Sujet Précédent Sujet Suivant

Analyse rapport de scan ZHPDiag et Combofix

Résolu/Fermé
banjo39 Messages postés 4 Date d'inscription jeudi 27 février 2014 Statut Membre Dernière intervention 3 mars 2014 - 27 févr. 2014 à 17:28
banjo39 Messages postés 4 Date d'inscription jeudi 27 février 2014 Statut Membre Dernière intervention 3 mars 2014 - 3 mars 2014 à 23:09
27 février 2014 17 h 20
Bonjour, j'aurais besoin de l'aide d'un spécialiste en nettoyage d'ordinateur.
L'ordinateur de mon fils (portable avec vista basic) est infecté par de nombreux programmes indésirables qui le ralentissent, établissent des connexions internet intempestives et sature le processeur. Après un déverminage en mode sans échec sans connexion internet avec Malwarebytes anti-malware j'ai éliminé une centaine d'éléments indésirables en 2 passes.
J'ai effectué un diagnostic avec ZHPDiag et Combofix mais je ne sais pas les analyser. Je voudrais savoir si mes actions ont nettoyées correctement ou pas cet ordinateur.
rapports :

~ Rapport de ZHPDiag v2014.2.23.20 - Nicolas Coolman (23/02/2014)
~ Lancé par manon (27/02/2014 16:11:35)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421 (Defaut)
MFIE: Mozilla Firefox 26.0

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Vista (TM) Home Basic, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : P92J4
Windows License : OK
Windows Automatic Updates : OK

---\\ Logiciels de protection du système
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft Security Client v4.4.0304.0

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader 8.1.0

---\\ Informations sur le système
~ Processor: x86 Family 15 Model 127 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1789 MB (49% free)
System Restore: Activé (Enable)
System drive C: has 87 GB (62%) free of 139 GB

---\\ Mode de connexion au système
~ Computer Name: PC-DE-MANON
~ User Name: manon
~ All Users Names: manon, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\manon\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\manon\AppData\Roaming\
~ %Desktop% : C:\Users\manon\Desktop\
~ %Favorites% : C:\Users\manon\Favorites\
~ %LocalAppData% : C:\Users\manon\AppData\Local\
~ %StartMenu% : C:\Users\manon\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 87 Go of 139 Go)
D: CD-ROM drive (Not Inserted)
E: Floppy drive, Flash card reader, USB Key (Free 3 Go of 8 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 49 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:33:13.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.679EAED8E703235BA81AA2E58F4E2D16] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.05/02/2014 - 09:50:39.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:33:23.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:32:45.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:34:06.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:34:44.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:32:22.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/939
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 1/5
~ Mes Favoris (My Favorites) : 1/26
~ Mes Documents (My Documents) : 1/102
~ Mon Bureau (My Desktop) : 1/254
~ Menu demarrer (Programs) : 1/31
~ Hidden Files: Scanned in 00mn 00s



---\\ Processus lancés
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.2940]
[MD5.D93985F5D87DF1A119E939EADB5C4B9E] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [6266880] [PID.3104]
[MD5.1A48C5D391127BB190FEAB18EE5FB6E2] - (...) -- C:\Program Files\Mobogenie\DaemonProcess.exe [761024] [PID.3160] =>PUP.Mobogenie
[MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53784] [PID.3620]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.4036]
[MD5.42FEDBCB3ED926F6F529E0FDDF750BE0] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8339968] [PID.2396]
[MD5.D53024C1355615B82DD1526B63623E61] - (...) -- C:\Program Files\Mobogenie\mgusb.exe [88256] [PID.3560] =>PUP.Mobogenie
[MD5.B0F49DA36F30922F5DDC3B623B778FCE] - (.Microsoft Corporation - Antimalware Service Executable.) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208] [PID.984]
[MD5.4604DB6D5ECA6362873CC3A76D2204BA] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\Windows\system32\Ati2evxx.exe [692224] [PID.1128]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1328]
[MD5.46A5CBB09B8F0C46F8CBE9210E5E3BE2] - (.Acronis - Acronis Scheduler 2.) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [411168] [PID.2036]
[MD5.4D06D9A26227AC485305133916888DF1] - (.Pas de propriétaire - Acer Empowering Technology Framework Servic.) -- C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe [24576] [PID.344]
[MD5.213822072085B5BBAD9AF30AB577D817] - (.InterVideo - RegMgr Module.) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [112152] [PID.472]
[MD5.793FF718477345CD5D232C50BED1E452] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440] [PID.900]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.1348]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.1460]
[MD5.E87213F37A13E2B54391E40934F071D0] - (.Microsoft Corporation - .NET Runtime Optimization Service.) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [105144] [PID.2584]
~ Processes Running: Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js
C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\qon1dgdq.default\prefs.js
C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\qon1dgdq.default\user.js
M3 - MFPP: Plugins - [manon] -- C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\searchplugins\Mysearchdial.xml =>Adware.MyWebSearch
M3 - MFPP: Plugins - [manon] -- C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\qon1dgdq.default\searchplugins\iminent.xml =>Adware.IMBooster
M3 - MFPP: Plugins - [manon] -- C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\qon1dgdq.default\searchplugins\Mysearchdial.xml =>Adware.MyWebSearch
M0 - MFSP: prefs.js [manon - qon1dgdq.default] https://www.google.fr/?gws_rd=ssl
M2 - MFEP: prefs.js [manon - extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}] [] MySearchDial NewTab v (..) =>Adware.MyWebSearch
M2 - MFEP: prefs.js [manon - qon1dgdq.default\ffxtlbr@iminent.com] [] Iminent Toolbar v1.6.0 (..) =>Adware.IMBooster
M2 - MFEP: prefs.js [manon - qon1dgdq.default\lightningnewtab@gmail.com] [] Quick Start v1.6.0 (..)
M2 - MFEP: prefs.js [manon - qon1dgdq.default\quick_start@gmail.com] [] Quick Start v1.6.0 (..)
M2 - MFEP: prefs.js [manon - qon1dgdq.default\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}] [] MySearchDial NewTab v1.6.0 (..) =>Adware.MyWebSearch
M2 - MFEP: prefs.js [manon - qon1dgdq.default\{D8A30808-3888-E608-3AA4-A2CEA2623402}] [] Discount Dragon v1.0 (..) =>PUP.DiscountDragon
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFFICE.DLL
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
P2 - FPN: [HKLM] [@bittorrent.com/BitTorrentDNA] - (.BitTorrent, Inc. - Delivery Network Acceleration by BitTorrent(TM).) -- C:\Program Files\DNA\plugins\npbtdna.dll =>P2P.BitTorrent
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20913.0.) -- c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.3.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (...) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (.not file.)
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.4] - (.VideoLAN - VLC media player Web Plugin 2.1.0.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.2] - (.VideoLAN - VLC media player Web Plugin 2.1.0.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
P2 - FPN: [HKCU] [@bittorrent.com/BitTorrentDNA] - (.BitTorrent, Inc. - Delivery Network Acceleration by BitTorrent(TM).) -- C:\Users\manon\Program Files\DNA\plugins\npbtdna.dll =>P2P.BitTorrent
~ Firefox Browser: 22 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = http://start.mysearchdial.com =>Adware.MyWebSearch
R3 - URLSearchHook: (no name) - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (.BitTorrent, Inc. - Delivery Network Acceleration by BitTorrent(TM).) (No version) -- (.not file.) =>P2P.BitTorrent
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (...) (No version) -- (.not file.)
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
~ IE Browser: 14 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback> =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 1



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
~ BHO: 4 Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Acronis True Image Home 10.0.lnk . (.Acronis - Acronis True Image.) -- C:\Program Files\Acronis\TrueImageHome\TrueImage.exe
O4 - GS\Desktop [Public]: HP Deskjet 2050 J510 series.lnk . (...) -- C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HP Deskjet 2050 J510 series.exe (.not file.)
O4 - GS\Desktop [Public]: HP Photo Creations.lnk . (.Visan / RocketLife - PhotoProduct.exe.) -- C:\Program Files\HP Photo Creations\PhotoProduct.exe
O4 - GS\Desktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe http://www.awesomehp.com =>PUP.Awesomehp
O4 - GS\Desktop [Public]: Nero StartSmart Essentials.lnk . (.Nero AG - Nero StartSmart.) -- C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe
O4 - GS\Desktop [Public]: Skype.lnk . (...) -- C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
O4 - GS\Desktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player 2.1.2.) -- C:\Program Files\VideoLAN\VLC\vlc.exe =>.VideoLAN
O4 - GS\Desktop [Public]: Zune.lnk . (.Microsoft Corporation - Microsoft Zune.) -- C:\Program Files\Zune\Zune.exe
O4 - GS\Program [Public]: Adobe Reader 8.lnk . (...) -- C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-A81000000003}\SC_Reader.exe
O4 - GS\Program [Public]: Microsoft Security Essentials.lnk . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe http://www.awesomehp.com =>PUP.Awesomehp
O4 - GS\Program [Public]: Windows Calendar.lnk . (.Microsoft Corporation - Calendrier Windows.) -- C:\Program Files\Windows Calendar\WinCal.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Collaboration.lnk . (.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Contacts.lnk . (.Microsoft Corporation - Windows Contacts.) -- C:\Program Files\Windows Mail\wab.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Defender.lnk . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - GS\Program [Public]: Windows Live Mail.lnk . (...) -- C:\Program Files\Windows Live\Mail\wlmail.exe (.not file.) =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Live Messenger.lnk . (...) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.)
O4 - GS\Program [Public]: Windows Live Movie Maker.lnk . (...) -- C:\Program Files\Windows Live\Photo Gallery\MovieMaker.exe (.not file.) =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Live Photo Gallery.lnk . (...) -- C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe (.not file.) =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Movie Maker.lnk . (.Microsoft Corporation - Windows Movie Maker.) -- C:\Program Files\Movie Maker\MOVIEMK.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Photo Gallery.lnk . (.Microsoft Corporation - Galerie de photos Windows.) -- C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) -- C:\Windows\System32\calc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Centre de mobilité Windows.) -- C:\Windows\System32\mblctr.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\Windows\System32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) -- C:\Windows\System32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sidebar.lnk . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.) -- C:\Windows\System32\SoundRecorder.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) -- C:\Windows\System32\mobsync.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) -- C:\Program Files\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Backup.lnk . (.Microsoft Corporation - Sauvegarde Microsoft® Windows.) -- C:\Windows\System32\sdclt.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) -- C:\Windows\System32\charmap.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Défragmenteur de disque Microsoft®.) -- C:\Windows\System32\dfrgui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Gestionnaire de nettoyage de disque pour Wi.) -- C:\Windows\System32\cleanmgr.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: migwiz.lnk . (.Microsoft Corporation - Transfert de fichiers et paramètres Windows.) -- C:\Windows\System32\migwiz\migwiz.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - Informations système.) -- C:\Windows\System32\msinfo32.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Restauration du système de Microsoft® Windo.) -- C:\Windows\System32\rstrui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) -- C:\Windows\System32\taskschd.msc
O4 - GS\QuickLaunch [manon]: Démarrer Microsoft Office Outlook.lnk . (.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.exe =>.Microsoft Corporation
O4 - GS\QuickLaunch [manon]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp.com =>PUP.Awesomehp
O4 - GS\QuickLaunch [manon]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe http://www.awesomehp.com =>PUP.Awesomehp
O4 - GS\QuickLaunch [manon]: Nero StartSmart Essentials.lnk . (.Nero AG - Nero StartSmart.) -- C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe
O4 - GS\QuickLaunch [manon]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O4 - GS\QuickLaunch [manon]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\manon\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\Program [manon]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp.com =>PUP.Awesomehp
O4 - GS\Program [manon]: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O4 - GS\Program [manon]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O4 - GS\Accessories [manon]: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe =>.Microsoft Corporation
O4 - GS\Accessories [manon]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\System32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [manon]: Run.lnk - Clé orpheline
O4 - GS\Accessories [manon]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\SystemTools [manon]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp.com =>PUP.Awesomehp
O4 - GS\SendTo [manon]: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - GS\Desktop [manon]: Boîte mail de la Boulangerie (Outlook).lnk . (...) -- C:\Windows\Installer\{91CA040C-6000-11D3-8CFE-0150048383C9}\outicon.exe
O4 - GS\Desktop [manon]: Microsoft Office Excel 2003.lnk . (...) -- C:\Windows\Installer\{91CA040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe
O4 - GS\Desktop [manon]: Microsoft Office Word 2003.lnk . (...) -- C:\Windows\Installer\{91CA040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe
O4 - GS\Desktop [manon]: Mobogenie.lnk . (...) -- C:\Program Files\Mobogenie\Mobogenie.exe =>PUP.Mobogenie
O4 - GS\Desktop [manon]: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.) -- C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
O4 - GS\Desktop [manon]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files\ZHPDiag\ZHPhep.exe =>.Nicolas Coolman
O4 - GS\Desktop [manon]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files\ZHPDiag\ZHPFix\ZHPhep.exe =>.Nicolas Coolman
O4 - GS\Desktop [manon]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\manon\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 63 Scanned in 00mn 00s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [Skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Windows\Skytel.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [mobilegeni daemon] . (...) -- C:\Program Files\Mobogenie\DaemonProcess.exe =>PUP.Mobogenie
O4 - HKCU\..\Run: [BitTorrent DNA] . (.BitTorrent, Inc. - DNA.) -- C:\Users\manon\Program Files\DNA\btdna.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-2396021856-3484239504-460970112-1000\..\Run: [BitTorrent DNA] . (.BitTorrent, Inc. - DNA.) -- C:\Users\manon\Program Files\DNA\btdna.exe =>P2P.BitTorrent
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (.not file.)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\OFFICE11\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 6 Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{272174AC-3304-4E0F-AEC7-6753C9E90DC3}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\..\{AC2174CD-6D54-4C8B-AEB4-7A15A553FAED}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{272174AC-3304-4E0F-AEC7-6753C9E90DC3}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{AC2174CD-6D54-4C8B-AEB4-7A15A553FAED}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS3\Services\Tcpip\..\{272174AC-3304-4E0F-AEC7-6753C9E90DC3}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS3\Services\Tcpip\..\{AC2174CD-6D54-4C8B-AEB4-7A15A553FAED}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
~ SSODL: 1 Scanned in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) . (.Acronis - Acronis Scheduler 2.) - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\System32\Ati2evxx.exe
O23 - Service: Empowering Technology Service (ETService) . (.Pas de propriétaire - Acer Empowering Technology Framework Servic.) - C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe
O23 - Service: IviRegMgr (IviRegMgr) . (.InterVideo - RegMgr Module.) - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - Pas de description.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
~ Services: 8 Scanned in 00mn 11s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\OFFICE11\WINWORD.exe
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [bench-S-1-5-21-2396021856-3484239504-460970112-1000] (...) -- C:\Program Files\Bench\Updater\updater.exe (.not file.) [0] =>PUP.GiganticSavings
[MD5.00000000000000000000000000000000] [APT] [bench-sys] (...) -- C:\Program Files\Bench\Updater\updater.exe (.not file.) [0] =>PUP.GiganticSavings
[MD5.00000000000000000000000000000000] [APT] [Feven 1.8-firefoxinstaller] (...) -- C:\Program Files\Feven 1.8\Feven 1.8-firefoxinstaller.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [Feven 1.8-validator] (...) -- C:\Program Files\Feven 1.8\Feven 1.8-validator.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [GboxUpdaterLogonTask] (...) -- C:\ProgramData\GboxUpdater\updater.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [GboxUpdaterRefreshTask] (...) -- C:\ProgramData\GboxUpdater\updater.exe (.not file.) [0]
[MD5.C39790BA091F3F9EC7DFE5C2E4598DF0] [APT] [HPCustParticipation HP Deskjet 2050 J510 series] (.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2551656]
[MD5.00000000000000000000000000000000] [APT] [Torntv V6.0-firefoxinstaller] (...) -- C:\Program Files\Torntv V6.0\Torntv V6.0-firefoxinstaller.exe (.not file.) [0] =>Hijacker.TornTV
[MD5.00000000000000000000000000000000] [APT] [Torntv V6.0-updater] (...) -- C:\Program Files\Torntv V6.0\Torntv V6.0-updater.exe (.not file.) [0] =>Hijacker.TornTV
[MD5.00000000000000000000000000000000] [APT] [{1378DF17-70D6-44F8-9D7E-A623EFAEAF71}] (...) -- C:\Users\manon\AppData\Local\Zylom Games\3 Days - Zoo Mystery Deluxe\GameInstlr.exe (.not file.) [0]
[MD5.1EEA6C1B35191DC177EA83672B9C3FC0] [APT] [{16A1A0A8-AF8E-49E8-A41E-2E35CA99DC65}] (.Mozilla Corporation.) -- c:\program files\mozilla firefox\firefox.exe [275568]
[MD5.00000000000000000000000000000000] [APT] [{3AEA3F8F-5534-4BE4-9A1D-B466C2636E9D}] (...) -- C:\Users\manon\AppData\Local\Zylom Games\Lucy Q Deluxe\GameInstlr.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{3FD2B1F9-8CA5-491A-AE0B-20A48BFF11F4}] (...) -- D:\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{701B379A-B97F-4D15-BF85-A88676A75238}] (...) -- C:\Users\manon\AppData\Local\Zylom Games\Snark Busters - Welcome to the Club Deluxe\GameInstlr.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{86AAEB4D-0E38-49B9-B337-A6D146EB6ED2}] (...) -- C:\Users\manon\AppData\Local\Zylom Games\Supermarket Management Deluxe\GameInstlr.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{928927D8-00D0-489B-B1DA-A24BA2832578}] (...) -- D:\nero6606.exe (.not file.) [0]
[MD5.58920E6A409046BA06548D9D139CE0F0] [APT] [{B0F63497-8328-43B0-B2B7-603B25F41033}] (.Skype Technologies S.A..) -- C:\Program Files\Skype\Phone\Skype.exe [20584608]
[MD5.00000000000000000000000000000000] [APT] [{BF16B343-9E29-4C53-84DA-4B48F34FCC3C}] (...) -- C:\Users\manon\AppData\Local\Zylom Games\Jewel Quest Heritage Deluxe\GameInstlr.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{C3D67504-51CF-44B1-940D-0013C9AAF091}] (...) -- C:\Users\manon\AppData\Local\Zylom Games\Fishdom - Spooky Splash Deluxe\GameInstlr.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{C3F1F500-7100-4CF0-8DE5-4E4BC66DB82D}] (...) -- C:\Users\manon\AppData\Local\Zylom Games\Cake Mania - Lightsé Cameraé Action! Deluxe\GameInstlr.exe (.not file.) [0]
~ Scheduled Task: 24 Scanned in 00mn 08s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d'IEAK.) -- C:\Windows\system32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 9.0 r124.) -- C:\Windows\system32\Macromed\Flash\Flash9f.ocx
~ Active Setup: 12 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (DritekPortIO) . (. - .) - C:\Program Files\LAUNCH~1\DPortIO.sys (.not file.)
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (ws2ifsl) . (.Microsoft Corporation - Winsock2 IFS Layer.) - C:\Windows\system32\drivers\ws2ifsl.sys
~ Drivers: 63 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: Acronis True Image Home - (.Acronis.) [HKLM] -- {419CF344-3D94-4DAD-99C8-EA7B00E5EA8B}
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Flash Player ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader 8.1.0 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-A81000000003}
O42 - Logiciel: Canon iP4600 series Printer Driver - (...) [HKLM] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4600_series
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: DNA - (.BitTorrent Inc..) [HKCU] -- BitTorrent DNA =>P2P.BitTorrent
O42 - Logiciel: GearDrvs - (.GEAR Software.) [HKLM] -- {CB84F0F2-927B-458D-9DC5-87832E3DC653}
O42 - Logiciel: HP Deskjet 2050 J510 series - Enquête sur l'amélioration du produit - (.Hewlett-Packard Co..) [HKLM] -- {137F9CE6-77BC-4532-860A-42B07BAB4BAD}
O42 - Logiciel: HP Deskjet 2050 J510 series Aide - (.Hewlett Packard.) [HKLM] -- {7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}
O42 - Logiciel: HP Photo Creations - (.HP Photo Creations Powered by RocketLife.) [HKLM] -- HP Photo Creations
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}
O42 - Logiciel: InterVideo WinDVD 8 - (.InterVideo Inc..) [HKLM] -- InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: LG United Mobile Driver - (.LG Electronics.) [HKLM] -- {2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}
O42 - Logiciel: Logiciel de base du périphérique HP Deskjet 2050 J510 series - (.Hewlett-Packard Co..) [HKLM] -- {819AEE33-A489-4CCE-8069-C363483D7138} =>.Hewlett-Packard Co
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {0CD47142-BA4F-46B0-AA92-2675864928B8}
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Mobogenie - (.Mobogenie.com.) [HKLM] -- Mobogenie =>PUP.Mobogenie
O42 - Logiciel: Mozilla Firefox 26.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 26.0 (x86 fr)
O42 - Logiciel: Nero 7 Essentials - (.Nero AG.) [HKLM] -- {66B6D13A-9CC1-417D-B6F2-58AA539D1036}
O42 - Logiciel: Optimizer Pro v3.2 - (...) [HKLM] -- Optimizer Pro_is1 =>PUP.OptimizerPro
O42 - Logiciel: PowerDVD - (...) [HKLM] -- {6811CAA0-BF12-11D4-9EA1-0050BAE317E1}
O42 - Logiciel: Realtek 8169 8168 8101E 8102E Ethernet Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Revo Uninstaller 1.94 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}
O42 - Logiciel: Skype(TM) 6.11 - (.Skype Technologies S.A..) [HKLM] -- {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: VLC media player 2.1.2 - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: Windows Mobile Device Updater Component - (.Microsoft Corporation.) [HKLM] -- {F2CB8C3C-9C9E-4FAB-9067-655601C5F748}
O42 - Logiciel: Zune - (.Microsoft Corporation.) [HKLM] -- Zune
O42 - Logiciel: Zune - (.Microsoft Corporation.) [HKLM] -- {9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}
O42 - Logiciel: Zune Language Pack (CHS) - (.Microsoft Corporation.) [HKLM] -- {2A9DFFD8-4E09-4B91-B957-454805B0D7C4}
O42 - Logiciel: Zune Language Pack (CHT) - (.Microsoft Corporation.) [HKLM] -- {A5A53EA8-A11E-49F0-BDF5-AE536426A31A}
O42 - Logiciel: Zune Language Pack (CSY) - (.Microsoft Corporation.) [HKLM] -- {A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}
O42 - Logiciel: Zune Language Pack (DAN) - (.Microsoft Corporation.) [HKLM] -- {8B112338-2B08-4851-AF84-E7CAD74CEB32}
O42 - Logiciel: Zune Language Pack (DEU) - (.Microsoft Corporation.) [HKLM] -- {BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}
O42 - Logiciel: Zune Language Pack (ELL) - (.Microsoft Corporation.) [HKLM] -- {3589A659-F732-4E65-A89A-5438C332E59D}
O42 - Logiciel: Zune Language Pack (ESP) - (.Microsoft Corporation.) [HKLM] -- {6B33492E-FBBC-4EC3-8738-09E16E395A10}
O42 - Logiciel: Zune Language Pack (FIN) - (.Microsoft Corporation.) [HKLM] -- {B4870774-5F3A-46D9-9DFE-06FB5599E26B}
O42 - Logiciel: Zune Language Pack (FRA) - (.Microsoft Corporation.) [HKLM] -- {C68D33B1-0204-4EBE-BC45-A6E432B1D13A}
O42 - Logiciel: Zune Language Pack (HUN) - (.Microsoft Corporation.) [HKLM] -- {C6BE19C6-B102-4038-B2A6-1C313872DBB4}
O42 - Logiciel: Zune Language Pack (IND) - (.Microsoft Corporation.) [HKLM] -- {92ECE3F9-591E-4C12-8A62-B9FCE38BF646}
O42 - Logiciel: Zune Language Pack (ITA) - (.Microsoft Corporation.) [HKLM] -- {C5D37FFA-7483-410B-982B-91E93FD3B7DA}
O42 - Logiciel: Zune Language Pack (JPN) - (.Microsoft Corporation.) [HKLM] -- {D8A781C9-3892-4E2E-9320-480CF896CFBB}
O42 - Logiciel: Zune Language Pack (KOR) - (.Microsoft Corporation.) [HKLM] -- {51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}
O42 - Logiciel: Zune Language Pack (MSL) - (.Microsoft Corporation.) [HKLM] -- {76BA306B-2AA0-47C0-AB6B-F313AB56C136}
O42 - Logiciel: Zune Language Pack (NLD) - (.Microsoft Corporation.) [HKLM] -- {6740BCB0-5863-47F4-80F4-44F394DE4FE2}
O42 - Logiciel: Zune Language Pack (NOR) - (.Microsoft Corporation.) [HKLM] -- {5DEFD397-4012-46C3-B6DA-E8013E660772}
O42 - Logiciel: Zune Language Pack (PLK) - (.Microsoft Corporation.) [HKLM] -- {8960A0A1-BB5A-479E-92CF-65AB9D684B43}
O42 - Logiciel: Zune Language Pack (PTB) - (.Microsoft Corporation.) [HKLM] -- {07EEE598-5F21-4B57-B40B-46592625B3D9}
O42 - Logiciel: Zune Language Pack (PTG) - (.Microsoft Corporation.) [HKLM] -- {5C93E291-A1CC-4E51-85C6-E194209FCDB4}
O42 - Logiciel: Zune Language Pack (RUS) - (.Microsoft Corporation.) [HKLM] -- {57C51D56-B287-4C11-9192-EC3C46EF76A4}
O42 - Logiciel: Zune Language Pack (SVE) - (.Microsoft Corporation.) [HKLM] -- {6EB931CD-A7DA-4A44-B74A-89C8EB50086F}
O42 - Logiciel: eMachines - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11019760}
O42 - Logiciel: eMachines Recovery Management - (.Acer Incorporated.) [HKLM] -- {7F811A54-5A09-4579-90E1-C93498E230D9}
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
O42 - Logiciel: uTorrentBar_FR Toolbar - (.uTorrentBar_FR.) [HKLM] -- uTorrentBar_FR Toolbar =>P2P.µTorrent
O42 - Logiciel: wxDownload Fast 0.6.0 - (.Max Velasques.) [HKLM] -- wxDownload Fast_is1
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU] -- uTorrent =>P2P.BitTorrent
~ Logic: 36 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\ALWIL Software]
[HKCU\Software\ATI Technologies Inc.]
[HKCU\Software\ATI]
[HKCU\Software\Acronis]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes]
[HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\ShopperReports3] =>Adware.ShopperReports
[HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\AppDataLow\Software\uTorrentBar_FR] =>P2P.µTorrent
[HKCU\Software\AppDataLow\Toolbar]
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}]
[HKCU\Software\AppDataLow]
[HKCU\Software\Artifex Mundi]
[HKCU\Software\Artogon]
[HKCU\Software\Astar Games]
[HKCU\Software\Avast Software]
[HKCU\Software\Big Fish Games]
[HKCU\Software\BitTorrent] =>P2P.BitTorrent
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\Cyberlink]
[HKCU\Software\DSiteproducts] =>Hijacker.DSite
[HKCU\Software\Data]
[HKCU\Software\EasyBits]
[HKCU\Software\Farm Mania]
[HKCU\Software\FissaSearch] =>PUP.OfferBox
[HKCU\Software\Fugazo]
[HKCU\Software\GOG]
[HKCU\Software\GameHouse]
[HKCU\Software\GoBit]
[HKCU\Software\Google]
[HKCU\Software\HP]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\HipSoft]
[HKCU\Software\IM Providers]
[HKCU\Software\IM]
[HKCU\Software\IncrediMail]
[HKCU\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKCU\Software\InterVideo]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JetDogs Studios]
[HKCU\Software\JollyBear]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Macrovision]
[HKCU\Software\MagiciansHandbook2ReleaseV1.2]
[HKCU\Software\MainConcept]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\NewTech Infosystems]
[HKCU\Software\ODBC]
[HKCU\Software\Optimizer Pro] =>PUP.OptimizerPro
[HKCU\Software\PiEyeGames]
[HKCU\Software\Playrix Entertainment]
[HKCU\Software\Policies]
[HKCU\Software\PopCap] =>Adware.PopCap
[HKCU\Software\Realtek]
[HKCU\Software\Sarbakan]
[HKCU\Software\Shiny Tales]
[HKCU\Software\SkypeApps]
[HKCU\Software\Skype]
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\Spointer]
[HKCU\Software\SulusGames]
[HKCU\Software\Synaptics]
[HKCU\Software\Sysinternals]
[HKCU\Software\Test3D]
[HKCU\Software\Trolltech]
[HKCU\Software\TutoTag] =>Spyware.AgenceExclusive
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VSRevoGroup]
[HKCU\Software\Visan]
[HKCU\Software\Wget]
[HKCU\Software\WideStream] =>Adware.SPointer
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\Zylom]
[HKCU\Software\acer]
[HKCU\Software\freesofttoday] =>Adware.FreeSoftToday
[HKCU\Software\gamescafe.com]
[HKCU\Software\kde.org]
[HKCU\Software\wxWidgets Program]
[HKLM\Software\ALWIL Software]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\AVAST Software]
[HKLM\Software\Acer Incorporated]
[HKLM\Software\Acer]
[HKLM\Software\Acronis]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Ahead]
[HKLM\Software\Audible]
[HKLM\Software\Bench] =>PUP.GiganticSavings
[HKLM\Software\Big Fish Games]
[HKLM\Software\BitTorrent] =>P2P.BitTorrent
[HKLM\Software\Brother]
[HKLM\Software\Bunndle]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\CyberLink]
[HKLM\Software\Digital River]
[HKLM\Software\DivX]
[HKLM\Software\GameInstaller]
[HKLM\Software\Gateway]
[HKLM\Software\Google]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\IM Providers]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\LG Electronics]
[HKLM\Software\LightScribe]
[HKLM\Software\Loader]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nero]
[HKLM\Software\NewTech Infosystems]
[HKLM\Software\ODBC]
[HKLM\Software\OemSetup]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RocketLife]
[HKLM\Software\SRS Labs]
[HKLM\Software\Sagem]
[HKLM\Software\SecureDigitalServices]
[HKLM\Software\Skype]
[HKLM\Software\Swearware]
[HKLM\Software\SymDebug]
[HKLM\Software\Symantec]
[HKLM\Software\Synaptics]
[HKLM\Software\Trymedia Systems] =>Adware.Trymedia
[HKLM\Software\Tutorials] =>Spyware.AgenceExclusive
[HKLM\Software\VideoLAN]
[HKLM\Software\Visan]
[HKLM\Software\Volatile]
[HKLM\Software\WOW6432Node]
[HKLM\Software\Waves Audio]
[HKLM\Software\WholeSecurity]
[HKLM\Software\anset]
[HKLM\Software\dotNetInstaller]
[HKLM\Software\mozilla.org]
[HKLM\Software\muvee Technologies]
[HKLM\Software\supWPM] =>PUP.WpManager
[HKLM\Software\uTorrentBar_FR] =>P2P.µTorrent
[HKLM\Software\wxWidgets Program]
~ Key Software: 265 Scanned in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 15/06/2012 - 21:36:36 - [0,296] ----D C:\Program Files\1ClickDownload =>PUP.1ClickDownloader
O43 - CFD: 20/11/2008 - 22:39:36 - [17,740] ----D C:\Program Files\Acronis
O43 - CFD: 25/08/2008 - 13:05:12 - [175,708] ----D C:\Program Files\Adobe
O43 - CFD: 12/01/2009 - 17:47:32 - [0] ----D C:\Program Files\Alwil Software
O43 - CFD: 28/09/2008 - 02:22:40 - [13,612] ----D C:\Program Files\ATI
O43 - CFD: 28/09/2008 - 02:25:04 - [105,560] ----D C:\Program Files\ATI Technologies
O43 - CFD: 04/11/2012 - 19:16:54 - [0,001] ----D C:\Program Files\AVAST Software
O43 - CFD: 26/02/2014 - 22:19:17 - [0] ----D C:\Program Files\Bench =>PUP.GiganticSavings
O43 - CFD: 24/09/2012 - 17:30:07 - [12,326] ----D C:\Program Files\Brother
O43 - CFD: 24/09/2012 - 18:31:26 - [0] ----D C:\Program Files\Canon
O43 - CFD: 24/09/2012 - 17:35:33 - [8,753] --H-D C:\Program Files\CanonBJ
O43 - CFD: 27/02/2014 - 15:48:40 - [449,412] ----D C:\Program Files\Common Files
O43 - CFD: 25/05/2012 - 09:24:38 - [0] ----D C:\Program Files\Conduit
O43 - CFD: 05/11/2012 - 19:11:59 - [17,153] ----D C:\Program Files\CyberLink
O43 - CFD: 15/12/2013 - 10:10:32 - [0,359] ----D C:\Program Files\DNA
O43 - CFD: 19/11/2008 - 21:52:34 - [46,854] ----D C:\Program Files\EMACHINES
O43 - CFD: 25/09/2012 - 17:09:57 - [0] ----D C:\Program Files\eMachines GameZone
O43 - CFD: 19/11/2008 - 21:50:32 - [0] -SH-D C:\Program Files\Fichiers communs
O43 - CFD: 27/02/2014 - 09:57:23 - [0] ----D C:\Program Files\FindRight =>Hijacker.FindrToolbar
O43 - CFD: 13/12/2013 - 18:12:48 - [0] ----D C:\Program Files\Google
O43 - CFD: 09/07/2012 - 12:54:37 - [17,532] ----D C:\Program Files\HP
O43 - CFD: 09/07/2012 - 12:54:56 - [0,352] ----D C:\Program Files\HP Photo Creations
O43 - CFD: 26/02/2014 - 22:14:18 - [0] ----D C:\Program Files\Iminent =>Adware.IMBooster
O43 - CFD: 05/11/2012 - 19:42:17 - [52,198] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 27/02/2014 - 09:13:12 - [5,040] ----D C:\Program Files\Internet Explorer
O43 - CFD: 28/09/2008 - 02:41:30 - [116,139] ----D C:\Program Files\InterVideo
O43 - CFD: 05/04/2012 - 16:28:04 - [6,140] ----D C:\Program Files\LG Electronics
O43 - CFD: 26/02/2014 - 15:20:03 - [13,250] ----D C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 27/02/2014 - 11:02:37 - [0,479] ----D C:\Program Files\Microsoft
O43 - CFD: 02/11/2006 - 13:35:51 - [44,772] ----D C:\Program Files\Microsoft Games
O43 - CFD: 27/09/2012 - 17:39:18 - [248,603] ----D C:\Program Files\Microsoft Office
O43 - CFD: 25/08/2008 - 13:18:16 - [7,431] ----D C:\Program Files\Microsoft Office Suite Activation Assistant
O43 - CFD: 13/12/2013 - 19:35:49 - [19,236] ----D C:\Program Files\Microsoft Security Client
O43 - CFD: 12/10/2013 - 02:49:04 - [40,851] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 30/11/2009 - 15:42:38 - [1,745] ----D C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 25/09/2012 - 18:50:14 - [0,146] ----D C:\Program Files\Microsoft Works
O43 - CFD: 26/06/2010 - 08:50:56 - [0,148] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 24/12/2013 - 18:09:07 - [57,515] ----D C:\Program Files\Mobogenie =>PUP.Mobogenie
O43 - CFD: 13/08/2010 - 08:19:46 - [19,522] ----D C:\Program Files\Movie Maker
O43 - CFD: 27/02/2014 - 09:51:08 - [51,596] ----D C:\Program Files\Mozi
A voir également:

8 réponses

Réponse 1 / 8
Known001 Messages postés 2385 Date d'inscription mardi 28 août 2012 Statut Membre Dernière intervention 16 novembre 2018 322
27 févr. 2014 à 17:37
Non , passe un coup de adwcleaner

http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

1- on scan
2- on nettoye et on redemarre le pc
3- une fois le rapport fait on le poste sur cjoint.com
1
Réponse 2 / 8
lilidurhone Messages postés 43347 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 31 octobre 2024 3 806
27 févr. 2014 à 18:35
Hello


Je rajouterai

Pourquoi passer Combofix pour de simples adwares???


Tu as pris de gros risques!!!
0
Réponse 3 / 8
banjo39 Messages postés 4 Date d'inscription jeudi 27 février 2014 Statut Membre Dernière intervention 3 mars 2014
27 févr. 2014 à 22:43
Merci à Known001 pour sa réactivité, j'ai utilisé adwcleaner et supprimé les indésirables. L'ordinateur est plus rapide et à l'air de fonctionner correctement ainsi que les logiciels et l'explorateur Firefox. Voici les rapports de adwcleaner et ZHPDiag. Cet ordinateur est-il enfin nettoyé ?

# AdwCleaner v3.020 - Rapport créé le 27/02/2014 à 20:19:17
# Mis à jour le 27/02/2014 par Xplode
# Système d'exploitation : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# Nom d'utilisateur : manon - PC-DE-MANON
# Exécuté depuis : C:\Users\manon\Desktop\adwcleaner.exe
# Option : Nettoyer

***** [ Services ] *****


***** [ Fichiers / Dossiers ] *****

Dossier Supprimé : C:\ProgramData\GboxUpdater
Dossier Supprimé : C:\ProgramData\Iminent
Dossier Supprimé : C:\ProgramData\Premium
Dossier Supprimé : C:\ProgramData\Tarma Installer
Dossier Supprimé : C:\ProgramData\Trymedia
Dossier Supprimé : C:\ProgramData\Alawar Stargaze
Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro v3.2
Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\wxDfast
Dossier Supprimé : C:\Program Files\1ClickDownload
Dossier Supprimé : C:\Program Files\Bench
Dossier Supprimé : C:\Program Files\Conduit
Dossier Supprimé : C:\Program Files\FindRight
Dossier Supprimé : C:\Program Files\Iminent
Dossier Supprimé : C:\Program Files\Mobogenie
Dossier Supprimé : C:\Program Files\Optimizer Pro
Dossier Supprimé : C:\Program Files\predm
Dossier Supprimé : C:\Program Files\SupTab
Dossier Supprimé : C:\Program Files\uTorrentBar_FR
Dossier Supprimé : C:\Program Files\Common Files\Umbrella
Dossier Supprimé : C:\Users\manon\AppData\Local\BrowserSafeguard
Dossier Supprimé : C:\Users\manon\AppData\Local\Conduit
Dossier Supprimé : C:\Users\manon\AppData\Local\genienext
Dossier Supprimé : C:\Users\manon\AppData\Local\Mobogenie
Dossier Supprimé : C:\Users\manon\AppData\Local\widestream6 Air
Dossier Supprimé : C:\Users\manon\AppData\LocalLow\Conduit
Dossier Supprimé : C:\Users\manon\AppData\LocalLow\PriceGong
Dossier Supprimé : C:\Users\manon\AppData\LocalLow\ShopperReports3
Dossier Supprimé : C:\Users\manon\AppData\LocalLow\uTorrentBar_FR
Dossier Supprimé : C:\Users\manon\AppData\LocalLow\wxDfast
Dossier Supprimé : C:\Users\manon\AppData\Roaming\DigitalSites
Dossier Supprimé : C:\Users\manon\AppData\Roaming\Iminent
Dossier Supprimé : C:\Users\manon\AppData\Roaming\iWin
Dossier Supprimé : C:\Users\manon\AppData\Roaming\widestream
Dossier Supprimé : C:\Users\manon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Dossier Supprimé : C:\Users\manon\Documents\Mobogenie
Dossier Supprimé : C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Dossier Supprimé : C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\qon1dgdq.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Dossier Supprimé : C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\qon1dgdq.default\Extensions\{D8A30808-3888-E608-3AA4-A2CEA2623402}
Dossier Supprimé : C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\qon1dgdq.default\Extensions\ffxtlbr@iminent.com
Dossier Supprimé : C:\Program Files\Mozilla Firefox\Extensions\webbooster@iminent.com
Dossier Supprimé : C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\Extensions\staged
Dossier Supprimé : C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\qon1dgdq.default\Extensions\lightningnewtab@gmail.com
Dossier Supprimé : C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\qon1dgdq.default\Extensions\quick_start@gmail.com
Fichier Supprimé : C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\qon1dgdq.default\Extensions\webbooster@iminent.com.xpi
Fichier Supprimé : C:\Users\manon\AppData\Local\funmoods-speeddial.crx
Fichier Supprimé : C:\Users\manon\Desktop\Mobogenie.lnk
Fichier Supprimé : C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\qon1dgdq.default\searchplugins\iminent.xml
Fichier Supprimé : C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\searchplugins\Mysearchdial.xml
Fichier Supprimé : C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\qon1dgdq.default\searchplugins\Mysearchdial.xml
Fichier Supprimé : C:\Program Files\Mozilla Firefox\browser\searchplugins\SearchTheWeb.xml
Fichier Supprimé : C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
Fichier Supprimé : C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\qon1dgdq.default\user.js
Fichier Supprimé : C:\Windows\System32\Tasks\bench-sys
Fichier Supprimé : C:\Windows\System32\Tasks\GboxUpdaterLogonTask
Fichier Supprimé : C:\Windows\System32\Tasks\GboxUpdaterRefreshTask

***** [ Raccourcis ] *****

Raccourci Désinfecté : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Raccourci Désinfecté : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Raccourci Désinfecté : C:\Users\manon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Raccourci Désinfecté : C:\Users\manon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Raccourci Désinfecté : C:\Users\manon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Raccourci Désinfecté : C:\Users\manon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

***** [ Registre ] *****

Valeur Supprimée : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_start@gmail.com]
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DEA20B76-3D0C-42AC-A86B-B9C4CBF83E80}
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DEA20B76-3D0C-42AC-A86B-B9C4CBF83E80}
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5ED38C08-75F1-41E5-94D0-CA27C1D94280}
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5ED38C08-75F1-41E5-94D0-CA27C1D94280}
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CBCA91C8-E5B4-4938-9B3F-345C3A3A4CC1}
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CBCA91C8-E5B4-4938-9B3F-345C3A3A4CC1}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.old.Start Page]
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\escort.escortIEPane
Clé Supprimée : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Clé Supprimée : HKLM\SOFTWARE\Classes\f
Clé Supprimée : HKLM\SOFTWARE\Classes\funmoods.dskBnd
Clé Supprimée : HKLM\SOFTWARE\Classes\funmoods.dskBnd.1
Clé Supprimée : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr
Clé Supprimée : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1
Clé Supprimée : HKLM\SOFTWARE\Classes\funmoodsApp.appCore
Clé Supprimée : HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B32966A2-F7C2-4362-A6CF-399EC8B44110}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{208D4124-3895-4974-B293-A159BD306078}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4B130B9A-DDED-4DAB-8C02-7C520B3BD34B}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{17BEB610-2F51-4678-AE3D-8FD2BEEDE0D2}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA74FE59-BC4C-4172-9AC4-73315F71CFFE}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B41306C6-96D0-442A-BCC4-B0F621E82CE9}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA74FE59-BC4C-4172-9AC4-73315F71CFFE}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}]
Clé Supprimée : HKCU\Software\Conduit
Clé Supprimée : HKCU\Software\dsiteproducts
Clé Supprimée : HKCU\Software\FissaSearch
Clé Supprimée : HKCU\Software\FreeSoftToday
Clé Supprimée : HKCU\Software\IM
Clé Supprimée : HKCU\Software\installedbrowserextensions
Clé Supprimée : HKCU\Software\Optimizer Pro
Clé Supprimée : HKCU\Software\Softonic
Clé Supprimée : HKCU\Software\Spointer
Clé Supprimée : HKCU\Software\TutoTag
Clé Supprimée : HKCU\Software\WideStream
Clé Supprimée : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Clé Supprimée : HKCU\Software\AppDataLow\Toolbar
Clé Supprimée : HKCU\Software\AppDataLow\Software\Conduit
Clé Supprimée : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Clé Supprimée : HKCU\Software\AppDataLow\Software\ShopperReports3
Clé Supprimée : HKCU\Software\AppDataLow\Software\SmartBar
Clé Supprimée : HKCU\Software\AppDataLow\Software\uTorrentBar_FR
Clé Supprimée : HKLM\Software\Bench
Clé Supprimée : HKLM\Software\Conduit
Clé Supprimée : HKLM\Software\supWPM
Clé Supprimée : HKLM\Software\Trymedia Systems
Clé Supprimée : HKLM\Software\Tutorials
Clé Supprimée : HKLM\Software\uTorrentBar_FR
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\facemoods
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_FR Toolbar
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4F4C5E11-0612-48D2-8055-987992AAC432}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\1ClickDownload
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Digital Sites
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Funmoods Web Search
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\IMBoosterARP
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Iminent
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Mobogenie
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mysearchdial
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Offerbox Browser
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\openit open it!
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Optimizer Pro_is1
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchProtect
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ShopperReportsSA
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SProtector
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wpm
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\uTorrentBar_FR Toolbar
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375

***** [ Navigateurs ] *****

-\\ Internet Explorer v9.0.8112.16533

Paramètre Restauré : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.Old.Start Page]
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Mozilla Firefox v26.0 (fr)

[ Fichier : C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ]

Ligne Supprimée : user_pref("browser.search.defaultenginename", "Mysearchdial");

[ Fichier : C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\qon1dgdq.default\prefs.js ]

Ligne Supprimée : user_pref("CT3309350.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}");
Ligne Supprimée : user_pref("accessibility.lightning.homepage", "hxxp://search.iminent.com/?appId=BB78F641-186B-4BE2-955C-05B40D586347");
Ligne Supprimée : user_pref("browser.search.defaultenginename", "Mysearchdial");
Ligne Supprimée : user_pref("browser.search.order.1", "Mysearchdial");
Ligne Supprimée : user_pref("extensions.crossrider.bic", "14325738b4165e96349b78831d2057f2");
Ligne Supprimée : user_pref("extensions.enabledAddons", "ffxtlbr%40iminent.com:1.6.0,webbooster%40iminent.com:8.4.3.1,quick_start%40gmail.com:3.1.2,%7Bad9a41d2-9a49-4fa6-a79e-71a0785364c8%7D:9.5.3,%7B972ce4c6-7e08-4474[...]
Ligne Supprimée : user_pref("extensions.iminent.admin", false);
Ligne Supprimée : user_pref("extensions.iminent.aflt", "orgnl");
Ligne Supprimée : user_pref("extensions.iminent.appId", "{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}");
Ligne Supprimée : user_pref("extensions.iminent.autoRvrt", "false");
Ligne Supprimée : user_pref("extensions.iminent.cntry", "FR");
Ligne Supprimée : user_pref("extensions.iminent.dfltLng", "");
Ligne Supprimée : user_pref("extensions.iminent.excTlbr", false);
Ligne Supprimée : user_pref("extensions.iminent.ffxUnstlRst", false);
Ligne Supprimée : user_pref("extensions.iminent.hdrMd5", "34478446A8643DD507A03D1CBA6CB706");
Ligne Supprimée : user_pref("extensions.iminent.id", "4489a23e00000000000000234d88b9cd");
Ligne Supprimée : user_pref("extensions.iminent.instlDay", "16063");
Ligne Supprimée : user_pref("extensions.iminent.instlRef", "");
Ligne Supprimée : user_pref("extensions.iminent.lastVrsnTs", "1.8.28.317:48:23");
Ligne Supprimée : user_pref("extensions.iminent.newTab", false);
Ligne Supprimée : user_pref("extensions.iminent.prdct", "iminent");
Ligne Supprimée : user_pref("extensions.iminent.prtnrId", "iminent");
Ligne Supprimée : user_pref("extensions.iminent.rvrt", "false");
Ligne Supprimée : user_pref("extensions.iminent.sg", "none");
Ligne Supprimée : user_pref("extensions.iminent.smplGrp", "none");
Ligne Supprimée : user_pref("extensions.iminent.tlbrId", "YBCPCSTIPO");
Ligne Supprimée : user_pref("extensions.iminent.tlbrSrchUrl", "hxxp://start.iminent.com/?ref=toolbarm#q=");
Ligne Supprimée : user_pref("extensions.iminent.vrsn", "1.8.28.3");
Ligne Supprimée : user_pref("extensions.iminent.vrsnTs", "1.8.28.317:48:23");
Ligne Supprimée : user_pref("extensions.iminent.vrsni", "1.8.28.3");
Ligne Supprimée : user_pref("extensions.mysearchdial.AL", 2);
Ligne Supprimée : user_pref("extensions.mysearchdial.aflt", "dsites0202");
Ligne Supprimée : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
Ligne Supprimée : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzutDtDtBtAyE0Dzzzz0Bzy0C0D0AtBtA0EtN0D0Tzu0SyBzzzztN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R");
Ligne Supprimée : user_pref("extensions.mysearchdial.cntry", "FR");
Ligne Supprimée : user_pref("extensions.mysearchdial.cr", "221271464");
Ligne Supprimée : user_pref("extensions.mysearchdial.dfltLng", "");
Ligne Supprimée : user_pref("extensions.mysearchdial.dfltSrch", true);
Ligne Supprimée : user_pref("extensions.mysearchdial.dnsErr", true);
Ligne Supprimée : user_pref("extensions.mysearchdial.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497,426401714,3046281807,752626116,1657571787,3224935090,2597085128,18285[...]
Ligne Supprimée : user_pref("extensions.mysearchdial.excTlbr", false);
Ligne Supprimée : user_pref("extensions.mysearchdial.hdrMd5", "46173114A4D7E766E0B8751E47E8DE6A");
Ligne Supprimée : user_pref("extensions.mysearchdial.hmpg", true);
Ligne Supprimée : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=dsites0202&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0Dzzzz0Bzy0C0D0AtBtA0EtN0D0Tzu0SyBzzzztN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1Czut[...]
Ligne Supprimée : user_pref("extensions.mysearchdial.id", "00234D88B9CDA23E");
Ligne Supprimée : user_pref("extensions.mysearchdial.instlDay", "16127");
Ligne Supprimée : user_pref("extensions.mysearchdial.instlRef", "");
Ligne Supprimée : user_pref("extensions.mysearchdial.lastB", "hxxp://start.mysearchdial.com/?f=1&a=dsites0202&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0Dzzzz0Bzy0C0D0AtBtA0EtN0D0Tzu0SyBzzzztN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBt[...]
Ligne Supprimée : user_pref("extensions.mysearchdial.lastVrsnTs", "1.8.21.023:17:22");
Ligne Supprimée : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=dsites0202&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0Dzzzz0Bzy0C0D0AtBtA0EtN0D0Tzu0SyBzzzztN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1Cz[...]
Ligne Supprimée : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
Ligne Supprimée : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
Ligne Supprimée : user_pref("extensions.mysearchdial.sg", "none");
Ligne Supprimée : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
Ligne Supprimée : user_pref("extensions.mysearchdial.tlbrId", "base");
Ligne Supprimée : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=dsites0202&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0Dzzzz0Bzy0C0D0AtBtA0EtN0D0Tzu0SyBzzzztN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1[...]
Ligne Supprimée : user_pref("extensions.mysearchdial.vrsn", "1.8.21.0");
Ligne Supprimée : user_pref("extensions.mysearchdial.vrsni", "1.8.21.0");
Ligne Supprimée : user_pref("extensions.mysearchdial_i.hmpg", true);
Ligne Supprimée : user_pref("extensions.mysearchdial_i.newTab", false);
Ligne Supprimée : user_pref("extensions.mysearchdial_i.smplGrp", "none");
Ligne Supprimée : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.21.023:17:22");
Ligne Supprimée : user_pref("iminent.LayoutId", "1");
Ligne Supprimée : user_pref("iminent.ShowThankyouPixel", "0");
Ligne Supprimée : user_pref("iminent.adapters", "{\"107\":{\"CountryCode\":\"FR\",\"NoAds\":false,\"Status\":2,\"expireTime\":\"13914472355661814400\"},\"115\":{\"CountryCode\":\"FR\",\"NoAds\":false,\"Status\":2,\"exp[...]
Ligne Supprimée : user_pref("iminent.enabledAds", "false");
Ligne Supprimée : user_pref("iminent.newtabredirect", "true");
Ligne Supprimée : user_pref("iminent.registerToolbarEvent101", "1392830507618");
Ligne Supprimée : user_pref("iminent.registerToolbarEvent102", "1393496251992");
Ligne Supprimée : user_pref("iminent.registerToolbarEvent109", "1392802530678");
Ligne Supprimée : user_pref("iminent.registerToolbarEvent110", "1392749132918");
Ligne Supprimée : user_pref("iminent.registerToolbarEvent111", "1392802530718");
Ligne Supprimée : user_pref("iminent.registerToolbarEvent112", "1392802542849");
Ligne Supprimée : user_pref("iminent.registerToolbarEvent122", "1392802530737");
Ligne Supprimée : user_pref("iminent.registerToolbarEvent140", "1392023021439");
Ligne Supprimée : user_pref("iminent.searchindex", "2");
Ligne Supprimée : user_pref("iminent.version", "8.4.3.1");
Ligne Supprimée : user_pref("iminent.versioning", "{\"CurrentVersion\":\"8.4.3.1\",\"InstallEventCTime\":1393496178958,\"InstallEvent\":\"True\"}");

*************************

AdwCleaner[R0].txt - [27760 octets] - [25/02/2014 17:18:06]
AdwCleaner[R1].txt - [32879 octets] - [26/02/2014 15:53:10]
AdwCleaner[R2].txt - [27223 octets] - [27/02/2014 20:07:48]
AdwCleaner[S0].txt - [25939 octets] - [27/02/2014 20:19:17]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [26000 octets] ##########

~ Rapport de ZHPDiag v2014.2.23.20 - Nicolas Coolman (23/02/2014)
~ Lancé par manon (27/02/2014 22:12:55)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 26.0 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Vista (TM) Home Basic, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : P92J4
Windows License : OK
Windows Automatic Updates : OK

---\\ Logiciels de protection du système
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft Security Client v4.4.0304.0

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader 8.1.0

---\\ Informations sur le système
~ Processor: x86 Family 15 Model 127 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1789 MB (62% free)
System Restore: Activé (Enable)
System drive C: has 86 GB (61%) free of 139 GB

---\\ Mode de connexion au système
~ Computer Name: PC-DE-MANON
~ User Name: manon
~ All Users Names: manon, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\manon\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\manon\AppData\Roaming\
~ %Desktop% : C:\Users\manon\Desktop\
~ %Favorites% : C:\Users\manon\Favorites\
~ %LocalAppData% : C:\Users\manon\AppData\Local\
~ %StartMenu% : C:\Users\manon\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 86 Go of 139 Go)
D: CD-ROM drive (Not Inserted)
E: Floppy drive, Flash card reader, USB Key (Free 3 Go of 8 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 49 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:33:13.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.679EAED8E703235BA81AA2E58F4E2D16] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.05/02/2014 - 09:50:39.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:33:23.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:32:45.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:34:06.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:34:44.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:32:22.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 01s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/939
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 1/5
~ Mes Favoris (My Favorites) : 1/26
~ Mes Documents (My Documents) : 1/102
~ Mon Bureau (My Desktop) : 1/253
~ Menu demarrer (Programs) : 1/28
~ Hidden Files: Scanned in 00mn 03s



---\\ Processus lancés
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.2400]
[MD5.D93985F5D87DF1A119E939EADB5C4B9E] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [6266880] [PID.3396]
[MD5.05D05886CAD5E1161FC80FA92F2DD01C] - (.BitTorrent, Inc. - DNA.) -- C:\Users\manon\Program Files\DNA\btdna.exe [289088] [PID.3420] =>P2P.BitTorrent
[MD5.B2994EC6452DBD04E57828EEFEDFB93C] - (.Realtek Semiconductor Corp. - Realtek HD Audio Data Rerouter.) -- C:\Users\manon\AppData\Local\Temp\RtkBtMnt.exe [204800] [PID.2340]
[MD5.42FEDBCB3ED926F6F529E0FDDF750BE0] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8339968] [PID.3364]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.2928]
[MD5.B0F49DA36F30922F5DDC3B623B778FCE] - (.Microsoft Corporation - Antimalware Service Executable.) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208] [PID.1036]
[MD5.4604DB6D5ECA6362873CC3A76D2204BA] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\Windows\system32\Ati2evxx.exe [692224] [PID.1176]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1352]
[MD5.46A5CBB09B8F0C46F8CBE9210E5E3BE2] - (.Acronis - Acronis Scheduler 2.) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [411168] [PID.2016]
[MD5.4D06D9A26227AC485305133916888DF1] - (.Pas de propriétaire - Acer Empowering Technology Framework Servic.) -- C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe [24576] [PID.2044]
[MD5.213822072085B5BBAD9AF30AB577D817] - (.InterVideo - RegMgr Module.) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [112152] [PID.12]
[MD5.793FF718477345CD5D232C50BED1E452] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440] [PID.652]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.932]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.1300]
[MD5.42D33042371BFB1A7D40834590CAFD30] - (.Microsoft Corporation - Microsoft Network Realtime Inspection Servi.) -- c:\Program Files\Microsoft Security Client\NisSrv.exe [280288] [PID.1084]
[MD5.E87213F37A13E2B54391E40934F071D0] - (.Microsoft Corporation - .NET Runtime Optimization Service.) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [105144] [PID.1856]
~ Processes Running: Scanned in 00mn 01s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js
C:\Users\manon\AppData\Roaming\Mozilla\Firefox\Profiles\qon1dgdq.default\prefs.js
M0 - MFSP: prefs.js [manon - qon1dgdq.default] https://www.google.fr/?gws_rd=ssl
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFFICE.DLL
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
P2 - FPN: [HKLM] [@bittorrent.com/BitTorrentDNA] - (.BitTorrent, Inc. - Delivery Network Acceleration by BitTorrent(TM).) -- C:\Program Files\DNA\plugins\npbtdna.dll =>P2P.BitTorrent
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20913.0.) -- c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.3.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (...) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (.not file.)
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.4] - (.VideoLAN - VLC media player Web Plugin 2.1.0.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.2] - (.VideoLAN - VLC media player Web Plugin 2.1.0.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
P2 - FPN: [HKCU] [@bittorrent.com/BitTorrentDNA] - (.BitTorrent, Inc. - Delivery Network Acceleration by BitTorrent(TM).) -- C:\Users\manon\Program Files\DNA\plugins\npbtdna.dll =>P2P.BitTorrent
~ Firefox Browser: 13 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = https://www.google.com/?gws_rd=ssl
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (...) (No version) -- (.not file.)
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
~ IE Browser: 13 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback> =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 1



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
~ BHO: 4 Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Acronis True Image Home 10.0.lnk . (.Acronis - Acronis True Image.) -- C:\Program Files\Acronis\TrueImageHome\TrueImage.exe
O4 - GS\Desktop [Public]: HP Deskjet 2050 J510 series.lnk . (...) -- C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HP Deskjet 2050 J510 series.exe (.not file.)
O4 - GS\Desktop [Public]: HP Photo Creations.lnk . (.Visan / RocketLife - PhotoProduct.exe.) -- C:\Program Files\HP Photo Creations\PhotoProduct.exe
O4 - GS\Desktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: Nero StartSmart Essentials.lnk . (.Nero AG - Nero StartSmart.) -- C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe
O4 - GS\Desktop [Public]: Skype.lnk . (...) -- C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
O4 - GS\Desktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player 2.1.2.) -- C:\Program Files\VideoLAN\VLC\vlc.exe =>.VideoLAN
O4 - GS\Desktop [Public]: Zune.lnk . (.Microsoft Corporation - Microsoft Zune.) -- C:\Program Files\Zune\Zune.exe
O4 - GS\Program [Public]: Adobe Reader 8.lnk . (...) -- C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-A81000000003}\SC_Reader.exe
O4 - GS\Program [Public]: Microsoft Security Essentials.lnk . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Windows Calendar.lnk . (.Microsoft Corporation - Calendrier Windows.) -- C:\Program Files\Windows Calendar\WinCal.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Collaboration.lnk . (.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Contacts.lnk . (.Microsoft Corporation - Windows Contacts.) -- C:\Program Files\Windows Mail\wab.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Defender.lnk . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - GS\Program [Public]: Windows Live Mail.lnk . (...) -- C:\Program Files\Windows Live\Mail\wlmail.exe (.not file.) =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Live Messenger.lnk . (...) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.)
O4 - GS\Program [Public]: Windows Live Movie Maker.lnk . (...) -- C:\Program Files\Windows Live\Photo Gallery\MovieMaker.exe (.not file.) =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Live Photo Gallery.lnk . (...) -- C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe (.not file.) =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Movie Maker.lnk . (.Microsoft Corporation - Windows Movie Maker.) -- C:\Program Files\Movie Maker\MOVIEMK.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Photo Gallery.lnk . (.Microsoft Corporation - Galerie de photos Windows.) -- C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) -- C:\Windows\System32\calc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Centre de mobilité Windows.) -- C:\Windows\System32\mblctr.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\Windows\System32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) -- C:\Windows\System32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sidebar.lnk . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.) -- C:\Windows\System32\SoundRecorder.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) -- C:\Windows\System32\mobsync.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) -- C:\Program Files\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Backup.lnk . (.Microsoft Corporation - Sauvegarde Microsoft® Windows.) -- C:\Windows\System32\sdclt.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) -- C:\Windows\System32\charmap.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Défragmenteur de disque Microsoft®.) -- C:\Windows\System32\dfrgui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Gestionnaire de nettoyage de disque pour Wi.) -- C:\Windows\System32\cleanmgr.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: migwiz.lnk . (.Microsoft Corporation - Transfert de fichiers et paramètres Windows.) -- C:\Windows\System32\migwiz\migwiz.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - Informations système.) -- C:\Windows\System32\msinfo32.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Restauration du système de Microsoft® Windo.) -- C:\Windows\System32\rstrui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) -- C:\Windows\System32\taskschd.msc
O4 - GS\QuickLaunch [manon]: Démarrer Microsoft Office Outlook.lnk . (.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.exe =>.Microsoft Corporation
O4 - GS\QuickLaunch [manon]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [manon]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [manon]: Nero StartSmart Essentials.lnk . (.Nero AG - Nero StartSmart.) -- C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe
O4 - GS\QuickLaunch [manon]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O4 - GS\QuickLaunch [manon]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\manon\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\Program [manon]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [manon]: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O4 - GS\Program [manon]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O4 - GS\Accessories [manon]: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe =>.Microsoft Corporation
O4 - GS\Accessories [manon]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\System32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [manon]: Run.lnk - Clé orpheline
O4 - GS\Accessories [manon]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\SystemTools [manon]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SendTo [manon]: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - GS\Desktop [manon]: Boîte mail de la Boulangerie (Outlook).lnk . (...) -- C:\Windows\Installer\{91CA040C-6000-11D3-8CFE-0150048383C9}\outicon.exe
O4 - GS\Desktop [manon]: Microsoft Office Excel 2003.lnk . (...) -- C:\Windows\Installer\{91CA040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe
O4 - GS\Desktop [manon]: Microsoft Office Word 2003.lnk . (...) -- C:\Windows\Installer\{91CA040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe
O4 - GS\Desktop [manon]: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.) -- C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
O4 - GS\Desktop [manon]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files\ZHPDiag\ZHPhep.exe =>.Nicolas Coolman
O4 - GS\Desktop [manon]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files\ZHPDiag\ZHPFix\ZHPhep.exe =>.Nicolas Coolman
O4 - GS\Desktop [manon]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\manon\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 62 Scanned in 00mn 04s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [Skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Windows\Skytel.exe =>.Realtek Semiconductor Corp
O4 - HKCU\..\Run: [BitTorrent DNA] . (.BitTorrent, Inc. - DNA.) -- C:\Users\manon\Program Files\DNA\btdna.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-2396021856-3484239504-460970112-1000\..\Run: [BitTorrent DNA] . (.BitTorrent, Inc. - DNA.) -- C:\Users\manon\Program Files\DNA\btdna.exe =>P2P.BitTorrent
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (.not file.)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\OFFICE11\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 6 Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{272174AC-3304-4E0F-AEC7-6753C9E90DC3}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{AC2174CD-6D54-4C8B-AEB4-7A15A553FAED}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{272174AC-3304-4E0F-AEC7-6753C9E90DC3}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{AC2174CD-6D54-4C8B-AEB4-7A15A553FAED}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS3\Services\Tcpip\..\{272174AC-3304-4E0F-AEC7-6753C9E90DC3}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS3\Services\Tcpip\..\{AC2174CD-6D54-4C8B-AEB4-7A15A553FAED}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
~ SSODL: 1 Scanned in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) . (.Acronis - Acronis Scheduler 2.) - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\System32\Ati2evxx.exe
O23 - Service: Empowering Technology Service (ETService) . (.Pas de propriétaire - Acer Empowering Technology Framework Servic.) - C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe
O23 - Service: IviRegMgr (IviRegMgr) . (.InterVideo - RegMgr Module.) - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - Pas de description.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
~ Services: 8 Scanned in 00mn 05s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\OFFICE11\WINWORD.exe
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [bench-S-1-5-21-2396021856-3484239504-460970112-1000] (...) -- C:\Program Files\Bench\Updater\updater.exe (.not file.) [0] =&g
0
Réponse 4 / 8
Known001 Messages postés 2385 Date d'inscription mardi 28 août 2012 Statut Membre Dernière intervention 16 novembre 2018 322
Modifié par Known001 le 28/02/2014 à 18:16
Très bien pour en être sûr
Lance malware bit, met le à jour et lance une analyse complète (peut prendre 1 heure ou + selon le nombre de fichiers)
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 8
lilidurhone Messages postés 43347 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 31 octobre 2024 3 806
28 févr. 2014 à 18:20
Rapport incomplet !

Héberge le
0
Réponse 6 / 8
banjo39 Messages postés 4 Date d'inscription jeudi 27 février 2014 Statut Membre Dernière intervention 3 mars 2014
3 mars 2014 à 22:49
J'ai fais une analyse complète avec Malwarebytes, résultat aucune infection, ensuite la même opération avec adwcleaner qui n'a rien trouvé et pour finir examen minutieux avec Microsoft sécurity essentials qui n'a rien détecté. L'ordinateur ayant retrouvé une vitesse d'exécution correcte et la connexion se faisant sans aucun souci, je pense que mon problème est résolu.
Merci à Known001 pour son aide précieuse.
Je ne connais pas la procédure pour héberger un rapport qui soit lié à discussion d'un sujet, si vous pouviez me la donner elle ma sera utile pour l'avenir. Merci.
0
Réponse 7 / 8
cabrier Messages postés 5591 Date d'inscription dimanche 7 août 2011 Statut Contributeur sécurité Dernière intervention 27 octobre 2020 702
3 mars 2014 à 22:55
banjo, pour info :

- Pour transmettre les rapports que tu obtiens à la suite du passage d'outils tu cliques sur un de ces liens :
cijoint ou pjoint
- Tu cliques ensuite sur Parcourir et cherches le fichier du rapport, en principe on t'indique ou il est.
- Tu cliques sur Ouvrir puis sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme: http://cjoint.com/index.php?file=cjge368/cijSKAP5fU.txt
est ajouté dans la page ou (suivant le site) il faut cliquer sur "créer le lien".
- C'est ce lien que tu as à transmettre et uniquement cela.

A+
0
Réponse 8 / 8
banjo39 Messages postés 4 Date d'inscription jeudi 27 février 2014 Statut Membre Dernière intervention 3 mars 2014
3 mars 2014 à 23:09
Merci bien pour l'info, c'est sympa !
0

Discussions similaires

Google Chrome "  Échec de l'analyse antivirus "
jmpower -
RBmoon -

18 réponses
télécharger router scan v2.6
naf_2019 -
brucine -

2 réponses
comment lire des bd gratuitement en ligne sur internet ?
theodu13480 -
Ereka -

2 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses
scan comics
daraen -
dsyren -

1 réponse