Le serveur proxy ne répond pas sous windows 8

zumba33 Messages postés 18 Statut Membre -  
lilidurhone Messages postés 800 Date d'inscription   Statut Contributeur sécurité Dernière intervention   -
Bonjour
...?!!
a chaque fois que je veux me connecter sur internet j' ai un message me disant que le serveur proxy ne répond pas. Je décoche la case et quand je retourne sur internet la case est recoché. Comment résoudre le problème? Merci

19 réponses

  1. lilidurhone Messages postés 800 Date d'inscription   Statut Contributeur sécurité Dernière intervention   3 818
     
    * Télécharge sur le bureau RogueKiller

    * Quitte tous tes programmes en cours.

    * Sous Vista/Seven et windows 8 , clique droit -> lancer en tant qu'administrateur

    * Sinon lance simplement RogueKiller.exe

    * Patiente pendant le pre-scan, puis clique sur le bouton Scan

    * Un rapport RKreport.txt a du se créer sur le bureau, poste-le en l'hébergeant sur cjoint

    * Pour t'aider https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers

    Note : Si le programme a été bloqué, ne pas hésiter à essayer plusieurs fois.
    0
    1. Peck willow
       
      bonjour

      pas de connexion internet à cause du proxy: code ERR PROXY CONNECTION FAILED
      j"ai un HP Pavilion avec windows 8
      voici le rapport de roguekiller:
      RogueKiller V10.0.4.0 [Oct 29 2014] par Adlice Software
      email : http://www.adlice.com/contact/
      Remontées : http://forum.adlice.com
      Site web : https://www.surlatoile.org/RogueKiller/
      Blog : http://www.adlice.com

      Système d'exploitation : Windows 8.1 (6.3.9200 ) 64 bits version
      Démarré en : Mode normal
      Utilisateur : kille_000 [Administrateur]
      Mode : Scan -- Date : 11/09/2014 15:56:55

      ¤¤¤ Processus : 9 ¤¤¤
      [Suspicious.Path] iLivid.exe -- C:\Users\kille_000\AppData\Local\iLivid\iLivid.exe[7] -> Tué(e) [TermProc]
      [Suspicious.Path] StartMenuIndexer.exe -- C:\Users\kille_000\AppData\Local\Pokki\Engine\StartMenuIndexer.exe[7] -> Tué(e) [TermProc]
      [Suspicious.Path] HostAppService.exe -- C:\Users\kille_000\AppData\Local\Pokki\Engine\HostAppService.exe[7] -> Tué(e) [TermProc]
      [Suspicious.Path] HostAppService.exe -- C:\Users\kille_000\AppData\Local\Pokki\Engine\HostAppService.exe[7] -> Tué(e) [TermThr]
      [Suspicious.Path] (SVC) MaintainerSvc3.38.8461645 -- "C:\ProgramData\5fd2ca9d-b04a-4998-b7e8-2d30ebba8fbe\maintainer.exe"[7] -> Arrêté(e)
      [PUP] (SVC) servervo -- C:\Users\kille_000\AppData\Roaming\VOPackage\VOsrv.exe[-] -> Arrêté(e)
      [PUP] (SVC) UniversalUpdater -- C:\Program Files (x86)\0ca45c95134d\cf3e08d747e4.exe[-] -> Arrêté(e)
      [Suspicious.Path] (SVC) utspYR -- "C:\ProgramData\GXLBkvo\utspYR.exe"[7] -> ERROR [41c]
      [PUP] (SVC) WindowsMangerProtect -- C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service[-] -> Arrêté(e)

      ¤¤¤ Registre : 44 ¤¤¤
      [PUP] (X64) HKEY_CLASSES_ROOT\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C} -> Trouvé(e)
      [PUP] (X64) HKEY_CLASSES_ROOT\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} -> Trouvé(e)
      [PUP] (X64) HKEY_CLASSES_ROOT\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209} -> Trouvé(e)
      [PUP] (X64) HKEY_CLASSES_ROOT\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} -> Trouvé(e)
      [PUP] (X64) HKEY_CLASSES_ROOT\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E} -> Trouvé(e)
      [PUP] (X64) HKEY_CLASSES_ROOT\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358} -> Trouvé(e)
      [PUP] (X64) HKEY_CLASSES_ROOT\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7} -> Trouvé(e)
      [PUP] (X64) HKEY_CLASSES_ROOT\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301} -> Trouvé(e)
      [PUP] (X64) HKEY_CLASSES_ROOT\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6} -> Trouvé(e)
      [PUP] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0} -> Trouvé(e)
      [PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0} -> Trouvé(e)
      [PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> Trouvé(e)
      [PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | Boxore Client : C:\Program Files (x86)\Boxore\BoxoreClient\boxore.exe -> Trouvé(e)
      [PUP] (X64) HKEY_USERS\S-1-5-21-1056588063-3516213221-3264483551-1001\Software\Microsoft\Windows\CurrentVersion\Run | Pokki : C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform -> Trouvé(e)
      [PUP] (X64) HKEY_USERS\S-1-5-21-1056588063-3516213221-3264483551-1001\Software\Microsoft\Windows\CurrentVersion\Run | iLivid : "C:\Users\kille_000\AppData\Local\iLivid\iLivid.exe" -autorun -> Trouvé(e)
      [PUP] (X86) HKEY_USERS\S-1-5-21-1056588063-3516213221-3264483551-1001\Software\Microsoft\Windows\CurrentVersion\Run | Pokki : C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform -> Trouvé(e)
      [PUP] (X86) HKEY_USERS\S-1-5-21-1056588063-3516213221-3264483551-1001\Software\Microsoft\Windows\CurrentVersion\Run | iLivid : "C:\Users\kille_000\AppData\Local\iLivid\iLivid.exe" -autorun -> Trouvé(e)
      [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MaintainerSvc3.38.8461645 ("C:\ProgramData\5fd2ca9d-b04a-4998-b7e8-2d30ebba8fbe\maintainer.exe") -> Trouvé(e)
      [PUP] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\servervo (C:\Users\kille_000\AppData\Roaming\VOPackage\VOsrv.exe) -> Trouvé(e)
      [PUP] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Software_update (C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe /svc) -> Trouvé(e)
      [PUP] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Software_update_m (C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe /medsvc) -> Trouvé(e)
      [PUP] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\UniversalUpdater (C:\Program Files (x86)\0ca45c95134d\cf3e08d747e4.exe) -> Trouvé(e)
      [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\utspYR ("C:\ProgramData\GXLBkvo\utspYR.exe") -> Trouvé(e)
      [PUP] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WindowsMangerProtect (C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service) -> Trouvé(e)
      [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MaintainerSvc3.38.8461645 ("C:\ProgramData\5fd2ca9d-b04a-4998-b7e8-2d30ebba8fbe\maintainer.exe") -> Trouvé(e)
      [PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\servervo (C:\Users\kille_000\AppData\Roaming\VOPackage\VOsrv.exe) -> Trouvé(e)
      [PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Software_update (C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe /svc) -> Trouvé(e)
      [PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Software_update_m (C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe /medsvc) -> Trouvé(e)
      [PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\UniversalUpdater (C:\Program Files (x86)\0ca45c95134d\cf3e08d747e4.exe) -> Trouvé(e)
      [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\utspYR ("C:\ProgramData\GXLBkvo\utspYR.exe") -> Trouvé(e)
      [PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WindowsMangerProtect (C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service) -> Trouvé(e)
      [PUM.HomePage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.sweet-page.com/?type=hp&ts=1410628470&from=cor&uid=HGSTXHTS541010A9E680_JD1008CCJZ73YVJZ73YVX -> Trouvé(e)
      [PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-1056588063-3516213221-3264483551-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://rts.dsrlte.com?affID=na -> Trouvé(e)
      [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-1056588063-3516213221-3264483551-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://rts.dsrlte.com?affID=na -> Trouvé(e)
      [PUM.SearchPage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.sweet-page.com/web/?type=ds&ts=1410628470&from=cor&uid=HGSTXHTS541010A9E680_JD1008CCJZ73YVJZ73YVX&q={searchTerms} -> Trouvé(e)
      [PUM.SearchPage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 -> Trouvé(e)
      [PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-1056588063-3516213221-3264483551-1001\Software\Microsoft\Internet Explorer\Main | Search Page : http://feed.snapdo.com/...{searchTerms} -> Trouvé(e)
      [PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-1056588063-3516213221-3264483551-1001\Software\Microsoft\Internet Explorer\Main | Search Page : http://feed.snapdo.com/...{searchTerms} -> Trouvé(e)
      [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{AE2E8184-0721-4326-8836-D49B900584C9} | DhcpNameServer : 10.70.27.1 [(Private Address) (XX)] -> Trouvé(e)
      [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{AE2E8184-0721-4326-8836-D49B900584C9} | DhcpNameServer : 10.70.27.1 [(Private Address) (XX)] -> Trouvé(e)
      [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Trouvé(e)
      [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Trouvé(e)
      [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Trouvé(e)
      [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Trouvé(e)

      ¤¤¤ Tâches : 5 ¤¤¤
      [Suspicious.Path] AmiUpdXp.job -- C:\Users\kille_000\AppData\Local\29261\a4947.exe -> Trouvé(e)
      [Suspicious.Path] Groovorio.job -- C:\Users\KILLE_~1\AppData\Roaming\GROOVO~1\UPDATE~1\UPDATE~1.EXE (/Check) -> Trouvé(e)
      [Suspicious.Path] HOCEUWN.job -- C:\Users\kille_000\AppData\Roaming\HOCEUWN.exe (/infocmdline=xNm3uP0gnZ8unM+YLPUCnGHoK0a32xCSWUhuVOG0oNt6lDwcRiQQiHSkh6S5opv9AKqw+DXvcmMoPxJB3liPl6ljQsntITQHcwYgGN3AgSFSe4iLlaY9THo3E6eowzmZIAEIftGYBjiLGm1xpMW2/T8ElJ9Kr8JPtwSYXVl4Z/ZziikrMKVKaos8gQz5e1FeZL0EEwl52fuGUdqLCiHc38yy7po1Vi+fW+YQBMQQp+umjx78oWymeTDUeM2Jeba5V5Ba0umeOxReBg6/HWxX8y9HFfM6FqJBfnA5PW2PG6vCRbBEczzXwa/HvwrbYyr2ybp9DpA20lmbcAzDQnlM4R4EvXoSH1+1l0Dcgb2GdKk9MwRkV89OrXCWudvdp4zqjjBBUxgZPpWLrzQB3V7EoEbQeF91Vin2V4gRcbiz4WqWvGehBz6ZT9/PHamGSYCvpxOoV2WkCvi12oWmls1eS0GXDtVdNpkv4ewJ6ijIOg8vMMnDSSRfP1jY133KQq7a) -> Trouvé(e)
      [Suspicious.Path] KYZNYC.job -- C:\Users\kille_000\AppData\Roaming\KYZNYC.exe (/infocmdline=LbGqyuqP9SFIiD4jZyOSiLr8qDk2z/RO/6dbkrc17e2P9d4A9yO3oZy4+KM5eIOSzzrTHwQslQdN5Tiq/GhM7QzSoE39+c/Mj9G3QOwNgYWOH2dM7foam2tLW+4ZDp6lpu3jiUaiveEjQvHyKMkMPPjzWdLkJg3QoSDmUr6lU/RQemIUvKvIdkcPhVk7wXuzzflz3DeZ75cFe+ecwfrbHzycPdEI9mIfjAKoNtJGLuPDgLeo2cLpunnCVyNF2H0wNmLX/5/QjJxvyeSfbdvWv+MSUoKGGfrV6mSE+2cxdr3iPJ+kqXuelqfeuXD0hhxth3SsPtDA13RS2ijfgwfKl7gEkSM/dY0CTZA2i6wq5iV+K45srty2LLfBbWKuLEg+jGkOMn4MCEq3IuE6Se/6pxkuIGmx7EjKrWWYhnh1zSO47htru5+a5UV3jjE5dFqs7Za7/7cWzv8Snm3BOJk8IA7LF1Jce1v06FECRQni6tPonU/JADXrmyhhy+LM3JDF) -> Trouvé(e)
      [Suspicious.Path] \\Groovorio -- C:\Users\KILLE_~1\AppData\Roaming\GROOVO~1\UPDATE~1\UPDATE~1.EXE (/Check) -> Trouvé(e)

      ¤¤¤ Fichiers : 0 ¤¤¤

      ¤¤¤ Fichier Hosts : 0 ¤¤¤

      ¤¤¤ Antirootkit : 5 (Driver: Non chargé [0x20]) ¤¤¤
      [IAT:Inl] (***@***) KERNEL32.dll - CreateThreadpoolIo : Unknown @ 0x45026500 (jmp 0xffffffffcfdf5779)
      [IAT:Addr] (***@***) ext-ms-win-com-clbcatq-l1-1-0.dll - GetCatalogObject2 : C:\Windows\SYSTEM32\clbcatq.dll @ 0x77203206
      [IAT:Addr] (***@***) ext-ms-win-com-clbcatq-l1-1-0.dll - GetCatalogObject : C:\Windows\SYSTEM32\clbcatq.dll @ 0x7720278d
      [IAT:Inl] (***@***) KERNEL32.dll - CreateThreadpoolIo : Unknown @ 0x45026500 (jmp 0xffffffffcfdf5779)
      [IAT:Inl] (***@***) WS2_32.dll - WSARecv : Unknown @ 0x45025620 (jmp 0xffffffffcf93eabb)

      ¤¤¤ Navigateurs web : 0 ¤¤¤

      ¤¤¤ Vérification MBR : ¤¤¤
      +++++ PhysicalDrive0: HGST HTS541010A9E680 +++++
      --- User ---
      [MBR] 672ffe292cd6adfaad4b79eefcf0f31b
      [BSP] 605512f9ad89fdbbc435868f052ac319 : Empty MBR Code
      Partition table:
      0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097151 MB
      User = LL1 ... OK
      User = LL2 ... OK

      +++++ PhysicalDrive1: USB DISK 2.0 USB Device +++++
      --- User ---
      [MBR] 920a93d9005b3184086ab14f198d61d7
      [BSP] 7b1ab5c71ebaf61b2d7a1051cbb539c8 : Windows XP MBR Code
      Partition table:
      0 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 8064 | Size: 15268 MB
      User = LL1 ... OK
      Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

      Que dois je faire???

      cordialement
      0
    2. lilidurhone Messages postés 800 Date d'inscription   Statut Contributeur sécurité Dernière intervention   3 818
       
      * Quitte tous tes programmes en cours

      * Sous Vista/Seven , clique droit -> lancer en tant qu'administrateur

      * Sinon lance simplement RogueKiller.exe

      * Patiente pendant le pre-scan, clique sur Scan

      * Vérifie que tous les éléments sont cochés puis clique sur Suppression

      * Poste le rapport RKreport.txt présent sur le bureau.
      0
  2. zumba33 Messages postés 18 Statut Membre
     
    je ne peux pas aller sur internet pour télécharger donc comment je fais pour télécharger roguekiller
    0
  3. lilidurhone Messages postés 800 Date d'inscription   Statut Contributeur sécurité Dernière intervention   3 818
     
    Avec un autre ordinateur?

    Sinon il faut supprimer le proxy

    Tu as installé un programme dernièrement?
    0
    1. zumba33
       
      oui avec un autre ordinateur
      je n'ai pas installé de programme dernièrement.
      Je décoche la case et ca se remets toujours
      0
  4. lilidurhone Messages postés 800 Date d'inscription   Statut Contributeur sécurité Dernière intervention   3 818
     
    Ok

    Télécharge et transfère le via clé usb sur l'ordinateur malade
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. zumba33 Messages postés 18 Statut Membre
     
    je vais essayé
    0
  7. zumba33 Messages postés 18 Statut Membre
     
    j'ai le rapport RKrepport.txt sur l'ordi malade, est ce que je peut le poster sur cjoint avec l'autre ordi?
    0
  8. lilidurhone Messages postés 800 Date d'inscription   Statut Contributeur sécurité Dernière intervention   3 818
     
    Oui :)
    0
  9. zumba33 Messages postés 18 Statut Membre
     
    Et après je fais quoi une fois l'avoir posté?
    0
  10. zumba33 Messages postés 18 Statut Membre
     
    j'ai reçu un email de cjoint, qu'est ce qu'il faut faire?
    0
  11. lilidurhone Messages postés 800 Date d'inscription   Statut Contributeur sécurité Dernière intervention   3 818
     
    Poste le lien du rapport
    0
  12. zumba33 Messages postés 18 Statut Membre
     
    je le poste où?
    je suis un peu perdu
    0
  13. lilidurhone Messages postés 800 Date d'inscription   Statut Contributeur sécurité Dernière intervention   3 818
     
    Ici :)
    0
    1. zumba33 Messages postés 18 Statut Membre
       
      RKreport_DEL_07292014_104057
      0
    2. zumba33 Messages postés 18 Statut Membre
       
      et après??
      0
  14. lilidurhone Messages postés 800 Date d'inscription   Statut Contributeur sécurité Dernière intervention   3 818
     
    ...

    Tu héberges le rapport sur cjoint et tu postes le lien donné par cjoint
    0
    1. zumba33 Messages postés 18 Statut Membre
       
      RogueKiller V9.2.4.0 [Jul 11 2014] par Adlice Software
      Mail : https://www.adlice.com/contact/
      Remontées : https://forum.adlice.com/
      Site Web : http://www.surlatoile.org/RogueKiller/
      Blog : https://www.adlice.com/

      Système d'exploitation : Windows 8 (6.2.9200 ) 64 bits version
      Démarrage : Mode normal
      Utilisateur : karine [Droits d'admin]
      Mode : Suppression -- Date : 07/29/2014 10:40:57

      ¤¤¤ Processus malicieux : 2 ¤¤¤
      [Suspicious.Path] (SVC) BHDrvx64 -- \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\BASHDefs\20140121.001\BHDrvx64.sys[7] -> ERROR [41c]
      [Suspicious.Path] (SVC) IDSVia64 -- \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20140207.001\IDSvia64.sys[7] -> ERROR [41c]

      ¤¤¤ Entrées de registre : 28 ¤¤¤
      [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BHDrvx64 -> NON SELECTIONNÉ
      [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\IDSVia64 -> NON SELECTIONNÉ
      [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NAVENG -> NON SELECTIONNÉ
      [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NAVEX15 -> NON SELECTIONNÉ
      [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BHDrvx64 -> NON SELECTIONNÉ
      [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IDSVia64 -> NON SELECTIONNÉ
      [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NAVENG -> NON SELECTIONNÉ
      [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NAVEX15 -> NON SELECTIONNÉ
      [PUM.Proxy] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> NON SELECTIONNÉ
      [PUM.Proxy] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> NON SELECTIONNÉ
      [PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-12059798-445784377-1546886579-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> NON SELECTIONNÉ
      [PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-12059798-445784377-1546886579-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> NON SELECTIONNÉ
      [PUM.Proxy] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> NON SELECTIONNÉ
      [PUM.Proxy] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> NON SELECTIONNÉ
      [PUM.Proxy] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:52401;https=127.0.0.1:52401 -> NON SELECTIONNÉ
      [PUM.Proxy] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:52401;https=127.0.0.1:52401 -> NON SELECTIONNÉ
      [PUM.Proxy] (X64) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : -> NON SELECTIONNÉ
      [PUM.Proxy] (X86) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : -> NON SELECTIONNÉ
      [PUM.Proxy] (X64) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : -> NON SELECTIONNÉ
      [PUM.Proxy] (X86) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : -> NON SELECTIONNÉ
      [PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-12059798-445784377-1546886579-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:52401;https=127.0.0.1:52401 -> NON SELECTIONNÉ
      [PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-12059798-445784377-1546886579-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:52401;https=127.0.0.1:52401 -> NON SELECTIONNÉ
      [PUM.Proxy] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:52401;https=127.0.0.1:52401 -> NON SELECTIONNÉ
      [PUM.Proxy] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:52401;https=127.0.0.1:52401 -> NON SELECTIONNÉ
      [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NON SELECTIONNÉ
      [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NON SELECTIONNÉ
      [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NON SELECTIONNÉ
      [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NON SELECTIONNÉ

      ¤¤¤ Tâches planifiées : 1 ¤¤¤
      [Suspicious.Path] \\EPUpdater -- C:\Users\karine\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe -> SUPPRIMÉ

      ¤¤¤ Fichiers : 0 ¤¤¤

      ¤¤¤ Fichier HOSTS : 0 ¤¤¤

      ¤¤¤ Antirootkit : 0 (Driver: NON CHARGE [0xc000036b]) ¤¤¤

      ¤¤¤ Navigateurs web : 0 ¤¤¤

      ¤¤¤ MBR Verif : ¤¤¤
      +++++ PhysicalDrive0: WDC WD10JPVT-60A1YT0 +++++
      --- User ---
      [MBR] b6a5b19c9119be7850116df19286ac72
      [BSP] 52bd98af05b34ef3fe2da1318cb9b3b9 : Empty MBR Code
      Partition table:
      0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 953869 MB
      User = LL1 ... OK
      User = LL2 ... OK

      +++++ PhysicalDrive1: USB Flash Drive USB Device +++++
      --- User ---
      [MBR] 06f7752e1c2f82b620fa822b571eece7
      [BSP] 24bd36b8e24ec6cc73130a6de0b28848 : Unknown MBR Code
      Partition table:
      0 - [ACTIVE] FAT32 (0xb) [VISIBLE] Offset (sectors): 63 | Size: 3943 MB
      User = LL1 ... OK
      Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )


      ============================================
      RKreport_SCN_07292014_104007.log
      0
  15. lilidurhone Messages postés 800 Date d'inscription   Statut Contributeur sécurité Dernière intervention   3 818
     
    Fais suppression

    0
    1. zumba33 Messages postés 18 Statut Membre
       
      je supprime quoi?
      0
  16. lilidurhone Messages postés 800 Date d'inscription   Statut Contributeur sécurité Dernière intervention   3 818
     
    Ce que Roguekiller a détecté
    0
  17. zumba33 Messages postés 18 Statut Membre
     
    je l'ai fait plusieurs fois j'ai supprimé ce qu'il a détecté et j'ai toujours le même message que le serveur proxy ne répond donc pas de connexion
    0
  18. lilidurhone Messages postés 800 Date d'inscription   Statut Contributeur sécurité Dernière intervention   3 818
     
    Bizarre

    Fais PROXY RAZ sur Roguekiller
    0
    1. zumba33 Messages postés 18 Statut Membre
       
      comment je fais?
      0
    2. zumba33 Messages postés 18 Statut Membre
       
      j'ai essayé c'est pareil, ca m'énerve
      0
  19. lilidurhone Messages postés 800 Date d'inscription   Statut Contributeur sécurité Dernière intervention   3 818
     
    * Télécharge ZHPDiag (de Nicolas Coolman)
    https://nicolascoolman.eu ou https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/

    * Au cas où le premier lien ne marcherai pas, clique sur celui de dessous
    ftp://zebulon.fr/ZHPDiag2.exe

    * Double clic si tu es sous windows xp(sinon clic droit afin de l'exécuter en tant qu'admin à partir de Vista)

    * Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.

    * Surtout, n'oublie pas d'installer son icône sur le bureau l'icône est en forme de parchemin
    https://www.cjoint.com/13sp/CIvuQfap3YY_zhpdiag.png

    * A l'ouverture du logiciel il te sera proposé 3 options "rechercher", "configurer" et complet

    * Cliques sur "complet"

    * Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette

    * Pour héberger le rapport, rends toi sur cjoint.com
    * Clique sur choisissez un fichier va chercher le rapport dans ton PC.

    * Le rapport est hébergé:
    - Pour XP : C:\Documents and Settings\username\Local Settings\Application Data\ZHP
    - Depuis Vista : C:\Users\username\AppData\Roaming\ZHP

    * Une fois le rapport trouvé, sélectionne le, et clique sur Ouvrir

    * Choisis le type de diffusion (illimitée ou 21 jours)
    * Puis cliques sur créer le lien cjoint

    * Une fois que tu auras obtenu le lien copies colle dans ta prochaine réponse

    * Pour t'aider https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers
    0
    1. zumba33 Messages postés 18 Statut Membre
       
      ~ Rapport de ZHPDiag v2014.6.25.98 - Nicolas Coolman (25/06/2014)
      ~ Lancé par karine (29/07/2014 17:53:36)
      ~ Adresse du Site Web https://nicolascoolman.eu
      ~ Traduit par Nicolas Coolman
      ~ Etat de la version : Nouvelle version disponible
      ~ Liste blanche : Désactivée par l'utilisateur
      ~ Elévation des Privilèges : OK
      ~ User Account Control (UAC): Deactivate by program


      ---\\ Navigateurs Internet
      MSIE: Internet Explorer v10.0.9200.17028 (Defaut)

      ---\\ Informations sur les produits Windows
      ~ Langage: Français
      Windows 8, 64-bit (Build 9200)
      Windows Server License Manager Script : OK
      ~ Windows(R) Operating System, OEM_DM channel
      Windows ID Activation : OK
      ~ Windows Partial Key : D667T
      Windows License : OK
      ~ Windows Remaining Initializations Number : 998
      Software Protection Service (Protection logicielle) : OK
      Key Management Service client information : KO
      Windows Automatic Updates : OK
      Windows Activation Technologies : OK

      ---\\ Logiciels de protection du système
      avast! Free Antivirus v9.0.2021
      Windows Defender W8 (Deactivate)

      ---\\ Logiciels d'optimisation du système

      ---\\ Logiciels de partage PeerToPeer

      ---\\ Surveillance de Logiciels

      ---\\ Informations sur le système
      ~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
      ~ Operating System: 64 Bits
      Boot mode: Normal (Normal boot)
      Total RAM: 3988 MB (56% free)
      System Restore: Activé (Enable)
      System drive C: has 862 GB (95%) free of 907 GB

      ---\\ Mode de connexion au système
      ~ Computer Name: KILLIAN
      ~ User Name: karine
      ~ All Users Names: pouna_000, karine, HomeGroupUser$, Administrateur,
      ~ Unselected Option: None
      Logged in as Administrator

      ---\\ Variables d'environnement
      ~ System Unit : C:\
      ~ %AppZHP% : C:\Users\karine\AppData\Roaming\ZHP\
      ~ %AppData% : C:\Users\karine\AppData\Roaming\
      ~ %Desktop% : C:\Users\karine\Desktop\
      ~ %Favorites% : C:\Users\karine\Favorites\
      ~ %LocalAppData% : C:\Users\karine\AppData\Local\
      ~ %StartMenu% : C:\Users\karine\AppData\Roaming\Microsoft\Windows\Start Menu\
      ~ %Windir% : C:\Windows\
      ~ %System% : C:\Windows\System32\

      ---\\ Enumération des unités disques
      C: Hard drive, Flash drive, Thumb drive (Free 862 Go of 907 Go)
      D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 24 Go)
      E: CD-ROM drive (Free 0 Go of 2 Go)
      F: Floppy drive, Flash card reader, USB Key (Free 0 Go of 4 Go)



      ---\\ Etat du Centre de Sécurité Windows
      [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
      [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
      [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
      [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
      [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
      [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
      [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
      [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
      [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
      [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
      [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
      ~ Security Center: 41 Scanned in 00mn 00s



      ---\\ Recherche particulière de fichiers génériques
      [MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Explorateur Windows.) (.01/06/2013 - 12:34:21.) -- C:\Windows\Explorer.exe [2391280]
      [MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
      [MD5.27E552632E6394DE0FA555EFDBA29A49] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.19/06/2014 - 03:12:11.) -- C:\Windows\System32\wininet.dll [2239488]
      [MD5.75DD70A14145499C9F7D903CF9A8C91B] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.12/04/2014 - 10:10:31.) -- C:\Windows\System32\Winlogon.exe [578048]
      [MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
      [MD5.FE7FB9612D354EB41DF4F0FF5D6FB259] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.29/05/2014 - 23:24:46.) -- C:\Windows\system32\Drivers\AFD.sys [576512]
      [MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
      [MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
      [MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
      [MD5.431141C6859990824D17F71C30A78728] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.16/01/2014 - 00:42:58.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
      [MD5.58CC013EFA9893057160EDA018D8ADCE] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.15/07/2014 - 23:51:05.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
      [MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
      [MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
      [MD5.7A761AEE58658378BBA45D360F874CB0] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.27/02/2014 - 00:18:55.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
      [MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
      [MD5.7BE3EDFFA3216F989A6BDCB14795DD08] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.27/01/2014 - 04:39:40.) -- C:\Windows\system32\Drivers\ntfs.sys [1939288]
      [MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
      [MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
      [MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
      [MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
      [MD5.78A5BBA3819FFFC62FFEC3E2220D102D] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.01/06/2013 - 12:26:33.) -- C:\Windows\system32\Drivers\volsnap.sys [327936]
      ~ Generic Processes: Scanned in 00mn 00s



      ---\\ Etat des fichiers cachés (Caché/Total)
      ~ Mes images (My Pictures) : 2/788
      ~ Mes musiques (My Musics) : 1/73
      Mes Videos (My Videos) : 2/2 (Modified)
      ~ Mes Favoris (My Favorites) : 1/33
      ~ Mes Documents (My Documents) : 2/1429
      ~ Mon Bureau (My Desktop) : 1/5
      ~ Menu demarrer (Programs) : 1/21
      ~ Hidden Files: Scanned in 00mn 03s



      ---\\ Processus lancés
      [MD5.6E0A993681A809FB61B2BF0D1959AAA4] - (.CyberLink Corp. - Power2Go Desktop Burning Gadget.) -- C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1713416] [PID.4668]
      [MD5.A4C34F9AAE33EC99D8ED5299F856C9D8] - (.CyberLink Corp. - CyberLink YouCam Service.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224] [PID.4848]
      [MD5.26AFC1F16494FFE66F2197153B342A27] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432] [PID.4900]
      [MD5.0E33C03867675B923DCAF0A36DD646CA] - (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304] [PID.4912]
      [MD5.4E9AF25BA5E8219310E384AEA5B0EED8] - (.CyberLink - CyberLink MediaLibrary Service.) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576] [PID.508]
      [MD5.434FEE6FF661DCABADB69E55E0747494] - (.Hewlett-Packard Development Company, L.P. - HP CoolSense.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1344312] [PID.2944]
      [MD5.1F62DCBF33A67CAA5E68ADECBB25C3C7] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8071680] [PID.6924]
      ~ Processes Running: Scanned in 00mn 01s



      ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
      P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30514.0.) -- c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
      P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited - Facebook Video Calling Plugin.) -- C:\Users\karine\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
      ~ Firefox Browser: 2 Scanned in 00mn 00s



      ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
      R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.sfr.fr/
      R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
      R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
      R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
      R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/
      R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
      R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/
      R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
      R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
      R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
      R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
      R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
      R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/
      R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
      R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
      R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
      R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (10.00.9200.16384 (win8_rtm.120725-1247)) -- C:\Windows\SysWOW64\ieframe.dll
      R3 - URLSearchHook: (no name) [64Bits] - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} . (.Microsoft Corporation - Navigateur Internet.) (No version) -- (.not file.)
      ~ IE Browser: 18 Scanned in 00mn 00s



      ---\\ Internet Explorer, Proxy Management (R5)
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback> =>Hijacker.Proxy
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:52401;https=127.0.0.1:52401 =>Hijacker.Proxy
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
      ~ Proxy management: Scanned in 00mn 00s



      ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
      F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
      F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
      F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
      ~ Keys: Scanned in 00mn 00s



      ---\\ Hosts file redirection (O1)
      ~ Le fichier hosts est sain (The hosts file is clean).
      ~ Hosts File: Scanned in 00mn 00s
      ~ Nombre de lignes (Lines number): 21



      ---\\ Browser Helper Objects de navigateur (O2)
      O2 - BHO: (no name) [64Bits] - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} Clé orpheline
      O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
      O2 - BHO: HP Network Check Helper [64Bits] - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} . (.Hewlett-Packard - HP Network Check IE Plug-in.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
      O2 - BHO: buenosearch Helper Object [64Bits] - {F1C81E40-2485-4DB6-8C9D-04BD596B281E} . (.Montiera Technologies LTD - Pas de description.) -- C:\Program Files (x86)\buenosearch LTD\buenosearch\1.8.28.7\bh\buenosearch.dll =>PUP.BuenoSearch
      ~ BHO: 6 Scanned in 00mn 00s



      ---\\ Internet Explorer Toolbars (O3)
      O3 - Toolbar: (no name) - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} Clé orpheline
      O3 - Toolbar\WebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline
      ~ Toolbar: Scanned in 00mn 00s



      ---\\ Applications lancées au démarrage du système (O4)
      O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe =>.Realtek Semiconductor Corp
      O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
      O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
      O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
      O4 - HKLM\..\RunOnce: [NCPluginUpdater] . (.Hewlett-Packard - NCPluginUpdater.) -- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
      O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\karine\AppData\Local\Facebook\Update\FacebookUpdate.exe
      O4 - HKCU\..\Run: [Power2GoExpress8] . (.CyberLink Corp. - Power2Go Desktop Burning Gadget.) -- C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe
      O4 - HKLM\..\Wow6432Node\Run: [YouCam Service] . (.CyberLink Corp. - CyberLink YouCam Service.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
      O4 - HKLM\..\Wow6432Node\Run: [AccelerometerSysTrayApplet] . (.Hewlett-Packard Company - Hp Accelerometer System Tray.) -- C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
      O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
      O4 - HKLM\..\Wow6432Node\Run: [HPMessageService] . (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
      O4 - HKLM\..\Wow6432Node\Run: [fst_fr_200] Clé orpheline =>Adware.FreeSoftToday
      O4 - HKUS\S-1-5-21-12059798-445784377-1546886579-1001\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\karine\AppData\Local\Facebook\Update\FacebookUpdate.exe
      O4 - HKUS\S-1-5-21-12059798-445784377-1546886579-1001\..\Run: [Power2GoExpress8] . (.CyberLink Corp. - Power2Go Desktop Burning Gadget.) -- C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe
      ~ Application: Scanned in 00mn 00s



      ---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
      O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
      ~ IE Control Panel: 1 Scanned in 00mn 00s



      ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
      O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 [64Bits] - {25510184-5A38-4A99-B273-DCA8EEF6CD08} . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\Resources\Icons\HP.ico
      ~ IE Extra Buttons: Scanned in 00mn 00s



      ---\\ Winsock hijacker (Layered Service Provider) (O10)
      O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
      O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
      O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
      O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
      O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
      O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
      O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
      ~ Winsock: 7 Scanned in 00mn 00s



      ---\\ Modification Domaine/Adresses DNS (O17)
      O17 - HKLM\System\CCS\Services\Tcpip\..\{D1EDE93F-8AA4-4758-8EEF-DB2FBB2ADF77}: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CS1\Services\Tcpip\..\{D1EDE93F-8AA4-4758-8EEF-DB2FBB2ADF77}: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
      ~ Domain: Scanned in 00mn 00s



      ---\\ Protocole additionnel (O18)
      O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
      O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
      ~ Protocole Additionnel: Scanned in 00mn 00s



      ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
      O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
      ~ Winlogon: Scanned in 00mn 00s



      ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
      O20 - AppInit_DLLs: . (...) - C:\Program Files (x86)\SW-Booster\Assistant_x64.dll (.not file.) =>PUP.SafeWeb
      ~ AppInit DLL: Scanned in 00mn 00s



      ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
      ~ SSODL: 1 Scanned in 00mn 00s



      ---\\ Liste des services NT non Microsoft et non désactivés (O23)
      O23 - Service: Andrea RT Filters Service (AERTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
      O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
      O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service (CyberLink PowerDVD 12 Media Server Monitor Service) . (.CyberLink - CyberLink Media Server Monitor Service.) - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
      O23 - Service: CyberLink PowerDVD 12 Media Server Service (CyberLink PowerDVD 12 Media Server Service) . (.CyberLink - CyberLink Media Server Service.) - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
      O23 - Service: HP Support Assistant Service (HP Support Assistant Service) . (.Hewlett-Packard Company - HP Support Assistant Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe =>.Hewlett-Packard Co
      O23 - Service: oem16.inf (hpsrv) . (.Hewlett-Packard Company - HpService.) - C:\Windows\System32\Hpservice.exe
      O23 - Service: HPWMISVC (HPWMISVC) . (.Hewlett-Packard Development Company, L.P. - HP WMI Service.) - c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
      O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
      O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
      O23 - Service: Intel(R) ME Service (Intel(R) ME Service) . (.Intel Corporation - Intel(R) ME Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
      O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
      O23 - Service: KMService (KMService) . (...) - C:\Windows\SysWOW64\srvany.exe =>Hijacker.Office
      O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      O23 - Service: Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor - Realtek Audio Service.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
      O23 - Service: Software Update Service (supdate) (supdate) . (.Boxore OU. - Programme d'installation de Software.) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore
      O23 - Service: Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
      O23 - Service: Wajam Internet Enhancer Service (Wajam Internet Enhancer Service) . (.Wajam Internet Technologies Inc. - Wajam Internet Enhancer Service.) - C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe =>PUP.Wajam
      ~ Services: 18 Scanned in 00mn 17s



      ---\\ Enumération Active Desktop & MHTML Editor (O24)
      O24 - Default MHTML Editor: Last - .(...) - (.not file.)
      ~ Desktop Component: 4 Scanned in 00mn 00s



      ---\\ Enumère les données de BootExecute (BEX) (O34)
      O34 - HKLM BootExecute: (autocheck autochk *) - File not found
      ~ BEX: 1 Scanned in 00mn 00s



      ---\\ Tâches planifiées en automatique (O39)
      [MD5.00000000000000000000000000000000] [APT] [Advanced System Protector] (...) -- C:\Program Files (x86)\RegClean Pro\SystweakASP.exe (.not file.) [0] =>PUP.AdvancedSystemProtector
      [MD5.1AD8512A5C40AD1A0558498D8E0AC2AA] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [808448]
      [MD5.4E9AF25BA5E8219310E384AEA5B0EED8] [APT] [CLMLSvc_P2G8] (.CyberLink.) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576]
      [MD5.227E138E4A6D8D3A1CC9C3EA0D1874A5] [APT] [CLVDLauncher] (.CyberLink Corp..) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [339008]
      [MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-12059798-445784377-1546886579-1001Core] (.Facebook Inc..) -- C:\Users\karine\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
      [MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-12059798-445784377-1546886579-1001UA] (.Facebook Inc..) -- C:\Users\karine\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
      [MD5.AF51D4FE088A3EFA5303B36FFFD0581B] [APT] [HPCeeScheduleForkarine] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [91704]
      [MD5.251A1AED2D4A26A47C0A4A3058AAE4A8] [APT] [SoftwareUpdateTaskMachineCore] (.Boxore OU..) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe [139576] =>Adware.Boxore
      [MD5.251A1AED2D4A26A47C0A4A3058AAE4A8] [APT] [SoftwareUpdateTaskMachineUA] (.Boxore OU..) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe [139576] =>Adware.Boxore
      [MD5.98384182AC896D4F660B60F9D69412AF] [APT] [Synaptics TouchPad Enhancements] (.Synaptics Incorporated.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3053808]
      [MD5.434FEE6FF661DCABADB69E55E0747494] [APT] [HP CoolSense Start at Logon] (.Hewlett-Packard Development Company, L.P..) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1344312]
      [MD5.A0677631EEBDC81B2C30025C1133D7C5] [APT] [HP Support Assistant Quick Start] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [541496]
      [MD5.A0677631EEBDC81B2C30025C1133D7C5] [APT] [PC Health Analysis] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [541496]
      [MD5.16F1F09240540D9409DA192839C9D786] [APT] [Update Check] (.Hewlett-Packard Company.) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [630584]
      [MD5.701C65A8DF4B7663FFA4A1032598DFE9] [APT] [WarrantyChecker] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1586392]
      [MD5.701C65A8DF4B7663FFA4A1032598DFE9] [APT] [WarrantyChecker_DeviceScan] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1586392]
      O39 - APT: - (..) -- C:\Windows\Tasks\AutoKMS.job [282] =>Trojan.Keygen
      O39 - APT: FacebookUpdateTaskUserS-1-5-21-12059798-445784377-1546886579-1001Core - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-12059798-445784377-1546886579-1001Core.job [926]
      O39 - APT: FacebookUpdateTaskUserS-1-5-21-12059798-445784377-1546886579-1001Core - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-12059798-445784377-1546886579-1001Core [926]
      O39 - APT: FacebookUpdateTaskUserS-1-5-21-12059798-445784377-1546886579-1001UA - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-12059798-445784377-1546886579-1001UA.job [948]
      O39 - APT: FacebookUpdateTaskUserS-1-5-21-12059798-445784377-1546886579-1001UA - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-12059798-445784377-1546886579-1001UA [948]
      O39 - APT: HPCeeScheduleForkarine - (.Hewlett-Packard.) -- C:\Windows\Tasks\HPCeeScheduleForkarine.job [352]
      O39 - APT: HPCeeScheduleForkarine - (.Hewlett-Packard.) -- C:\Windows\System32\Tasks\HPCeeScheduleForkarine [352]
      O39 - APT: SoftwareUpdateTaskMachineCore - (.Boxore OU..) -- C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job [1098] =>Adware.Boxore
      O39 - APT: SoftwareUpdateTaskMachineCore - (.Boxore OU..) -- C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineCore [1098] =>Adware.Boxore
      O39 - APT: SoftwareUpdateTaskMachineUA - (.Boxore OU..) -- C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job [1102] =>Adware.Boxore
      O39 - APT: SoftwareUpdateTaskMachineUA - (.Boxore OU..) -- C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineUA [1102] =>Adware.Boxore
      ~ Scheduled Task: 25 Scanned in 00mn 03s



      ---\\ Composants installés (ActiveSetup Installed Components) (O40)
      O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
      O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
      O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
      O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
      O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
      O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
      O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
      O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
      O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll
      ~ Active Setup: 9 Scanned in 00mn 00s



      ---\\ Pilotes lancés au démarrage du système (O41)
      O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys
      O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\drivers\aswRdr2.sys
      O41 - Driver: (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\Windows\system32\drivers\aswSnx.sys
      O41 - Driver: (aswSP) . (.AVAST Software - avast! self protection module.) - C:\Windows\system32\drivers\aswSP.sys
      O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys
      O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys
      O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
      O41 - Driver: (CLVirtualDrive) . (.CyberLink - It is a virtual device driver which could c.) - C:\Windows\system32\DRIVERS\CLVirtualDrive.sys
      O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys
      O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
      O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
      O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
      O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
      O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
      O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys
      O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
      O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
      O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
      O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
      O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
      O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
      ~ Drivers: 42 Scanned in 00mn 00s



      ---\\ Logiciels installés (O42)
      O42 - Logiciel: 7-Zip 9.20 (x64 edition) - (.Igor Pavlov.) [HKLM][64Bits] -- {23170F69-40C1-2702-0920-000001000000}
      O42 - Logiciel: Adobe Shockwave Player 12.0 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Shockwave Player
      O42 - Logiciel: Aloha TriPeaks - (.WildTangent.) [HKLM][64Bits] -- WTA-2117b5c8-3ece-4412-9662-b970a3373621
      O42 - Logiciel: Bejeweled 3 - (.WildTangent.) [HKLM][64Bits] -- WTA-1a2b6c36-ef16-448a-817f-c07d02079bfa
      O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
      O42 - Logiciel: Boxore Client - (.Boxore OU.) [HKLM][64Bits] -- {F847B70A-FC29-4B82-872E-58F2CE9DEE09} =>Adware.Boxore
      O42 - Logiciel: Build-a-lot - (.WildTangent.) [HKLM][64Bits] -- WTA-1c0463bb-f819-402f-bd3d-3eb2f91a5c79
      O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {64BF0187-F3D2-498B-99EA-163AF9AE6EC9}
      O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {AF312B06-5C5C-468E-89B3-BE6DE2645722}
      O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}
      O42 - Logiciel: Cradle of Rome 2 - (.WildTangent.) [HKLM][64Bits] -- WTA-0c6e07ec-6f4d-498f-a087-b7d4c1794be4
      O42 - Logiciel: Crazy Chicken Soccer - (.WildTangent.) [HKLM][64Bits] -- WTA-9ba8d5f0-b99b-487e-b019-7a34c180af35
      O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
      O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}
      O42 - Logiciel: CyberLink Media Suite 10 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}
      O42 - Logiciel: CyberLink Media Suite 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}
      O42 - Logiciel: CyberLink Power2Go 8 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
      O42 - Logiciel: CyberLink Power2Go 8 - (.CyberLink Corp..) [HKLM][64Bits] -- {2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
      O42 - Logiciel: CyberLink PowerDVD 12 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
      O42 - Logiciel: CyberLink PowerDVD 12 - (.CyberLink Corp..) [HKLM][64Bits] -- {B46BEA36-0B71-4A4E-AE41-87241643FA0A}
      O42 - Logiciel: CyberLink PowerDirector 10 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}
      O42 - Logiciel: CyberLink PowerDirector 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}
      O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
      O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
      O42 - Logiciel: Cyberlink PhotoDirector - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}
      O42 - Logiciel: Cyberlink PhotoDirector - (.CyberLink Corp..) [HKLM][64Bits] -- {39337565-330E-4ab6-A9AE-AC81E0720B10}
      O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
      O42 - Logiciel: DisableMSDefender - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}
      O42 - Logiciel: EZDownloader - (.EZDownloader.) [HKLM][64Bits] -- {0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1
      O42 - Logiciel: Energy Star - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}
      O42 - Logiciel: Facebook Video Calling 2.0.0.447 - (.Skype Limited.) [HKLM][64Bits] -- {8DF41A9F-FE13-43E8-A003-5F9B55A011EE}
      O42 - Logiciel: Farm Frenzy - (.WildTangent.) [HKLM][64Bits] -- WTA-9d5b9fad-c289-475d-8dc0-c68b47609a2f
      O42 - Logiciel: Farming Simulator 2013 - (.GIANTS Software.) [HKLM][64Bits] -- FarmingSimulator2013INT_is1
      O42 - Logiciel: Galerie de photos - (.Microsoft Corporation.) [HKLM][64Bits] -- {446CC8CE-0E90-44F7-ADD0-774B243EF090}
      O42 - Logiciel: Governor of Poker 2 Premium Edition - (.WildTangent.) [HKLM][64Bits] -- WTA-4a353857-d8ff-417a-8a1a-3fcf172824fb
      O42 - Logiciel: HP 3D DriveGuard - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {07F6DC37-0857-4B68-A675-4E35989E85E3}
      O42 - Logiciel: HP Connected Music (Meridian - installer) - (.Meridian Audio Ltd.) [HKLM][64Bits] -- StartHPConnectedMusic
      O42 - Logiciel: HP Connected Music (Meridian - player) - (.Meridian Audio Ltd.) [HKCU][64Bits] -- HPConnectedMusic
      O42 - Logiciel: HP CoolSense - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {394B14EA-B072-4440-9510-87797CB12371}
      O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {07FA4960-B038-49EB-891B-9F95930AA544}
      O42 - Logiciel: HP Documentation - (.Hewlett-Packard.) [HKLM][64Bits] -- {61245005-66F1-4001-AEE8-2E2D36F65C28}
      O42 - Logiciel: HP Postscript Converter - (.Hewlett-Packard.) [HKLM][64Bits] -- {6E14E6D6-3175-4E1A-B934-CAB5A86367CD}
      O42 - Logiciel: HP Quick Start - (.Hewlett-Packard.) [HKLM][64Bits] -- {B9494F9E-5EA9-4C70-9F38-659F5E6C0BF3}
      O42 - Logiciel: HP Recovery Manager - (.Hewlett-Packard.) [HKLM][64Bits] -- {E849965E-4771-440C-936F-AF5BFD144416}
      O42 - Logiciel: HP Registration Service - (.Hewlett-Packard.) [HKLM][64Bits] -- {D1E8F2D7-7794-4245-B286-87ED86C1893C}
      O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {C88F84E5-AE23-44BD-922C-2ABEACACAF7A} =>.Hewlett-Packard Co
      O42 - Logiciel: HP System Event Utility - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {F35EE4BC-95E1-4417-BA36-7C32FF24A59A}
      O42 - Logiciel: HP Utility Center - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {A48BD764-CFDF-40A5-A07A-710908044F5D}
      O42 - Logiciel: HP Wireless Button Driver - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {30B2D1D8-0A07-4B71-9553-0710C5D31E35}
      O42 - Logiciel: Hewlett-Packard ACLM.NET v1.2.2.1 - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {6F340107-F9AA-47C6-B54C-C3A19F11553F}
      O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
      O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
      O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {409CB30E-E457-4008-9B1A-ED1B9EA21140}
      O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {E83FDB2A-C81C-403D-8FD3-A816A89AF80C}
      O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573}
      O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {FA00A3CC-7440-4938-A271-F186F50DD40D}
      O42 - Logiciel: Jeux WildTangent - (.WildTangent.) [HKLM][64Bits] -- WildTangent wildgames Master Uninstall
      O42 - Logiciel: Jewel Match 3 - (.WildTangent.) [HKLM][64Bits] -- WTA-5f6c5326-4a1b-40c9-9379-76dca831dbca
      O42 - Logiciel: Jewel Quest II - (.WildTangent.) [HKLM][64Bits] -- WTA-472cffa8-c39f-41ed-a65a-081a1f381d94
      O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
      O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
      O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77}
      O42 - Logiciel: Mahjongg Artifacts - (.WildTangent.) [HKLM][64Bits] -- WTA-c3415b63-bc95-42c5-bf79-623a46c610ac
      O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
      O42 - Logiciel: Microsoft SkyDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- SkyDriveSetup.exe =>.Microsoft Corporation
      O42 - Logiciel: Plants vs. Zombies - Game of the Year - (.WildTangent.) [HKLM][64Bits] -- WTA-4eac5f9e-33cb-48f5-bf50-7082a2214ff3
      O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM][64Bits] -- WTA-0d35afb2-fd0b-48e6-91f3-1421859673ac
      O42 - Logiciel: REALTEK Wireless LAN Driver - (.REALTEK Semiconductor Corp..) [HKLM][64Bits] -- {A5107464-AA9B-4177-8129-5FF2F42DD322}
      O42 - Logiciel: Ranch Rush 2 - Premium Edition - (.WildTangent.) [HKLM][64Bits] -- WTA-3b956706-414a-427a-b545-4ac94ad99a1c
      O42 - Logiciel: Realtek Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F0A8BF4A-972F-41E0-9800-1EFE3BF28266}
      O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
      O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
      O42 - Logiciel: SW-Sustainer 1.80 - (.Certified Publisher.) [HKLM][64Bits] -- {5F189DF5-2D05-472B-9091-84D9848AE48B}{d0e87c27} =>PUP.SafeWeb
      O42 - Logiciel: Software Update Helper - (.Boxore OU..) [HKLM][64Bits] -- {006E6A46-8D55-4F10-BBA8-2C9653B4278B} =>Adware.Boxore
      O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
      O42 - Logiciel: Trinklit Supreme - (.WildTangent.) [HKLM][64Bits] -- WTA-9cd91b6b-19ac-4723-a1c9-0c8dec0e1c0e
      O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
      O42 - Logiciel: Vacation Quest(TM) - Australia - (.WildTangent.) [HKLM][64Bits] -- WTA-9b1b639f-3762-47cc-9c36-5d2e35040d4d
      O42 - Logiciel: Virtual Families - (.WildTangent.) [HKLM][64Bits] -- WTA-d86f6409-6926-4cb1-a6f7-6cf823fd6790
      O42 - Logiciel: Wajam - (.Wajam.) [HKLM][64Bits] -- Wajam =>PUP.Wajam
      O42 - Logiciel: Wedding Dash - (.WildTangent.) [HKLM][64Bits] -- WTA-ec94ce70-d22f-41dc-a0c1-f667c0881864
      O42 - Logiciel: WildTangent Games App (HP Games) - (.WildTangent.) [HKLM][64Bits] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp
      O42 - Logiciel: Youda Jewel Shop - (.WildTangent.) [HKLM][64Bits] -- WTA-428c9521-9fd9-49ae-a121-f2ddd2a16d8e
      O42 - Logiciel: Zuma's Revenge - (.WildTangent.) [HKLM][64Bits] -- WTA-99026cfc-1268-4b13-a543-e8d9f434036c
      O42 - Logiciel: avast! Free Antivirus v9.0.2021 - (.AVAST Software.) [HKLM][64Bits] -- Avast
      O42 - Logiciel: buenosearch toolbar - (.Montiera technologies LTD.) [HKLM][64Bits] -- buenosearch =>PUP.BuenoSearch
      O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}
      O42 - Logiciel: sysTPL - (.Tlapia.) [HKLM][64Bits] -- {4B74BC31-B353-4B8F-8CBE-DAB4FF326FF1}
      ~ Logic: 64 Scanned in 00mn 00s



      ---\\ HKCU & HKLM Software Keys
      [HKCU\Software\7-Zip]
      [HKCU\Software\AI_RecycleBin]
      [HKCU\Software\AVAST Software]
      [HKCU\Software\AppDataLow\Software\Adobe]
      [HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
      [HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}]
      [HKCU\Software\AppDataLow]
      [HKCU\Software\BabSolution] =>Hijacker.BabSolution
      [HKCU\Software\Boxore] =>Adware.Boxore
      [HKCU\Software\Classes]
      [HKCU\Software\CyberLink]
      [HKCU\Software\Facebook]
      [HKCU\Software\Hewlett-Packard]
      [HKCU\Software\Intel]
      [HKCU\Software\Lake]
      [HKCU\Software\Licenses]
      [HKCU\Software\Macromedia]
      [HKCU\Software\Mine]
      [HKCU\Software\MozillaPlugins]
      [HKCU\Software\Norton]
      [HKCU\Software\Policies]
      [HKCU\Software\Realtek]
      [HKCU\Software\RegisteredApplications]
      [HKCU\Software\SkypeRS]
      [HKCU\Software\Softonic] =>Toolbar.Conduit
      [HKCU\Software\Symantec]
      [HKCU\Software\Synaptics]
      [HKCU\Software\TutoTag] =>PUP.AgenceExclusive
      [HKCU\Software\Wajam] =>PUP.Wajam
      [HKCU\Software\Wow6432Node]
      [HKCU\Software\ZebHelpProcess Helper]
      [HKCU\Software\buenosearch LTD] =>PUP.BuenoSearch
      [HKCU\Software\globalUpdate]
      [HKCU\Software\skype]
      [HKCU\Software\sysTPL]
      [HKCU\Software\systweak]
      [HKLM\Software\7-Zip]
      [HKLM\Software\ATI Technologies]
      [HKLM\Software\Apple Inc.]
      [HKLM\Software\Classes]
      [HKLM\Software\Clients]
      [HKLM\Software\CyberLink]
      [HKLM\Software\Hewlett-Packard]
      [HKLM\Software\Iminent] =>Adware.IMBooster
      [HKLM\Software\InstalledOptions]
      [HKLM\Software\Intel]
      [HKLM\Software\Khronos]
      [HKLM\Software\Macromedia]
      [HKLM\Software\MozillaPlugins]
      [HKLM\Software\Norton]
      [HKLM\Software\ODBC]
      [HKLM\Software\Policies]
      [HKLM\Software\RTLSetup]
      [HKLM\Software\Realtek]
      [HKLM\Software\RegisteredApplications]
      [HKLM\Software\SRS Labs]
      [HKLM\Software\Synaptics]
      [HKLM\Software\Wow6432Node\AVAST Software]
      [HKLM\Software\Wow6432Node\Adobe]
      [HKLM\Software\Wow6432Node\AppDataLow]
      [HKLM\Software\Wow6432Node\Apple Inc.]
      [HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
      [HKLM\Software\Wow6432Node\Caphyon]
      [HKLM\Software\Wow6432Node\Classes]
      [HKLM\Software\Wow6432Node\Clients]
      [HKLM\Software\Wow6432Node\CyberLink]
      [HKLM\Software\Wow6432Node\GlobalUpdate]
      [HKLM\Software\Wow6432Node\Google]
      [HKLM\Software\Wow6432Node\Hewlett-Packard]
      [HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
      [HKLM\Software\Wow6432Node\Insyde]
      [HKLM\Software\Wow6432Node\Intel]
      [HKLM\Software\Wow6432Node\Khronos]
      [HKLM\Software\Wow6432Node\Lake]
      [HKLM\Software\Wow6432Node\Licenses]
      [HKLM\Software\Wow6432Node\LogMeInRescueCallingCard]
      [HKLM\Software\Wow6432Node\Macromedia]
      [HKLM\Software\Wow6432Node\MozillaPlugins]
      [HKLM\Software\Wow6432Node\Mozilla]
      [HKLM\Software\Wow6432Node\Nuance]
      [HKLM\Software\Wow6432Node\ODBC]
      [HKLM\Software\Wow6432Node\Policies]
      [HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
      [HKLM\Software\Wow6432Node\Realtek]
      [HKLM\Software\Wow6432Node\RegisteredApplications]
      [HKLM\Software\Wow6432Node\RtWLan]
      [HKLM\Software\Wow6432Node\Software]
      [HKLM\Software\Wow6432Node\Symantec]
      [HKLM\Software\Wow6432Node\Tutorials] =>PUP.AgenceExclusive
      [HKLM\Software\Wow6432Node\WildTangent]
      [HKLM\Software\Wow6432Node\buenosearch LTD] =>PUP.BuenoSearch
      [HKLM\Software\Wow6432Node\fst]
      [HKLM\Software\Wow6432Node\systweak]
      [HKLM\Software\Wow6432Node]
      ~ Key Software: 249 Scanned in 00mn 00s



      ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
      O43 - CFD: 08/10/2013 - 21:27:39 - [] ----D C:\Program Files (x86)\Bonjour
      O43 - CFD: 21/06/2014 - 17:23:35 - [] ----D C:\Program Files (x86)\Boxore =>Adware.Boxore
      O43 - CFD: 04/06/2014 - 13:15:35 - [] ----D C:\Program Files (x86)\buenosearch LTD =>PUP.BuenoSearch
      O43 - CFD: 24/04/2014 - 20:07:32 - [] ----D C:\Program Files (x86)\Cisco
      O43 - CFD: 04/06/2014 - 17:02:29 - [] ----D C:\Program Files (x86)\Common Files
      O43 - CFD: 13/02/2014 - 14:45:12 - [] ----D C:\Program Files (x86)\CyberLink
      O43 - CFD: 26/06/2014 - 13:58:39 - [] ----D C:\Program Files (x86)\EZDownloader
      O43 - CFD: 18/04/2014 - 18:52:30 - [] ----D C:\Program Files (x86)\Farming Simulator 2013
      O43 - CFD: 05/06/2014 - 13:18:07 - [] ----D C:\Program Files (x86)\globalUpdate
      O43 - CFD: 24/04/2014 - 18:56:59 - [] ----D C:\Program Files (x86)\Hewlett-Packard
      O43 - CFD: 23/07/2013 - 21:51:41 - [] ----D C:\Program Files (x86)\HPConnectedMusic
      O43 - CFD: 04/06/2014 - 16:49:21 - [0] ----D C:\Program Files (x86)\IminentToolbar =>Adware.IMBooster
      O43 - CFD: 08/10/2013 - 21:54:35 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
      O43 - CFD: 08/10/2013 - 21:25:55 - [] ----D C:\Program Files (x86)\Intel
      O43 - CFD: 10/07/2014 - 21:32:59 - [] ----D C:\Program Files (x86)\Internet Explorer
      O43 - CFD: 23/07/2013 - 21:43:17 - [] ----D C:\Program Files (x86)\Microsoft Office
      O43 - CFD: 26/07/2014 - 12:42:36 - [] ----D C:\Program Files (x86)\Microsoft Silverlight
      O43 - CFD: 23/07/2013 - 21:47:38 - [] ----D C:\Program Files (x86)\Microsoft SkyDrive =>.Microsoft Corporation
      O43 - CFD: 23/07/2013 - 21:48:29 - [] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
      O43 - CFD: 27/04/2014 - 21:04:17 - [] ----D C:\Program Files (x86)\Microsoft.NET
      O43 - CFD: 04/06/2014 - 13:13:28 - [] ----D C:\Program Files (x86)\Mozilla Firefox
      O43 - CFD: 04/08/2012 - 00:37:58 - [] ----D C:\Program Files (x86)\MSBuild
      O43 - CFD: 10/12/2013 - 12:11:33 - [] R---D C:\Program Files (x86)\Online Services
      O43 - CFD: 04/06/2014 - 16:50:05 - [0] ----D C:\Program Files (x86)\predm
      O43 - CFD: 24/04/2014 - 20:06:50 - [] ----D C:\Program Files (x86)\Realtek
      O43 - CFD: 04/08/2012 - 00:37:58 - [] ----D C:\Program Files (x86)\Reference Assemblies
      O43 - CFD: 04/06/2014 - 13:12:38 - [] ----D C:\Program Files (x86)\Software
      O43 - CFD: 25/07/2014 - 13:04:12 - [0] ----D C:\Program Files (x86)\SW-Booster =>PUP.SafeWeb
      O43 - CFD: 08/10/2013 - 21:58:04 - [] ----D C:\Program Files (x86)\SymSilent
      O43 - CFD: 29/04/2014 - 20:44:55 - [] ----D C:\Program Files (x86)\sysTPL
      O43 - CFD: 08/10/2013 - 21:23:09 - [0] --H-D C:\Program Files (x86)\Temp
      O43 - CFD: 04/06/2014 - 13:16:28 - [] ----D C:\Program Files (x86)\Wajam =>PUP.Wajam
      O43 - CFD: 23/07/2013 - 22:01:30 - [] ----D C:\Program Files (x86)\WildGames
      O43 - CFD: 23/07/2013 - 22:02:05 - [] ----D C:\Program Files (x86)\WildTangent Games
      O43 - CFD: 01/06/2014 - 22:07:24 - [] ----D C:\Program Files (x86)\Windows Defender
      O43 - CFD: 23/07/2013 - 21:48:27 - [] ----D C:\Program Files (x86)\Windows Live
      O43 - CFD: 06/02/2014 - 14:55:47 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
      O43 - CFD: 06/02/2014 - 14:55:47 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
      O43 - CFD: 26/07/2012 - 10:13:01 - [] ----D C:\Program Files (x86)\Windows Multimedia Platform
      O43 - CFD: 26/07/2012 - 10:12:59 - [] ----D C:\Program Files (x86)\Windows NT
      O43 - CFD: 06/02/2014 - 14:55:46 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
      O43 - CFD: 26/07/2012 - 10:13:01 - [] ----D C:\Program Files (x86)\Windows Portable Devices
      O43 - CFD: 26/07/2012 - 10:12:59 - [] -SH-D C:\Program Files (x86)\Windows Sidebar
      O43 - CFD: 29/07/2014 - 17:43:48 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
      O43 - CFD: 13/02/2014 - 14:46:42 - [] ----D C:\Program Files (x86)\Common Files\CyberLink
      O43 - CFD: 08/10/2013 - 21:20:27 - [] ----D C:\Program Files (x86)\Common Files\InstallShield
      O43 - CFD: 08/10/2013 - 21:26:33 - [] ----D C:\Program Files (x86)\Common Files\Intel Corporation
      O43 - CFD: 27/04/2014 - 21:03:01 - [] ----D C:\Program Files (x86)\Common Files\Microsoft Shared
      O43 - CFD: 08/10/2013 - 21:55:28 - [] ----D C:\Program Files (x86)\Common Files\Nikon
      O43 - CFD: 08/10/2013 - 21:17:59 - [] ----D C:\Program Files (x86)\Common Files\postureAgent
      O43 - CFD: 26/07/2012 - 10:13:01 - [] ----D C:\Program Files (x86)\Common Files\Services
      O43 - CFD: 25/12/2013 - 18:46:55 - [0] ----D C:\Program Files (x86)\Common Files\Symantec Shared
      O43 - CFD: 06/02/2014 - 14:55:45 - [] ----D C:\Program Files (x86)\Common Files\System
      O43 - CFD: 23/07/2013 - 21:47:17 - [] ----D C:\Program Files (x86)\Common Files\Windows Live
      O43 - CFD: 08/10/2013 - 21:27:36 - [] ----D C:\ProgramData\Apple
      O43 - CFD: 26/07/2012 - 09:22:08 - [] -SH-D C:\ProgramData\Application Data
      O43 - CFD: 02/02/2014 - 13:09:47 - [] ----D C:\ProgramData\AVAST Software
      O43 - CFD: 26/06/2014 - 13:58:45 - [] ----D C:\ProgramData\BlueOcean
      O43 - CFD: 10/12/2013 - 09:57:50 - [] -SH-D C:\ProgramData\Bureau
      O43 - CFD: 07/01/2014 - 10:34:14 - [] ----D C:\ProgramData\CyberLink
      O43 - CFD: 26/07/2012 - 09:22:08 - [] -SH-D C:\ProgramData\Desktop
      O43 - CFD: 26/07/2012 - 09:22:08 - [] -SH-D C:\ProgramData\Documents
      O43 - CFD: 26/12/2013 - 12:31:18 - [] ----D C:\ProgramData\Hewlett-Packard
      O43 - CFD: 26/06/2014 - 13:58:45 - [] ----D C:\ProgramData\InstallMate =>PUP.Tarma
      O43 - CFD: 08/10/2013 - 21:54:35 - [] ----D C:\ProgramData\install_clap
      O43 - CFD: 08/10/2013 - 21:26:14 - [] ----D C:\ProgramData\Intel
      O43 - CFD: 10/12/2013 - 09:57:50 - [] -SH-D C:\ProgramData\Menu Démarrer
      O43 - CFD: 26/07/2014 - 12:43:59 - [] -S--D C:\ProgramData\Microsoft
      O43 - CFD: 27/04/2014 - 21:04:38 - [] ----D C:\ProgramData\Microsoft Help
      O43 - CFD: 23/07/2013 - 21:47:27 - [] ----D C:\ProgramData\Microsoft SkyDrive =>.Microsoft Corporation
      O43 - CFD: 10/12/2013 - 09:57:50 - [] -SH-D C:\ProgramData\Modèles
      O43 - CFD: 29/07/2014 - 15:56:38 - [] ----D C:\ProgramData\Norton
      O43 - CFD: 08/10/2013 - 21:56:19 - [] ----D C:\ProgramData\NortonInstaller
      O43 - CFD: 08/10/2013 - 21:28:52 - [] ----D C:\ProgramData\Package Cache
      O43 - CFD: 26/12/2013 - 14:15:00 - [] ----D C:\ProgramData\PRICache
      O43 - CFD: 27/04/2014 - 21:02:54 - [] ----D C:\ProgramData\regid.1991-06.com.microsoft
      O43 - CFD: 29/07/2014 - 10:34:03 - [] ----D C:\ProgramData\RogueKiller
      O43 - CFD: 26/07/2012 - 09:22:08 - [] -SH-D C:\ProgramData\Start Menu
      O43 - CFD: 08/10/2013 - 21:32:49 - [] ----D C:\ProgramData\Synaptics
      O43 - CFD: 08/10/2013 - 21:54:37 - [] ----D C:\ProgramData\Temp
      O43 - CFD: 26/07/2012 - 09:22:08 - [] -SH-D C:\ProgramData\Templates
      O43 - CFD: 23/07/2013 - 22:02:04 - [] ----D C:\ProgramData\WildTangent
      O43 - CFD: 23/07/2013 - 21:52:57 - [] ----D C:\ProgramData\{4A268D42-77A5-4E91-AE73-470ED3BD9CA8}
      O43 - CFD: 10/12/2013 - 12:11:35 - [] ----D C:\Users\karine\AppData\Roaming\Adobe
      O43 - CFD: 04/06/2014 - 13:16:08 - [0] ----D C:\Users\karine\AppData\Roaming\Advanced System Protector =>PUP.AdvancedSystemProtector
      O43 - CFD: 02/02/2014 - 13:12:17 - [] ----D C:\Users\karine\AppData\Roaming\AVAST Software
      O43 - CFD: 04/06/2014 - 13:15:43 - [] ----D C:\Users\karine\AppData\Roaming\BabSolution =>Hijacker.BabSolution
      O43 - CFD: 13/02/2014 - 20:30:35 - [] ----D C:\Users\karine\AppData\Roaming\CyberLink
      O43 - CFD: 26/06/2014 - 13:58:55 - [] ----D C:\Users\karine\AppData\Roaming\EZDownloader
      O43 - CFD: 10/12/2013 - 12:30:34 - [] ----D C:\Users\karine\AppData\Roaming\Hewlett-Packard
      O43 - CFD: 25/12/2013 - 01:29:39 - [] ----D C:\Users\karine\AppData\Roaming\hpqlog
      O43 - CFD: 10/12/2013 - 12:16:20 - [] ----D C:\Users\karine\AppData\Roaming\Macromedia
      O43 - CFD: 25/07/2014 - 11:54:03 - [] -S--D C:\Users\karine\AppData\Roaming\Microsoft
      O43 - CFD: 10/12/2013 - 12:10:23 - [] ----D C:\Users\karine\AppData\Roaming\Synaptics
      O43 - CFD: 04/06/2014 - 16:50:38 - [] ----D C:\Users\karine\AppData\Roaming\systweak
      O43 - CFD: 29/07/2014 - 15:52:45 - [0] ----D C:\Users\karine\AppData\Roaming\uTorrent =>P2P.µTorrent
      O43 - CFD: 10/12/2013 - 12:25:50 - [] ----D C:\Users\karine\AppData\Roaming\WildTangent
      O43 - CFD: 29/07/2014 - 17:54:10 - [] ----D C:\Users\karine\AppData\Roaming\ZHP =>.Nicolas Coolman
      O43 - CFD: 06/03/2014 - 09:29:20 - [0] ----D C:\Users\karine\AppData\Local\Adobe
      O43 - CFD: 10/12/2013 - 12:08:47 - [] -SH-D C:\Users\karine\AppData\Local\Application Data
      O43 - CFD: 06/04/2014 - 12:43:50 - [] ----D C:\Users\karine\AppData\Local\Apps
      O43 - CFD: 10/12/2013 - 12:13:29 - [] ----D C:\Users\karine\AppData\Local\CyberLink
      O43 - CFD: 11/07/2014 - 18:44:30 - [0] ----D C:\Users\karine\AppData\Local\Deployment
      O43 - CFD: 28/07/2014 - 21:42:47 - [] ----D C:\Users\karine\AppData\Local\Diagnostics
      O43 - CFD: 26/12/2013 - 13:45:57 - [] ----D C:\Users\karine\AppData\Local\Downloaded Installations
      O43 - CFD: 27/12/2013 - 16:43:51 - [] ----D C:\Users\karine\AppData\Local\Facebook
      O43 - CFD: 04/06/2014 - 13:13:12 - [] ----D C:\Users\karine\AppData\Local\globalUpdate
      O43 - CFD: 25/12/2013 - 01:29:35 - [] ----D C:\Users\karine\AppData\Local\Hewlett-Packard
      O43 - CFD: 10/12/2013 - 12:08:47 - [] -SH-D C:\Users\karine\AppData\Local\Historique
      O43 - CFD: 10/12/2013 - 12:31:03 - [0] ----D C:\Users\karine\AppData\Local\HP Quick Start
      O43 - CFD: 23/07/2014 - 10:01:09 - [] ----D C:\Users\karine\AppData\Local\HPConnectedMusic
      O43 - CFD: 26/12/2013 - 13:38:49 - [] ----D C:\Users\karine\AppData\Local\MediaServer
      O43 - CFD: 07/01/2014 - 10:35:20 - [0] ----D C:\Users\karine\AppData\Local\MediaShow
      O43 - CFD: 19/04/2014 - 22:44:38 - [] ----D C:\Users\karine\AppData\Local\Microsoft
      O43 - CFD: 27/04/2014 - 18:46:50 - [0] ----D C:\Users\karine\AppData\Local\Microsoft Help
      O43 - CFD: 26/12/2013 - 14:15:06 - [] ----D C:\Users\karine\AppData\Local\Packages
      O43 - CFD: 10/12/2013 - 12:10:34 - [] ----D C:\Users\karine\AppData\Local\Power2Go8
      O43 - CFD: 30/01/2014 - 19:24:18 - [] ----D C:\Users\karine\AppData\Local\Programs
      O43 - CFD: 04/06/2014 - 13:12:38 - [] ----D C:\Users\karine\AppData\Local\Software
      O43 - CFD: 29/07/2014 - 17:52:43 - [] ----D C:\Users\karine\AppData\Local\Temp
      O43 - CFD: 10/12/2013 - 12:08:47 - [] -SH-D C:\Users\karine\AppData\Local\Temporary Internet Files
      O43 - CFD: 10/12/2013 - 12:09:19 - [0] ----D C:\Users\karine\AppData\Local\VirtualStore
      O43 - CFD: 26/07/2012 - 10:13:00 - [] R---D C:\Users\karine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
      O43 - CFD: 26/07/2012 - 10:13:00 - [] R---D C:\Users\karine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
      O43 - CFD: 02/06/2014 - 08:10:19 - [] R---D C:\Users\karine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
      O43 - CFD: 26/07/2012 - 10:13:00 - [] ----D C:\Users\karine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
      O43 - CFD: 02/06/2014 - 08:10:19 - [] R---D C:\Users\karine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
      O43 - CFD: 24/07/2013 - 06:40:21 - [] R---D C:\Users\karine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
      ~ Program Folder: 128 Scanned in 00mn 00s



      ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
      O44 - LFC:[MD5.58CC013EFA9893057160EDA018D8ADCE] - 15/07/2014 - 23:51:05 ---A- . (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\Drivers\hdaudbus.sys [71168]
      O44 - LFC:[MD5.6F297C3AD5E0F188E9539D0F0F385941] - 19/07/2014 - 13:01:04 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [428688]
      O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 24/07/2014 - 13:47:42 ---A- . (...) -- C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt [0]
      O44 - LFC:[MD5.357CEBBCD99C8928A2D1A61A6CACC168] - 25/07/2014 - 11:27:23 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\Windows\avastSS.scr [43152]
      O44 - LFC:[MD5.A5757DE5F9C83AB40667A53D5126EA40] - 25/07/2014 - 11:27:24 ---A- . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\Drivers\aswRdr2.sys [93568]
      O44 - LFC:[MD5.D95E64416A4A3ED6986E0F474DA934BD] - 25/07/2014 - 11:27:25 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208]
      O44 - LFC:[MD5.645D97385F3F284FB5604F9B970F4D24] - 25/07/2014 - 11:27:25 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776]
      O44 - LFC:[MD5.471A311745848B80339436688A8286E6] - 25/07/2014 - 11:27:25 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [224896]
      O44 - LFC:[MD5.48DED912CDE54FC0923B9858512366E1] - 25/07/2014 - 11:27:25 ---A- . (.AVAST Software - Stream Filter.) -- C:\Windows\System32\Drivers\aswStm.sys [92008]
      O44 - LFC:[MD5.FF1E537A3632CBB9A0BF72B9FD0878D5] - 25/07/2014 - 11:27:25 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\Drivers\aswMonFlt.sys [79184]
      O44 - LFC:[MD5.B8FDEDE963B82CFD23B3A53A3084666D] - 25/07/2014 - 11:27:25 ---A- . (.AVAST Softw
      0
  20. lilidurhone Messages postés 800 Date d'inscription   Statut Contributeur sécurité Dernière intervention   3 818
     
    Tu as dû installer des logiciels potentiellement indésirables

    Pour éviter ce genre de problème :

    - Ne télécharge aucun programme proposé dans des publicités ou sur des sites suspects. A noter que certains sites connus comme Softronic, Tuto4PC, etc modifient parfois les programmes proposés au téléchargement pour y ajouter des logiciels publicitaires ==> Préfère toujours le téléchargement directement sur le site de l'éditeur.

    - Au cours de l'installation d'un programme gratuit, lis bien attentivement et décoche tous les programmes additionnels qui sont proposés, en particulier les barres d'outils.

    Pour ton information lis ces dossier sur les Programmes Potentiellement Indésirables et Les Barres d'Outils ce n'est pas obligatoires

    * Télécharge cet outil simple d'utilisation

    https://toolslib.net/downloads/viewdownload/1-adwcleaner/

    * Si problème avec le 1er lien prends le ici https://www.commentcamarche.net/telecharger/securite/2759-adwcleaner/

    * Lance le (Sous vista/seven/8 clic droit dessus,et sur exécuter en tant qu'administrateur)si tu es sous xp double cliques dessus

    * Cliques sur scanner
    * Poste le rapport de recherche C:\Adwcleaner[R]

    * Note le rapport de recherche est également sauvegardé sous C:\Adwcleaner[R1]

    * Héberge le rapport sur cjoint

    * Pour t'aider https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers

    0