comment supprimer speed checkerRésolu/Fermé

Question

Bonjour Après avoir utilisé CCleaner,adwcleaner,malwarebytes,zhpdiag le probléme est toujours présent. ci dessous le résultat de ZHPdiag.txt Quelqu'un peut il m'aider? Merci d'avance. ~ Rapport de ZHPDiag v2015.1.4.2 - Nicolas Coolman (04/01/2015) ~ Lancé par loulou (06/01/2015 20:19:03) ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ Adresse du Forum https://nicolascoolman.eu ~ Traduit par Nicolas Coolman ~ Etat de la version : Version à jour. ~ Liste blanche : Activée par le programme ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Deactivate by program ---\ Navigateurs Internet MSIE: Internet Explorer v11.0.9600.17501 MFIE: Mozilla Firefox 34.0.5 (Defaut) GCIE: Google Chrome v39.0.2171.95 ---\ Informations sur les produits Windows ~ Langage: Français Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows Operating System - Windows(R) 7, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : 3Q6C9 Windows License : OK ~ Windows Remaining Initializations Number : 2 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\ Logiciels de protection du système Malwarebytes Anti-Malware version 2.0.4.1028 McAfee Internet Security v12.8.992 McAfee Security Scan Plus v3.8.150.1 Windows Defender W7 (Deactivate) ---\ Logiciels d'optimisation du système CCleaner v5.01 ---\ Logiciels de partage PeerToPeer eMule ---\ Surveillance de Logiciels Adobe Flash Player 16 NPAPI Adobe Reader XI ---\ Informations sur le système ~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 4063 MB (36% free) System Restore: Activé (Enable) System drive C: has 50 GB (22%) free of 220 GB ---\ Mode de connexion au système ~ Computer Name: PORTABLE_HP-PC ~ User Name: loulou ~ All Users Names: Léonie, loulou, HomeGroupUser$, Emile, Chouchou, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89 Logged in as Administrator ---\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Users\loulou\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\loulou\AppData\Roaming\ ~ %Desktop% : C:\Users\loulou\Desktop\ ~ %Favorites% : C:\Users\loulou\Favorites\ ~ %LocalAppData% : C:\Users\loulou\AppData\Local\ ~ %StartMenu% : C:\Users\loulou\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 50 Go of 220 Go) D: Hard drive, Flash drive, Thumb drive (Free 144 Go of 233 Go) E: Hard drive, Flash drive, Thumb drive (Free 2 Go of 13 Go) F: CD-ROM drive (Not Inserted) ---\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date ~ Security Center: 49 Legitimates Filtered in 00mn 00s ---\ Recherche particulière de fichiers génériques [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024] [MD5.4AF089160FE082E5EA5C4AA72782DCA2] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/11/2014 - 02:28:21.) -- C:\Windows\System32\wininet.dll [2358272] [MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.17/07/2014 - 03:07:24.) -- C:\Windows\System32\Winlogon.exe [455168] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448] [MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128] [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160] [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456] [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400] [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368] [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472] [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224] [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208] [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers etBT.sys [261632] [MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Drivers tfs.sys [1684928] [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280] [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536] [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184] [MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) (.11/11/2014 - 02:46:26.) -- C:\Windows\system32\Drivers dx.sys [119296] [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808] ~ Generic Processes: Scanned in 00mn 01s ---\ Etat des fichiers cachés (Caché/Total) ~ Mes musiques (My Musics) : 8/11874 Mes Videos (My Videos) : 2/2 (Modified) ~ Mes Favoris (My Favorites) : 1/21 ~ Mes Documents (My Documents) : 2/5111 ~ Mon Bureau (My Desktop) : 1/851 ~ Menu demarrer (Programs) : 1/43 ~ Hidden Files: Scanned in 00mn 43s ---\ Processus lancés [MD5.9157189DC07511ECBBE1D2615D8A2FED] - (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664] [PID.3844] [MD5.CCF2234A35077CA217A61C9CACC48198] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392] [PID.3856] [MD5.E4B89C1434AC5EE740E87CCF7769F50D] - (.Samsung - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656] [PID.3864] [MD5.8CFAFCD10B661D5770A32111EB4CD266] - (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528] [PID.3876] [MD5.56D71C1395A02E1D056D7196C84B1A6A] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\loulou\AppData\Roaming\uTorrent\uTorrent.exe [1688656] [PID.3936] =>P2P.BitTorrent [MD5.DCC7CE5BCDA6DC01A579F4B79C0F3EA3] - (.Panasonic Corporation - Pas de description.) -- C:\Program Files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe [308640] [PID.4004] [MD5.8F89E6CB82E6DB45BC993D423CD0FDBD] - (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe [323640] [PID.4632] [MD5.5516C26A6AF8EB4E2CAB48EC98A74398] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe [54576] [PID.4712] [MD5.FF473648E7B1B37C7F3249A6549FAC72] - (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files (x86)\Hp\Digital Imaging\bin\HpqSRmon.exe [150016] [PID.4720] [MD5.FA28BD04DA2A14879F13565375E3488F] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263512] [PID.4812] [MD5.BF739971EC9B05DAFEC793767B632BA9] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152] [PID.4880] [MD5.BDEFC081D02C162DCB90738BE432D66B] - (.Easybits - Software update notification.) -- C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1258504] [PID.5016] [MD5.D88B2D487439305A2EC308A6796C3044] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.5052] [MD5.887CAA31048EB8ED09A0CBD0E6F46F09] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776] [PID.5060] [MD5.C65B115A03DB0260895DE96681E88221] - (.CyberLink Corp. - HP DVDSmart Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [128296] [PID.4440] [MD5.B508A4EE516D905730458BB50B79979B] - (.CyberLink - CyberLink MediaLibray Service.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [206120] [PID.4964] [MD5.0DE3C7622EC33126579B1742260F08C2] - (.Pas de propriétaire - HpqToaster Module.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe [632888] [PID.4040] [MD5.DADDD62BEDC91BC96CFC794A2CA0D94A] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [337520] [PID.4272] [MD5.CEFA800AAA7DEDF7CF0B030F4A02897B] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [243312] [PID.6380] [MD5.9096B4E02CAF59C8850E0CF59301E6F3] - (.Adobe Systems, Inc. - Adobe Flash Player 16.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe [1880752] [PID.7392] [MD5.19892E64D9E917DF78D5E97652C576CA] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8148992] [PID.7452] [MD5.4C72FDD915D62EAEF149BD9C73AB9CF4] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088] [PID.1684] [MD5.608D6A90E989C6522F170E5526A64BF4] - (.Apple Inc. - YSLoader.exe.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336] [PID.1780] [MD5.ACC9C8C560C567FAD6F79C977AB2EA09] - (.B.H.A Corporation - B's Recorder GOLD Service Library.) -- C:\Windows\SysWOW64\bgsvcgen.exe [145504] [PID.1804] [MD5.83D8BE94E1CBCBE2EA8372DB1A95A159] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.1984] [MD5.20372BE109FEE1C37E2D5216680DB9EB] - (.pdfforge GmbH - PDF Architect Helper Service.) -- C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496] [PID.2088] [MD5.B90A279073A815A4AA2C45A09EE004FA] - (.pdfforge GmbH - PDF Architect Conversion Service.) -- C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280] [PID.2296] [MD5.576918B02840A360702051BC4269B13F] - (.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [5071712] [PID.2616] [MD5.640E51DB253265C3EAC075866B3D2B33] - (.Hewlett-Packard Company - hpqwmiex Module.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [791608] [PID.5108] [MD5.C7A0E61D5714AC20DE52D4F66EC773B8] - (.Hewlett-Packard Development Company, L.P. - Com for QLB application.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [227896] [PID.5552] ~ Processes Running: Scanned in 00mn 01s ---\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\loulou\AppData\Local\Google\Chrome\User Data\Default\Preferences ---\ Liste des dossiers d'extension Google Chrome ~ Google Lines Browser: 0 Legitimates Filtered in 00mn 00s ---\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\loulou\AppData\Roaming\Mozilla\Firefox\Profiles\cnpkvqzh.default-1389977987156\prefs.js M2 - MFEP: RegExtension {e4f94d1e-2f53-401e-8885-681602c0ddd8} . (...) -- C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi P2 - FPN: [HKLM] [@mcafee.com/MSC,version=10] - (...) -- C:\Program Files\McAfee\MSC pMcSnFFPl64.dll ~ Firefox Browser: 7 Legitimates Filtered in 00mn 00s ---\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\ Hosts file redirection (O1) ~ Le fichier hôte est sain (The hosts file is clean) (21) ~ Hosts File: Scanned in 00mn 00s ---\ Browser Helper Objects de navigateur (O2) O2 - BHO: AOL Toolbar BHO [64Bits] - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} . (.AOL LLC - AOL IE Toolbar Dynamic Link Library.) -- C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll ~ BHO: 13 Legitimates Filtered in 00mn 00s ---\ Internet Explorer Toolbars (O3) O3 - Toolbar: McAfee SiteAdvisor Toolbar - [HKLM]{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll O3 - Toolbar\WebBrowser: (no name) - [HKCU]{DE9C389F-3316-41A7-809B-AA305ED9D922} Clé orpheline ~ Toolbar: Scanned in 00mn 00s ---\ Autres liens utilisateurs (O4) O4 - GS\Desktop [Public]: eMule.lnk . (.https://www.emule-project.net/home/perl/general.cgi?l=1 - eMule.) -- C:\Program Files (x86)\eMule\emule.exe =>P2P.eMule O4 - GS\QuickLaunch [loulou]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\loulou\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent O4 - GS\Desktop [loulou]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\loulou\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent ~ Global Startup: 3 Legitimates Filtered in 00mn 05s ---\ Applications lancées au démarrage du système (O4) O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.) O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe O4 - HKLM\..\Run: [SmartMenu] . (.Pas de propriétaire - SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe O4 - HKLM\..\Run: [Logitech Download Assistant] . (.Logitech, Inc. - Logitech Download Assistant.) -- C:\Windows\System32\LogiLDA.dll O4 - HKCU\..\Run: [HPADVISOR] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe O4 - HKCU\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe O4 - HKCU\..\Run: [KiesPDLR] . (.Samsung - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\loulou\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc O4 - HKLM\..\Wow6432Node\Run: [HPCam_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe O4 - HKLM\..\Wow6432Node\Run: [QlbCtrl.exe] . (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe O4 - HKLM\..\Wow6432Node\Run: [NortonOnlineBackupReminder] . (.Symantec Corporation - Norton Online Backup Service.) -- C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe =>.Symantec Corporation O4 - HKLM\..\Wow6432Node\Run: [UpdatePRCShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe O4 - HKLM\..\Wow6432Node\Run: [Easybits Recovery] . (.EasyBits Software AS - Pas de description.) -- C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe =>.EasyBits Software AS O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co O4 - HKLM\..\Wow6432Node\Run: [hpqSRMon] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Wow6432Node\Run: [WirelessAssistant] . (.Hewlett-Packard Company - HP Wireless Assistant Main Program.) -- C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Wow6432Node\Run: [NPSStartup] Clé orpheline O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated O4 - HKLM\..\Wow6432Node\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe O4 - HKLM\..\Wow6432Node\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics Co O4 - HKLM\..\Wow6432Node\Run: [mcpltui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe O4 - HKLM\..\Wow6432Node\Run: [Magic Desktop for HP notification] . (.Easybits - Software update notification.) -- C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-937821204-1020158559-3258042591-1001\..\Run: [HPADVISOR] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe O4 - HKUS\S-1-5-21-937821204-1020158559-3258042591-1001\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe O4 - HKUS\S-1-5-21-937821204-1020158559-3258042591-1001\..\Run: [KiesPDLR] . (.Samsung - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKUS\S-1-5-21-937821204-1020158559-3258042591-1001\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe O4 - HKUS\S-1-5-21-937821204-1020158559-3258042591-1001\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\loulou\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent O4 - HKUS\S-1-5-21-937821204-1020158559-3258042591-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd ~ Application: Scanned in 00mn 00s ---\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{6BDC3814-F41B-42CF-B902-72716075285C}: DhcpNameServer = 192.168.0.254 O17 - HKLM\System\CCS\Services\Tcpip\..\{C834D5AD-7D83-4DD0-8D39-0B0B931E2E2D}: DhcpNameServer = 192.168.0.254 O17 - HKLM\System\CS1\Services\Tcpip\..\{6BDC3814-F41B-42CF-B902-72716075285C}: DhcpNameServer = 192.168.0.254 O17 - HKLM\System\CS1\Services\Tcpip\..\{C834D5AD-7D83-4DD0-8D39-0B0B931E2E2D}: DhcpNameServer = 192.168.0.254 O17 - HKLM\System\CS2\Services\Tcpip\..\{6BDC3814-F41B-42CF-B902-72716075285C}: DhcpNameServer = 192.168.0.254 O17 - HKLM\System\CS2\Services\Tcpip\..\{C834D5AD-7D83-4DD0-8D39-0B0B931E2E2D}: DhcpNameServer = 192.168.0.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254 ~ Domain: Scanned in 00mn 00s ---\ Protocole additionnel (O18) O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) -- O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\ Tâches planifiées en automatique (O39) [MD5.6605ADA1257F632CCF743F80D0C3C65C] [APT] [PostPoneInstall] (.C.L.A.R.A.) -- C:\Users\loulou\AppData\Local\Temp\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55.exe [152688] [MD5.00000000000000000000000000000000] [APT] [TSAF] (...) -- C:\Users\loulou\AppData\Roaming\TSAF.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [VFS] (...) -- C:\Users\loulou\AppData\Roaming\VFS.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{AF570876-1440-4C26-BCE7-CB9753EC29A7}] (...) -- C:\Users\loulou\Downloads\Windows_Movie_Maker_2.0.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{D726FAB1-B354-4F52-AAAE-E653114AEDEC}] (...) -- C:\Users\loulou\Downloads\install_www--5781-MMENUmsi.exe (.not file.) [0] O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1066] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1070] O39 - APT: TSAF - (...) -- C:\Windows\Tasks\TSAF.job [1338] O39 - APT: TSAF - (...) -- C:\Windows\System32\Tasks\TSAF [1338] O39 - APT: VFS - (...) -- C:\Windows\Tasks\VFS.job [1336] O39 - APT: VFS - (...) -- C:\Windows\System32\Tasks\VFS [1336] ~ Scheduled Task: 28 Legitimates Filtered in 00mn 07s ---\ Logiciels installés (O42) O42 - Logiciel: Alertes Pollens - (.UNKNOWN.) [HKLM][64Bits] -- Stallergenes.4D52B98456E396561B3A0C183B2B806F65A55DE5.1 O42 - Logiciel: Alertes Pollens - (.UNKNOWN.) [HKLM][64Bits] -- {32FFEEF6-E61F-89A8-8577-8D7FD580E06F} O42 - Logiciel: Ask Toolbar - (.Ask Partner Network.) [HKLM][64Bits] -- {4F524A2D-5637-006A-76A7-A758B70C0001} =>Toolbar.Ask ~ Logic: 62 Legitimates Filtered in 00mn 01s ---\ HKCU & HKLM Software Keys [HKCU\Software\TSAF] [HKCU\Software\VFS] [HKCU\Software onemaker] =>Adware.SPointer [HKCU\Software\?? ?? ???? ????? ??? ?? ????] [HKLM\Software\Wow6432Node\e018433b-b6e5-49d9-964b-874d8524eafd] =>PUP.CrossRider ~ Key Software: 419 Legitimates Filtered in 00mn 01s ---\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 05/01/2015 - 21:02:32 - [0] ----D C:\Program Files (x86)\7ce64d88-e8dc-4da0-b4d5-e79f1166b5ba O43 - CFD: 11/07/2014 - 18:01:18 - [] ----D C:\Program Files (x86)\Alinéa O43 - CFD: 06/01/2015 - 15:02:48 - [] ----D C:\Program Files (x86)\f68f0950-b05f-4641-935e-a864507a8d6f O43 - CFD: 16/03/2012 - 17:43:09 - [] ----D C:\Program Files (x86)\Stallergenes O43 - CFD: 06/01/2015 - 15:02:48 - [] ----D C:\Program Files (x86)\XTab O43 - CFD: 20/12/2010 - 13:27:26 - [] ----D C:\ProgramData\{23D58E70-3B83-4B83-A227-68770F84F5EC} O43 - CFD: 19/12/2009 - 09:58:32 - [] ----D C:\ProgramData\{B0689242-B0A0-4F2C-83E0-F3E560357B90} O43 - CFD: 19/09/2011 - 15:42:29 - [] ----D C:\ProgramData\{D3B41B92-9BC2-43EB-916A-4FA9E8191837} O43 - CFD: 09/02/2013 - 17:13:32 - [0] ----D C:\Users\loulou\AppData\Roaming\Syncrep O43 - CFD: 19/05/2013 - 20:07:06 - [] ----D C:\Users\loulou\AppData\Roaming onemaker =>Adware.SPointer ~ Program Folder: 298 Legitimates Filtered in 00mn 01s ---\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.3B130F4FB69CB7312D03332D4DC42C6E] - 05/01/2015 - 20:56:11 ---A- . (.Corsica - Web Instrumentation New Driver.) -- C:\Windows\System32\Drivers\webinstrNHK.sys [56432] O44 - LFC:[MD5.D6AA9B270B9BBD6B4E9209181752EEDA] - 05/01/2015 - 20:56:32 ---A- . (...) -- C:\Windows\patsearch.bin [1795] O44 - LFC:[MD5.D1C6D101530D2BCABDC9F0389CC90D1B] - 06/01/2015 - 15:02:57 ---A- . (...) -- C:\logmalware.txt [1063] ~ Files: 18 Legitimates Filtered in 00mn 21s ---\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKCU\...\Policies\System] - "WallpaperStyle"= ~ MWPS: 26 Legitimates Filtered in 00mn 00s ---\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 ~ MWPE Keys: 10 Legitimates Filtered in 00mn 00s ---\ Liste des pilotes du système (SDL) (O58) O58 - SDL:21/12/2009 - 09:43:36 ---A- . (.CSR, plc - Bluetooth Hands-free Audio Device Driver.) -- C:\Windows\System32\Drivers\BthAudioHF.sys [52224] O58 - SDL:21/12/2009 - 09:43:00 ---A- . (.CSR, plc - Bluetooth A2DP Driver.) -- C:\Windows\System32\Drivers\bthav.sys [78848] O58 - SDL:13/08/2009 - 07:38:24 ---A- . (.CSR, plc - Bluetooth Remote Control Driver.) -- C:\Windows\System32\Drivers\BthAvrcp.sys [29184] O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496] O58 - SDL:29/06/2009 - 19:17:00 ---A- . (.ENE TECHNOLOGY INC. - ENE CIR Driver for eHome(64).) -- C:\Windows\System32\Drivers\enecir.sys [70656] O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232] O58 - SDL:28/10/2013 - 01:12:10 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [107288] O58 - SDL:28/10/2013 - 01:12:12 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [204568] O58 - SDL:28/10/2013 - 01:12:12 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Mobile Logging Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudserd.sys [204568] O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656] O58 - SDL:22/07/2009 - 02:33:00 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\Drivers\stwrt64.sys [487936] O58 - SDL:05/01/2015 - 20:56:11 ---A- . (.Corsica - Web Instrumentation New Driver.) -- C:\Windows\System32\Drivers\webinstrNHK.sys [56432] O58 - SDL:05/09/2010 - 21:57:48 ---A- . (...) -- C:\Windows\SysWOW64\drivers\StarOpen.sys [5632] O58 - SDL:05/09/2010 - 21:58:21 ---A- . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys [16392] O58 - SDL:05/02/2013 - 09:54:40 ---A- . (...) -- C:\Windows\SysWOW64\FsUsbExDisk.Sys [37344] ~ Drivers: 89 Legitimates Filtered in 00mn 09s ---\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\ Liste les services legacy du registre (LALS) (O64) O64 - Services: CurCS - 05/01/2015 - C:\Windows\system32\Drivers\webinstrNHK.sys (webinstrNHK) .(.Corsica - Web Instrumentation New Driver.) - LEGACY_WEBINSTRNHK ~ Legacy: 133 Legitimates Filtered in 00mn 00s ---\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Users\loulou\AppData\Local\BoBrowser\Application\bobrowser.exe (.not file.) =>PUP.BoBrowser O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8 O69 - SBI: SearchScopes [HKCU] {3DADC58E-A384-4600-BE7F-8A2355958F14} - (Recherche sécurisée) - https://fr.search.yahoo.com/ O69 - SBI: SearchScopes [HKCU] {9E874770-6637-4FD1-A205-9CF2B7E28A90} - (Secure Search) - https://fr.search.yahoo.com/ O69 - SBI: SearchScopes [HKCU] {DECA3892-BA8F-44b8-A993-A466AD694AE4} - (Yahoo! Search) - https://fr.search.yahoo.com/ O69 - SBI: SearchScopes [HKCU] {EE827FB0-3919-499E-9774-F2F7D0C4C983} - (Yahoo!) - https://fr.search.yahoo.com/ ~ Keys: Scanned in 00mn 00s ---\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.9208E5A0A844FCCB39B5252C07B4E860] [SPRF][05/01/2015] (.Pas de propriétaire - Aut2Exe.) -- C:\Users\loulou\Desktop\AdwCleaner-4.106.exe [2173952] [MD5.CBCB4AA4D97285E8A7F648F7C21C1272] [SPRF][06/01/2015] (...) -- C:\Users\loulou\Desktop\Firefox Setup 34.0.5.exe [39738264] ~ Files: 5 Legitimates Filtered in 00mn 01s ---\ Liste des exceptions du parefeu (FirewallRules) (O87) O87 - FAEL: "{7284959D-2F49-4928-AC98-4532E0F7E59F}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\loulou\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent O87 - FAEL: "{70032F4E-E124-4FDA-86B4-F4C95A490C77}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\loulou\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent ~ Firewall: 2 Legitimates Filtered in 00mn 04s ---\ Enumère les codes produits des logiciels (PUC) (O90) O90 - PUC: "D2A425F47365A600677A7A857BC00010" . (.Ask Toolbar.) -- C:\Windows\Installer\{4F524A2D-5637-006A-76A7-A758B70C0001}\ToolbarIcon.exe =>Toolbar.Ask ~ Update Products: 1 Legitimates Filtered in 00mn 00s ---\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) [MD5.5EF721E0E4D73C373BE1C6302CF144B1] [WIS][06/06/2013] (.Ask Partner Network - Ask Toolbar.) -- C:\Windows\Installer\24125a0.msi [459264] =>Toolbar.Ask ~ WIS: 1 Legitimates Filtered in 00mn 14s ---\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 12/12/2014 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe SS - | Demand 07/10/2014 254016 | (GamesAppIntegrationService) . (.WildTangent.) - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe SS - | Demand 24/04/2014 203344 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe SS - | Auto 21/10/2014 107912 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 21/10/2014 107912 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 09/04/2014 289256 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe SS - | Demand 04/09/2014 603424 | (McODS) . (.McAfee, Inc..) - C:\Program Files\McAfee\VirusScan\mcods.exe SS - | Demand 11/12/2014 114800 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe SS - | Demand 11/06/2012 724376 | (ServiceLayer) . (.Nokia.) - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 03/12/2014 81088 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe SR - | Auto 02/03/2009 89600 | (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe SR - | Auto 02/07/2009 203264 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe SR - | Auto 28/08/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe SR - | Auto 15/06/2007 145504 | (bgsvcgen) . (.B.H.A Corporation.) - C:\Windows\SysWOW64\bgsvcgen.exe SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SR - | Demand 25/02/2010 227896 | (Com4QLBEx) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe SR - | Auto 14/07/2009 27136 | C:\Windows\System32\ezsvc7.dll (ezSharedSvc) . (.EasyBits Sofware AS.) - C:\Windows\System32\svchost.exe SR - | Auto 14/07/2009 27136 | C:\Windows\System32\HFGService.dll (HFGService) . (.CSR, plc.) - C:\Windows\System32\svchost.exe SR - | Auto 30/07/2013 328928 | (HomeNetSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe SR - | Demand 25/01/2011 791608 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe SR - | Auto 08/07/2009 30520 | (hpsrv) . (.Hewlett-Packard.) - C:\Windows\System32\Hpservice.exe SR - | Demand 01/09/2014 640840 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe SR - | Auto 17/06/2009 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe SR - | Auto 30/07/2013 328928 | (McAfee SiteAdvisor Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe SR - | Auto 25/04/2014 178528 | (McAPExe) . (.McAfee, Inc..) - C:\Program Files\McAfee\MSC\McAPexe.exe SR - | Auto 30/07/2013 328928 | (McMPFSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe SR - | Auto 30/07/2013 328928 | (McNaiAnn) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe SR - | Auto 30/07/2013 328928 | (mcpltsvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe SR - | Auto 30/07/2013 328928 | (McProxy) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe SR - | Auto 20/08/2014 1041192 | (mfecore) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe SR - | Auto 20/06/2014 219752 | (mfefire) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe SR - | Auto 20/06/2014 189912 | (mfevtp) . (.McAfee, Inc..) - C:\Windows\system32\mfevtps.exe SR - | Auto 30/07/2013 328928 | (MSK80Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe SR - | Auto 08/04/2013 1320496 | (PDF Architect Helper Service) . (.pdfforge GmbH.) - C:\Program Files (x86)\PDF Architect\HelperService.exe SR - | Auto 08/04/2013 799280 | (PDF Architect Service) . (.pdfforge GmbH.) - C:\Program Files (x86)\PDF Architect\ConversionService.exe SR - | Auto 22/07/2009 240128 | (STacSV) . (.IDT, Inc..) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe SR - | Auto 12/09/2013 5071712 | (TeamViewer8) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 13s ---\ Scan Additionnel (O88) Database Version : 13026 - (04/01/2015) Clés trouvées (Keys found) : 5 Valeurs trouvées (Values found) : 4 Dossiers trouvés (Folders found) : 1 Fichiers trouvés (Files found) : 4 [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5637-006A-76A7-A758B70C0001}] =>Toolbar.Ask^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6c97a91e-4524-4019-86af-2aa2d567bf5c}] =>Toolbar.AdAware [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}] =>Adware.Bandoo [HKLM\Software\Classes\AOLTB.AOLToolBand.1] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Classes\AOLTB.AOLToolBand.1] =>Toolbar.Agent [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.BitTorrent^ C:\Users\loulou\AppData\Roaming onemaker =>Adware.SPointer^ C:\Users\loulou\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent^ [HKCU\Software onemaker] =>Adware.SPointer^ [HKLM\Software\Wow6432Node\e018433b-b6e5-49d9-964b-874d8524eafd] =>PUP.CrossRider^ C:\Windows\Installer\24125a0.msi =>Toolbar.Ask^ ~ Additionnel Scan: 476063 Items scanned in 02mn 05s ---\ Informations complémentaires sur les modules ~ https://nicolascoolman.eu =>.Internet Explorer, Proxy Management (R5) ~ https://nicolascoolman.eu =>.Browser Helper Objects de navigateur (O2) ~ https://nicolascoolman.eu =>.Internet Explorer Toolbars (O3) ~ https://nicolascoolman.eu =>.Applications lancées au démarrage du système (O4) ~ AMI: 4 Legitimates Filtered in 00mn 00s ---\ Récapitulatif des détections trouvées sur votre station https://nicolascoolman.eu =>Toolbar.Ask https://nicolascoolman.eu =>Adware.SPointer https://nicolascoolman.eu =>PUP.CrossRider https://nicolascoolman.eu =>PUP.BoBrowser https://nicolascoolman.eu =>Toolbar.AdAware https://nicolascoolman.eu =>Adware.Bandoo https://nicolascoolman.eu =>Toolbar.Agent ~ MSI: 7 link(s) detected in 00mn 00s ~ 1082 Legitimates filtered by white list End of the scan (522 lines in 04mn 59s)(0)

Malekal_morte- · Answer

Salut, 

Tu as installé des adwares et programmes parasites sur ton PC qui ouvrent des publicités et ralentissent l'ordinateur et les navigateurs WEB. 
Voici la procédure à suivre pour les supprimer : 

Commence par ceci :

Suis le tutorial AdwCleaner https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start= ( d'Xplode ) 
Télécharge le sur ton bureau ou dossier de téléchargement.  
Lance AdwCleaner, clique sur [Scanner].
L'analyse peux durer plusieurs minutes, patiente.
Une fois le scan terminé, ne décoche rien, clique sur [Nettoyer]

Une fois le nettoyage terminé, un rapport s'ouvrira. Copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller.
Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message.

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt  


puis :

Suis ce tutoriel FRST: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
Cela va générer trois rapports FRST :
* FRST.txt
* Shortcut.txt
* Additionnal.txt

Envoie comme expliqué, ces trois rapports sur le site pjjoint et donne les trois liens pjjoint de ces rapports afin qu'ils puissent être consultés.

ollivierth · Answer

Bonsoir,

Ci dessous les chemins pour les fichier de résultats FRST



https://pjjoint.malekal.com/files.php?id=20150107_w13c15t14d9b9


https://pjjoint.malekal.com/files.php?id=FRST_20150107_k15d8h15d11f15

https://pjjoint.malekal.com/files.php?id=20150107_c15r13g10d7j5


Merci d'avance pour votre analyse.

Cordialement.

ollivierth · Answer

Bonsoir,

Ci dessous le premier résultat.

A+


# AdwCleaner v4.106 - Rapport créé le 07/01/2015 à 18:45:47
# Mis à jour le 21/12/2014 par Xplode
# Database : 2015-01-03.1 [Live]
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : loulou - PORTABLE_HP-PC
# Exécuté depuis : C:\Users\loulou\Desktop\AdwCleaner-4.106.exe
# Option : Nettoyer

***** [ Services ] *****


***** [ Fichiers / Dossiers ] *****

Fichier Supprimé : C:\Users\Chouchou\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage
Fichier Supprimé : C:\Users\Chouchou\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage-journal

***** [ Tâches planifiées ] *****


***** [ Raccourcis ] *****


***** [ Registre ] *****


***** [ Navigateurs ] *****

-\ Internet Explorer v11.0.9600.17496


-\ Mozilla Firefox v34.0.5 (x86 fr)


-\ Google Chrome v39.0.2171.95


*************************

AdwCleaner[R0].txt - [166563 octets] - [06/12/2013 17:51:57]
AdwCleaner[R1].txt - [2545 octets] - [09/01/2014 17:48:25]
AdwCleaner[R2].txt - [1784 octets] - [10/01/2014 17:13:05]
AdwCleaner[R3].txt - [23972 octets] - [05/01/2015 21:07:40]
AdwCleaner[R4].txt - [1339 octets] - [05/01/2015 21:25:19]
AdwCleaner[R5].txt - [1447 octets] - [05/01/2015 21:44:39]
AdwCleaner[R6].txt - [1505 octets] - [06/01/2015 14:03:37]
AdwCleaner[R7].txt - [1610 octets] - [06/01/2015 18:59:20]
AdwCleaner[R8].txt - [2001 octets] - [07/01/2015 18:42:49]
AdwCleaner[S0].txt - [167893 octets] - [06/12/2013 18:16:26]
AdwCleaner[S1].txt - [2615 octets] - [09/01/2014 17:52:26]
AdwCleaner[S2].txt - [1845 octets] - [10/01/2014 17:14:51]
AdwCleaner[S3].txt - [22574 octets] - [05/01/2015 21:12:25]
AdwCleaner[S4].txt - [1401 octets] - [05/01/2015 21:29:41]
AdwCleaner[S5].txt - [1566 octets] - [06/01/2015 14:07:02]
AdwCleaner[S6].txt - [1924 octets] - [07/01/2015 18:45:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [1984 octets] ##########

Malekal_morte- · Answer

Désinstalle McAfee Security Scan
Tu as déjà l'antivirus McAfee.


Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix

Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit : 

 CHR HomePage: Default -> hxxp://istart.webssearches.com/?type=hp&ts=1420403959&from=exp&uid=ST9250410AS_5VG0LCGK [Pays US - 69.28.57.22] 
 CHR StartupUrls: Default -> hxxp://istart.webssearches.com/?type=hp&ts=1420403959&from=exp&uid=ST9250410AS_5VG0LCGK [Pays US - 69.28.57.22] 
R2 webinstrNHK; C:\Windows\system32\Drivers\webinstrNHK.sys [56432 2015-01-05] (Corsica)  
 2015-01-05 21:02 - 2015-01-05 21:02 - 00000000 ____D () C:\Program Files (x86)\7ce64d88-e8dc-4da0-b4d5-e79f1166b5ba 
 2015-01-05 21:00 - 2015-01-05 21:00 - 00003776 _____ () C:\Windows\System32\Tasks\PostPoneInstall 
 2015-01-05 20:58 - 2015-01-07 18:48 - 00001336 _____ () C:\Windows\Tasks\VFS.job  
 2015-01-05 20:58 - 2015-01-05 20:58 - 00004376 _____ () C:\Windows\System32\Tasks\VFS 
 2015-01-05 20:57 - 2015-01-07 18:48 - 00001338 _____ () C:\Windows\Tasks\TSAF.job 
 2015-01-05 20:57 - 2015-01-06 15:02 - 00000000 ____D () C:\Program Files (x86)\f68f0950-b05f-4641-935e-a864507a8d6f 
 2015-01-05 20:57 - 2015-01-05 20:57 - 00004378 _____ () C:\Windows\System32\Tasks\TSAF 
 2015-01-05 20:56 - 2015-01-05 20:56 - 00056432 _____ (Corsica) C:\Windows\system32\Drivers\webinstrNHK.sys  
 2015-01-05 20:56 - 2015-01-05 20:56 - 00001795 _____ () C:\Windows\patsearch.bin  
 2015-01-05 20:56 - 2015-01-05 20:56 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstrNHK_01009.Wdf  
 2015-01-05 20:42 - 2015-01-05 20:42 - 00003974 _____ () C:\Users\loulou\Documents\cc_20150105_204217.reg  
 2015-01-05 20:41 - 2015-01-05 20:41 - 00059610 _____ () C:\Users\loulou\Documents\cc_20150105_204117.reg  
 2015-01-05 20:36 - 2015-01-05 20:37 - 05317104 _____ (Piriform Ltd) C:\Users\loulou\Downloads\ccsetup501.exe  
 2015-01-04 21:41 - 2015-01-06 15:02 - 00000000 ____D () C:\Program Files (x86)\XTab  
 2015-01-04 21:41 - 2015-01-04 21:42 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro 3.20  
 2015-01-04 21:39 - 2015-01-04 22:48 - 00000000 ____D () C:\Program Files\6B7DC17E-34CB-4F0C-9B97-B74986711EDF 


Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.

Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message. 

Redémarre l'ordinateur

ollivierth · Answer

Ci dessous le resultat du boutonFix:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-01-2015
Ran by loulou at 2015-01-07 20:31:31 Run:1
Running from C:\Users\loulou\Desktop
Loaded Profile: loulou (Available profiles: loulou & Chouchou & Léonie & Emile)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
 CHR HomePage: Default -> hxxp://istart.webssearches.com/?type=hp&ts=1420403959&from=exp&uid=ST9250410AS_5VG0LCGK [Pays US - 69.28.57.22] 

 CHR StartupUrls: Default -> hxxp://istart.webssearches.com/?type=hp&ts=1420403959&from=exp&uid=ST9250410AS_5VG0LCGK [Pays US - 69.28.57.22] 

R2 webinstrNHK; C:\Windows\system32\Drivers\webinstrNHK.sys [56432 2015-01-05] (Corsica)  

 2015-01-05 21:02 - 2015-01-05 21:02 - 00000000 ____D () C:\Program Files (x86)\7ce64d88-e8dc-4da0-b4d5-e79f1166b5ba 

 2015-01-05 21:00 - 2015-01-05 21:00 - 00003776 _____ () C:\Windows\System32\Tasks\PostPoneInstall 

 2015-01-05 20:58 - 2015-01-07 18:48 - 00001336 _____ () C:\Windows\Tasks\VFS.job  

 2015-01-05 20:58 - 2015-01-05 20:58 - 00004376 _____ () C:\Windows\System32\Tasks\VFS 

 2015-01-05 20:57 - 2015-01-07 18:48 - 00001338 _____ () C:\Windows\Tasks\TSAF.job 

 2015-01-05 20:57 - 2015-01-06 15:02 - 00000000 ____D () C:\Program Files (x86)\f68f0950-b05f-4641-935e-a864507a8d6f 

 2015-01-05 20:57 - 2015-01-05 20:57 - 00004378 _____ () C:\Windows\System32\Tasks\TSAF 

 2015-01-05 20:56 - 2015-01-05 20:56 - 00056432 _____ (Corsica) C:\Windows\system32\Drivers\webinstrNHK.sys  

 2015-01-05 20:56 - 2015-01-05 20:56 - 00001795 _____ () C:\Windows\patsearch.bin  

 2015-01-05 20:56 - 2015-01-05 20:56 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstrNHK_01009.Wdf  

 2015-01-05 20:42 - 2015-01-05 20:42 - 00003974 _____ () C:\Users\loulou\Documents\cc_20150105_204217.reg  

 2015-01-05 20:41 - 2015-01-05 20:41 - 00059610 _____ () C:\Users\loulou\Documents\cc_20150105_204117.reg  

 2015-01-05 20:36 - 2015-01-05 20:37 - 05317104 _____ (Piriform Ltd) C:\Users\loulou\Downloads\ccsetup501.exe  

 2015-01-04 21:41 - 2015-01-06 15:02 - 00000000 ____D () C:\Program Files (x86)\XTab  

 2015-01-04 21:41 - 2015-01-04 21:42 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro 3.20  

 2015-01-04 21:39 - 2015-01-04 22:48 - 00000000 ____D () C:\Program Files\6B7DC17E-34CB-4F0C-9B97-B74986711EDF 



*****************

Chrome HomePage deleted successfully.
Chrome StartupUrls deleted successfully.
webinstrNHK => Service stopped successfully.
webinstrNHK => Service deleted successfully.
C:\Program Files (x86)\7ce64d88-e8dc-4da0-b4d5-e79f1166b5ba => Moved successfully.
C:\Windows\System32\Tasks\PostPoneInstall => Moved successfully.
C:\Windows\Tasks\VFS.job => Moved successfully.
C:\Windows\System32\Tasks\VFS => Moved successfully.
C:\Windows\Tasks\TSAF.job => Moved successfully.
C:\Program Files (x86)\f68f0950-b05f-4641-935e-a864507a8d6f => Moved successfully.
C:\Windows\System32\Tasks\TSAF => Moved successfully.
C:\Windows\system32\Drivers\webinstrNHK.sys => Moved successfully.
C:\Windows\patsearch.bin => Moved successfully.
C:\Windows\system32\Drivers\Msft_Kernel_webinstrNHK_01009.Wdf => Moved successfully.
C:\Users\loulou\Documents\cc_20150105_204217.reg => Moved successfully.
C:\Users\loulou\Documents\cc_20150105_204117.reg => Moved successfully.
C:\Users\loulou\Downloads\ccsetup501.exe => Moved successfully.
C:\Program Files (x86)\XTab => Moved successfully.
C:\Program Files (x86)\Optimizer Pro 3.20 => Moved successfully.
C:\Program Files\6B7DC17E-34CB-4F0C-9B97-B74986711EDF => Moved successfully.

==== End of Fixlog 20:31:34 ====

Malekal_morte- · Answer

Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
* Firefox : https://www.malekal.com/reparer-firefox/?t=36057&start=
* Google Chrome : https://www.malekal.com/reparer-google-chrome/?t=35837&start=
* Internet Explorer et modules complémentaires / moteurs de recherche : https://forum.malekal.com/viewtopic.php?t=41399&start=


Vois ce que cela donne pour les publicités :)

ollivierth · Answer

Tous semble maintenant dans l'ordre.

Merci de votre aide précise.

Bonne soirée.

Malekal_morte- · Answer

good, bonne soirée :)

Voila, c'est terminé, tu peux supprimer les programmes utilisés.

Quelques conseils :


Installe Malwarebyte's Anti-Malware : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Fais des scans réguliers avec, il est efficace.
(sauf si tu es sur un netbook)

Pour prévenir les sites malicieux, tu peux installer Blockulicious : https://forum.malekal.com/viewtopic.php?t=46656&start=


Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/

Comment supprimer speed checker

8 réponses

Newsletters