Webs searches

seve1972 Messages postés 6 Statut Membre -  
ArnaudLy6 Messages postés 4695 Statut Membre -
Bonjour,
je voudrais supprimer websearches de mon pc !!!
merce de votre aide

2 réponses

  1. ArnaudLy6 Messages postés 4695 Statut Membre 189
     
    Salut,

    Télécharge AdwCleaner : https://www.commentcamarche.net/telecharger/securite/2759-adwcleaner/#q=adwcleaner&cur=1&url=%2F
    Ensuite suis ces étapes :

    - Lance le logiciel
    - Clique sur "Scanner"
    - Une fois le scan terminé, clique sur "Nettoyer"
    - Le logiciel va redémarrer ton ordinateur
    - Une fois ta session ouverte, tu devrais avoir un rapport de nettoyage
    - Colle ce rapport dans ton prochain message
    0
  2. seve1972 Messages postés 6 Statut Membre
     
    ~ Rapport de ZHPDiag v2014.4.19.35 - Nicolas Coolman (19/04/2014)
    ~ Lancé par severine (21/04/2014 16:34:59)
    ~ Adresse du Site Web https://nicolascoolman.webs.com/
    ~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
    ~ Traduit par Nicolas Coolman
    ~ Etat de la version :
    ~ Liste blanche : Activée par le programme
    ~ Elévation des Privilèges : OK
    ~ User Account Control (UAC): Deactivate by program

    ---\\ Navigateurs Internet
    MSIE: Internet Explorer v9.0.8112.16421
    GCIE: Google Chrome v34.0.1847.116 (Defaut)

    ---\\ Informations sur les produits Windows
    ~ Langage: Français
    Windows Vista (TM) Home Basic, 32-bit Service Pack 2 (Build 6002)
    Windows Server License Manager Script : OK
    ~ Windows Operating System - Vista, OEM_SLP channel
    System Locked Preinstallation (OEM_SLP) : OK
    Windows ID Activation : OK
    ~ Windows Partial Key : P92J4
    Windows License : OK
    Windows Automatic Updates : OK

    ---\\ Logiciels de protection du système

    ---\\ Logiciels d'optimisation du système
    CCleaner v4.12 =>.Piriform Ltd

    ---\\ Logiciels de partage PeerToPeer

    ---\\ Surveillance de Logiciels
    Adobe Flash Player 13 ActiveX

    ---\\ Informations sur le système
    ~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
    ~ Operating System: 32 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 2037 MB (27% free)
    System Restore: Activé (Enable)
    System drive C: has 62 GB (61%) free of 102 GB

    ---\\ Mode de connexion au système
    ~ Computer Name: PC-DE-SEVERINE
    ~ User Name: severine
    ~ All Users Names: severine, Administrateur,
    ~ Unselected Option: None
    Logged in as Administrator

    ---\\ Variables d'environnement
    ~ System Unit : C:\
    ~ %AppZHP% : C:\Users\severine\AppData\Roaming\ZHP\
    ~ %AppData% : C:\Users\severine\AppData\Roaming\
    ~ %Desktop% : C:\Users\severine\Desktop\
    ~ %Favorites% : C:\Users\severine\Favorites\
    ~ %LocalAppData% : C:\Users\severine\AppData\Local\
    ~ %StartMenu% : C:\Users\severine\AppData\Roaming\Microsoft\Windows\Start Menu\
    ~ %Windir% : C:\Windows\
    ~ %System% : C:\Windows\System32\

    ---\\ Enumération des unités disques
    C: Hard drive, Flash drive, Thumb drive (Free 62 Go of 102 Go)
    D: CD-ROM drive (Not Inserted)

    ---\\ Etat du Centre de Sécurité Windows
    ~ Security Center: 50 Legitimates Filtered in 00mn 00s

    ---\\ Recherche particulière de fichiers génériques
    [MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
    [MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:33:13.) -- C:\Windows\System32\Wininit.exe [96768]
    [MD5.62077F806BC59CBD5A404338D710D133] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.08/03/2014 - 00:02:07.) -- C:\Windows\System32\wininet.dll [1129472]
    [MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
    [MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
    [MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
    [MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:33:23.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
    [MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
    [MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
    [MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
    [MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:32:45.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
    [MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:34:06.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
    [MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
    [MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
    [MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
    [MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
    [MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:34:44.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
    [MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:32:22.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832]
    [MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
    [MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
    [MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
    ~ Generic Processes: Scanned in 00mn 01s

    ---\\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 1/9
    ~ Mes musiques (My Musics) : 1/60
    ~ Mes Videos (My Videos) : 1/2
    ~ Mes Favoris (My Favorites) : 1/5
    ~ Mes Documents (My Documents) : 1/5
    ~ Mon Bureau (My Desktop) : 1/191
    ~ Menu demarrer (Programs) : 1/3
    ~ Hidden Files: Scanned in 00mn 00s

    ---\\ Processus lancés
    [MD5.143ECB242AF6ECE366AB477828E29D44] - (...) -- C:\Program Files\Orange\Orange Installer\OrangeInstaller.exe [561320] [PID.1432]
    [MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.3564]
    [MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.3724]
    [MD5.B3E0C20A53D6A55590468B33AA9BC525] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [178712] [PID.3732]
    [MD5.D4975555E91636FCF4809E51731F80D8] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [166424] [PID.3748]
    [MD5.CD12A46AE81306C2F14B19A58E1058B0] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [133656] [PID.3756]
    [MD5.6882D187F65ECA79110848A68FDEB2BF] - (.Pas de propriétaire - NTI Backup Now 5 Tray Module.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [34040] [PID.3796]
    [MD5.2B76545CD2572B92E89AC62C076F4699] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [6111232] [PID.3856]
    [MD5.EED2120454E74AA5C257947986B4D068] - (.Synaptics, Inc. - Synaptics Pointing Device starter.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe [102400] [PID.3952]
    [MD5.4BFA1849DC7AA3CB99C160D9EB96C67B] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640] [PID.3968]
    [MD5.BAF535F843A3E790E04A7613811B55BC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [152392] [PID.3992]
    [MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336] [PID.4028]
    [MD5.182E32D1CB932FAF9E9076A55D0706AE] - (.Orange - MailNotifier.) -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe [883800] [PID.928]
    [MD5.58920E6A409046BA06548D9D139CE0F0] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [20584608] [PID.1788]
    [MD5.8BEB7107A0CE4BB1C4F7294C377DF3E9] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [256536] [PID.852]
    [MD5.6760120308750C0819C2F21F7F0385E7] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1021224] [PID.2580]
    [MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53784] [PID.1232]
    [MD5.FA4D25CE388865F4CC71C73C4D2CE7B7] - (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil32_13_0_0_182_ActiveX.exe [844464] [PID.4308]
    [MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.4612] =>Toolbar.Google
    [MD5.7116680C2C62709EE81BDDC69EF26B93] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [757488] [PID.6780]
    [MD5.BAD663957F682F95B22C4E83AB49CB52] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe [308368] [PID.8152] =>Toolbar.Google
    [MD5.1A5B4B58DBB626776920260704FD0116] - (.Adobe Systems Incorporated - Adobe Reader 8.0.) -- C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe [345712] [PID.7100]
    [MD5.2EBBBFC120593C683796092F2DDA0EFC] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [841032] [PID.7036]
    [MD5.A1C1669580EF1D8F54D7EAFF527AB6A9] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8219648] [PID.9072]
    [MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1280]
    [MD5.BEA8D0FA8805CC2E6BB49728166699C7] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1800]
    [MD5.E91C669DB45EC0F1D18185A9B7006E44] - (.Cherished Technololgy LIMITED - IePlugin Service.) -- C:\ProgramData\IePluginService\PluginService.exe [705136] [PID.1904] =>Trojan.SProtector
    [MD5.92281751677E78270C8AE46C951AD7F5] - (.Cherished Technololgy LIMITED - WPM Service.) -- C:\ProgramData\WPM\wprotectmanager.exe [566272] [PID.1936] =>PUP.WpManager
    [MD5.30E3850F303EAE5C364782EA78579CC9] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624] [PID.2200]
    [MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.2220]
    [MD5.09E6AFFAE6C0E9158BF05C7D08D0107A] - (.NewTech Infosystems, Inc. - NTI Backup Now 5 Agent service..) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [16384] [PID.2372]
    [MD5.6B1F9C8C3757622824705A32BF721E8A] - (.Pas de propriétaire - Acer Empowering Technology Framework Servic.) -- C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe [24576] [PID.2540]
    [MD5.204A73A56751C68C6031E9D5D611EC98] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [354840] [PID.2668]
    [MD5.793FF718477345CD5D232C50BED1E452] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440] [PID.2744]
    [MD5.CB76F68BA0D57C5D25B538981B1C611C] - (.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [50424] [PID.2808]
    [MD5.DF1C10A75DF7E50195FC417F88A33227] - (...) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [131072] [PID.2880]
    [MD5.30C3DEFEE78AEFB92ECE5536F017F8E8] - (.Iminent - Iminent Protection.) -- C:\Program Files\Common Files\Umbrella\Umbrella282.exe [3052352] [PID.2980] =>Adware.IMBooster
    [MD5.949A54971EF61E9D84B7C559B405A585] - (...) -- C:\Program Files\003\xmkysecqun32.exe [541696] [PID.3176] =>PUP.AdPeak
    [MD5.066F2BBE2EEC9A42B065B552BF356B4E] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [553288] [PID.300]
    ~ Processes Running: Scanned in 00mn 04s

    ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
    C:\Users\severine\AppData\Local\Google\Chrome\User Data\Default\Preferences
    G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activé)
    G2 - GCE: Preference [User Data\Default] [gebbadcnkcgcfgpbmcdleckpejgopimf] cacaoweb v.1.19 (Désactivé) =>PUP.CacaoWeb
    G2 - GCE: Preference [User Data\Default] [iagcajndpnfncplednpbnkahadegklfa] MySearchDial Nouvel onglet v.9.4.10 (Désactivé) =>Adware.MyWebSearch
    G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
    G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
    G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
    G2 - GCE: Preference [User Data\Default] [pelmeidfhdlhlbjimpabfcbnnojbboma] Quick Start v.3.2.3, (Désactivé) =>PUP.QuickStart

    ---\\ Liste des dossiers d'extension Google Chrome

    ~ Google Lines Browser: 17 Legitimates Filtered in 00mn 02s

    ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
    P2 - FPN: [HKLM] [@tools.Software.com/Software Update;version=3] - (.The Software Group - Software Update.) -- C:\Program Files\Software\Update\1.3.25.0\npSoftwareUpdate3.dll =>Adware.Boxore
    P2 - FPN: [HKLM] [@tools.Software.com/Software Update;version=9] - (.The Software Group - Software Update.) -- C:\Program Files\Software\Update\1.3.25.0\npSoftwareUpdate3.dll =>Adware.Boxore
    ~ Firefox Browser: 11 Legitimates Filtered in 00mn 00s

    ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
    R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com =>Adware.MyWebSearch
    R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
    R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
    R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com =>Hijacker.WebsSearches
    R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
    R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
    ~ IE Browser: 14 Legitimates Filtered in 00mn 00s

    ---\\ Internet Explorer, Proxy Management (R5)
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s

    ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
    F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
    F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
    F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
    ~ Keys: Scanned in 00mn 00s

    ---\\ Hosts file redirection (O1)
    ~ Le fichier hosts est sain (The hosts file is clean).
    ~ Hosts File: Scanned in 00mn 00s
    ~ Nombre de lignes (Lines number): 20

    ---\\ Browser Helper Objects de navigateur (O2)
    O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} . (.Thinknice Co. Limited - SupTab setup package.) -- C:\Program Files\SupTab\SupTab.dll =>PUP.SupTab
    ~ BHO: 12 Legitimates Filtered in 00mn 00s

    ---\\ Internet Explorer Toolbars (O3)
    O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
    O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
    ~ Toolbar: Scanned in 00mn 00s

    ---\\ Autres liens utilisateurs (O4)
    O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
    O4 - GS\QuickLaunch [severine]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
    O4 - GS\QuickLaunch [severine]: internet explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
    ~ Global Startup: 36 Legitimates Filtered in 00mn 01s

    ---\\ Applications lancées au démarrage du système (O4)
    O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
    O4 - HKLM\..\Run: [IAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
    O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
    O4 - HKLM\..\Run: [BkupTray] . (.Pas de propriétaire - NTI Backup Now 5 Tray Module.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
    O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe =>.Realtek Semiconductor Corp
    O4 - HKLM\..\Run: [Skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Windows\Skytel.exe =>.Realtek Semiconductor Corp
    O4 - HKLM\..\Run: [SynTPStart] . (.Synaptics, Inc. - Synaptics Pointing Device starter.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe
    O4 - HKLM\..\Run: [eRecoveryService] Clé orpheline
    O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
    O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
    O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
    O4 - HKLM\..\Run: [BrowserSafeguard] C:\Program Files\Browsersafeguard\BrowserSafeguard.exe (.not file.) =>PUP.BrowserSafeguard
    O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
    O4 - HKLM\..\Run: [fst_fr_156] Clé orpheline =>PUP.FreeSoftToday
    O4 - HKCU\..\Run: [WindowsWelcomeCenter] Clé orpheline
    O4 - HKCU\..\Run: [orangeinside] . (.Orange - Executable Orange Inside.) -- C:\Users\severine\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
    O4 - HKCU\..\Run: [Orange Installer] . (...) -- C:\Program Files\Orange\Orange Installer\OrangeInstaller.exe
    O4 - HKCU\..\Run: [MailNotifier] . (.Orange - MailNotifier.) -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe
    O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\severine\AppData\Local\Facebook\Update\FacebookUpdate.exe
    O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
    O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] Clé orpheline
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
    O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] Clé orpheline
    O4 - HKUS\S-1-5-21-3621640602-560181732-2409184741-1000\..\Run: [WindowsWelcomeCenter] Clé orpheline
    O4 - HKUS\S-1-5-21-3621640602-560181732-2409184741-1000\..\Run: [orangeinside] . (.Orange - Executable Orange Inside.) -- C:\Users\severine\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
    O4 - HKUS\S-1-5-21-3621640602-560181732-2409184741-1000\..\Run: [Orange Installer] . (...) -- C:\Program Files\Orange\Orange Installer\OrangeInstaller.exe
    O4 - HKUS\S-1-5-21-3621640602-560181732-2409184741-1000\..\Run: [MailNotifier] . (.Orange - MailNotifier.) -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe
    O4 - HKUS\S-1-5-21-3621640602-560181732-2409184741-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\severine\AppData\Local\Facebook\Update\FacebookUpdate.exe
    O4 - HKUS\S-1-5-21-3621640602-560181732-2409184741-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
    O4 - HKUS\S-1-5-21-3621640602-560181732-2409184741-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
    ~ Application: Scanned in 00mn 00s

    ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
    O9 - Extra button: (no name) - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
    ~ IE Extra Buttons: Scanned in 00mn 00s

    ---\\ Modification Domaine/Adresses DNS (O17)
    O17 - HKLM\System\CCS\Services\Tcpip\..\{6CF3F085-4657-4510-A6C8-B4D1F637CBED}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\..\{E45DCC0E-272C-4E99-8DBF-4E04107413FA}: DhcpNameServer = 172.20.10.1
    O17 - HKLM\System\CS1\Services\Tcpip\..\{6CF3F085-4657-4510-A6C8-B4D1F637CBED}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CS1\Services\Tcpip\..\{E45DCC0E-272C-4E99-8DBF-4E04107413FA}: DhcpNameServer = 172.20.10.1
    O17 - HKLM\System\CS2\Services\Tcpip\..\{6CF3F085-4657-4510-A6C8-B4D1F637CBED}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CS3\Services\Tcpip\..\{6CF3F085-4657-4510-A6C8-B4D1F637CBED}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    ~ Domain: Scanned in 00mn 00s

    ---\\ Protocole additionnel (O18)
    O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll =>.Microsoft Corporation
    O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
    ~ Protocole Additionnel: Scanned in 00mn 00s

    ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
    O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
    ~ Winlogon: Scanned in 00mn 00s

    ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
    ~ STS/SSO: Scanned in 00mn 00s

    ---\\ Liste des services NT non Microsoft et non désactivés (O23)
    O23 - Service: IePlugin Service (IePluginService) . (.Cherished Technololgy LIMITED - IePlugin Service.) - C:\ProgramData\IePluginService\PluginService.exe =>Trojan.SProtector
    O23 - Service: Service Software Update (Software_update) (Software_update) . (.The Software Group - Software Update.) - C:\Program Files\Software\Update\SoftwareUpdate.exe =>Adware.Boxore
    O23 - Service: SProtection (SProtection) . (.Iminent - Iminent Protection.) - C:\Program Files\Common Files\Umbrella\Umbrella282.exe =>Adware.IMBooster
    O23 - Service: SpyHunter 4 Service (SpyHunter 4 Service) . (...) - C:\Program Files\ENIGMA~1\SPYHUN~1\SH4SER~1.exe (.not file.) =>Crapware.SpyHunter
    O23 - Service: Update BrowseMark (Update BrowseMark) . (...) - C:\Program Files\BrowseMark\updateBrowseMark.exe (.not file.) =>PUP.BrowseMark
    O23 - Service: Wpm Service (Wpm) . (.Cherished Technololgy LIMITED - WPM Service.) - C:\ProgramData\WPM\wprotectmanager.exe =>PUP.WpManager
    O23 - Service: xmkysecqun32 (xmkysecqun32) . (...) - C:\Program Files\003\xmkysecqun32.exe =>PUP.AdPeak
    ~ Services: 16 Legitimates Filtered in 00mn 10s

    ---\\ Tâches planifiées en automatique (O39)
    [MD5.00000000000000000000000000000000] [APT] [Advanced System Protector_startup] (...) -- C:\Program Files\Advanced System Protector\AdvancedSystemProtector.exe (.not file.) [0] =>PUP.AdvancedSystemProtector
    [MD5.00000000000000000000000000000000] [APT] [APSnotifierPP1] (...) -- C:\Program Files\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect
    [MD5.00000000000000000000000000000000] [APT] [APSnotifierPP2] (...) -- C:\Program Files\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect
    [MD5.00000000000000000000000000000000] [APT] [APSnotifierPP3] (...) -- C:\Program Files\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect
    [MD5.95E0514907B680814073BB945DDB800B] [APT] [SoftwareUpdateTaskMachineCore] (.The Software Group.) -- C:\Program Files\Software\Update\SoftwareUpdate.exe [119408] =>Adware.Boxore
    [MD5.95E0514907B680814073BB945DDB800B] [APT] [SoftwareUpdateTaskMachineUA] (.The Software Group.) -- C:\Program Files\Software\Update\SoftwareUpdate.exe [119408] =>Adware.Boxore
    [MD5.00000000000000000000000000000000] [APT] [SpyHunter4Startup] (...) -- C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe (.not file.) [0] =>Crapware.SpyHunter
    [MD5.87948212C71A773AEF4C68029BFAE924] [APT] [wp_update] (...) -- C:\Users\severine\AppData\Roaming\~agylnhz.exe [493272] =>PUP.WpManager
    O39 - APT: APSnotifierPP1 - (...) -- C:\Windows\Tasks\APSnotifierPP1.job [368] =>PUP.AnyProtect
    O39 - APT: APSnotifierPP2 - (...) -- C:\Windows\Tasks\APSnotifierPP2.job [366] =>PUP.AnyProtect
    O39 - APT: APSnotifierPP3 - (...) -- C:\Windows\Tasks\APSnotifierPP3.job [366] =>PUP.AnyProtect
    O39 - APT: SoftwareUpdateTaskMachineCore - (.The Software Group.) -- C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job [906] =>Adware.Boxore
    O39 - APT: SoftwareUpdateTaskMachineUA - (.The Software Group.) -- C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job [910] =>Adware.Boxore
    ~ Scheduled Task: 30 Legitimates Filtered in 00mn 07s

    ---\\ Pilotes lancés au démarrage du système (O41)
    O41 - Driver: (DritekPortIO) . (. - .) - C:\Program Files\LAUNCH~1\DPortIO.sys (.not file.)
    ~ Drivers: 94 Legitimates Filtered in 00mn 01s

    ---\\ HKCU & HKLM Software Keys
    [HKCU\Software\43960InstEnd]
    [HKCU\Software\AnyProtect] =>PUP.AnyProtect
    [HKCU\Software\Boxore] =>Adware.Boxore
    [HKCU\Software\Genesis] =>PUP.Genesis
    [HKCU\Software\Iminent] =>Adware.IMBooster
    [HKCU\Software\InstallCore] =>Adware.InstallCore
    [HKCU\Software\TutoTag] =>AgenceExclusive
    [HKLM\Software\LevelQualityWatcher] =>PUP.LevelQualityWatcher
    [HKLM\Software\Tutorials] =>AgenceExclusive
    [HKLM\Software\Umbrella]
    [HKLM\Software\Wpm] =>PUP.WpManager
    [HKLM\Software\anset]
    [HKLM\Software\free_soft_today] =>Adware.FreeSoftToday
    [HKLM\Software\supTab] =>PUP.SupTab
    [HKLM\Software\supWPM] =>PUP.WpManager
    [HKLM\Software\suprasavings] =>PUP.SupraSavings
    ~ Key Software: 132 Legitimates Filtered in 00mn 00s

    ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 - CFD: 20/04/2014 - 19:53:15 - [] ----D C:\Program Files\003 =>PUP.AdPeak
    O43 - CFD: 20/04/2014 - 19:41:28 - [] ----D C:\Program Files\SupTab =>PUP.SupTab
    O43 - CFD: 20/04/2014 - 19:44:34 - [] ----D C:\Program Files\Common Files\Umbrella
    O43 - CFD: 20/04/2014 - 19:41:46 - [] ----D C:\ProgramData\IePluginService =>Trojan.SProtector
    O43 - CFD: 20/04/2014 - 19:40:43 - [] ----D C:\ProgramData\WPM =>PUP.WpManager
    O43 - CFD: 20/04/2014 - 19:41:23 - [] ----D C:\Users\severine\AppData\Roaming\SupTab =>PUP.SupTab
    O43 - CFD: 20/04/2014 - 19:38:32 - [] ----D C:\Users\severine\AppData\Roaming\webssearches =>Hijacker.WebsSearches
    O43 - CFD: 21/04/2014 - 14:33:00 - [] ----D C:\Users\severine\AppData\Roaming\wp_update =>PUP.WpManager
    O43 - CFD: 20/04/2014 - 20:04:05 - [0] ----D C:\Users\severine\AppData\Local\Genesis =>PUP.Genesis
    ~ Program Folder: 139 Legitimates Filtered in 00mn 00s

    ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 - LFC:[MD5.7AE803704F5E4E6E027821D9F4901AFA] - 20/04/2014 - 11:55:36 ---A- . (...) -- C:\Windows\wininit.ini [817]
    O44 - LFC:[MD5.168D01D52DA18DBA89743056DA33E2A1] - 20/04/2014 - 18:44:22 ---A- . (.System Speedup - System Speedup.) -- C:\Windows\System32\roboot.exe [17496] =>PUP.SystemSpeedup
    O44 - LFC:[MD5.CEAF98D916D2B75B8704BEE7680EE0B5] - 21/04/2014 - 13:30:58 ---A- . (...) -- C:\Windows\System32\agent.log [0]
    O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 21/04/2014 - 13:31:09 ---A- . (...) -- C:\Windows\System32\LogConfigTemp.xml [0]
    ~ Files: 49 Legitimates Filtered in 00mn 32s

    ---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
    O45 - LFCP:[MD5.1A3DE8CA658C18807ED943D8D6CBA1AC] - 10/04/2014 - 11:19:13 ---A- - C:\Windows\Prefetch\CACAOWEB.EXE-332BF7FC.pf =>PUP.CacaoWeb
    O45 - LFCP:[MD5.4B783E3ECF4AA1257D09073277F96C43] - 20/04/2014 - 22:48:02 ---A- - C:\Windows\Prefetch\BACKUPSVC.EXE-6CF5CF30.pf
    O45 - LFCP:[MD5.39130CE53CEF60BB4104BAA45395450F] - 20/04/2014 - 22:48:02 ---A- - C:\Windows\Prefetch\SCHEDULERSVC.EXE-F3CF4F15.pf
    O45 - LFCP:[MD5.BEE974DFACF603D7ACB2CF84A3E9629C] - 21/04/2014 - 12:12:48 ---A- - C:\Windows\Prefetch\HIDCHK.EXE-0E572CF7.pf
    O45 - LFCP:[MD5.4F53E00A933CE023AE4C66B34BF0786A] - 21/04/2014 - 12:40:53 ---A- - C:\Windows\Prefetch\POWERSHELL.EXE-920BBA2A.pf
    O45 - LFCP:[MD5.EE53A332FA2253031965E7D0F48B227C] - 21/04/2014 - 14:17:38 ---A- - C:\Windows\Prefetch\INSTUP.EXE-7E543EAF.pf
    ~ Prefetcher: 6 Legitimates Filtered in 00mn 00s

    ---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
    O51 - MPSK:{b470a525-76d4-11e3-948e-001eec4e3bec}\AutoRun\command. (...) -- E:\Shelexec.exe (.not file.)
    O51 - MPSK:{b79ad460-7d22-11e3-a4c3-001eec4e3bec}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
    ~ Keys: Scanned in 00mn 00s

    ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
    O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
    O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
    ~ MWPS: 16 Legitimates Filtered in 00mn 00s

    ---\\ Liste des pilotes du système (SDL) (O58)
    O58 - SDL:[MD5.84B4C00AE8CDFC52CF68F322D821F34C] - 07/04/2014 - 12:15:27 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [49944]
    O58 - SDL:[MD5.680448905E27BBC6587ADB28597640D6] - 07/04/2014 - 12:15:29 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [180760]
    O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 21/01/2008 - 03:32:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [342584]
    O58 - SDL:[MD5.01CE484FF6D70A39479BC6D619DE7ED6] - 22/06/2012 - 10:01:32 ---A- . (...) -- C:\Windows\System32\Drivers\EsgScanner.sys [19984]
    O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\System32\Drivers\iteatapi.sys [35944]
    O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\System32\Drivers\iteraid.sys [35944]
    O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 21/01/2008 - 03:32:45 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\System32\Drivers\uliahci.sys [238648]
    O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\System32\Drivers\ulsata.sys [98408]
    O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 21/01/2008 - 03:32:49 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\System32\Drivers\ulsata2.sys [115816]
    O58 - SDL:[MD5.6E421CCC57059B0186C6259CA3B6DFC9] - 13/12/2012 - 14:50:38 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl.sys [45056]
    O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
    O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
    O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
    O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
    O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
    O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
    O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
    O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
    O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
    O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
    O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
    O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
    O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
    O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
    O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
    ~ Drivers: 16 Legitimates Filtered in 00mn 07s

    ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
    O61 - LFC: 18/04/2014 - 16:36:40 ---A- . (...) -- C:\Users\severine\AppData\Local\d3d9caps.dat [680]
    O61 - LFC: 20/04/2014 - 16:36:40 ---A- . (...) -- C:\Users\severine\AppData\Local\d3d8caps.dat [552]
    O61 - LFC: 20/04/2014 - 16:36:44 ---A- . (...) -- C:\Users\severine\AppData\Local\Systweak\Advanced System Protector\ScanEngineErrorLog.txt [180318] =>PUP.AdvancedSystemProtector
    O61 - LFC: 20/04/2014 - 16:38:00 ---A- . (...) -- C:\Users\severine\AppData\Roaming\aps.scan.quick.results [1194]
    O61 - LFC: 20/04/2014 - 16:38:00 ---A- . (...) -- C:\Users\severine\AppData\Roaming\aps.scan.results [0]
    O61 - LFC: 20/04/2014 - 16:38:00 ---A- . (...) -- C:\Users\severine\AppData\Roaming\aps.uninstall.scan.results [314]
    O61 - LFC: 20/04/2014 - 16:38:02 ---A- . (...) -- C:\Users\severine\AppData\Roaming\systweak\Advanced System Protector\2.1.1000.12580\ASPLog.txt [11467] =>PUP.AdvancedSystemProtector
    O61 - LFC: 20/04/2014 - 16:38:02 ---A- . (...) -- C:\Users\severine\AppData\Roaming\systweak\Advanced System Protector\Logs\log_20-04-14_09-16-55.xml [15369] =>PUP.AdvancedSystemProtector
    O61 - LFC: 20/04/2014 - 16:38:02 ---A- . (...) -- C:\Users\severine\AppData\Roaming\systweak\Advanced System Protector\Logs\log_20-04-14_09-17-12.xml [91] =>PUP.AdvancedSystemProtector
    O61 - LFC: 20/04/2014 - 16:38:02 ---A- . (...) -- C:\Users\severine\AppData\Roaming\systweak\Advanced System Protector\Settings.db [0] =>PUP.AdvancedSystemProtector
    O61 - LFC: 21/04/2014 - 16:36:41 ---A- . (...) -- C:\Users\severine\AppData\Local\GDIPFONTCACHEV1.DAT [72224]
    O61 - LFC: 21/04/2014 - 16:36:41 ---A- . (...) -- C:\Users\severine\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [305646]
    O61 - LFC: 21/04/2014 - 16:36:42 ---A- . (...) -- C:\Users\severine\AppData\Local\Google\Chrome\User Data\Local State [69949]
    O61 - LFC: 21/04/2014 - 16:36:42 ---A- . (...) -- C:\Users\severine\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\CdmAdapterVersion [13]
    O61 - LFC: 21/04/2014 - 16:36:42 ---A- . (...) -- C:\Users\severine\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\CdmAdapterVersion [13]
    O61 - LFC: 21/04/2014 - 16:36:42 ---A- . (...) -- C:\Users\severine\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\manifest.fingerprint [66]
    O61 - LFC: 21/04/2014 - 16:36:43 ---A- . (...) -- C:\Users\severine\AppData\Local\Google\Toolbar Bookmarks\lemistreseve@gmail.com_bookmarks [23879]
    O61 - LFC: 21/04/2014 - 16:36:43 ---A- . (...) -- C:\Users\severine\AppData\Local\Google\Toolbar Cache\7.4.3607.2246\fr\translate_element.js.content [2385]
    O61 - LFC: 21/04/2014 - 16:36:43 ---A- . (...) -- C:\Users\severine\AppData\Local\Google\Toolbar Cache\7.4.3607.2246\fr\translate_languages.json.content [2033]
    O61 - LFC: 21/04/2014 - 16:36:44 ---A- . (...) -- C:\Users\severine\AppData\Local\speedial.crx [358193]
    O61 - LFC: 21/04/2014 - 16:38:00 ---A- . (...) -- C:\Users\severine\AppData\Roaming\Google\Local Search History\google%2Eweb.w [60]
    O61 - LFC: 21/04/2014 - 16:38:02 ---A- . (...) -- C:\Users\severine\AppData\Roaming\wp_update\currentVersion.txt [1] =>PUP.WpManager
    O61 - LFC: 21/04/2014 - 16:38:02 ---A- . (...) -- C:\Users\severine\Documents\bookmark.htm [3713]
    O61 - LFC: 21/04/2014 - 16:38:02 ---A- . (...) -- C:\Users\severine\Downloads\facture_33637518379_20140407.pdf [136933]
    ~ 1 Fichiers cookies (Cookies files)
    ~ Files: 46 Legitimates Filtered in 01mn 23s

    ---\\ Liste des outils de désinfection (LATC) (O63)
    O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
    ~ ADS: Scanned in 00mn 00s

    ---\\ Associations Shell Spawning (O67)
    O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
    ~ FASS Keys: 11 Legitimates Filtered in 00mn 00s

    ---\\ Menu de démarrage Internet (SMI) (O68)
    O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
    O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- c:\program files\internet explorer\iexplore.exe
    ~ Keys: Scanned in 00mn 00s

    ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
    O69 - SBI: SearchScopes [HKCU] 9361567579BC4119B76E3F7DA85FE0A7 [DefaultScope] - (Google) - https://www.google.com/?gws_rd=ssl
    O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
    O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - http://r.orange.fr
    O69 - SBI: SearchScopes [HKUS\.DEFAULT] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - https://www.google.com/?gws_rd=ssl
    O69 - SBI: SearchScopes [HKUS\S-1-5-18] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - https://www.google.com/?gws_rd=ssl
    ~ Keys: Scanned in 00mn 00s

    ---\\ Recherche particulière à la racine du système (SPRF) (O84)
    [MD5.87948212C71A773AEF4C68029BFAE924] [SPRF][05/01/2014] (.Pas de propriétaire - wp_update scheduler.) -- C:\Users\severine\AppData\Roaming\~agylnhz.exe [493272] =>PUP.WpManager
    ~ Files: 1 Legitimates Filtered in 00mn 00s

    ---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
    O87 - FAEL: "TCP Query User{C56CE983-E442-499A-B362-D1AC51FF7B65}C:\users\severine\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P6 - TRUE | .(...) -- C:\users\severine\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
    O87 - FAEL: "UDP Query User{A9C1905D-8576-44BC-B502-204FF13C82D8}C:\users\severine\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P17 - TRUE | .(...) -- C:\users\severine\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
    O87 - FAEL: "{F0F6E2EF-B221-49E9-8170-18C97672FE29}" |In - None - P17 - TRUE | .(...) -- C:\Users\severine\AppData\Local\TNT2\2.0.0.1702\TNT2User.exe (.not file.)
    O87 - FAEL: "{2737F912-CADD-41DE-B68F-04C0F98EA4F4}" |In - None - P6 - TRUE | .(...) -- C:\Users\severine\AppData\Local\iLivid\iLivid.exe (.not file.) =>Adware.Bandoo
    O87 - FAEL: "{601FC333-A51A-4EF0-A22A-B809ECB3BD31}" |In - None - P17 - TRUE | .(...) -- C:\Users\severine\AppData\Local\iLivid\iLivid.exe (.not file.) =>Adware.Bandoo
    ~ Firewall: 220 Legitimates Filtered in 00mn 02s

    ---\\ Recherche de clés de registre CLSID (O101)
    [HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] (Google Toolbar) =>Toolbar.Google
    [HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Google Toolbar Helper) =>Toolbar.Google
    ~ BCK: 5244 Legitimates Filtered in 00mn 10s

    ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
    SS - | Demand 21/04/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    SS - | Auto 13/01/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
    SS - | Demand 13/01/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
    SS - | Demand 21/04/2014 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
    SS - | Auto 20/04/2014 119408 | (Software_update) . (.The Software Group.) - C:\Program Files\Software\Update\SoftwareUpdate.exe =>Adware.Boxore
    SS - | Demand 20/04/2014 119408 | (Software_update_m) . (.The Software Group.) - C:\Program Files\Software\Update\SoftwareUpdate.exe =>Adware.Boxore
    SS - | Auto 10/07/1658 0 | (SpyHunter 4 Service) . (...) - C:\Program Files\ENIGMA~1\SPYHUN~1\SH4SER~1.exe =>Crapware.SpyHunter
    SS - | Auto 10/07/1658 0 | (Update BrowseMark) . (...) - C:\Program Files\BrowseMark\updateBrowseMark.exe =>PUP.BrowseMark

    SR - | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    SR - | Auto 10/04/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
    SR - | Auto 03/03/2008 16384 | (BUNAgentSvc) . (.NewTech Infosystems, Inc..) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
    SR - | Auto 03/04/2008 24576 | (ETService) . (...) - C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe
    SR - | Auto 12/07/2007 354840 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    SR - | Auto 11/04/2014 705136 | (IePluginService) . (.Cherished Technololgy LIMITED.) - C:\ProgramData\IePluginService\PluginService.exe =>Trojan.SProtector
    SR - | Demand 02/11/2013 553288 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
    SR - | Auto 17/01/2007 61440 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    SR - | Auto 06/04/2008 50424 | (NTIBackupSvc) . (.NewTech InfoSystems, Inc..) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
    SR - | Auto 04/04/2008 131072 | (NTISchedulerSvc) . (...) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
    SR - | Auto 11/04/2014 3052352 | (SProtection) . (.Iminent.) - C:\Program Files\Common Files\Umbrella\Umbrella282.exe =>Adware.IMBooster
    SR - | Auto 21/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
    SR - | Auto 20/04/2014 566272 | (Wpm) . (.Cherished Technololgy LIMITED.) - C:\ProgramData\WPM\wprotectmanager.exe =>PUP.WpManager
    SR - | Auto 21/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
    SR - | Auto 20/04/2014 541696 | (xmkysecqun32) . (...) - C:\Program Files\003\xmkysecqun32.exe =>PUP.AdPeak

    ~ Services: Scanned in 00mn 12s

    ---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
    Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net

    ~ MBR: 1 Legitimates Filtered in 00mn 02s

    ---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
    Written by ad13, http://ad13.geekstog
    Run by severine at 21/04/2014 16:39:06

    ********* Dump file Name *********
    C:\PhysicalDisk0_MBR.bin

    ~ MBR: Scanned in 00mn 04s

    ---\\ Scan Additionnel (O88)
    Database Version : 13044 - (19/04/2014)
    Clés trouvées (Keys found) : 27
    Valeurs trouvées (Values found) : 3
    Dossiers trouvés (Folders found) : 14
    Fichiers trouvés (Files found) : 36

    [HKLM\Software\Google\Chrome\Extensions\gebbadcnkcgcfgpbmcdleckpejgopimf] =>PUP.CacaoWeb^
    [HKLM\Software\Google\Chrome\Extensions\iagcajndpnfncplednpbnkahadegklfa] =>Adware.MyWebSearch^
    [HKLM\Software\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma] =>PUP.QuickStart^
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] =>PUP.SupTab^
    [HKLM\SYSTEM\CurrentControlSet\Services\IePluginService] =>Trojan.SProtector^
    [HKLM\SYSTEM\CurrentControlSet\Services\Software_update) (Software_update] =>Adware.Boxore^
    [HKLM\SYSTEM\CurrentControlSet\Services\SProtection] =>Adware.IMBooster^
    [HKLM\SYSTEM\CurrentControlSet\Services\SpyHunter 4 Service] =>Crapware.SpyHunter^
    [HKLM\SYSTEM\CurrentControlSet\Services\Update BrowseMark] =>PUP.BrowseMark^
    [HKLM\SYSTEM\CurrentControlSet\Services\Wpm] =>PUP.WpManager^
    [HKLM\SYSTEM\CurrentControlSet\Services\xmkysecqun32] =>PUP.AdPeak^
    [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Advanced System Protector_startup] =>PUP.AdvancedSystemProtector^
    [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\wp_update] =>PUP.WpManager^
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Orange
    [HKLM\Software\Classes\AppID\esrv.EXE] =>PUP.Babylon
    [HKCU\Software\Boxore] =>Adware.Boxore
    [HKCU\Software\Iminent] =>Adware.IMBooster
    [HKLM\Software\Tutorials] =>Spyware.AgenceExclusive
    [HKCU\Software\InstallCore] =>Adware.InstallCore
    [HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
    [HKLM\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}] =>Adware.BrowseFox
    [HKLM\Software\Classes\protector_dll.protectorbho] =>PUP.BProtector
    [HKLM\Software\Classes\protector_dll.protectorbho.1] =>PUP.BProtector
    [HKLM\Software\Classes\esrv.mysearchdialESrvc] =>Adware.MyWebSearch
    [HKLM\Software\Classes\esrv.mysearchdialESrvc.1] =>Adware.MyWebSearch
    [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\Arpcache\mysearchdial] =>Adware.MyWebSearch
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
    [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:BrowserSafeguard =>PUP.BrowserSafeguard^
    [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:swg =>Toolbar.Google^
    C:\Users\severine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbadcnkcgcfgpbmcdleckpejgopimf =>PUP.CacaoWeb^
    C:\Users\severine\AppData\Local\Google\Chrome\User Data\Default\Extensions\iagcajndpnfncplednpbnkahadegklfa =>Adware.MyWebSearch^
    C:\Users\severine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma =>PUP.QuickStart^
    C:\Program Files\003 =>PUP.AdPeak^
    C:\Program Files\SupTab =>PUP.SupTab^
    C:\ProgramData\IePluginService =>Trojan.SProtector^
    C:\ProgramData\WPM =>PUP.WpManager^
    C:\Users\severine\AppData\Roaming\SupTab =>PUP.SupTab^
    C:\Users\severine\AppData\Roaming\webssearches =>Hijacker.WebsSearches^
    C:\Users\severine\AppData\Roaming\wp_update =>PUP.WpManager^
    C:\Users\severine\AppData\Local\Genesis =>PUP.Genesis^
    C:\Program Files\Software =>Adware.Boxore
    C:\Program Files\Common Files\Umbrella =>Adware.IMBooster
    C:\Users\severine\AppData\Local\Software =>Adware.Boxore
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google^
    C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe =>Toolbar.Google^
    C:\ProgramData\IePluginService\PluginService.exe =>Trojan.SProtector^
    C:\ProgramData\WPM\wprotectmanager.exe =>PUP.WpManager^
    C:\Program Files\Common Files\Umbrella\Umbrella282.exe =>Adware.IMBooster^
    C:\Program Files\003\xmkysecqun32.exe =>PUP.AdPeak^
    C:\Program Files\Software\Update\SoftwareUpdate.exe =>Adware.Boxore^
    C:\Users\severine\AppData\Roaming\~agylnhz.exe =>PUP.WpManager^
    C:\Windows\Tasks\APSnotifierPP1.job =>PUP.AnyProtect^
    C:\Windows\Tasks\APSnotifierPP2.job =>PUP.AnyProtect^
    C:\Windows\Tasks\APSnotifierPP3.job =>PUP.AnyProtect^
    C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job =>Adware.Boxore^
    C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job =>Adware.Boxore^
    [HKCU\Software\AnyProtect] =>PUP.AnyProtect^
    [HKCU\Software\Genesis] =>PUP.Genesis^
    [HKLM\Software\LevelQualityWatcher] =>PUP.LevelQualityWatcher^
    [HKLM\Software\Wpm] =>PUP.WpManager^
    [HKLM\Software\free_soft_today] =>Adware.FreeSoftToday^
    [HKLM\Software\supTab] =>PUP.SupTab^
    [HKLM\Software\supWPM] =>PUP.WpManager^
    [HKLM\Software\suprasavings] =>PUP.SupraSavings^
    [HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] (Google Toolbar) =>Toolbar.Google^
    [HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Google Toolbar Helper) =>Toolbar.Google^
    C:\Users\severine\AppData\Local\Temp\BoxoreInstaller.exe =>Adware.Boxore
    C:\Users\severine\AppData\Local\Temp\GoogleToolbarInstaller1.log =>PUP.Babylon
    C:\Users\severine\AppData\Local\Temp\GoogleToolbarInstaller2.log =>PUP.Babylon
    C:\Users\severine\AppData\Local\Temp\nscD50A.exe =>Toolbar.Conduit
    C:\Users\severine\AppData\Local\Temp\nshE3CA.exe =>Toolbar.Conduit
    C:\Users\severine\AppData\Local\Temp\nsqDC82.exe =>Toolbar.Conduit
    C:\Users\severine\AppData\Local\Temp\nsr7512.exe =>Toolbar.Conduit
    C:\Users\severine\AppData\Local\Temp\nsx6DE1.exe =>Toolbar.Conduit
    ~ Additionnel Scan: 238730 Items scanned in 00mn 47s

    ---\\ Récapitulatif des détections trouvées sur votre station
    http://nicolascoolman.webs.com/apps/blog/show/40789592-trojan-sprotector =>Trojan.SProtector
    http://nicolascoolman.webs.com/apps/blog/show/38737316-pup-wpmanager =>PUP.WpManager
    http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
    http://nicolascoolman.webs.com/apps/blog/show/42126939-pup-adpeak =>PUP.AdPeak
    http://nicolascoolman.webs.com/apps/blog/show/27566847-pup-cacaoweb =>PUP.CacaoWeb
    http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch =>Adware.MyWebSearch
    http://nicolascoolman.webs.com/apps/blog/show/41962558-pup-quickstart =>PUP.QuickStart
    http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
    http://nicolascoolman.webs.com/apps/blog/show/41962428-hijacker-webssearches =>Hijacker.WebsSearches
    http://nicolascoolman.webs.com/apps/blog/show/41133513-pup-suptab =>PUP.SupTab
    http://nicolascoolman.webs.com/apps/blog/show/32799788-pup-browsersafeguard =>PUP.BrowserSafeguard
    http://nicolascoolman.webs.com/apps/blog/show/26609241-crapware-spyhunter =>Crapware.SpyHunter
    http://nicolascoolman.webs.com/apps/blog/show/42099886-pup-browsemark =>PUP.BrowseMark
    http://nicolascoolman.webs.com/apps/blog/show/26630283-pup-advancedsystemprotector =>PUP.AdvancedSystemProtector
    http://nicolascoolman.webs.com/apps/blog/show/41695065-pup-anyprotect =>PUP.AnyProtect
    http://nicolascoolman.webs.com/apps/blog/show/29790567-adware-installcore =>Adware.InstallCore
    http://nicolascoolman.webs.com/apps/blog/show/26627641-spyware-agenceexclusive =>AgenceExclusive
    http://nicolascoolman.webs.com/apps/blog/show/33340107-adware-freesofttoday =>Adware.FreeSoftToday
    http://nicolascoolman.webs.com/apps/blog/show/42067481-pup-suprasavings =>PUP.SupraSavings
    http://nicolascoolman.webs.com/apps/blog/show/41499656-pup-systemspeedup =>PUP.SystemSpeedup
    http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo
    http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
    http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider =>PUP.CrossRider
    http://nicolascoolman.webs.com/apps/blog/show/32363262-adware-browsefox =>Adware.BrowseFox
    http://nicolascoolman.webs.com/apps/blog/show/28133096-pup-bprotector =>PUP.BProtector
    http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
    ~ MSI: 26 link(s) detected in 00mn 00s

    ~ 1032 Legitimates filtered by white list
    End of the scan (699 lines in 04mn 55s)(0)
    0
    1. ArnaudLy6 Messages postés 4695 Statut Membre 189
       
      Il me faudrait le rapport AdwCleaner ;)
      0
    2. seve1972 Messages postés 6 Statut Membre
       
      ok je le fais de suite
      0
    3. seve1972 Messages postés 6 Statut Membre
       
      # AdwCleaner v3.102 - Rapport créé le 21/04/2014 à 17:40:51
      # Mis à jour le 21/04/2014 par Xplode
      # Système d'exploitation : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
      # Nom d'utilisateur : severine - PC-DE-SEVERINE
      # Exécuté depuis : C:\Users\severine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2HRTC623\adwcleaner.exe
      # Option : Nettoyer

      ***** [ Services ] *****

      Service Supprimé : IePluginService
      [#] Service Supprimé : Software_update
      [#] Service Supprimé : Software_update_m
      Service Supprimé : SProtection
      Service Supprimé : Wpm

      ***** [ Fichiers / Dossiers ] *****

      Dossier Supprimé : C:\ProgramData\IePluginService
      Dossier Supprimé : C:\ProgramData\Systweak
      Dossier Supprimé : C:\ProgramData\WPM
      Dossier Supprimé : C:\Program Files\003
      Dossier Supprimé : C:\Program Files\predm
      Dossier Supprimé : C:\Program Files\SupTab
      Dossier Supprimé : C:\Program Files\Common Files\Umbrella
      Dossier Supprimé : C:\Users\severine\AppData\Local\genesis
      Dossier Supprimé : C:\Users\severine\AppData\Local\Systweak
      Dossier Supprimé : C:\Users\severine\AppData\Local\Temp\Iminent
      Dossier Supprimé : C:\Users\severine\AppData\Roaming\SupTab
      Dossier Supprimé : C:\Users\severine\AppData\Roaming\Systweak
      Dossier Supprimé : C:\Users\severine\AppData\Roaming\webssearches
      Dossier Supprimé : C:\Users\severine\AppData\Roaming\wp_update
      Dossier Supprimé : C:\Users\severine\AppData\Local\Software
      Dossier Supprimé : C:\Program Files\Software
      Dossier Supprimé : C:\Users\severine\AppData\Local\Google\Chrome\User Data\Default\Extensions\iagcajndpnfncplednpbnkahadegklfa
      Dossier Supprimé : C:\Users\severine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
      Fichier Supprimé : C:\Windows\system32\roboot.exe
      Fichier Supprimé : C:\Users\severine\AppData\Local\speedial.crx
      Fichier Supprimé : C:\Users\severine\AppData\Roaming\aps.scan.quick.results
      Fichier Supprimé : C:\Users\severine\AppData\Roaming\aps.scan.results
      Fichier Supprimé : C:\Users\severine\AppData\Roaming\aps.uninstall.scan.results
      Fichier Supprimé : C:\Users\severine\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx
      Fichier Supprimé : C:\Windows\System32\Tasks\Advanced System Protector_startup
      Fichier Supprimé : C:\Windows\Tasks\APSnotifierPP1.job
      Fichier Supprimé : C:\Windows\System32\Tasks\APSnotifierPP1
      Fichier Supprimé : C:\Windows\Tasks\APSnotifierPP2.job
      Fichier Supprimé : C:\Windows\System32\Tasks\APSnotifierPP2
      Fichier Supprimé : C:\Windows\Tasks\APSnotifierPP3.job
      Fichier Supprimé : C:\Windows\System32\Tasks\APSnotifierPP3
      Fichier Supprimé : C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job
      Fichier Supprimé : C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineCore
      Fichier Supprimé : C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job
      Fichier Supprimé : C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineUA
      Fichier Supprimé : C:\Windows\System32\Tasks\SpyHunter4Startup

      ***** [ Raccourcis ] *****


      ***** [ Registre ] *****

      Clé Supprimée : HKCU\Software\Google\Chrome\Extensions\iagcajndpnfncplednpbnkahadegklfa
      Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\iagcajndpnfncplednpbnkahadegklfa
      Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
      [#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D673B841-F327-41BA-87F0-C6E18667AB42}
      [#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D673B841-F327-41BA-87F0-C6E18667AB42}
      [#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C9F6AD40-41E1-4537-A781-60E630B42D1F}
      [#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9F6AD40-41E1-4537-A781-60E630B42D1F}
      [#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{05472A7E-FC54-438F-ADB7-6F1E93294395}
      [#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05472A7E-FC54-438F-ADB7-6F1E93294395}
      [#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{35D5F47F-C44B-4978-BA72-CB73DC254557}
      [#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{35D5F47F-C44B-4978-BA72-CB73DC254557}
      [#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9170F288-1BDC-4DAF-86E2-9543C09C1183}
      [#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9170F288-1BDC-4DAF-86E2-9543C09C1183}
      [#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7F90B9D2-C840-4577-BD58-D56321EAB4F9}
      [#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F90B9D2-C840-4577-BD58-D56321EAB4F9}
      [#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A3859E9C-FD54-4900-BDB2-02C29EF25580}
      [#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A3859E9C-FD54-4900-BDB2-02C29EF25580}
      Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
      Clé Supprimée : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc
      Clé Supprimée : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc.1
      Clé Supprimée : HKLM\SOFTWARE\Classes\iLivid.torrent
      Clé Supprimée : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
      Clé Supprimée : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
      Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@tools.Software.com/Software Update;version=3
      Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@tools.Software.com/Software Update;version=9
      Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
      Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
      Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
      Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
      Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
      Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
      Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
      Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
      Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
      Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
      Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
      Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
      Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
      Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
      Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}
      Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
      Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9}
      Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}
      Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
      Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
      Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
      Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
      Clé Supprimée : HKCU\Software\AnyProtect
      Clé Supprimée : HKCU\Software\Boxore
      Clé Supprimée : HKCU\Software\genesis
      Clé Supprimée : HKCU\Software\Iminent
      Clé Supprimée : HKCU\Software\InstallCore
      Clé Supprimée : HKCU\Software\systweak
      Clé Supprimée : HKCU\Software\TutoTag
      Clé Supprimée : HKCU\Software\AppDataLow\Software\blockAndSurf
      Clé Supprimée : HKCU\Software\AppDataLow\Software\Crossrider
      Clé Supprimée : HKCU\Software\AppDataLow\Software\suprasavings
      Clé Supprimée : HKLM\Software\LevelQualityWatcher
      Clé Supprimée : HKLM\Software\suprasavings
      Clé Supprimée : HKLM\Software\supTab
      Clé Supprimée : HKLM\Software\supWPM
      Clé Supprimée : HKLM\Software\systweak
      Clé Supprimée : HKLM\Software\Tutorials
      Clé Supprimée : HKLM\Software\Umbrella
      Clé Supprimée : HKLM\Software\webssearchesSoftware
      Clé Supprimée : HKLM\Software\Wpm
      Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AnyProtect
      Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
      Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mysearchdial
      Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wpm
      Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC

      ***** [ Navigateurs ] *****

      -\\ Internet Explorer v9.0.8112.16545

      Paramètre Restauré : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
      Paramètre Restauré : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
      Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
      Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
      Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
      Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

      -\\ Google Chrome v34.0.1847.116

      [ Fichier : C:\Users\severine\AppData\Local\Google\Chrome\User Data\Default\preferences ]

      Supprimée : icon_url
      Supprimée : search_url
      Supprimée : keyword

      *************************

      AdwCleaner[R3].txt - [11123 octets] - [21/04/2014 17:38:44]
      AdwCleaner[S3].txt - [10308 octets] - [21/04/2014 17:40:51]

      ########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [10369 octets] ##########
      0
    4. ArnaudLy6 Messages postés 4695 Statut Membre 189
       
      Télécharge Malwarebytes Anti-Malware : https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/

      - Décoche "Activer l'essai gratuit de Malwarebytes Anti-Malware Premium"
      - Lance MalwareBytes
      - Dans l'onglet Tableau de Bord, clique sur Mettre à jour
      - Clique ensuite sur l'onglet " Examen "
      - Coche " Examen Menaces "
      - Clique sur " Examiner maintenant "
      - Attends la fin de l'analyse
      - Une fois l'analyse terminée, clique sur " Tout mettre en quarantaine "
      - Accepte le redémarrage du PC

      Une fois que ton ordinateur a redémarré, relance Malwarebytes Anti-Malware et cette fois-ci rends toi dans l'onglet " Historique ",
      puis " Journaux de l'application ".
      Sélectionne le rapport le plus récent, ouvre-le et clique en bas sur Coller dans le presse-papier.
      Il ne te reste plus qu'à coller le rapport dans ton prochain message.
      0
    5. seve1972 Messages postés 6 Statut Membre
       
      Je viens de redemarer google chrome et j'ai l'impression que webssearches a disparu mais j'attends votre conclusions !!!
      0