Comment se débarrasser de Windows Antivirus Patrol gratuitement?
Fermé
Varaca
Messages postés
5
Date d'inscription
mardi 25 mars 2014
Statut
Membre
Dernière intervention
14 mai 2018
-
25 mars 2014 à 22:52
orque83 - 22 août 2014 à 13:58
orque83 - 22 août 2014 à 13:58
A voir également:
- Comment se débarrasser de Windows Antivirus Patrol gratuitement?
- Clé windows 10 gratuit - Guide
- Windows 10 gratuit - Accueil - Mise à jour
- Montage video gratuit windows - Guide
- Télécharger musique gratuitement sur pc - Télécharger - Conversion & Extraction
- Desactiver antivirus windows 10 - Guide
43 réponses
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 806
25 mars 2014 à 23:12
25 mars 2014 à 23:12
Tu as bien fait pour Spyhunter ne l'installes pas
* Télécharge sur le bureau RogueKiller
* Quitte tous tes programmes en cours.
* Sous Vista/Seven et windows 8 , clique droit -> lancer en tant qu'administrateur
* Sinon lance simplement RogueKiller.exe
* Patiente pendant le pre-scan, puis clique sur le bouton Scan
* Un rapport RKreport.txt a du se créer sur le bureau, poste-le.
Note : Si le programme a été bloqué, ne pas hésiter à essayer plusieurs fois.
* Télécharge sur le bureau RogueKiller
* Quitte tous tes programmes en cours.
* Sous Vista/Seven et windows 8 , clique droit -> lancer en tant qu'administrateur
* Sinon lance simplement RogueKiller.exe
* Patiente pendant le pre-scan, puis clique sur le bouton Scan
* Un rapport RKreport.txt a du se créer sur le bureau, poste-le.
Note : Si le programme a été bloqué, ne pas hésiter à essayer plusieurs fois.
Varaca
Messages postés
5
Date d'inscription
mardi 25 mars 2014
Statut
Membre
Dernière intervention
14 mai 2018
26 mars 2014 à 23:02
26 mars 2014 à 23:02
Bonjour Lilidurhone,
Ci-dessous le rapport :
RogueKiller V8.8.14 [Mar 26 2014] par Adlice Software
mail : https://www.adlice.com/contact/
Remontees : https://forum.adlice.com/
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : https://www.adlice.com/
Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode sans echec avec prise en charge reseau
Utilisateur : Véronique [Droits d'admin]
Mode : Recherche -- Date : 03/26/2014 22:53:16
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 23 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : Ezuqiw (C:\Users\Véronique\AppData\Roaming\Opnouq\ehegu.exe [-]) -> TROUVÉ
[RUN][SUSP PATH] HKCU\[...]\Run : asdZZFASD-1 (C:\Users\Véronique\AppData\Roaming\svc-qndv.exe [-]) -> TROUVÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-2238822718-3437897180-3203888196-1001\[...]\Run : Ezuqiw (C:\Users\Véronique\AppData\Roaming\Opnouq\ehegu.exe [-]) -> TROUVÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-2238822718-3437897180-3203888196-1001\[...]\Run : asdZZFASD-1 (C:\Users\Véronique\AppData\Roaming\svc-qndv.exe [-]) -> TROUVÉ
[RUN][SUSP PATH] HKLM\[...]\Wow6432Node\[...]\Run : Magic Desktop for HP notification ("C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe" [7]) -> TROUVÉ
[IFEO] HKLM\[...]\k9filter.exe : Debugger (c:\windows\1.EXE [x]) -> TROUVÉ
[IFEO] HKLM\[...]\mpcmdrun : Debugger (c:\windows\1.EXE [x]) -> TROUVÉ
[IFEO] HKLM\[...]\mpsvc.dll : Debugger (c:\windows\1.EXE [x]) -> TROUVÉ
[IFEO] HKLM\[...]\mpuxsrv.exe : Debugger (c:\windows\1.EXE [x]) -> TROUVÉ
[IFEO] HKLM\[...]\msascui : Debugger (c:\windows\1.EXE [x]) -> TROUVÉ
[IFEO] HKLM\[...]\msascui.exe : Debugger ("rety.rtey" /z [x]) -> TROUVÉ
[IFEO] HKLM\[...]\MSconfig.exe : Debugger (c:\windows\1.EXE [x]) -> TROUVÉ
[IFEO] HKLM\[...]\msmpeng.exe : Debugger ("ehjry.rty" /z [x]) -> TROUVÉ
[IFEO] HKLM\[...]\MSseces : Debugger (c:\windows\1.EXE [x]) -> TROUVÉ
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> TROUVÉ
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> TROUVÉ
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorUser (0) -> TROUVÉ
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> TROUVÉ
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> TROUVÉ
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorUser (0) -> TROUVÉ
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> TROUVÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
¤¤¤ Tâches planifiées : 0 ¤¤¤
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Addons navigateur : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤
[Address] IAT @iexplore.exe (GetProcAddress) : KERNEL32.dll -> HOOKED (C:\Program Files (x86)\Internet Explorer\IEShims.dll @ 0x742E13DD)
[Address] IAT @iexplore.exe (StrStrIW) : api-ms-win-downlevel-shlwapi-l1-1-0.dll -> HOOKED (C:\Windows\syswow64\shlwapi.DLL @ 0x76DC46E9)
[Address] IAT @iexplore.exe (GetProcAddress) : KERNEL32.dll -> HOOKED (C:\Program Files (x86)\Internet Explorer\IEShims.dll @ 0x742E13DD)
[Address] IAT @iexplore.exe (StrStrIW) : api-ms-win-downlevel-shlwapi-l1-1-0.dll -> HOOKED (C:\Windows\syswow64\shlwapi.DLL @ 0x76DC46E9)
[Address] EAT @iexplore.exe (BeginBufferedAnimation) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727EDF38)
[Address] EAT @iexplore.exe (BeginBufferedPaint) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727EB741)
[Address] EAT @iexplore.exe (BeginPanningFeedback) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x728076AF)
[Address] EAT @iexplore.exe (BufferedPaintClear) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727EBBDB)
[Address] EAT @iexplore.exe (BufferedPaintInit) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727EB8D4)
[Address] EAT @iexplore.exe (BufferedPaintRenderAnimation) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727EDE83)
[Address] EAT @iexplore.exe (BufferedPaintSetAlpha) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280CE19)
[Address] EAT @iexplore.exe (BufferedPaintStopAllAnimations) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727EE428)
[Address] EAT @iexplore.exe (BufferedPaintUnInit) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727F7525)
[Address] EAT @iexplore.exe (CloseThemeData) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727E1FA1)
[Address] EAT @iexplore.exe (DrawThemeBackground) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727ED464)
[Address] EAT @iexplore.exe (DrawThemeBackgroundEx) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727F436D)
[Address] EAT @iexplore.exe (DrawThemeEdge) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280C01C)
[Address] EAT @iexplore.exe (DrawThemeIcon) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280D123)
[Address] EAT @iexplore.exe (DrawThemeParentBackground) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727EE776)
[Address] EAT @iexplore.exe (DrawThemeParentBackgroundEx) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727EE5C5)
[Address] EAT @iexplore.exe (DrawThemeText) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727EDB21)
[Address] EAT @iexplore.exe (DrawThemeTextEx) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727EA70C)
[Address] EAT @iexplore.exe (EnableThemeDialogTexture) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727F786D)
[Address] EAT @iexplore.exe (EnableTheming) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280C9FF)
[Address] EAT @iexplore.exe (EndBufferedAnimation) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727EACE8)
[Address] EAT @iexplore.exe (EndBufferedPaint) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727EACE8)
[Address] EAT @iexplore.exe (EndPanningFeedback) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280762C)
[Address] EAT @iexplore.exe (GetBufferedPaintBits) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727ECF26)
[Address] EAT @iexplore.exe (GetBufferedPaintDC) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280CDCF)
[Address] EAT @iexplore.exe (GetBufferedPaintTargetDC) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280CD86)
[Address] EAT @iexplore.exe (GetBufferedPaintTargetRect) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280C893)
[Address] EAT @iexplore.exe (GetCurrentThemeName) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727F63AE)
[Address] EAT @iexplore.exe (GetThemeAppProperties) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727EEBD6)
[Address] EAT @iexplore.exe (GetThemeBackgroundContentRect) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727EDA9E)
[Address] EAT @iexplore.exe (GetThemeBackgroundExtent) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727F7155)
[Address] EAT @iexplore.exe (GetThemeBackgroundRegion) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727F0190)
[Address] EAT @iexplore.exe (GetThemeBitmap) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727E4B9C)
[Address] EAT @iexplore.exe (GetThemeBool) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727E6651)
[Address] EAT @iexplore.exe (GetThemeColor) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727E27C0)
[Address] EAT @iexplore.exe (GetThemeDocumentationProperty) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280C346)
[Address] EAT @iexplore.exe (GetThemeEnumValue) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727E27C0)
[Address] EAT @iexplore.exe (GetThemeFilename) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280B997)
[Address] EAT @iexplore.exe (GetThemeFont) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727F76A2)
[Address] EAT @iexplore.exe (GetThemeInt) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727E27C0)
[Address] EAT @iexplore.exe (GetThemeIntList) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280B86E)
[Address] EAT @iexplore.exe (GetThemeMargins) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727E2F97)
[Address] EAT @iexplore.exe (GetThemeMetric) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727F55B4)
[Address] EAT @iexplore.exe (GetThemePartSize) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727E289F)
[Address] EAT @iexplore.exe (GetThemePosition) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280B80D)
[Address] EAT @iexplore.exe (GetThemePropertyOrigin) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727F0923)
[Address] EAT @iexplore.exe (GetThemeRect) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280B936)
[Address] EAT @iexplore.exe (GetThemeStream) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280B8CF)
[Address] EAT @iexplore.exe (GetThemeString) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280B7A1)
[Address] EAT @iexplore.exe (GetThemeSysBool) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280CB86)
[Address] EAT @iexplore.exe (GetThemeSysColor) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727F5530)
[Address] EAT @iexplore.exe (GetThemeSysColorBrush) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280CA32)
[Address] EAT @iexplore.exe (GetThemeSysFont) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280C3D8)
[Address] EAT @iexplore.exe (GetThemeSysInt) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280C5E7)
[Address] EAT @iexplore.exe (GetThemeSysSize) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280CC61)
[Address] EAT @iexplore.exe (GetThemeSysString) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280C553)
[Address] EAT @iexplore.exe (GetThemeTextExtent) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727E89FE)
[Address] EAT @iexplore.exe (GetThemeTextMetrics) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727F778C)
[Address] EAT @iexplore.exe (GetThemeTransitionDuration) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727EE1A1)
[Address] EAT @iexplore.exe (GetWindowTheme) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727F535B)
[Address] EAT @iexplore.exe (HitTestThemeBackground) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727F2DC1)
[Address] EAT @iexplore.exe (IsAppThemed) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727F7009)
[Address] EAT @iexplore.exe (IsCompositionActive) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727E65DF)
[Address] EAT @iexplore.exe (IsThemeActive) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727F6F36)
[Address] EAT @iexplore.exe (IsThemeBackgroundPartiallyTransparent) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727E281C)
[Address] EAT @iexplore.exe (IsThemeDialogTextureEnabled) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280CB3F)
[Address] EAT @iexplore.exe (IsThemePartDefined) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727E30CF)
[Address] EAT @iexplore.exe (OpenThemeData) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727E5F29)
[Address] EAT @iexplore.exe (OpenThemeDataEx) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727F06FE)
[Address] EAT @iexplore.exe (SetThemeAppProperties) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280CCEC)
[Address] EAT @iexplore.exe (SetWindowTheme) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727F7AFC)
[Address] EAT @iexplore.exe (SetWindowThemeAttribute) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727E9E39)
[Address] EAT @iexplore.exe (ThemeInitApiHook) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727E4571)
[Address] EAT @iexplore.exe (UpdatePanningFeedback) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x728075ED)
[Address] EAT @iexplore.exe (DllCanUnloadNow) : windowscodecs.dll -> HOOKED (C:\Windows\SysWOW64\ieapfltr.dll @ 0x71E515B6)
[Address] EAT @iexplore.exe (DllGetClassObject) : windowscodecs.dll -> HOOKED (C:\Windows\SysWOW64\ieapfltr.dll @ 0x71E4CA70)
[Address] EAT @iexplore.exe (DllRegisterServer) : windowscodecs.dll -> HOOKED (C:\Windows\SysWOW64\ieapfltr.dll @ 0x71E8088F)
[Address] EAT @iexplore.exe (DllUnregisterServer) : windowscodecs.dll -> HOOKED (C:\Windows\SysWOW64\ieapfltr.dll @ 0x71E808F1)
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9500420AS ATA Device +++++
--- User ---
[MBR] 469ea7f5d95343a956f7140bd5c30ef8
[BSP] b1ebcc238a9e31eb4522792cb66e7e08 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 462611 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 947836928 | Size: 14025 MB
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 976560128 | Size: 103 MB
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[0]_S_03262014_225316.txt >>
J'espère que ça te parle... Merci de ton aide.
@Varaca
Ci-dessous le rapport :
RogueKiller V8.8.14 [Mar 26 2014] par Adlice Software
mail : https://www.adlice.com/contact/
Remontees : https://forum.adlice.com/
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : https://www.adlice.com/
Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode sans echec avec prise en charge reseau
Utilisateur : Véronique [Droits d'admin]
Mode : Recherche -- Date : 03/26/2014 22:53:16
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 23 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : Ezuqiw (C:\Users\Véronique\AppData\Roaming\Opnouq\ehegu.exe [-]) -> TROUVÉ
[RUN][SUSP PATH] HKCU\[...]\Run : asdZZFASD-1 (C:\Users\Véronique\AppData\Roaming\svc-qndv.exe [-]) -> TROUVÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-2238822718-3437897180-3203888196-1001\[...]\Run : Ezuqiw (C:\Users\Véronique\AppData\Roaming\Opnouq\ehegu.exe [-]) -> TROUVÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-2238822718-3437897180-3203888196-1001\[...]\Run : asdZZFASD-1 (C:\Users\Véronique\AppData\Roaming\svc-qndv.exe [-]) -> TROUVÉ
[RUN][SUSP PATH] HKLM\[...]\Wow6432Node\[...]\Run : Magic Desktop for HP notification ("C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe" [7]) -> TROUVÉ
[IFEO] HKLM\[...]\k9filter.exe : Debugger (c:\windows\1.EXE [x]) -> TROUVÉ
[IFEO] HKLM\[...]\mpcmdrun : Debugger (c:\windows\1.EXE [x]) -> TROUVÉ
[IFEO] HKLM\[...]\mpsvc.dll : Debugger (c:\windows\1.EXE [x]) -> TROUVÉ
[IFEO] HKLM\[...]\mpuxsrv.exe : Debugger (c:\windows\1.EXE [x]) -> TROUVÉ
[IFEO] HKLM\[...]\msascui : Debugger (c:\windows\1.EXE [x]) -> TROUVÉ
[IFEO] HKLM\[...]\msascui.exe : Debugger ("rety.rtey" /z [x]) -> TROUVÉ
[IFEO] HKLM\[...]\MSconfig.exe : Debugger (c:\windows\1.EXE [x]) -> TROUVÉ
[IFEO] HKLM\[...]\msmpeng.exe : Debugger ("ehjry.rty" /z [x]) -> TROUVÉ
[IFEO] HKLM\[...]\MSseces : Debugger (c:\windows\1.EXE [x]) -> TROUVÉ
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> TROUVÉ
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> TROUVÉ
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorUser (0) -> TROUVÉ
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> TROUVÉ
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> TROUVÉ
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorUser (0) -> TROUVÉ
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> TROUVÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
¤¤¤ Tâches planifiées : 0 ¤¤¤
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Addons navigateur : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤
[Address] IAT @iexplore.exe (GetProcAddress) : KERNEL32.dll -> HOOKED (C:\Program Files (x86)\Internet Explorer\IEShims.dll @ 0x742E13DD)
[Address] IAT @iexplore.exe (StrStrIW) : api-ms-win-downlevel-shlwapi-l1-1-0.dll -> HOOKED (C:\Windows\syswow64\shlwapi.DLL @ 0x76DC46E9)
[Address] IAT @iexplore.exe (GetProcAddress) : KERNEL32.dll -> HOOKED (C:\Program Files (x86)\Internet Explorer\IEShims.dll @ 0x742E13DD)
[Address] IAT @iexplore.exe (StrStrIW) : api-ms-win-downlevel-shlwapi-l1-1-0.dll -> HOOKED (C:\Windows\syswow64\shlwapi.DLL @ 0x76DC46E9)
[Address] EAT @iexplore.exe (BeginBufferedAnimation) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727EDF38)
[Address] EAT @iexplore.exe (BeginBufferedPaint) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727EB741)
[Address] EAT @iexplore.exe (BeginPanningFeedback) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x728076AF)
[Address] EAT @iexplore.exe (BufferedPaintClear) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727EBBDB)
[Address] EAT @iexplore.exe (BufferedPaintInit) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727EB8D4)
[Address] EAT @iexplore.exe (BufferedPaintRenderAnimation) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727EDE83)
[Address] EAT @iexplore.exe (BufferedPaintSetAlpha) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280CE19)
[Address] EAT @iexplore.exe (BufferedPaintStopAllAnimations) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727EE428)
[Address] EAT @iexplore.exe (BufferedPaintUnInit) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727F7525)
[Address] EAT @iexplore.exe (CloseThemeData) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727E1FA1)
[Address] EAT @iexplore.exe (DrawThemeBackground) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727ED464)
[Address] EAT @iexplore.exe (DrawThemeBackgroundEx) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727F436D)
[Address] EAT @iexplore.exe (DrawThemeEdge) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280C01C)
[Address] EAT @iexplore.exe (DrawThemeIcon) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280D123)
[Address] EAT @iexplore.exe (DrawThemeParentBackground) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727EE776)
[Address] EAT @iexplore.exe (DrawThemeParentBackgroundEx) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727EE5C5)
[Address] EAT @iexplore.exe (DrawThemeText) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727EDB21)
[Address] EAT @iexplore.exe (DrawThemeTextEx) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727EA70C)
[Address] EAT @iexplore.exe (EnableThemeDialogTexture) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727F786D)
[Address] EAT @iexplore.exe (EnableTheming) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280C9FF)
[Address] EAT @iexplore.exe (EndBufferedAnimation) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727EACE8)
[Address] EAT @iexplore.exe (EndBufferedPaint) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727EACE8)
[Address] EAT @iexplore.exe (EndPanningFeedback) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280762C)
[Address] EAT @iexplore.exe (GetBufferedPaintBits) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727ECF26)
[Address] EAT @iexplore.exe (GetBufferedPaintDC) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280CDCF)
[Address] EAT @iexplore.exe (GetBufferedPaintTargetDC) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280CD86)
[Address] EAT @iexplore.exe (GetBufferedPaintTargetRect) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280C893)
[Address] EAT @iexplore.exe (GetCurrentThemeName) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727F63AE)
[Address] EAT @iexplore.exe (GetThemeAppProperties) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727EEBD6)
[Address] EAT @iexplore.exe (GetThemeBackgroundContentRect) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727EDA9E)
[Address] EAT @iexplore.exe (GetThemeBackgroundExtent) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727F7155)
[Address] EAT @iexplore.exe (GetThemeBackgroundRegion) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727F0190)
[Address] EAT @iexplore.exe (GetThemeBitmap) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727E4B9C)
[Address] EAT @iexplore.exe (GetThemeBool) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727E6651)
[Address] EAT @iexplore.exe (GetThemeColor) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727E27C0)
[Address] EAT @iexplore.exe (GetThemeDocumentationProperty) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280C346)
[Address] EAT @iexplore.exe (GetThemeEnumValue) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727E27C0)
[Address] EAT @iexplore.exe (GetThemeFilename) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280B997)
[Address] EAT @iexplore.exe (GetThemeFont) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727F76A2)
[Address] EAT @iexplore.exe (GetThemeInt) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727E27C0)
[Address] EAT @iexplore.exe (GetThemeIntList) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280B86E)
[Address] EAT @iexplore.exe (GetThemeMargins) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727E2F97)
[Address] EAT @iexplore.exe (GetThemeMetric) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727F55B4)
[Address] EAT @iexplore.exe (GetThemePartSize) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727E289F)
[Address] EAT @iexplore.exe (GetThemePosition) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280B80D)
[Address] EAT @iexplore.exe (GetThemePropertyOrigin) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727F0923)
[Address] EAT @iexplore.exe (GetThemeRect) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280B936)
[Address] EAT @iexplore.exe (GetThemeStream) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280B8CF)
[Address] EAT @iexplore.exe (GetThemeString) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280B7A1)
[Address] EAT @iexplore.exe (GetThemeSysBool) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280CB86)
[Address] EAT @iexplore.exe (GetThemeSysColor) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727F5530)
[Address] EAT @iexplore.exe (GetThemeSysColorBrush) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280CA32)
[Address] EAT @iexplore.exe (GetThemeSysFont) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280C3D8)
[Address] EAT @iexplore.exe (GetThemeSysInt) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280C5E7)
[Address] EAT @iexplore.exe (GetThemeSysSize) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280CC61)
[Address] EAT @iexplore.exe (GetThemeSysString) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280C553)
[Address] EAT @iexplore.exe (GetThemeTextExtent) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727E89FE)
[Address] EAT @iexplore.exe (GetThemeTextMetrics) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727F778C)
[Address] EAT @iexplore.exe (GetThemeTransitionDuration) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727EE1A1)
[Address] EAT @iexplore.exe (GetWindowTheme) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727F535B)
[Address] EAT @iexplore.exe (HitTestThemeBackground) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727F2DC1)
[Address] EAT @iexplore.exe (IsAppThemed) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727F7009)
[Address] EAT @iexplore.exe (IsCompositionActive) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727E65DF)
[Address] EAT @iexplore.exe (IsThemeActive) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727F6F36)
[Address] EAT @iexplore.exe (IsThemeBackgroundPartiallyTransparent) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727E281C)
[Address] EAT @iexplore.exe (IsThemeDialogTextureEnabled) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280CB3F)
[Address] EAT @iexplore.exe (IsThemePartDefined) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727E30CF)
[Address] EAT @iexplore.exe (OpenThemeData) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727E5F29)
[Address] EAT @iexplore.exe (OpenThemeDataEx) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727F06FE)
[Address] EAT @iexplore.exe (SetThemeAppProperties) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7280CCEC)
[Address] EAT @iexplore.exe (SetWindowTheme) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727F7AFC)
[Address] EAT @iexplore.exe (SetWindowThemeAttribute) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727E9E39)
[Address] EAT @iexplore.exe (ThemeInitApiHook) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727E4571)
[Address] EAT @iexplore.exe (UpdatePanningFeedback) : schannel.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x728075ED)
[Address] EAT @iexplore.exe (DllCanUnloadNow) : windowscodecs.dll -> HOOKED (C:\Windows\SysWOW64\ieapfltr.dll @ 0x71E515B6)
[Address] EAT @iexplore.exe (DllGetClassObject) : windowscodecs.dll -> HOOKED (C:\Windows\SysWOW64\ieapfltr.dll @ 0x71E4CA70)
[Address] EAT @iexplore.exe (DllRegisterServer) : windowscodecs.dll -> HOOKED (C:\Windows\SysWOW64\ieapfltr.dll @ 0x71E8088F)
[Address] EAT @iexplore.exe (DllUnregisterServer) : windowscodecs.dll -> HOOKED (C:\Windows\SysWOW64\ieapfltr.dll @ 0x71E808F1)
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9500420AS ATA Device +++++
--- User ---
[MBR] 469ea7f5d95343a956f7140bd5c30ef8
[BSP] b1ebcc238a9e31eb4522792cb66e7e08 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 462611 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 947836928 | Size: 14025 MB
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 976560128 | Size: 103 MB
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[0]_S_03262014_225316.txt >>
J'espère que ça te parle... Merci de ton aide.
@Varaca
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 806
26 mars 2014 à 23:15
26 mars 2014 à 23:15
Oui fais suppression :)
kiltic
Messages postés
7
Date d'inscription
jeudi 27 mars 2014
Statut
Membre
Dernière intervention
28 mars 2014
27 mars 2014 à 21:38
27 mars 2014 à 21:38
Bonjour,
J'ai exactement le même problème sur mon pc portable. J'ai suivi ce que vous avez dit au sujet de roguekiller. Pour info, c'est la 1ere fois que je poste sur un forum et de plus je suis nulle en ordi. Serait il possible de m'aider? Merci d'avance. Ci dessous la copie du rapport :
RogueKiller V8.8.15 [Mar 27 2014] par Adlice Software
mail : https://www.adlice.com/contact/
Remontees : https://forum.adlice.com/
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : https://www.adlice.com/
Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode sans echec avec prise en charge reseau
Utilisateur : sabseb [Droits d'admin]
Mode : Recherche -- Date : 03/27/2014 21:36:54
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 4 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : 9348589-234-234 (C:\Users\sabseb\AppData\Roaming\svc-fjmd.exe [-]) -> TROUVÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-3250053526-2130831755-2230989291-1000\[...]\Run : 9348589-234-234 (C:\Users\sabseb\AppData\Roaming\svc-fjmd.exe [-]) -> TROUVÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
¤¤¤ Tâches planifiées : 0 ¤¤¤
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Addons navigateur : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤
[Address] IAT @iexplore.exe (GetProcAddress) : KERNEL32.dll -> HOOKED (C:\Program Files (x86)\Internet Explorer\IEShims.dll @ 0x751713DD)
[Address] IAT @iexplore.exe (StrStrIW) : api-ms-win-downlevel-shlwapi-l1-1-0.dll -> HOOKED (C:\Windows\syswow64\shlwapi.DLL @ 0x770446E9)
[Address] IAT @iexplore.exe (GetProcAddress) : KERNEL32.dll -> HOOKED (C:\Program Files (x86)\Internet Explorer\IEShims.dll @ 0x751713DD)
[Address] IAT @iexplore.exe (StrStrIW) : api-ms-win-downlevel-shlwapi-l1-1-0.dll -> HOOKED (C:\Windows\syswow64\shlwapi.DLL @ 0x770446E9)
[Address] EAT @iexplore.exe (BeginBufferedAnimation) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321DF38)
[Address] EAT @iexplore.exe (BeginBufferedPaint) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321B741)
[Address] EAT @iexplore.exe (BeginPanningFeedback) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x732376AF)
[Address] EAT @iexplore.exe (BufferedPaintClear) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321BBDB)
[Address] EAT @iexplore.exe (BufferedPaintInit) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321B8D4)
[Address] EAT @iexplore.exe (BufferedPaintRenderAnimation) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321DE83)
[Address] EAT @iexplore.exe (BufferedPaintSetAlpha) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323CE19)
[Address] EAT @iexplore.exe (BufferedPaintStopAllAnimations) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321E428)
[Address] EAT @iexplore.exe (BufferedPaintUnInit) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73227525)
[Address] EAT @iexplore.exe (CloseThemeData) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73211FA1)
[Address] EAT @iexplore.exe (DrawThemeBackground) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321D464)
[Address] EAT @iexplore.exe (DrawThemeBackgroundEx) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7322436D)
[Address] EAT @iexplore.exe (DrawThemeEdge) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323C01C)
[Address] EAT @iexplore.exe (DrawThemeIcon) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323D123)
[Address] EAT @iexplore.exe (DrawThemeParentBackground) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321E776)
[Address] EAT @iexplore.exe (DrawThemeParentBackgroundEx) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321E5C5)
[Address] EAT @iexplore.exe (DrawThemeText) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321DB21)
[Address] EAT @iexplore.exe (DrawThemeTextEx) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321A70C)
[Address] EAT @iexplore.exe (EnableThemeDialogTexture) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7322786D)
[Address] EAT @iexplore.exe (EnableTheming) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323C9FF)
[Address] EAT @iexplore.exe (EndBufferedAnimation) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321ACE8)
[Address] EAT @iexplore.exe (EndBufferedPaint) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321ACE8)
[Address] EAT @iexplore.exe (EndPanningFeedback) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323762C)
[Address] EAT @iexplore.exe (GetBufferedPaintBits) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321CF26)
[Address] EAT @iexplore.exe (GetBufferedPaintDC) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323CDCF)
[Address] EAT @iexplore.exe (GetBufferedPaintTargetDC) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323CD86)
[Address] EAT @iexplore.exe (GetBufferedPaintTargetRect) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323C893)
[Address] EAT @iexplore.exe (GetCurrentThemeName) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x732263AE)
[Address] EAT @iexplore.exe (GetThemeAppProperties) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321EBD6)
[Address] EAT @iexplore.exe (GetThemeBackgroundContentRect) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321DA9E)
[Address] EAT @iexplore.exe (GetThemeBackgroundExtent) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73227155)
[Address] EAT @iexplore.exe (GetThemeBackgroundRegion) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73220190)
[Address] EAT @iexplore.exe (GetThemeBitmap) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73214B9C)
[Address] EAT @iexplore.exe (GetThemeBool) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73216651)
[Address] EAT @iexplore.exe (GetThemeColor) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x732127C0)
[Address] EAT @iexplore.exe (GetThemeDocumentationProperty) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323C346)
[Address] EAT @iexplore.exe (GetThemeEnumValue) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x732127C0)
[Address] EAT @iexplore.exe (GetThemeFilename) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323B997)
[Address] EAT @iexplore.exe (GetThemeFont) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x732276A2)
[Address] EAT @iexplore.exe (GetThemeInt) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x732127C0)
[Address] EAT @iexplore.exe (GetThemeIntList) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323B86E)
[Address] EAT @iexplore.exe (GetThemeMargins) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73212F97)
[Address] EAT @iexplore.exe (GetThemeMetric) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x732255B4)
[Address] EAT @iexplore.exe (GetThemePartSize) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321289F)
[Address] EAT @iexplore.exe (GetThemePosition) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323B80D)
[Address] EAT @iexplore.exe (GetThemePropertyOrigin) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73220923)
[Address] EAT @iexplore.exe (GetThemeRect) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323B936)
[Address] EAT @iexplore.exe (GetThemeStream) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323B8CF)
[Address] EAT @iexplore.exe (GetThemeString) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323B7A1)
[Address] EAT @iexplore.exe (GetThemeSysBool) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323CB86)
[Address] EAT @iexplore.exe (GetThemeSysColor) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73225530)
[Address] EAT @iexplore.exe (GetThemeSysColorBrush) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323CA32)
[Address] EAT @iexplore.exe (GetThemeSysFont) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323C3D8)
[Address] EAT @iexplore.exe (GetThemeSysInt) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323C5E7)
[Address] EAT @iexplore.exe (GetThemeSysSize) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323CC61)
[Address] EAT @iexplore.exe (GetThemeSysString) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323C553)
[Address] EAT @iexplore.exe (GetThemeTextExtent) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x732189FE)
[Address] EAT @iexplore.exe (GetThemeTextMetrics) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7322778C)
[Address] EAT @iexplore.exe (GetThemeTransitionDuration) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321E1A1)
[Address] EAT @iexplore.exe (GetWindowTheme) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7322535B)
[Address] EAT @iexplore.exe (HitTestThemeBackground) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73222DC1)
[Address] EAT @iexplore.exe (IsAppThemed) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73227009)
[Address] EAT @iexplore.exe (IsCompositionActive) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x732165DF)
[Address] EAT @iexplore.exe (IsThemeActive) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73226F36)
[Address] EAT @iexplore.exe (IsThemeBackgroundPartiallyTransparent) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321281C)
[Address] EAT @iexplore.exe (IsThemeDialogTextureEnabled) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323CB3F)
[Address] EAT @iexplore.exe (IsThemePartDefined) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x732130CF)
[Address] EAT @iexplore.exe (OpenThemeData) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73215F29)
[Address] EAT @iexplore.exe (OpenThemeDataEx) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x732206FE)
[Address] EAT @iexplore.exe (SetThemeAppProperties) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323CCEC)
[Address] EAT @iexplore.exe (SetWindowTheme) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73227AFC)
[Address] EAT @iexplore.exe (SetWindowThemeAttribute) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73219E39)
[Address] EAT @iexplore.exe (ThemeInitApiHook) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73214571)
[Address] EAT @iexplore.exe (UpdatePanningFeedback) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x732375ED)
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS545032B9A300 ATA Device +++++
--- User ---
[MBR] 209a233844e60c9bed4ff1fd4b6784bb
[BSP] f9bb42ff456aa21d2f38eff12d3ec415 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 12291 MB
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 25173855 | Size: 101 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 25382700 | Size: 292850 MB
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[0]_S_03272014_213654.txt >>
RKreport[0]_S_03272014_101826.txt
Merci pour votre aide
J'ai exactement le même problème sur mon pc portable. J'ai suivi ce que vous avez dit au sujet de roguekiller. Pour info, c'est la 1ere fois que je poste sur un forum et de plus je suis nulle en ordi. Serait il possible de m'aider? Merci d'avance. Ci dessous la copie du rapport :
RogueKiller V8.8.15 [Mar 27 2014] par Adlice Software
mail : https://www.adlice.com/contact/
Remontees : https://forum.adlice.com/
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : https://www.adlice.com/
Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode sans echec avec prise en charge reseau
Utilisateur : sabseb [Droits d'admin]
Mode : Recherche -- Date : 03/27/2014 21:36:54
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 4 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : 9348589-234-234 (C:\Users\sabseb\AppData\Roaming\svc-fjmd.exe [-]) -> TROUVÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-3250053526-2130831755-2230989291-1000\[...]\Run : 9348589-234-234 (C:\Users\sabseb\AppData\Roaming\svc-fjmd.exe [-]) -> TROUVÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
¤¤¤ Tâches planifiées : 0 ¤¤¤
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Addons navigateur : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤
[Address] IAT @iexplore.exe (GetProcAddress) : KERNEL32.dll -> HOOKED (C:\Program Files (x86)\Internet Explorer\IEShims.dll @ 0x751713DD)
[Address] IAT @iexplore.exe (StrStrIW) : api-ms-win-downlevel-shlwapi-l1-1-0.dll -> HOOKED (C:\Windows\syswow64\shlwapi.DLL @ 0x770446E9)
[Address] IAT @iexplore.exe (GetProcAddress) : KERNEL32.dll -> HOOKED (C:\Program Files (x86)\Internet Explorer\IEShims.dll @ 0x751713DD)
[Address] IAT @iexplore.exe (StrStrIW) : api-ms-win-downlevel-shlwapi-l1-1-0.dll -> HOOKED (C:\Windows\syswow64\shlwapi.DLL @ 0x770446E9)
[Address] EAT @iexplore.exe (BeginBufferedAnimation) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321DF38)
[Address] EAT @iexplore.exe (BeginBufferedPaint) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321B741)
[Address] EAT @iexplore.exe (BeginPanningFeedback) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x732376AF)
[Address] EAT @iexplore.exe (BufferedPaintClear) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321BBDB)
[Address] EAT @iexplore.exe (BufferedPaintInit) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321B8D4)
[Address] EAT @iexplore.exe (BufferedPaintRenderAnimation) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321DE83)
[Address] EAT @iexplore.exe (BufferedPaintSetAlpha) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323CE19)
[Address] EAT @iexplore.exe (BufferedPaintStopAllAnimations) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321E428)
[Address] EAT @iexplore.exe (BufferedPaintUnInit) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73227525)
[Address] EAT @iexplore.exe (CloseThemeData) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73211FA1)
[Address] EAT @iexplore.exe (DrawThemeBackground) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321D464)
[Address] EAT @iexplore.exe (DrawThemeBackgroundEx) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7322436D)
[Address] EAT @iexplore.exe (DrawThemeEdge) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323C01C)
[Address] EAT @iexplore.exe (DrawThemeIcon) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323D123)
[Address] EAT @iexplore.exe (DrawThemeParentBackground) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321E776)
[Address] EAT @iexplore.exe (DrawThemeParentBackgroundEx) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321E5C5)
[Address] EAT @iexplore.exe (DrawThemeText) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321DB21)
[Address] EAT @iexplore.exe (DrawThemeTextEx) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321A70C)
[Address] EAT @iexplore.exe (EnableThemeDialogTexture) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7322786D)
[Address] EAT @iexplore.exe (EnableTheming) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323C9FF)
[Address] EAT @iexplore.exe (EndBufferedAnimation) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321ACE8)
[Address] EAT @iexplore.exe (EndBufferedPaint) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321ACE8)
[Address] EAT @iexplore.exe (EndPanningFeedback) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323762C)
[Address] EAT @iexplore.exe (GetBufferedPaintBits) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321CF26)
[Address] EAT @iexplore.exe (GetBufferedPaintDC) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323CDCF)
[Address] EAT @iexplore.exe (GetBufferedPaintTargetDC) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323CD86)
[Address] EAT @iexplore.exe (GetBufferedPaintTargetRect) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323C893)
[Address] EAT @iexplore.exe (GetCurrentThemeName) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x732263AE)
[Address] EAT @iexplore.exe (GetThemeAppProperties) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321EBD6)
[Address] EAT @iexplore.exe (GetThemeBackgroundContentRect) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321DA9E)
[Address] EAT @iexplore.exe (GetThemeBackgroundExtent) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73227155)
[Address] EAT @iexplore.exe (GetThemeBackgroundRegion) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73220190)
[Address] EAT @iexplore.exe (GetThemeBitmap) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73214B9C)
[Address] EAT @iexplore.exe (GetThemeBool) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73216651)
[Address] EAT @iexplore.exe (GetThemeColor) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x732127C0)
[Address] EAT @iexplore.exe (GetThemeDocumentationProperty) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323C346)
[Address] EAT @iexplore.exe (GetThemeEnumValue) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x732127C0)
[Address] EAT @iexplore.exe (GetThemeFilename) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323B997)
[Address] EAT @iexplore.exe (GetThemeFont) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x732276A2)
[Address] EAT @iexplore.exe (GetThemeInt) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x732127C0)
[Address] EAT @iexplore.exe (GetThemeIntList) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323B86E)
[Address] EAT @iexplore.exe (GetThemeMargins) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73212F97)
[Address] EAT @iexplore.exe (GetThemeMetric) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x732255B4)
[Address] EAT @iexplore.exe (GetThemePartSize) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321289F)
[Address] EAT @iexplore.exe (GetThemePosition) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323B80D)
[Address] EAT @iexplore.exe (GetThemePropertyOrigin) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73220923)
[Address] EAT @iexplore.exe (GetThemeRect) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323B936)
[Address] EAT @iexplore.exe (GetThemeStream) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323B8CF)
[Address] EAT @iexplore.exe (GetThemeString) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323B7A1)
[Address] EAT @iexplore.exe (GetThemeSysBool) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323CB86)
[Address] EAT @iexplore.exe (GetThemeSysColor) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73225530)
[Address] EAT @iexplore.exe (GetThemeSysColorBrush) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323CA32)
[Address] EAT @iexplore.exe (GetThemeSysFont) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323C3D8)
[Address] EAT @iexplore.exe (GetThemeSysInt) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323C5E7)
[Address] EAT @iexplore.exe (GetThemeSysSize) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323CC61)
[Address] EAT @iexplore.exe (GetThemeSysString) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323C553)
[Address] EAT @iexplore.exe (GetThemeTextExtent) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x732189FE)
[Address] EAT @iexplore.exe (GetThemeTextMetrics) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7322778C)
[Address] EAT @iexplore.exe (GetThemeTransitionDuration) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321E1A1)
[Address] EAT @iexplore.exe (GetWindowTheme) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7322535B)
[Address] EAT @iexplore.exe (HitTestThemeBackground) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73222DC1)
[Address] EAT @iexplore.exe (IsAppThemed) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73227009)
[Address] EAT @iexplore.exe (IsCompositionActive) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x732165DF)
[Address] EAT @iexplore.exe (IsThemeActive) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73226F36)
[Address] EAT @iexplore.exe (IsThemeBackgroundPartiallyTransparent) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7321281C)
[Address] EAT @iexplore.exe (IsThemeDialogTextureEnabled) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323CB3F)
[Address] EAT @iexplore.exe (IsThemePartDefined) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x732130CF)
[Address] EAT @iexplore.exe (OpenThemeData) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73215F29)
[Address] EAT @iexplore.exe (OpenThemeDataEx) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x732206FE)
[Address] EAT @iexplore.exe (SetThemeAppProperties) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7323CCEC)
[Address] EAT @iexplore.exe (SetWindowTheme) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73227AFC)
[Address] EAT @iexplore.exe (SetWindowThemeAttribute) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73219E39)
[Address] EAT @iexplore.exe (ThemeInitApiHook) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73214571)
[Address] EAT @iexplore.exe (UpdatePanningFeedback) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x732375ED)
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS545032B9A300 ATA Device +++++
--- User ---
[MBR] 209a233844e60c9bed4ff1fd4b6784bb
[BSP] f9bb42ff456aa21d2f38eff12d3ec415 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 12291 MB
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 25173855 | Size: 101 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 25382700 | Size: 292850 MB
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[0]_S_03272014_213654.txt >>
RKreport[0]_S_03272014_101826.txt
Merci pour votre aide
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 806
Modifié par lilidurhone le 27/03/2014 à 21:44
Modifié par lilidurhone le 27/03/2014 à 21:44
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Super.
Situation redevenue normale : disponibilité des fonctionnalités et PC protégé.
C'est tout de même une véritable "cochonnerie" et pas facile de faire la part des sites.
Un grand merci pour votre aide.
@Varaca
Situation redevenue normale : disponibilité des fonctionnalités et PC protégé.
C'est tout de même une véritable "cochonnerie" et pas facile de faire la part des sites.
Un grand merci pour votre aide.
@Varaca
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 806
27 mars 2014 à 22:11
27 mars 2014 à 22:11
Hé c'est pas fini ;)
Effectivement, j'ai aussi retrouvé la possibilité de saisir les accents circonflexes, disparus depuis qq mois sans comprendre.
2 pb résolus, trop fort ! ;)
Ca reste tout de même un mystère sur l'apparition de ses phénomènes.
Je suis pas pressée d'avoir d'autres pb mais je prendrai conseils plus vite.
Encore merci.
2 pb résolus, trop fort ! ;)
Ca reste tout de même un mystère sur l'apparition de ses phénomènes.
Je suis pas pressée d'avoir d'autres pb mais je prendrai conseils plus vite.
Encore merci.
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 806
27 mars 2014 à 22:19
27 mars 2014 à 22:19
C'est pas résolu :)
Il faudrait au moins vérifier l'état de ton pc car il est pas venu tout seul ^^
Il faudrait au moins vérifier l'état de ton pc car il est pas venu tout seul ^^
J'ai lancé un CCleaner et je fais une analyse du PC avec Microsoft Security Essentials. La suite demain.
Ca suffit ?
Bonne soirée
Ca suffit ?
Bonne soirée
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 806
27 mars 2014 à 22:42
27 mars 2014 à 22:42
Non
Faut faire un diagnostic avec zhpdiag :)
Ne fais pas Ccleaner
Faut faire un diagnostic avec zhpdiag :)
Ne fais pas Ccleaner
Le rapport :
~ Rapport de ZHPDiag v2014.3.26.33 - Nicolas Coolman (26/03/2014)
~ Lancé par Véronique (27/03/2014 22:57:15)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16521
MFIE: Mozilla Firefox 14.0.1
GCIE: Google Chrome v23.0.1271.97 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 3Q6C9
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
Sécurité
Microsoft Security Client v4.4.0304.0
Windows Defender W7
---\\ Logiciels d'optimisation du système
CCleaner v4.11 =>.Piriform Ltd
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader XI
---\\ Informations sur le système
~ Processor: AMD64 Family 16 Model 6 Stepping 2, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4092.2 MB (53% free)
System Restore: Activé (Enable)
System drive C: has 364 GB (80%) free of 452 GB
---\\ Mode de connexion au système
~ Computer Name: VÉRONIQUE-PC
~ User Name: Véronique
~ All Users Names: Véronique, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Véronique\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Véronique\AppData\Roaming\
~ %Desktop% : C:\Users\Véronique\Desktop\
~ %Favorites% : C:\Users\Véronique\Favorites\
~ %LocalAppData% : C:\Users\Véronique\AppData\Local\
~ %StartMenu% : C:\Users\Véronique\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 364 Go of 452 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 14 Go)
E: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
F: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 49 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.DF79CE9B950C62677D232154E93A81C7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.01/03/2014 - 04:10:28.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/48
~ Mes musiques (My Musics) : 17/202
~ Mes Videos (My Videos) : 2/20
~ Mes Favoris (My Favorites) : 1/82
~ Mes Documents (My Documents) : 2/9731
~ Mon Bureau (My Desktop) : 3/500
~ Menu demarrer (Programs) : 1/28
~ Hidden Files: Scanned in 00mn 06s
---\\ Processus lancés
[MD5.E5F5EB723FEC70FFEC5D88D31BECEF4F] - (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe [12916544] [PID.3480]
[MD5.49AD8709B96741F9C3C5A98CBBAB0777] - (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2_vm409\TomTomHOMERunner.exe [247144] [PID.3428]
[MD5.8F89E6CB82E6DB45BC993D423CD0FDBD] - (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe [323640] [PID.4016]
[MD5.5516C26A6AF8EB4E2CAB48EC98A74398] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe [54576] [PID.4076]
[MD5.79C28DDF889C26FDD6162F796FD49BC4] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.3380]
[MD5.C6331D11F80B3AFFD91A9B3858E00F23] - (.CyberLink - CyberLink MediaLibray Service.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [210216] [PID.4672]
[MD5.1CE55AE7E57826457FD56EB3C50E4E54] - (.CyberLink Corp. - HP MediaSmart TV Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe [415016] [PID.4680]
[MD5.3A3BEA53F039CE2E997A918E26E30B1D] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe [808152] [PID.8808]
[MD5.51B4461F32E67D4F5C57B0C89E4BCA48] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8177664] [PID.10528]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1692]
[MD5.221564CC7BE37611FE15EACF443E1BF6] - (.Apple Inc. - YSLoader.exe.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336] [PID.1744]
[MD5.B6BDD8A9A69758481B7AD78CCBF96B7E] - (...) -- C:\PVSW\Bin\WGE_SRV.exe [32768] [PID.1940]
[MD5.ED3EF8E2323B4F66AC2C56675CA9DA26] - (...) -- C:\PVSW\BIN\W3dbsmgr.exe [106546] [PID.2028]
[MD5.E849218177EC8F7541EC3FAA693EE21A] - (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [4971840] [PID.2208]
[MD5.FBD16717FD68B206C4CE3BB3C9EE5CB3] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2_vm409\TomTomHOMEService.exe [92008] [PID.2348]
[MD5.F02A533F517EB38333CB12A9E8963773] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176] [PID.2940]
[MD5.55C6E745C8F4A58A96FA173F47B43751] - (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe [238400] [PID.3688]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Véronique\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [bkomkajifikmkfnjgphkjcfeepbnojok] PriceGong v.5.5.4 (Désactivé) =>Adware.PriceGong
G2 - GCE: Preference [User Data\Default] [dhkplhfnhceodhffomolpfigojocbpcb] Babylon Toolbar v.1.5 (Désactivé) =>PUP.Babylon
G2 - GCE: Preference [User Data\Default] [jcdgjdiieiljkfkdcloehkohchhpekkn] SweetIM for Facebook v.1.0.0.0 (Activé) =>PUP.SweetIM
G2 - GCE: Preference [User Data\Default] [lmblfngognklgemafekefcdjcnkdhmdm] 2YourFace v.1.0 (Activé) =>Adware.2YourFace
---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 8 Legitimates Filtered in 00mn 06s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Véronique\AppData\Roaming\Mozilla\Firefox\Profiles\out9gvzz.default\prefs.js
~ Firefox Browser: 9 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main,Start Page = http://allssearch.com =>Adware.SocialSkinz
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
~ IE Browser: 21 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: TBSB02902 [64Bits] - {57B23DC7-72DF-4608-8A02-3FABA57F90F6} . (.Pas de propriétaire - IE Toolbar Engine.) -- C:\Program Files (x86)\Mon Achat Malin MAE\tbcore3.dll
~ BHO: 9 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll =>Toolbar.Google
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{17742D34-6B6A-4527-B7E5-F628B0232DEC} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: EPSON Scan.lnk . (.SEIKO EPSON CORP. - EPSON Scan.) -- C:\Windows\twain_32\escndv\escndv.exe
O4 - GS\Desktop [Public]: TVO.lnk . (...) -- C:\TVO\TVO.exe
O4 - GS\Program [Public]: Magic Desktop.lnk . (.EasyBits Software AS - EasyBits Security Shield.) -- C:\Program Files (x86)\EasyBits For Kids\ezSecShield.exe =>.EasyBits Software AS
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [Véronique]: Fastest YouTube Downloader to MP3 Converter.lnk . (...) -- C:\Program Files (x86)\Fastest Free YouTube Downloader\FastestFreeYouTubeDownloader.exe =>PUP.SoftwareEngine
O4 - GS\QuickLaunch [Véronique]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Véronique]: Jouer à HP Games.lnk . (.WildTangent, Inc. - GameConsole.) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsole-wt.exe
O4 - GS\QuickLaunch [Véronique]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Véronique]: HPAdvisor.lnk . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - GS\TaskBar [Véronique]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [Véronique]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Véronique]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Véronique]: Mes documents.lnk . (...) -- C:\Users\Véronique\Documents
O4 - GS\Desktop [Véronique]: Mon magasin.lnk . (...) -- C:\Users\Véronique\AppData\Roaming\Microsoft\Installer\{82F43402-9C3C-11D4-85F7-00E846C11307}\_20416e07.exe
O4 - GS\Desktop [Véronique]: VLC.lnk . (...) -- C:\Program Files (x86)\VlcPlus\vlc\vlc.exe
~ Global Startup: 65 Legitimates Filtered in 00mn 01s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: Select a coupon.lnk . (.Seiko Epson Corporation - Select a coupon.) -- C:\Program Files\EPSON\TMCommandEmulator\PopupWindow.exe
O4 - GS\Startup [Public]: TM-T20 Utility(Automatic Restore).lnk . (.SEIKO EPSON CORPORATION - Automatic Restore.) -- C:\Program Files (x86)\EPSON\TM-T20 Software\TM20UTL\TMRESTOREAPP.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe
O4 - HKLM\..\Run: [SmartMenu] . (.Pas de propriétaire - SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKCU\..\Run: [EPSON SX510W Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIE.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [Epson Stylus SX510W(Réseau)] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIE.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2_vm409\TomTomHOMERunner.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [HPCam_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [QlbCtrl.exe] . (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [WirelessAssistant] . (.Hewlett-Packard Company - HP Wireless Assistant Main Program.) -- C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2238822718-3437897180-3203888196-1001\..\Run: [EPSON SX510W Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIE.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-2238822718-3437897180-3203888196-1001\..\Run: [Epson Stylus SX510W(Réseau)] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIE.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-2238822718-3437897180-3203888196-1001\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2_vm409\TomTomHOMERunner.exe
~ Application: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{B47DA07D-BD88-4F85-AF0E-E1B80A7B28AC}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{B47DA07D-BD88-4F85-AF0E-E1B80A7B28AC}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{B47DA07D-BD88-4F85-AF0E-E1B80A7B28AC}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Eset Trial Reset (.EsetTrialReset) . (...) - C:\Windows\reset.exe
O23 - Service: EBP Pervasive.SQL (EBP Pervasive.SQL) . (...) - C:\PVSW\Bin\WGE_SRV.exe
~ Services: 12 Legitimates Filtered in 00mn 07s
---\\ Tâches planifiées en automatique (O39)
[MD5.25679C23DC638D0BF0C6C8796E0ABE61] [APT] [Scheduled scanning task] (...) -- C:\Program Files (x86)\PACKSR~1\SCURIT~1\ANTI-V~1\fsav.exe [215976]
~ Scheduled Task: 23 Legitimates Filtered in 00mn 02s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (fsvista) . (...) - C:\Program Files (x86)\Pack Sérénité\Sécurité\Anti-Virus\minifilter\fsvista.sys
~ Drivers: 75 Legitimates Filtered in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: MonMagasin - (.MonMagasin AccèsInfo.) [HKLM][64Bits] -- {82F43402-9C3C-11D4-85F7-00E846C11307}
O42 - Logiciel: Sécurité - (...) [HKLM][64Bits] -- F-Secure Product 440
~ Logic: 48 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\IncrediMail]
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\linkular] =>PUP.Linkular
~ Key Software: 435 Legitimates Filtered in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 12/01/2014 - 22:03:52 - [16.171] ----D C:\Program Files (x86)\AccesInf
O43 - CFD: 28/01/2013 - 20:57:32 - [0] ----D C:\Program Files (x86)\GUMD4A4.tmp
O43 - CFD: 22/01/2014 - 20:30:14 - [0] ----D C:\Program Files (x86)\PrintManagementTool
O43 - CFD: 02/12/2011 - 22:02:51 - [0.000] ----D C:\ProgramData\IM
O43 - CFD: 02/12/2011 - 22:01:31 - [0.012] ----D C:\ProgramData\IncrediMail
O43 - CFD: 24/10/2013 - 16:00:22 - [11.126] --H-D C:\ProgramData\{4080BB99-B291-4567-9D10-F6DB31570214}
O43 - CFD: 24/03/2010 - 01:43:25 - [20.406] ----D C:\ProgramData\{44AFD825-9603-4521-9447-A6E1C5CA2F3D}
O43 - CFD: 23/04/2013 - 20:20:57 - [0.170] ----D C:\Users\Véronique\AppData\Roaming\Kaodz
O43 - CFD: 21/05/2013 - 17:58:12 - [6.111] ----D C:\Users\Véronique\AppData\Roaming\Nesa
O43 - CFD: 23/04/2013 - 20:20:57 - [0.289] ----D C:\Users\Véronique\AppData\Roaming\Opnouq
O43 - CFD: 02/05/2013 - 19:14:10 - [0.289] ----D C:\Users\Véronique\AppData\Roaming\Tiuhuw
O43 - CFD: 02/05/2013 - 19:14:10 - [0] ----D C:\Users\Véronique\AppData\Roaming\Weasi
O43 - CFD: 02/05/2013 - 19:14:10 - [0] ----D C:\Users\Véronique\AppData\Roaming\Ymvaov
O43 - CFD: 02/12/2011 - 22:04:16 - [8.484] ----D C:\Users\Véronique\AppData\Local\IM
~ Program Folder: 229 Legitimates Filtered in 01mn 08s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.D07138915E1B489BA08D2DBDFF441A60] - 24/03/2014 - 23:09:46 ---A- . (...) -- C:\shldr [285747]
O44 - LFC:[MD5.025926B83A938B5215F3C1DCC882F21C] - 24/03/2014 - 23:09:46 ---A- . (...) -- C:\shldr.mbr [8192]
O44 - LFC:[MD5.639B49CB4118510EB913085E107FFBEE] - 24/03/2014 - 23:13:45 ---A- . (...) -- C:\sh4_service.log [126]
O44 - LFC:[MD5.2AA44F890B275297F9FEE142538F3F1E] - 25/03/2014 - 00:13:02 ---A- . (...) -- C:\spyhunter.log [244] =>Crapware.SpyHunter
O44 - LFC:[MD5.E8756223476D56C2DEED2BD5DC8B635A] - 27/03/2014 - 21:55:25 ---A- . (...) -- C:\Windows\pvsw.log [420]
~ Files: 15 Legitimates Filtered in 00mn 05s
---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{015be36e-4ebe-11e2-92bd-c80aa9483031}\AutoRun\command. (...) -- G:\LGAutoRun.exe (.not file.)
O51 - MPSK:{687b8842-037c-11e3-8334-c80aa9483031}\AutoRun\command. (...) -- G:\WD SmartWare.exe (.not file.)
O51 - MPSK:{869dd076-4e34-11e3-af6c-c80aa9483031}\AutoRun\command. (...) -- G:\HTC_Sync_Manager_PC.exe (.not file.)
O51 - MPSK:{babe57cc-9d94-11e3-bb28-c80aa9483031}\AutoRun\command. (...) -- G:\HTC_Sync_Manager_PC.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Boxore Client [Key] . (...) -- C:\Program Files (x86)\Boxore\BoxoreClient\boxore.exe (.not file.) =>Adware.Boxore
O53 - SMSR:HKLM\...\startupreg\Iminent [Key] . (...) -- C:\Program Files (x86)\Iminent\Iminent.exe (.not file.) =>Adware.IMBooster
O53 - SMSR:HKLM\...\startupreg\IminentMessenger [Key] . (...) -- C:\Program Files (x86)\Iminent\Iminent.Messengers.exe (.not file.) =>Adware.IMBooster
O53 - SMSR:HKLM\...\startupreg\SweetIM [Key] . (...) -- C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (.not file.) =>PUP.SweetIM
~ SMSR Keys: 17 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.524C79054636D2E5751169005006460B] - 29/06/2009 - 19:17:00 ---A- . (.ENE TECHNOLOGY INC. - ENE CIR Driver for eHome(64).) -- C:\Windows\System32\Drivers\enecir.sys [70656]
O58 - SDL:[MD5.F59F2C574AA5D84477EB89F87C938F16] - 15/08/2012 - 16:03:33 ---A- . (...) -- C:\Windows\System32\Drivers\fsbts.sys [56016]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.07071C1E3CD8F0F9114AAC8B072CA1E5] - 29/04/2009 - 15:28:30 ---A- . (.Windows (R) Codename Longhorn DDK provider - KMWDFilter Driver from UASSOFT.COM.) -- C:\Windows\System32\Drivers\KMWDFILTER.sys [30208]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:[MD5.ED1722F43CE61409EF68340402D6267D] - 22/07/2009 - 02:33:32 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\Drivers\stwrt64.sys [487936]
O58 - SDL:[MD5.C9E9D59C0099A9FF51697E9306A44240] - 13/12/2012 - 13:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:[MD5.F87FBE8B104DF9C35CD52909B8D28A4A] - 01/09/2012 - 18:18:49 ---A- . (...) -- C:\Windows\SysWOW64\drivers\fsbts.sys [33408]
~ Drivers: 19 Legitimates Filtered in 00mn 02s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} [DefaultScope] - (Conduit Search) - http://www.trovigo.com =>Hijacker.Trovigo
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Claro Search) - http://www.claro-search.com =>PUP.ClaroSearch
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Claro Search) - http://www.claro-search.com =>PUP.ClaroSearch
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.0068E36270B517463B5F86A2F7BD113C] [SPRF][23/03/2014] (...) -- C:\Users\Véronique\AppData\Roaming\svc-qndv.exe [1133056]
[MD5.FB39A0031A248A1557E8531D872F82C7] [SPRF][03/05/2013] (...) -- C:\Users\Véronique\AppData\Roaming\wklnhst.dat [236]
[MD5.F067C1F60BD9405092DFF5C2DA6E6863] [SPRF][26/03/2014] (...) -- C:\Users\Véronique\Desktop\RogueKiller.exe [3945472]
~ Files: 6 Legitimates Filtered in 00mn 00s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{AF6CCCD7-D30F-4745-AFB7-55579EDB7427}" | In - Domain - P6 - TRUE | .(...) -- C:\PVSW\Bin\w3dbsmgr.exe
O87 - FAEL: "{DAFFFD8C-AD50-43CB-B18C-99007A55FCB5}" | In - Domain - P17 - TRUE | .(...) -- C:\PVSW\Bin\w3dbsmgr.exe
O87 - FAEL: "{393C4C11-9BAB-4C24-8B38-85B4786AC6D7}" | In - Private - P6 - TRUE | .(...) -- C:\PVSW\Bin\w3dbsmgr.exe
O87 - FAEL: "{0154EB2A-0F08-4459-BC52-2A2EBE9DE304}" | In - Private - P17 - TRUE | .(...) -- C:\PVSW\Bin\w3dbsmgr.exe
~ Firewall: 245 Legitimates Filtered in 00mn 01s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "5509804B864D4A546AABA531D87D51CF" . (.Bing Bar.) -- C:\Windows\Installer\{B4089055-D468-45A4-A6BA-5A138DD715FC}\icon_installer_ico =>Toolbar.Bing
O90 - PUC: "79407899D9A1CF9449F9CE4F89A6ABF1" . (.ForceDownload.) -- C:\Windows\Installer\{99870497-1A9D-49FC-949F-ECF4986ABA1F}\ARPPRODUCTICON.exe
~ Update Products: 162 Legitimates Filtered in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.2566E7833EC33D912A9FF5B24DF35BA7] [WIS][24/10/2013] (.EBP-AH - Installation légère de Pervasive.) -- C:\Windows\Installer\1756958.msi [300544]
[MD5.E91BB76CFE6A45E1ED56914C177371F2] [WIS][14/08/2012] (.Claro - ClaroInstaller.) -- C:\Windows\Installer\33bee7.msi [182272]
[MD5.E0FCC570AC41A5DA770E6E58486F1033] [WIS][14/11/2006] (.YLG - gestion verticale.) -- C:\Windows\Installer\34fa9.msi [257536]
[MD5.3AFCB14622560AB0BBE4539AA595B110] [WIS][22/04/2012] (.Babylon Ltd - BabylonObjectInstaller.) -- C:\Windows\Installer\51be75.msi [334848] =>PUP.Babylon
[MD5.B144B2E367FC30C5020085DABB617B82] [WIS][14/10/2012] (.SweetIM Technologies Ltd. - SweetIM for Messenger 3.7.) -- C:\Windows\Installer\695ffba.msi [3704832] =>PUP.SweetIM
[MD5.EDD21B7C504C7E3F36DE766B31BD3178] [WIS][14/10/2012] (.SweetIM Technologies Ltd. - SweetPacks Toolbar for Internet Explorer 4.0.) -- C:\Windows\Installer\695ffc1.msi [3304960] =>PUP.SweetIM
[MD5.B67811645C5A3B8E4E4B1A1DB1EE271C] [WIS][14/10/2012] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\695ffcf.msi [45056] =>Adware.Boxore
~ WIS: 173 Legitimates Filtered in 00mn 20s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 20/03/2009 357182 | (.EsetTrialReset) . (...) - C:\Windows\reset.exe
SS - | Disabled 02/03/2009 89600 | (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
SS - | Auto 21/10/2011 196176 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.exe
SS - | Disabled 25/02/2010 227896 | (Com4QLBEx) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
SS - | Disabled 19/12/2006 94208 | (EpsonBidirectionalService) . (.SEIKO EPSON CORPORATION.) - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
SS - | Disabled 18/11/2009 221608 | (F-Secure Gatekeeper Handler Starter) . (.F-Secure Corporation.) - C:\Program Files (x86)\Pack Sérénité\Sécurité\Anti-Virus\fsgk32st.exe
SS - | Disabled 18/11/2009 846248 | (FSDFWD) . (.F-Secure Corporation.) - C:\Program Files (x86)\Pack Sérénité\Sécurité\FWES\Program\fsdfwd.exe
SS - | Disabled 18/11/2009 188840 | (FSMA) . (.F-Secure Corporation.) - C:\Program Files (x86)\Pack Sérénité\Sécurité\Common\FSMA32.exe
SS - | Disabled 01/09/2012 61088 | (FSORSPClient) . (.F-Secure Corporation.) - C:\Program Files (x86)\Pack Sérénité\Sécurité\ORSP Client\fsorsp.exe
SS - | Disabled 06/06/2009 250616 | (GameConsoleService) . (.WildTangent, Inc..) - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
SS - | Disabled 21/08/2010 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Disabled 21/08/2010 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Disabled 14/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Disabled 24/03/2010 121344 | (HP Health Check Service) . (.Hewlett-Packard.) - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
SS - | Disabled 30/04/2009 229944 | (hpqwmiex) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
SS - | Disabled 08/07/2009 30520 | (hpsrv) . (.Hewlett-Packard.) - C:\Windows\System32\Hpservice.exe
SS - | Disabled 20/08/2009 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
SS - | Disabled 14/07/2012 113120 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Disabled 06/07/2009 247152 | (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Disabled 06/10/2009 296360 | (TVCapSvc) . (...) - c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe
SS - | Disabled 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Disabled 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 05/08/2009 203264 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 12/02/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 13/10/2011 249648 | (BBUpdate) . (.Microsoft Corporation.) - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 07/12/2006 32768 | (EBP Pervasive.SQL) . (...) - C:\PVSW\Bin\WGE_SRV.exe
SR - | Auto 29/11/2012 395776 | (EPSON_Device_Control_Log_Service) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\epson\portcommunicationservice\DeviceControlLog.exe
SR - | Auto 29/11/2012 586240 | (EPSON_Port_Communication_Service) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\epson\portcommunicationservice\PCSVC.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\ezsvc7.dll (ezSharedSvc) . (.EasyBits Sofware AS.) - C:\Windows\System32\svchost.exe
SR - | Demand 21/02/2014 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 23/10/2013 23808 | (MsMpSvc) . (.Microsoft Corporation.) - c:\Program Files\Microsoft Security Client\MsMpEng.exe
SR - | Auto 22/07/2009 240128 | (STacSV) . (.IDT, Inc..) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe
SR - | Auto 25/03/2014 4971840 | (TeamViewer9) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
SR - | Auto 13/11/2009 92008 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2_vm409\TomTomHOMEService.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
~ Services: Scanned in 00mn 22s
---\\ Scan Additionnel (O88)
Database Version : 13031 - (26/03/2014)
Clés trouvées (Keys found) : 95
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 5
Fichiers trouvés (Files found) : 5
[HKLM\Software\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok] =>Adware.PriceGong^
[HKLM\Software\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb] =>PUP.Babylon^
[HKLM\Software\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn] =>PUP.SweetIM^
[HKLM\Software\Google\Chrome\Extensions\lmblfngognklgemafekefcdjcnkdhmdm] =>Adware.2YourFace^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Boxore Client] =>Adware.Boxore^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Iminent] =>Adware.IMBooster^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\IminentMessenger] =>Adware.IMBooster^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SweetIM] =>PUP.SweetIM^
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011441179}] =>Adware.GamePlayLabs
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B4089055-D468-45A4-A6BA-5A138DD715FC}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160] =>Adware.PredictAd
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\BA086F2D38A8E1A47912955A68B3AD24] =>Adware.PredictAd
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Classes\Installer\Features\547B38670606DF14AA57B0BB83F3AE4D] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\547B38670606DF14AA57B0BB83F3AE4D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\547B38670606DF14AA57B0BB83F3AE4D] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Installer\Features\547B38670606DF14AA57B0BB83F3AE4D] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Installer\Products\547B38670606DF14AA57B0BB83F3AE4D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Features\F092B960893592640A90584BCB4B1B9B] =>PUP.ClaroSearch
[HKLM\Software\Classes\Installer\Products\F092B960893592640A90584BCB4B1B9B] =>PUP.ClaroSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F092B960893592640A90584BCB4B1B9B] =>PUP.ClaroSearch
[HKLM\Software\Wow6432Node\Classes\Installer\Features\F092B960893592640A90584BCB4B1B9B] =>PUP.ClaroSearch
[HKLM\Software\Wow6432Node\Classes\Installer\Products\F092B960893592640A90584BCB4B1B9B] =>PUP.ClaroSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193] =>PUP.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1EAD96AE2CB1DE84BAA9425A8CCA0817] =>Adware.Boxore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
C:\Users\Véronique\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok =>Adware.PriceGong^
C:\Users\Véronique\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb =>PUP.Babylon^
C:\Users\Véronique\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn =>PUP.SweetIM^
C:\Users\Véronique\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmblfngognklgemafekefcdjcnkdhmdm =>Adware.2YourFace^
C:\Users\Véronique\AppData\Local\Software =>Adware.Boxore
[HKLM\Software\Wow6432Node\linkular] =>PUP.Linkular^
C:\Windows\Installer\51be75.msi =>PUP.Babylon^
C:\Windows\Installer\695ffba.msi =>PUP.SweetIM^
C:\Windows\Installer\695ffc1.msi =>PUP.SweetIM^
C:\Windows\Installer\695ffcf.msi =>Adware.Boxore^
~ Additionnel Scan: 437715 Items scanned in 00mn 24s
---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.webs.com/apps/blog/show/26666995-adware-pricegong =>Adware.PriceGong
http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
http://nicolascoolman.webs.com/apps/blog/show/26593722-adware-2yourface =>Adware.2YourFace
http://nicolascoolman.webs.com/apps/blog/show/27480243-adware-socialskinz =>Adware.SocialSkinz
http://nicolascoolman.webs.com/apps/blog/show/29758660-pup-softwareengine =>PUP.SoftwareEngine
http://nicolascoolman.webs.com/apps/blog/show/26609241-crapware-spyhunter =>Crapware.SpyHunter
http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
http://nicolascoolman.webs.com/apps/blog/show/41751631-hijacker-trovigo =>Hijacker.Trovigo
http://nicolascoolman.webs.com/apps/blog/show/27563212-pup-clarosearch =>PUP.ClaroSearch
http://nicolascoolman.webs.com/apps/blog/show/26820943-adware-gameplaylabs =>Adware.GamePlayLabs
http://nicolascoolman.webs.com/apps/blog/show/27229962-adware-predictad =>Adware.PredictAd
http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma
~ MSI: 14 link(s) detected in 00mn 00s
~ 1380 Legitimates filtered by white list
End of the scan (628 lines in 02mn 54s)(0)
Trop pour le Ccleaner. J'attends tes consignes.
Merci.
~ Rapport de ZHPDiag v2014.3.26.33 - Nicolas Coolman (26/03/2014)
~ Lancé par Véronique (27/03/2014 22:57:15)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16521
MFIE: Mozilla Firefox 14.0.1
GCIE: Google Chrome v23.0.1271.97 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 3Q6C9
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
Sécurité
Microsoft Security Client v4.4.0304.0
Windows Defender W7
---\\ Logiciels d'optimisation du système
CCleaner v4.11 =>.Piriform Ltd
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader XI
---\\ Informations sur le système
~ Processor: AMD64 Family 16 Model 6 Stepping 2, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4092.2 MB (53% free)
System Restore: Activé (Enable)
System drive C: has 364 GB (80%) free of 452 GB
---\\ Mode de connexion au système
~ Computer Name: VÉRONIQUE-PC
~ User Name: Véronique
~ All Users Names: Véronique, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Véronique\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Véronique\AppData\Roaming\
~ %Desktop% : C:\Users\Véronique\Desktop\
~ %Favorites% : C:\Users\Véronique\Favorites\
~ %LocalAppData% : C:\Users\Véronique\AppData\Local\
~ %StartMenu% : C:\Users\Véronique\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 364 Go of 452 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 14 Go)
E: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
F: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 49 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.DF79CE9B950C62677D232154E93A81C7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.01/03/2014 - 04:10:28.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/48
~ Mes musiques (My Musics) : 17/202
~ Mes Videos (My Videos) : 2/20
~ Mes Favoris (My Favorites) : 1/82
~ Mes Documents (My Documents) : 2/9731
~ Mon Bureau (My Desktop) : 3/500
~ Menu demarrer (Programs) : 1/28
~ Hidden Files: Scanned in 00mn 06s
---\\ Processus lancés
[MD5.E5F5EB723FEC70FFEC5D88D31BECEF4F] - (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe [12916544] [PID.3480]
[MD5.49AD8709B96741F9C3C5A98CBBAB0777] - (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2_vm409\TomTomHOMERunner.exe [247144] [PID.3428]
[MD5.8F89E6CB82E6DB45BC993D423CD0FDBD] - (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe [323640] [PID.4016]
[MD5.5516C26A6AF8EB4E2CAB48EC98A74398] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe [54576] [PID.4076]
[MD5.79C28DDF889C26FDD6162F796FD49BC4] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.3380]
[MD5.C6331D11F80B3AFFD91A9B3858E00F23] - (.CyberLink - CyberLink MediaLibray Service.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [210216] [PID.4672]
[MD5.1CE55AE7E57826457FD56EB3C50E4E54] - (.CyberLink Corp. - HP MediaSmart TV Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe [415016] [PID.4680]
[MD5.3A3BEA53F039CE2E997A918E26E30B1D] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe [808152] [PID.8808]
[MD5.51B4461F32E67D4F5C57B0C89E4BCA48] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8177664] [PID.10528]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1692]
[MD5.221564CC7BE37611FE15EACF443E1BF6] - (.Apple Inc. - YSLoader.exe.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336] [PID.1744]
[MD5.B6BDD8A9A69758481B7AD78CCBF96B7E] - (...) -- C:\PVSW\Bin\WGE_SRV.exe [32768] [PID.1940]
[MD5.ED3EF8E2323B4F66AC2C56675CA9DA26] - (...) -- C:\PVSW\BIN\W3dbsmgr.exe [106546] [PID.2028]
[MD5.E849218177EC8F7541EC3FAA693EE21A] - (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [4971840] [PID.2208]
[MD5.FBD16717FD68B206C4CE3BB3C9EE5CB3] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2_vm409\TomTomHOMEService.exe [92008] [PID.2348]
[MD5.F02A533F517EB38333CB12A9E8963773] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176] [PID.2940]
[MD5.55C6E745C8F4A58A96FA173F47B43751] - (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe [238400] [PID.3688]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Véronique\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [bkomkajifikmkfnjgphkjcfeepbnojok] PriceGong v.5.5.4 (Désactivé) =>Adware.PriceGong
G2 - GCE: Preference [User Data\Default] [dhkplhfnhceodhffomolpfigojocbpcb] Babylon Toolbar v.1.5 (Désactivé) =>PUP.Babylon
G2 - GCE: Preference [User Data\Default] [jcdgjdiieiljkfkdcloehkohchhpekkn] SweetIM for Facebook v.1.0.0.0 (Activé) =>PUP.SweetIM
G2 - GCE: Preference [User Data\Default] [lmblfngognklgemafekefcdjcnkdhmdm] 2YourFace v.1.0 (Activé) =>Adware.2YourFace
---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 8 Legitimates Filtered in 00mn 06s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Véronique\AppData\Roaming\Mozilla\Firefox\Profiles\out9gvzz.default\prefs.js
~ Firefox Browser: 9 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main,Start Page = http://allssearch.com =>Adware.SocialSkinz
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
~ IE Browser: 21 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: TBSB02902 [64Bits] - {57B23DC7-72DF-4608-8A02-3FABA57F90F6} . (.Pas de propriétaire - IE Toolbar Engine.) -- C:\Program Files (x86)\Mon Achat Malin MAE\tbcore3.dll
~ BHO: 9 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll =>Toolbar.Google
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{17742D34-6B6A-4527-B7E5-F628B0232DEC} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: EPSON Scan.lnk . (.SEIKO EPSON CORP. - EPSON Scan.) -- C:\Windows\twain_32\escndv\escndv.exe
O4 - GS\Desktop [Public]: TVO.lnk . (...) -- C:\TVO\TVO.exe
O4 - GS\Program [Public]: Magic Desktop.lnk . (.EasyBits Software AS - EasyBits Security Shield.) -- C:\Program Files (x86)\EasyBits For Kids\ezSecShield.exe =>.EasyBits Software AS
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [Véronique]: Fastest YouTube Downloader to MP3 Converter.lnk . (...) -- C:\Program Files (x86)\Fastest Free YouTube Downloader\FastestFreeYouTubeDownloader.exe =>PUP.SoftwareEngine
O4 - GS\QuickLaunch [Véronique]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Véronique]: Jouer à HP Games.lnk . (.WildTangent, Inc. - GameConsole.) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsole-wt.exe
O4 - GS\QuickLaunch [Véronique]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Véronique]: HPAdvisor.lnk . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - GS\TaskBar [Véronique]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [Véronique]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Véronique]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Véronique]: Mes documents.lnk . (...) -- C:\Users\Véronique\Documents
O4 - GS\Desktop [Véronique]: Mon magasin.lnk . (...) -- C:\Users\Véronique\AppData\Roaming\Microsoft\Installer\{82F43402-9C3C-11D4-85F7-00E846C11307}\_20416e07.exe
O4 - GS\Desktop [Véronique]: VLC.lnk . (...) -- C:\Program Files (x86)\VlcPlus\vlc\vlc.exe
~ Global Startup: 65 Legitimates Filtered in 00mn 01s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: Select a coupon.lnk . (.Seiko Epson Corporation - Select a coupon.) -- C:\Program Files\EPSON\TMCommandEmulator\PopupWindow.exe
O4 - GS\Startup [Public]: TM-T20 Utility(Automatic Restore).lnk . (.SEIKO EPSON CORPORATION - Automatic Restore.) -- C:\Program Files (x86)\EPSON\TM-T20 Software\TM20UTL\TMRESTOREAPP.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe
O4 - HKLM\..\Run: [SmartMenu] . (.Pas de propriétaire - SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKCU\..\Run: [EPSON SX510W Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIE.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [Epson Stylus SX510W(Réseau)] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIE.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2_vm409\TomTomHOMERunner.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [HPCam_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [QlbCtrl.exe] . (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [WirelessAssistant] . (.Hewlett-Packard Company - HP Wireless Assistant Main Program.) -- C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2238822718-3437897180-3203888196-1001\..\Run: [EPSON SX510W Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIE.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-2238822718-3437897180-3203888196-1001\..\Run: [Epson Stylus SX510W(Réseau)] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIE.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-2238822718-3437897180-3203888196-1001\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2_vm409\TomTomHOMERunner.exe
~ Application: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{B47DA07D-BD88-4F85-AF0E-E1B80A7B28AC}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{B47DA07D-BD88-4F85-AF0E-E1B80A7B28AC}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{B47DA07D-BD88-4F85-AF0E-E1B80A7B28AC}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Eset Trial Reset (.EsetTrialReset) . (...) - C:\Windows\reset.exe
O23 - Service: EBP Pervasive.SQL (EBP Pervasive.SQL) . (...) - C:\PVSW\Bin\WGE_SRV.exe
~ Services: 12 Legitimates Filtered in 00mn 07s
---\\ Tâches planifiées en automatique (O39)
[MD5.25679C23DC638D0BF0C6C8796E0ABE61] [APT] [Scheduled scanning task] (...) -- C:\Program Files (x86)\PACKSR~1\SCURIT~1\ANTI-V~1\fsav.exe [215976]
~ Scheduled Task: 23 Legitimates Filtered in 00mn 02s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (fsvista) . (...) - C:\Program Files (x86)\Pack Sérénité\Sécurité\Anti-Virus\minifilter\fsvista.sys
~ Drivers: 75 Legitimates Filtered in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: MonMagasin - (.MonMagasin AccèsInfo.) [HKLM][64Bits] -- {82F43402-9C3C-11D4-85F7-00E846C11307}
O42 - Logiciel: Sécurité - (...) [HKLM][64Bits] -- F-Secure Product 440
~ Logic: 48 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\IncrediMail]
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\linkular] =>PUP.Linkular
~ Key Software: 435 Legitimates Filtered in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 12/01/2014 - 22:03:52 - [16.171] ----D C:\Program Files (x86)\AccesInf
O43 - CFD: 28/01/2013 - 20:57:32 - [0] ----D C:\Program Files (x86)\GUMD4A4.tmp
O43 - CFD: 22/01/2014 - 20:30:14 - [0] ----D C:\Program Files (x86)\PrintManagementTool
O43 - CFD: 02/12/2011 - 22:02:51 - [0.000] ----D C:\ProgramData\IM
O43 - CFD: 02/12/2011 - 22:01:31 - [0.012] ----D C:\ProgramData\IncrediMail
O43 - CFD: 24/10/2013 - 16:00:22 - [11.126] --H-D C:\ProgramData\{4080BB99-B291-4567-9D10-F6DB31570214}
O43 - CFD: 24/03/2010 - 01:43:25 - [20.406] ----D C:\ProgramData\{44AFD825-9603-4521-9447-A6E1C5CA2F3D}
O43 - CFD: 23/04/2013 - 20:20:57 - [0.170] ----D C:\Users\Véronique\AppData\Roaming\Kaodz
O43 - CFD: 21/05/2013 - 17:58:12 - [6.111] ----D C:\Users\Véronique\AppData\Roaming\Nesa
O43 - CFD: 23/04/2013 - 20:20:57 - [0.289] ----D C:\Users\Véronique\AppData\Roaming\Opnouq
O43 - CFD: 02/05/2013 - 19:14:10 - [0.289] ----D C:\Users\Véronique\AppData\Roaming\Tiuhuw
O43 - CFD: 02/05/2013 - 19:14:10 - [0] ----D C:\Users\Véronique\AppData\Roaming\Weasi
O43 - CFD: 02/05/2013 - 19:14:10 - [0] ----D C:\Users\Véronique\AppData\Roaming\Ymvaov
O43 - CFD: 02/12/2011 - 22:04:16 - [8.484] ----D C:\Users\Véronique\AppData\Local\IM
~ Program Folder: 229 Legitimates Filtered in 01mn 08s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.D07138915E1B489BA08D2DBDFF441A60] - 24/03/2014 - 23:09:46 ---A- . (...) -- C:\shldr [285747]
O44 - LFC:[MD5.025926B83A938B5215F3C1DCC882F21C] - 24/03/2014 - 23:09:46 ---A- . (...) -- C:\shldr.mbr [8192]
O44 - LFC:[MD5.639B49CB4118510EB913085E107FFBEE] - 24/03/2014 - 23:13:45 ---A- . (...) -- C:\sh4_service.log [126]
O44 - LFC:[MD5.2AA44F890B275297F9FEE142538F3F1E] - 25/03/2014 - 00:13:02 ---A- . (...) -- C:\spyhunter.log [244] =>Crapware.SpyHunter
O44 - LFC:[MD5.E8756223476D56C2DEED2BD5DC8B635A] - 27/03/2014 - 21:55:25 ---A- . (...) -- C:\Windows\pvsw.log [420]
~ Files: 15 Legitimates Filtered in 00mn 05s
---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{015be36e-4ebe-11e2-92bd-c80aa9483031}\AutoRun\command. (...) -- G:\LGAutoRun.exe (.not file.)
O51 - MPSK:{687b8842-037c-11e3-8334-c80aa9483031}\AutoRun\command. (...) -- G:\WD SmartWare.exe (.not file.)
O51 - MPSK:{869dd076-4e34-11e3-af6c-c80aa9483031}\AutoRun\command. (...) -- G:\HTC_Sync_Manager_PC.exe (.not file.)
O51 - MPSK:{babe57cc-9d94-11e3-bb28-c80aa9483031}\AutoRun\command. (...) -- G:\HTC_Sync_Manager_PC.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Boxore Client [Key] . (...) -- C:\Program Files (x86)\Boxore\BoxoreClient\boxore.exe (.not file.) =>Adware.Boxore
O53 - SMSR:HKLM\...\startupreg\Iminent [Key] . (...) -- C:\Program Files (x86)\Iminent\Iminent.exe (.not file.) =>Adware.IMBooster
O53 - SMSR:HKLM\...\startupreg\IminentMessenger [Key] . (...) -- C:\Program Files (x86)\Iminent\Iminent.Messengers.exe (.not file.) =>Adware.IMBooster
O53 - SMSR:HKLM\...\startupreg\SweetIM [Key] . (...) -- C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (.not file.) =>PUP.SweetIM
~ SMSR Keys: 17 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.524C79054636D2E5751169005006460B] - 29/06/2009 - 19:17:00 ---A- . (.ENE TECHNOLOGY INC. - ENE CIR Driver for eHome(64).) -- C:\Windows\System32\Drivers\enecir.sys [70656]
O58 - SDL:[MD5.F59F2C574AA5D84477EB89F87C938F16] - 15/08/2012 - 16:03:33 ---A- . (...) -- C:\Windows\System32\Drivers\fsbts.sys [56016]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.07071C1E3CD8F0F9114AAC8B072CA1E5] - 29/04/2009 - 15:28:30 ---A- . (.Windows (R) Codename Longhorn DDK provider - KMWDFilter Driver from UASSOFT.COM.) -- C:\Windows\System32\Drivers\KMWDFILTER.sys [30208]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:[MD5.ED1722F43CE61409EF68340402D6267D] - 22/07/2009 - 02:33:32 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\Drivers\stwrt64.sys [487936]
O58 - SDL:[MD5.C9E9D59C0099A9FF51697E9306A44240] - 13/12/2012 - 13:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:[MD5.F87FBE8B104DF9C35CD52909B8D28A4A] - 01/09/2012 - 18:18:49 ---A- . (...) -- C:\Windows\SysWOW64\drivers\fsbts.sys [33408]
~ Drivers: 19 Legitimates Filtered in 00mn 02s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} [DefaultScope] - (Conduit Search) - http://www.trovigo.com =>Hijacker.Trovigo
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Claro Search) - http://www.claro-search.com =>PUP.ClaroSearch
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Claro Search) - http://www.claro-search.com =>PUP.ClaroSearch
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.0068E36270B517463B5F86A2F7BD113C] [SPRF][23/03/2014] (...) -- C:\Users\Véronique\AppData\Roaming\svc-qndv.exe [1133056]
[MD5.FB39A0031A248A1557E8531D872F82C7] [SPRF][03/05/2013] (...) -- C:\Users\Véronique\AppData\Roaming\wklnhst.dat [236]
[MD5.F067C1F60BD9405092DFF5C2DA6E6863] [SPRF][26/03/2014] (...) -- C:\Users\Véronique\Desktop\RogueKiller.exe [3945472]
~ Files: 6 Legitimates Filtered in 00mn 00s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{AF6CCCD7-D30F-4745-AFB7-55579EDB7427}" | In - Domain - P6 - TRUE | .(...) -- C:\PVSW\Bin\w3dbsmgr.exe
O87 - FAEL: "{DAFFFD8C-AD50-43CB-B18C-99007A55FCB5}" | In - Domain - P17 - TRUE | .(...) -- C:\PVSW\Bin\w3dbsmgr.exe
O87 - FAEL: "{393C4C11-9BAB-4C24-8B38-85B4786AC6D7}" | In - Private - P6 - TRUE | .(...) -- C:\PVSW\Bin\w3dbsmgr.exe
O87 - FAEL: "{0154EB2A-0F08-4459-BC52-2A2EBE9DE304}" | In - Private - P17 - TRUE | .(...) -- C:\PVSW\Bin\w3dbsmgr.exe
~ Firewall: 245 Legitimates Filtered in 00mn 01s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "5509804B864D4A546AABA531D87D51CF" . (.Bing Bar.) -- C:\Windows\Installer\{B4089055-D468-45A4-A6BA-5A138DD715FC}\icon_installer_ico =>Toolbar.Bing
O90 - PUC: "79407899D9A1CF9449F9CE4F89A6ABF1" . (.ForceDownload.) -- C:\Windows\Installer\{99870497-1A9D-49FC-949F-ECF4986ABA1F}\ARPPRODUCTICON.exe
~ Update Products: 162 Legitimates Filtered in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.2566E7833EC33D912A9FF5B24DF35BA7] [WIS][24/10/2013] (.EBP-AH - Installation légère de Pervasive.) -- C:\Windows\Installer\1756958.msi [300544]
[MD5.E91BB76CFE6A45E1ED56914C177371F2] [WIS][14/08/2012] (.Claro - ClaroInstaller.) -- C:\Windows\Installer\33bee7.msi [182272]
[MD5.E0FCC570AC41A5DA770E6E58486F1033] [WIS][14/11/2006] (.YLG - gestion verticale.) -- C:\Windows\Installer\34fa9.msi [257536]
[MD5.3AFCB14622560AB0BBE4539AA595B110] [WIS][22/04/2012] (.Babylon Ltd - BabylonObjectInstaller.) -- C:\Windows\Installer\51be75.msi [334848] =>PUP.Babylon
[MD5.B144B2E367FC30C5020085DABB617B82] [WIS][14/10/2012] (.SweetIM Technologies Ltd. - SweetIM for Messenger 3.7.) -- C:\Windows\Installer\695ffba.msi [3704832] =>PUP.SweetIM
[MD5.EDD21B7C504C7E3F36DE766B31BD3178] [WIS][14/10/2012] (.SweetIM Technologies Ltd. - SweetPacks Toolbar for Internet Explorer 4.0.) -- C:\Windows\Installer\695ffc1.msi [3304960] =>PUP.SweetIM
[MD5.B67811645C5A3B8E4E4B1A1DB1EE271C] [WIS][14/10/2012] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\695ffcf.msi [45056] =>Adware.Boxore
~ WIS: 173 Legitimates Filtered in 00mn 20s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 20/03/2009 357182 | (.EsetTrialReset) . (...) - C:\Windows\reset.exe
SS - | Disabled 02/03/2009 89600 | (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
SS - | Auto 21/10/2011 196176 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.exe
SS - | Disabled 25/02/2010 227896 | (Com4QLBEx) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
SS - | Disabled 19/12/2006 94208 | (EpsonBidirectionalService) . (.SEIKO EPSON CORPORATION.) - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
SS - | Disabled 18/11/2009 221608 | (F-Secure Gatekeeper Handler Starter) . (.F-Secure Corporation.) - C:\Program Files (x86)\Pack Sérénité\Sécurité\Anti-Virus\fsgk32st.exe
SS - | Disabled 18/11/2009 846248 | (FSDFWD) . (.F-Secure Corporation.) - C:\Program Files (x86)\Pack Sérénité\Sécurité\FWES\Program\fsdfwd.exe
SS - | Disabled 18/11/2009 188840 | (FSMA) . (.F-Secure Corporation.) - C:\Program Files (x86)\Pack Sérénité\Sécurité\Common\FSMA32.exe
SS - | Disabled 01/09/2012 61088 | (FSORSPClient) . (.F-Secure Corporation.) - C:\Program Files (x86)\Pack Sérénité\Sécurité\ORSP Client\fsorsp.exe
SS - | Disabled 06/06/2009 250616 | (GameConsoleService) . (.WildTangent, Inc..) - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
SS - | Disabled 21/08/2010 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Disabled 21/08/2010 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Disabled 14/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Disabled 24/03/2010 121344 | (HP Health Check Service) . (.Hewlett-Packard.) - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
SS - | Disabled 30/04/2009 229944 | (hpqwmiex) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
SS - | Disabled 08/07/2009 30520 | (hpsrv) . (.Hewlett-Packard.) - C:\Windows\System32\Hpservice.exe
SS - | Disabled 20/08/2009 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
SS - | Disabled 14/07/2012 113120 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Disabled 06/07/2009 247152 | (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Disabled 06/10/2009 296360 | (TVCapSvc) . (...) - c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe
SS - | Disabled 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Disabled 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 05/08/2009 203264 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 12/02/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 13/10/2011 249648 | (BBUpdate) . (.Microsoft Corporation.) - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 07/12/2006 32768 | (EBP Pervasive.SQL) . (...) - C:\PVSW\Bin\WGE_SRV.exe
SR - | Auto 29/11/2012 395776 | (EPSON_Device_Control_Log_Service) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\epson\portcommunicationservice\DeviceControlLog.exe
SR - | Auto 29/11/2012 586240 | (EPSON_Port_Communication_Service) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\epson\portcommunicationservice\PCSVC.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\ezsvc7.dll (ezSharedSvc) . (.EasyBits Sofware AS.) - C:\Windows\System32\svchost.exe
SR - | Demand 21/02/2014 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 23/10/2013 23808 | (MsMpSvc) . (.Microsoft Corporation.) - c:\Program Files\Microsoft Security Client\MsMpEng.exe
SR - | Auto 22/07/2009 240128 | (STacSV) . (.IDT, Inc..) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe
SR - | Auto 25/03/2014 4971840 | (TeamViewer9) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
SR - | Auto 13/11/2009 92008 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2_vm409\TomTomHOMEService.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
~ Services: Scanned in 00mn 22s
---\\ Scan Additionnel (O88)
Database Version : 13031 - (26/03/2014)
Clés trouvées (Keys found) : 95
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 5
Fichiers trouvés (Files found) : 5
[HKLM\Software\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok] =>Adware.PriceGong^
[HKLM\Software\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb] =>PUP.Babylon^
[HKLM\Software\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn] =>PUP.SweetIM^
[HKLM\Software\Google\Chrome\Extensions\lmblfngognklgemafekefcdjcnkdhmdm] =>Adware.2YourFace^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Boxore Client] =>Adware.Boxore^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Iminent] =>Adware.IMBooster^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\IminentMessenger] =>Adware.IMBooster^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SweetIM] =>PUP.SweetIM^
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011441179}] =>Adware.GamePlayLabs
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B4089055-D468-45A4-A6BA-5A138DD715FC}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160] =>Adware.PredictAd
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\BA086F2D38A8E1A47912955A68B3AD24] =>Adware.PredictAd
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Classes\Installer\Features\547B38670606DF14AA57B0BB83F3AE4D] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\547B38670606DF14AA57B0BB83F3AE4D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\547B38670606DF14AA57B0BB83F3AE4D] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Installer\Features\547B38670606DF14AA57B0BB83F3AE4D] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Installer\Products\547B38670606DF14AA57B0BB83F3AE4D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Features\F092B960893592640A90584BCB4B1B9B] =>PUP.ClaroSearch
[HKLM\Software\Classes\Installer\Products\F092B960893592640A90584BCB4B1B9B] =>PUP.ClaroSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F092B960893592640A90584BCB4B1B9B] =>PUP.ClaroSearch
[HKLM\Software\Wow6432Node\Classes\Installer\Features\F092B960893592640A90584BCB4B1B9B] =>PUP.ClaroSearch
[HKLM\Software\Wow6432Node\Classes\Installer\Products\F092B960893592640A90584BCB4B1B9B] =>PUP.ClaroSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193] =>PUP.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1EAD96AE2CB1DE84BAA9425A8CCA0817] =>Adware.Boxore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
C:\Users\Véronique\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok =>Adware.PriceGong^
C:\Users\Véronique\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb =>PUP.Babylon^
C:\Users\Véronique\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn =>PUP.SweetIM^
C:\Users\Véronique\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmblfngognklgemafekefcdjcnkdhmdm =>Adware.2YourFace^
C:\Users\Véronique\AppData\Local\Software =>Adware.Boxore
[HKLM\Software\Wow6432Node\linkular] =>PUP.Linkular^
C:\Windows\Installer\51be75.msi =>PUP.Babylon^
C:\Windows\Installer\695ffba.msi =>PUP.SweetIM^
C:\Windows\Installer\695ffc1.msi =>PUP.SweetIM^
C:\Windows\Installer\695ffcf.msi =>Adware.Boxore^
~ Additionnel Scan: 437715 Items scanned in 00mn 24s
---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.webs.com/apps/blog/show/26666995-adware-pricegong =>Adware.PriceGong
http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
http://nicolascoolman.webs.com/apps/blog/show/26593722-adware-2yourface =>Adware.2YourFace
http://nicolascoolman.webs.com/apps/blog/show/27480243-adware-socialskinz =>Adware.SocialSkinz
http://nicolascoolman.webs.com/apps/blog/show/29758660-pup-softwareengine =>PUP.SoftwareEngine
http://nicolascoolman.webs.com/apps/blog/show/26609241-crapware-spyhunter =>Crapware.SpyHunter
http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
http://nicolascoolman.webs.com/apps/blog/show/41751631-hijacker-trovigo =>Hijacker.Trovigo
http://nicolascoolman.webs.com/apps/blog/show/27563212-pup-clarosearch =>PUP.ClaroSearch
http://nicolascoolman.webs.com/apps/blog/show/26820943-adware-gameplaylabs =>Adware.GamePlayLabs
http://nicolascoolman.webs.com/apps/blog/show/27229962-adware-predictad =>Adware.PredictAd
http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma
~ MSI: 14 link(s) detected in 00mn 00s
~ 1380 Legitimates filtered by white list
End of the scan (628 lines in 02mn 54s)(0)
Trop pour le Ccleaner. J'attends tes consignes.
Merci.
sherred
Messages postés
8346
Date d'inscription
samedi 26 janvier 2008
Statut
Membre
Dernière intervention
25 mars 2024
350
28 mars 2014 à 06:42
28 mars 2014 à 06:42
141 malwares ? bonne chance a Lilidurhone , enfin rien de bien grave
mais je te conseille de changer d'anti virus
mais je te conseille de changer d'anti virus
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 806
28 mars 2014 à 06:44
28 mars 2014 à 06:44
Sherred
Ça c'est rien ;)
Le pire c'est qu'elle a 2 antivirus
Ça c'est rien ;)
Le pire c'est qu'elle a 2 antivirus
sherred
Messages postés
8346
Date d'inscription
samedi 26 janvier 2008
Statut
Membre
Dernière intervention
25 mars 2024
350
28 mars 2014 à 12:59
28 mars 2014 à 12:59
tiens j avais pas vu
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 806
28 mars 2014 à 06:36
28 mars 2014 à 06:36
Tu as 2 antivirus!
Passe adwcleaner
https://www.commentcamarche.net/telecharger/securite/2759-adwcleaner/
Passe adwcleaner
https://www.commentcamarche.net/telecharger/securite/2759-adwcleaner/
Bonjour,
Surprise de constater que j'ai 2 antivirus.
Ci-dessous le rapport d'AdwCleaner :
# AdwCleaner v3.022 - Rapport créé le 28/03/2014 à 19:00:37
# Mis à jour le 13/03/2014 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Véronique - VÉRONIQUE-PC
# Exécuté depuis : C:\Users\Véronique\Downloads\adwcleaner.exe
# Option : Scanner
***** [ Services ] *****
***** [ Fichiers / Dossiers ] *****
Dossier Présent C:\Users\Véronique\AppData\Local\PackageAware
Dossier Présent C:\Users\Véronique\AppData\Roaming\Systweak
Fichier Présent : C:\Windows\System32\roboot64.exe
***** [ Raccourcis ] *****
***** [ Registre ] *****
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Clé Présente : HKCU\Software\systweak
Clé Présente : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Clé Présente : [x64] HKCU\Software\systweak
Clé Présente : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Clé Présente : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Clé Présente : HKLM\Software\Classes\Installer\Features\547B38670606DF14AA57B0BB83F3AE4D
Clé Présente : HKLM\Software\Classes\Installer\Products\547B38670606DF14AA57B0BB83F3AE4D
Clé Présente : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
***** [ Navigateurs ] *****
-\\ Internet Explorer v11.0.9600.16521
-\\ Mozilla Firefox v14.0.1 (fr)
[ Fichier : C:\Users\Véronique\AppData\Roaming\Mozilla\Firefox\Profiles\out9gvzz.default\prefs.js ]
-\\ Google Chrome v23.0.1271.97
[ Fichier : C:\Users\Véronique\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [44957 octets] - [09/11/2013 23:05:16]
AdwCleaner[R1].txt - [1597 octets] - [23/01/2014 22:50:46]
AdwCleaner[R2].txt - [1862 octets] - [28/03/2014 19:00:37]
AdwCleaner[S0].txt - [44263 octets] - [09/11/2013 23:07:06]
AdwCleaner[S1].txt - [1662 octets] - [23/01/2014 22:51:53]
########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [2043 octets] ##########
Surprise de constater que j'ai 2 antivirus.
Ci-dessous le rapport d'AdwCleaner :
# AdwCleaner v3.022 - Rapport créé le 28/03/2014 à 19:00:37
# Mis à jour le 13/03/2014 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Véronique - VÉRONIQUE-PC
# Exécuté depuis : C:\Users\Véronique\Downloads\adwcleaner.exe
# Option : Scanner
***** [ Services ] *****
***** [ Fichiers / Dossiers ] *****
Dossier Présent C:\Users\Véronique\AppData\Local\PackageAware
Dossier Présent C:\Users\Véronique\AppData\Roaming\Systweak
Fichier Présent : C:\Windows\System32\roboot64.exe
***** [ Raccourcis ] *****
***** [ Registre ] *****
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Clé Présente : HKCU\Software\systweak
Clé Présente : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Clé Présente : [x64] HKCU\Software\systweak
Clé Présente : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Clé Présente : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Clé Présente : HKLM\Software\Classes\Installer\Features\547B38670606DF14AA57B0BB83F3AE4D
Clé Présente : HKLM\Software\Classes\Installer\Products\547B38670606DF14AA57B0BB83F3AE4D
Clé Présente : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
***** [ Navigateurs ] *****
-\\ Internet Explorer v11.0.9600.16521
-\\ Mozilla Firefox v14.0.1 (fr)
[ Fichier : C:\Users\Véronique\AppData\Roaming\Mozilla\Firefox\Profiles\out9gvzz.default\prefs.js ]
-\\ Google Chrome v23.0.1271.97
[ Fichier : C:\Users\Véronique\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [44957 octets] - [09/11/2013 23:05:16]
AdwCleaner[R1].txt - [1597 octets] - [23/01/2014 22:50:46]
AdwCleaner[R2].txt - [1862 octets] - [28/03/2014 19:00:37]
AdwCleaner[S0].txt - [44263 octets] - [09/11/2013 23:07:06]
AdwCleaner[S1].txt - [1662 octets] - [23/01/2014 22:51:53]
########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [2043 octets] ##########
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 806
28 mars 2014 à 19:10
28 mars 2014 à 19:10
Fais nettoyer
C'est fait.
Voilà le rapport :
# AdwCleaner v3.022 - Rapport créé le 28/03/2014 à 19:16:41
# Mis à jour le 13/03/2014 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Véronique - VÉRONIQUE-PC
# Exécuté depuis : C:\Users\Véronique\Downloads\adwcleaner.exe
# Option : Nettoyer
***** [ Services ] *****
***** [ Fichiers / Dossiers ] *****
Dossier Supprimé : C:\Users\Véronique\AppData\Local\PackageAware
Dossier Supprimé : C:\Users\Véronique\AppData\Roaming\Systweak
Fichier Supprimé : C:\Windows\System32\roboot64.exe
***** [ Raccourcis ] *****
***** [ Registre ] *****
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Clé Supprimée : HKCU\Software\systweak
Clé Supprimée : HKLM\Software\Classes\Installer\Features\547B38670606DF14AA57B0BB83F3AE4D
Clé Supprimée : HKLM\Software\Classes\Installer\Products\547B38670606DF14AA57B0BB83F3AE4D
***** [ Navigateurs ] *****
-\\ Internet Explorer v11.0.9600.16521
-\\ Mozilla Firefox v14.0.1 (fr)
[ Fichier : C:\Users\Véronique\AppData\Roaming\Mozilla\Firefox\Profiles\out9gvzz.default\prefs.js ]
-\\ Google Chrome v23.0.1271.97
[ Fichier : C:\Users\Véronique\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [44957 octets] - [09/11/2013 23:05:16]
AdwCleaner[R1].txt - [1597 octets] - [23/01/2014 22:50:46]
AdwCleaner[R2].txt - [2135 octets] - [28/03/2014 19:00:37]
AdwCleaner[S0].txt - [44263 octets] - [09/11/2013 23:07:06]
AdwCleaner[S1].txt - [1662 octets] - [23/01/2014 22:51:53]
AdwCleaner[S2].txt - [1905 octets] - [28/03/2014 19:16:41]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1965 octets] ##########
Quelles suites ? Merci.
Voilà le rapport :
# AdwCleaner v3.022 - Rapport créé le 28/03/2014 à 19:16:41
# Mis à jour le 13/03/2014 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Véronique - VÉRONIQUE-PC
# Exécuté depuis : C:\Users\Véronique\Downloads\adwcleaner.exe
# Option : Nettoyer
***** [ Services ] *****
***** [ Fichiers / Dossiers ] *****
Dossier Supprimé : C:\Users\Véronique\AppData\Local\PackageAware
Dossier Supprimé : C:\Users\Véronique\AppData\Roaming\Systweak
Fichier Supprimé : C:\Windows\System32\roboot64.exe
***** [ Raccourcis ] *****
***** [ Registre ] *****
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Clé Supprimée : HKCU\Software\systweak
Clé Supprimée : HKLM\Software\Classes\Installer\Features\547B38670606DF14AA57B0BB83F3AE4D
Clé Supprimée : HKLM\Software\Classes\Installer\Products\547B38670606DF14AA57B0BB83F3AE4D
***** [ Navigateurs ] *****
-\\ Internet Explorer v11.0.9600.16521
-\\ Mozilla Firefox v14.0.1 (fr)
[ Fichier : C:\Users\Véronique\AppData\Roaming\Mozilla\Firefox\Profiles\out9gvzz.default\prefs.js ]
-\\ Google Chrome v23.0.1271.97
[ Fichier : C:\Users\Véronique\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [44957 octets] - [09/11/2013 23:05:16]
AdwCleaner[R1].txt - [1597 octets] - [23/01/2014 22:50:46]
AdwCleaner[R2].txt - [2135 octets] - [28/03/2014 19:00:37]
AdwCleaner[S0].txt - [44263 octets] - [09/11/2013 23:07:06]
AdwCleaner[S1].txt - [1662 octets] - [23/01/2014 22:51:53]
AdwCleaner[S2].txt - [1905 octets] - [28/03/2014 19:16:41]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1965 octets] ##########
Quelles suites ? Merci.
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 806
28 mars 2014 à 19:35
28 mars 2014 à 19:35
* Télécharge Junkware Removal Tool à cette adresse (ne clique pas sur télécharger, le téléchargement va débuter automatiquement) : https://www.bleepingcomputer.com/download/junkware-removal-tool/dl/131/
* Enregistre-le sur ton bureau.
* Ferme toutes les applications en cours.
* Ouvre JRT.exe et appuie sur Entrée : si tu es sous Windows Vista, 7 ou 8, ouvre-le en faisant : clic droit => Exécuter en tant qu'administrateur.
* Patiente le temps que l'outil travaille : le bureau va disparaître quelques instants, c'est tout à fait normal.
* À la fin de l'analyse, un rapport nommé JRT.txt va s'ouvrir. Héberge-le comme ceci et poste le lien obtenu dans ta prochaine réponse.
Tutoriel : http://www.forum-entraide-informatique.com/support/junkware-removal-tool-tutoriel-t8260.html
* Enregistre-le sur ton bureau.
* Ferme toutes les applications en cours.
* Ouvre JRT.exe et appuie sur Entrée : si tu es sous Windows Vista, 7 ou 8, ouvre-le en faisant : clic droit => Exécuter en tant qu'administrateur.
* Patiente le temps que l'outil travaille : le bureau va disparaître quelques instants, c'est tout à fait normal.
* À la fin de l'analyse, un rapport nommé JRT.txt va s'ouvrir. Héberge-le comme ceci et poste le lien obtenu dans ta prochaine réponse.
Tutoriel : http://www.forum-entraide-informatique.com/support/junkware-removal-tool-tutoriel-t8260.html
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 806
28 mars 2014 à 21:41
28 mars 2014 à 21:41
Refais un zhpdiag
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 806
28 mars 2014 à 22:32
28 mars 2014 à 22:32
A demain