies\index.dat
C:\Windows\TEMP\Cookies\MLSUYCC4.txt
C:\Windows\TEMP\Cookies\WUBPFCXW.txt
C:\Windows\TEMP\AVSETUP_52da92b0\setup.log
C:\Windows\TEMP\avg_a05408\avg-secure-search-installer.exe
C:\Windows\TEMP\avg_a05408\ConfigFiles
C:\Windows\TEMP\avg_a05408\Installer.7z
C:\Windows\TEMP\avg_a05408\{95B7759C-8C7F-4BF1-B163-73684A933233}
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\17.1.2.1
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\about.gif
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\active-threats18.gif
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\AVG Secure Search
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\avgMozXPCOM.js
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\calc.gif
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\CleanHistory.gif
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\configuration.xml
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\current.gif
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\currently-safe18.gif
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\data.zip
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\DSPDlg_IE
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\EULA.gif
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\Eula.txt
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\favicon.ico
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\feedback.gif
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\FireFoxSearchXml.tmp
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\help.gif
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\icon18.gif
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\labs.gif
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\Licenses
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\lip.exe
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\note.gif
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\PostInstall.exe
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\PostInstaller.ini
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\privacy.gif
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\remote_configuration.xml
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\search.gif
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\setup.bmp
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\surf-with-caution18.gif
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\Uninstall.exe
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\uninstall.gif
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\updating18.gif
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\vprot.exe
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\weather.gif
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\windows.gif
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\jquery-1.5.1.min.js
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\jquery-1.8.1.min.js
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\JQueyExtensions.js
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\uninstall_cp.css
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Uninstall_cp.html
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Uninstall_cp_step2.html
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\cp-bg.png
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\cp_logo.png
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\downBtn.png
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\loader.gif
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\uninstall-bg.png
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\upBtn.png
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\Licenses\CPOL license.txt
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\Licenses\Encoding_decoding_base64.txt
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\Licenses\hmac.txt
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\Licenses\LICENSE-bsdiff.txt
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\Licenses\LICENSE-bzip.txt
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\Licenses\LICENSE-JasonCpp.txt
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\Licenses\LICENSE-MPL-NPAPI.txt
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\Licenses\LICENSE-sparsehash.txt
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\Licenses\Log4CPlus.txt
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\Licenses\PassthruApp.txt
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\EnableHelperRes\EEImageHandler.html
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\EnableHelperRes\Images
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\EnableHelperRes\Images\box_ie.png
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\DSPDlg_IE\all.css
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\DSPDlg_IE\btn-ok2.gif
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\DSPDlg_IE\downBtn.png
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\DSPDlg_IE\DSPDlg_IE.html
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\DSPDlg_IE\logo2.png
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\DSPDlg_IE\upBtn.png
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\ChromeRes\AVG Nation toolbar
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\ChromeRes\AVG SafeGuard toolbar
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\ChromeRes\AVG Secure Search
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\ChromeRes\nt.html
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\ChromeRes\nt28_2.js
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\ChromeRes\AVG Secure Search\nt28_2.html
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\ChromeRes\AVG SafeGuard toolbar\nt28_2.html
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\ChromeRes\AVG Nation toolbar\nt28_2.html
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\Chrome\content\icons
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\Chrome\content\icons\bg_close.gif
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\Chrome\content\icons\bg_expand.gif
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\Chrome\content\icons\bg_tooltip.gif
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\Chrome\content\icons\bg_tracking.gif
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\Chrome\content\icons\bull4x4.gif
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\Chrome\content\icons\divider.gif
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\Chrome\content\icons\innerBG_gradient.gif
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\Chrome\content\icons\loader.gif
C:\Windows\TEMP\avg_a05408\ProgFiles\AVG Secure Search\17.1.2.1\AVG Secure Search_toolbar.dll
C:\Windows\TEMP\avg_a05408\ProgData\avg-secure-search.xml
C:\Windows\TEMP\avg_a05408\ProgData\avgMozXPCOM.js
C:\Windows\TEMP\avg_a05408\ProgData\binarylines.manifest
C:\Windows\TEMP\avg_a05408\ProgData\FireFoxSearchXml.tmp
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\chrome
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\chrome.manifest
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\components
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\icon.png
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\install.rdf
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\avg-dnt-adapter.js
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\avg.xml
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\avg.xul
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\avgJsm.js
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\Bindings.xml
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\configuration.js
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\configuration_0.css
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\HistoryCleaner.js
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\IOJsm.js
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\passwordbox.js
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\Preferences.js
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\propertiesJsm.js
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\about.png
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\active-threats18.png
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\ajax-loader.gif
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\calc.png
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\CleanHistory.png
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\close.png
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\current.png
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\currently-safe18.png
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\dnt.png
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\EULA.png
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\Facebook.gif
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\feedback.png
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\feedicon.png
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\help.png
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\icon18.png
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\icon_search.png
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\information-24.png
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\labs.png
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\loader.gif
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\note.png
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\privacy.png
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\questionmarkIcon.png
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\search.png
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\surf-with-caution18.png
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\uninstall.png
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\updating18.png
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\weather.gif
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\window-close.png
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\windows.png
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\af
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\cs
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\da
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\de
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\el
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\en
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\es
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\es-es
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\fi
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\fr
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\hi
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\hu
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\id
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\it
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\ja
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\ko
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\ms
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\nb
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\nl
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\pl
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\pt
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\pt-br
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\ro
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\ru
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\sk
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\sr
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\sv
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\th
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\tr
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\zh-cn
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\zh-tw
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\zh-tw\global.dtd
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\zh-tw\global.properties
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\zh-cn\global.dtd
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\zh-cn\global.properties
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\tr\global.dtd
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\tr\global.properties
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\th\global.dtd
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\th\global.properties
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\sv\global.dtd
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\sv\global.properties
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\sr\global.dtd
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\sr\global.properties
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\sk\global.dtd
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\sk\global.properties
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\ru\global.dtd
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\ru\global.properties
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\ro\global.dtd
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\ro\global.properties
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\pt-br\global.dtd
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\pt-br\global.properties
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\pt\global.dtd
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\pt\global.properties
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\pl\global.dtd
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\pl\global.properties
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\nl\global.dtd
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\nl\global.properties
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\nb\global.dtd
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\nb\global.properties
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\ms\global.dtd
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\ms\global.properties
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\ko\global.dtd
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\ko\global.properties
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\ja\global.dtd
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\ja\global.properties
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\it\global.dtd
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\it\global.properties
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\id\global.dtd
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\id\global.properties
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\hu\global.dtd
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\hu\global.properties
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\hi\global.dtd
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\hi\global.properties
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\fr\global.dtd
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\fr\global.properties
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\fi\global.dtd
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\fi\global.properties
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\es-es\global.dtd
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\es-es\global.properties
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\es\global.dtd
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\es\global.properties
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\en\global.dtd
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\en\global.properties
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\el\global.dtd
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\el\global.properties
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\de\global.dtd
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\de\global.properties
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\da\global.dtd
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\da\global.properties
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\cs\global.dtd
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\cs\global.properties
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\af\global.dtd
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\af\global.properties
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\locale\en-US
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\locale\en-US\global.dtd
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\locale\en-US\global.properties
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\components\avg-dnt-policy.js
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\components\nci.js
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\components\toolbarhomeApi.js
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\chrome\avg.jar
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\ChromeExt\17.1.2.1
C:\Windows\TEMP\avg_a05408\ProgData\AVG Secure Search\ChromeExt\17.1.2.1\avg.crx
C:\Windows\TEMP\avg_a05408\ConfigFiles\avguidx.dll
C:\Windows\TEMP\avg_a05408\ConfigFiles\installer_cfg.ini
C:\Windows\TEMP\avg_a05408\ConfigFiles\MachineIdCreator.exe
C:\Windows\TEMP\avg_a05408\CommonFiles\AVG Secure Search
C:\Windows\TEMP\avg_a05408\CommonFiles\AVG Secure Search\avgdttbx.dll
C:\Windows\TEMP\avg_a05408\CommonFiles\AVG Secure Search\AVGRewardsWorker.cfg
C:\Windows\TEMP\avg_a05408\CommonFiles\AVG Secure Search\AVGRewardsWorker.dll
C:\Windows\TEMP\avg_a05408\CommonFiles\AVG Secure Search\avgtpx64.sys
C:\Windows\TEMP\avg_a05408\CommonFiles\AVG Secure Search\avgtpx86.sys
C:\Windows\TEMP\avg_a05408\CommonFiles\AVG Secure Search\CommonCfg.ini
C:\Windows\TEMP\avg_a05408\CommonFiles\AVG Secure Search\DriverInstaller.exe
C:\Windows\TEMP\avg_a05408\CommonFiles\AVG Secure Search\DriverInstaller_64.exe
C:\Windows\TEMP\avg_a05408\CommonFiles\AVG Secure Search\helper.dll
C:\Windows\TEMP\avg_a05408\CommonFiles\AVG Secure Search\log4cplusU.dll
C:\Windows\TEMP\avg_a05408\CommonFiles\AVG Secure Search\loggingserver.exe
C:\Windows\TEMP\avg_a05408\CommonFiles\AVG Secure Search\npsitesafety.dll
C:\Windows\TEMP\avg_a05408\CommonFiles\AVG Secure Search\ScriptHelper.exe
C:\Windows\TEMP\avg_a05408\CommonFiles\AVG Secure Search\SiteSafety.dll
C:\Windows\TEMP\avg_a05408\CommonFiles\AVG Secure Search\ToolBand.tlb
C:\Windows\TEMP\avg_a05408\CommonFiles\AVG Secure Search\ToolbarUpdater.exe
C:\Windows\TEMP\avg_a05408\CommonFiles\AVG Secure Search\UpdaterConfig.ini
C:\Windows\TEMP\avg_a05408\CommonFiles\AVG Secure Search\ViProtocol.dll
C:\Windows\TEMP\avg_a05396\avg-secure-search-installer.exe
C:\Windows\TEMP\avg_a05396\ConfigFiles
C:\Windows\TEMP\avg_a05396\Installer.7z
C:\Windows\TEMP\avg_a05396\{95B7759C-8C7F-4BF1-B163-73684A933233}
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\15.5.0.2
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\about.gif
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\active-threats18.gif
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\AVG Secure Search
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\calc.gif
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\ChromeGuardRes
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\ChromeRes
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\CleanHistory.gif
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\configuration.xml
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\current.gif
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\currently-safe18.gif
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\data.zip
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\DSPDlg_IE
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\EULA.gif
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\Eula.txt
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\favicon.ico
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\feedback.gif
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\FireFoxSearchXml.tmp
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\help.gif
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\icon18.gif
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\labs.gif
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\Licenses
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\lip.exe
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\note.gif
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\PostInstall.exe
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\PostInstaller.ini
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\privacy.gif
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\remote_configuration.xml
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\search.gif
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\setup.bmp
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\surf-with-caution18.gif
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\Uninstall.exe
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\uninstall.gif
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\updating18.gif
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\vprot.exe
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\weather.gif
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\windows.gif
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\jquery-1.5.1.min.js
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\jquery-1.8.1.min.js
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\JQueyExtensions.js
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\uninstall_cp.css
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Uninstall_cp.html
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Uninstall_cp_step2.html
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\cp-bg.png
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\cp_logo.png
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\downBtn.png
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\loader.gif
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\uninstall-bg.png
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\upBtn.png
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\Licenses\CPOL license.txt
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\Licenses\Encoding_decoding_base64.txt
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\Licenses\hmac.txt
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\Licenses\LICENSE-bsdiff.txt
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\Licenses\LICENSE-bzip.txt
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\Licenses\LICENSE-JasonCpp.txt
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\Licenses\LICENSE-MPL-NPAPI.txt
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\Licenses\LICENSE-sparsehash.txt
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\Licenses\Log4CPlus.txt
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\Licenses\PassthruApp.txt
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\EnableHelperRes\EEImageHandler.html
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\EnableHelperRes\Images
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\EnableHelperRes\Images\box_ie.png
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\DSPDlg_IE\all.css
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\DSPDlg_IE\btn-ok2.gif
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\DSPDlg_IE\downBtn.png
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\DSPDlg_IE\DSPDlg_IE.html
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\DSPDlg_IE\logo2.png
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\DSPDlg_IE\upBtn.png
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\ChromeRes\nt.html
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\ChromeRes\nt28.html
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\ChromeRes\nt28.js
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\ChromeGuardRes\avg_logo_medium.png
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\ChromeGuardRes\cg.css
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\ChromeGuardRes\cg.js
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\ChromeGuardRes\ChromeGuadDsp.html
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\ChromeGuardRes\jquery-1.8.1.min.js
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\Chrome\content\icons
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\Chrome\content\icons\bg_close.gif
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\Chrome\content\icons\bg_expand.gif
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\Chrome\content\icons\bg_tooltip.gif
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\Chrome\content\icons\bg_tracking.gif
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\Chrome\content\icons\bull4x4.gif
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\Chrome\content\icons\divider.gif
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\Chrome\content\icons\innerBG_gradient.gif
C:\Windows\TEMP\avg_a05396\ProgFiles\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll
C:\Windows\TEMP\avg_a05396\ProgData\avg-secure-search.xml
C:\Windows\TEMP\avg_a05396\ProgData\avgMozXPCOM.js
C:\Windows\TEMP\avg_a05396\ProgData\binarylines.manifest
C:\Windows\TEMP\avg_a05396\ProgData\FireFoxSearchXml.tmp
C:\Windows\TEMP\avg_a05396\ProgData\AVG Secure Search\FireFoxExt\15.5.0.2\chrome
C:\Windows\TEMP\avg_a05396\ProgData\AVG Secure Search\FireFoxExt\15.5.0.2\chrome.manifest
C:\Windows\TEMP\avg_a05396\ProgData\AVG Secure Search\FireFoxExt\15.5.0.2\components
C:\Windows\TEMP\avg_a05396\ProgData\AVG Secure Search\FireFoxExt\15.5.0.2\icon.png
C:\Windows\TEMP\avg_a05396\ProgData\AVG Secure Search\FireFoxExt\15.5.0.2\install.rdf
C:\Windows\TEMP\avg_a05396\ProgData\AVG Secure Search\FireFoxExt\15.5.0.2\modules\avg-dnt-adapter.js
C:\Windows\TEMP\avg_a05396\ProgData\AVG Secure Search\FireFoxExt\15.5.0.2\modules\avg.xml
C:\Windows\TEMP\avg_a05396\ProgData\AVG Secure Search\FireFoxExt\15.5.0.2\modules\avgJsm.js
C:\Windows\TEMP\avg_a05396\ProgData\AVG Secure Search\FireFoxExt\15.5.0.2\modules\Bindings.xml
C:\Windows\TEMP\avg_a05396\ProgData\AVG Secure Search\FireFoxExt\15.5.0.2\modules\configuration.js
C:\Windows\TEMP\avg_a05396\ProgData\AVG Secure Search\FireFoxExt\15.5.0.2\modules\configuration_0.css
C:\Windows\TEMP\avg_a05396\ProgData\AVG Secure Search\FireFoxExt\15.5.0.2\modules\configuration_0.xul
C:\Windows\TEMP\avg_a05396\ProgData\AVG Secure Search\FireFoxExt\15.5.0.2\modules\HistoryCleaner.js
C:\Windows\TEMP\avg_a05396\ProgData\AVG Secure Search\FireFoxExt\15.5.0.2\modules\IOJsm.js
C:\Windows\TEMP\avg_a05396\ProgData\AVG Secure Search\FireFoxExt\15.5.0.2\modules\Preferences.js
C:\Windows\TEMP\avg_a05396\ProgData\AVG Secure Search\FireFoxExt\15.5.0.2\modules\propertiesJsm.js
C:\Windows\TEMP\avg_a05396\ProgData\AVG Secure Search\FireFoxExt\15.5.0.2\modules\skin
C:\Windows\TEMP\avg_a05396\ProgData\AVG Secure Search\FireFoxExt\15.5.0.2\modules\skin\about.png
C:\Windows\TEMP\avg_a05396\ProgData\AVG Secure Search\FireFoxExt\15.5.0.2\modules\skin\active-threats18.png
C:\Windows\TEMP\avg_a05396\ProgData\AVG Secure Search\FireFoxExt\15.5.0.2\modules\skin\ajax-loader.gif
C:\Windows\TEMP\avg_a05396\ProgData\AVG Secure Search\FireFoxExt\15.5.0.2\modules\skin\calc.png
C:\Windows\TEMP\avg_a05396\ProgData\AVG Secure Search\FireFoxExt\15.5.0.2\modules\skin\CleanHistory.png
C:\Windows\TEMP\avg_a05396\ProgData\AVG Secure Search\FireFoxExt\15.5.0.2\modules\skin\close.png
C:\Windows\TEMP\avg_a05396\ProgData\AVG Secure Search\FireFoxExt\15.5.0.2\modules\skin\current.png
C:\Windows\TEMP\avg_a05396\ProgData\AVG Secure Search\FireFoxExt\15.5.0.2\modules\skin\currently-safe18.png
C:\Windows\TEMP\avg_a05396\ProgData\AVG Secure Search\FireFoxExt\15.5.0.2\modules\skin\dnt.png
C:\Windows\TEMP\avg_a05396\ProgData\AVG Secure Search\FireFoxExt\15.5.0.2\modules\skin\EULA.png
C:\Windows\TEMP\avg_a05396\ProgData\AVG Secure Search\FireFoxExt\15.5.0.2\modules\skin\Facebook.gif
C:\Windows\TEMP\avg_a05396\ProgData\AVG Secure Search\FireFox

Marou81 Messages postés 4175 Date d'inscription Statut Membre Dernière intervention 198

maintenant zhpdiag

Réponse 15 / 35

coco66

je l'ai déjà posté hier ! c le site qui me le dit. Bon je recommence.

coco66

~ Rapport de ZHPDiag v2014.1.25.26 - Nicolas Coolman (25/01/2014)
~ Lancé par corinne (21/02/2014 13:11:12)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC):

---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
GCIE: Google Chrome v32.0.1700.107 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Vista (TM) Home Premium, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_COA_NSLP channel
Windows ID Activation : OK
~ Windows Partial Key : Q27TJ
Windows License : OK
Windows Automatic Updates : OK

---\\ Logiciels de protection du système
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft Security Client v4.4.0304.0

---\\ Logiciels d'optimisation du système
CCleaner v2.28 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 12 ActiveX
Adobe Reader X
Java 7 Update 51

---\\ Informations sur le système
~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2046 MB (49% free)
System Restore: Activé (Enable)
System drive C: has 66 GB (51%) free of 129 GB

---\\ Mode de connexion au système
~ Computer Name: PC-DE-CORINNE
~ User Name: corinne
~ All Users Names: UpdatusUser, corinne, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\corinne\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\corinne\AppData\Roaming\
~ %Desktop% : C:\Users\corinne\Desktop\
~ %Favorites% : C:\Users\corinne\Favorites\
~ %LocalAppData% : C:\Users\corinne\AppData\Local\
~ %StartMenu% : C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 66 Go of 129 Go)
D: CD-ROM drive (Not Inserted)
E: Hard drive, Flash drive, Thumb drive (Free 92 Go of 104 Go)

---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 45 Scanned in 00mn 00s

---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.19/01/2008 - 08:33:37.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.679EAED8E703235BA81AA2E58F4E2D16] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.05/02/2014 - 09:50:39.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.19/01/2008 - 06:28:02.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.19/01/2008 - 06:49:18.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.19/01/2008 - 06:56:28.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
[MD5.8A79FDF04A73428597E2CAF9D0D67850] - (.Microsoft Corporation - Pilote de port parallèle.) (.19/01/2008 - 06:49:33.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.19/01/2008 - 06:56:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10:03:00.) -- C:\Windows\system32\Drivers\rdpdr.sys [242688]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 01s

---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/313
Mes musiques (My Musics) : 15/15 (Modified)
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/83
~ Mes Documents (My Documents) : 4/112
~ Mon Bureau (My Desktop) : 2/497
~ Menu demarrer (Programs) : 1/35
~ Hidden Files: Scanned in 00mn 00s

---\\ Processus lancés
[MD5.9D826FE5B102A4DF5225786DB5E586C9] - (...) -- C:\Program Files\ASUS\AASP\1.00.33\aaCenter.exe [603648] [PID.2236]
[MD5.47C9EF1600EDD9EBD8155EB6B5206B6B] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [1821984] [PID.3244]
[MD5.16AE89DB056690B77252A722023D506B] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [4431872] [PID.1444]
[MD5.01D92A226791867F2DED688F25271905] - (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files\EPSON Software\Event Manager\EEventManager.exe [1058400] [PID.1192]
[MD5.DD231039B13EC2ABDE315D76E658EF0E] - (.Avira Operations GmbH & Co. KG - Antivirus System Tray Tool (Desktop).) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [684600] [PID.1380]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336] [PID.3504]
[MD5.F6573840989C4E8ED2EBF8B0644CF500] - (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files\SFR\Kit\9props.exe [959880] [PID.4004]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.3840]
[MD5.665CE80D2173C774EE80FEAC4B20C860] - (.Ralink Technology, Corp. - RaUI MFC Application.) -- C:\Program Files\Ralink\Common\RaUI.exe [1560576] [PID.3928]
[MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.exe [97680] [PID.1912]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.3272]
[MD5.5640B4C10682FBC39C86C8C7A8392B5E] - (.Google Inc. - Google Chrome.) -- C:\Users\corinne\AppData\Local\Google\Chrome\Application\chrome.exe [866632] [PID.1708]
[MD5.CA25CAEEBDBE25D85565877219F684F8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8339968] [PID.5004]
[MD5.C155A13687144076286989EF078112C2] - (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files\ZHPDiag\ZHPhep.exe [1917440] [PID.5172]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.5472]
[MD5.E4284FCF99FEA13A7E1836F87AE356F6] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 311.0.) -- C:\Windows\system32\nvvsvc.exe [639776] [PID.960]
[MD5.5A19667A580B1CE886EAF968B9743F45] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [383264] [PID.976]
[MD5.B0F49DA36F30922F5DDC3B623B778FCE] - (.Microsoft Corporation - Antimalware Service Executable.) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208] [PID.1080]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1412]
[MD5.8619BE54EC51A74A2C3F82B313AB445E] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [873248] [PID.1512]
[MD5.FE79366FECD444A16CCA9979134DBEA8] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376] [PID.1404]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.2308]
[MD5.2297460EC100F34DC455CC0EFD21D442] - (.Avira Operations GmbH & Co. KG - Firewall NT service process.) -- C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe [1012280] [PID.2336]
[MD5.FDE9C7030FB1E9E2715E113EE6A10F90] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376] [PID.2352]
[MD5.B342CD9AA44E4AE99E2368EBDBC2E17A] - (.APN LLC. - APN Updater.) -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352] [PID.2400] =>Toolbar.Ask
[MD5.D503DF3ABA595F551B98B9BAE017A271] - (.Apple Inc. - Apple Mobile Device Service.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [144672] [PID.2416]
[MD5.E9EFCB47B90FD5498695BB7FEFD36CAE] - (.Seiko Epson Corporation - Epson Scanner Service (32bit).) -- C:\Windows\system32\EscSvc.exe [122000] [PID.2440]
[MD5.78073F606AE3B24F6C1F555759AA8511] - (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [877864] [PID.2468]
[MD5.C7F5C284B6F46FCAF6910EA4E644700B] - (.Nero AG - Nero BackItUp.) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [935208] [PID.2468]
[MD5.FD306FBCCE7ADB1077B709742E7148E9] - (...) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096] [PID.2672]
[MD5.875E4E0661F3A5994DF9E5E3A0A4F96B] - (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) -- C:\Windows\system32\IoctlSvc.exe [81920] [PID.2732]
[MD5.E155E09229624C69A1A6609C0CB3641F] - (.Ralink Technology, Corp. - RalinkRegistryWriter.) -- C:\Program Files\Ralink\Common\RaRegistry.exe [185632] [PID.2796]
[MD5.6F1E9AB820B3DD8BD38C0190A206205D] - (.Avira Operations GmbH & Co. KG - AntiVir shadow copy service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [431672] [PID.3360]
[MD5.0DD3DDCAEBEA9B0B3B8D008F6973185F] - (.Avira Operations GmbH & Co. KG - Antivirus MailScanner LSP Service.) -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [896056] [PID.3808]
[MD5.29D956C8CB67222D678FAF20D485B25B] - (.Avira Operations GmbH & Co. KG - AntiVir WebGuard Service.) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.exe [1011768] [PID.3860]
[MD5.E44C7D6F8D665DA2D9385E5E15EDEEF7] - (.Microsoft Corporation - Interface utilisateur de consentement pour.) -- C:\Windows\system32\consent.exe [81920] [PID.5052]
~ Processes Running: Scanned in 00mn 01s

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\corinne\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [iahagolkpaghhinaljhjihagjgomdokb] La barre d'outils de Marche.fr v.1.3, (Désactivé)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
~ Google Browser: 10 Scanned in 00mn 06s

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\corinne\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\prefs.js (.not file.)
M3 - MFPP: Plugins - [corinne] -- C:\Users\corinne\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\searchplugins\yahoo.xml
P2 - FPN: [HKLM] [@ei.Allin1Convert_8h.com/Plugin] - (...) -- C:\Program Files\Allin1Convert_8hEI\Installr\1.bin\NP8hEISB.dll (.not file.) =>Adware.Allin1Convert
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.51.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.51.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.51.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20913.0.) -- C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (...) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (.not file.)
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (...) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (.not file.)
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3538.0513] - (...) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (.not file.)
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@nvidia.com/3DVision] - (.NVIDIA Corporation - NVIDIA 3D Vision plugin for Mozilla browsers.) -- C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
P2 - FPN: [HKLM] [@nvidia.com/3DVisionStreaming] - (.NVIDIA Corporation - NVIDIA 3D Vision Streaming plugin for Mozilla browsers.) -- C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.450] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.448] - (.RealNetworks, Inc. - 6.0.12.448.) -- C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.6] - (.VideoLAN - VLC media player Web Plugin 2.0.6.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.9.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited - Facebook Video Calling Plugin.) -- C:\Users\corinne\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\corinne\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\corinne\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll
~ Firefox Browser: 20 Scanned in 00mn 00s

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://cherchermp3.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
~ IE Browser: 11 Scanned in 00mn 00s

---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s

---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} . (.SEIKO EPSON CORPORATION - ewps_tb.) -- C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll
O2 - BHO: Avira SearchFree Toolbar BHO - {41564952-412D-5637-00A7-7A786E7484D7} Clé orpheline =>Toolbar.Avira
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
~ BHO: 12 Scanned in 00mn 01s

---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: DVDVideoSoftTB Toolbar - [HKLM]{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} . (...) -- C:\Program Files\DVDVideoSoft\tbDVDV.dll
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s

---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Adobe Reader X.lnk . (.Adobe Systems Incorporated - Adobe Reader.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
O4 - GS\Desktop [Public]: Avira Control Center.lnk . (.Avira Operations GmbH & Co. KG - Antivirus Control Center (Desktop).) -- C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
O4 - GS\Desktop [Public]: Epson Easy Photo Print.lnk . (.SEIKO EPSON CORPORATION - Pas de description.) -- C:\Program Files\EPSON Software\Easy Photo Print\EPQuicker.exe
O4 - GS\Desktop [Public]: EPSON Scan.lnk . (.SEIKO EPSON CORP. - EPSON Scan.) -- C:\Windows\twain_32\escndv\escndv.exe
O4 - GS\Desktop [Public]: FreeCompressor.lnk . (...) -- C:\Program Files\TUGzip\TUGZip.exe
O4 - GS\Desktop [Public]: Guide d'utilisation EPSON XP-205 207 Series.lnk . (...) -- C:\Program Files\EPSON Software\Epson Manual\EPSON XP-205 207 Series\fr\Useg\index.htm
O4 - GS\Desktop [Public]: Guide réseau EPSON XP-205 207 Series.lnk . (...) -- C:\Program Files\EPSON Software\Epson Manual\EPSON XP-205 207 Series\fr\Netg\index.htm
O4 - GS\Desktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
O4 - GS\Desktop [Public]: PDFCreator.lnk . (.pdfforge GmbH - PDFCreator.) -- C:\Program Files\PDFCreator\PDFCreator.exe
O4 - GS\Desktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player 2.0.6.) -- C:\Program Files\VideoLAN\VLC\vlc.exe =>.VideoLAN
O4 - GS\Program [Public]: Adobe Reader X.lnk . (...) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico
O4 - GS\Program [Public]: Apple Software Update.lnk . (...) -- C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe =>.Apple Inc
O4 - GS\Program [Public]: Media Center.lnk . (.Microsoft Corporation - Media Center.) -- C:\Windows\ehome\ehshell.exe
O4 - GS\Program [Public]: Microsoft Security Essentials.lnk . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - GS\Program [Public]: Windows Calendar.lnk . (.Microsoft Corporation - Calendrier Windows.) -- C:\Program Files\Windows Calendar\WinCal.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Collaboration.lnk . (.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Contacts.lnk . (.Microsoft Corporation - Windows Contacts.) -- C:\Program Files\Windows Mail\wab.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows DVD Maker.lnk . (.Microsoft Corporation - Création de DVD Windows.) -- C:\Program Files\Movie Maker\DVDMaker.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Movie Maker.lnk . (.Microsoft Corporation - Windows Movie Maker.) -- C:\Program Files\Movie Maker\MOVIEMK.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Photo Gallery.lnk . (.Microsoft Corporation - Galerie de photos Windows.) -- C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) -- C:\Windows\System32\calc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Centre de mobilité Windows.) -- C:\Windows\System32\mblctr.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: NetworkProjection.lnk . (.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\System32\NetProj.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\Windows\System32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) -- C:\Windows\System32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sidebar.lnk . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture.) -- C:\Windows\System32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.) -- C:\Windows\System32\SoundRecorder.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) -- C:\Windows\System32\mobsync.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) -- C:\Program Files\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Backup.lnk . (.Microsoft Corporation - Sauvegarde Microsoft® Windows.) -- C:\Windows\System32\sdclt.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) -- C:\Windows\System32\charmap.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Défragmenteur de disque Microsoft®.) -- C:\Windows\System32\dfrgui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Gestionnaire de nettoyage de disque pour Wi.) -- C:\Windows\System32\cleanmgr.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: migwiz.lnk . (.Microsoft Corporation - Transfert de fichiers et paramètres Windows.) -- C:\Windows\System32\migwiz\migwiz.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - Informations système.) -- C:\Windows\System32\msinfo32.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Restauration du système de Microsoft® Windo.) -- C:\Windows\System32\rstrui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) -- C:\Windows\System32\taskschd.msc
O4 - GS\Accessories [UpdatusUser]: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe =>.Microsoft Corporation
O4 - GS\Accessories [UpdatusUser]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\System32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [UpdatusUser]: Run.lnk - Clé orpheline
O4 - GS\Accessories [UpdatusUser]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\QuickLaunch [corinne]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\corinne\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [corinne]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [corinne]: Microsoft Office Outlook.lnk . (.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.exe =>.Microsoft Corporation
O4 - GS\QuickLaunch [corinne]: SFR Cloud.lnk . (...) -- C:\Users\corinne\AppData\Local\F-Secure\SFR Cloud\Application\SFR Cloud.exe (.not file.)
O4 - GS\QuickLaunch [corinne]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O4 - GS\Program [corinne]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [corinne]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O4 - GS\Accessories [corinne]: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe =>.Microsoft Corporation
O4 - GS\Accessories [corinne]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\System32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [corinne]: Run.lnk - Clé orpheline
O4 - GS\Accessories [corinne]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\SystemTools [corinne]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [corinne]: adwcleaner - Raccourci.lnk . (...) -- C:\Users\corinne\Documents\Downloads\adwcleaner.exe
O4 - GS\Desktop [corinne]: Agent X - Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\corinne\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [corinne]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>Piriform Ltd
O4 - GS\Desktop [corinne]: coco - Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\corinne\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [corinne]: Corbeille - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop [corinne]: Microsoft Office Word 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
O4 - GS\Desktop [corinne]: Nero Express.lnk . (.Nero AG - Nero Burning ROM.) -- C:\Program Files\Nero\Nero8\Nero Burning Rom\nero.exe
O4 - GS\Desktop [corinne]: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.) -- C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
O4 - GS\Desktop [corinne]: RogueKiller-8.8.7 - Raccourci.lnk . (...) -- C:\Users\corinne\Documents\Downloads\RogueKiller-8.8.7.exe
O4 - GS\Desktop [corinne]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files\ZHPDiag\ZHPhep.exe =>.Nicolas Coolman
O4 - GS\Desktop [corinne]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files\ZHPDiag\ZHPFix\ZHPhep.exe =>.Nicolas Coolman
~ Global Startup: 68 Scanned in 00mn 13s

---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: Ralink Wireless Utility.lnk . (.Ralink Technology, Corp. - RaUI MFC Application.) -- C:\Program Files\Ralink\Common\RaUI.exe
O4 - GS\Startup [corinne]: OneNote 2007 - Capture d'écran et lancement.lnk . (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.exe
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [NWEReboot] Clé orpheline
O4 - HKLM\..\Run: [NBKeyScan] . (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
O4 - HKLM\..\Run: [RDesc] Clé orpheline
O4 - HKLM\..\Run: [EEventManager] . (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Antivirus System Tray Tool (Desktop).) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [Connexion SFR 9props.exe] . (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files\SFR\Kit\9props.exe
O4 - HKCU\..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.)
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\corinne\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\corinne\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [Connexion SFR 9props.exe] . (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files\SFR\Kit\9props.exe
O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.)
O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\corinne\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\corinne\AppData\Local\Facebook\Update\FacebookUpdate.exe
~ Application: Scanned in 00mn 00s

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s

---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 6 Scanned in 00mn 00s

---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ((no name)) - http://www.ma-config.com/plugins/MaConfig_6_0_1_1.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
~ Objets ActiveX: Scanned in 00mn 00s

---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{26CC9913-151B-4770-A5A9-005A2300254F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{26CC9913-151B-4770-A5A9-005A2300254F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{26CC9913-151B-4770-A5A9-005A2300254F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s

---\\ Protocole additionnel (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
~ SSODL: 1 Scanned in 00mn 00s

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s

---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Avira FireWall (AntiVirFirewallService) . (.Avira Operations GmbH & Co. KG - Firewall NT service process.) - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira Protection e-mail (AntiVirMailService) . (.Avira Operations GmbH & Co. KG - Antivirus MailScanner LSP Service.) - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira Planificateur (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Protection temps réel (AntiVirService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Protection Web (AntiVirWebService) . (.Avira Operations GmbH & Co. KG - AntiVir WebGuard Service.) - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.exe
O23 - Service: Service de mise à jour Ask (APNMCP) . (.APN LLC. - APN Updater.) - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe =>Toolbar.Ask
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Epson Scanner Service (EpsonScanSvc) . (.Seiko Epson Corporation - Epson Scanner Service (32bit).) - C:\Windows\system32\EscSvc.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: Nero BackItUp Scheduler 3 (Nero BackItUp Scheduler 3) . (.Nero AG - Nero BackItUp.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 (Nero BackItUp Scheduler 4.0) . (.Nero AG - Nero BackItUp.) - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMSAccessU (NMSAccessU) . (...) - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 311.0.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PLFlash DeviceIoControl Service (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) . (.Ralink Technology, Corp. - RalinkRegistryWriter.) - C:\Program Files\Ralink\Common\RaRegistry.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
~ Services: 18 Scanned in 00mn 12s

---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe
~ Desktop Component: 4 Scanned in 00mn 00s

---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s

---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2840378466-716466986-1421125182-1000Core.job [914]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2840378466-716466986-1421125182-1000UA.job [936]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cec7f1662e089d.job [1052]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1058]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2840378466-716466986-1421125182-1000Core1cec510fd7fa280.job [1034]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2840378466-716466986-1421125182-1000UA.job [1086]
[MD5.F7AB315A4D400CA876381D1E188A2E20] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [257928]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-2840378466-716466986-1421125182-1000Core] (.Facebook Inc..) -- C:\Users\corinne\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-2840378466-716466986-1421125182-1000UA] (.Facebook Inc..) -- C:\Users\corinne\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [136176]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore1cec7f1662e089d] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [136176]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [136176]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-2840378466-716466986-1421125182-1000Core] (.Google Inc..) -- C:\Users\corinne\AppData\Local\Google\Update\GoogleUpdate.exe [136176]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-2840378466-716466986-1421125182-1000Core1cec510fd7fa280] (.Google Inc..) -- C:\Users\corinne\AppData\Local\Google\Update\GoogleUpdate.exe [136176]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-2840378466-716466986-1421125182-1000UA] (.Google Inc..) -- C:\Users\corinne\AppData\Local\Google\Update\GoogleUpdate.exe [136176]
[MD5.00000000000000000000000000000000] [APT] [Maintenance en 1 clic] (...) -- C:\Program Files\TuneUp Utilities 2009\OneClickStarter.exe (.not file.) [0]
[MD5.F6F5809BB0C0712F51CC70D464663999] [APT] [{28C5E5D6-DB60-4E43-BD0F-FF6755D97150}] (.NVIDIA Corporation.) -- C:\Users\corinne\Desktop\fichier sauvegarder\93.71_forceware_winxp2k_international_whql.exe [64393944]
[MD5.00000000000000000000000000000000] [APT] [{3545F003-AAD7-4EFA-92A4-460073A3B532}] (...) -- C:\Users\corinne\Desktop\93.71_forceware_winxp2k_international_whql.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{4D79829A-4087-45F9-B3A1-D4F6E13D64CC}] (...) -- C:\Users\corinne\Desktop\Auto-'cole 3D\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{5C8C302B-B8E3-4CB2-998B-FBE18091AE17}] (...) -- C:\Users\corinne\Desktop\SoftonicToolbar.exe (.not file.) [0] =>Toolbar.Conduit
[MD5.00000000000000000000000000000000] [APT] [{C916364F-1A39-48C2-863D-D97A3F85E98C}] (...) -- D:\Drivers\Lan\Utility\setup.exe (.not file.) [0]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [561984]
[MD5.9D826FE5B102A4DF5225786DB5E586C9] [APT] [ASUS ACPI Service Provider] (...) -- C:\Program Files\ASUS\AASP\1.00.33\aaCenter.exe [603648]
[MD5.2E5039A6599CAF0C4A406ED9460F80A1] [APT] [ASUS RegRun Loader] (...) -- C:\Program Files\ASUS\AASP\1.00.33\AsLoader.exe [363008]
~ Scheduled Task: 29 Scanned in 00mn 07s

---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d'IEAK.) -- C:\Windows\system32\iedkcs32.dll
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 12.0 r0.) -- C:\Windows\system32\Macromed\Flash\Flash32_12_0_0_70.ocx
~ Active Setup: 13 Scanned in 00mn 00s

---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (AsIO) . (...) - C:\Windows\System32\drivers\AsIO.sys
O41 - Driver: (avfwot) . (.Avira GmbH - TDI filtering kernel driver.) - C:\Windows\System32\DRIVERS\avfwot.sys
O41 - Driver: (avgtp) . (.AVG Technologies - Pas de description.) - C:\Windows\system32\drivers\avgtpx86.sys
O41 - Driver: (avipbb) . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) - C:\Windows\System32\DRIVERS\avipbb.sys
O41 - Driver: (avkmgr) . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) - C:\Windows\System32\DRIVERS\avkmgr.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\System32\DRIVERS\ssmdrv.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
~ Drivers: 81 Scanned in 00mn 01s

---\\ Logiciels installés (O42)
O42 - Logiciel: ALTools Update - (.ESTsoft Corp..) [HKLM] -- ALUpdate_is1
O42 - Logiciel: ASUSUpdate - (...) [HKLM] -- {587178E7-B1DF-494E-9838-FA4DD36E873C}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {FDB3B167-F4FA-461D-976F-286304A57B2A}
O42 - Logiciel: Adobe Flash Player 12 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader X (10.1.9) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Advertising Center - (.Nero AG.) [HKLM] -- {B2EC4A38-B545-4A00-8214-13FE0E915E6D}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {553255F3-78FD-40F1-A6F8-6882140265FE}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc
O42 - Logiciel: Atheros Communications Inc.(R) L2 Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM] -- {0A755762-EED8-47AB-A446-505766F93D43}
O42 - Logiciel: Attansic Ethernet Utility - (.Attansic.) [HKLM] -- {1F698102-5739-441E-96F0-74F4EA540F06}
O42 - Logiciel: Avira Internet Security v14.0.2.286 - (.Avira.) [HKLM] -- Avira AntiVir Desktop
O42 - Logiciel: Avira SearchFree Toolbar v12.10.0.2948 - (.APN, LLC.) [HKLM] -- {41564952-412D-5637-00A7-A758B70C0A00} =>Toolbar.Avira
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner =>Piriform Ltd
O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1
O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM] -- {415B2719-AD3A-4944-B404-C472DB6085B3}
O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM] -- {83770D14-21B9-44B3-8689-F7B523F94560}
O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM] -- {669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}
O42 - Logiciel: ClipConverter - (.Lunaweb.) [HKLM] -- {D61442B3-97B4-4970-9F95-B38C9C6D9B84}
O42 - Logiciel: Contenta Converter PREMIUM - (.Contenta Software.) [HKLM] -- ContentaConverter-PREMIUM
O42 - Logiciel: DVDVideoSoft Toolbar - (...) [HKLM] -- DVDVideoSoft Toolbar
O42 - Logiciel: Download Navigator - (.SEIKO EPSON CORPORATION.) [HKLM] -- {D0735505-251C-41E4-A64A-D6D0A5E8FB4D}
O42 - Logiciel: EPSON Logiciel imprimante - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON Printer and Utilities
O42 - Logiciel: EPSON Scan - (.Seiko Epson Corporation.) [HKLM] -- EPSON Scanner
O42 - Logiciel: EPSON XP-205 207 Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON XP-205 207 Series
O42 - Logiciel: Epson E-Web Print - (.SEIKO EPSON CORPORATION.) [HKLM] -- {695C8469-7822-4B31-A673-5ED84815B649}
O42 - Logiciel: Epson Easy Photo Print 2 - (.SEIKO EPSON CORPORATION.) [HKLM] -- {30E01116-5666-4807-8EF1-D80E9FF16717}
O42 - Logiciel: Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) - (.SEIKO EPSON CORPORATION2.) [HKLM] -- {B2D55EB8-32C5-4B43-9006-9E97DECBA178}
O42 - Logiciel: Epson Event Manager - (.Seiko Epson Corporation.) [HKLM] -- {BECE9CCD-83F6-4BAA-9B26-227DF7D2E932}
O42 - Logiciel: EpsonNet Print - (.SEIKO EPSON CORPORATION.) [HKLM] -- {3E31400D-274E-4647-916C-2CACC3741799}
O42 - Logiciel: Facebook Video Calling 2.0.0.447 - (.Skype Limited.) [HKLM] -- {8DF41A9F-FE13-43E8-A003-5F9B55A011EE}
O42 - Logiciel: Feneris Video Downloader - (.Feneris.) [HKLM] -- {86AED2CA-EE00-400B-8516-5152CC10B32E}
O42 - Logiciel: Free Audio CD Burner version 1.2 - (.DVDVideoSoft Limited..) [HKLM] -- Free Audio CD Burner_is1
O42 - Logiciel: FreeCompressor - (.Secure Digital Services.) [HKLM] -- {8CA0170E-6E9E-43A5-AE1F-85A82820B847} =>Adware.SPointer
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} =>Toolbar.Google
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Guide d'utilisation EPSON XP-205 207 Series - (...) [HKLM] -- EPSON XP-205 207 Series Useg
O42 - Logiciel: Guide réseau EPSON XP-205 207 Series - (...) [HKLM] -- EPSON XP-205 207 Series Netg
O42 - Logiciel: ItsTV 3.0 - (.Its Label.) [HKLM] -- ItsTV_is1
O42 - Logiciel: Java 7 Update 51 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217051FF}
O42 - Logiciel: Java(TM) 6 Update 39 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216035FF}
O42 - Logiciel: K-Lite Mega Codec Pack 5.7.0 - (...) [HKLM] -- KLiteCodecPack_is1
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {A4526B5A-89C0-4F4B-9E6E-4F883374D5F9}
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {0CD47142-BA4F-46B0-AA92-2675864928B8}
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Mises à jour NVIDIA 1.11.3 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update
O42 - Logiciel: NVIDIA Display Control Panel - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Display Control Panel
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}
O42 - Logiciel: NVIDIA Pilote 3D Vision 311.06 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision
O42 - Logiciel: NVIDIA Pilote graphique 311.06 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM] -- NVIDIAStereo
O42 - Logiciel: Nero 8 - (.Nero AG.) [HKLM] -- {1CA7ACD6-B21B-4240-AA05-4FC55F6E1036}
O42 - Logiciel: Nero InfoTool - (.Nero AG.) [HKLM] -- {FBCDFD61-7DCF-4E71-9226-873BA0053139}
O42 - Logiciel: Nero PhotoSnap - (.Nero AG.) [HKLM] -- {9E82B934-9A25-445B-B8DF-8012808074AC}
O42 - Logiciel: Nero ShowTime - (.Nero AG.) [HKLM] -- {D9DCF92E-72EB-412D-AC71-3B0

Réponse 16 / 35

coco66

c bon ?

coco66

vous l'avez au dessus

Réponse 17 / 35

coco66

~ Rapport de ZHPDiag v2014.2.17.15 - Nicolas Coolman (17/02/2014)
~ Lancé par corinne (22/02/2014 15:23:16)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC):

---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
GCIE: Google Chrome v33.0.1750.117 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Vista (TM) Home Premium, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_COA_NSLP channel
Windows ID Activation : OK
~ Windows Partial Key : Q27TJ
Windows License : OK
Windows Automatic Updates : OK

---\\ Logiciels de protection du système
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft Security Client v4.4.0304.0

---\\ Logiciels d'optimisation du système
CCleaner v2.28 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 12 ActiveX
Adobe Reader X
Java 7 Update 51

---\\ Informations sur le système
~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2046 MB (47% free)
System Restore: Activé (Enable)
System drive C: has 66 GB (51%) free of 129 GB

---\\ Mode de connexion au système
~ Computer Name: PC-DE-CORINNE
~ User Name: corinne
~ All Users Names: UpdatusUser, corinne, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\corinne\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\corinne\AppData\Roaming\
~ %Desktop% : C:\Users\corinne\Desktop\
~ %Favorites% : C:\Users\corinne\Favorites\
~ %LocalAppData% : C:\Users\corinne\AppData\Local\
~ %StartMenu% : C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 66 Go of 129 Go)
D: CD-ROM drive (Not Inserted)
E: Hard drive, Flash drive, Thumb drive (Free 92 Go of 104 Go)

---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 45 Scanned in 00mn 00s

---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.19/01/2008 - 08:33:37.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.679EAED8E703235BA81AA2E58F4E2D16] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.05/02/2014 - 09:50:39.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.19/01/2008 - 06:28:02.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.19/01/2008 - 06:49:18.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.19/01/2008 - 06:56:28.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
[MD5.8A79FDF04A73428597E2CAF9D0D67850] - (.Microsoft Corporation - Pilote de port parallèle.) (.19/01/2008 - 06:49:33.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.19/01/2008 - 06:56:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10:03:00.) -- C:\Windows\system32\Drivers\rdpdr.sys [242688]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 00s

---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/313
Mes musiques (My Musics) : 15/15 (Modified)
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/83
~ Mes Documents (My Documents) : 4/113
~ Mon Bureau (My Desktop) : 2/497
~ Menu demarrer (Programs) : 1/35
~ Hidden Files: Scanned in 00mn 00s

---\\ Processus lancés
[MD5.9D826FE5B102A4DF5225786DB5E586C9] - (...) -- C:\Program Files\ASUS\AASP\1.00.33\aaCenter.exe [603648] [PID.2376]
[MD5.16AE89DB056690B77252A722023D506B] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [4431872] [PID.2396]
[MD5.01D92A226791867F2DED688F25271905] - (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files\EPSON Software\Event Manager\EEventManager.exe [1058400] [PID.2416]
[MD5.DD231039B13EC2ABDE315D76E658EF0E] - (.Avira Operations GmbH & Co. KG - Antivirus System Tray Tool (Desktop).) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [684600] [PID.2432]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336] [PID.2448]
[MD5.47C9EF1600EDD9EBD8155EB6B5206B6B] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [1821984] [PID.2480]
[MD5.4B96654025B28EEB1E5D8F001E5D1B8A] - (.APN - Ask Toolbar Notifier.) -- C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1758160] [PID.2532] =>Toolbar.Ask
[MD5.F6573840989C4E8ED2EBF8B0644CF500] - (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files\SFR\Kit\9props.exe [959880] [PID.2616]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.2748]
[MD5.665CE80D2173C774EE80FEAC4B20C860] - (.Ralink Technology, Corp. - RaUI MFC Application.) -- C:\Program Files\Ralink\Common\RaUI.exe [1560576] [PID.2796]
[MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.exe [97680] [PID.2836]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.2988]
[MD5.6E6656C6618C4B0B000267D9AF9EF743] - (.Google Inc. - Google Chrome.) -- C:\Users\corinne\AppData\Local\Google\Chrome\Application\chrome.exe [859464] [PID.828]
[MD5.AB44884BC129FC04D75A4649E0710203] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8338432] [PID.5912]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.3240]
[MD5.E4284FCF99FEA13A7E1836F87AE356F6] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 311.0.) -- C:\Windows\system32\nvvsvc.exe [639776] [PID.952]
[MD5.5A19667A580B1CE886EAF968B9743F45] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [383264] [PID.968]
[MD5.B0F49DA36F30922F5DDC3B623B778FCE] - (.Microsoft Corporation - Antimalware Service Executable.) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208] [PID.1064]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1396]
[MD5.8619BE54EC51A74A2C3F82B313AB445E] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [873248] [PID.1580]
[MD5.FE79366FECD444A16CCA9979134DBEA8] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376] [PID.588]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.2888]
[MD5.2297460EC100F34DC455CC0EFD21D442] - (.Avira Operations GmbH & Co. KG - Firewall NT service process.) -- C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe [1012280] [PID.2908]
[MD5.FDE9C7030FB1E9E2715E113EE6A10F90] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376] [PID.2944]
[MD5.B342CD9AA44E4AE99E2368EBDBC2E17A] - (.APN LLC. - APN Updater.) -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352] [PID.2996] =>Toolbar.Ask
[MD5.D503DF3ABA595F551B98B9BAE017A271] - (.Apple Inc. - Apple Mobile Device Service.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [144672] [PID.3016]
[MD5.E9EFCB47B90FD5498695BB7FEFD36CAE] - (.Seiko Epson Corporation - Epson Scanner Service (32bit).) -- C:\Windows\system32\EscSvc.exe [122000] [PID.3044]
[MD5.78073F606AE3B24F6C1F555759AA8511] - (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [877864] [PID.3080]
[MD5.C7F5C284B6F46FCAF6910EA4E644700B] - (.Nero AG - Nero BackItUp.) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [935208] [PID.3080]
[MD5.FD306FBCCE7ADB1077B709742E7148E9] - (...) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096] [PID.3336]
[MD5.875E4E0661F3A5994DF9E5E3A0A4F96B] - (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) -- C:\Windows\system32\IoctlSvc.exe [81920] [PID.3372]
[MD5.E155E09229624C69A1A6609C0CB3641F] - (.Ralink Technology, Corp. - RalinkRegistryWriter.) -- C:\Program Files\Ralink\Common\RaRegistry.exe [185632] [PID.3440]
[MD5.6F1E9AB820B3DD8BD38C0190A206205D] - (.Avira Operations GmbH & Co. KG - AntiVir shadow copy service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [431672] [PID.1116]
[MD5.0DD3DDCAEBEA9B0B3B8D008F6973185F] - (.Avira Operations GmbH & Co. KG - Antivirus MailScanner LSP Service.) -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [896056] [PID.3808]
[MD5.29D956C8CB67222D678FAF20D485B25B] - (.Avira Operations GmbH & Co. KG - AntiVir WebGuard Service.) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.exe [1011768] [PID.1404]
[MD5.42D33042371BFB1A7D40834590CAFD30] - (.Microsoft Corporation - Microsoft Network Realtime Inspection Servi.) -- C:\Program Files\Microsoft Security Client\NisSrv.exe [280288] [PID.3200]
~ Processes Running: Scanned in 00mn 01s

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\corinne\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G2 - GCE: Preference [User Data\Default] [aaaaacalgebmfelllfiaoknifldpngjh] Avira SearchFree Toolbar plus Web Protection v.32.10, (Désactivé) =>Toolbar.Avira
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [iahagolkpaghhinaljhjihagjgomdokb] La barre d'outils de Marche.fr v.1.3, (Désactivé)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] GoogleÂ Wallet v.0.0.6.1 (Activé)
~ Google Browser: 12 Scanned in 00mn 06s

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\corinne\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\prefs.js (.not file.)
M3 - MFPP: Plugins - [corinne] -- C:\Users\corinne\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\searchplugins\yahoo.xml
P2 - FPN: [HKLM] [@ei.Allin1Convert_8h.com/Plugin] - (...) -- C:\Program Files\Allin1Convert_8hEI\Installr\1.bin\NP8hEISB.dll (.not file.) =>Adware.Allin1Convert
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.51.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.51.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.51.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20913.0.) -- C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (...) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (.not file.)
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (...) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (.not file.)
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3538.0513] - (...) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (.not file.)
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@nvidia.com/3DVision] - (.NVIDIA Corporation - NVIDIA 3D Vision plugin for Mozilla browsers.) -- C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
P2 - FPN: [HKLM] [@nvidia.com/3DVisionStreaming] - (.NVIDIA Corporation - NVIDIA 3D Vision Streaming plugin for Mozilla browsers.) -- C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.450] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.448] - (.RealNetworks, Inc. - 6.0.12.448.) -- C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.6] - (.VideoLAN - VLC media player Web Plugin 2.0.6.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.9.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited - Facebook Video Calling Plugin.) -- C:\Users\corinne\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\corinne\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\corinne\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll
~ Firefox Browser: 20 Scanned in 00mn 00s

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://cherchermp3.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
~ IE Browser: 11 Scanned in 00mn 00s

---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s

---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} . (.SEIKO EPSON CORPORATION - ewps_tb.) -- C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll
O2 - BHO: Avira SearchFree Toolbar BHO - {41564952-412D-5637-00A7-7A786E7484D7} . (...) -- "C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" (.not file.) =>Toolbar.Avira
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
~ BHO: 12 Scanned in 00mn 01s

---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: DVDVideoSoftTB Toolbar - [HKLM]{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} . (...) -- C:\Program Files\DVDVideoSoft\tbDVDV.dll
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
O3 - Toolbar: Avira SearchFree Toolbar - [HKLM]{41564952-412D-5637-00A7-7A786E7484D7} . (.APN LLC. - Passport.) -- C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll =>Toolbar.Ask
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{41564952-412D-5637-00A7-7A786E7484D7} Clé orpheline
~ Toolbar: Scanned in 00mn 00s

---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Adobe Reader X.lnk . (.Adobe Systems Incorporated - Adobe Reader.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
O4 - GS\Desktop [Public]: Avira Control Center.lnk . (.Avira Operations GmbH & Co. KG - Antivirus Control Center (Desktop).) -- C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
O4 - GS\Desktop [Public]: Epson Easy Photo Print.lnk . (.SEIKO EPSON CORPORATION - Pas de description.) -- C:\Program Files\EPSON Software\Easy Photo Print\EPQuicker.exe
O4 - GS\Desktop [Public]: EPSON Scan.lnk . (.SEIKO EPSON CORP. - EPSON Scan.) -- C:\Windows\twain_32\escndv\escndv.exe
O4 - GS\Desktop [Public]: FreeCompressor.lnk . (...) -- C:\Program Files\TUGzip\TUGZip.exe
O4 - GS\Desktop [Public]: Guide d'utilisation EPSON XP-205 207 Series.lnk . (...) -- C:\Program Files\EPSON Software\Epson Manual\EPSON XP-205 207 Series\fr\Useg\index.htm
O4 - GS\Desktop [Public]: Guide réseau EPSON XP-205 207 Series.lnk . (...) -- C:\Program Files\EPSON Software\Epson Manual\EPSON XP-205 207 Series\fr\Netg\index.htm
O4 - GS\Desktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
O4 - GS\Desktop [Public]: PDFCreator.lnk . (.pdfforge GmbH - PDFCreator.) -- C:\Program Files\PDFCreator\PDFCreator.exe
O4 - GS\Desktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player 2.0.6.) -- C:\Program Files\VideoLAN\VLC\vlc.exe =>.VideoLAN
O4 - GS\Program [Public]: Adobe Reader X.lnk . (...) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico
O4 - GS\Program [Public]: Apple Software Update.lnk . (...) -- C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe =>.Apple Inc
O4 - GS\Program [Public]: Media Center.lnk . (.Microsoft Corporation - Media Center.) -- C:\Windows\ehome\ehshell.exe
O4 - GS\Program [Public]: Microsoft Security Essentials.lnk . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - GS\Program [Public]: Windows Calendar.lnk . (.Microsoft Corporation - Calendrier Windows.) -- C:\Program Files\Windows Calendar\WinCal.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Collaboration.lnk . (.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Contacts.lnk . (.Microsoft Corporation - Windows Contacts.) -- C:\Program Files\Windows Mail\wab.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows DVD Maker.lnk . (.Microsoft Corporation - Création de DVD Windows.) -- C:\Program Files\Movie Maker\DVDMaker.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Movie Maker.lnk . (.Microsoft Corporation - Windows Movie Maker.) -- C:\Program Files\Movie Maker\MOVIEMK.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Photo Gallery.lnk . (.Microsoft Corporation - Galerie de photos Windows.) -- C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) -- C:\Windows\System32\calc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Centre de mobilité Windows.) -- C:\Windows\System32\mblctr.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: NetworkProjection.lnk . (.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\System32\NetProj.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\Windows\System32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) -- C:\Windows\System32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sidebar.lnk . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture.) -- C:\Windows\System32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.) -- C:\Windows\System32\SoundRecorder.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) -- C:\Windows\System32\mobsync.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) -- C:\Program Files\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Backup.lnk . (.Microsoft Corporation - Sauvegarde Microsoft® Windows.) -- C:\Windows\System32\sdclt.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) -- C:\Windows\System32\charmap.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Défragmenteur de disque Microsoft®.) -- C:\Windows\System32\dfrgui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Gestionnaire de nettoyage de disque pour Wi.) -- C:\Windows\System32\cleanmgr.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: migwiz.lnk . (.Microsoft Corporation - Transfert de fichiers et paramètres Windows.) -- C:\Windows\System32\migwiz\migwiz.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - Informations système.) -- C:\Windows\System32\msinfo32.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Restauration du système de Microsoft® Windo.) -- C:\Windows\System32\rstrui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) -- C:\Windows\System32\taskschd.msc
O4 - GS\Accessories [UpdatusUser]: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe =>.Microsoft Corporation
O4 - GS\Accessories [UpdatusUser]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\System32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [UpdatusUser]: Run.lnk - Clé orpheline
O4 - GS\Accessories [UpdatusUser]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\QuickLaunch [corinne]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\corinne\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [corinne]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [corinne]: Microsoft Office Outlook.lnk . (.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.exe =>.Microsoft Corporation
O4 - GS\QuickLaunch [corinne]: SFR Cloud.lnk . (...) -- C:\Users\corinne\AppData\Local\F-Secure\SFR Cloud\Application\SFR Cloud.exe (.not file.)
O4 - GS\QuickLaunch [corinne]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O4 - GS\Program [corinne]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [corinne]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O4 - GS\Accessories [corinne]: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe =>.Microsoft Corporation
O4 - GS\Accessories [corinne]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\System32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [corinne]: Run.lnk - Clé orpheline
O4 - GS\Accessories [corinne]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\SystemTools [corinne]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [corinne]: adwcleaner - Raccourci.lnk . (...) -- C:\Users\corinne\Documents\Downloads\adwcleaner.exe
O4 - GS\Desktop [corinne]: Agent X - Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\corinne\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [corinne]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>Piriform Ltd
O4 - GS\Desktop [corinne]: coco - Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\corinne\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [corinne]: Corbeille - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop [corinne]: Microsoft Office Word 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
O4 - GS\Desktop [corinne]: Nero Express.lnk . (.Nero AG - Nero Burning ROM.) -- C:\Program Files\Nero\Nero8\Nero Burning Rom\nero.exe
O4 - GS\Desktop [corinne]: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.) -- C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
O4 - GS\Desktop [corinne]: RogueKiller-8.8.7 - Raccourci.lnk . (...) -- C:\Users\corinne\Documents\Downloads\RogueKiller-8.8.7.exe
O4 - GS\Desktop [corinne]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files\ZHPDiag\ZHPhep.exe =>.Nicolas Coolman
O4 - GS\Desktop [corinne]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files\ZHPDiag\ZHPFix\ZHPhep.exe =>.Nicolas Coolman
~ Global Startup: 68 Scanned in 00mn 19s

---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: Ralink Wireless Utility.lnk . (.Ralink Technology, Corp. - RaUI MFC Application.) -- C:\Program Files\Ralink\Common\RaUI.exe
O4 - GS\Startup [corinne]: OneNote 2007 - Capture d'écran et lancement.lnk . (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.exe
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [NWEReboot] Clé orpheline
O4 - HKLM\..\Run: [NBKeyScan] . (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
O4 - HKLM\..\Run: [RDesc] Clé orpheline
O4 - HKLM\..\Run: [EEventManager] . (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Antivirus System Tray Tool (Desktop).) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [ApnTBMon] . (.APN - Ask Toolbar Notifier.) -- C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe =>Toolbar.Ask
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [Connexion SFR 9props.exe] . (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files\SFR\Kit\9props.exe
O4 - HKCU\..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.)
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\corinne\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\corinne\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [Connexion SFR 9props.exe] . (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files\SFR\Kit\9props.exe
O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.)
O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\corinne\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\corinne\AppData\Local\Facebook\Update\FacebookUpdate.exe
~ Application: Scanned in 00mn 00s

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s

---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 6 Scanned in 00mn 00s

---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ((no name)) - http://www.ma-config.com/plugins/MaConfig_6_0_1_1.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
~ Objets ActiveX: Scanned in 00mn 00s

---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{26CC9913-151B-4770-A5A9-005A2300254F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{26CC9913-151B-4770-A5A9-005A2300254F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{26CC9913-151B-4770-A5A9-005A2300254F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s

---\\ Protocole additionnel (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
~ SSODL: 1 Scanned in 00mn 00s

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s

---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Avira FireWall (AntiVirFirewallService) . (.Avira Operations GmbH & Co. KG - Firewall NT service process.) - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira Protection e-mail (AntiVirMailService) . (.Avira Operations GmbH & Co. KG - Antivirus MailScanner LSP Service.) - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira Planificateur (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Protection temps réel (AntiVirService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Protection Web (AntiVirWebService) . (.Avira Operations GmbH & Co. KG - AntiVir WebGuard Service.) - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.exe
O23 - Service: Service de mise à jour Ask (APNMCP) . (.APN LLC. - APN Updater.) - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe =>Toolbar.Ask
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Epson Scanner Service (EpsonScanSvc) . (.Seiko Epson Corporation - Epson Scanner Service (32bit).) - C:\Windows\system32\EscSvc.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: Nero BackItUp Scheduler 3 (Nero BackItUp Scheduler 3) . (.Nero AG - Nero BackItUp.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 (Nero BackItUp Scheduler 4.0) . (.Nero AG - Nero BackItUp.) - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMSAccessU (NMSAccessU) . (...) - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 311.0.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PLFlash DeviceIoControl Service (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) . (.Ralink Technology, Corp. - RalinkRegistryWriter.) - C:\Program Files\Ralink\Common\RaRegistry.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
~ Services: 18 Scanned in 00mn 12s

---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe
~ Desktop Component: 4 Scanned in 00mn 00s

---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s

---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2840378466-716466986-1421125182-1000Core.job [914]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2840378466-716466986-1421125182-1000UA.job [936]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cec7f1662e089d.job [1052]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1058]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2840378466-716466986-1421125182-1000Core1cec510fd7fa280.job [1034]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2840378466-716466986-1421125182-1000UA.job [1086]
[MD5.F7AB315A4D400CA876381D1E188A2E20] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [257928]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-2840378466-716466986-1421125182-1000Core] (.Facebook Inc..) -- C:\Users\corinne\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-2840378466-716466986-1421125182-1000UA] (.Facebook Inc..) -- C:\Users\corinne\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [136176]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore1cec7f1662e089d] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [136176]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [136176]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-2840378466-716466986-1421125182-1000Core] (.Google Inc..) -- C:\Users\corinne\AppData\Local\Google\Update\GoogleUpdate.exe [136176]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-2840378466-716466986-1421125182-1000Core1cec510fd7fa280] (.Google Inc..) -- C:\Users\corinne\AppData\Local\Google\Update\GoogleUpdate.exe [136176]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-2840378466-716466986-1421125182-1000UA] (.Google Inc..) -- C:\Users\corinne\AppData\Local\Google\Update\GoogleUpdate.exe [136176]
[MD5.00000000000000000000000000000000] [APT] [Maintenance en 1 clic] (...) -- C:\Program Files\TuneUp Utilities 2009\OneClickStarter.exe (.not file.) [0]
[MD5.F6F5809BB0C0712F51CC70D464663999] [APT] [{28C5E5D6-DB60-4E43-BD0F-FF6755D97150}] (.NVIDIA Corporation.) -- C:\Users\corinne\Desktop\fichier sauvegarder\93.71_forceware_winxp2k_international_whql.exe [64393944]
[MD5.00000000000000000000000000000000] [APT] [{3545F003-AAD7-4EFA-92A4-460073A3B532}] (...) -- C:\Users\corinne\Desktop\93.71_forceware_winxp2k_international_whql.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{4D79829A-4087-45F9-B3A1-D4F6E13D64CC}] (...) -- C:\Users\corinne\Desktop\Auto-'cole 3D\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{5C8C302B-B8E3-4CB2-998B-FBE18091AE17}] (...) -- C:\Users\corinne\Desktop\SoftonicToolbar.exe (.not file.) [0] =>Toolbar.Conduit
[MD5.00000000000000000000000000000000] [APT] [{C916364F-1A39-48C2-863D-D97A3F85E98C}] (...) -- D:\Drivers\Lan\Utility\setup.exe (.not file.) [0]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [561984]
[MD5.9D826FE5B102A4DF5225786DB5E586C9] [APT] [ASUS ACPI Service Provider] (...) -- C:\Program Files\ASUS\AASP\1.00.33\aaCenter.exe [603648]
[MD5.2E5039A6599CAF0C4A406ED9460F80A1] [APT] [ASUS RegRun Loader] (...) -- C:\Program Files\ASUS\AASP\1.00.33\AsLoader.exe [363008]
~ Scheduled Task: 29 Scanned in 00mn 08s

---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d'IEAK.) -- C:\Windows\system32\iedkcs32.dll
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 12.0 r0.) -- C:\Windows\system32\Macromed\Flash\Flash32_12_0_0_70.ocx
~ Active Setup: 13 Scanned in 00mn 00s

---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (AsIO) . (...) - C:\Windows\System32\drivers\AsIO.sys
O41 - Driver: (avfwot) . (.Avira GmbH - TDI filtering kernel driver.) - C:\Windows\System32\DRIVERS\avfwot.sys
O41 - Driver: (avgtp) . (.AVG Technologies - Pas de description.) - C:\Windows\system32\drivers\avgtpx86.sys
O41 - Driver: (avipbb) . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) - C:\Windows\System32\DRIVERS\avipbb.sys
O41 - Driver: (avkmgr) . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) - C:\Windows\System32\DRIVERS\avkmgr.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\System32\DRIVERS\ssmdrv.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
~ Drivers: 81 Scanned in 00mn 01s

---\\ Logiciels installés (O42)
O42 - Logiciel: ALTools Update - (.ESTsoft Corp..) [HKLM] -- ALUpdate_is1
O42 - Logiciel: ASUSUpdate - (...) [HKLM] -- {587178E7-B1DF-494E-9838-FA4DD36E873C}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {FDB3B167-F4FA-461D-976F-286304A57B2A}
O42 - Logiciel: Adobe Flash Player 12 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader X (10.1.9) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Advertising Center - (.Nero AG.) [HKLM] -- {B2EC4A38-B545-4A00-8214-13FE0E915E6D}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {553255F3-78FD-40F1-A6F8-6882140265FE}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc
O42 - Logiciel: Atheros Communications Inc.(R) L2 Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM] -- {0A755762-EED8-47AB-A446-505766F93D43}
O42 - Logiciel: Attansic Ethernet Utility - (.Attansic.) [HKLM] -- {1F698102-5739-441E-96F0-74F4EA540F06}
O42 - Logiciel: Avira Internet Security v14.0.2.286 - (.Avira.) [HKLM] -- Avira AntiVir Desktop
O42 - Logiciel: Avira SearchFree Toolbar v12.10.3.4487 - (.APN, LLC.) [HKLM] -- {41564952-412D-5637-00A7-A758B70C0A03} =>Toolbar.Avira
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner =>Piriform Ltd
O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1
O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM] -- {415B2719-AD3A-4944-B404-C472DB6085B3}
O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM] -- {83770D14-21B9-44B3-8689-F7B523F94560}
O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM] -- {669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}
O42 - Logiciel: ClipConverter - (.Lunaweb.) [HKLM] -- {D61442B3-97B4-4970-9F95-B38C9C6D9B84}
O42 - Logiciel: Contenta Converter PREMIUM - (.Contenta Software.) [HKLM] -- ContentaConverter-PREMIUM
O42 - Logiciel: DVDVideoSoft Toolbar - (...) [HKLM] -- DVDVideoSoft Toolbar
O42 - Logiciel: Download Navigator - (.SEIKO EPSON CORPORATION.) [HKLM] -- {D0735505-251C-41E4-A64A-D6D0A5E8FB4D}
O42 - Logiciel: EPSON Logiciel imprimante - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON Printer and Utilities
O42 - Logiciel: EPSON Scan - (.Seiko Epson Corporation.) [HKLM] -- EPSON Scanner
O42 - Logiciel: EPSON XP-205 207 Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON XP-205 207 Series
O42 - Logiciel: Epson E-Web Print - (.SEIKO EPSON CORPORATION.) [HKLM] -- {695C8469-7822-4B31-A673-5ED84815B649}
O42 - Logiciel: Epson Easy Photo Print 2 - (.SEIKO EPSON CORPORATION.) [HKLM] -- {30E01116-5666-4807-8EF1-D80E9FF16717}
O42 - Logiciel: Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) - (.SEIKO EPSON CORPORATION2.) [HKLM] -- {B2D55EB8-32C5-4B43-9006-9E97DECBA178}
O42 - Logiciel: Epson Event Manager - (.Seiko Epson Corporation.) [HKLM] -- {BECE9CCD-83F6-4BAA-9B26-227DF7D2E932}
O42 - Logiciel: EpsonNet Print - (.SEIKO EPSON CORPORATION.) [HKLM] -- {3E31400D-274E-4647-916C-2CACC3741799}
O42 - Logiciel: Facebook Video Calling 2.0.0.447 - (.Skype Limited.) [HKLM] -- {8DF41A9F-FE13-43E8-A003-5F9B55A011EE}
O42 - Logiciel: Feneris Video Downloader - (.Feneris.) [HKLM] -- {86AED2CA-EE00-400B-8516-5152CC10B32E}
O42 - Logiciel: Free Audio CD Burner version 1.2 - (.DVDVideoSoft Limited..) [HKLM] -- Free Audio CD Burner_is1
O42 - Logiciel: FreeCompressor - (.Secure Digital Services.) [HKLM] -- {8CA0170E-6E9E-43A5-AE1F-85A82820B847} =>Adware.SPointer
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} =>Toolbar.Google
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Guide d'utilisation EPSON XP-205 207 Series - (...) [HKLM] -- EPSON XP-205 207 Series Useg
O42 - Logiciel: Guide réseau EPSON XP-205 207 Series - (...) [HKLM] -- EPSON XP-205 207 Series Netg
O42 - Logiciel: ItsTV 3.0 - (.Its Label.) [HKLM] -- ItsTV_is1
O42 - Logiciel: Java 7 Update 51 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217051FF}
O42 - Logiciel: Java(TM) 6 Update 39 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216035FF}
O42 - Logiciel: K-Lite Mega Codec Pack 5.7.0 - (...) [HKLM] -- KLiteCodecPack_is1
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {A4526B5A-89C0-4F4B-9E6E-4F883374D5F9}
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {0CD47142-BA4F-46B0-AA92-2675864928B8}
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Mises à jour NVIDIA 1.11.3 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update
O42 - Logiciel: NVIDIA Display Control Panel - (.NVIDIA Corporation.) [HKLM] -- NVIDIA D

Réponse 18 / 35

coco66

Je remets l'antivirus avira car l'ordi va de + en + mal, il devient encore plus long a redémarrer, s'il y a une autre manipulation a faire, merci de me me redonner les directives pour le désactiver, s'il y a besoin. Pour l'instant, ma messagerie est toujours aussi longue à démarrer la première fois mais si je la ferme et la réouvre un moment plus tard, ça va.

Marou81 Messages postés 4175 Date d'inscription Statut Membre Dernière intervention 198

faut héberger le rapport, je l'ai marqué dans mes instructions, comme tu as pu le voir il n'est pas complet ...

Réponse 19 / 35

coco66

comment ça, héberger le rapport, comment faire ? car moi je fais un copier coller de ce qui sort! merci

jacques.gache Messages postés 33461 Date d'inscription Statut Contributeur sécurité Dernière intervention 1 617

bonjour, essais d'héberger le rapport sur cjoint aide toi de ce tuto si besoin https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers

jacques.gache Messages postés 33461 Date d'inscription Statut Contributeur sécurité Dernière intervention 1 617

rebonjour, tiens en vidéo et plus récent https://www.youtube.com/watch?v=CnfoHBWLI5A&feature=youtu.be

coco66

http://cjoint.com/?DBBnUyvNVsS

Réponse 20 / 35

coco66

c bon ?

jacques.gache Messages postés 33461 Date d'inscription Statut Contributeur sécurité Dernière intervention 1 617

bonjour, je pense que Marou81 va revenir t'aider pour désinfecter ton pc car il y a du monde !!

en attendant une chose m'interpelle sur le zhpdiag je vois 2 anti-virus d'actif et c'est pas bon !! il y a antivir et Microsoft Security , et puyis avec antivir pourquoi conserver windows défender en actif , donc pour avancer Marou81 désinstalles l'antivirus que tu ne veux pas conservé , puis déactive windows défender aides toi de cela si besoin https://www.pcastuces.com/pratique/astuces/2281.htm

coco66

Rapport de ZHPFix 2014.2.16.5 par Nicolas Coolman, Update du 16/02/2014
Fichier d'export Registre :
Run by corinne at 03/03/2014 18:32:10
High Elevated Privileges : OK
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)

Corbeille vidée (00mn 03s)
Réparation des raccourcis navigateur

========== Logiciels ==========
SUPPRIMÉ: FreeCompressor
SUPPRIMÉ: pdfforge Toolbar v7.4

========== Processus mémoire ==========
SUPPRIMÉ: Memory Process: C:\Users\corinne\AppData\Local\Facebook\Update\FacebookUpdate.exe

========== Clés du Registre ==========
SUPPRIMÉ: [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8CA0170E-6E9E-43A5-AE1F-85A82820B847}]
SUPPRIMÉ: [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3B765585-A537-441C-9984-66C2B2DE6046}]
SUPPRIMÉ: Mozilla Plugin: @ei.Allin1Convert_8h.com/Plugin
SUPPRIMÉ: [HKLM\Software\Classes\Installer\Products\\02639FE151B44BD40BAE88E9F2810718]
SUPPRIMÉ: [HKLM\Software\Classes\Installer\Features\02639FE151B44BD40BAE88E9F2810718]
SUPPRIMÉ: [HKLM\Software\Classes\Installer\Products\\585567B3735AC1449948662C2BED0664]
SUPPRIMÉ: [HKLM\Software\Classes\Installer\Features\585567B3735AC1449948662C2BED0664]
SUPPRIMÉ: [HKLM\Software\Classes\Installer\Products\\9888910D6677B424BA181FF6E8DDEF4F]
SUPPRIMÉ: [HKLM\Software\Classes\Installer\Features\9888910D6677B424BA181FF6E8DDEF4F]
SUPPRIMÉ: [HKLM\Software\Classes\Installer\Products\\E0710AC8E9E65A34EAF1588A82028B74]
SUPPRIMÉ: [HKLM\Software\Classes\Installer\Features\E0710AC8E9E65A34EAF1588A82028B74]
SUPPRIMÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{5791B7D3-8B34-4218-9750-6A8E45D0AD32}
SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E
SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\02639FE151B44BD40BAE88E9F2810718
SUPPRIMÉ: HKLM\Software\Google\Chrome\Extensions\bdcfkjjffkboloijgealjeijakofmalg
SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1B812BD0725DF36459D5BA985C9193C4
SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2514EB7147619DA498D025C07B3421DD
SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\73962F57F2FA32C43A431C9C05459330
SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B63FC54A3B9D36449AD536B3C29D2A97
SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C512D8DDA7F6553429ACE05EC3197DAB
SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839
SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8
SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E0710AC8E9E65A34EAF1588A82028B74
SUPPRIMÉ: HKLM\Software\Classes\Freecompressor.Spointer.1
SUPPRIMÉ: HKLM\Software\Classes\Freecompressor.SpointerCtrl.1
SUPPRIMÉ: HKLM\Software\Classes\Freecompressor.SpointerWebDisp.1
SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
SUPPRIMÉ CLSID MPSK: {afe1c1c5-0f43-11e0-a474-001bfcfe3b34}
SUPPRIMÉ: [HKLM\SOFTWARE\Classes\CLSID\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]
SUPPRIMÉ: HKLM\Software\Classes\CLSID\{6BC38BF4-E84D-46E1-920B-42D31AEA617E}
SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{fe063dbb-4ec0-403e-8dd8-394c54984b2c}

========== Valeurs du Registre ==========
SUPPRIMÉ: TCP Query User{AA94EC3F-F430-4B76-ABA2-F7568CE67187}C:\program files\fluendo\moovida\moovida.exe
SUPPRIMÉ: UDP Query User{215084E8-1FBD-40BD-B82A-855839151943}C:\program files\fluendo\moovida\moovida.exe
SUPPRIMÉ: Toolbar: {41564952-412D-5637-00A7-7A786E7484D7}
SUPPRIMÉ RunValue: NWEReboot
SUPPRIMÉ RunValue: RDesc
SUPPRIMÉ RunValue: WindowsWelcomeCenter
SUPPRIMÉ: Toolbar: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
SUPPRIMÉ: Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F}
Aucune Valeur Standard Profile: FirewallRaz :
Aucune Valeur Domain Profile: FirewallRaz :
SUPPRIMÉ: FirewallRaz (None) : {5B0C2B99-DB8E-44F0-A6B2-E6F115DDE8E6}
SUPPRIMÉ: FirewallRaz (Public) : {74ABB953-4F7A-47C7-B51F-39CD376C4C54}
SUPPRIMÉ: FirewallRaz (Public) : {24C6491D-06A3-44A6-9DFA-0E7F6FF1DDFE}
SUPPRIMÉ: FirewallRaz (Public) : TCP Query User{86BC13E7-93A7-4D3E-8BB1-0D4159806C03}C:\users\corinne\appdata\roaming\spotify\spotify.exe
SUPPRIMÉ: FirewallRaz (Public) : UDP Query User{5832FCE2-6BF8-4C9D-A04F-A40BE74E6ABE}C:\users\corinne\appdata\roaming\spotify\spotify.exe
SUPPRIMÉ: FirewallRaz (Public) : {6CFE11CC-7D38-45A8-AAF7-0CECB2567EBD}
SUPPRIMÉ: FirewallRaz (Public) : {0BC85427-7AC4-4F16-9754-BEC31F53005F}
ProxyFix : Configuration proxy supprimée avec succès
SUPPRIMÉ ProxyServer Value
SUPPRIMÉ ProxyEnable Value
SUPPRIMÉ EnableHttp1_1 Value
SUPPRIMÉ ProxyHttp1.1 Value
SUPPRIMÉ ProxyOverride Value

========== Dossiers ==========
Aucun dossiers CLSID Local utilisateur vide
SUPPRIMÉS Flash Cookies (33)

========== Fichiers ==========
SUPPRIMÉ: C:\Windows\Installer\17de69.msi
SUPPRIMÉ: C:\Windows\Installer\1adbf1.msi
SUPPRIMÉ: C:\Windows\Installer\25cb2.msi
SUPPRIMÉ: C:\Windows\Installer\dd63b9.msi
SUPPRIMÉ: c:\users\corinne\appdata\roaming\microsoft\internet explorer\quick launch\sfr cloud.lnk
SUPPRIMÉ: c:\windows\tasks\facebookupdatetaskusers-1-5-21-2840378466-716466986-1421125182-1000core.job
SUPPRIMÉ: c:\windows\tasks\facebookupdatetaskusers-1-5-21-2840378466-716466986-1421125182-1000ua.job
SUPPRIMÉ: c:\windows\prefetch\am_delta_patch_1.167.175.0.ex-823a4fb2.pf
SUPPRIMÉ: c:\windows\prefetch\e_finvile.exe-2aa3b7bd.pf
SUPPRIMÉ: c:\windows\prefetch\e_farnile.exe-42ebc301.pf
SUPPRIMÉ: c:\windows\prefetch\updatemanager.exe-bc296ffb.pf
SUPPRIMÉ: c:\windows\prefetch\apnsetup.exe-df74953d.pf
SUPPRIMÉ: c:\windows\prefetch\flashutil32_12_0_0_70_activex-f4776833.pf
SUPPRIMÉ: c:\windows\prefetch\servicelocator.exe-a858b0ee.pf
SUPPRIMÉ: c:\windows\prefetch\toolbar.exe-4aca359c.pf
SUPPRIMÉ: c:\windows\prefetch\am_delta_patch_1.167.263.0.ex-80ffa7c0.pf
SUPPRIMÉ: c:\windows\prefetch\setup.exe-536a18dd.pf
SUPPRIMÉ: c:\windows\prefetch\33.0.1750.117_32.0.1700.107_c-9579a330.pf
SUPPRIMÉ: c:\windows\prefetch\setup.exe-cef4e141.pf
SUPPRIMÉ: c:\windows\prefetch\facebookupdate.exe-7cd3c91a.pf
SUPPRIMÉ: c:\windows\prefetch\photoscreensaver.scr-f1874e40.pf
SUPPRIMÉ: c:\windows\prefetch\aggluad_p_s-1-5-21-2840378466-716466986-1421125182-1000.db
SUPPRIMÉ: c:\windows\prefetch\aggluad_s-1-5-21-2840378466-716466986-1421125182-1000.db
SUPPRIMÉ: c:\windows\prefetch\ntosboot-b00dfaad.pf
SUPPRIMÉ: c:\windows\prefetch\update.exe-3fbe35e6.pf
SUPPRIMÉ: c:\windows\prefetch\usrreq.exe-0a4630b9.pf
SUPPRIMÉ: c:\users\corinne\appdata\local\temp\jawshtml.html
SUPPRIMÉ: c:\users\corinne\appdata\local\temp\1708_21407\crl-set
SUPPRIMÉ: c:\users\corinne\appdata\local\temp\1708_21407\manifest.fingerprint
SUPPRIMÉ: c:\users\corinne\appdata\local\temp\1708_21407\manifest.json
SUPPRIMÉ: c:\users\corinne\appdata\local\temp\4880_32369\crl-set
SUPPRIMÉ: c:\users\corinne\appdata\local\temp\4880_32369\manifest.fingerprint
SUPPRIMÉ: c:\users\corinne\appdata\local\temp\4880_32369\manifest.json
SUPPRIMÉ: c:\users\corinne\appdata\local\temp\cr_6b4f1.tmp\setup_patch.packed.7z
SUPPRIMÉ: c:\users\corinne\appdata\local\temp\828_20131\crl-set
SUPPRIMÉ: c:\users\corinne\appdata\local\temp\828_20131\manifest.fingerprint
SUPPRIMÉ: c:\users\corinne\appdata\local\temp\828_20131\manifest.json
SUPPRIMÉ: c:\users\corinne\appdata\local\temp\corinne.bmp
SUPPRIMÉ: c:\users\corinne\appdata\local\temp\wmplog00.sqm
SUPPRIMÉ: c:\users\corinne\appdata\local\google\chrome\user data\default\preferences
SUPPRIMÉ: c:\windows\prefetch\apnmcp.exe-e6a53660.pf
SUPPRIMÉ: c:\windows\prefetch\tbnotifier.exe-71d9d038.pf
SUPPRIMÉS Temporaires Windows (53) (238 263 octets)
SUPPRIMÉS Flash Cookies (17) (2 778 octets)

========== Tache planifiée ==========
SUPPRIMÉ: FacebookUpdateTaskUserS-1-5-21-2840378466-716466986-1421125182-1000Core
SUPPRIMÉ: FacebookUpdateTaskUserS-1-5-21-2840378466-716466986-1421125182-1000UA
SUPPRIMÉ: {3545F003-AAD7-4EFA-92A4-460073A3B532}
SUPPRIMÉ: {4D79829A-4087-45F9-B3A1-D4F6E13D64CC}
SUPPRIMÉ: {C916364F-1A39-48C2-863D-D97A3F85E98C}
SUPPRIMÉ: {5C8C302B-B8E3-4CB2-998B-FBE18091AE17}

========== Restauration Système ==========
Point de restauration du système créé avec succès

========== Autre ==========
NON TRAITÉ Adobe Reader X

========== Récapitulatif ==========
1 : Processus mémoire
32 : Clés du Registre
23 : Valeurs du Registre
2 : Dossiers
44 : Fichiers
2 : Logiciels
6 : Tache planifiée
1 : Restauration Système
1 : Autre

End of clean in 02mn 26s

========== Chemin de fichier rapport ==========
C:\Users\corinne\AppData\Roaming\ZHP\ZHPFix[R1].txt - 04/02/2014 19:29:38 [668]
C:\Users\corinne\AppData\Roaming\ZHP\ZHPFix[R2].txt - 04/02/2014 19:29:46 [786]
C:\Users\corinne\AppData\Roaming\ZHP\ZHPFix[R3].txt - 04/02/2014 19:30:16 [5655]
C:\Users\corinne\AppData\Roaming\ZHP\ZHPFix[R4].txt - 04/02/2014 19:30:32 [904]
C:\Users\corinne\AppData\Roaming\ZHP\ZHPFix[R5].txt - 03/03/2014 18:32:14 [9527]

coco66

Bonsoir, je n'y comprends rien , je vous l'ai envoyé hier, même que que j'ai m'y reprendre à plusieurs fois, c pas bon?

coco66

Rapport de ZHPFix 2014.2.16.5 par Nicolas Coolman, Update du 16/02/2014
Fichier d'export Registre :
Run by corinne at 05/03/2014 13:08:05
High Elevated Privileges : OK
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)

Corbeille vidée (01mn 13s)
Réparation des raccourcis navigateur

========== Valeurs du Registre ==========
Aucune Valeur Standard Profile: FirewallRaz :
Aucune Valeur Domain Profile: FirewallRaz :
ProxyFix : Configuration proxy supprimée avec succès
SUPPRIMÉ ProxyServer Value
SUPPRIMÉ ProxyEnable Value
SUPPRIMÉ EnableHttp1_1 Value
SUPPRIMÉ ProxyHttp1.1 Value
SUPPRIMÉ ProxyOverride Value

========== Dossiers ==========
Aucun dossiers CLSID Local utilisateur vide
SUPPRIMÉS Flash Cookies (2)

========== Fichiers ==========
SUPPRIMÉ: c:\windows\prefetch\e_finvile.exe-2aa3b7bd.pf
SUPPRIMÉ: c:\windows\prefetch\e_farnile.exe-42ebc301.pf
SUPPRIMÉ: c:\windows\prefetch\flashutil32_12_0_0_70_activex-f4776833.pf
SUPPRIMÉ: c:\windows\prefetch\photoscreensaver.scr-f1874e40.pf
SUPPRIMÉ: c:\windows\prefetch\aggluad_p_s-1-5-21-2840378466-716466986-1421125182-1000.db
SUPPRIMÉ: c:\windows\prefetch\aggluad_s-1-5-21-2840378466-716466986-1421125182-1000.db
SUPPRIMÉ: c:\windows\prefetch\ntosboot-b00dfaad.pf
SUPPRIMÉ: c:\windows\prefetch\update.exe-3fbe35e6.pf
SUPPRIMÉ: c:\users\corinne\appdata\local\temp\corinne.bmp
SUPPRIMÉ: c:\users\corinne\appdata\local\google\chrome\user data\default\preferences
SUPPRIMÉS Temporaires Windows (12) (507 211 octets)
SUPPRIMÉS Flash Cookies (0) (0 octets)

========== Restauration Système ==========
Point de restauration du système créé avec succès

========== Autre ==========
NON TRAITÉ Adobe Reader X

========== Récapitulatif ==========
8 : Valeurs du Registre
2 : Dossiers
12 : Fichiers
1 : Restauration Système
1 : Autre

End of clean in 02mn 46s

========== Chemin de fichier rapport ==========
C:\Users\corinne\AppData\Roaming\ZHP\ZHPFix[R1].txt - 04/02/2014 19:29:38 [668]
C:\Users\corinne\AppData\Roaming\ZHP\ZHPFix[R2].txt - 04/02/2014 19:29:46 [786]
C:\Users\corinne\AppData\Roaming\ZHP\ZHPFix[R3].txt - 04/02/2014 19:30:16 [5655]
C:\Users\corinne\AppData\Roaming\ZHP\ZHPFix[R4].txt - 04/02/2014 19:30:32 [904]
C:\Users\corinne\AppData\Roaming\ZHP\ZHPFix[R5].txt - 03/03/2014 18:32:14 [9609]
C:\Users\corinne\AppData\Roaming\ZHP\ZHPFix[R6].txt - 05/03/2014 13:09:19 [2341]

Parfeu avira

35 réponses

Votre réponse

Discussions similaires