Sujet Précédent Sujet Suivant

Clavier infecté par iSafeNetfilter.sys, YAC, trojan staser etc.

Résolu/Fermé
perepoule Messages postés 31 Date d'inscription vendredi 5 septembre 2014 Statut Membre Dernière intervention 23 octobre 2014 - 5 sept. 2014 à 12:14
billmaxime Messages postés 49927 Date d'inscription dimanche 20 novembre 2011 Statut Contributeur Dernière intervention 18 avril 2024 - 23 oct. 2014 à 19:20
Bonjour à tous !
Je me suis toujours débrouillé en vous lisant et je profite de cette occasion pour vous en remercier. Mais aujourd'hui, lire ne suffit plus !J'ai besoin de vos lumières concernant le vieil ordinateur portable de ma fille. La veille de partir pour faire ses études à Clermont, le lui propose de vérifier et de mettre à jour son ordi portable EasyNote de PackardBell... Embarrassée, elle m'avoue qu'elle ne l'a pas touché depuis quelques jours car il y a un problème avec son clavier : la barre d'espace ne répond plus, ni le n et certaines touches ont un comportement aléatoire... Je soupçonne immédiatement un virus et la questionne... Elle a en effet essayé de télécharger un programme de streamming... avec de nombreux cadeaux réjouissants à la clé : yac (Yet Another cleaner), sûrement fake, et l'installation l'Optimizer Pro à son insu. Depuis, le comportement de son clavier est très bizarre. Ayant quelque peu l'habitude de ce genre de maintenant auprès de mes enfants, je me suis attelé à la tâche dans la nuit, avant qu'elle ne parte le lendemain ! Après quatre heures de lutte, je jette l'éponge et m'en remets à vous. La difficulté, c'est que je n'ai plus l'ordi sous la main, mais j'ai téléchargé les principaux outils dont elle aura besoin pour une désinfection, ainsi que Timeviewer afin de la lui faire à distance...
Bref, avant d'abandonner la partie, j'ai quand même fait tourner Avast, ccleaner, Spybot, Hijackthis, ZHPDiag, AdwCleaner, Junkware Removal Tool, usbfix et Malewarebytes...
Voici les rapports que je veux vous soumettre afin de trouver une solution car le clavier du portable est toujours aussi erratique !

Première vague de scans :

1) JRT
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Louise on 04/09/2014 at 23:44:27,83
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2D789524-3F45-4AB5-BCA4-1F6EF90CD969}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{FD371860-A29F-40D9-B884-6EDB9501A1D8}
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"

~~~ Files

~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Louise\appdata\local\{014333A3-3365-42B0-B2E6-E318B4209EAB}
Successfully deleted: [Empty Folder] C:\Users\Louise\appdata\local\{134175DD-E36F-4BF4-9765-558908A8E8B4}
Successfully deleted: [Empty Folder] C:\Users\Louise\appdata\local\{36756C12-778C-4FDB-A018-ADA45011A695}
Successfully deleted: [Empty Folder] C:\Users\Louise\appdata\local\{983DFB71-B338-41B2-B5CD-3C18BCE06331}
Successfully deleted: [Empty Folder] C:\Users\Louise\appdata\local\{F2944D81-4CA3-4DCB-9617-86AC6AC6812C}

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04/09/2014 at 23:52:18,64
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

2) HIJACKTHIS

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 23:53:48, on 04/09/2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19553)

FIREFOX: 32.0 (x86 fr)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\conime.exe
C:\Windows\explorer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\Louise\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://fr.yahoo.com?fr=hp-avast&type=avastbcl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://fr.yahoo.com?fr=hp-avast&type=avastbcl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - (no file)
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Performance Optimizer (892cc6a3) - Unknown owner - C:\Windows\system32\rundll32.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe
O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe
O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: Windows Update (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
A voir également:

3 réponses

Réponse 1 / 3
perepoule Messages postés 31 Date d'inscription vendredi 5 septembre 2014 Statut Membre Dernière intervention 23 octobre 2014
5 sept. 2014 à 12:18
suite du message :

---\\ Informations complémentaires sur les modules
~ https://nicolascoolman.eu =>.Internet Explorer, Proxy Management (R5)
~ https://nicolascoolman.eu =>.Internet Explorer Toolbars (O3)
~ https://nicolascoolman.eu =>.Applications lancées au démarrage du système (O4)
~ https://nicolascoolman.eu =>.Clé de registre Shell MountPoints2 (MPKS) (O51)
~ AMI: 4 Legitimates Filtered in 00mn 00s

---\\ Récapitulatif des détections trouvées sur votre station
https://nicolascoolman.eu =>Trojan.Staser
https://nicolascoolman.eu =>PUP.AdPeak
https://nicolascoolman.eu =>Adware.IMBooster
https://nicolascoolman.eu =>PUP.Kiwee
https://nicolascoolman.eu =>Toolbar.Conduit
http://nicolascoolman.fr/28388393-adware-casino =>Adware.Casino
~ MSI: 6 link(s) detected in 00mn 00s

~ 758 Legitimates filtered by white list
End of the scan (485 lines in 04mn 07s)(0)



5) ZHPCleaner

~ ZHPCleaner v2014.9.4.109 by Nicolas Coolman (04/09/2014)
~ Run by Louise (Administrator) (05/09/2014 01:07:05)
~ WebSite : https://nicolascoolman.eu
~ Forum : https://nicolascoolman.eu
~ State version : Version à jour
~ Report : C:\Users\Louise\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Louise\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ Windows VISTA, 32-bit Service Pack 2 (Build 6002)

---\\ Restauration des paramètres proxy par défaut.
REMPLACÉ PARAMS: EnableHttp1_1 ( 1 )

---\\ Réparation des pages de démarrage et de recherche de Microsoft Internet Explorer.
REMPLACÉ PARAMS: SearchAssistant ( https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm )
REMPLACÉ PARAMS: Tabs ( about:newtab )

---\\ Réparation du fichier hôte.
~ Le fichier hôte est légitime. (15515)

---\\ Bilan de la réparation
~ Réparation réalisée avec succès
~ Ce navigateur est absent (Google Chrome)
~ Ce navigateur est absent (Opera Software)
~ Réparation annulée par l'utilisateur (Mozilla Firefox)

End of clean at 01:07:52
===================
ZHPCleaner-05092014-01_07_52.txt


Après avoir procédé également aux scans et suppressions proposées par Avast et Malewarebytes, j'ai reprocédé à des scans, que voici :


A) HIJACKTHIS

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 01:55:37, on 05/09/2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19553)

FIREFOX: 32.0 (x86 fr)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\Louise\Desktop\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - (no file)
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe
O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe
O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: Windows Update (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
0
Réponse 2 / 3
perepoule Messages postés 31 Date d'inscription vendredi 5 septembre 2014 Statut Membre Dernière intervention 23 octobre 2014
Modifié par perepoule le 5/09/2014 à 12:23
Suite du message précédent :

End of file - 19052 bytes


B) ADWCLEANER

# AdwCleaner v3.309 - Rapport créé le 05/09/2014 à 01:58:25
# Mis à jour le 02/09/2014 par Xplode
# Système d'exploitation : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Nom d'utilisateur : Louise - PC-DE-ARNAUD
# Exécuté depuis : C:\Users\Louise\Desktop\AdwCleaner-3.309.exe
# Option : Nettoyer

***** [ Services ] *****

***** [ Fichiers / Dossiers ] *****

***** [ Tâches planifiées ] *****

***** [ Raccourcis ] *****

***** [ Registre ] *****

***** [ Navigateurs ] *****

-\\ Internet Explorer v8.0.6001.19553

-\\ Mozilla Firefox v32.0 (x86 fr)

[ Fichier : C:\Users\Louise\AppData\Roaming\Mozilla\Firefox\Profiles\5712hegj.default\prefs.js ]

*************************

C) ZHPDIAG

~ Rapport de ZHPDiag v2014.9.2.128 - Nicolas Coolman (02/09/2014)
~ Lancé par Louise (05/09/2014 02:01:21)
~ Adresse du Site Web https://nicolascoolman.eu
~ Adresse du Forum https://nicolascoolman.eu
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program


---\\ Navigateurs Internet
MSIE: Internet Explorer v8.0.6001.19553
MFIE: Mozilla Firefox 32.0 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Vista (TM) Home Premium, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Windows Operating System - Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : MQ3CQ
Windows License : OK
Windows Automatic Updates : OK

---\\ Logiciels de protection du système
avast! Free Antivirus v9.0.2021
AVG 2011 v10.0.1500
Malwarebytes Anti-Malware version 2.0.2.1012
Spybot - Search & Destroy v2.4.40

---\\ Logiciels d'optimisation du système
CCleaner v4.17

---\\ Logiciels de partage PeerToPeer
eMule
µTorrent v3.1.3 =>P2P.µTorrent

---\\ Surveillance de Logiciels
Adobe Flash Player 14 Plugin
Adobe Reader X
Java 7 Update 11

---\\ Informations sur le système
~ Processor: x86 Family 15 Model 104 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2686 MB (63% free)
System Restore: Activé (Enable)
System drive C: has 66 GB (66%) free of 99 GB

---\\ Mode de connexion au système
~ Computer Name: PC-DE-ARNAUD
~ User Name: Louise
~ All Users Names: Louise, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Louise\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Louise\AppData\Roaming\
~ %Desktop% : C:\Users\Louise\Desktop\
~ %Favorites% : C:\Users\Louise\Favorites\
~ %LocalAppData% : C:\Users\Louise\AppData\Local\
~ %StartMenu% : C:\Users\Louise\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 66 Go of 99 Go)
D: CD-ROM drive (Not Inserted)
E: Hard drive, Flash drive, Thumb drive (Free 124 Go of 124 Go)


---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 50 Scanned in 00mn 00s


---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:23:42.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.2CC0A40E2CD6EB4C382DDA65185150E3] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.24/07/2014 - 22:33:41.) -- C:\Windows\System32\wininet.dll [916992]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.F5272A105F59A7B3B345D9D6D87DA7AD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:53:22.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:23:20.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:24:25.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:24:55.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:23:01.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 00s

---\\ Etat des fichiers cachés (Caché/Total)
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 0/0
~ Mes Favoris (My Favorites) : 1/5
~ Mes Documents (My Documents) : 1/2
~ Mon Bureau (My Desktop) : 2/28
~ Menu demarrer (Programs) : 1/29
~ Hidden Files: Scanned in 00mn 00s

---\\ Processus lancés
[MD5.26B558B2D31C7425B455B00E562EAD93] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe [4085896] [PID.984]
[MD5.7EE68A122ED08E4AAD8DA551E34D2515] - (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576] [PID.1028]
[MD5.47F0A9B97788061552DD5CCB31892127] - (.Logitech Inc. - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [67128] [PID.1032]
[MD5.14E4CC4D46169759D874F57604EA6BE5] - (.Logitech Inc. - Logitech Video COM Service.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [186904] [PID.2240]
[MD5.636DB59138F205B59FF0537A0A9E0FEF] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8102400] [PID.3100]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.1712]
[MD5.702F6D03C671DA99C282D8DF32FE559E] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\Windows\system32\Ati2evxx.exe [602112] [PID.1016]
[MD5.B2D04E813BA12AB179DAF0B9FDECBA3D] - (.Logitech Inc. - Logitech LVPrcSrv Module..) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [137752] [PID.1124]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1268]
[MD5.73F5C13B431915BAE35254B4E95DFB71] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1724]
[MD5.D19C4EE2AC7C47B8F5F84FFF1A789D8A] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [63960] [PID.2188]
[MD5.875E4E0661F3A5994DF9E5E3A0A4F96B] - (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) -- C:\Windows\system32\IoctlSvc.exe [81920] [PID.2304]
[MD5.D777F1417D9BB9F66CD9D9C3B61F730F] - (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168] [PID.2348]
[MD5.68D6C7F99BC73B88954D844FCCBEB2A0] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408] [PID.2608]
[MD5.050A4112B00BCA2E13314CDE48C1DEEE] - (.Skype Technologies - Skype Updater Service.) -- C:\Program Files\Skype\Updater\Updater.exe [315008] [PID.2684]
[MD5.1CE05B4E46CDFA9E92A4AB8FCEA1B886] - (.Syntek America Inc. - Syntek Hardware Snapshot Launch Application.) -- C:\Windows\System32\StkCSrv.exe [24576] [PID.2712]
[MD5.5CEF407E235885DB5421DF79C843F2DF] - (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [5052224] [PID.2744]
[MD5.9B9B368A8FF5CAF91D7A333CF62CD2CC] - (.Safer-Networking Ltd. - Windows Security Center integration..) -- C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928] [PID.2928]
~ Processes Running: Scanned in 00mn 02s

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M0 - MFSP: prefs.js [Louise - 5712hegj.default] https://www.google.fr/?gws_rd=ssl
M2 - MFEP: Extension [Louise - 5712hegj.default] {dc572301-7619-498c-a57d-39143191b318}
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll
P2 - FPN: [HKLM] [@divx.com/DivX Player Plugin,version=1.0.0] - (...) -- C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (.not file.)
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.11.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.11.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30514.0.) -- C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.7] - (.VideoLAN - VLC media player Web Plugin 2.0.6.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.4.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
~ Firefox Browser: 11 Scanned in 00mn 00s


---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = https://www.google.com/?gws_rd=ssl
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = https://www.google.com/?gws_rd=ssl
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1
~ IE Browser: 11 Scanned in 00mn 00s


---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s


---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s


---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (15515)
~ Hosts File: Scanned in 00mn 16s


---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{A057A204-BACC-4D26-9990-79A187E2698E} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
~ Toolbar: Scanned in 00mn 00s

---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Run: [SDTray] . (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] . (.Safer-Networking Ltd. - Search results cleaner.) -- C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-21-3001566974-991301203-945118859-1001\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3001566974-991301203-945118859-1001\..\Run: [Spybot-S&D Cleaning] . (.Safer-Networking Ltd. - Search results cleaner.) -- C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe
~ Application: Scanned in 00mn 00s

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s

---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 6 Scanned in 00mn 00s

---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Objets ActiveX: Scanned in 00mn 00s

---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{820CE204-D3E2-4565-9AF8-AAB14E50261B}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{B32E1C16-4AB1-4A8F-82E0-3E251BE99886}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{820CE204-D3E2-4565-9AF8-AAB14E50261B}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{B32E1C16-4AB1-4A8F-82E0-3E251BE99886}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{820CE204-D3E2-4565-9AF8-AAB14E50261B}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{B32E1C16-4AB1-4A8F-82E0-3E251BE99886}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{820CE204-D3E2-4565-9AF8-AAB14E50261B}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{B32E1C16-4AB1-4A8F-82E0-3E251BE99886}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s

---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: SDWinLogon . (...) -- SDWinLogon.dll
~ Winlogon: Scanned in 00mn 00s

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
~ SSODL: 1 Scanned in 00mn 00s

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s

---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: LVCOMSer (LVCOMSer) . (.Logitech Inc. - Logitech Video COM Service.) - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) . (.Logitech Inc. - Logitech LVPrcSrv Module..) - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher (LVSrvLauncher) . (.Logitech Inc. - LogitechService Launcher.) - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: PLFlash DeviceIoControl Service (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd. - Windows Security Center integration..) - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) . (.Syntek America Inc. - Syntek Hardware Snapshot Launch Application.) - C:\Windows\System32\StkCSrv.exe
O23 - Service: TeamViewer 9 (TeamViewer9) . (.TeamViewer GmbH - TeamViewer 9.) - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
~ Services: 13 Scanned in 00mn 08s


---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Windows\Web\Wallpaper\img27.jpg
O24 - Desktop General: WallPaper - .(...) - C:\Windows\Web\Wallpaper\img27.jpg
~ Desktop Component: 4 Scanned in 00mn 00s

---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sdnclean.exe) - File not found
~ BEX: 2 Scanned in 00mn 00s


---\\ Tâches planifiées en automatique (O39)
[MD5.A6B6AB9502B63F43A9A56AE6AFB22078] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [262320]
[MD5.1AD8512A5C40AD1A0558498D8E0AC2AA] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [808448]
[MD5.816B4925CC73512A2DEBF625DABCCAB6] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [4796696]
[MD5.9CCE733E5262FB92C2331E8578512B49] [APT] [Check for updates (Spybot - Search & Destroy)] (.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe [4747720]
[MD5.48FAE038F51676A795CEFAD780448D94] [APT] [Refresh immunization (Spybot - Search & Destroy)] (.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe [4460472]
[MD5.280C014187E24860A7C860329513208F] [APT] [Scan the system (Spybot - Search & Destroy)] (.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe [4818848]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: Check for updates (Spybot - Search & Destroy) - (.Safer-Networking Ltd..) -- C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job [644]
O39 - APT: Check for updates (Spybot - Search & Destroy) - (.Safer-Networking Ltd..) -- C:\Windows\System32\Tasks\Check for updates (Spybot - Search & Destroy) [644]
O39 - APT: Refresh immunization (Spybot - Search & Destroy) - (.Safer-Networking Ltd..) -- C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job [616]
O39 - APT: Refresh immunization (Spybot - Search & Destroy) - (.Safer-Networking Ltd..) -- C:\Windows\System32\Tasks\Refresh immunization (Spybot - Search & Destroy) [616]
O39 - APT: Scan the system (Spybot - Search & Destroy) - (.Safer-Networking Ltd..) -- C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job [446]
O39 - APT: Scan the system (Spybot - Search & Destroy) - (.Safer-Networking Ltd..) -- C:\Windows\System32\Tasks\Scan the system (Spybot - Search & Destroy) [446]
O39 - APT: - (..) -- C:\Windows\Tasks\User_Feed_Synchronization-{CEFE175A-A22E-49E6-9AE8-4185D6A80858}.job [458]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\User_Feed_Synchronization-{CEFE175A-A22E-49E6-9AE8-4185D6A80858} [458]
~ Scheduled Task: 13 Scanned in 00mn 04s


---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Adobe Shockwave Director 10.3 - {233C1507-6A77-46A4-9443-F871F945D258} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\Windows\System32\Macromed\Director\SwDir.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Shockwave Flash Object - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 14.0 r0.) -- C:\Windows\system32\Macromed\Flash\Flash32_14_0_0_145.ocx
~ Active Setup: 13 Scanned in 00mn 00s


---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! TDI Redirect Driver.) - C:\Windows\system32\drivers\aswRdr.sys
O41 - Driver: (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\Windows\system32\drivers\aswSnx.sys
O41 - Driver: (aswSP) . (.AVAST Software - avast! self protection module.) - C:\Windows\system32\drivers\aswSP.sys
O41 - Driver: (aswTdi) . (.AVAST Software - avast! TDI Filter Driver.) - C:\Windows\system32\drivers\aswTdi.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (iSafeNetFilter) . (. - .) - C:\Program Files\iSafe\iSafeNetFilter.sys (.not file.) =>Trojan.Staser
~ Drivers: 92 Scanned in 00mn 00s


---\\ Logiciels installés (O42)
O42 - Logiciel: AVG 2011 - (.AVG Technologies.) [HKLM] -- {B3AEF776-7FFF-4C50-A402-9119E3849EE0}
O42 - Logiciel: AVG 2011 - (.AVG Technologies.) [HKLM] -- {D4E53304-1F6C-4111-9872-1BCD2CF5B642}
O42 - Logiciel: Adobe Flash Player 14 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 14 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Photoshop CS - (.Adobe Systems, Inc..) [HKLM] -- {EFB21DE7-8C19-4A88-BB28-A766E16493BC} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Reader X (10.1.4) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Adobe Shockwave Player - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: EaseUS Partition Master 9.2.1 Home Edition - (.EaseUS.) [HKLM] -- EaseUS Partition Master Home Edition_is1
O42 - Logiciel: EasyBCD 2.2 - (.NeoSmart Technologies.) [HKLM] -- EasyBCD
O42 - Logiciel: HDReg France - (.Acxiom.) [HKLM] -- {0ED40D2A-7131-4FE7-941E-5C329336F712}
O42 - Logiciel: Java 7 Update 11 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217007FF}
O42 - Logiciel: Java(TM) 6 Update 24 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216020FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: Kubuntu - (.Kubuntu.) [HKLM] -- Wubi
O42 - Logiciel: Logiciel d'archivage WinRAR - (...) [HKLM] -- WinRAR archiver
O42 - Logiciel: Logitech Desktop Messenger - (.Logitech, Inc..) [HKLM] -- {900B1197-53F5-4F46-A882-2CFFFE2EEDCB}
O42 - Logiciel: Logitech QuickCam - (.Logitech Inc..) [HKLM] -- {364EC092-93CF-4DDC-9D7A-7278452028E0}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM] -- {C04E32E0-0416-434D-AFB9-6969D703A9EF}
O42 - Logiciel: MSXML 4.0 SP2 (KB941833) - (.Microsoft Corporation.) [HKLM] -- {C523D256-313D-4866-B36A-F3DE528246EF}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: MVision - (.Logitech Inc..) [HKLM] -- {35725FBC-A136-4A46-9F29-091759D9BB93}
O42 - Logiciel: Malwarebytes Anti-Malware version 2.0.2.1012 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Mozilla Firefox 32.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 32.0 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: OpenOffice.org 3.2 - (.OpenOffice.org.) [HKLM] -- {266517E6-D866-439D-919C-B8B1A52E6080}
O42 - Logiciel: PhotoFiltre 7 - (...) [HKCU] -- PhotoFiltre 7
O42 - Logiciel: Programme de gestion Camera de Logitech® - (...) [HKLM] -- QcDrv
O42 - Logiciel: RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 - (...) [HKLM] -- {59F6A514-9813-47A3-948C-8A155460CC2A}
O42 - Logiciel: Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista - (.Realtek.) [HKLM] -- {AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}
O42 - Logiciel: Revo Uninstaller 1.95 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}
O42 - Logiciel: Skype(TM) 6.16 - (.Skype Technologies S.A..) [HKLM] -- {7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}
O42 - Logiciel: Spybot - Search & Destroy - (.Safer-Networking Ltd..) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: TeamViewer 9 - (.TeamViewer.) [HKLM] -- TeamViewer 9
O42 - Logiciel: USB2.0 UVC VGA WebCam - (...) [HKLM] -- USB2.0 UVC VGA WebCam
O42 - Logiciel: VCRedistSetup - (.Nero AG.) [HKLM] -- {3921A67A-5AB1-4E48-9444-C71814CF3027}
O42 - Logiciel: VLC media player 2.0.7 - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: avast! Free Antivirus v9.0.2021 - (.AVAST Software.) [HKLM] -- avast
O42 - Logiciel: eMule - (...) [HKLM] -- eMule
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
O42 - Logiciel: µTorrent - (...) [HKLM] -- uTorrent =>P2P.µTorrent
~ Logic: 38 Scanned in 00mn 00s


---\\ HKCU & HKLM Software Keys
[HKCU\Software\ABBYY]
[HKCU\Software\ATI Technologies Inc.]
[HKCU\Software\ATI]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Avg]
[HKCU\Software\AppDataLow\Software\AVG]
[HKCU\Software\AppDataLow\Software\DivX]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow]
[HKCU\Software\Avg]
[HKCU\Software\BitTorrent] =>P2P.BitTorrent
[HKCU\Software\Carbonite]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DT Soft]
[HKCU\Software\DivXNetworks]
[HKCU\Software\DolphinFutures]
[HKCU\Software\EaseUS]
[HKCU\Software\EpmNewsInfo]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lexmark 6500 Series]
[HKCU\Software\Loaris]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Logitech]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Mozilla]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\PTP]
[HKCU\Software\Paint.NET]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Skype]
[HKCU\Software\Software]
[HKCU\Software\Symantec]
[HKCU\Software\Synaptics]
[HKCU\Software\Sysinternals]
[HKCU\Software\TeamViewer]
[HKCU\Software\Titan Poker]
[HKCU\Software\Trolltech]
[HKCU\Software\UsbFix]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VSRevoGroup]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\eMule]
[HKCU\Software\ej-technologies]
[HKLM\Software\ABBYY]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\AVAST Software]
[HKLM\Software\AVG]
[HKLM\Software\Adobe Systems]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Audible]
[HKLM\Software\BackWeb]
[HKLM\Software\Bunndle]
[HKLM\Software\CDDB]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\DT Soft]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\EASEUS]
[HKLM\Software\EasyBits]
[HKLM\Software\EnigmaSoftwareGroup]
[HKLM\Software\FRANCE TELECOM]
[HKLM\Software\Filseclab]
[HKLM\Software\Google]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\IM Providers]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Licenses]
[HKLM\Software\Logitech]
[HKLM\Software\Macromedia]
[HKLM\Software\Macrovision]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\McAfee.com]
[HKLM\Software\Micro Application]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NeoSmart Technologies]
[HKLM\Software\NeroDigital]
[HKLM\Software\ODBC]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\PACKARD BELL]
[HKLM\Software\PB_EBAY] =>Toolbar.eBay
[HKLM\Software\PB_FIRSTCHOICE]
[HKLM\Software\PB_KODAK]
[HKLM\Software\PB_METABOLI]
[HKLM\Software\PBreg]
[HKLM\Software\PTECH]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Python]
[HKLM\Software\RTLSetup]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Skype]
[HKLM\Software\SoftArc Inc.]
[HKLM\Software\Sonic]
[HKLM\Software\Sun Microsystems]
[HKLM\Software\SymDebug]
[HKLM\Software\Symantec]
[HKLM\Software\Synaptics]
[HKLM\Software\TeamViewer]
[HKLM\Software\Titan Poker]
[HKLM\Software\TrendMicro]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\WOW6432Node]
[HKLM\Software\Waves Audio]
[HKLM\Software\WholeSecurity]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows]
[HKLM\Software\mozilla.org]
~ Key Software: 219 Scanned in 00mn 00s


---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 27/07/2014 - 22:38:19 - [0] ----D C:\Program Files\005 =>PUP.AdPeak
O43 - CFD: 26/10/2012 - 19:37:38 - [] ----D C:\Program Files\Adobe
O43 - CFD: 25/01/2013 - 16:44:43 - [0] ----D C:\Program Files\Amazon
O43 - CFD: 13/06/2008 - 10:19:56 - [] ----D C:\Program Files\ATI
O43 - CFD: 13/06/2008 - 10:25:28 - [] ----D C:\Program Files\ATI Technologies
O43 - CFD: 22/05/2011 - 18:19:06 - [] ----D C:\Program Files\AVAST Software
O43 - CFD: 22/05/2011 - 18:05:49 - [0] ----D C:\Program Files\AVG
O43 - CFD: 04/09/2014 - 22:30:14 - [] ----D C:\Program Files\CCleaner
O43 - CFD: 04/09/2014 - 23:23:23 - [] ----D C:\Program Files\Common Files
O43 - CFD: 26/01/2013 - 00:43:32 - [] ----D C:\Program Files\DivX
O43 - CFD: 26/01/2013 - 09:23:46 - [] ----D C:\Program Files\EaseUS
O43 - CFD: 29/01/2012 - 20:17:45 - [] ----D C:\Program Files\eMule
O43 - CFD: 22/05/2011 - 15:04:24 - [] ----D C:\Program Files\Enigma Software Group
O43 - CFD: 25/07/2014 - 05:09:19 - [] ----D C:\Program Files\FirstClass
O43 - CFD: 19/07/2014 - 23:32:25 - [] ----D C:\Program Files\Google
O43 - CFD: 13/06/2008 - 10:33:36 - [] ----D C:\Program Files\HDReg
O43 - CFD: 25/07/2014 - 18:39:46 - [] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 13/08/2014 - 09:24:14 - [] ----D C:\Program Files\Internet Explorer
O43 - CFD: 25/01/2013 - 17:02:48 - [] ----D C:\Program Files\Java
O43 - CFD: 25/10/2010 - 19:48:54 - [] ----D C:\Program Files\JRE
O43 - CFD: 22/05/2011 - 15:06:05 - [] ----D C:\Program Files\Loaris
O43 - CFD: 04/10/2008 - 20:56:48 - [] ----D C:\Program Files\Logitech
O43 - CFD: 04/09/2014 - 21:33:50 - [] ----D C:\Program Files\Malwarebytes Anti-Malware
O43 - CFD: 04/09/2014 - 21:33:44 - [0] ----D C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 22/05/2011 - 12:43:27 - [0] ----D C:\Program Files\Microsoft
O43 - CFD: 02/11/2006 - 14:37:34 - [] ----D C:\Program Files\Microsoft Games
O43 - CFD: 25/01/2013 - 17:10:34 - [] ----D C:\Program Files\Microsoft Office
O43 - CFD: 24/07/2014 - 23:51:22 - [] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 15/03/2009 - 21:13:21 - [] ----D C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 22/05/2011 - 17:11:57 - [] ----D C:\Program Files\Microsoft Visual Studio
O43 - CFD: 22/05/2011 - 17:06:34 - [] ----D C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 22/05/2011 - 20:13:35 - [] ----D C:\Program Files\Microsoft Works
O43 - CFD: 22/05/2011 - 17:10:42 - [] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 11/09/2010 - 19:55:25 - [] ----D C:\Program Files\Movie Maker
O43 - CFD: 04/09/2014 - 21:58:37 - [] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 04/09/2014 - 21:58:43 - [] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 22/05/2011 - 17:12:40 - [] ----D C:\Program Files\MSBuild
O43 - CFD: 01/07/2014 - 15:31:43 - [] ----D C:\Program Files\NeoSmart Technologies
O43 - CFD: 11/09/2010 - 19:30:54 - [0] ----D C:\Program Files\Nero
O43 - CFD: 25/10/2010 - 19:48:52 - [] ----D C:\Program Files\OpenOffice.org 3
O43 - CFD: 25/01/2013 - 16:22:49 - [] ----D C:\Program Files\Packard Bell
O43 - CFD: 22/05/2011 - 12:49:45 - [0] ----D C:\Program Files\Paint.NET
O43 - CFD: 07/07/2014 - 14:15:33 - [] ----D C:\Program Files\PhotoFiltre 7
O43 - CFD: 25/01/2013 - 18:58:45 - [] ----D C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 14:37:34 - [] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 13/06/2008 - 10:34:14 - [] ----D C:\Program Files\Seagate
O43 - CFD: 02/07/2014 - 21:20:33 - [] R---D C:\Program Files\Skype
O43 - CFD: 04/09/2014 - 22:23:04 - [] ----D C:\Program Files\Spybot - Search & Destroy 2
O43 - CFD: 13/06/2008 - 10:21:06 - [] ----D C:\Program Files\Synaptics
O43 - CFD: 05/09/2014 - 01:15:54 - [] ----D C:\Program Files\TeamViewer
O43 - CFD: 25/01/2013 - 18:57:41 - [0] --H-D C:\Program Files\Temp
O43 - CFD: 18/04/2012 - 21:06:27 - [] ----D C:\Program Files\uTorrent =>P2P.µTorrent
O43 - CFD: 19/11/2008 - 21:38:46 - [] ----D C:\Program Files\VideoLAN
O43 - CFD: 25/01/2013 - 16:11:23 - [] ----D C:\Program Files\VS Revo Group
O43 - CFD: 25/01/2013 - 17:16:01 - [0] ----D C:\Program Files\Winamp
O43 - CFD: 07/03/2010 - 16:20:05 - [] ----D C:\Program Files\Windows Calendar
O43 - CFD: 07/03/2010 - 16:20:01 - [] ----D C:\Program Files\Windows Collaboration
O43 - CFD: 07/03/2010 - 16:19:51 - [] ----D C:\Program Files\Windows Defender
O43 - CFD: 10/07/2014 - 12:23:26 - [] ----D C:\Program Files\Windows Journal
O43 - CFD: 26/01/2013 - 00:23:48 - [] ----D C:\Program Files\Windows Live
O43 - CFD: 28/04/2012 - 12:43:46 - [] ----D C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 25/10/2010 - 11:45:12 - [] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 11/09/2010 - 19:18:56 - [] ----D C:\Program Files\Windows NT
O43 - CFD: 07/03/2010 - 16:19:57 - [] ----D C:\Program Files\Windows Photo Gallery
O43 - CFD: 16/04/2010 - 23:44:46 - [] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 07/03/2010 - 16:20:01 - [] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 05/12/2009 - 19:34:05 - [] ----D C:\Program Files\WinRAR
O43 - CFD: 05/09/2014 - 00:29:18 - [] ----D C:\Program Files\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 26/10/2012 - 19:38:09 - [] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 22/05/2011 - 18:54:54 - [] ----D C:\Program Files\Common Files\Adobe Systems Shared
O43 - CFD: 01/07/2014 - 14:09:48 - [] ----D C:\Program Files\Common Files\DESIGNER
O43 - CFD: 04/10/2008 - 15:41:30 - [] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 13/10/2012 - 15:19:46 - [] ----D C:\Program Files\Common Files\Java
O43 - CFD: 04/10/2008 - 20:53:46 - [] ----D C:\Program Files\Common Files\LogiShrd
O43 - CFD: 13/06/2008 - 10:39:21 - [] ----D C:\Program Files\Common Files\Macrovision Shared
O43 - CFD: 19/02/2012 - 00:54:05 - [] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 06/09/2009 - 00:08:28 - [] ----D C:\Program Files\Common Files\PX Storage Engine
O43 - CFD: 02/11/2006 - 13:18:33 - [] ----D C:\Program Files\Common Files\Services
O43 - CFD: 02/07/2014 - 21:20:33 - [] ----D C:\Program Files\Common Files\Skype
O43 - CFD: 02/11/2006 - 13:18:33 - [] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 15/03/2009 - 21:59:16 - [] ----D C:\Program Files\Common Files\Symantec Shared
O43 - CFD: 13/07/2012 - 17:37:30 - [] ----D C:\Program Files\Common Files\System
O43 - CFD: 15/03/2009 - 21:00:16 - [] ----D C:\Program Files\Common Files\Windows Live
O43 - CFD: 11/09/2010 - 19:18:52 - [] -SH-D C:\Program Files\Common Files\WindowsLiveInstaller
O43 - CFD: 22/05/2011 - 15:03:30 - [] ----D C:\Program Files\Common Files\Wise Installation Wizard
O43 - CFD: 05/08/2014 - 16:12:25 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 02/11/2006 - 15:02:03 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 16/12/2013 - 10:42:49 - [] ----D C:\ProgramData\AVAST Software
O43 - CFD: 19/02/2011 - 19:26:28 - [] ----D C:\ProgramData\AVG10
O43 - CFD: 19/02/2011 - 19:13:59 - [] ----D C:\ProgramData\avg8
O43 - CFD: 04/10/2008 - 14:09:36 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 19/02/2011 - 19:25:58 - [] --H-D C:\ProgramData\Common Files
O43 - CFD: 22/05/2011 - 14:40:38 - [] ----D C:\ProgramData\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 02/11/2006 - 15:02:03 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 26/01/2013 - 00:36:28 - [] ----D C:\ProgramData\DivX
O43 - CFD: 02/11/2006 - 15:02:03 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 29/01/2012 - 20:17:59 - [] ----D C:\ProgramData\eMule
O43 - CFD: 04/10/2008 - 14:09:36 - [] -SH-D C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 15:02:03 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 07/10/2008 - 20:26:23 - [] ----D C:\ProgramData\FLEXnet
O43 - CFD: 22/05/2011 - 13:34:30 - [] ----D C:\ProgramData\Google
O43 - CFD: 04/10/2008 - 20:52:00 - [] ----D C:\ProgramData\LogiShrd
O43 - CFD: 04/10/2008 - 20:51:56 - [] ----D C:\ProgramData\Logitech
O43 - CFD: 21/05/2010 - 19:45:59 - [] ----D C:\ProgramData\Lx_cats
O43 - CFD: 22/05/2011 - 18:55:06 - [] ----D C:\ProgramData\Macrovision
O43 - CFD: 04/09/2014 - 21:33:44 - [] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 23/05/2010 - 00:28:59 - [] ----D C:\ProgramData\McAfee
O43 - CFD: 04/10/2008 - 14:09:36 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 22/05/2011 - 18:02:43 - [] ----D C:\ProgramData\MFAData
O43 - CFD: 04/09/2014 - 22:18:57 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 12/08/2014 - 22:33:47 - [] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 04/10/2008 - 14:09:36 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 31/05/2012 - 09:37:11 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 05/09/2014 - 01:40:52 - [0] ----D C:\ProgramData\Performance Optimizer =>PUP.PerformanceOptimizer
O43 - CFD: 02/07/2014 - 21:20:29 - [] ----D C:\ProgramData\Skype
O43 - CFD: 04/09/2014 - 23:23:23 - [] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 02/11/2006 - 15:02:03 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 25/10/2010 - 19:48:21 - [] ----D C:\ProgramData\Sun
O43 - CFD: 15/03/2009 - 21:57:24 - [] ----D C:\ProgramData\Symantec
O43 - CFD: 29/07/2014 - 00:23:01 - [] ---AD C:\ProgramData\Temp
O43 - CFD: 02/11/2006 - 15:02:04 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 21/01/2013 - 19:49:23 - [] ----D C:\ProgramData\WindowsSearch
O43 - CFD: 05/10/2008 - 20:17:57 - [] ----D C:\ProgramData\WLInstaller
O43 - CFD: 11/10/2008 - 12:06:59 - [] ----D C:\Users\Louise\AppData\Roaming\6500 Series
O43 - CFD: 05/08/2014 - 16:12:25 - [] ----D C:\Users\Louise\AppData\Roaming\Adobe
O43 - CFD: 25/01/2013 - 16:44:43 - [0] ----D C:\Users\Louise\AppData\Roaming\Amazon
O43 - CFD: 11/10/2008 - 12:07:18 - [] ----D C:\Users\Louise\AppData\Roaming\ATI
O43 - CFD: 16/12/2013 - 11:23:13 - [] ----D C:\Users\Louise\AppData\Roaming\AVAST Software
O43 - CFD: 19/02/2011 - 19:26:45 - [] ----D C:\Users\Louise\AppData\Roaming\AVG10
O43 - CFD: 04/09/2014 - 23:40:07 - [] ----D C:\Users\Louise\AppData\Roaming\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 30/04/2011 - 23:56:09 - [] ----D C:\Users\Louise\AppData\Roaming\DivX
O43 - CFD: 12/01/2013 - 21:28:06 - [] ----D C:\Users\Louise\AppData\Roaming\dvdcss
O43 - CFD: 25/01/2013 - 16:20:26 - [] ----D C:\Users\Louise\AppData\Roaming\Google
O43 - CFD: 11/10/2008 - 12:05:48 - [] ----D C:\Users\Louise\AppData\Roaming\Identities
O43 - CFD: 25/01/2013 - 18:58:06 - [] ----D C:\Users\Louise\AppData\Roaming\InstallShield
O43 - CFD: 08/05/2010 - 19:17:22 - [] ----D C:\Users\Louise\AppData\Roaming\Lexmark Productivity Studio
O43 - CFD: 11/10/2008 - 12:10:08 - [] ----D C:\Users\Louise\AppData\Roaming\Macromedia
O43 - CFD: 04/09/2014 - 21:33:53 - [0] ----D C:\Users\Louise\AppData\Roaming\Malwarebytes
O43 - CFD: 02/11/2006 - 14:37:34 - [0] ----D C:\Users\Louise\AppData\Roaming\Media Center Programs
O43 - CFD: 25/01/2013 - 19:21:43 - [] -S--D C:\Users\Louise\AppData\Roaming\Microsoft
O43 - CFD: 19/01/2014 - 12:20:03 - [] ----D C:\Users\Louise\AppData\Roaming\Mozilla
O43 - CFD: 25/10/2010 - 19:51:41 - [] ----D C:\Users\Louise\AppData\Roaming\OpenOffice.org
O43 - CFD: 07/07/2014 - 14:35:32 - [] ----D C:\Users\Louise\AppData\Roaming\PhotoFiltre 7
O43 - CFD: 12/08/2014 - 22:19:25 - [] ----D C:\Users\Louise\AppData\Roaming\Skype
O43 - CFD: 11/09/2010 - 20:22:50 - [] ----D C:\Users\Louise\AppData\Roaming\skypePM
O43 - CFD: 11/10/2008 - 12:06:37 - [] ----D C:\Users\Louise\AppData\Roaming\Symantec
O43 - CFD: 05/09/2014 - 01:16:09 - [] ----D C:\Users\Louise\AppData\Roaming\TeamViewer
O43 - CFD: 25/01/2013 - 17:13:31 - [] ----D C:\Users\Louise\AppData\Roaming\uTorrent =>P2P.µTorrent
O43 - CFD: 04/09/2014 - 23:11:25 - [] ----D C:\Users\Louise\AppData\Roaming\vlc
O43 - CFD: 05/12/2009 - 19:34:57 - [] ----D C:\Users\Louise\AppData\Roaming\WinRAR
O43 - CFD: 05/09/2014 - 02:02:19 - [] ----D C:\Users\Louise\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 06/07/2013 - 07:26:01 - [] ----D C:\Users\Louise\AppData\Local\Adobe
O43 - CFD: 11/10/2008 - 12:05:39 - [] -SH-D C:\Users\Louise\AppData\Local\Application Data
O43 - CFD: 11/10/2008 - 12:07:18 - [] ----D C:\Users\Louise\AppData\Local\ATI
O43 - CFD: 16/12/2013 - 14:08:34 - [] ----D C:\Users\Louise\AppData\Local\DolphinFutures
O43 - CFD: 16/12/2013 - 11:05:02 - [] ----D C:\Users\Louise\AppData\Local\ElevatedDiagnostics
O43 - CFD: 29/01/2012 - 20:24:09 - [] ----D C:\Users\Louise\AppData\Local\eMule
O43 - CFD: 01/07/2014 - 14:36:00 - [] ----D C:\Users\Louise\AppData\Local\Google
O43 - CFD: 11/10/2008 - 12:05:39 - [] -SH-D C:\Users\Louise\AppData\Local\Historique
O43 - CFD: 06/07/2013 - 07:31:26 - [] ----D C:\Users\Louise\AppData\Local\Macromedia
O43 - CFD: 25/01/2013 - 19:21:49 - [] ----D C:\Users\Louise\AppData\Local\Microsoft
O43 - CFD: 03/02/2011 - 17:44:38 - [] ----D C:\Users\Louise\AppData\Local\Microsoft Games
O43 - CFD: 28/05/2011 - 17:05:29 - [] ----D C:\Users\Louise\AppData\Local\Microsoft Help
O43 - CFD: 07/05/2009 - 21:41:04 - [] ----D C:\Users\Louise\AppData\Local\Mozilla
O43 - CFD: 01/07/2014 - 15:41:31 - [] ----D C:\Users\Louise\AppData\Local\NeoSmart_Technologies
O43 - CFD: 25/01/2013 - 18:30:49 - [] ----D C:\Users\Louise\AppData\Local\Packard Bell
O43 - CFD: 22/02/2011 - 11:18:01 - [] ----D C:\Users\Louise\AppData\Local\Paint.NET
O43 - CFD: 02/07/2014 - 21:21:00 - [] ----D C:\Users\Louise\AppData\Local\Skype
O43 - CFD: 05/09/2014 - 02:00:36 - [] ----D C:\Users\Louise\AppData\Local\Temp
O43 - CFD: 11/10/2008 - 12:05:39 - [] -SH-D C:\Users\Louise\AppData\Local\Temporary Internet Files
O43 - CFD: 26/10/2008 - 23:39:00 - [] ----D C:\Users\Louise\AppData\Local\VirtualStore
O43 - CFD: 21/01/2013 - 19:24:58 - [] ----D C:\Users\Louise\AppData\Local\Windows Live
O43 - CFD: 21/01/2008 - 04:42:46 - [] R---D C:\Users\Louise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 11/10/2008 - 12:06:00 - [] R---D C:\Users\Louise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 21/01/2008 - 04:42:46 - [] R---D C:\Users\Louise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 07/07/2014 - 14:15:33 - [0] ----D C:\Users\Louise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
O43 - CFD: 18/01/2014 - 21:10:04 - [] ----D C:\Users\Louise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
O43 - CFD: 22/05/2011 - 14:00:56 - [] R---D C:\Users\Louise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 09/01/2010 - 19:08:34 - [] ----D C:\Users\Louise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ Program Folder: 179 Scanned in 00mn 00s


---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.D3694328B02526392905661276FCE414] - 04/09/2014 - 20:18:39 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1615904]
O44 - LFC:[MD5.EFD1CD6821E48F711AA4A15B46290017] - 04/09/2014 - 20:18:40 ---A- . (...) -- C:\Windows\System32\perfc009.dat [120050]
O44 - LFC:[MD5.47170F1BA4D489ADB357F60508946025] - 04/09/2014 - 20:18:40 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [146290]
O44 - LFC:[MD5.21FA97D3F5B2BE05FDF50098DB1A0224] - 04/09/2014 - 20:18:40 ---A- . (...) -- C:\Windows\System32\perfh009.dat [634484]
O44 - LFC:[MD5.9C3B6AB26AFD259C88C76203EC587334] - 04/09/2014 - 20:18:40 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [722488]
O44 - LFC:[MD5.1AA835E8A0B8EDF3D676B4ED4BF5EF07] - 04/09/2014 - 20:33:44 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [74456]
O44 - LFC:[MD5.799613BA73D25641402AA81B6403EFF8] - 04/09/2014 - 20:33:44 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [51928]
O44 - LFC:[MD5.55CEF8FE478E41C8EBCF7B27AF991A3F] - 04/09/2014 - 21:18:49 ---A- . (.Safer Networking Limited - Pas de description.) -- C:\Windows\System32\sdnclean.exe [18968]
O44 - LFC:[MD5.12E71DA845D76665B56753AD149E32B3] - 04/09/2014 - 23:03:44 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [110296]
O44 - LFC:[MD5.029E020F2FB852EA8F4963314D895359] - 05/09/2014 - 00:53:07 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [410696]
O44 - LFC:[MD5.FFC8D38D401E26597904C567F8351795] - 05/09/2014 - 00:58:36 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1853162]
O44 - LFC:[MD5.1B4B53F85801CAA221ADAD33BAAEF9A2] - 05/09/2014 - 00:59:25 ---A- . (...) -- C:\Windows\PFRO.log [972]
O44 - LFC:[MD5.7BEED315A49470CAA5680039E5DC58F8] - 05/09/2014 - 00:59:36 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.7350631241943D434C9DF900C079D8F7] - 23/08/2014 - 00:26:28 ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\System32\win32k.sys [2054656]
O44 - LFC:[MD5.9852A1B92487147563D83B638F1E8D37] - 23/08/2014 - 02:03:46 ---A- . (.Microsoft Corporation - GDI Client DLL.) -- C:\Windows\System32\gdi32.dll [297984]
O44 - LFC:[MD5.D815DD4262E4FCC211091F7BA7A01155] - 25/08/2014 - 05:53:44 ----- . (.Microsoft Corporation - Microsoft Malware Protection Signature Upda.) -- C:\Windows\System32\MpSigStub.exe [231584]
~ Files: 16 Scanned in 00mn 25s


---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.278EC5CE6B1AF451D20B4F2850508ABF] - 27/07/2014 - 21:38:29 ---A- - C:\Windows\Prefetch\ALLDAYSAVINGS_1007-31E96496.E-C6C60AF1.pf =>PUP.AllDaySavings
O45 - LFCP:[MD5.2622FD428D23AD1BB0DB4647C5C2F0E0] - 27/07/2014 - 21:40:31 ---A- - C:\Windows\Prefetch\BOXORE.EXE-01FE0DEE.pf =>Adware.Boxore
O45 - LFCP:[MD5.5620A062E29BB000A994F10F09CD4F1B] - 27/07/2014 - 21:38:26 ---A- - C:\Windows\Prefetch\BOXOREDARKIUM_2506-3F564613.E-E481EF3F.pf =>Adware.Boxore
O45 - LFCP:[MD5.047F52AE612AEFA0C9A580BC0CC42B00] - 06/08/2014 - 16:32:00 ---A- - C:\Windows\Prefetch\BROWSERI_APPE 1.2-CODEDOWNLOA-807C5CD7.pf =>PUP.BrowseriAppe
O45 - LFCP:[MD5.C108B7BB8D67E6C09999F4ECD397803E] - 27/07/2014 - 21:39:16 ---A- - C:\Windows\Prefetch\OPTIMIZERPRO.EXE-0EEAE098.pf =>PUP.OptimizerPro
O45 - LFCP:[MD5.523C2D3631183BAFCDA441F1E62689B5] - 28/07/2014 - 10:09:38 ---A- - C:\Windows\Prefetch\OPTIMIZERPRO.EXE-95950FB6.pf =>PUP.OptimizerPro
O45 - LFCP:[MD5.EECBE1BC7641E08947DA43A55365C731] - 27/07/2014 - 21:39:34 ---A- - C:\Windows\Prefetch\OPTPROSTART.EXE-1D272174.pf =>PUP.OptimizerPro
O45 - LFCP:[MD5.04E520402B041D372AAF476218E105E6] - 25/07/2014 - 17:45:19 ---A- - C:\Windows\Prefetch\UPFST_FR_304.EXE-BA362705.pf =>Adware.FreeSoftToday
~ Prefetcher: 8 Scanned in 00mn 00s


---\\ Export de clé d'application autorisée (O47)
0
Réponse 3 / 3
billmaxime Messages postés 49927 Date d'inscription dimanche 20 novembre 2011 Statut Contributeur Dernière intervention 18 avril 2024 5 944
5 sept. 2014 à 12:25
salut

pour ton problème, fait ceci et poste les rapports

1) http://www.sosvirus.net/zhpcleaner-t92398.html

poste le rapport via 1 copier/coller

2) télécharge adwcleaner sur ton bureau

le lien https://toolslib.net/downloads/viewdownload/1-adwcleaner/

utlisateurs vista-w7-w8 exécuter en tant qu'administrateur (clic droit)

clique sur Scanner puis patiente le temps du scan

une fois le scan terminé clique sur le bouton Nettoyer

clique sur rapport pour qu'il s'affiche sur ton bureau

le rapport est aussi sauvegarder dans C:\AdwCleaner\Adwcleaner [S0].txt

poste le rapport via 1 copier/coller

merci

@+

0
perepoule Messages postés 31 Date d'inscription vendredi 5 septembre 2014 Statut Membre Dernière intervention 23 octobre 2014
5 sept. 2014 à 12:37
Bonjour BIllmaxime,

et merci pour ta réactivité... j'ai esayé de coller tout mes rapports d'un coup... mais le nombre de signes est limité.
voici le rapport de ZHPCleaner effectué hier soir, quand j'avais la machine en main :

~ ZHPCleaner v2014.9.4.109 by Nicolas Coolman (04/09/2014)
~ Run by Louise (Administrator) (05/09/2014 01:07:05)
~ WebSite : https://nicolascoolman.eu
~ Forum : https://nicolascoolman.eu
~ State version : Version à jour
~ Report : C:\Users\Louise\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Louise\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ Windows VISTA, 32-bit Service Pack 2 (Build 6002)

---\\ Restauration des paramètres proxy par défaut.
REMPLACÉ PARAMS: EnableHttp1_1 ( 1 )

---\\ Réparation des pages de démarrage et de recherche de Microsoft Internet Explorer.
REMPLACÉ PARAMS: SearchAssistant ( https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm )
REMPLACÉ PARAMS: Tabs ( about:newtab )

---\\ Réparation du fichier hôte.
~ Le fichier hôte est légitime. (15515)

---\\ Bilan de la réparation
~ Réparation réalisée avec succès
~ Ce navigateur est absent (Google Chrome)
~ Ce navigateur est absent (Opera Software)
~ Réparation annulée par l'utilisateur (Mozilla Firefox)

Pour ADWCLEANER? je n'ai malheureusement pas sauvegardé le premier rapport... qui doit se trouver dans le répertoire adéquat du portable de ma fille. J'ai effectué un second scan que j'ai conservé avec moi mais qui ne reflète pas ce que j'ai fait entre temps comme je l'explique plus haut

# AdwCleaner v3.309 - Rapport créé le 05/09/2014 à 01:58:25
# Mis à jour le 02/09/2014 par Xplode
# Système d'exploitation : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Nom d'utilisateur : Louise - PC-DE-ARNAUD
# Exécuté depuis : C:\Users\Louise\Desktop\AdwCleaner-3.309.exe
# Option : Nettoyer

***** [ Services ] *****


***** [ Fichiers / Dossiers ] *****


***** [ Tâches planifiées ] *****


***** [ Raccourcis ] *****


***** [ Registre ] *****


***** [ Navigateurs ] *****

-\\ Internet Explorer v8.0.6001.19553


-\\ Mozilla Firefox v32.0 (x86 fr)

[ Fichier : C:\Users\Louise\AppData\Roaming\Mozilla\Firefox\Profiles\5712hegj.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [7287 octets] - [04/09/2014 23:03:58]
AdwCleaner[R1].txt - [7200 octets] - [04/09/2014 23:25:53]
AdwCleaner[R2].txt - [1207 octets] - [04/09/2014 23:32:28]
AdwCleaner[R3].txt - [1325 octets] - [05/09/2014 01:56:34]
AdwCleaner[S0].txt - [7113 octets] - [04/09/2014 23:27:01]
AdwCleaner[S1].txt - [1114 octets] - [04/09/2014 23:34:12]
AdwCleaner[S2].txt - [1093 octets] - [05/09/2014 01:58:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1153 octets] ##########
0
billmaxime Messages postés 49927 Date d'inscription dimanche 20 novembre 2011 Statut Contributeur Dernière intervention 18 avril 2024 5 944
5 sept. 2014 à 12:43
re

pour le 1er rapport de suppression avec adwcleaner, tu le trouveras dans C:\adwcleaner\adwcleaner [SO].txt

celui-ci >> AdwCleaner[S0].txt - [7113 octets] - [04/09/2014 23:27:01]

merci

@+
0
perepoule Messages postés 31 Date d'inscription vendredi 5 septembre 2014 Statut Membre Dernière intervention 23 octobre 2014
5 sept. 2014 à 13:26
Merci Billmaxime,

je vais essayer de le récupérer auprès de ma fille et de son ordi... avec un peu d'espoir, ce soir ! Et je le posterai dès que je l'aurai reçu !

A bientôt Pèrepoule
0
billmaxime Messages postés 49927 Date d'inscription dimanche 20 novembre 2011 Statut Contributeur Dernière intervention 18 avril 2024 5 944
5 sept. 2014 à 13:29
re

la désinfection concerne le pc de ta fille?

merci

@+
0
perepoule Messages postés 31 Date d'inscription vendredi 5 septembre 2014 Statut Membre Dernière intervention 23 octobre 2014
5 sept. 2014 à 14:07
En effet, j'ai écris un roman en début de post, pour raconter les circonstances et surtout ce que j'ai fait avant qu'elle parte avec :

"La veille de partir pour faire ses études à Clermont, le lui propose de vérifier et de mettre à jour son ordi portable EasyNote de PackardBell... Embarrassée, elle m'avoue qu'elle ne l'a pas touché depuis quelques jours car il y a un problème avec son clavier : la barre d'espace ne répond plus, ni le n et certaines touches ont un comportement aléatoire... Je soupçonne immédiatement un virus et la questionne... Elle a en effet essayé de télécharger un programme de streamming... avec de nombreux cadeaux réjouissants à la clé : yac (Yet Another cleaner), sûrement fake, et l'installation l'Optimizer Pro à son insu. Depuis, le comportement de son clavier est très bizarre. Ayant quelque peu l'habitude de ce genre de maintenant auprès de mes enfants, je me suis attelé à la tâche dans la nuit, avant qu'elle ne parte le lendemain ! Après quatre heures de lutte, je jette l'éponge et m'en remets à vous. La difficulté, c'est que je n'ai plus l'ordi sous la main, mais j'ai téléchargé les principaux outils dont elle aura besoin pour une désinfection, ainsi que Timeviewer afin de la lui faire à distance...
Bref, avant d'abandonner la partie, j'ai quand même fait tourner Avast, ccleaner, Spybot, Hijackthis, ZHPDiag, AdwCleaner, Junkware Removal Tool, usbfix et Malewarebytes... "

Voilà pourquoi j'ai déjà effectué pas mal de scans et que je n'ai plus l'ordi sous la main !

Merci pour ta patience billmaxime ! Cdlt perepoule
0

Discussions similaires

Dessiner avec son clavier et avec des lettres
JSS -
Polodu33 -

78 réponses
Barre verticale droite sur clavier
k_lou -
Leuide -

41 réponses
comment taper une accent circonflexe sur mon clavier AZERTY?
giovani paolo -
breaddigital -

53 réponses