Ordinateur se bloque au démarrage

Fermé
maohi - 5 avril 2014 à 17:44
 maohi - 15 avril 2014 à 18:32
Bonjour,

J'ai un ordinateur portable HP Pavilion G7 avec windows 7 Home Premium.

Depuis quelques temps, au démarrage, après avoir rentré le mot de passe utilisateur, arrivé sur le bureau, l'ordi se bloque.

Seule la petite roue bleue (remplaçante du sablier) tourne, tourne, tourne et rien ne se passe, tout est figé.

Même Ctrl Alt Supp ne fonctionne pas.

Si quelqu'un peut éclairer ma lanterne, je vous remercie par avance.
A voir également:

21 réponses

lilidurhone Messages postés 43347 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 31 octobre 2024 3 807
5 avril 2014 à 17:47
Hello


Et en mode sans échec?
0
bonjour,

en mode sans échec il se bloque un moment sur la ligne :

chargé : \windows\system32\drivers\CLASSPNP.SYS

puis démarre normalement.

aucun blocage en mode sans échec.

comment faire pour qu'en mode normal cela fasse pareil ?

merci d'avance
0
lilidurhone Messages postés 43347 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 31 octobre 2024 3 807
5 avril 2014 à 19:27
Hello

Essaie d'accéder au mode sans échec avec réseau
0
bonjour,

ça fonctionne sans souci en mode sans échec, avec et sans prise en compte du réseau.
Maintenant il faudrait que cela marche en mode classique aussi.
Quelle est la solution ?
Merci
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
lilidurhone Messages postés 43347 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 31 octobre 2024 3 807
6 avril 2014 à 20:39
Hello

On va faire un diagnostic avec zhpdiag
0
bonjour,

en quel mode le diagnostic ?

merci
0
lilidurhone Messages postés 43347 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 31 octobre 2024 3 807
7 avril 2014 à 10:15
Mode sans échec avec réseau :)

Rapport full option si possible
0
bonjour, voici le rapport :

~ Rapport de ZHPDiag v2014.4.8.11 - Nicolas Coolman (09/04/2014)
~ Lancé par JC (08/04/2014 18:21:10)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16518
GCIE: Google Chrome v32.0.1700.107 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
avast! Free Antivirus v7.0.1466.0
Spybot - Search & Destroy 1.4 v1.4
Windows Defender W7

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 12 ActiveX
Adobe Reader X
Java 7 Update 7

---\\ Informations sur le système
~ Processor: AMD64 Family 18 Model 1 Stepping 0, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Sans échec avec prise en charge du réseau (Fail-safe with network boot)
Total RAM: 3561 MB (81% free)
System Restore: Activé (Enable)
System drive C: has 384 GB (87%) free of 441 GB

---\\ Mode de connexion au système
~ Computer Name: JC-HP
~ User Name: JC
~ All Users Names: JC, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\JC\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\JC\AppData\Roaming\
~ %Desktop% : C:\Users\JC\Desktop\
~ %Favorites% : C:\Users\JC\Favorites\
~ %LocalAppData% : C:\Users\JC\AppData\Local\
~ %StartMenu% : C:\Users\JC\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 384 Go of 441 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 20 Go)
E: Hard drive, Flash drive, Thumb drive (Free 1 Go of 4 Go)
F: CD-ROM drive (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Free 2 Go of 4 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 46 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.15/10/2011 - 06:36:24.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.263B6E451526A90FF8B1CEC759F22956] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.06/02/2014 - 10:24:52.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/10/2011 - 06:40:07.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.DF8126BD41180351A093A3AD2FC8903B] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.15/10/2011 - 06:33:05.) -- C:\Windows\system32\Drivers\volsnap.sys [296320]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/21
~ Mes musiques (My Musics) : 11/248
~ Mes Videos (My Videos) : 2/16
~ Mes Favoris (My Favorites) : 1/36
~ Mes Documents (My Documents) : 2/36
~ Mon Bureau (My Desktop) : 1/30
~ Menu demarrer (Programs) : 1/72
~ Hidden Files: Scanned in 00mn 00s



---\\ Processus lancés
[MD5.9ECCE6A982223E99A5E1BB1A92A7D075] - (.Nicolas Coolman - ZHPDiag.) -- C:\Utilitaires\ZHPDiag\ZHPDiag.exe [8203264] [PID.1792]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\JC\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://www.bing.com
G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.3 (Désactivé) =>Toolbar.DeltaSearch
G2 - GCE: Preference [User Data\Default] [igdhbblpcellaljokkpfhcjlagemhgjl] Iminent v.6.16.5.1, (Désactivé) =>Adware.IMBooster
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)

---\\ Liste des dossiers d'extension Google Chrome

~ Google Lines Browser: 21 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: CrossriderApp0027096 [64Bits] - {11111111-1111-1111-1111-110211701196} . (.Corporate Inc - Services x86 BHO.) -- C:\Program Files (x86)\Services x86\Services x86-bho.dll =>PUP.CrossRider
O2 - BHO: IMinent WebBooster [64Bits] - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} . (.SIEN - Minibar.) -- C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll =>PUP.Minibar
~ BHO: 26 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll =>Toolbar.Google
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [JC]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [JC]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [JC]: HP Taskbar Process HP.lnk . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe (.not file.)
O4 - GS\TaskBar [JC]: midi.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [JC]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [JC]: Webplayer.lnk . (...) -- C:\Users\JC\AppData\Roaming\Microsoft\Installer\{9937E55B-6331-4804-93EF-77E992F204BD}\_3F7CDAE07E1639C4AEA7A8.exe
O4 - GS\SystemTools [JC]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [JC]: algobox - Raccourci.lnk . (...) -- C:\Program Files (x86)\Algobox\algobox.exe
O4 - GS\Desktop [JC]: Algobox.lnk . (...) -- C:\Program Files (x86)\Algobox\algobox.exe
O4 - GS\Desktop [JC]: AusLogics Disk Defrag.lnk . (.Auslogics - Auslogics Disk Defrag.) -- C:\Utilitaires\AusLogics Disk Defrag\diskdefrag.exe
O4 - GS\Desktop [JC]: ccleaner - Raccourci.lnk . (.Piriform Ltd - CCleaner.) -- C:\Utilitaires\Ccleaner\ccleaner.exe =>.Piriform Ltd
O4 - GS\Desktop [JC]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [JC]: midi.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [JC]: Spybot - Search & Destroy.lnk . (.Safer Networking Limited - Spybot - Search & Destroy.) -- C:\Utilitaires\Spybot - Search & Destroy\SpybotSD.exe
O4 - GS\Desktop [JC]: Webplayer.lnk . (...) -- C:\Users\JC\AppData\Roaming\Microsoft\Installer\{9937E55B-6331-4804-93EF-77E992F204BD}\_481820CA410C366184E158.exe
~ Global Startup: 67 Legitimates Filtered in 00mn 00s



---\\ Applications lancées au démarrage du système (O4)
O4 - GS\Startup [JC]: Outil de notification de cadeaux MSN.lnk . (.Microsoft Corporation - Outil de notification de cadeaux MSN.) -- C:\Users\JC\AppData\Roaming\Microsoft\Outil de notification de cadeaux MSN\msnotif.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio TPE.) -- C:\Program Files\IDT\WDM\sttray64.exe
O4 - HKLM\..\Run: [SetDefault] . (.Hewlett-Packard Development Company, L.P. - SetDefault.) -- C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
O4 - HKCU\..\Run: [HP Deskjet 3070 B611 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe =>.Hewlett-Packard Co
O4 - HKCU\..\Run: [PC Speed Maximizer] . (...) -- G:\PC Speed Maximizer\SPMTray.exe =>Rogue.PCSpeedMaximizer
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [HPQuickWebProxy] . (.Hewlett-Packard Company - HP QuickWeb Utilities.) -- C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Quick Launch] . (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [HPOSD] . (.Hewlett-Packard Development Company, L.P. - HP On Screen Display.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Wow6432Node\Run: [Easybits Recovery] . (.EasyBits Software AS - Pas de description.) -- C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe =>.EasyBits Software AS
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [Iminent] . (.Iminent - Iminent.) -- C:\Program Files (x86)\Iminent\Iminent.exe =>Adware.IMBooster
O4 - HKLM\..\Wow6432Node\Run: [IminentMessenger] . (.Iminent - Iminent.) -- C:\Program Files (x86)\Iminent\Iminent.Messengers.exe =>Adware.IMBooster
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [Magic Desktop for HP notification] . (.Easybits - Software update notification.) -- C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-487489554-3010040347-1849917863-1001\..\Run: [HP Deskjet 3070 B611 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe =>.Hewlett-Packard Co
O4 - HKUS\S-1-5-21-487489554-3010040347-1849917863-1001\..\Run: [PC Speed Maximizer] . (...) -- G:\PC Speed Maximizer\SPMTray.exe =>Rogue.PCSpeedMaximizer
~ Application: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{082B8A69-4AE5-45C9-AF66-EC2035AA8F81}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{11B59C77-BC24-471B-B936-AFAA8EF8E8E8}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\..\{BAFBCA03-E82E-4B67-85D0-30B9A24683A3}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{082B8A69-4AE5-45C9-AF66-EC2035AA8F81}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{11B59C77-BC24-471B-B936-AFAA8EF8E8E8}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CS1\Services\Tcpip\..\{BAFBCA03-E82E-4B67-85D0-30B9A24683A3}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{082B8A69-4AE5-45C9-AF66-EC2035AA8F81}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{11B59C77-BC24-471B-B936-AFAA8EF8E8E8}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CS2\Services\Tcpip\..\{BAFBCA03-E82E-4B67-85D0-30B9A24683A3}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: video/x-flv [64Bits] - {20C75730-7C25-476B-95DC-C65810F9E489} . (.Advanced Micro Devices - MIME Video Detector for IE.) -- C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll (.not file.) =>PUP.BitGuard
~ AppInit DLL: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: SProtection (SProtection) . (...) - C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe (.not file.) =>Adware.IMBooster
~ Services: 14 Legitimates Filtered in 00mn 03s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job [352]
~ Scheduled Task: 10 Legitimates Filtered in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: BitGuard - (.MediaTechSoft Inc..) [HKLM][64Bits] -- {15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} =>PUP.BitGuard
O42 - Logiciel: Delta toolbar - (.Delta.) [HKLM][64Bits] -- delta =>Toolbar.DeltaSearch
O42 - Logiciel: Iminent - (.Iminent.) [HKLM][64Bits] -- {7F1E694F-1880-4D5F-BD27-A0D0A5379864} =>Adware.IMBooster
O42 - Logiciel: Services x86 - (.Corporate Inc.) [HKLM][64Bits] -- Services x86 =>PUP.CrossRider
O42 - Logiciel: Webplayer - (.Kreapixel.) [HKLM][64Bits] -- {9937E55B-6331-4804-93EF-77E992F204BD} =>Adware.SocialSkinz
~ Logic: 50 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\86dedbb234bd43] =>Hijacker.Eazel
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\BabylonToolbar] =>PUP.Babylon
[HKCU\Software\DataMngr] =>PUP.Datamngr
[HKCU\Software\Delta]
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKLM\Software\Wow6432Node\86dedbb234bd43] =>Hijacker.Eazel
[HKLM\Software\Wow6432Node\Babylon] =>PUP.Babylon
[HKLM\Software\Wow6432Node\DataMngr] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\Delta]
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Umbrella]
~ Key Software: 324 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 05/05/2013 - 16:51:11 - [0,617] ----D C:\Program Files (x86)\Delta
O43 - CFD: 14/03/2014 - 21:20:33 - [48,394] ----D C:\Program Files (x86)\GUM1026.tmp
O43 - CFD: 22/03/2014 - 21:05:22 - [48,394] ----D C:\Program Files (x86)\GUM48E1.tmp
O43 - CFD: 03/03/2014 - 19:07:38 - [48,394] ----D C:\Program Files (x86)\GUM72BF.tmp
O43 - CFD: 28/03/2014 - 14:45:20 - [48,394] ----D C:\Program Files (x86)\GUM8AFF.tmp
O43 - CFD: 09/03/2014 - 11:26:32 - [48,394] ----D C:\Program Files (x86)\GUM8E69.tmp
O43 - CFD: 08/03/2014 - 19:31:05 - [48,394] ----D C:\Program Files (x86)\GUM95B9.tmp
O43 - CFD: 10/11/2013 - 19:33:45 - [17,457] ----D C:\Program Files (x86)\Iminent =>Adware.IMBooster
O43 - CFD: 10/07/2013 - 12:49:23 - [3,153] ----D C:\Program Files (x86)\Services x86 =>PUP.CrossRider
O43 - CFD: 22/02/2014 - 01:45:57 - [0] ----D C:\Program Files (x86)\Common Files\Umbrella
O43 - CFD: 05/05/2013 - 16:50:48 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 31/10/2013 - 13:00:03 - [0,082] ----D C:\ProgramData\BitGuard =>PUP.BitGuard
O43 - CFD: 05/05/2013 - 17:03:41 - [0,061] ----D C:\ProgramData\Iminent =>Adware.IMBooster
O43 - CFD: 05/05/2013 - 16:51:18 - [1,674] ----D C:\Users\JC\AppData\Roaming\BabSolution =>Hijacker.BabSolution
O43 - CFD: 05/05/2013 - 16:50:48 - [0,009] ----D C:\Users\JC\AppData\Roaming\Babylon =>PUP.Babylon
O43 - CFD: 24/11/2013 - 13:26:54 - [0,060] ----D C:\Users\JC\AppData\Roaming\File Scout =>PUP.FileScout
O43 - CFD: 05/05/2013 - 17:03:47 - [0,016] ----D C:\Users\JC\AppData\Roaming\Iminent =>Adware.IMBooster
O43 - CFD: 22/04/2013 - 22:06:02 - [0,001] ----D C:\Users\JC\AppData\Local\messengerdusexe
O43 - CFD: 05/12/2012 - 20:53:13 - [0] ----D C:\Users\JC\AppData\Local\pur-flirt
O43 - CFD: 30/10/2013 - 12:33:42 - [0,001] ----D C:\Users\JC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard =>PUP.BitGuard
~ 237 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 418 Legitimates Filtered in 00mn 07s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.5E7DD328DBDFE264633C14C7746A8EFB] - 05/04/2014 - 14:54:00 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [32064]
O44 - LFC:[MD5.5E7DD328DBDFE264633C14C7746A8EFB] - 05/04/2014 - 14:54:00 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [32064]
O44 - LFC:[MD5.FE34A5B2B378FF9FAFA79FE6D8599FB9] - 08/04/2014 - 17:15:25 ---A- . (...) -- C:\Windows\ntbtlog.txt [401830]
~ Files: 12 Legitimates Filtered in 00mn 01s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 10 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.B8B1B284362E1D8135112573395D5DA5] - 25/06/2010 - 15:08:10 ---A- . (.Windows (R) Win 7 DDK provider - RawPacket NDIS Protocol Driver.) -- C:\Windows\System32\Drivers\htcnprot.sys [36928]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:[MD5.EBA98394A7D58F7552C52192BD8FA7E6] - 27/05/2011 - 20:06:16 ---A- . (.IDT, Inc. - IDT PC Audio TPE.) -- C:\Windows\System32\Drivers\stwrt64.sys [528384]
~ Drivers: 16 Legitimates Filtered in 00mn 00s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
~ Legacy: 121 Legitimates Filtered in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Search the web (Babylon)) - http://isearch.babylon.com =>PUP.Babylon
O69 - SBI: SearchScopes [HKCU] {2fa28606-de77-4029-af96-b231e3b8f827} - (Ask.com) - http://eu.ask.com
O69 - SBI: SearchScopes [HKCU] {95B7759C-8C7F-4BF1-B163-73684A933233} [DefaultScope] - (AVG Secure Search) - http://isearch.avg.com =>Toolbar.AVGSearch
O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {b7fca997-d0fb-4fe0-8afd-255e89cf9671} - (Yahoo) - http://fr.search.yahoo.com
O69 - SBI: SearchScopes [HKCU] {d43b3890-80c7-4010-a95d-1e77b5924dc3} - (Wikipedia) - http://fr.wikipedia.org
O69 - SBI: SearchScopes [HKCU] {D944BB61-2E34-4DBF-A683-47E505C587DC} - (eBay) - http://rover.ebay.com =>Toolbar.eBay
O69 - SBI: SearchScopes [HKCU] {FB36B2D3-D2B2-4EAC-9CE2-D3B15D6EEEFC} - (Propositions de recherche Amazon.fr) - http://www.amazon.fr
O69 - SBI: SearchScopes [HKCU] ÛYÆîZ§'2¹Þpv¨IÍá*X(Z2s(ÛÎÀJºÔÓµ ± vË°!×--(ä¼48иpatm6êo^Mp'Ëõ÷_i£w~¾!"Áû+ x¢8€ÙjÀÿþ 'Ñ;áa'[¦+8 º~ RÙxoeòÜ8'£-)x­ä­ - (Search the web (Babylon)) - http://isearch.babylon.com =>PUP.Babylon
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.CC1A55091FD96BCB624AD791CD15D179] [SPRF][09/02/2013] (...) -- C:\Users\JC\AppData\Roaming\BabMaint.exe [114176] =>Hijacker.BabSolution
~ Files: 4 Legitimates Filtered in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{89997F07-48E0-4C9E-AD36-7CDAC4606DA7}" | In - None - P6 - TRUE | .(.Iminent - Iminent.) -- C:\Program Files (x86)\Iminent\Iminent.exe =>Adware.IMBooster
O87 - FAEL: "{E4912450-6147-474F-A605-FCA4E508CE5E}" | In - None - P6 - TRUE | .(.Iminent - Iminent.) -- C:\Program Files (x86)\Iminent\Iminent.Messengers.exe =>Adware.IMBooster
~ Firewall: 193 Legitimates Filtered in 00mn 00s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "F496E1F70881F5D4DB720A0D5A738946" . (.Iminent.) -- C:\Windows\Installer\{7F1E694F-1880-4D5F-BD27-A0D0A5379864}\imbooster.ico =>Adware.IMBooster
~ Update Products: 129 Legitimates Filtered in 00mn 00s



---\\ Export de clés de registre aléatoires (O91)
[HKCU\Software\86dedbb234bd43\2.6.1339.144\upd]:="upd=1" =>Hijacker.Eazel
[HKCU\Software\86dedbb234bd43\2.6.1519.190\upd]:="upd=1" =>Hijacker.Eazel
[HKCU\Software\86dedbb234bd43\2.6.1673.238\upd]:="upd=1" =>Hijacker.Eazel
[HKCU\Software\86dedbb234bd43\2.6.1694.246\upd]:="upd=" =>Hijacker.Eazel
[HKCU\Software\86dedbb234bd43\2.7.1769.27\upd]:="upd=" =>Hijacker.Eazel
[HKCU\Software\86dedbb234bd43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1249.132]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\86dedbb234bd43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1249.132]:version="2.6.1249.132" =>Hijacker.Eazel
[HKCU\Software\86dedbb234bd43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\86dedbb234bd43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:version="2.6.1339.144" =>Hijacker.Eazel
[HKCU\Software\86dedbb234bd43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1519.190]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\86dedbb234bd43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1519.190]:version="2.6.1519.190" =>Hijacker.Eazel
[HKCU\Software\86dedbb234bd43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:dllName="BitGuard.dll" =>PUP.BitGuard
[HKCU\Software\86dedbb234bd43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:exeName="BitGuard.exe" =>PUP.BitGuard
[HKCU\Software\86dedbb234bd43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:folderName="BitGuard" =>PUP.BitGuard
[HKCU\Software\86dedbb234bd43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\86dedbb234bd43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:serviceName="BitGuard" =>PUP.BitGuard
[HKCU\Software\86dedbb234bd43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:version="2.6.1673.238" =>Hijacker.Eazel
[HKCU\Software\86dedbb234bd43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1694.246]:dllName="BitGuard.dll" =>PUP.BitGuard
[HKCU\Software\86dedbb234bd43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1694.246]:exeName="BitGuard.exe" =>PUP.BitGuard
[HKCU\Software\86dedbb234bd43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1694.246]:folderName="BitGuard" =>PUP.BitGuard
[HKCU\Software\86dedbb234bd43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1694.246]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\86dedbb234bd43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1694.246]:serviceName="BitGuard" =>PUP.BitGuard
[HKCU\Software\86dedbb234bd43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1694.246]:version="2.6.1694.246" =>Hijacker.Eazel
[HKCU\Software\86dedbb234bd43]:version="2.7.1769.27" =>Hijacker.Eazel
[HKLM\Software\Wow6432Node\86dedbb234bd43]:version="2.7.1769.27" =>Hijacker.Eazel
~ Export Key Software: Scanned in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.A3AEEC9A9B6984F2E22B90FDC9A23AB8] [WIS][12/12/2013] (.Skype Technologies S.A. - Skype.) -- C:\Windows\Installer\30a72.msi [24993792]
~ WIS: 133 Legitimates Filtered in 00mn 03s



---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Microsoft\Tracing\browserchoice_RASAPI32
HKLM\SOFTWARE\Microsoft\Tracing\browserchoice_RASMANCS
HKLM\SOFTWARE\Microsoft\Tracing\CCC_RASAPI32
HKLM\SOFTWARE\Microsoft\Tracing\CCC_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\A16D_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdobeARM_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdobeARM_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\avg_12_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\avg_12_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BBSvc_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BBSvc_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32 =>Toolbar.Bing
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS =>Toolbar.Bing
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Cake Mania-WT_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\CVHSVC_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\CVHSVC_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DllHost_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DllHost_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FlashUtil10x_ActiveX_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FlashUtil10x_ActiveX_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FP_AX_CAB_INSTALLER64_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FP_AX_CAB_INSTALLER64_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\HPPowerManager_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\HPPowerManager_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\HPWUCli_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\HPWUCli_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32 =>Adware.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS =>Adware.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Installation_Messenger_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Installation_Messenger_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Jewel Quest II-WT_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MOE_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MOE_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\mshta_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\mshta_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\msnmsgr_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\msnmsgr_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\oi_{BD3B96D8-E143-4FC6-9A9A-0899E94306E3}_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\oi_{BD3B96D8-E143-4FC6-9A9A-0899E94306E3}_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PurFlirt_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PurFlirt_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ranchrush2collectorsedition-WT_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\rencontreshard_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\rencontreshard_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ROC_JAN2013_TB_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ROC_JAN2013_TB_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ROC_ROC_NT_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ROC_ROC_NT_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SetupMessenger-rdv-rapide_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SetupMessenger-rdv-rapide_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SetupMessengerdusexe_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SetupMessengerdusexe_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SKY6D14_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SKY6D14_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SKYB950_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SKYB950_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SwDnld_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SwDnld_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SwHelper_1161629_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SwHelper_1161629_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ToolbarInstaller_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ToolbarInstaller_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\vprot_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\vprot_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wlstartup_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wlstartup_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WLXPhotoGalleryRepair_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WLXPhotoGalleryRepair_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WLXPhotoGallery_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WLXPhotoGallery_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yesmessenger_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yesmessenger_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YouCam_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YouCam_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\{2993C69F-0006-4EF9-BA95-DDAC05280585}_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\{2993C69F-0006-4EF9-BA95-DDAC05280585}_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\{902F053E-66B9-41DB-A027-84665324FD44}_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\{902F053E-66B9-41DB-A027-84665324FD44}_RASMANCS
~ BTK: 190 Legitimates Filtered in 00mn 00s



---\\ Recherche de clés de registre CLSID (O101)
[HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] (Google Toolbar) =>Toolbar.Google
[HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Google Toolbar Helper) =>Toolbar.Google
~ BCK: 4589 Legitimates Filtered in 00mn 08s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 27/07/2012 63960 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Auto 22/03/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 29/09/2011 204288 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SS - | Auto 28/09/2011 361984 | (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
SS - | Auto 21/08/2012 44808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SS - | Auto 10/07/1658 0 | (ezSharedSvc) . (.EasyBits Software AS.) - C:\Windows\System32\ezSharedSvcHost.exe =>.EasyBits Software AS
SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SS - | Auto 30/08/2013 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 30/08/2013 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 30/08/2013 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Auto 09/09/2011 86072 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe =>.Hewlett-Packard Co
SS - | Auto 11/10/2010 346168 | (HPClientSvc) . (.Hewlett-Packard Company.) - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
SS - | Auto 14/03/2012 197504 | (HPDrvMntSvc.exe) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
SS - | Demand 14/03/2012 994176 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
SS - | Auto 11/07/2011 26680 | (HPWMISVC) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
SS - | Auto 29/06/2011 2413056 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
SS - | Auto 04/05/2011 81408 | (PassThru Service) . (...) - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
SS - | Auto 05/09/2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Auto 10/07/1658 0 | (SProtection) . (...) - C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe =>Adware.IMBooster
SS - | Auto 27/05/2011 301568 | (STacSV) . (.IDT, Inc..) - C:\Program Files\IDT\WDM\STacSV64.exe
SS - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 08s



---\\ Scan Additionnel (O88)
Database Version : 13044 - (09/04/2014)
Clés trouvées (Keys found) : 303
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 14
Fichiers trouvés (Files found) : 10

[HKLM\Software\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde] =>Toolbar.DeltaSearch^
[HKLM\Software\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl] =>Adware.IMBooster^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110211701196}] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] =>PUP.Minibar^
[HKLM\SYSTEM\CurrentControlSet\Services\SProtection] =>Adware.IMBooster^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}] =>PUP.BitGuard^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\delta] =>Toolbar.DeltaSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7F1E694F-1880-4D5F-BD27-A0D0A5379864}] =>Adware.IMBooster^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Services x86] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9937E55B-6331-4804-93EF-77E992F204BD}] =>Adware.SocialSkinz^
[HKLM\Software\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster
[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}] =>PUP.Babylon
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Services x86] =>PUP.CrossRider
[HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits
[HKLM\Software\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>PUP.Babylon
[HKLM\Software\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\escort.dll] =>PUP.Babylon
[HKLM\Software\Classes\AppID\escortapp.dll] =>PUP.Babylon
[HKLM\Software\Classes\AppID\escorteng.dll] =>PUP.Babylon
[HKLM\Software\Classes\AppID\esrv.EXE] =>PUP.Babylon
[HKLM\Software\Classes\AppID\ScriptHelper.EXE] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS] =>Toolbar.Bing
[HKLM\Software\Classes\escort.escortIEPane] =>PUP.Funmoods
[HKLM\Software\Classes\escort.escortIEPane.1] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl] =>Adware.IMBooster
[HKCU\Software\BabylonToolbar] =>PUP.Babylon
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\DataMngr] =>Adware.Bandoo
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}] =>PUP.Babylon
[HKCU\Software\AppDataLow\Software\Services x86] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Services x86] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP] =>Adware.IMBooster
[HKLM\Software\Classes\Prod.cap] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings] =>PUP.BProtector
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\delta.deltaappCore] =>PUP.Funmoods
[HKLM\Software\Classes\delta.deltaappCore.1] =>PUP.Funmoods
[HKLM\Software\Classes\delta.deltadskBnd] =>PUP.Funmoods
[HKLM\Software\Classes\delta.deltadskBnd.1] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9937E55B-6331-4804-93EF-77E992F204BD}] =>Adware.SocialSkinz
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A] =>Adware.IMBooster
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}] =>Toolbar.Yahoo
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}] =>Toolbar.Yahoo
[HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0027096.BHO] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0027096.BHO.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0027096.Sandbox] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0027096.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Classes\delta.deltaHlpr] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\delta.deltaHlpr.1] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\iminent] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Business.Tinyfying.DownloadArgs] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Business.Tinyfying.RawDataArgs] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Business.Tinyfying.TinyUrlArgs] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Business.Tinyfying.ViralLinkArgs] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.ClientCallback] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.ContractBase] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.Da
0
lilidurhone Messages postés 43347 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 31 octobre 2024 3 807
8 avril 2014 à 18:30
Waouh

Pas mal infecté


Désinstalles

Spybot - Search & Destroy 1.4 v1.4


* Télécharge sur le bureau RogueKiller

* Quitte tous tes programmes en cours.

* Sous Vista/Seven et windows 8 , clique droit -> lancer en tant qu'administrateur

* Sinon lance simplement RogueKiller.exe

* Patiente pendant le pre-scan, puis clique sur le bouton Scan

* Un rapport RKreport.txt a du se créer sur le bureau, poste-le.

Note : Si le programme a été bloqué, ne pas hésiter à essayer plusieurs fois.

0
bonjour, voici le rapport roguekiller, j'ai cliqué sur "suppression":

RogueKiller V8.7.8 [Nov 14 2013] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : http://www.adlice.com/forum/
Site Web : http://www.sur-la-toile.com/RogueKiller/
Blog : http://tigzyrk.blogspot.com/

Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode sans echec avec prise en charge reseau
Utilisateur : JC [Droits d'admin]
Mode : Recherche -- Date : 04/09/2014 18:18:06
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 8 ¤¤¤
[RUN][SUSP PATH] HKLM\[...]\Wow6432Node\[...]\Run : Magic Desktop for HP notification ("C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe" [7]) -> TROUVÉ
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> TROUVÉ
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> TROUVÉ
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> TROUVÉ
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> TROUVÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
[APPINIT][SUSP PATH] HKLM\[...]\Windows : AppInit_DLLs (c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll [x]) -> TROUVÉ

¤¤¤ Tâches planifiées : 1 ¤¤¤
[V1][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv.job : C:\Windows\TEMP\{9E943E11-517A-4760-8559-611DAC8E089C}.exe - --uninstall=1 [x] -> TROUVÉ

¤¤¤ Entrées Startup : 0 ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection : Root.MBR ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST950032 5AS SATA Disk Device +++++
--- User ---
[MBR] dbb0aa050e8604e3e9f10a48644edd05
[BSP] 0a794a8ef2de3f90f07b376209c0a638 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 451699 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 925489152 | Size: 20977 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 968450048 | Size: 4063 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] b7b4d55b6580024bec8c843bc78b9eb5
[BSP] eb6be49315ef7c24a58834d133da7225 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 77824 Mo
1 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 159793152 | Size: 400 Mo

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) JetFlash TS4GJFV20 USB Device +++++
--- User ---
[MBR] f411eeae9931699d5f43bd30bcb0e118
[BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] FAT32 (0x0b) [VISIBLE] Offset (sectors): 128 | Size: 3911 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Termine : << RKreport[0]_S_04092014_181806.txt >>
0
lilidurhone Messages postés 43347 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 31 octobre 2024 3 807
9 avril 2014 à 20:50
* Quitte tous tes programmes en cours

* Sous Vista/Seven , clique droit -> lancer en tant qu'administrateur

* Sinon lance simplement RogueKiller.exe

* Patiente pendant le pre-scan, clique sur Scan

* Vérifie que tous les éléments sont cochés puis clique sur Suppression

* Poste le rapport RKreport.txt présent sur le bureau.
0
bonjour, voici le rapport
roguekiller 
:
(un rapport "MBR" est publié plus bas)

RogueKiller V8.8.15 [Mar 27 2014] par Adlice Software
mail : http://www.adlice.com/contact/
Remontees : http://forum.adlice.com
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : http://www.adlice.com

Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode sans echec avec prise en charge reseau
Utilisateur : JC [Droits d'admin]
Mode : Recherche -- Date : 04/10/2014 18:18:49
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 0 ¤¤¤

¤¤¤ Tâches planifiées : 0 ¤¤¤

¤¤¤ Entrées Startup : 0 ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Addons navigateur : 2 ¤¤¤
[CHR][PUP] Default : Delta Toolbar
[CHR][PUP] Default : Iminent

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤
[Address] ***@*** (GetProcAddress) : KERNEL32.dll -> HOOKED (C:\Program Files (x86)\Internet Explorer\IEShims.dll @ 0x741A13DD)
[Address] ***@*** (StrStrIW) : api-ms-win-downlevel-shlwapi-l1-1-0.dll -> HOOKED (C:\Windows\syswow64\shlwapi.DLL @ 0x763C46E9)
[Address] ***@*** (GetProcAddress) : KERNEL32.dll -> HOOKED (C:\Program Files (x86)\Internet Explorer\IEShims.dll @ 0x741A13DD)
[Address] ***@*** (StrStrIW) : api-ms-win-downlevel-shlwapi-l1-1-0.dll -> HOOKED (C:\Windows\syswow64\shlwapi.DLL @ 0x763C46E9)
[Address] ***@*** (BeginBufferedAnimation) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7275DF38)
[Address] ***@*** (BeginBufferedPaint) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7275B741)
[Address] ***@*** (BeginPanningFeedback) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727776AF)
[Address] ***@*** (BufferedPaintClear) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7275BBDB)
[Address] ***@*** (BufferedPaintInit) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7275B8D4)
[Address] ***@*** (BufferedPaintRenderAnimation) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7275DE83)
[Address] ***@*** (BufferedPaintSetAlpha) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7277CE19)
[Address] ***@*** (BufferedPaintStopAllAnimations) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7275E428)
[Address] ***@*** (BufferedPaintUnInit) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x72767525)
[Address] ***@*** (CloseThemeData) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x72751FA1)
[Address] ***@*** (DrawThemeBackground) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7275D464)
[Address] ***@*** (DrawThemeBackgroundEx) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7276436D)
[Address] ***@*** (DrawThemeEdge) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7277C01C)
[Address] ***@*** (DrawThemeIcon) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7277D123)
[Address] ***@*** (DrawThemeParentBackground) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7275E776)
[Address] ***@*** (DrawThemeParentBackgroundEx) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7275E5C5)
[Address] ***@*** (DrawThemeText) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7275DB21)
[Address] ***@*** (DrawThemeTextEx) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7275A70C)
[Address] ***@*** (EnableThemeDialogTexture) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7276786D)
[Address] ***@*** (EnableTheming) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7277C9FF)
[Address] ***@*** (EndBufferedAnimation) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7275ACE8)
[Address] ***@*** (EndBufferedPaint) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7275ACE8)
[Address] ***@*** (EndPanningFeedback) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7277762C)
[Address] ***@*** (GetBufferedPaintBits) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7275CF26)
[Address] ***@*** (GetBufferedPaintDC) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7277CDCF)
[Address] ***@*** (GetBufferedPaintTargetDC) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7277CD86)
[Address] ***@*** (GetBufferedPaintTargetRect) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7277C893)
[Address] ***@*** (GetCurrentThemeName) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727663AE)
[Address] ***@*** (GetThemeAppProperties) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7275EBD6)
[Address] ***@*** (GetThemeBackgroundContentRect) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7275DA9E)
[Address] ***@*** (GetThemeBackgroundExtent) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x72767155)
[Address] ***@*** (GetThemeBackgroundRegion) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x72760190)
[Address] ***@*** (GetThemeBitmap) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x72754B9C)
[Address] ***@*** (GetThemeBool) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x72756651)
[Address] ***@*** (GetThemeColor) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727527C0)
[Address] ***@*** (GetThemeDocumentationProperty) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7277C346)
[Address] ***@*** (GetThemeEnumValue) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727527C0)
[Address] ***@*** (GetThemeFilename) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7277B997)
[Address] ***@*** (GetThemeFont) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727676A2)
[Address] ***@*** (GetThemeInt) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727527C0)
[Address] ***@*** (GetThemeIntList) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7277B86E)
[Address] ***@*** (GetThemeMargins) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x72752F97)
[Address] ***@*** (GetThemeMetric) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727655B4)
[Address] ***@*** (GetThemePartSize) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7275289F)
[Address] ***@*** (GetThemePosition) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7277B80D)
[Address] ***@*** (GetThemePropertyOrigin) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x72760923)
[Address] ***@*** (GetThemeRect) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7277B936)
[Address] ***@*** (GetThemeStream) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7277B8CF)
[Address] ***@*** (GetThemeString) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7277B7A1)
[Address] ***@*** (GetThemeSysBool) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7277CB86)
[Address] ***@*** (GetThemeSysColor) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x72765530)
[Address] ***@*** (GetThemeSysColorBrush) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7277CA32)
[Address] ***@*** (GetThemeSysFont) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7277C3D8)
[Address] ***@*** (GetThemeSysInt) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7277C5E7)
[Address] ***@*** (GetThemeSysSize) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7277CC61)
[Address] ***@*** (GetThemeSysString) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7277C553)
[Address] ***@*** (GetThemeTextExtent) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727589FE)
[Address] ***@*** (GetThemeTextMetrics) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7276778C)
[Address] ***@*** (GetThemeTransitionDuration) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7275E1A1)
[Address] ***@*** (GetWindowTheme) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7276535B)
[Address] ***@*** (HitTestThemeBackground) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x72762DC1)
[Address] ***@*** (IsAppThemed) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x72767009)
[Address] ***@*** (IsCompositionActive) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727565DF)
[Address] ***@*** (IsThemeActive) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x72766F36)
[Address] ***@*** (IsThemeBackgroundPartiallyTransparent) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7275281C)
[Address] ***@*** (IsThemeDialogTextureEnabled) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7277CB3F)
[Address] ***@*** (IsThemePartDefined) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727530CF)
[Address] ***@*** (OpenThemeData) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x72755F29)
[Address] ***@*** (OpenThemeDataEx) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727606FE)
[Address] ***@*** (SetThemeAppProperties) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7277CCEC)
[Address] ***@*** (SetWindowTheme) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x72767AFC)
[Address] ***@*** (SetWindowThemeAttribute) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x72759E39)
[Address] ***@*** (ThemeInitApiHook) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x72754571)
[Address] ***@*** (UpdatePanningFeedback) : fwpuclnt.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x727775ED)
[Address] ***@*** (DllCanUnloadNow) : bcryptprimitives.dll -> HOOKED (C:\Windows\SysWOW64\ieapfltr.dll @ 0x71F115B6)
[Address] ***@*** (DllGetClassObject) : bcryptprimitives.dll -> HOOKED (C:\Windows\SysWOW64\ieapfltr.dll @ 0x71F0CA70)
[Address] ***@*** (DllRegisterServer) : bcryptprimitives.dll -> HOOKED (C:\Windows\SysWOW64\ieapfltr.dll @ 0x71F4088F)
[Address] ***@*** (DllUnregisterServer) : bcryptprimitives.dll -> HOOKED (C:\Windows\SysWOW64\ieapfltr.dll @ 0x71F408F1)

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection : PUP|Root.MBR ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST950032 5AS SATA Disk Device +++++
--- User ---
[MBR] dbb0aa050e8604e3e9f10a48644edd05
[BSP] 0a794a8ef2de3f90f07b376209c0a638 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 451699 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 925489152 | Size: 20977 MB
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 968450048 | Size: 4063 MB
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] b7b4d55b6580024bec8c843bc78b9eb5
[BSP] eb6be49315ef7c24a58834d133da7225 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 77824 MB
1 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 159793152 | Size: 400 MB

Termine : << RKreport[0]_S_04102014_181849.txt >>



j'ai également une alerte ROOT MBR, voici le rapport "MBR":

¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: ST950032 5AS SATA Disk Device +++++
--- User ---
[MBR] dbb0aa050e8604e3e9f10a48644edd05
[BSP] 0a794a8ef2de3f90f07b376209c0a638 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 451699 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 925489152 | Size: 20977 MB
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 968450048 | Size: 4063 MB

33 c0 8e d0 bc 00 7c 8e c0 8e d8 be 00 7c bf 00 06
b9 00 02 fc f3 a4 50 68 1c 06 cb fb b9 04 00 bd be
07 80 7e 00 00 7c 0b 0f 85 0e 01 83 c5 10 e2 f1 cd
18 88 56 00 55 c6 46 11 05 c6 46 10 00 b4 41 bb aa
55 cd 13 5d 72 0f 81 fb 55 aa 75 09 f7 c1 01 00 74
03 fe 46 10 66 60 80 7e 10 00 74 26 66 68 00 00 00
00 66 ff 76 08 68 00 00 68 00 7c 68 01 00 68 10 00
b4 42 8a 56 00 8b f4 cd 13 9f 83 c4 10 9e eb 14 b8
01 02 bb 00 7c 8a 56 00 8a 76 01 8a 4e 02 8a 6e 03
cd 13 66 61 73 1c fe 4e 11 75 0c 80 7e 00 80 0f 84
8a 00 b2 80 eb 84 55 32 e4 8a 56 00 cd 13 5d eb 9e
81 3e fe 7d 55 aa 75 6e ff 76 00 e8 8d 00 75 17 fa
b0 d1 e6 64 e8 83 00 b0 df e6 60 e8 7c 00 b0 ff e6
64 e8 75 00 fb b8 00 bb cd 1a 66 23 c0 75 3b 66 81
fb 54 43 50 41 75 32 81 f9 02 01 72 2c 66 68 07 bb
00 00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66
53 66 55 66 68 00 00 00 00 66 68 00 7c 00 00 66 61
68 00 00 07 cd 1a 5a 32 f6 ea 00 7c 00 00 cd 18 a0
b7 07 eb 08 a0 b6 07 eb 03 a0 b5 07 32 e4 05 00 07
8b f0 ac 3c 00 74 09 bb 07 00 b4 0e cd 10 eb f2 f4
eb fd 2b c9 e4 64 eb 00 24 02 e0 f8 24 02 c3 49 6e
76 61 6c 69 64 20 70 61 72 74 69 74 69 6f 6e 20 74
61 62 6c 65 00 45 72 72 6f 72 20 6c 6f 61 64 69 6e
67 20 6f 70 65 72 61 74 69 6e 67 20 73 79 73 74 65
6d 00 4d 69 73 73 69 6e 67 20 6f 70 65 72 61 74 69
6e 67 20 73 79 73 74 65 6d 00 00 00 63 7b 9a 45 d5
af 59 00 00

3.....|......|.........Ph...........~..|.............V.U.F...F...A..U..]r...U.u.....t..F.f'.~..t&fh....f.v.h..h.|h..h...B.V.................|.V..v..N..n...fas..N.u..~..........U2..V...]...>.}U.un.v....u.....d......'.|....d.u.......f#.u;f..TCPAu2....r,fh....fh....fh....fSfSfUfh....fh.|..fah.....Z2...|.................2.......<.t.............+..d..$...$..Invalid partition table.Error loading operating system.Missing operating system...c{.E..Y..

User = LL1 ... OK
User != LL2 ... KO!
--- LL2 ---
[MBR] b7b4d55b6580024bec8c843bc78b9eb5
[BSP] eb6be49315ef7c24a58834d133da7225 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 77824 MB
1 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 159793152 | Size: 400 MB

cd 18 00 d0 bc 00 7c 8e c0 8e d8 be 00 7c bf 00 06
b9 00 02 fc f3 a4 50 68 1c 06 cb fb b9 04 00 bd be
07 80 7e 00 00 7c 0b 0f 85 0e 01 83 c5 10 e2 f1 cd
18 88 56 00 55 c6 46 11 05 c6 46 10 00 b4 41 bb aa
55 cd 13 5d 72 0f 81 fb 55 aa 75 09 f7 c1 01 00 74
03 fe 46 10 66 60 80 7e 10 00 74 26 66 68 00 00 00
00 66 ff 76 08 68 00 00 68 00 7c 68 01 00 68 10 00
b4 42 8a 56 00 8b f4 cd 13 9f 83 c4 10 9e eb 14 b8
01 02 bb 00 7c 8a 56 00 8a 76 01 8a 4e 02 8a 6e 03
cd 13 66 61 73 1c fe 4e 11 75 0c 80 7e 00 80 0f 84
8a 00 b2 80 eb 84 55 32 e4 8a 56 00 cd 13 5d eb 9e
81 3e fe 7d 55 aa 75 6e ff 76 00 e8 8d 00 75 17 fa
b0 d1 e6 64 e8 83 00 b0 df e6 60 e8 7c 00 b0 ff e6
64 e8 75 00 fb b8 00 bb cd 1a 66 23 c0 75 3b 66 81
fb 54 43 50 41 75 32 81 f9 02 01 72 2c 66 68 07 bb
00 00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66
53 66 55 66 68 00 00 00 00 66 68 00 7c 00 00 66 61
68 00 00 07 cd 1a 5a 32 f6 ea 00 7c 00 00 cd 18 a0
b7 07 eb 08 a0 b6 07 eb 03 a0 b5 07 32 e4 05 00 07
8b f0 ac 3c 00 74 09 bb 07 00 b4 0e cd 10 eb f2 f4
eb fd 2b c9 e4 64 eb 00 24 02 e0 f8 24 02 c3 49 6e
76 61 6c 69 64 20 70 61 72 74 69 74 69 6f 6e 20 74
61 62 6c 65 00 45 72 72 6f 72 20 6c 6f 61 64 69 6e
67 20 6f 70 65 72 61 74 69 6e 67 20 73 79 73 74 65
6d 00 4d 69 73 73 69 6e 67 20 6f 70 65 72 61 74 69
6e 67 20 73 79 73 74 65 6d 00 00 00 63 7b 9a 45 d5
af 59 00 00

......|......|.........Ph...........~..|.............V.U.F...F...A..U..]r...U.u.....t..F.f'.~..t&fh....f.v.h..h.|h..h...B.V.................|.V..v..N..n...fas..N.u..~..........U2..V...]...>.}U.un.v....u.....d......'.|....d.u.......f#.u;f..TCPAu2....r,fh....fh....fh....fSfSfUfh....fh.|..fah.....Z2...|.................2.......<.t.............+..d..$...$..Invalid partition table.Error loading operating system.Missing operating system...c{.E..Y..
0
lilidurhone Messages postés 43347 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 31 octobre 2024 3 807
10 avril 2014 à 18:41
Rassure toi ton MBR est normal

Passe adwcleaner


https://www.commentcamarche.net/telecharger/securite/2759-adwcleaner/
0
voici le rapport éadwcleaner" :

# AdwCleaner v3.023 - Rapport créé le 10/04/2014 à 19:16:03
# Mis à jour le 01/04/2014 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : JC - JC-HP
# Exécuté depuis : C:\Users\JC\Downloads\adwcleaner.exe
# Option : Scanner

***** [ Services ] *****

Service Présent : SProtection

***** [ Fichiers / Dossiers ] *****

Dossier Présent : C:\Users\JC\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Dossier Présent : C:\Users\JC\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Dossier Présent C:\Kreapixel
Dossier Présent C:\Program Files (x86)\Common Files\Umbrella
Dossier Présent C:\Program Files (x86)\Iminent
Dossier Présent C:\Program Files (x86)\Services x86
Dossier Présent C:\Program Files (x86)\Services x86
Dossier Présent C:\ProgramData\Babylon
Dossier Présent C:\ProgramData\BitGuard
Dossier Présent C:\ProgramData\Iminent
Dossier Présent C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
Dossier Présent C:\Users\JC\AppData\Roaming\BabSolution
Dossier Présent C:\Users\JC\AppData\Roaming\Babylon
Dossier Présent C:\Users\JC\AppData\Roaming\file scout
Dossier Présent C:\Users\JC\AppData\Roaming\Iminent
Dossier Présent C:\Users\JC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Dossier Présent C:\Users\JC\AppData\Roaming\PC Speed Maximizer
Fichier Présent : C:\Users\JC\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Fichier Présent : C:\Users\JC\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Fichier Présent : C:\Users\JC\AppData\Roaming\BabMaint.exe
Fichier Présent : C:\Users\JC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webplayer.lnk
Fichier Présent : C:\Users\JC\Desktop\Webplayer.lnk
Fichier Présent : C:\Windows\System32\Tasks\EPUpdater

***** [ Raccourcis ] *****


***** [ Registre ] *****

Clé Présente : HKCU\Software\86dedbb234bd43
Clé Présente : HKCU\Software\AppDataLow\Software\Crossrider
Clé Présente : HKCU\Software\AppDataLow\Software\Services x86
Clé Présente : HKCU\Software\AppDataLow\Software\Services x86
Clé Présente : HKCU\Software\BabSolution
Clé Présente : HKCU\Software\BabylonToolbar
Clé Présente : HKCU\Software\DataMngr
Clé Présente : HKCU\Software\Iminent
Clé Présente : HKCU\Software\installedbrowserextensions
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9D5BD211-422C-4164-9298-BB4186A30F31}
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110211701196}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110211701196}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Clé Présente : HKCU\Software\pc speed maximizer
Clé Présente : [x64] HKCU\Software\BabSolution
Clé Présente : [x64] HKCU\Software\BabylonToolbar
Clé Présente : [x64] HKCU\Software\DataMngr
Clé Présente : [x64] HKCU\Software\Iminent
Clé Présente : [x64] HKCU\Software\installedbrowserextensions
Clé Présente : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clé Présente : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Clé Présente : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Clé Présente : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clé Présente : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9D5BD211-422C-4164-9298-BB4186A30F31}
Clé Présente : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Clé Présente : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Clé Présente : [x64] HKCU\Software\pc speed maximizer
Clé Présente : HKLM\SOFTWARE\86dedbb234bd43
Clé Présente : HKLM\Software\Babylon
Clé Présente : HKLM\SOFTWARE\Classes\*\shell\filescout
Clé Présente : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Clé Présente : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Clé Présente : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Clé Présente : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Clé Présente : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Clé Présente : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Clé Présente : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Clé Présente : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Clé Présente : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Clé Présente : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Clé Présente : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Clé Présente : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Clé Présente : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Clé Présente : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Clé Présente : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Clé Présente : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Clé Présente : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110211701196}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220222702296}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Clé Présente : HKLM\SOFTWARE\Classes\CrossriderApp0027096.BHO
Clé Présente : HKLM\SOFTWARE\Classes\CrossriderApp0027096.BHO.1
Clé Présente : HKLM\SOFTWARE\Classes\CrossriderApp0027096.Sandbox
Clé Présente : HKLM\SOFTWARE\Classes\CrossriderApp0027096.Sandbox.1
Clé Présente : HKLM\SOFTWARE\Classes\d
Clé Présente : HKLM\SOFTWARE\Classes\delta.deltaappCore
Clé Présente : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Clé Présente : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Clé Présente : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Clé Présente : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Clé Présente : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Clé Présente : HKLM\SOFTWARE\Classes\escort.escortIEPane
Clé Présente : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Clé Présente : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Clé Présente : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Clé Présente : HKLM\SOFTWARE\Classes\Iminent
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.DownloadArgs
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.RawDataArgs
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.TinyUrlArgs
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.ViralLinkArgs
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ClientCallback
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ContractBase
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.TestContentCommand
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerCommand
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerResult
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightContent
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightUri
Clé Présente : HKLM\SOFTWARE\Classes\Iminent.Mediator.MediatorServiceProxy
Clé Présente : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
Clé Présente : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
Clé Présente : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
Clé Présente : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550255705596}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266706696}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Clé Présente : HKLM\SOFTWARE\Classes\Prod.cap
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440244704496}
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Clé Présente : HKLM\Software\DataMngr
Clé Présente : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Clé Présente : HKLM\SOFTWARE\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Clé Présente : HKLM\Software\Iminent
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0AF350D9-3916-454B-AC53-0B0B65F41301}
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{67350e22-fdc4-496e-aa0b-b46a9a6381e6}
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6f6dcfe8-fe93-420d-82ab-ac579863f09b}
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b566966a-1643-42f7-a0a6-d1600a65f414}
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dec91c92-408d-4a41-97b6-34befcec5fee}
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{faedd7c3-7251-46a8-a733-91e026cada9c}
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110211701196}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211701196}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7F1E694F-1880-4D5F-BD27-A0D0A5379864}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9937E55B-6331-4804-93EF-77E992F204BD}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Services x86
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Services x86
Clé Présente : HKLM\Software\Services x86
Clé Présente : HKLM\Software\Services x86
Clé Présente : HKLM\Software\Umbrella
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550255705596}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266706696}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Clé Présente : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Clé Présente : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Clé Présente : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Valeur Présente : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Valeur Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Valeur Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [PC Speed Maximizer]
Valeur Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]
Valeur Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Iminent]
Valeur Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [IminentMessenger]

***** [ Navigateurs ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Google Chrome v32.0.1700.107

[ Fichier : C:\Users\JC\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [31910 octets] - [10/04/2014 19:16:03]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [31971 octets] ##########
0
lilidurhone Messages postés 43347 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 31 octobre 2024 3 807
10 avril 2014 à 20:19
Fais nettoyer
0
c'est fait !

et maintenant ?

merci
0
bonjour,

pas de changement en mmode classique, toujours bloqué
0
lilidurhone Messages postés 43347 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 31 octobre 2024 3 807
14 avril 2014 à 07:22
Refais zhpdiag
0
bonjour,

voici le rapport zhpdiag fait en mode sans échec avec prise en charge du réseau :

~ Rapport de ZHPDiag v2014.4.8.11 - Nicolas Coolman (09/04/2014)
~ Lancé par JC (14/04/2014 12:43:30)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16518
GCIE: Google Chrome v32.0.1700.107 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
avast! Free Antivirus v7.0.1466.0
Malwarebytes Anti-Malware version 2.0.1.1004
Windows Defender W7

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 12 ActiveX
Adobe Reader X
Java 7 Update 7

---\\ Informations sur le système
~ Processor: AMD64 Family 18 Model 1 Stepping 0, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Sans échec avec prise en charge du réseau (Fail-safe with network boot)
Total RAM: 3561 MB (84% free)
System Restore: Activé (Enable)
System drive C: has 384 GB (87%) free of 441 GB

---\\ Mode de connexion au système
~ Computer Name: JC-HP
~ User Name: JC
~ All Users Names: JC, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\JC\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\JC\AppData\Roaming\
~ %Desktop% : C:\Users\JC\Desktop\
~ %Favorites% : C:\Users\JC\Favorites\
~ %LocalAppData% : C:\Users\JC\AppData\Local\
~ %StartMenu% : C:\Users\JC\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 384 Go of 441 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 20 Go)
E: Hard drive, Flash drive, Thumb drive (Free 1 Go of 4 Go)
F: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 46 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.15/10/2011 - 06:36:24.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.263B6E451526A90FF8B1CEC759F22956] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.06/02/2014 - 10:24:52.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/10/2011 - 06:40:07.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.DF8126BD41180351A093A3AD2FC8903B] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.15/10/2011 - 06:33:05.) -- C:\Windows\system32\Drivers\volsnap.sys [296320]
~ Generic Processes: Scanned in 00mn 01s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/21
~ Mes musiques (My Musics) : 11/248
~ Mes Videos (My Videos) : 2/8
~ Mes Favoris (My Favorites) : 1/18
~ Mes Documents (My Documents) : 2/18
~ Mon Bureau (My Desktop) : 1/12
~ Menu demarrer (Programs) : 1/34
~ Hidden Files: Scanned in 00mn 01s



---\\ Processus lancés
[MD5.9ECCE6A982223E99A5E1BB1A92A7D075] - (.Nicolas Coolman - ZHPDiag.) -- C:\Utilitaires\ZHPDiag\ZHPDiag.exe [8203264] [PID.1292]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\JC\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://www.bing.com
G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.3 (Désactivé) =>Toolbar.DeltaSearch
G2 - GCE: Preference [User Data\Default] [igdhbblpcellaljokkpfhcjlagemhgjl] Iminent v.6.16.5.1, (Désactivé) =>Adware.IMBooster
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)

---\\ Liste des dossiers d'extension Google Chrome

~ Google Lines Browser: 11 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll =>Toolbar.Google
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [JC]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [JC]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [JC]: HP Taskbar Process HP.lnk . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe (.not file.)
O4 - GS\TaskBar [JC]: midi.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [JC]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [JC]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [JC]: algobox - Raccourci.lnk . (...) -- C:\Program Files (x86)\Algobox\algobox.exe
O4 - GS\Desktop [JC]: Algobox.lnk . (...) -- C:\Program Files (x86)\Algobox\algobox.exe
O4 - GS\Desktop [JC]: AusLogics Disk Defrag.lnk . (.Auslogics - Auslogics Disk Defrag.) -- C:\Utilitaires\AusLogics Disk Defrag\diskdefrag.exe
O4 - GS\Desktop [JC]: ccleaner - Raccourci.lnk . (.Piriform Ltd - CCleaner.) -- C:\Utilitaires\Ccleaner\ccleaner.exe =>.Piriform Ltd
O4 - GS\Desktop [JC]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [JC]: midi.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Global Startup: 64 Legitimates Filtered in 00mn 02s



---\\ Applications lancées au démarrage du système (O4)
O4 - GS\Startup [JC]: Outil de notification de cadeaux MSN.lnk . (.Microsoft Corporation - Outil de notification de cadeaux MSN.) -- C:\Users\JC\AppData\Roaming\Microsoft\Outil de notification de cadeaux MSN\msnotif.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio TPE.) -- C:\Program Files\IDT\WDM\sttray64.exe
O4 - HKLM\..\Run: [SetDefault] . (.Hewlett-Packard Development Company, L.P. - SetDefault.) -- C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
O4 - HKCU\..\Run: [HP Deskjet 3070 B611 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe =>.Hewlett-Packard Co
O4 - HKCU\..\RunOnce: [Report] . (...) -- C:\AdwCleaner\AdwCleaner[S0].txt
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [HPQuickWebProxy] . (.Hewlett-Packard Company - HP QuickWeb Utilities.) -- C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Quick Launch] . (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [HPOSD] . (.Hewlett-Packard Development Company, L.P. - HP On Screen Display.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Wow6432Node\Run: [Easybits Recovery] . (.EasyBits Software AS - Pas de description.) -- C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe =>.EasyBits Software AS
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-487489554-3010040347-1849917863-1001\..\Run: [HP Deskjet 3070 B611 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe =>.Hewlett-Packard Co
O4 - HKUS\S-1-5-21-487489554-3010040347-1849917863-1001\..\RunOnce: [Report] . (...) -- C:\AdwCleaner\AdwCleaner[S0].txt
~ Application: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{082B8A69-4AE5-45C9-AF66-EC2035AA8F81}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{11B59C77-BC24-471B-B936-AFAA8EF8E8E8}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\..\{BAFBCA03-E82E-4B67-85D0-30B9A24683A3}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{082B8A69-4AE5-45C9-AF66-EC2035AA8F81}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{11B59C77-BC24-471B-B936-AFAA8EF8E8E8}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CS1\Services\Tcpip\..\{BAFBCA03-E82E-4B67-85D0-30B9A24683A3}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{082B8A69-4AE5-45C9-AF66-EC2035AA8F81}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{11B59C77-BC24-471B-B936-AFAA8EF8E8E8}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CS2\Services\Tcpip\..\{BAFBCA03-E82E-4B67-85D0-30B9A24683A3}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: video/x-flv [64Bits] - {20C75730-7C25-476B-95DC-C65810F9E489} . (.Advanced Micro Devices - MIME Video Detector for IE.) -- C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKLM\Software\Wow6432Node\UMBRELLA]
~ Key Software: 302 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 14/03/2014 - 21:20:33 - [48,394] ----D C:\Program Files (x86)\GUM1026.tmp
O43 - CFD: 22/03/2014 - 21:05:22 - [48,394] ----D C:\Program Files (x86)\GUM48E1.tmp
O43 - CFD: 03/03/2014 - 19:07:38 - [48,394] ----D C:\Program Files (x86)\GUM72BF.tmp
O43 - CFD: 09/04/2014 - 20:28:58 - [6,517] ----D C:\Program Files (x86)\GUM84E7.tmp
O43 - CFD: 28/03/2014 - 14:45:20 - [48,394] ----D C:\Program Files (x86)\GUM8AFF.tmp
O43 - CFD: 09/03/2014 - 11:26:32 - [48,394] ----D C:\Program Files (x86)\GUM8E69.tmp
O43 - CFD: 08/03/2014 - 19:31:05 - [48,394] ----D C:\Program Files (x86)\GUM95B9.tmp
O43 - CFD: 10/04/2014 - 18:33:55 - [6,517] ----D C:\Program Files (x86)\GUMEE54.tmp
O43 - CFD: 22/04/2013 - 22:06:02 - [0,001] ----D C:\Users\JC\AppData\Local\messengerdusexe
O43 - CFD: 05/12/2012 - 20:53:13 - [0] ----D C:\Users\JC\AppData\Local\pur-flirt
~ 237 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 409 Legitimates Filtered in 01mn 02s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.5E7DD328DBDFE264633C14C7746A8EFB] - 05/04/2014 - 14:54:00 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [32064]
O44 - LFC:[MD5.5E7DD328DBDFE264633C14C7746A8EFB] - 05/04/2014 - 14:54:00 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [32064]
O44 - LFC:[MD5.69C42263E54F25D6446A55C42581A584] - 14/04/2014 - 11:41:57 ---A- . (...) -- C:\Windows\ntbtlog.txt [994908]
~ Files: 17 Legitimates Filtered in 00mn 07s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.FB850B2DAE536363784609443FE0B68E] - 10/04/2014 - 17:33:54 ---A- - C:\Windows\Prefetch\HPWMISVC.EXE-7C55DC8A.pf
O45 - LFCP:[MD5.0A9E2BFBFEBEC324415087258127754A] - 10/04/2014 - 17:33:54 ---A- - C:\Windows\Prefetch\MSNOTIF.EXE-D8A1B643.pf
O45 - LFCP:[MD5.133EA96B44A1BB36D687F94CD5629381] - 13/04/2014 - 20:15:27 ---A- - C:\Windows\Prefetch\HPQWUTILS.EXE-EFBF4691.pf
~ Prefetcher: 3 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.B8B1B284362E1D8135112573395D5DA5] - 25/06/2010 - 15:08:10 ---A- . (.Windows (R) Win 7 DDK provider - RawPacket NDIS Protocol Driver.) -- C:\Windows\System32\Drivers\htcnprot.sys [36928]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:[MD5.EBA98394A7D58F7552C52192BD8FA7E6] - 27/05/2011 - 20:06:16 ---A- . (.IDT, Inc. - IDT PC Audio TPE.) -- C:\Windows\System32\Drivers\stwrt64.sys [528384]
~ Drivers: 16 Legitimates Filtered in 00mn 04s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 14/04/2014 - 12:45:16 ---A- . (...) -- C:\Users\JC\AppData\Roaming\ZHP\Log.txt [61437] =>.Nicolas Coolman
O61 - LFC: 14/04/2014 - 12:45:16 ---A- . (...) -- C:\Users\JC\AppData\Roaming\ZHP\TestsZHPDiag.txt [2749] =>.Nicolas Coolman
~ Files: 9 Legitimates Filtered in 00mn 10s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
~ Legacy: 124 Legitimates Filtered in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {D944BB61-2E34-4DBF-A683-47E505C587DC} - (eBay) - http://rover.ebay.com =>Toolbar.eBay
O69 - SBI: SearchScopes [HKCU] {FB36B2D3-D2B2-4EAC-9CE2-D3B15D6EEEFC} - (Propositions de recherche Amazon.fr) - http://www.amazon.fr
O69 - SBI: SearchScopes [HKCU] ÛYÆîZ§'2¹Þpv¨IÍá*X(Z2s(ÛÎÀJºÔÓµ ± vË°!×--(ä¼48иpatm6êo^Mp'Ëõ÷_i£w~¾!"Áû+ x¢8€ÙjÀÿþ 'Ñ;áa'[¦+8 º~ RÙxoeòÜ8'£-)x­ä­ - (Search the web (Babylon)) - http://isearch.babylon.com =>PUP.Babylon
~ Keys: Scanned in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{89997F07-48E0-4C9E-AD36-7CDAC4606DA7}" |In - None - P6 - TRUE | .(...) -- C:\Program Files (x86)\Iminent\Iminent.exe (.not file.) =>Adware.IMBooster
O87 - FAEL: "{E4912450-6147-474F-A605-FCA4E508CE5E}" |In - None - P6 - TRUE | .(...) -- C:\Program Files (x86)\Iminent\Iminent.Messengers.exe (.not file.) =>Adware.IMBooster
~ Firewall: 193 Legitimates Filtered in 00mn 01s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "F496E1F70881F5D4DB720A0D5A738946" . (.Iminent.) -- C:\Windows\Installer\{7F1E694F-1880-4D5F-BD27-A0D0A5379864}\imbooster.ico =>Adware.IMBooster
~ Update Products: 129 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.A3AEEC9A9B6984F2E22B90FDC9A23AB8] [WIS][12/12/2013] (.Skype Technologies S.A. - Skype.) -- C:\Windows\Installer\30a72.msi [24993792]
~ WIS: 133 Legitimates Filtered in 00mn 17s



---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Microsoft\Tracing\browserchoice_RASAPI32
HKLM\SOFTWARE\Microsoft\Tracing\browserchoice_RASMANCS
HKLM\SOFTWARE\Microsoft\Tracing\CCC_RASAPI32
HKLM\SOFTWARE\Microsoft\Tracing\CCC_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\A16D_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdobeARM_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdobeARM_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\avg_12_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\avg_12_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BBSvc_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BBSvc_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32 =>Toolbar.Bing
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Cake Mania-WT_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\CVHSVC_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\CVHSVC_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DllHost_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DllHost_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FlashUtil10x_ActiveX_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FlashUtil10x_ActiveX_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FP_AX_CAB_INSTALLER64_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FP_AX_CAB_INSTALLER64_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\HPPowerManager_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\HPPowerManager_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\HPWUCli_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\HPWUCli_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Installation_Messenger_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Installation_Messenger_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Jewel Quest II-WT_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MOE_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MOE_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\mshta_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\mshta_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\msnmsgr_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\msnmsgr_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\oi_{BD3B96D8-E143-4FC6-9A9A-0899E94306E3}_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\oi_{BD3B96D8-E143-4FC6-9A9A-0899E94306E3}_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PurFlirt_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PurFlirt_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ranchrush2collectorsedition-WT_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\rencontreshard_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\rencontreshard_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ROC_JAN2013_TB_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ROC_JAN2013_TB_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ROC_ROC_NT_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ROC_ROC_NT_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SetupMessenger-rdv-rapide_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SetupMessenger-rdv-rapide_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SetupMessengerdusexe_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SetupMessengerdusexe_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SKY6D14_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SKY6D14_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SKYB950_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SKYB950_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SwDnld_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SwDnld_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SwHelper_1161629_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SwHelper_1161629_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ToolbarInstaller_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ToolbarInstaller_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\vprot_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\vprot_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wlstartup_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wlstartup_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WLXPhotoGalleryRepair_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WLXPhotoGalleryRepair_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WLXPhotoGallery_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WLXPhotoGallery_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yesmessenger_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yesmessenger_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YouCam_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YouCam_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\{2993C69F-0006-4EF9-BA95-DDAC05280585}_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\{2993C69F-0006-4EF9-BA95-DDAC05280585}_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\{902F053E-66B9-41DB-A027-84665324FD44}_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\{902F053E-66B9-41DB-A027-84665324FD44}_RASMANCS
~ BTK: 187 Legitimates Filtered in 00mn 00s



---\\ Recherche de clés de registre CLSID (O101)
[HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] (Google Toolbar) =>Toolbar.Google
[HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Google Toolbar Helper) =>Toolbar.Google
~ BCK: 4589 Legitimates Filtered in 00mn 08s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 27/07/2012 63960 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Auto 22/03/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 29/09/2011 204288 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SS - | Auto 28/09/2011 361984 | (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
SS - | Auto 21/08/2012 44808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SS - | Auto 10/07/1658 0 | (ezSharedSvc) . (.EasyBits Software AS.) - C:\Windows\System32\ezSharedSvcHost.exe =>.EasyBits Software AS
SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SS - | Auto 30/08/2013 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 30/08/2013 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 30/08/2013 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Auto 09/09/2011 86072 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe =>.Hewlett-Packard Co
SS - | Auto 11/10/2010 346168 | (HPClientSvc) . (.Hewlett-Packard Company.) - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
SS - | Auto 14/03/2012 197504 | (HPDrvMntSvc.exe) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
SS - | Demand 14/03/2012 994176 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
SS - | Auto 11/07/2011 26680 | (HPWMISVC) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
SS - | Auto 29/06/2011 2413056 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
SS - | Auto 03/04/2014 1809720 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Utilitaires\Malwarebytes Anti-Malware\mbamscheduler.exe
SS - | Auto 03/04/2014 857912 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Utilitaires\Malwarebytes Anti-Malware\mbamservice.exe
SS - | Auto 04/05/2011 81408 | (PassThru Service) . (...) - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
SS - | Auto 05/09/2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Auto 27/05/2011 301568 | (STacSV) . (.IDT, Inc..) - C:\Program Files\IDT\WDM\STacSV64.exe
SS - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 11s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by JC at 14/04/2014 12:46:17
~ OS 64 not supported by MBR tool

~ MBR: 0 Legitimates Filtered in 00mn 00s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by JC at 14/04/2014 12:46:19

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin

~ MBR: Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 13044 - (09/04/2014)
Clés trouvées (Keys found) : 6
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 2
Fichiers trouvés (Files found) : 4

[HKLM\Software\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde] =>Toolbar.DeltaSearch^
[HKLM\Software\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl] =>Adware.IMBooster^
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A] =>Adware.IMBooster
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
C:\Users\JC\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde =>Toolbar.DeltaSearch^
C:\Users\JC\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl =>Adware.IMBooster^
[HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] (Google Toolbar) =>Toolbar.Google^
[HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Google Toolbar Helper) =>Toolbar.Google^
C:\Users\JC\AppData\Local\Temp\uninst1.exe =>PUP.Babylon
~ Additionnel Scan: 237215 Items scanned in 00mn 21s



---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch
http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma
~ MSI: 4 link(s) detected in 00mn 00s



~ 1364 Legitimates filtered by white list
End of the scan (525 lines in 03mn 12s)(0)
0
lilidurhone Messages postés 43347 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 31 octobre 2024 3 807
14 avril 2014 à 18:03
Mets à jour Mbam et lances un examen "menaces"
0