Rapport ZHP Diag
Résolu
Beringela
Messages postés
8
Date d'inscription
Statut
Membre
Dernière intervention
-
bazfile Messages postés 58600 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention -
bazfile Messages postés 58600 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention -
Bonjour,
J'ai fait une analyse avec ZHP Diag et voici le rapport :
https://www.cjoint.com/c/DGAnkHOwiJn
J'ail l'impression qu'il n'y a pas que de jolies choses, mais je n'y comprends rien... En voulant télécharger un convertisseur de wma en mp3 plein de choses se sont installées sur mon pc sans que j'en fasse la demande...
Merci pour votre aide!!!!!
~ Rapport de ZHPDiag v2014.6.25.98 - Nicolas Coolman (25/06/2014)
~ Lancé par Celine (26/07/2014 12:59:13)
~ Adresse du Site Web https://nicolascoolman.eu
~ Traduit par Nicolas Coolman
~ Etat de la version : Nouvelle version disponible
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 27.0.1
GCIE: Google Chrome v35.0.1916.153 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows Vista (TM) Home Premium, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Windows Operating System - Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 2V7GR
Windows License : OK
Windows Automatic Updates : OK
---\\ Logiciels de protection du système
avast! Free Antivirus v9.0.2011
McAfee Security Scan Plus v3.8.141.11
---\\ Logiciels d'optimisation du système
CCleaner v4.15
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 14 Plugin
Adobe Reader X
Java 7 Update 21
---\\ Informations sur le système
~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3032 MB (40% free)
System Restore: Activé (Enable)
System drive C: has 9 GB (10%) free of 92 GB
---\\ Mode de connexion au système
~ Computer Name: PC-DE-CELINE
~ User Name: Celine
~ All Users Names: Celine, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Celine\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Celine\AppData\Roaming\
~ %Desktop% : C:\Users\Celine\Desktop\
~ %Favorites% : C:\Users\Celine\Favorites\
~ %LocalAppData% : C:\Users\Celine\AppData\Local\
~ %StartMenu% : C:\Users\Celine\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 9 Go of 92 Go)
D: Hard drive, Flash drive, Thumb drive (Free 132 Go of 132 Go)
E: CD-ROM drive (Free 0 Go of 0 Go)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 50 Scanned in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:23:42.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.61D9AD9E55D7A1E10C0EF701ADE1C486] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.07/06/2014 - 00:02:16.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.F5272A105F59A7B3B345D9D6D87DA7AD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:53:22.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.9C0E70031905ADBF94EDB9EA14AF943B] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.03/06/2008 - 04:29:54.) -- C:\Windows\system32\Drivers\atapi.sys [21560]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:23:20.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:24:25.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:24:55.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:23:01.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/4291
~ Mes musiques (My Musics) : 3/2433
~ Mes Videos (My Videos) : 1/36
~ Mes Favoris (My Favorites) : 1/23
~ Mes Documents (My Documents) : 1/1918
~ Mon Bureau (My Desktop) : 7/15
~ Menu demarrer (Programs) : 1/31
~ Hidden Files: Scanned in 00mn 10s
---\\ Processus lancés
[MD5.DD91E6C32D6421A17E618C7869CB0E58] - (.Logitech Inc. - Logitech Video COM Service.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [186904] [PID.2400]
[MD5.4DA9F0444F8B30E0C31F9480F0EDFC68] - (.Elex do Brasil Participações Ltda - YACTray.) -- C:\Program Files\iSafe\iSafeTray.exe [802984] [PID.2824] =>Trojan.Staser
[MD5.E6CB83FF2C098C6FFCF2D43A4AAC9B54] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [6139904] [PID.3300]
[MD5.D594369762386D744BE48EC4768BF849] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\Apoint2K\Apoint.exe [159744] [PID.3316]
[MD5.9CD2E735AF1DD2AA0F5BF5743CB52EA6] - (.Pas de propriétaire - Tray MFC.) -- C:\Program Files\Hotkey Utility\tray.exe [520192] [PID.2824]
[MD5.CB13BFC05C6DB940DE7870B676FEFB4D] - (.FIC - LaunchPad Application.) -- C:\Program Files\Launch Pad\LaunchPad.exe [2260992] [PID.3352]
[MD5.DA24165C133DD54A25A6CBFD0871042B] - (.Pas de propriétaire - PowerManager Application.) -- C:\Program Files\Power Manager\PM.exe [1675264] [PID.3408]
[MD5.421B7BC12D3CC269AC8D53A70B45A23A] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [178712] [PID.3492]
[MD5.454CE7072EDA6A05C79EC97D49400F57] - (...) -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [563984] [PID.3500]
[MD5.3C053C984EA313D15B5DCD7AEAF8E065] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [170520] [PID.3548]
[MD5.AFEBF9E0B223FF04709F747C172D3540] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3764024] [PID.3564]
[MD5.320404640BA8A21E2C893567CBA46701] - (...) -- C:\Program Files\Logitech\QuickCam\Quickcam.exe [2184464] [PID.3592]
[MD5.F2C201341735E6674F7AD892CEA3799B] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [135680] [PID.3616]
[MD5.0E9C7F16E998E794BC2DCB21FC7DA113] - (.Orbiscom Ltd. All rights reserved. - ECBL Client.) -- C:\Program Files\e-Carte Bleue Caisse d'Epargne\ecbl-cnce.exe [278528] [PID.3640]
[MD5.99E45FCB96AC7A8F437C9EF7F4BC36E8] - (.Alps Electric Co., Ltd. - ApMsgFwd.) -- C:\Program Files\Apoint2K\ApMsgFwd.exe [50472] [PID.4092]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.4372]
[MD5.359937EFD1763DF9F8B8D166BD4CC022] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver for Windows NT/.) -- C:\Program Files\Apoint2K\Apntex.exe [49152] [PID.5884]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.5968]
[MD5.71858793D431DA2E1BF84F1F3F63D1A0] - (.Logitech Inc. - Camera Control Interface.) -- C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe [407824] [PID.2880]
[MD5.C228AF9DA17741E02BD3694DC0A83DB7] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [256536] [PID.3916]
[MD5.523D2E5F9A0459455501769A7FDD513E] - (.Jodix.com - Free WMA to MP3 Converter.) -- C:\Program Files\Free WMA to MP3 Converter\wma_mp3_converter.exe [1740800] [PID.6104]
[MD5.4A8B45597C8C9C30A7039FE5EA84BBA7] - (...) -- C:\Program Files\SupTab\HpUI.exe [732040] [PID.1772] =>PUP.SupTab
[MD5.D46415CD75DDA09F0A17D2FDA2235CB0] - (...) -- C:\Program Files\SupTab\Loader32.exe [64000] [PID.4188] =>PUP.SupTab
[MD5.A5FCD42334CCC682DA1882A54338686C] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [860488] [PID.9716]
[MD5.1F62DCBF33A67CAA5E68ADECBB25C3C7] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8071680] [PID.8588]
[MD5.974BD3A1767D618186583B08DC1C0E69] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 175.3.) -- C:\Windows\system32\nvvsvc.exe [49152] [PID.1128]
[MD5.13E960E384369F4E32BA29B27F451C99] - (.Elex do Brasil Participações Ltda - iSafeSvc.) -- C:\Program Files\iSafe\iSafeSvc.exe [118056] [PID.1268] =>Trojan.Staser
[MD5.C1191E6A7320608C4D8581BB6F931D41] - (.Elex do Brasil Participações Ltda - iSafeSvc2.) -- C:\Program Files\iSafe\iSafeSvc2.exe [118056] [PID.1380] =>Trojan.Staser
[MD5.44B3DC1E001FD2FCF1ED41C06DD9C812] - (.Logitech Inc. - Logitech LVPrcSrv Module..) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [141848] [PID.1508]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1620]
[MD5.4B555106290BD117334E9A08761C035A] - (...) -- ystem32\rundll32.exe [0] [PID.1716]
[MD5.D74884939D53612FD84AC82C59CCFE27] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344] [PID.1996]
[MD5.ABDD5AD016AFFD34AD40E944CE94BF59] - (.SEIKO EPSON CORPORATION - eEBAPI Core Process module.) -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208] [PID.1696]
[MD5.B33CF4DE909A5B30F526D82053A63C8E] - (.ABBYY - ABBYY network license server.) -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048] [PID.2108]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.2236]
[MD5.6C602120EA9B0EAE10E09DF76E43B472] - (.Pas de propriétaire - Printer Communication System.) -- C:\Windows\system32\dlcgcoms.exe [537480] [PID.2284]
[MD5.E03216D695CDC2D223AFC0CAB4498888] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [354840] [PID.2324]
[MD5.250B9120C7C103AFDC0C6643F9691055] - (.Fujitsu Siemens Computers - Testhandler Service.) -- C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [303104] [PID.2628]
[MD5.2E7315B147E524E055026E6634B14EA6] - (.TOSHIBA CORPORATION - TOSHIBA Bluetooth Service.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [128360] [PID.2652]
[MD5.A3D94C93333619458AF4BDE7531234C5] - (.Microsoft Corporation - Service de planification Windows Media Cent.) -- C:\Windows\ehome\ehsched.exe [103424] [PID.4596]
[MD5.3A511ED3C9A9DA2CD5A50FF46178063A] - (.Microsoft Corporation - Service de réception Windows Media Center.) -- C:\Windows\ehome\ehRecvr.exe [441856] [PID.6112]
[MD5.146BF1C1D613AC15F1AC900D3BBE02E7] - (.Cherished Technololgy LIMITED - IePlugin Service.) -- C:\ProgramData\IePluginServices\PluginService.exe [702344] [PID.5920] =>Trojan.SProtector
~ Processes Running: Scanned in 00mn 03s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Celine\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] https://www.default-search.net/ =>Hijacker.Browsers
G0 - GCSP: Preference [User Data\Default][HomePage] about:blank
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [gomekmidlodglbbmalcneegieacbdmki] avast! Online Security v.9.0.2022.121, (Activé)
G2 - GCE: Preference [User Data\Default] [jjflmfkjppbmejlfbhlpgjnomdoefkfa] Plus-HD-4.9 v.1.26.80, (Activé) =>Adware.PlusHD
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)
---\\ Liste des dossiers d'extension Google Chrome
G2 - EXT: C:\Users\Celine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [avast! Online Security]
G2 - EXT: C:\Users\Celine\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjflmfkjppbmejlfbhlpgjnomdoefkfa [Plus-HD-4.9] =>Adware.PlusHD
G2 - EXT: C:\Users\Celine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [Google Wallet]
~ Google Lines Browser: 17 Scanned in 00mn 06s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Celine\AppData\Roaming\Mozilla\Firefox\Profiles\6e16ry5g.default\prefs.js
C:\Users\Celine\AppData\Roaming\Mozilla\Firefox\Profiles\6e16ry5g.default\user.js
M3 - MFPP: Plugins - [Celine] -- C:\Users\Celine\AppData\Roaming\Mozilla\Firefox\Profiles\6e16ry5g.default\searchplugins\Google.xml
M3 - MFPP: Plugins - [Celine] -- C:\Users\Celine\AppData\Roaming\Mozilla\Firefox\Profiles\6e16ry5g.default\searchplugins\live-search.xml
M0 - MFSP: prefs.js [Celine - 6e16ry5g.default] about:blank
M2 - MFEP: prefs.js [Celine - 6e16ry5g.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (..)
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.10.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.21.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Oracle Corporation - Next Generation Java Plug-in 10.21.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.21.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.21.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@mcafee.com/McAfeeMssPlugin] - (.McAfee, Inc. - McAfee MSS+ NPAPI Plugin.) -- C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (...) -- C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll (.not file.)
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.10.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
~ Firefox Browser: 34 Scanned in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.bing.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl =>PUP.SweetPage
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/?gws_rd=ssl =>PUP.SweetPage
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.10.) (No version) -- (.not file.)
~ IE Browser: 11 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Clé orpheline
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} Clé orpheline
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
~ BHO: 12 Scanned in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Easy Photo Print - [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: avast! Online Security - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Celine]: AnyProtect.lnk . (...) -- C:\Program Files\AnyProtectEx\AnyProtect.exe (.not file.) =>PUP.AnyProtect
O4 - GS\Desktop [Celine]: Continue VuuPC Installation.lnk . (...) -- C:\Users\Celine\AppData\Local\Temp\ICReinstall_nsw35F2.tmp \RR (.not file.) =>PUP.VuuPC
~ Global Startup: 2 Scanned in 00mn 02s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [FIC HotKey] . (.Pas de propriétaire - Tray MFC.) -- C:\Program Files\Hotkey Utility\tray.exe
O4 - HKLM\..\Run: [LaunchPad] . (.FIC - LaunchPad Application.) -- C:\Program Files\Launch Pad\LaunchPad.exe
O4 - HKLM\..\Run: [PowerManager] . (.Pas de propriétaire - PowerManager Application.) -- C:\Program Files\Power Manager\PM.exe
O4 - HKLM\..\Run: [FSCRecovery] . (.Fujitsu Siemens Computers GmbH - Fujitsu Siemens Computers Recovery Reminder.) -- c:\Program Files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe
O4 - HKLM\..\Run: [IAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] . (...) -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
O4 - HKLM\..\Run: [Skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Windows\Skytel.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll =>.NVIDIA Corporation
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\system32\NvMcTray.dll
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] . (...) -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
O4 - HKLM\..\Run: [AnyProtect Scanner] C:\Program Files\AnyProtectEx\AnyProtect.exe (.not file.) =>PUP.AnyProtect
O4 - HKLM\..\RunOnce: [VOPackage] C:\Users\Celine\AppData\Roaming\VOPackage\VOPackage.exe (.not file.) =>Adware.Downware
O4 - HKLM\..\RunOnce: [removeSettingsManagerdatamngr] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe =>PUP.Datamngr
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Epson Stylus SX235(Réseau)] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHLE.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe =>.Microsoft Corporation
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (.not file.)
O4 - HKUS\.DEFAULT\..\Run: [fsc-reg] c:\fsc-reg\fscreg.exe (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [fsc-reg] c:\fsc-reg\fscreg.exe (.not file.)
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-21-1768897777-3417613466-3536302318-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-1768897777-3417613466-3536302318-1000\..\Run: [Epson Stylus SX235(Réseau)] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHLE.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-1768897777-3417613466-3536302318-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
~ Winsock: 7 Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} ((no name)) - https://webmail.mymazars.com/dwa7W.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{7213EDEF-8884-4A5B-A692-030EB91483A0}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{7213EDEF-8884-4A5B-A692-030EB91483A0}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{7213EDEF-8884-4A5B-A692-030EB91483A0}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS3\Services\Tcpip\..\{7213EDEF-8884-4A5B-A692-030EB91483A0}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
~ SSODL: 1 Scanned in 00mn 00s
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) . (.ABBYY - ABBYY network license server.) - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: dlcg_device (dlcg_device) . (.Pas de propriétaire - Printer Communication System.) - C:\Windows\system32\dlcgcoms.exe
O23 - Service: EpsonBidirectionalService (EpsonBidirectionalService) . (.SEIKO EPSON CORPORATION - eEBAPI Core Process module.) - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: IePlugin Services (IePluginServices) . (.Cherished Technololgy LIMITED - IePlugin Service.) - C:\ProgramData\IePluginServices\PluginService.exe =>Trojan.SProtector
O23 - Service: iSafeService (iSafeService) . (.Elex do Brasil Participações Ltda - iSafeSvc.) - C:\Program Files\iSafe\iSafeSvc.exe =>Trojan.Staser
O23 - Service: LVCOMSer (LVCOMSer) . (.Logitech Inc. - Logitech Video COM Service.) - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) . (.Logitech Inc. - Logitech LVPrcSrv Module..) - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher (LVSrvLauncher) . (.Logitech Inc. - LogitechService Launcher.) - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 175.3.) - C:\Windows\System32\nvvsvc.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) . (.Fujitsu Siemens Computers - Testhandler Service.) - C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: TOSHIBA Bluetooth Service (TOSHIBA Bluetooth Service) . (.TOSHIBA CORPORATION - TOSHIBA Bluetooth Service.) - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
~ Services: 15 Scanned in 00mn 15s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s
---\\ Clés Session Manager (AppCertDlls,KnownDLLs) (O36)
O36 - AppCertDlls: (x64) . (...) -- c:\program files\settings manager\smdmf\x64\sysapcrt.dll =>PUP.SystemK
~ Keys: Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
[MD5.A6B6AB9502B63F43A9A56AE6AFB22078] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [262320]
[MD5.00000000000000000000000000000000] [APT] [APSnotifierPP1] (...) -- C:\Program Files\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect
[MD5.00000000000000000000000000000000] [APT] [APSnotifierPP2] (...) -- C:\Program Files\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect
[MD5.00000000000000000000000000000000] [APT] [APSnotifierPP3] (...) -- C:\Program Files\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect
[MD5.24DC2A6F110B79787D6C5D5FF52A0235] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [765176]
[MD5.11543DEB4316B9DBB42999C83495838F] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [4624152]
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [135664]
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [135664]
[MD5.048EA4B978851788E9F5E8E4F081DF7A] [APT] [Programme de mise ... jour en ligne de Adobe] (.Adobe Systems Incorporated.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904]
[MD5.00000000000000000000000000000000] [APT] [{43F5679B-8250-45A4-A15E-8305698C0076}] (...) -- C:\Users\Celine\Downloads\LiveMediaPluginv2.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{98669F73-7D5E-423D-B964-2A5B2B97EA94}] (...) -- E:\setup.exe (.not file.) [0]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: APSnotifierPP1 - (...) -- C:\Windows\Tasks\APSnotifierPP1.job [366] =>PUP.AnyProtect
O39 - APT: APSnotifierPP1 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP1 [366] =>PUP.AnyProtect
O39 - APT: APSnotifierPP2 - (...) -- C:\Windows\Tasks\APSnotifierPP2.job [364] =>PUP.AnyProtect
O39 - APT: APSnotifierPP2 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP2 [364] =>PUP.AnyProtect
O39 - APT: APSnotifierPP3 - (...) -- C:\Windows\Tasks\APSnotifierPP3.job [364] =>PUP.AnyProtect
O39 - APT: APSnotifierPP3 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP3 [364] =>PUP.AnyProtect
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1052]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1052]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1056]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1056]
~ Scheduled Task: 20 Scanned in 00mn 06s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d'IEAK.) -- C:\Windows\system32\iedkcs32.dll
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (...) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
~ Active Setup: 13 Scanned in 00mn 00s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! TDI Redirect Driver.) - C:\Windows\system32\drivers\aswRdr.sys
O41 - Driver: (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\Windows\system32\drivers\aswSnx.sys
O41 - Driver: (aswSP) . (.AVAST Software - avast! self protection module.) - C:\Windows\system32\drivers\aswSP.sys
O41 - Driver: (aswTdi) . (.AVAST Software - avast! TDI Filter Driver.) - C:\Windows\system32\drivers\aswTdi.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (iSafeKrnlKit) . (.Elex do Brasil Participações Ltda - iSafe Kernel Kit Driver.) - C:\Program Files\iSafe\iSafeKrnlKit.sys =>Trojan.Staser
O41 - Driver: (iSafeNetFilter) . (.Elex do Brasil Participações Ltda - iSafeNetFilter SDK TDI Hook Driver (WPP).) - C:\Program Files\iSafe\iSafeNetFilter.sys =>Trojan.Staser
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (Tosrfcom) . (.TOSHIBA Corporation - Bluetooth RFCOMM Driver.) - C:\Windows\System32\Drivers\tosrfcom.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WINIO) . (.http://www.internals.com - WinIo.) - C:\Windows\system32\WinIo.sys
~ Drivers: 98 Scanned in 00mn 21s
---\\ Logiciels installés (O42)
O42 - Logiciel: ABBYY FineReader 9.0 Sprint - (.ABBYY.) [HKLM] -- ABBYY FineReader 9.0 Sprint
O42 - Logiciel: ABBYY FineReader 9.0 Sprint - (.ABBYY.) [HKLM] -- {F9000000-0018-0000-0000-074957833700}
O42 - Logiciel: ALPS Touch Pad Driver - (...) [HKLM] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}
O42 - Logiciel: Adobe Flash Player 14 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 14 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader X (10.1.10) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Bluetooth Stack for Windows by Toshiba - (.TOSHIBA CORPORATION.) [HKLM] -- {CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Calculette Premium Lite 2.3.1 - (.Hemi-Soft.) [HKLM] -- {E3E1181F-9742-4D79-A635-7E65A07CF2E6}_is1
O42 - Logiciel: Coffret de pilotes Logitech QuickCam - (...) [HKLM] -- lvdrivers_11.51
O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: EPSON SX235 Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON SX235 Series
O42 - Logiciel: EPSON Scan - (.Seiko Epson Corporation.) [HKLM] -- EPSON Scanner
O42 - Logiciel: Elcomsoft Blackberry Backup Explorer - (.Elcomsoft Co. Ltd..) [HKLM] -- {9E4F65F1-1C75-43AF-8541-AF047E72E206}
O42 - Logiciel: Epson Easy Photo Print 2 - (.SEIKO EPSON CORPORATION.) [HKLM] -- {A02D7029-C4EF-44C1-9FD4-C0D3CA518113}
O42 - Logiciel: Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) - (.SEIKO EPSON CORPORATION.) [HKLM] -- {B2D55EB8-32C5-4B43-9006-9E97DECBA178}
O42 - Logiciel: Epson Event Manager - (.SEIKO EPSON CORPORATION.) [HKLM] -- {8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}
O42 - Logiciel: EpsonNet Print - (.SEIKO EPSON CORPORATION.) [HKLM] -- {3E31400D-274E-4647-916C-2CACC3741799}
O42 - Logiciel: Free WMA to MP3 Converter 1.16 - (.Jodix Technologies Ltd..) [HKLM] -- Free WMA to MP3 Converter_is1
O42 - Logiciel: Fujitsu Siemens Computers Recovery - (.Fujitsu Siemens Computers.) [HKLM] -- {AFC454ED-A26F-4816-826B-C35129D82E1F}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Guide d'utilisation EPSON SX235 Series - (...) [HKLM] -- EPSON SX235 Series Useg
O42 - Logiciel: Guide réseau EPSON SX235 Series - (...) [HKLM] -- EPSON SX235 Series Netg
O42 - Logiciel: Hotkey Utility - (...) [HKLM] -- Hotkey Utility_is1
O42 - Logiciel: Intel(R) Network Connections Drivers - (...) [HKLM] -- PROSet
O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Java 7 Update 21 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217021FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: Launch Pad 1.0.3 - (.FIC, Inc..) [HKLM] -- Launch Pad_is1
O42 - Logiciel: Lecteur vidéo ARTE vod - (.boutique.arte.tv.) [HKCU] -- 3205077330.boutique.arte.tv
O42 - Logiciel: Logitech QuickCam - (.Fujitsu-Siemens.) [HKLM] -- {B4848E3A-A9B8-4091-A3A2-3941B9AABC5E}
O42 - Logiciel: MSVC80_x86_v2 - (.Nokia.) [HKLM] -- {6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
O42 - Logiciel: MSVC90_x86 - (.Nokia.) [HKLM] -- {AF111648-99A1-453E-81DD-80DBBF6DAD0D}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM] -- McAfee Security Scan
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Mozilla Firefox 27.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 27.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: NVIDIA Drivers - (...) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: Nero 8 Essentials - (.Nero AG.) [HKLM] -- {373C3C97-2FA9-4E18-85A2-255060C21036}
O42 - Logiciel: PlayReady PC runtime - (.Microsoft Corporation.) [HKLM] -- {B0E5D7E7-A106-458F-BA7B-2F8CAEA3BF16}
O42 - Logiciel: Power Manager 2.8.3 - (.FIC, Inc..) [HKLM] -- Power Manager_is1
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {C78EAC6F-7A73-452E-8134-DBB2165C5A68}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Revo Uninstaller 1.94 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}
O42 - Logiciel: Skype(TM) 6.11 - (.Skype Technologies S.A..) [HKLM] -- {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
O42 - Logiciel: SystemDiagnostics - (.Fujitsu Siemens Computers .) [HKLM] -- {2F926AE7-9FB7-4B34-906F-9C29A6D146A7}
O42 - Logiciel: VCRedistSetup - (.Nero AG.) [HKLM] -- {3921A67A-5AB1-4E48-9444-C71814CF3027}
O42 - Logiciel: Visual Studio 2012 x86 Redistributables - (.AVG Technologies CZ, s.r.o..) [HKLM] -- {98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}
O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} =>.Microsoft Corporation
O42 - Logiciel: YAC - (.ELEX DO BRASIL PARTICIPAÇÕES LTDA.) [HKLM] -- iSafe =>Trojan.Staser
O42 - Logiciel: avast! Free Antivirus v9.0.2011 - (.Avast Software.) [HKLM] -- avast
O42 - Logiciel: e-Carte Bleue Caisse d'Epargne - (...) [HKLM] -- {18EF615A-5AAD-4944-B24E-6CD7863FC735}
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
O42 - Logiciel: phoneMiner - (.Amrak Software.) [HKLM] -- {055B88D5-4E2A-491B-8E6E-4A9E77D805EE}
~ Logic: 34 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\45918InstEnd]
[HKCU\Software\ABBYY]
[HKCU\Software\ALWIL Software]
[HKCU\Software\ASProtect]
[HKCU\Software\AVAST Software]
[HKCU\Software\AVG]
[HKCU\Software\Adobe]
[HKCU\Software\Alps]
[HKCU\Software\AnyProtect] =>PUP.AnyProtect
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\CDDB]
[HKCU\Software\Classes.crx]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DivXNetworks]
[HKCU\Software\EPSON]
[HKCU\Software\EasyBits]
[HKCU\Software\ElcomSoft]
[HKCU\Software\Extended Systems]
[HKCU\Software\Filseclab]
[HKCU\Software\Google]
[HKCU\Software\HookNetwork]
[HKCU\Software\IM Providers]
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\InstallShield]
[HKCU\Software\Intel]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\Linkey] =>PUP.LinkeySearch
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Logitech]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept]
[HKCU\Software\MimarSinan]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\Nokia]
[HKCU\Software\ODBC]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\RealNetworks]
[HKCU\Software\Realtek]
[HKCU\Software\Redemption]
[HKCU\Software\Research In Motion]
[HKCU\Software\Roxio]
[HKCU\Software\SanDisk]
[HKCU\Software\Skype]
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\Sonic]
[HKCU\Software\Sony Corporation]
[HKCU\Software\SupHpUISoft]
[HKCU\Software\Todae]
[HKCU\Software\Toshiba]
[HKCU\Software\Trolltech]
[HKCU\Software\V9]
[HKCU\Software\VSRevoGroup]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\kde.org]
[HKLM\Software\ABBYY]
[HKLM\Software\ALWIL Software]
[HKLM\Software\ATI Technologies]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\Ahead]
[HKLM\Software\Alps]
[HKLM\Software\America Online]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Audible]
[HKLM\Software\Avg]
[HKLM\Software\CDDB]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\DellInkJet]
[HKLM\Software\Dell]
[HKLM\Software\EPSON]
[HKLM\Software\ElcomSoft]
[HKLM\Software\EpsonNet]
[HKLM\Software\FIC HotKey]
[HKLM\Software\Filseclab]
[HKLM\Software\Fujitsu Siemens Computers]
[HKLM\Software\Google]
[HKLM\Software\IM Providers]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\Jodix]
[HKLM\Software\JreMetrics]
[HKLM\Software\Logitech]
[HKLM\Software\Macromedia]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\NeroDigital]
[HKLM\Software\Nero]
[HKLM\Software\Nokia]
[HKLM\Software\Nullsoft]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Power Manager]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Research In Motion]
[HKLM\Software\SEIKO EPSON CORPORATION]
[HKLM\Software\SRS Labs]
[HKLM\Software\Skype]
[HKLM\Software\SmdmF]
[HKLM\Software\Sonic]
[HKLM\Software\Sony Corporation]
[HKLM\Software\Todae]
[HKLM\Software\Toshiba]
[HKLM\Software\TuneUp]
[HKLM\Software\Volatile]
[HKLM\Software\WOW6432Node]
[HKLM\Software\Waves Audio]
[HKLM\Software\WinIo]
[HKLM\Software\Windows]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\e-Carte Bleue Caisse d'Epargne]
[HKLM\Software\mozilla.org]
[HKLM\Software\supTab] =>PUP.SupTab
[HKLM\Software\supWindowsMangerProtect]
[HKLM\Software\sweet-pageSoftware] =>PUP.SweetPage
~ Key Software: 232 Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 03/06/2012 - 13:48:35 - [] ----D C:\Program Files\ABBYY FineReader 9.0 Sprint
O43 - CFD: 28/12/2013 - 13:33:10 - [] ----D C:\Program Files\ABC Amber BlackBerry Converter
O43 - CFD: 23/07/2011 - 11:33:32 - [] ----D C:\Program Files\Adobe
O43 - CFD: 03/07/2010 - 15:27:58 - [] ----D C:\Program Files\Advanced Registry Optimizer
O43 - CFD: 10/04/2010 - 19:37:45 - [] ----D C:\Program Files\Alwil Software
O43 - CFD: 25/12/2013 - 23:34:37 - [] ----D C:\Program Files\Amrak Software
O43 - CFD: 25/08/2008 - 05:38:53 - [] ----D C:\Program Files\Apoint2K
O43 - CFD: 27/09/2009 - 19:44:02 - [] ----D C:\Program Files\Calculette Premium Lite
O43 - CFD: 12/07/2014 - 14:41:34 - [] ----D C:\Program Files\CCleaner
O43 - CFD: 16/05/2014 - 08:11:08 - [] ----D C:\Program Files\Common Files
O43 - CFD: 01/01/2011 - 20:51:16 - [] ----D C:\Program Files\DIFX
O43 - CFD: 02/04/2009 - 13:39:13 - [0] ----D C:\Program Files\dl_Cats
O43 - CFD: 19/07/2013 - 23:24:27 - [] ----D C:\Program Files\e-Carte Bleue Caisse d'Epargne
O43 - CFD: 28/12/2013 - 03:54:40 - [] ----D C:\Program Files\Elcomsoft
O43 - CFD: 28/12/2013 - 03:54:41 - [] ----D C:\Program Files\Elcomsoft Password Recovery
O43 - CFD: 03/06/2012 - 13:33:26 - [] ----D C:\Program Files\epson
O43 - CFD: 03/06/2012 - 13:39:18 - [] ----D C:\Program Files\Epson Software
O43 - CFD: 03/06/2012 - 13:30:58 - [] ----D C:\Program Files\EpsonNet
O43 - CFD: 17/01/2009 - 21:26:50 - [] -SH-D C:\Program Files\Fichiers communs
O43 - CFD: 26/07/2014 - 11:26:01 - [] ----D C:\Program Files\Free WMA to MP3 Converter
O43 - CFD: 17/01/2009 - 21:34:26 - [] ----D C:\Program Files\Fujitsu Siemens Computers
O43 - CFD: 14/05/2013 - 17:17:03 - [] ----D C:\Program Files\Google
O43 - CFD: 25/08/2008 - 05:40:39 - [] ----D C:\Program Files\Hotkey Utility
O43 - CFD: 19/07/2013 - 23:24:23 - [] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 17/01/2009 - 21:32:05 - [] ----D C:\Program Files\Intel
O43 - CFD: 16/07/2014 - 22:28:30 - [] ----D C:\Program Files\Internet Explorer
O43 - CFD: 26/07/2014 - 11:15:37 - [] ----D C:\Program Files\iSafe =>Trojan.Staser
O43 - CFD: 16/06/2013 - 11:01:46 - [] ----D C:\Program Files\Java
O43 - CFD: 25/08/2008 - 05:40:42 - [] ----D C:\Program Files\Launch Pad
O43 - CFD: 17/01/2009 - 22:40:10 - [] ----D C:\Program Files\Logitech
O43 - CFD: 17/02/2014 - 12:38:57 - [] ----D C:\Program Files\McAfee Security Scan
O43 - CFD: 24/11/2012 - 23:32:54 - [0] ----D C:\Program Files\Microsoft
O43 - CFD: 10/02/2009 - 19:51:18 - [] ----D C:\Program Files\Microsoft CAPICOM 2.1.0.2
O43 - CFD: 02/11/2006 - 14:37:34 - [] ----D C:\Program Files\Microsoft Games
J'ai fait une analyse avec ZHP Diag et voici le rapport :
https://www.cjoint.com/c/DGAnkHOwiJn
J'ail l'impression qu'il n'y a pas que de jolies choses, mais je n'y comprends rien... En voulant télécharger un convertisseur de wma en mp3 plein de choses se sont installées sur mon pc sans que j'en fasse la demande...
Merci pour votre aide!!!!!
~ Rapport de ZHPDiag v2014.6.25.98 - Nicolas Coolman (25/06/2014)
~ Lancé par Celine (26/07/2014 12:59:13)
~ Adresse du Site Web https://nicolascoolman.eu
~ Traduit par Nicolas Coolman
~ Etat de la version : Nouvelle version disponible
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 27.0.1
GCIE: Google Chrome v35.0.1916.153 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows Vista (TM) Home Premium, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Windows Operating System - Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 2V7GR
Windows License : OK
Windows Automatic Updates : OK
---\\ Logiciels de protection du système
avast! Free Antivirus v9.0.2011
McAfee Security Scan Plus v3.8.141.11
---\\ Logiciels d'optimisation du système
CCleaner v4.15
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 14 Plugin
Adobe Reader X
Java 7 Update 21
---\\ Informations sur le système
~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3032 MB (40% free)
System Restore: Activé (Enable)
System drive C: has 9 GB (10%) free of 92 GB
---\\ Mode de connexion au système
~ Computer Name: PC-DE-CELINE
~ User Name: Celine
~ All Users Names: Celine, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Celine\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Celine\AppData\Roaming\
~ %Desktop% : C:\Users\Celine\Desktop\
~ %Favorites% : C:\Users\Celine\Favorites\
~ %LocalAppData% : C:\Users\Celine\AppData\Local\
~ %StartMenu% : C:\Users\Celine\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 9 Go of 92 Go)
D: Hard drive, Flash drive, Thumb drive (Free 132 Go of 132 Go)
E: CD-ROM drive (Free 0 Go of 0 Go)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 50 Scanned in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:23:42.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.61D9AD9E55D7A1E10C0EF701ADE1C486] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.07/06/2014 - 00:02:16.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.F5272A105F59A7B3B345D9D6D87DA7AD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:53:22.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.9C0E70031905ADBF94EDB9EA14AF943B] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.03/06/2008 - 04:29:54.) -- C:\Windows\system32\Drivers\atapi.sys [21560]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:23:20.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:24:25.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:24:55.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:23:01.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/4291
~ Mes musiques (My Musics) : 3/2433
~ Mes Videos (My Videos) : 1/36
~ Mes Favoris (My Favorites) : 1/23
~ Mes Documents (My Documents) : 1/1918
~ Mon Bureau (My Desktop) : 7/15
~ Menu demarrer (Programs) : 1/31
~ Hidden Files: Scanned in 00mn 10s
---\\ Processus lancés
[MD5.DD91E6C32D6421A17E618C7869CB0E58] - (.Logitech Inc. - Logitech Video COM Service.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [186904] [PID.2400]
[MD5.4DA9F0444F8B30E0C31F9480F0EDFC68] - (.Elex do Brasil Participações Ltda - YACTray.) -- C:\Program Files\iSafe\iSafeTray.exe [802984] [PID.2824] =>Trojan.Staser
[MD5.E6CB83FF2C098C6FFCF2D43A4AAC9B54] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [6139904] [PID.3300]
[MD5.D594369762386D744BE48EC4768BF849] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\Apoint2K\Apoint.exe [159744] [PID.3316]
[MD5.9CD2E735AF1DD2AA0F5BF5743CB52EA6] - (.Pas de propriétaire - Tray MFC.) -- C:\Program Files\Hotkey Utility\tray.exe [520192] [PID.2824]
[MD5.CB13BFC05C6DB940DE7870B676FEFB4D] - (.FIC - LaunchPad Application.) -- C:\Program Files\Launch Pad\LaunchPad.exe [2260992] [PID.3352]
[MD5.DA24165C133DD54A25A6CBFD0871042B] - (.Pas de propriétaire - PowerManager Application.) -- C:\Program Files\Power Manager\PM.exe [1675264] [PID.3408]
[MD5.421B7BC12D3CC269AC8D53A70B45A23A] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [178712] [PID.3492]
[MD5.454CE7072EDA6A05C79EC97D49400F57] - (...) -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [563984] [PID.3500]
[MD5.3C053C984EA313D15B5DCD7AEAF8E065] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [170520] [PID.3548]
[MD5.AFEBF9E0B223FF04709F747C172D3540] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3764024] [PID.3564]
[MD5.320404640BA8A21E2C893567CBA46701] - (...) -- C:\Program Files\Logitech\QuickCam\Quickcam.exe [2184464] [PID.3592]
[MD5.F2C201341735E6674F7AD892CEA3799B] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [135680] [PID.3616]
[MD5.0E9C7F16E998E794BC2DCB21FC7DA113] - (.Orbiscom Ltd. All rights reserved. - ECBL Client.) -- C:\Program Files\e-Carte Bleue Caisse d'Epargne\ecbl-cnce.exe [278528] [PID.3640]
[MD5.99E45FCB96AC7A8F437C9EF7F4BC36E8] - (.Alps Electric Co., Ltd. - ApMsgFwd.) -- C:\Program Files\Apoint2K\ApMsgFwd.exe [50472] [PID.4092]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.4372]
[MD5.359937EFD1763DF9F8B8D166BD4CC022] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver for Windows NT/.) -- C:\Program Files\Apoint2K\Apntex.exe [49152] [PID.5884]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.5968]
[MD5.71858793D431DA2E1BF84F1F3F63D1A0] - (.Logitech Inc. - Camera Control Interface.) -- C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe [407824] [PID.2880]
[MD5.C228AF9DA17741E02BD3694DC0A83DB7] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [256536] [PID.3916]
[MD5.523D2E5F9A0459455501769A7FDD513E] - (.Jodix.com - Free WMA to MP3 Converter.) -- C:\Program Files\Free WMA to MP3 Converter\wma_mp3_converter.exe [1740800] [PID.6104]
[MD5.4A8B45597C8C9C30A7039FE5EA84BBA7] - (...) -- C:\Program Files\SupTab\HpUI.exe [732040] [PID.1772] =>PUP.SupTab
[MD5.D46415CD75DDA09F0A17D2FDA2235CB0] - (...) -- C:\Program Files\SupTab\Loader32.exe [64000] [PID.4188] =>PUP.SupTab
[MD5.A5FCD42334CCC682DA1882A54338686C] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [860488] [PID.9716]
[MD5.1F62DCBF33A67CAA5E68ADECBB25C3C7] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8071680] [PID.8588]
[MD5.974BD3A1767D618186583B08DC1C0E69] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 175.3.) -- C:\Windows\system32\nvvsvc.exe [49152] [PID.1128]
[MD5.13E960E384369F4E32BA29B27F451C99] - (.Elex do Brasil Participações Ltda - iSafeSvc.) -- C:\Program Files\iSafe\iSafeSvc.exe [118056] [PID.1268] =>Trojan.Staser
[MD5.C1191E6A7320608C4D8581BB6F931D41] - (.Elex do Brasil Participações Ltda - iSafeSvc2.) -- C:\Program Files\iSafe\iSafeSvc2.exe [118056] [PID.1380] =>Trojan.Staser
[MD5.44B3DC1E001FD2FCF1ED41C06DD9C812] - (.Logitech Inc. - Logitech LVPrcSrv Module..) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [141848] [PID.1508]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1620]
[MD5.4B555106290BD117334E9A08761C035A] - (...) -- ystem32\rundll32.exe [0] [PID.1716]
[MD5.D74884939D53612FD84AC82C59CCFE27] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344] [PID.1996]
[MD5.ABDD5AD016AFFD34AD40E944CE94BF59] - (.SEIKO EPSON CORPORATION - eEBAPI Core Process module.) -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208] [PID.1696]
[MD5.B33CF4DE909A5B30F526D82053A63C8E] - (.ABBYY - ABBYY network license server.) -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048] [PID.2108]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.2236]
[MD5.6C602120EA9B0EAE10E09DF76E43B472] - (.Pas de propriétaire - Printer Communication System.) -- C:\Windows\system32\dlcgcoms.exe [537480] [PID.2284]
[MD5.E03216D695CDC2D223AFC0CAB4498888] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [354840] [PID.2324]
[MD5.250B9120C7C103AFDC0C6643F9691055] - (.Fujitsu Siemens Computers - Testhandler Service.) -- C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [303104] [PID.2628]
[MD5.2E7315B147E524E055026E6634B14EA6] - (.TOSHIBA CORPORATION - TOSHIBA Bluetooth Service.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [128360] [PID.2652]
[MD5.A3D94C93333619458AF4BDE7531234C5] - (.Microsoft Corporation - Service de planification Windows Media Cent.) -- C:\Windows\ehome\ehsched.exe [103424] [PID.4596]
[MD5.3A511ED3C9A9DA2CD5A50FF46178063A] - (.Microsoft Corporation - Service de réception Windows Media Center.) -- C:\Windows\ehome\ehRecvr.exe [441856] [PID.6112]
[MD5.146BF1C1D613AC15F1AC900D3BBE02E7] - (.Cherished Technololgy LIMITED - IePlugin Service.) -- C:\ProgramData\IePluginServices\PluginService.exe [702344] [PID.5920] =>Trojan.SProtector
~ Processes Running: Scanned in 00mn 03s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Celine\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] https://www.default-search.net/ =>Hijacker.Browsers
G0 - GCSP: Preference [User Data\Default][HomePage] about:blank
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [gomekmidlodglbbmalcneegieacbdmki] avast! Online Security v.9.0.2022.121, (Activé)
G2 - GCE: Preference [User Data\Default] [jjflmfkjppbmejlfbhlpgjnomdoefkfa] Plus-HD-4.9 v.1.26.80, (Activé) =>Adware.PlusHD
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)
---\\ Liste des dossiers d'extension Google Chrome
G2 - EXT: C:\Users\Celine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [avast! Online Security]
G2 - EXT: C:\Users\Celine\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjflmfkjppbmejlfbhlpgjnomdoefkfa [Plus-HD-4.9] =>Adware.PlusHD
G2 - EXT: C:\Users\Celine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [Google Wallet]
~ Google Lines Browser: 17 Scanned in 00mn 06s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Celine\AppData\Roaming\Mozilla\Firefox\Profiles\6e16ry5g.default\prefs.js
C:\Users\Celine\AppData\Roaming\Mozilla\Firefox\Profiles\6e16ry5g.default\user.js
M3 - MFPP: Plugins - [Celine] -- C:\Users\Celine\AppData\Roaming\Mozilla\Firefox\Profiles\6e16ry5g.default\searchplugins\Google.xml
M3 - MFPP: Plugins - [Celine] -- C:\Users\Celine\AppData\Roaming\Mozilla\Firefox\Profiles\6e16ry5g.default\searchplugins\live-search.xml
M0 - MFSP: prefs.js [Celine - 6e16ry5g.default] about:blank
M2 - MFEP: prefs.js [Celine - 6e16ry5g.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (..)
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.10.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.21.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Oracle Corporation - Next Generation Java Plug-in 10.21.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.21.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.21.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@mcafee.com/McAfeeMssPlugin] - (.McAfee, Inc. - McAfee MSS+ NPAPI Plugin.) -- C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (...) -- C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll (.not file.)
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.10.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
~ Firefox Browser: 34 Scanned in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.bing.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl =>PUP.SweetPage
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/?gws_rd=ssl =>PUP.SweetPage
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.10.) (No version) -- (.not file.)
~ IE Browser: 11 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Clé orpheline
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} Clé orpheline
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
~ BHO: 12 Scanned in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Easy Photo Print - [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: avast! Online Security - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Celine]: AnyProtect.lnk . (...) -- C:\Program Files\AnyProtectEx\AnyProtect.exe (.not file.) =>PUP.AnyProtect
O4 - GS\Desktop [Celine]: Continue VuuPC Installation.lnk . (...) -- C:\Users\Celine\AppData\Local\Temp\ICReinstall_nsw35F2.tmp \RR (.not file.) =>PUP.VuuPC
~ Global Startup: 2 Scanned in 00mn 02s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [FIC HotKey] . (.Pas de propriétaire - Tray MFC.) -- C:\Program Files\Hotkey Utility\tray.exe
O4 - HKLM\..\Run: [LaunchPad] . (.FIC - LaunchPad Application.) -- C:\Program Files\Launch Pad\LaunchPad.exe
O4 - HKLM\..\Run: [PowerManager] . (.Pas de propriétaire - PowerManager Application.) -- C:\Program Files\Power Manager\PM.exe
O4 - HKLM\..\Run: [FSCRecovery] . (.Fujitsu Siemens Computers GmbH - Fujitsu Siemens Computers Recovery Reminder.) -- c:\Program Files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe
O4 - HKLM\..\Run: [IAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] . (...) -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
O4 - HKLM\..\Run: [Skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Windows\Skytel.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll =>.NVIDIA Corporation
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\system32\NvMcTray.dll
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] . (...) -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
O4 - HKLM\..\Run: [AnyProtect Scanner] C:\Program Files\AnyProtectEx\AnyProtect.exe (.not file.) =>PUP.AnyProtect
O4 - HKLM\..\RunOnce: [VOPackage] C:\Users\Celine\AppData\Roaming\VOPackage\VOPackage.exe (.not file.) =>Adware.Downware
O4 - HKLM\..\RunOnce: [removeSettingsManagerdatamngr] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe =>PUP.Datamngr
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Epson Stylus SX235(Réseau)] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHLE.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe =>.Microsoft Corporation
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (.not file.)
O4 - HKUS\.DEFAULT\..\Run: [fsc-reg] c:\fsc-reg\fscreg.exe (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [fsc-reg] c:\fsc-reg\fscreg.exe (.not file.)
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-21-1768897777-3417613466-3536302318-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-1768897777-3417613466-3536302318-1000\..\Run: [Epson Stylus SX235(Réseau)] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHLE.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-1768897777-3417613466-3536302318-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
~ Winsock: 7 Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} ((no name)) - https://webmail.mymazars.com/dwa7W.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{7213EDEF-8884-4A5B-A692-030EB91483A0}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{7213EDEF-8884-4A5B-A692-030EB91483A0}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{7213EDEF-8884-4A5B-A692-030EB91483A0}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS3\Services\Tcpip\..\{7213EDEF-8884-4A5B-A692-030EB91483A0}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
~ SSODL: 1 Scanned in 00mn 00s
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) . (.ABBYY - ABBYY network license server.) - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: dlcg_device (dlcg_device) . (.Pas de propriétaire - Printer Communication System.) - C:\Windows\system32\dlcgcoms.exe
O23 - Service: EpsonBidirectionalService (EpsonBidirectionalService) . (.SEIKO EPSON CORPORATION - eEBAPI Core Process module.) - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: IePlugin Services (IePluginServices) . (.Cherished Technololgy LIMITED - IePlugin Service.) - C:\ProgramData\IePluginServices\PluginService.exe =>Trojan.SProtector
O23 - Service: iSafeService (iSafeService) . (.Elex do Brasil Participações Ltda - iSafeSvc.) - C:\Program Files\iSafe\iSafeSvc.exe =>Trojan.Staser
O23 - Service: LVCOMSer (LVCOMSer) . (.Logitech Inc. - Logitech Video COM Service.) - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) . (.Logitech Inc. - Logitech LVPrcSrv Module..) - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher (LVSrvLauncher) . (.Logitech Inc. - LogitechService Launcher.) - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 175.3.) - C:\Windows\System32\nvvsvc.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) . (.Fujitsu Siemens Computers - Testhandler Service.) - C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: TOSHIBA Bluetooth Service (TOSHIBA Bluetooth Service) . (.TOSHIBA CORPORATION - TOSHIBA Bluetooth Service.) - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
~ Services: 15 Scanned in 00mn 15s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s
---\\ Clés Session Manager (AppCertDlls,KnownDLLs) (O36)
O36 - AppCertDlls: (x64) . (...) -- c:\program files\settings manager\smdmf\x64\sysapcrt.dll =>PUP.SystemK
~ Keys: Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
[MD5.A6B6AB9502B63F43A9A56AE6AFB22078] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [262320]
[MD5.00000000000000000000000000000000] [APT] [APSnotifierPP1] (...) -- C:\Program Files\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect
[MD5.00000000000000000000000000000000] [APT] [APSnotifierPP2] (...) -- C:\Program Files\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect
[MD5.00000000000000000000000000000000] [APT] [APSnotifierPP3] (...) -- C:\Program Files\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect
[MD5.24DC2A6F110B79787D6C5D5FF52A0235] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [765176]
[MD5.11543DEB4316B9DBB42999C83495838F] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [4624152]
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [135664]
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [135664]
[MD5.048EA4B978851788E9F5E8E4F081DF7A] [APT] [Programme de mise ... jour en ligne de Adobe] (.Adobe Systems Incorporated.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904]
[MD5.00000000000000000000000000000000] [APT] [{43F5679B-8250-45A4-A15E-8305698C0076}] (...) -- C:\Users\Celine\Downloads\LiveMediaPluginv2.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{98669F73-7D5E-423D-B964-2A5B2B97EA94}] (...) -- E:\setup.exe (.not file.) [0]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: APSnotifierPP1 - (...) -- C:\Windows\Tasks\APSnotifierPP1.job [366] =>PUP.AnyProtect
O39 - APT: APSnotifierPP1 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP1 [366] =>PUP.AnyProtect
O39 - APT: APSnotifierPP2 - (...) -- C:\Windows\Tasks\APSnotifierPP2.job [364] =>PUP.AnyProtect
O39 - APT: APSnotifierPP2 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP2 [364] =>PUP.AnyProtect
O39 - APT: APSnotifierPP3 - (...) -- C:\Windows\Tasks\APSnotifierPP3.job [364] =>PUP.AnyProtect
O39 - APT: APSnotifierPP3 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP3 [364] =>PUP.AnyProtect
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1052]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1052]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1056]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1056]
~ Scheduled Task: 20 Scanned in 00mn 06s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d'IEAK.) -- C:\Windows\system32\iedkcs32.dll
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (...) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
~ Active Setup: 13 Scanned in 00mn 00s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! TDI Redirect Driver.) - C:\Windows\system32\drivers\aswRdr.sys
O41 - Driver: (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\Windows\system32\drivers\aswSnx.sys
O41 - Driver: (aswSP) . (.AVAST Software - avast! self protection module.) - C:\Windows\system32\drivers\aswSP.sys
O41 - Driver: (aswTdi) . (.AVAST Software - avast! TDI Filter Driver.) - C:\Windows\system32\drivers\aswTdi.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (iSafeKrnlKit) . (.Elex do Brasil Participações Ltda - iSafe Kernel Kit Driver.) - C:\Program Files\iSafe\iSafeKrnlKit.sys =>Trojan.Staser
O41 - Driver: (iSafeNetFilter) . (.Elex do Brasil Participações Ltda - iSafeNetFilter SDK TDI Hook Driver (WPP).) - C:\Program Files\iSafe\iSafeNetFilter.sys =>Trojan.Staser
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (Tosrfcom) . (.TOSHIBA Corporation - Bluetooth RFCOMM Driver.) - C:\Windows\System32\Drivers\tosrfcom.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WINIO) . (.http://www.internals.com - WinIo.) - C:\Windows\system32\WinIo.sys
~ Drivers: 98 Scanned in 00mn 21s
---\\ Logiciels installés (O42)
O42 - Logiciel: ABBYY FineReader 9.0 Sprint - (.ABBYY.) [HKLM] -- ABBYY FineReader 9.0 Sprint
O42 - Logiciel: ABBYY FineReader 9.0 Sprint - (.ABBYY.) [HKLM] -- {F9000000-0018-0000-0000-074957833700}
O42 - Logiciel: ALPS Touch Pad Driver - (...) [HKLM] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}
O42 - Logiciel: Adobe Flash Player 14 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 14 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader X (10.1.10) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Bluetooth Stack for Windows by Toshiba - (.TOSHIBA CORPORATION.) [HKLM] -- {CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Calculette Premium Lite 2.3.1 - (.Hemi-Soft.) [HKLM] -- {E3E1181F-9742-4D79-A635-7E65A07CF2E6}_is1
O42 - Logiciel: Coffret de pilotes Logitech QuickCam - (...) [HKLM] -- lvdrivers_11.51
O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: EPSON SX235 Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON SX235 Series
O42 - Logiciel: EPSON Scan - (.Seiko Epson Corporation.) [HKLM] -- EPSON Scanner
O42 - Logiciel: Elcomsoft Blackberry Backup Explorer - (.Elcomsoft Co. Ltd..) [HKLM] -- {9E4F65F1-1C75-43AF-8541-AF047E72E206}
O42 - Logiciel: Epson Easy Photo Print 2 - (.SEIKO EPSON CORPORATION.) [HKLM] -- {A02D7029-C4EF-44C1-9FD4-C0D3CA518113}
O42 - Logiciel: Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) - (.SEIKO EPSON CORPORATION.) [HKLM] -- {B2D55EB8-32C5-4B43-9006-9E97DECBA178}
O42 - Logiciel: Epson Event Manager - (.SEIKO EPSON CORPORATION.) [HKLM] -- {8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}
O42 - Logiciel: EpsonNet Print - (.SEIKO EPSON CORPORATION.) [HKLM] -- {3E31400D-274E-4647-916C-2CACC3741799}
O42 - Logiciel: Free WMA to MP3 Converter 1.16 - (.Jodix Technologies Ltd..) [HKLM] -- Free WMA to MP3 Converter_is1
O42 - Logiciel: Fujitsu Siemens Computers Recovery - (.Fujitsu Siemens Computers.) [HKLM] -- {AFC454ED-A26F-4816-826B-C35129D82E1F}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Guide d'utilisation EPSON SX235 Series - (...) [HKLM] -- EPSON SX235 Series Useg
O42 - Logiciel: Guide réseau EPSON SX235 Series - (...) [HKLM] -- EPSON SX235 Series Netg
O42 - Logiciel: Hotkey Utility - (...) [HKLM] -- Hotkey Utility_is1
O42 - Logiciel: Intel(R) Network Connections Drivers - (...) [HKLM] -- PROSet
O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Java 7 Update 21 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217021FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: Launch Pad 1.0.3 - (.FIC, Inc..) [HKLM] -- Launch Pad_is1
O42 - Logiciel: Lecteur vidéo ARTE vod - (.boutique.arte.tv.) [HKCU] -- 3205077330.boutique.arte.tv
O42 - Logiciel: Logitech QuickCam - (.Fujitsu-Siemens.) [HKLM] -- {B4848E3A-A9B8-4091-A3A2-3941B9AABC5E}
O42 - Logiciel: MSVC80_x86_v2 - (.Nokia.) [HKLM] -- {6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
O42 - Logiciel: MSVC90_x86 - (.Nokia.) [HKLM] -- {AF111648-99A1-453E-81DD-80DBBF6DAD0D}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM] -- McAfee Security Scan
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Mozilla Firefox 27.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 27.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: NVIDIA Drivers - (...) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: Nero 8 Essentials - (.Nero AG.) [HKLM] -- {373C3C97-2FA9-4E18-85A2-255060C21036}
O42 - Logiciel: PlayReady PC runtime - (.Microsoft Corporation.) [HKLM] -- {B0E5D7E7-A106-458F-BA7B-2F8CAEA3BF16}
O42 - Logiciel: Power Manager 2.8.3 - (.FIC, Inc..) [HKLM] -- Power Manager_is1
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {C78EAC6F-7A73-452E-8134-DBB2165C5A68}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Revo Uninstaller 1.94 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}
O42 - Logiciel: Skype(TM) 6.11 - (.Skype Technologies S.A..) [HKLM] -- {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
O42 - Logiciel: SystemDiagnostics - (.Fujitsu Siemens Computers .) [HKLM] -- {2F926AE7-9FB7-4B34-906F-9C29A6D146A7}
O42 - Logiciel: VCRedistSetup - (.Nero AG.) [HKLM] -- {3921A67A-5AB1-4E48-9444-C71814CF3027}
O42 - Logiciel: Visual Studio 2012 x86 Redistributables - (.AVG Technologies CZ, s.r.o..) [HKLM] -- {98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}
O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} =>.Microsoft Corporation
O42 - Logiciel: YAC - (.ELEX DO BRASIL PARTICIPAÇÕES LTDA.) [HKLM] -- iSafe =>Trojan.Staser
O42 - Logiciel: avast! Free Antivirus v9.0.2011 - (.Avast Software.) [HKLM] -- avast
O42 - Logiciel: e-Carte Bleue Caisse d'Epargne - (...) [HKLM] -- {18EF615A-5AAD-4944-B24E-6CD7863FC735}
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
O42 - Logiciel: phoneMiner - (.Amrak Software.) [HKLM] -- {055B88D5-4E2A-491B-8E6E-4A9E77D805EE}
~ Logic: 34 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\45918InstEnd]
[HKCU\Software\ABBYY]
[HKCU\Software\ALWIL Software]
[HKCU\Software\ASProtect]
[HKCU\Software\AVAST Software]
[HKCU\Software\AVG]
[HKCU\Software\Adobe]
[HKCU\Software\Alps]
[HKCU\Software\AnyProtect] =>PUP.AnyProtect
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\CDDB]
[HKCU\Software\Classes.crx]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DivXNetworks]
[HKCU\Software\EPSON]
[HKCU\Software\EasyBits]
[HKCU\Software\ElcomSoft]
[HKCU\Software\Extended Systems]
[HKCU\Software\Filseclab]
[HKCU\Software\Google]
[HKCU\Software\HookNetwork]
[HKCU\Software\IM Providers]
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\InstallShield]
[HKCU\Software\Intel]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\Linkey] =>PUP.LinkeySearch
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Logitech]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept]
[HKCU\Software\MimarSinan]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\Nokia]
[HKCU\Software\ODBC]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\RealNetworks]
[HKCU\Software\Realtek]
[HKCU\Software\Redemption]
[HKCU\Software\Research In Motion]
[HKCU\Software\Roxio]
[HKCU\Software\SanDisk]
[HKCU\Software\Skype]
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\Sonic]
[HKCU\Software\Sony Corporation]
[HKCU\Software\SupHpUISoft]
[HKCU\Software\Todae]
[HKCU\Software\Toshiba]
[HKCU\Software\Trolltech]
[HKCU\Software\V9]
[HKCU\Software\VSRevoGroup]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\kde.org]
[HKLM\Software\ABBYY]
[HKLM\Software\ALWIL Software]
[HKLM\Software\ATI Technologies]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\Ahead]
[HKLM\Software\Alps]
[HKLM\Software\America Online]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Audible]
[HKLM\Software\Avg]
[HKLM\Software\CDDB]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\DellInkJet]
[HKLM\Software\Dell]
[HKLM\Software\EPSON]
[HKLM\Software\ElcomSoft]
[HKLM\Software\EpsonNet]
[HKLM\Software\FIC HotKey]
[HKLM\Software\Filseclab]
[HKLM\Software\Fujitsu Siemens Computers]
[HKLM\Software\Google]
[HKLM\Software\IM Providers]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\Jodix]
[HKLM\Software\JreMetrics]
[HKLM\Software\Logitech]
[HKLM\Software\Macromedia]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\NeroDigital]
[HKLM\Software\Nero]
[HKLM\Software\Nokia]
[HKLM\Software\Nullsoft]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Power Manager]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Research In Motion]
[HKLM\Software\SEIKO EPSON CORPORATION]
[HKLM\Software\SRS Labs]
[HKLM\Software\Skype]
[HKLM\Software\SmdmF]
[HKLM\Software\Sonic]
[HKLM\Software\Sony Corporation]
[HKLM\Software\Todae]
[HKLM\Software\Toshiba]
[HKLM\Software\TuneUp]
[HKLM\Software\Volatile]
[HKLM\Software\WOW6432Node]
[HKLM\Software\Waves Audio]
[HKLM\Software\WinIo]
[HKLM\Software\Windows]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\e-Carte Bleue Caisse d'Epargne]
[HKLM\Software\mozilla.org]
[HKLM\Software\supTab] =>PUP.SupTab
[HKLM\Software\supWindowsMangerProtect]
[HKLM\Software\sweet-pageSoftware] =>PUP.SweetPage
~ Key Software: 232 Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 03/06/2012 - 13:48:35 - [] ----D C:\Program Files\ABBYY FineReader 9.0 Sprint
O43 - CFD: 28/12/2013 - 13:33:10 - [] ----D C:\Program Files\ABC Amber BlackBerry Converter
O43 - CFD: 23/07/2011 - 11:33:32 - [] ----D C:\Program Files\Adobe
O43 - CFD: 03/07/2010 - 15:27:58 - [] ----D C:\Program Files\Advanced Registry Optimizer
O43 - CFD: 10/04/2010 - 19:37:45 - [] ----D C:\Program Files\Alwil Software
O43 - CFD: 25/12/2013 - 23:34:37 - [] ----D C:\Program Files\Amrak Software
O43 - CFD: 25/08/2008 - 05:38:53 - [] ----D C:\Program Files\Apoint2K
O43 - CFD: 27/09/2009 - 19:44:02 - [] ----D C:\Program Files\Calculette Premium Lite
O43 - CFD: 12/07/2014 - 14:41:34 - [] ----D C:\Program Files\CCleaner
O43 - CFD: 16/05/2014 - 08:11:08 - [] ----D C:\Program Files\Common Files
O43 - CFD: 01/01/2011 - 20:51:16 - [] ----D C:\Program Files\DIFX
O43 - CFD: 02/04/2009 - 13:39:13 - [0] ----D C:\Program Files\dl_Cats
O43 - CFD: 19/07/2013 - 23:24:27 - [] ----D C:\Program Files\e-Carte Bleue Caisse d'Epargne
O43 - CFD: 28/12/2013 - 03:54:40 - [] ----D C:\Program Files\Elcomsoft
O43 - CFD: 28/12/2013 - 03:54:41 - [] ----D C:\Program Files\Elcomsoft Password Recovery
O43 - CFD: 03/06/2012 - 13:33:26 - [] ----D C:\Program Files\epson
O43 - CFD: 03/06/2012 - 13:39:18 - [] ----D C:\Program Files\Epson Software
O43 - CFD: 03/06/2012 - 13:30:58 - [] ----D C:\Program Files\EpsonNet
O43 - CFD: 17/01/2009 - 21:26:50 - [] -SH-D C:\Program Files\Fichiers communs
O43 - CFD: 26/07/2014 - 11:26:01 - [] ----D C:\Program Files\Free WMA to MP3 Converter
O43 - CFD: 17/01/2009 - 21:34:26 - [] ----D C:\Program Files\Fujitsu Siemens Computers
O43 - CFD: 14/05/2013 - 17:17:03 - [] ----D C:\Program Files\Google
O43 - CFD: 25/08/2008 - 05:40:39 - [] ----D C:\Program Files\Hotkey Utility
O43 - CFD: 19/07/2013 - 23:24:23 - [] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 17/01/2009 - 21:32:05 - [] ----D C:\Program Files\Intel
O43 - CFD: 16/07/2014 - 22:28:30 - [] ----D C:\Program Files\Internet Explorer
O43 - CFD: 26/07/2014 - 11:15:37 - [] ----D C:\Program Files\iSafe =>Trojan.Staser
O43 - CFD: 16/06/2013 - 11:01:46 - [] ----D C:\Program Files\Java
O43 - CFD: 25/08/2008 - 05:40:42 - [] ----D C:\Program Files\Launch Pad
O43 - CFD: 17/01/2009 - 22:40:10 - [] ----D C:\Program Files\Logitech
O43 - CFD: 17/02/2014 - 12:38:57 - [] ----D C:\Program Files\McAfee Security Scan
O43 - CFD: 24/11/2012 - 23:32:54 - [0] ----D C:\Program Files\Microsoft
O43 - CFD: 10/02/2009 - 19:51:18 - [] ----D C:\Program Files\Microsoft CAPICOM 2.1.0.2
O43 - CFD: 02/11/2006 - 14:37:34 - [] ----D C:\Program Files\Microsoft Games
A voir également:
- Rapport ZHP Diag
- User diag - Télécharger - Informations & Diagnostic
- Zhp diag - Télécharger - Informations & Diagnostic
- Zhp cleaner - Télécharger - Informations & Diagnostic
- Plan rapport de stage - Guide
- Rapport erreur windows - Guide
2 réponses
Bonjour,
1- Télécharge et enregistre sur le bureau ADWcleaner
- Ouvre ADWcleaner en cliquant avec le bouton droit de ta souris et en choisissant Exécuter en tant qu'administrateur (pour W7, Vista, W8 seulement) pour Windows XP ouvrir normalement.
- La fenêtre d'ADWcleaner s'ouvre clique sur Scanner une fois le scan terminé clique sur Nettoyer
- Le nettoyage terminé tu devras redémarrer ton ordinateur
- Au redémarrage de l'ordinateur le rapport de suppression d'ADWcleaner s'affichera à l'écran poste-le sur https://www.cjoint.com/ dont voici le tuto : https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers
Voici le mode d'emploi d'ADWcleaner au cas où tu en aurais besoin : http://general-changelog-team.fr/fr/accueil/66-multilangue/tutoriels/securite/311-utiliser-adwcleaner-version-3-x
2- Puis fait un nouveau rapport ZHPdiag :
Ouvre ZHPdiag lance l'analyse en cliquant sur Configurer puis sur la loupe sans + ni-, une fois l'analyse terminée tu auras un rapport ZHPDiag.txt sur le bureau tu le postes sur https://www.cjoint.com/ dont voici un tutoriel : https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers puis met le lien généré par Cjoint dans ta réponse.
Un problème=une solution, le tout étant de la trouver :-)
1- Télécharge et enregistre sur le bureau ADWcleaner
- Ouvre ADWcleaner en cliquant avec le bouton droit de ta souris et en choisissant Exécuter en tant qu'administrateur (pour W7, Vista, W8 seulement) pour Windows XP ouvrir normalement.
- La fenêtre d'ADWcleaner s'ouvre clique sur Scanner une fois le scan terminé clique sur Nettoyer
- Le nettoyage terminé tu devras redémarrer ton ordinateur
- Au redémarrage de l'ordinateur le rapport de suppression d'ADWcleaner s'affichera à l'écran poste-le sur https://www.cjoint.com/ dont voici le tuto : https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers
Voici le mode d'emploi d'ADWcleaner au cas où tu en aurais besoin : http://general-changelog-team.fr/fr/accueil/66-multilangue/tutoriels/securite/311-utiliser-adwcleaner-version-3-x
2- Puis fait un nouveau rapport ZHPdiag :
Ouvre ZHPdiag lance l'analyse en cliquant sur Configurer puis sur la loupe sans + ni-, une fois l'analyse terminée tu auras un rapport ZHPDiag.txt sur le bureau tu le postes sur https://www.cjoint.com/ dont voici un tutoriel : https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers puis met le lien généré par Cjoint dans ta réponse.
Un problème=une solution, le tout étant de la trouver :-)
Bonsoir,
Clique sur ce lien : https://www.cjoint.com/?DGAvGwfS21X dans la page qui s'ouvre il y a un script, copie toutes les lignes qui vont de Script ZHPFix jusqu'à EmptyTemp.
Ensuite ouvre ZHPfix il est sur ton bureau, son icône est une seringue il s'est installé en même temps que ZHPdiag.
Une fois ZHPfix ouvert tu cliques sur Importer, les lignes copiées précédemment apparaissent dans la fenêtre de ZHPfix il ne te reste plus qu'à cliquer sur GO, valide les messages qui te demandent la confirmation du nettoyage des données, la désinstallation du logiciel McAfee Security Scan Plus et le vidage de la corbeille, une fois que ZHPfix aura terminé, un rapport apparaîtra à l'écran, envoie-le moi via https://www.cjoint.com/ met son lien dans ta réponse, met que le lien Cjoint rien d'autre.
Met à jour :
JAVA
ADOBE READER
FIREFOX
Vérifie si tes problèmes sont toujours présents et si tu estimes ton problème résolu n'oublie pas de le signaler :
https://www.commentcamarche.net/infos/25917-marquer-un-fil-de-discussion-comme-etant-resolu/
Ton pc était infecté par des adwares voici une page qui t'apprendra comment ces adwares arrivent sur ton ordinateur, et comment les éviter : https://www.malekal.com/adwares-pup-protection/
Je te conseille de faire un scan de temps à autres avec ADWcleaner dont tu téléchargeras la nouvelle version avant chaque utilisation, car ADWcleaner est mis à jour en permanence, après son utilisation tu lances à nouveau ADWcleaner et tu cliques sur Désinstaller cela t'évitera de te mélanger les pinceaux et de prendre une ancienne version par erreur.
Un problème=une solution, le tout étant de la trouver :-)
Clique sur ce lien : https://www.cjoint.com/?DGAvGwfS21X dans la page qui s'ouvre il y a un script, copie toutes les lignes qui vont de Script ZHPFix jusqu'à EmptyTemp.
Ensuite ouvre ZHPfix il est sur ton bureau, son icône est une seringue il s'est installé en même temps que ZHPdiag.
Une fois ZHPfix ouvert tu cliques sur Importer, les lignes copiées précédemment apparaissent dans la fenêtre de ZHPfix il ne te reste plus qu'à cliquer sur GO, valide les messages qui te demandent la confirmation du nettoyage des données, la désinstallation du logiciel McAfee Security Scan Plus et le vidage de la corbeille, une fois que ZHPfix aura terminé, un rapport apparaîtra à l'écran, envoie-le moi via https://www.cjoint.com/ met son lien dans ta réponse, met que le lien Cjoint rien d'autre.
Met à jour :
JAVA
ADOBE READER
FIREFOX
Vérifie si tes problèmes sont toujours présents et si tu estimes ton problème résolu n'oublie pas de le signaler :
https://www.commentcamarche.net/infos/25917-marquer-un-fil-de-discussion-comme-etant-resolu/
Ton pc était infecté par des adwares voici une page qui t'apprendra comment ces adwares arrivent sur ton ordinateur, et comment les éviter : https://www.malekal.com/adwares-pup-protection/
Je te conseille de faire un scan de temps à autres avec ADWcleaner dont tu téléchargeras la nouvelle version avant chaque utilisation, car ADWcleaner est mis à jour en permanence, après son utilisation tu lances à nouveau ADWcleaner et tu cliques sur Désinstaller cela t'évitera de te mélanger les pinceaux et de prendre une ancienne version par erreur.
Un problème=une solution, le tout étant de la trouver :-)
Pour moi c'est bon, lis bien mon précédent message et fait les mises à jour demandé.
Si tu estimes ton problème résolu n'oublie pas de le signaler :
https://www.commentcamarche.net/infos/25917-marquer-un-fil-de-discussion-comme-etant-resolu/
Si tu estimes ton problème résolu n'oublie pas de le signaler :
https://www.commentcamarche.net/infos/25917-marquer-un-fil-de-discussion-comme-etant-resolu/
Bonjour levisiteur,
Fait ceci :
Télécharge et installe ZHPdiag : https://nicolascoolman.eu, ouvre ZHPdiag (icône en forme de parchemin) clique sur Configurer puis sur la loupe sans + ni -, l'analyse commence quand elle sera terminé tu auras sur ton bureau un fichier texte nommé ZHPdiag tu le postes sur https://www.cjoint.com/ puis tu mets le lien généré par cjoint dans ta réponse.
Tutoriel pour cjoint : https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers
Fait ceci :
Télécharge et installe ZHPdiag : https://nicolascoolman.eu, ouvre ZHPdiag (icône en forme de parchemin) clique sur Configurer puis sur la loupe sans + ni -, l'analyse commence quand elle sera terminé tu auras sur ton bureau un fichier texte nommé ZHPdiag tu le postes sur https://www.cjoint.com/ puis tu mets le lien généré par cjoint dans ta réponse.
Tutoriel pour cjoint : https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers
J'ai fait ce que tu m'as indiqué. Voici les rapports:
ADW Cleaner
https://www.cjoint.com/?DGAt2YsC1X2
# AdwCleaner v3.018 - Rapport créé le 29/01/2014 à 21:34:26
# Mis à jour le 28/01/2014 par Xplode
# Système d'exploitation : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Nom d'utilisateur : Celine - PC-DE-CELINE
# Exécuté depuis : C:\Users\Celine\Downloads\adwcleaner (1).exe
# Option : Nettoyer
***** [ Services ] *****
***** [ Fichiers / Dossiers ] *****
Dossier Supprimé : C:\Program Files\Iminent
Dossier Supprimé : C:\Program Files\Plus-HD-4.9
Dossier Supprimé : C:\Program Files\Common Files\Software Update Utility
Dossier Supprimé : C:\Users\Celine\AppData\Local\Plus-HD-4.9
Dossier Supprimé : C:\Users\Celine\AppData\Roaming\IminentToolbar
Dossier Supprimé : C:\Users\Celine\AppData\Roaming\Systweak
Dossier Supprimé : C:\Users\Celine\AppData\Roaming\Mozilla\Firefox\Profiles\6e16ry5g.default\WinampToolbarData
Dossier Supprimé : C:\Users\Celine\AppData\Roaming\Mozilla\Firefox\Profiles\6e16ry5g.default\Extensions\ffxtlbr@iminent.com
Dossier Supprimé : C:\Users\Celine\AppData\Roaming\Mozilla\Firefox\Profiles\6e16ry5g.default\Extensions\d019febe-eb2b-4057-a3f2-7def88f2c9cd@1cced8ec-0ffe-43ea-b4b2-fbce5de8e9a4.com
Dossier Supprimé : C:\Users\Celine\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Dossier Supprimé : C:\Users\Celine\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjflmfkjppbmejlfbhlpgjnomdoefkfa
Fichier Supprimé : C:\Windows\system32\roboot.exe
Fichier Supprimé : C:\Program Files\Mozilla Firefox\Components\AskSearch.js
Fichier Supprimé : C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
Fichier Supprimé : C:\Program Files\Mozilla Firefox\plugins\npdnu.xpt
Fichier Supprimé : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
Fichier Supprimé : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.xpt
Fichier Supprimé : C:\Users\Celine\AppData\Roaming\Mozilla\Firefox\Profiles\6e16ry5g.default\searchplugins\iminent.xml
Fichier Supprimé : C:\Users\Celine\AppData\Roaming\Mozilla\Firefox\Profiles\6e16ry5g.default\searchplugins\SweetIm.xml
Fichier Supprimé : C:\Users\Celine\AppData\Roaming\Mozilla\Firefox\Profiles\6e16ry5g.default\searchplugins\Sweetpacks Search.xml
Fichier Supprimé : C:\Users\Celine\AppData\Roaming\Mozilla\Firefox\Profiles\6e16ry5g.default\user.js
Fichier Supprimé : C:\Users\Celine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Fichier Supprimé : C:\Windows\Tasks\Plus-HD-4.9-chromeinstaller.job
Fichier Supprimé : C:\Windows\System32\Tasks\Plus-HD-4.9-chromeinstaller
Fichier Supprimé : C:\Windows\Tasks\Plus-HD-4.9-codedownloader.job
Fichier Supprimé : C:\Windows\System32\Tasks\Plus-HD-4.9-codedownloader
Fichier Supprimé : C:\Windows\Tasks\Plus-HD-4.9-enabler.job
Fichier Supprimé : C:\Windows\System32\Tasks\Plus-HD-4.9-enabler
Fichier Supprimé : C:\Windows\Tasks\Plus-HD-4.9-firefoxinstaller.job
Fichier Supprimé : C:\Windows\System32\Tasks\Plus-HD-4.9-firefoxinstaller
Fichier Supprimé : C:\Windows\Tasks\Plus-HD-4.9-updater.job
Fichier Supprimé : C:\Windows\System32\Tasks\Plus-HD-4.9-updater
***** [ Raccourcis ] *****
***** [ Registre ] *****
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-4.9-chromeinstaller
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF390C8C-5E32-4DA0-955E-153A7E0C9087}
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AF390C8C-5E32-4DA0-955E-153A7E0C9087}
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-4.9-codedownloader
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56588818-20A3-4510-896F-F041955A21DB}
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{56588818-20A3-4510-896F-F041955A21DB}
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-4.9-enabler
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B57E5FA2-A69A-4D7B-9333-02C3E0113FF8}
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B57E5FA2-A69A-4D7B-9333-02C3E0113FF8}
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-4.9-firefoxinstaller
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E13B073-C1C6-4E43-8E52-1C9F60D09426}
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0E13B073-C1C6-4E43-8E52-1C9F60D09426}
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-4.9-updater
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{092C1C20-B065-473F-9B0E-C4B5F9605C82}
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{092C1C20-B065-473F-9B0E-C4B5F9605C82}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Clé Supprimée : HKLM\SOFTWARE\Classes\dnUpdate
Clé Supprimée : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Clé Supprimée : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Clé Supprimée : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Clé Supprimée : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9D5BD211-422C-4164-9298-BB4186A30F31}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Clé Supprimée : HKCU\Software\IM
Clé Supprimée : HKCU\Software\ImInstaller
Clé Supprimée : HKCU\Software\InstallCore
Clé Supprimée : HKCU\Software\installedbrowserextensions
Clé Supprimée : HKCU\Software\Softonic
Clé Supprimée : HKCU\Software\wnlt
Clé Supprimée : HKCU\Software\YahooPartnerToolbar
Clé Supprimée : HKCU\Software\AppDataLow\Software\Crossrider
Clé Supprimée : HKCU\Software\AppDataLow\Software\Plus-HD-4.9
Clé Supprimée : HKLM\Software\Iminent
Clé Supprimée : HKLM\Software\systweak
Clé Supprimée : HKLM\Software\Plus-HD-4.9
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-4.9
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{F4E33CE5-A7AB-4F68-A7E7-F0AA84EF2D9E}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask Toolbar_is1
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdUtility
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Winamp Toolbar
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Plus-HD-4.9
***** [ Navigateurs ] *****
-\\ Internet Explorer v9.0.8112.16526
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v26.0 (fr)
[ Fichier : C:\Users\Celine\AppData\Roaming\Mozilla\Firefox\Profiles\6e16ry5g.default\prefs.js ]
Ligne Supprimée : user_pref("browser.search.defaultenginename", "Sweetpacks Search");
Ligne Supprimée : user_pref("browser.search.selectedEngine", "Sweetpacks Search");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.InstallationThankYouPage", true);
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.InstallationTime", 1388009014);
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.active", true);
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.addressbar", "NA");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.addressbarenhanced", "");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.asyncdb.was_copied", "true");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.asyncdb_dbWasSet", true);
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.asyncdb_dbWasSet_FF25_FIX", true);
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.asyncinternaldb.was_copied", "true");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.asyncinternaldb_dbWasSet", true);
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.asyncinternaldb_dbWasSet_FF25_FIX", true);
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.backgroundver", 2);
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.certdomaininstaller", "");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.changeprevious", false);
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.cookie.InstallationTime.value", "%221388009014%22");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.cookie.InstallerParams.value", "%7B%22source_id%22%3A%22000808%22%2C%22sub_id%22%3A%220%22%2C%22uz[...]
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.cookie.iframe-exists.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.cookie.iframe-exists.value", "true");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.cookie.jw_token.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.cookie.jw_token.value", "%2267450cc2-b41f-aa65-fb10-6148a792d3b0%22");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.description", "Turn YouTube videos to High Definition by default");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.domain", "");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.enablesearch", false);
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.homepage", "");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.iframe", false);
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%229AEAFE9A86C04E83A162850FBCE7F[...]
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.InstallerParams.value", "%7B%22source_id%22%3A%22000808%22%2C%22sub_id%22%3A%220%22%2C%[...]
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%22000808%22%2C%22sub_id%22%3A%220%2[...]
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.InstallerUserIdentifiersCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.InstallerUserIdentifiersCache.value", "%7B%22installer_bic%22%3A%229AEAFE9A86C04E83A162[...]
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.Resources_appVer.value", "80");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.Resources_lastVersion.value", "1");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.Resources_meta.value", "%7B%7D");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.Resources_nextCheck.expiration", "Thu Jan 30 2014 02:59:49 GMT+0100");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.Resources_nextCheck.value", "true");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.Resources_queue.value", "%7B%7D");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.__first_daily_report_run__.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.__first_daily_report_run__.value", "1390646598308");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.__last_daily_report__.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.__last_daily_report__.value", "1390986718521");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb._country_code_.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb._country_code_.value", "%22FR%22");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22%3A%229AEAFE9A[...]
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.lastDailyReport", "1391025586275");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.lastUpdate", "1391025589876");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.manifesturl", "");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.name", "Plus-HD-4.9");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.newtab", "");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.opensearch", "");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/45918/plugins/093/ff/plugins.json");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.pluginsversion", 74);
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.publisher", "Plus HD");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.searchstatus", 0);
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.setnewtab", false);
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.thankyou", "");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.updateinterval", 360);
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.ver", 80);
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.FilesValidatorDueTime", "1391025641189");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.apps", "45918");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.bic", "143355c939ee50bef30b5b4dd704447f");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.cid", 45918);
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.firstrun", false);
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.hadappinstalled", true);
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.installationdate", 1388169696);
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.modetype", "production");
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.reportInstall", true);
Ligne Supprimée : user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.statsDailyCounter", 9);
Ligne Supprimée : user_pref("extensions.crossrider.bic", "143355c939ee50bef30b5b4dd704447f");
Ligne Supprimée : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
Ligne Supprimée : user_pref("keyword.URL", "hxxp://mysearch.sweetpacks.com?src=6&barid=30226615436091622306245048054603414456&crg=Cargo=3.5000006.10061&ppd=&did= 10873 -SIMTP= pid=714&cmpid=39363&plcmtid=553720&cveid=1[...]
Ligne Supprimée : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Ligne Supprimée : user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "hxxp://search.live.com/results.aspx?FORM=IEFM1&q=");
Ligne Supprimée : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Google");
Ligne Supprimée : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "www.google.com");
Ligne Supprimée : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxps://www.google.com/search");
Ligne Supprimée : user_pref("sweetim.toolbar.urls.homepage", "hxxp://mysearch.sweetpacks.com/?src=10&st=12&crg=Cargo=3.5000006.10061&did= 10873 -SIMTP= pid=714&cmpid=39363&plcmtid=553720&cveid=1361825 -cargo=Cargo=3.50[...]
Ligne Supprimée : user_pref("winamp_toolbar.strbundle.msg", "Winamp Toolbar");
-\\ Google Chrome v32.0.1700.102
[ Fichier : C:\Users\Celine\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Supprimée : homepage
Supprimée : icon_url
Supprimée : search_url
Supprimée : keyword
*************************
AdwCleaner[R0].txt - [23453 octets] - [29/01/2014 21:31:29]
AdwCleaner[S0].txt - [23648 octets] - [29/01/2014 21:34:26]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [23709 octets] ##########
# AdwCleaner v3.216 - Rapport créé le 26/07/2014 à 19:47:17
# Mis à jour le 17/07/2014 par Xplode
# Système d'exploitation : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Nom d'utilisateur : Celine - PC-DE-CELINE
# Exécuté depuis : C:\Users\Celine\Downloads\AdwCleaner-3.216.exe
# Option : Nettoyer
***** [ Services ] *****
[#] Service Supprimé : IePluginServices
Service Supprimé : iSafeKrnl
[#] Service Supprimé : iSafeNetFilter
[#] Service Supprimé : iSafeService
***** [ Fichiers / Dossiers ] *****
[!] Dossier Supprimé : C:\Program Files\iSafe
Dossier Supprimé : C:\Users\Celine\AppData\Roaming\eCyber
Dossier Supprimé : C:\Users\Celine\AppData\Roaming\iSafe
Dossier Supprimé : C:\Users\Celine\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjflmfkjppbmejlfbhlpgjnomdoefkfa
Fichier Supprimé : C:\Users\Celine\AppData\Roaming\Mozilla\Firefox\Profiles\6e16ry5g.default\user.js
***** [ Raccourcis ] *****
***** [ Registre ] *****
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9F708898-9DF4-4DDD-BFEC-67B3A031216C}
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F708898-9DF4-4DDD-BFEC-67B3A031216C}
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0ED1755-2442-4875-98F1-F5AB92595C49}
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0ED1755-2442-4875-98F1-F5AB92595C49}
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6AAC2302-6F5C-490A-837C-51E317642DB1}
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6AAC2302-6F5C-490A-837C-51E317642DB1}
Clé Supprimée : HKCU\Software\V9
Clé Supprimée : HKLM\Software\iSafe
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\iSafe
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
***** [ Navigateurs ] *****
-\\ Internet Explorer v9.0.8112.16561
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v27.0.1 (fr)
[ Fichier : C:\Users\Celine\AppData\Roaming\Mozilla\Firefox\Profiles\6e16ry5g.default\prefs.js ]
-\\ Google Chrome v35.0.1916.153
[ Fichier : C:\Users\Celine\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Supprimée [Extension] : jjflmfkjppbmejlfbhlpgjnomdoefkfa
Supprimée [Extension] : ogccgbmabaphcakpiclgcnmcnimhokcj
*************************
AdwCleaner[R0].txt - [28769 octets] - [29/01/2014 22:31:29]
AdwCleaner[R1].txt - [5375 octets] - [26/07/2014 19:45:45]
AdwCleaner[S0].txt - [28876 octets] - [29/01/2014 22:34:26]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [28937 octets] ##########
ZHP DIag
https://www.cjoint.com/?DGAuguBIv2y
~ Rapport de ZHPDiag v2014.6.25.98 - Nicolas Coolman (25/06/2014)
~ Lancé par Celine (26/07/2014 19:58:10)
~ Adresse du Site Web https://nicolascoolman.eu
~ Traduit par Nicolas Coolman
~ Etat de la version : Nouvelle version disponible
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program
---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 27.0.1
GCIE: Google Chrome v36.0.1985.125 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows Vista (TM) Home Premium, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Windows Operating System - Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 2V7GR
Windows License : OK
Windows Automatic Updates : OK
---\\ Logiciels de protection du système
avast! Free Antivirus v9.0.2011
McAfee Security Scan Plus v3.8.141.11
---\\ Logiciels d'optimisation du système
CCleaner v4.15
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 14 Plugin
Adobe Reader X
Java 7 Update 21
---\\ Informations sur le système
~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3032 MB (48% free)
System Restore: Activé (Enable)
System drive C: has 9 GB (9%) free of 92 GB
---\\ Mode de connexion au système
~ Computer Name: PC-DE-CELINE
~ User Name: Celine
~ All Users Names: Celine, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Celine\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Celine\AppData\Roaming\
~ %Desktop% : C:\Users\Celine\Desktop\
~ %Favorites% : C:\Users\Celine\Favorites\
~ %LocalAppData% : C:\Users\Celine\AppData\Local\
~ %StartMenu% : C:\Users\Celine\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 9 Go of 92 Go)
D: Hard drive, Flash drive, Thumb drive (Free 132 Go of 132 Go)
E: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 50 Scanned in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:23:42.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.61D9AD9E55D7A1E10C0EF701ADE1C486] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.07/06/2014 - 00:02:16.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.F5272A105F59A7B3B345D9D6D87DA7AD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:53:22.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.9C0E70031905ADBF94EDB9EA14AF943B] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.03/06/2008 - 04:29:54.) -- C:\Windows\system32\Drivers\atapi.sys [21560]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:23:20.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:24:25.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:24:55.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:23:01.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/4291
~ Mes musiques (My Musics) : 3/2433
~ Mes Videos (My Videos) : 1/36
~ Mes Favoris (My Favorites) : 1/23
~ Mes Documents (My Documents) : 1/1918
~ Mon Bureau (My Desktop) : 7/16
~ Menu demarrer (Programs) : 1/29
~ Hidden Files: Scanned in 00mn 10s
---\\ Processus lancés
[MD5.DD91E6C32D6421A17E618C7869CB0E58] - (.Logitech Inc. - Logitech Video COM Service.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [186904] [PID.2100]
[MD5.E6CB83FF2C098C6FFCF2D43A4AAC9B54] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [6139904] [PID.4076]
[MD5.D594369762386D744BE48EC4768BF849] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\Apoint2K\Apoint.exe [159744] [PID.3040]
[MD5.9CD2E735AF1DD2AA0F5BF5743CB52EA6] - (.Pas de propriétaire - Tray MFC.) -- C:\Program Files\Hotkey Utility\tray.exe [520192] [PID.3864]
[MD5.CB13BFC05C6DB940DE7870B676FEFB4D] - (.FIC - LaunchPad Application.) -- C:\Program Files\Launch Pad\LaunchPad.exe [2260992] [PID.3800]
[MD5.DA24165C133DD54A25A6CBFD0871042B] - (.Pas de propriétaire - PowerManager Application.) -- C:\Program Files\Power Manager\PM.exe [1675264] [PID.4032]
[MD5.421B7BC12D3CC269AC8D53A70B45A23A] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [178712] [PID.3680]
[MD5.454CE7072EDA6A05C79EC97D49400F57] - (...) -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [563984] [PID.3884]
[MD5.99E45FCB96AC7A8F437C9EF7F4BC36E8] - (.Alps Electric Co., Ltd. - ApMsgFwd.) -- C:\Program Files\Apoint2K\ApMsgFwd.exe [50472] [PID.3556]
[MD5.3C053C984EA313D15B5DCD7AEAF8E065] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [170520] [PID.756]
[MD5.AFEBF9E0B223FF04709F747C172D3540] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3764024] [PID.3812]
[MD5.320404640BA8A21E2C893567CBA46701] - (...) -- C:\Program Files\Logitech\QuickCam\Quickcam.exe [2184464] [PID.2636]
[MD5.F2C201341735E6674F7AD892CEA3799B] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [135680] [PID.3008]
[MD5.359937EFD1763DF9F8B8D166BD4CC022] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver for Windows NT/.) -- C:\Program Files\Apoint2K\Apntex.exe [49152] [PID.1376]
[MD5.0E9C7F16E998E794BC2DCB21FC7DA113] - (.Orbiscom Ltd. All rights reserved. - ECBL Client.) -- C:\Program Files\e-Carte Bleue Caisse d'Epargne\ecbl-cnce.exe [278528] [PID.2936]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.4340]
[MD5.B43E68B8A022FB00FF54360D408E871B] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [860488] [PID.5576]
[MD5.71858793D431DA2E1BF84F1F3F63D1A0] - (.Logitech Inc. - Camera Control Interface.) -- C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe [407824] [PID.5488]
[MD5.C228AF9DA17741E02BD3694DC0A83DB7] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [256536] [PID.5872]
[MD5.1F62DCBF33A67CAA5E68ADECBB25C3C7] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8071680] [PID.1552]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.4800]
[MD5.974BD3A1767D618186583B08DC1C0E69] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 175.3.) -- C:\Windows\system32\nvvsvc.exe [49152] [PID.1132]
[MD5.44B3DC1E001FD2FCF1ED41C06DD9C812] - (.Logitech Inc. - Logitech LVPrcSrv Module..) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [141848] [PID.1304]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1512]
[MD5.4B555106290BD117334E9A08761C035A] - (...) -- ystem32\rundll32.exe [0] [PID.1628]
[MD5.D74884939D53612FD84AC82C59CCFE27] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344] [PID.1896]
[MD5.ABDD5AD016AFFD34AD40E944CE94BF59] - (.SEIKO EPSON CORPORATION - eEBAPI Core Process module.) -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208] [PID.828]
[MD5.B33CF4DE909A5B30F526D82053A63C8E] - (.ABBYY - ABBYY network license server.) -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048] [PID.1868]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.124]
[MD5.6C602120EA9B0EAE10E09DF76E43B472] - (.Pas de propriétaire - Printer Communication System.) -- C:\Windows\system32\dlcgcoms.exe [537480] [PID.1536]
[MD5.E03216D695CDC2D223AFC0CAB4498888] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [354840] [PID.2064]
[MD5.250B9120C7C103AFDC0C6643F9691055] - (.Fujitsu Siemens Computers - Testhandler Service.) -- C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [303104] [PID.2424]
[MD5.2E7315B147E524E055026E6634B14EA6] - (.TOSHIBA CORPORATION - TOSHIBA Bluetooth Service.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [128360] [PID.2436]
[MD5.A3D94C93333619458AF4BDE7531234C5] - (.Microsoft Corporation - Service de planification Windows Media Cent.) -- C:\Windows\ehome\ehsched.exe [103424] [PID.4440]
[MD5.3A511ED3C9A9DA2CD5A50FF46178063A] - (.Microsoft Corporation - Service de réception Windows Media Center.) -- C:\Windows\ehome\ehRecvr.exe [441856] [PID.4984]
[MD5.88AD90BD1A891F3231B95DBC40941CD2] - (.Microsoft Corporation - Module hôte Windows Media Center.) -- C:\Windows\ehome\ehRec.exe [63488] [PID.5440]
[MD5.97D9D6A04E3AD9B6C626B9931DB78DBA] - (.Microsoft Corporation - Programme d'installation de modules Windows.) -- C:\Windows\servicing\TrustedInstaller.exe [39424] [PID.1104]
~ Processes Running: Scanned in 00mn 03s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Celine\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [gomekmidlodglbbmalcneegieacbdmki] avast! Online Security v.9.0.2022.121, (Activé)
G2 - GCE: Preference [User Data\Default] [jjflmfkjppbmejlfbhlpgjnomdoefkfa] Plus-HD-4.9 v.1.26.80, (Activé) =>Adware.PlusHD
G2 - GCE: Preference [User Data\Default] [kmendfapggjehodndflmmgagdbamhnfd] CryptoTokenExtension v.0.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)
---\\ Liste des dossiers d'extension Google Chrome
G2 - EXT: C:\Users\Celine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [avast! Online Security]
G2 - EXT: C:\Users\Celine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [Google Wallet]
~ Google Lines Browser: 15 Scanned in 00mn 06s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Celine\AppData\Roaming\Mozilla\Firefox\Profiles\6e16ry5g.default\prefs.js
M3 - MFPP: Plugins - [Celine] -- C:\Users\Celine\AppData\Roaming\Mozilla\Firefox\Profiles\6e16ry5g.default\searchplugins\Google.xml
M3 - MFPP: Plugins - [Celine] -- C:\Users\Celine\AppData\Roaming\Mozilla\Firefox\Profiles\6e16ry5g.default\searchplugins\live-search.xml
M0 - MFSP: prefs.js [Celine - 6e16ry5g.default] about:blank
M2 - MFEP: prefs.js [Celine - 6e16ry5g.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (..)
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.10.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.21.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Oracle Corporation - Next Generation Java Plug-in 10.21.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.21.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.21.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@mcafee.com/McAfeeMssPlugin] - (.McAfee, Inc. - McAfee MSS+ NPAPI Plugin.) -- C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (...) -- C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll (.not file.)
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.10.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
~ Firefox Browser: 34 Scanned in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.bing.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/?gws_rd=ssl
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.10.) (No version) -- (.not file.)
~ IE Browser: 11 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Clé orpheline
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} Clé orpheline
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
~ BHO: 12 Scanned in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Easy Photo Print - [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: avast! Online Security - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [FIC HotKey] . (.Pas de propriétaire - Tray MFC.) -- C:\Program Files\Hotkey Utility\tray.exe
O4 - HKLM\..\Run: [LaunchPad] . (.FIC - LaunchPad Application.) -- C:\Program Files\Launch Pad\LaunchPad.exe
O4 - HKLM\..\Run: [PowerManager] . (.Pas de propriétaire - PowerManager Application.) -- C:\Program Files\Power Manager\PM.exe
O4 - HKLM\..\Run: [FSCRecovery] . (.Fujitsu Siemens Computers GmbH - Fujitsu Siemens Computers Recovery Reminder.) -- c:\Program Files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe
O4 - HKLM\..\Run: [IAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] . (...) -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
O4 - HKLM\..\Run: [Skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Windows\Skytel.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll =>.NVIDIA Corporation
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\system32\NvMcTray.dll
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] . (...) -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Epson Stylus SX235(Réseau)] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHLE.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe =>.Microsoft Corporation
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (.not file.)
O4 - HKUS\.DEFAULT\..\Run: [fsc-reg] c:\fsc-reg\fscreg.exe (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [fsc-reg] c:\fsc-reg\fscreg.exe (.not file.)
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-21-1768897777-3417613466-3536302318-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-1768897777-3417613466-3536302318-1000\..\Run: [Epson Stylus SX235(Réseau)] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHLE.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-1768897777-3417613466-3536302318-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
~ Winsock: 7 Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} ((no name)) - https://webmail.mymazars.com/dwa7W.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{7213EDEF-8884-4A5B-A692-030EB91483A0}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{7213EDEF-8884-4A5B-A692-030EB91483A0}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip