Ordinateur infecté
Fermé
meyllia69100
Messages postés
11
Date d'inscription
mardi 31 mars 2015
Statut
Membre
Dernière intervention
31 mars 2015
-
31 mars 2015 à 12:26
Utilisateur anonyme - 31 mars 2015 à 19:47
Utilisateur anonyme - 31 mars 2015 à 19:47
A voir également:
- Ordinateur infecté
- Ordinateur qui rame - Guide
- Réinitialiser ordinateur - Guide
- Pad ordinateur - Guide
- Comment réinitialiser un ordinateur verrouillé - Guide
- Ordinateur ecran noir - Guide
12 réponses
Utilisateur anonyme
31 mars 2015 à 12:28
31 mars 2015 à 12:28
bonjour,
désinstalle spybot, il est inutile !
* Télécharge et enregistre ZHPDiag sur ton bureau :
https://nicolascoolman.eu
ou :
https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
/!\Utilisateur de Vista, Seven et W8 :
=> L'icône est sous forme de parchemin.
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
https://www.cjoint.com/ à lire => https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers
, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum
tuto zhpdiag :
https://nicolascoolman.eu
désinstalle spybot, il est inutile !
* Télécharge et enregistre ZHPDiag sur ton bureau :
https://nicolascoolman.eu
ou :
https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
- Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.
/!\Utilisateur de Vista, Seven et W8 :
- Clique droit sur le logo de ZHPdiag, « exécuter en tant qu'Administrateur »
=> L'icône est sous forme de parchemin.
- Clique sur « complet »
- Laisse travailler l'outil, même s'il semble bloqué !
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
- Héberge le rapport ZHPDiag.txt sur :
https://www.cjoint.com/ à lire => https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers
, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum
tuto zhpdiag :
https://nicolascoolman.eu
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 656
31 mars 2015 à 12:28
31 mars 2015 à 12:28
Salut,
Tu as installé des adwares et programmes parasites sur ton PC qui ouvrent des publicités et ralentissent l'ordinateur et les navigateurs WEB.
Voici la procédure à suivre pour les supprimer :
Commence par ceci :
Suis le tutorial AdwCleaner https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start= ( d'Xplode )
Télécharge le sur ton bureau ou dossier de téléchargement.
Lance AdwCleaner, clique sur [Scanner].
L'analyse peux durer plusieurs minutes, patiente.
Une fois le scan terminé, ne décoche rien, clique sur [Nettoyer]
Une fois le nettoyage terminé, un rapport s'ouvrira. Copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller.
Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
puis :
Suis ce tutoriel FRST: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
(et bien prendre le temps de lire afin d'appliquer correctement - tout y est expliqué).
Télécharge et lance le scan FRST, cela va générer trois rapports FRST :
Envoie, comme expliqué, ces trois rapports sur le site http://pjjoint.malekal.com et en retour donne les trois liens pjjoint qui mènent à ses rapports ici dans une nouvelle réponse afin que l'on puisse les consulter.
Tu as installé des adwares et programmes parasites sur ton PC qui ouvrent des publicités et ralentissent l'ordinateur et les navigateurs WEB.
Voici la procédure à suivre pour les supprimer :
Commence par ceci :
Suis le tutorial AdwCleaner https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start= ( d'Xplode )
Télécharge le sur ton bureau ou dossier de téléchargement.
Lance AdwCleaner, clique sur [Scanner].
L'analyse peux durer plusieurs minutes, patiente.
Une fois le scan terminé, ne décoche rien, clique sur [Nettoyer]
Une fois le nettoyage terminé, un rapport s'ouvrira. Copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller.
Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
puis :
Suis ce tutoriel FRST: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
(et bien prendre le temps de lire afin d'appliquer correctement - tout y est expliqué).
Télécharge et lance le scan FRST, cela va générer trois rapports FRST :
- FRST.txt
- Shortcut.txt
- Additionnal.txt
Envoie, comme expliqué, ces trois rapports sur le site http://pjjoint.malekal.com et en retour donne les trois liens pjjoint qui mènent à ses rapports ici dans une nouvelle réponse afin que l'on puisse les consulter.
meyllia69100
Messages postés
11
Date d'inscription
mardi 31 mars 2015
Statut
Membre
Dernière intervention
31 mars 2015
31 mars 2015 à 14:11
31 mars 2015 à 14:11
meyllia69100
Messages postés
11
Date d'inscription
mardi 31 mars 2015
Statut
Membre
Dernière intervention
31 mars 2015
31 mars 2015 à 12:41
31 mars 2015 à 12:41
# AdwCleaner v4.200 - Rapport créé le 31/03/2015 à 01:06:11
# Mis à jour le 29/03/2015 par Xplode
# Base de données : 2015-03-29.1 [Serveur]
# Système d'exploitation : Windows 8.1 (x64)
# Nom d'utilisateur : BastienetYanis - SANDRINA
# Exécuté depuis : C:\Users\BastienetYanis\Downloads\adwcleaner_4.200.exe
# Option : Nettoyer
Dossier Supprimé : C:\Users\BastienetYanis\AppData\Roaming\Activeris
Dossier Supprimé : C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd
Dossier Supprimé : C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Extensions\klhlfdbffplhpkpalkmacjejfbdeefaj
Fichier Supprimé : C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bakijjialdiiboeaknfpmflphhmljfkd
Fichier Supprimé : C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\iagcajndpnfncplednpbnkahadegklfa
Fichier Supprimé : C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_joefdjpocengkmjmcnheijdogjafdbha_0.localstorage
Fichier Supprimé : C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pbpohikckhbcljgombipcdoinkaedlfa_0.localstorage
Fichier Supprimé : C:\WINDOWS\Reimage.ini
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
Clé Supprimée : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
Clé Supprimée : HKLM\SOFTWARE\11131309-d168-4229-8d73-4f6b38041ffd
Clé Supprimée : HKLM\SOFTWARE\adcb9d18-5396-4949-9e3b-00bb97ebba6e
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DD750F89-4987-70E3-EEEA-3D6135D889D2}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DD750F89-4987-70E3-EEEA-3D6135D889D2}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DD750F89-4987-70E3-EEEA-3D6135D889D2}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DD750F89-4987-70E3-EEEA-3D6135D889D2}
Clé Supprimée : HKCU\Software\AppDataLow\Software\adawarebp
Clé Supprimée : [x64] HKLM\SOFTWARE\Reimage
-\\ Internet Explorer v11.0.9600.17416
-\\ Google Chrome v41.0.2272.101
[C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Supprimée [Search Provider] : hxxp://search.certified-toolbar.com?si=77302&st=bs&tid=18195&ver=6.0&ts=1394838000000.000007&tguid=77302-18195-1394877973616-7E7EF3281B0C254330AB1957D1BE0917&q={searchTerms}
[C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Supprimée [Search Provider] : hxxp://vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_15_02_ch&cd=2XzuyEtN2Y1L1Qzu0DzzyDtD0EyCtBtBtAtByDyDyCtBtD0FtN0D0Tzu0StCtCtDtCtN1L2XzutAtFyBtFtCtFtAtN1L1CzutCyEtBzytDyD1V1BtAtN1L1G1B1V1N2Y1L1Qzu2StD0C0CtC0BtA0FzztGtCtD0BzytGyBzzzyyDtGzztAyCzytGyDyBtDzy0D0FtAyC0FzztDtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0BtCyEzyyCyDyByDtGtBzy0F0FtGyE0A0C0BtGzy0A0BtCtG0BtDyBtB0DtDtAtD0DtCyDyD2Q&cr=750627549&ir=
[C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Supprimée [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=md_14_20_ch&cd=2XzuyEtN2Y1L1Qzu0DzzyDtD0EyCtBtBtAtByDyDyCtBtD0FtN0D0Tzu0SzzyCyBtN1L2XzutBtFtBtDtFtCtAtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StB0F0Czzzz0Ezz0AtGyEzyzzyEtG0B0ByC0DtG0F0FyEyCtGtD0A0E0EtC0D0AzzyCyCyBtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByCtByE0CyD0ByEtGtCyE0AtBtG0CtC0DtDtGyBtAzz0DtGtC0AtD0C0E0BtAtBtA0AtA0D2Q&cr=1945958739&ir=
[C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Supprimée [Extension] : acfoobbgoakpihljnfedbcfaipcdlfhk
[C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Supprimée [Extension] : bopakagnckmlgajfccecajhnimjiiedh
[C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Supprimée [Extension] : majjphhgppkndjjkmhhnbgafooenebhd
[C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Supprimée [Extension] : mnanplinmmnjhobaliikmelmmjpoogkb
[C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Supprimée [Extension] : oilkkkefbalmbfppgjmgjoefbclebkce
[C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Supprimée [Extension] : klhlfdbffplhpkpalkmacjejfbdeefaj
[C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Supprimée [Startup_URLs] : hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=48
[C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Supprimée [Default_Search_Provider_Data] : {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}{google:contextualSearchVersion}ie={inputEncoding}",
"usage_count": 0
}
},
"extensions": {
"settings": {
"acfoobbgoakpihljnfedbcfaipcdlfhk": {
"ack_external": true,
"active_permissions": {
"api": [ "tabs", "webNavigation" ],
"explicit_host": [ "\u003Call_urls>", "chrome://favicon/*" ]
},
"creation_flags": 9,
"from_bookmark": false,
"from_webstore": true,
"initial_keybindings_set": true,
"install_time": "13046604241381886",
"install_warning_on_enable": false,
"lastpingday": "13046598012468886",
"location": 6,
"manifest": {
"background": {
"scripts": [ "background.js" ]
},
"chrome_url_overrides": {
"newtab": "redirect.html"
},
"description": "Buenosearch Toolbar
-\\ Opera v0.0.0.0
AdwCleaner[R0].txt - [71989 octets] - [18/03/2015 14:59:26]
AdwCleaner[R1].txt - [1121 octets] - [18/03/2015 17:28:43]
AdwCleaner[R2].txt - [1490 octets] - [20/03/2015 09:36:40]
AdwCleaner[R3].txt - [2229 octets] - [22/03/2015 20:54:21]
AdwCleaner[R4].txt - [1241 octets] - [24/03/2015 19:02:33]
AdwCleaner[R5].txt - [7854 octets] - [31/03/2015 00:57:04]
AdwCleaner[S0].txt - [67067 octets] - [18/03/2015 15:10:56]
AdwCleaner[S1].txt - [2109 octets] - [23/03/2015 01:25:19]
AdwCleaner[S2].txt - [1308 octets] - [24/03/2015 20:49:12]
AdwCleaner[S3].txt - [7829 octets] - [31/03/2015 01:06:11]
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [7889 octets] ##########
# Mis à jour le 29/03/2015 par Xplode
# Base de données : 2015-03-29.1 [Serveur]
# Système d'exploitation : Windows 8.1 (x64)
# Nom d'utilisateur : BastienetYanis - SANDRINA
# Exécuté depuis : C:\Users\BastienetYanis\Downloads\adwcleaner_4.200.exe
# Option : Nettoyer
- [ Services ] *****
- [ Fichiers / Dossiers ] *****
Dossier Supprimé : C:\Users\BastienetYanis\AppData\Roaming\Activeris
Dossier Supprimé : C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd
Dossier Supprimé : C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Extensions\klhlfdbffplhpkpalkmacjejfbdeefaj
Fichier Supprimé : C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bakijjialdiiboeaknfpmflphhmljfkd
Fichier Supprimé : C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\iagcajndpnfncplednpbnkahadegklfa
Fichier Supprimé : C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_joefdjpocengkmjmcnheijdogjafdbha_0.localstorage
Fichier Supprimé : C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pbpohikckhbcljgombipcdoinkaedlfa_0.localstorage
Fichier Supprimé : C:\WINDOWS\Reimage.ini
- [ Tâches planifiées ] *****
- [ Raccourcis ] *****
- [ Registre ] *****
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
Clé Supprimée : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
Clé Supprimée : HKLM\SOFTWARE\11131309-d168-4229-8d73-4f6b38041ffd
Clé Supprimée : HKLM\SOFTWARE\adcb9d18-5396-4949-9e3b-00bb97ebba6e
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DD750F89-4987-70E3-EEEA-3D6135D889D2}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DD750F89-4987-70E3-EEEA-3D6135D889D2}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DD750F89-4987-70E3-EEEA-3D6135D889D2}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DD750F89-4987-70E3-EEEA-3D6135D889D2}
Clé Supprimée : HKCU\Software\AppDataLow\Software\adawarebp
Clé Supprimée : [x64] HKLM\SOFTWARE\Reimage
- [ Navigateurs ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Google Chrome v41.0.2272.101
[C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Supprimée [Search Provider] : hxxp://search.certified-toolbar.com?si=77302&st=bs&tid=18195&ver=6.0&ts=1394838000000.000007&tguid=77302-18195-1394877973616-7E7EF3281B0C254330AB1957D1BE0917&q={searchTerms}
[C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Supprimée [Search Provider] : hxxp://vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_15_02_ch&cd=2XzuyEtN2Y1L1Qzu0DzzyDtD0EyCtBtBtAtByDyDyCtBtD0FtN0D0Tzu0StCtCtDtCtN1L2XzutAtFyBtFtCtFtAtN1L1CzutCyEtBzytDyD1V1BtAtN1L1G1B1V1N2Y1L1Qzu2StD0C0CtC0BtA0FzztGtCtD0BzytGyBzzzyyDtGzztAyCzytGyDyBtDzy0D0FtAyC0FzztDtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0BtCyEzyyCyDyByDtGtBzy0F0FtGyE0A0C0BtGzy0A0BtCtG0BtDyBtB0DtDtAtD0DtCyDyD2Q&cr=750627549&ir=
[C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Supprimée [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=md_14_20_ch&cd=2XzuyEtN2Y1L1Qzu0DzzyDtD0EyCtBtBtAtByDyDyCtBtD0FtN0D0Tzu0SzzyCyBtN1L2XzutBtFtBtDtFtCtAtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StB0F0Czzzz0Ezz0AtGyEzyzzyEtG0B0ByC0DtG0F0FyEyCtGtD0A0E0EtC0D0AzzyCyCyBtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StByCtByE0CyD0ByEtGtCyE0AtBtG0CtC0DtDtGyBtAzz0DtGtC0AtD0C0E0BtAtBtA0AtA0D2Q&cr=1945958739&ir=
[C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Supprimée [Extension] : acfoobbgoakpihljnfedbcfaipcdlfhk
[C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Supprimée [Extension] : bopakagnckmlgajfccecajhnimjiiedh
[C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Supprimée [Extension] : majjphhgppkndjjkmhhnbgafooenebhd
[C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Supprimée [Extension] : mnanplinmmnjhobaliikmelmmjpoogkb
[C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Supprimée [Extension] : oilkkkefbalmbfppgjmgjoefbclebkce
[C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Supprimée [Extension] : klhlfdbffplhpkpalkmacjejfbdeefaj
[C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Supprimée [Startup_URLs] : hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=48
[C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Supprimée [Default_Search_Provider_Data] : {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}{google:contextualSearchVersion}ie={inputEncoding}",
"usage_count": 0
}
},
"extensions": {
"settings": {
"acfoobbgoakpihljnfedbcfaipcdlfhk": {
"ack_external": true,
"active_permissions": {
"api": [ "tabs", "webNavigation" ],
"explicit_host": [ "\u003Call_urls>", "chrome://favicon/*" ]
},
"creation_flags": 9,
"from_bookmark": false,
"from_webstore": true,
"initial_keybindings_set": true,
"install_time": "13046604241381886",
"install_warning_on_enable": false,
"lastpingday": "13046598012468886",
"location": 6,
"manifest": {
"background": {
"scripts": [ "background.js" ]
},
"chrome_url_overrides": {
"newtab": "redirect.html"
},
"description": "Buenosearch Toolbar
-\\ Opera v0.0.0.0
AdwCleaner[R0].txt - [71989 octets] - [18/03/2015 14:59:26]
AdwCleaner[R1].txt - [1121 octets] - [18/03/2015 17:28:43]
AdwCleaner[R2].txt - [1490 octets] - [20/03/2015 09:36:40]
AdwCleaner[R3].txt - [2229 octets] - [22/03/2015 20:54:21]
AdwCleaner[R4].txt - [1241 octets] - [24/03/2015 19:02:33]
AdwCleaner[R5].txt - [7854 octets] - [31/03/2015 00:57:04]
AdwCleaner[S0].txt - [67067 octets] - [18/03/2015 15:10:56]
AdwCleaner[S1].txt - [2109 octets] - [23/03/2015 01:25:19]
AdwCleaner[S2].txt - [1308 octets] - [24/03/2015 20:49:12]
AdwCleaner[S3].txt - [7829 octets] - [31/03/2015 01:06:11]
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [7889 octets] ##########
Utilisateur anonyme
31 mars 2015 à 12:55
31 mars 2015 à 12:55
ok,
aide toi de ceci pour me faire passer un rapport complet de Zhpdiag, au passage, désinstalle spybot :
https://forums.commentcamarche.net/forum/affich-31775503-ordinateur-infecte#1
aide toi de ceci pour me faire passer un rapport complet de Zhpdiag, au passage, désinstalle spybot :
https://forums.commentcamarche.net/forum/affich-31775503-ordinateur-infecte#1
meyllia69100
Messages postés
11
Date d'inscription
mardi 31 mars 2015
Statut
Membre
Dernière intervention
31 mars 2015
31 mars 2015 à 15:39
31 mars 2015 à 15:39
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
meyllia69100
Messages postés
11
Date d'inscription
mardi 31 mars 2015
Statut
Membre
Dernière intervention
31 mars 2015
31 mars 2015 à 13:29
31 mars 2015 à 13:29
meyllia69100
Messages postés
11
Date d'inscription
mardi 31 mars 2015
Statut
Membre
Dernière intervention
31 mars 2015
31 mars 2015 à 15:37
31 mars 2015 à 15:37
les pages fatal xxx dangerous windows s'ouvre sans arret depuis tout a l'heure j'ai envoyer les liens demander que dois je faire maintenant??
meyllia69100
Messages postés
11
Date d'inscription
mardi 31 mars 2015
Statut
Membre
Dernière intervention
31 mars 2015
31 mars 2015 à 15:40
31 mars 2015 à 15:40
que dois je faire ensuite??
meyllia69100
Messages postés
11
Date d'inscription
mardi 31 mars 2015
Statut
Membre
Dernière intervention
31 mars 2015
31 mars 2015 à 17:13
31 mars 2015 à 17:13
~ Rapport de ZHPDiag v2015.3.29.33 - Nicolas Coolman (29/03/2015)
~ Lancé par BastienetYanis (31/03/2015 15:41:21)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum https://nicolascoolman.eu
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17690
GCIE: Google Chrome v41.0.2272.101 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
~ Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : JHRD6
Windows License : OK
~ Windows Remaining Initializations Number : 999
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 8.1, 64-bit (Build 9600)
---\\ Logiciels de protection du système
Avast Free Antivirus v10.0.2208
Malwarebytes Anti-Malware version 2.1.4.1018
Ad-Aware Antivirus v11.6.306.7947
McAfee Security Scan Plus v3.0.285.6
Windows Defender W8 (Deactivate)
---\\ Logiciels d'optimisation du système
CCleaner v5.04
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 16 NPAPI
Adobe Reader XI
Java 7 Update 40 (64-bit)
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3981 MB (39% free)
System Restore: Activé (Enable)
System drive C: has 91 GB (49%) free of 186 GB
---\\ Mode de connexion au système
~ Computer Name: SANDRINA
~ User Name: BastienetYanis
~ All Users Names: HomeGroupUser$, BastienetYanis, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\BastienetYanis\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\BastienetYanis\AppData\Roaming\
~ %Desktop% : C:\Users\BastienetYanis\Desktop\
~ %Favorites% : C:\Users\BastienetYanis\Favorites\
~ %LocalAppData% : C:\Users\BastienetYanis\AppData\Local\
~ %StartMenu% : C:\Users\BastienetYanis\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 91 Go of 186 Go)
D: Hard drive, Flash drive, Thumb drive (Free 258 Go of 258 Go)
E: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 49 Scanned in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.C10A66189DC8C090E7C84873EDCEBC88] - (.Microsoft Corporation - Explorateur Windows.) (.28/01/2015 - 00:47:12.) -- C:\Windows\Explorer.exe [2501368]
[MD5.A570A64292214C43E0BA50E6A72A6380] - (.Microsoft Corporation - Application de démarrage de Windows.) (.29/10/2014 - 02:25:54.) -- C:\Windows\System32\Wininit.exe [145920]
[MD5.36F99BD8A0F09BDBB7850A138845A014] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.20/02/2015 - 02:28:25.) -- C:\Windows\System32\wininet.dll [2358784]
[MD5.EC498BAE1F0D3E0E401C963F8D76C437] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.29/10/2014 - 02:22:52.) -- C:\Windows\System32\Winlogon.exe [572416]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/12/2013 - 09:54:07.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.374E27295F0A9DCAA8FC96370F9BEEA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.30/05/2014 - 04:03:03.) -- C:\Windows\system32\Drivers\AFD.sys [563200]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 13:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 12:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 09:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.06/03/2014 - 10:22:50.) -- C:\Windows\system32\Drivers\DfsC.sys [134144]
[MD5.D4B7ED39C7900384D9E5C1283F1E7926] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.24/07/2014 - 12:45:39.) -- C:\Windows\system32\Drivers\HDAudBus.sys [76800]
[MD5.D887446F3F6051C60C26F4FD1FC8D43F] - (.Microsoft Corporation - Pilote de port i8042.) (.07/10/2014 - 04:29:50.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.27/11/2013 - 13:02:29.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.31233271EDE50D1BBB220F78AFA60486] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.08/10/2014 - 08:32:10.) -- C:\Windows\system32\Drivers\MRxSmb.sys [405504]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 12:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.7F68063A5A0461E02BC860CE0E6BFDDC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.15/10/2014 - 09:32:37.) -- C:\Windows\system32\Drivers\ntfs.sys [2025792]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Pilote de port parallèle.) (.22/08/2013 - 12:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 12:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.14/11/2013 - 08:16:40.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 14:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.64CA2B4A49A8EAF495E435623ECCE7DB] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.19/06/2014 - 03:13:36.) -- C:\Windows\system32\Drivers\volsnap.sys [310080]
~ Generic Processes: Scanned in 00mn 01s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 10/1860
~ Mes musiques (My Musics) : 27/220
~ Mes Videos (My Videos) : 1/21
~ Mes Favoris (My Favorites) : 1/11
~ Mes Documents (My Documents) : 2/341
~ Mon Bureau (My Desktop) : 2/309
~ Menu demarrer (Programs) : 1/27
~ Hidden Files: Scanned in 00mn 11s
---\\ Processus lancés
[MD5.D0A518D233620D59A3D2D79511FBB736] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [6212408] [PID.3108]
[MD5.F217EF2EA31D8F73504B1CD2F9787D9D] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [809288] [PID.5204]
[MD5.96B182BCB95057D4C7B8E25811BF6D2A] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192] [PID.5896]
[MD5.B7995C675014EEBE77A0BEB7AFCCFC08] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432] [PID.2360]
[MD5.DB0C938BC311B31CF90C13821AE682B3] - (.ASUSTeK Computer Inc. - ASUS Live Update.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [1559936] [PID.6936]
[MD5.70BC8374217BFC5C24D4504C2459FEB6] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [111120] [PID.2964]
[MD5.695BE0A3D240FFF4B876D9289110634A] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe [5227648] [PID.6840]
[MD5.C570FD825751F7805CE226F68C4605DE] - (.ASUS - ACMON.) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [54488] [PID.3604]
[MD5.B07086D59443DAC6A668D691B27B968C] - (.ASUSTeK Computer Inc. - ASUS Color Engine.) -- C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [176240] [PID.3640]
[MD5.97432AB9F1B3B3E63E778C1E69E71E91] - (.ASUSTek Computer Inc. - ASUS USB Charger Plus.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [1124032] [PID.2860]
[MD5.F7AB23B768E0470EAA01353F7CCCDB4B] - (.ASUSTeK Computer Inc. - ASUS Quick Gesture Exe.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe [20280] [PID.7640]
[MD5.2D32F0EF950AED6AD007D042676FD39E] - (.ASUSTek Computer Inc. - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [328064] [PID.7184]
[MD5.0B50F07E63EE15383CDFDC26D7A3D3E3] - (.ASUSTek Computer Inc. - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [205184] [PID.7188]
[MD5.1FF6EB4030CC1C5B49F333D4B45E5FCC] - (.Microsoft Corporation - Microsoft Office Document Cache Sync Client.) -- C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.exe [84200] [PID.5656]
[MD5.06CC578BC150D9AAAE20672130A36CB9] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8190976] [PID.5292]
~ Processes Running: Scanned in 00mn 03s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Preferences
---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 0 Scanned in 00mn 07s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M2 - MFEP: RegExtension {0011ebb6-4390-4e21-a2e3-8dd2a85e92d2} . (...) -- C:\Program Files (x86)\DealsCompare\150.xpi (.not file.) =>PUP.DealsCompare
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.67.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\WINDOWS\system32\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.67.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.67.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (...) -- C:\Users\BastienetYanis\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (.not file.)
P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS - Unity Player 4.5.3f3.) -- C:\Users\BastienetYanis\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
~ Firefox Browser: 6 Scanned in 00mn 01s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.9600.17496 (winblue_r5.141121-1500)) -- C:\Windows\SysWOW64\ieframe.dll
~ IE Browser: 15 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
O1 - Hosts: 54.225.95.126 dmcecclamecbinmplcolhaljlclhbgah
~ Nombre lignes détournées 1/23 (Hosts file redirected)
~ Hosts File: Scanned in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Canon Easy-WebPrint EX BHO [64Bits] - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} . (.CANON INC. - Easy-WebPrint EX.) -- C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Safe Money Plugin [64Bits] - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (.not file.)
O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} Clé orpheline
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Clé orpheline
O2 - BHO: (no name) [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} Clé orpheline
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} Clé orpheline
~ BHO: 10 Scanned in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
O3 - Toolbar: Canon Easy-WebPrint EX - [HKLM]{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} . (.CANON INC. - Easy-WebPrint EX.) -- C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\QuickLaunch [BastienetYanis]: Launch Internet Explorer Browser.lnk . (...) -- C:\Program Files (x86)\speed browser\Application\chrome.exe (.not file.) =>PUP.SpeedBrowser
O4 - GS\Program [BastienetYanis]: Aide.lnk . (...) -- C:\Program Files (x86)\Probit Software\Easy Speed PC\EasySpeedPC.chm (.not file.) =>PUP.ProbitSoftware
O4 - GS\Program [BastienetYanis]: Search.lnk . (...) -- C:\Program Files (x86)\speed browser\Application\chrome.exe (.not file.) =>PUP.SpeedBrowser
O4 - GS\Program [BastienetYanis]: Uninstall.lnk . (...) -- C:\Program Files (x86)\Probit Software\Easy Speed PC\uninstall.exe (.not file.) =>PUP.ProbitSoftware
O4 - GS\Desktop [BastienetYanis]: SpyHunter.lnk . (...) -- C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe (.not file.) =>PUP.EnigmaSoftware
~ Global Startup: 5 Scanned in 00mn 07s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [V-bates] C:\Program Files\V-bates\notifier64.exe (.not file.) =>Adware.Incredibar
O4 - HKLM\..\Run: [Zune Launcher] . (.Microsoft Corporation - Zune Auto-Launcher.) -- C:\Program Files\Zune\ZuneLauncher.exe
O4 - HKLM\..\Run: [AdAwareTray] . (...) -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe
O4 - HKCU\..\Run: [Power2GoExpress] . (.CyberLink Corp. - Power2Go Desktop Burning Gadget.) -- C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\BastienetYanis\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_9F74275482CCA6BB132B2854FD98E9A5] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKCU\..\Run: [Allmyapps] C:\Users\BastienetYanis\AppData\Roaming\Allmyapps\Allmyapps.exe (.not file.)
O4 - HKCU\..\Run: [Allmyapps Update] C:\Users\BastienetYanis\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe (.not file.)
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
O4 - HKLM\..\Wow6432Node\Run: [CLMLServer] . (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
O4 - HKLM\..\Wow6432Node\Run: [CanonQuickMenu] . (.CANON INC. - Canon Quick Menu.) -- C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.exe
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKUS\S-1-5-21-3911577134-1621002325-3162563356-1001\..\Run: [Power2GoExpress] . (.CyberLink Corp. - Power2Go Desktop Burning Gadget.) -- C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe
O4 - HKUS\S-1-5-21-3911577134-1621002325-3162563356-1001\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\BastienetYanis\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-3911577134-1621002325-3162563356-1001\..\Run: [GoogleChromeAutoLaunch_9F74275482CCA6BB132B2854FD98E9A5] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKUS\S-1-5-21-3911577134-1621002325-3162563356-1001\..\Run: [Allmyapps] C:\Users\BastienetYanis\AppData\Roaming\Allmyapps\Allmyapps.exe (.not file.)
O4 - HKUS\S-1-5-21-3911577134-1621002325-3162563356-1001\..\Run: [Allmyapps Update] C:\Users\BastienetYanis\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe (.not file.)
O4 - HKUS\S-1-5-21-3911577134-1621002325-3162563356-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-3911577134-1621002325-3162563356-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
~ Application: Scanned in 00mn 00s
---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\lync.exe (.not file.)
O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\WINDOWS\system32\napinsp.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\WINDOWS\system32\NLAapi.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
~ Winsock: 6 Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{5F1D33C0-D5C1-4D82-8C19-C19C96494532}: DhcpNameServer = 109.0.66.10 109.0.66.20
O17 - HKLM\System\CCS\Services\Tcpip\..\{DD1A6843-CB00-4DCC-9A44-20F649F6D9CE}: DhcpNameServer = 77.234.40.79
O17 - HKLM\System\CS1\Services\Tcpip\..\{5F1D33C0-D5C1-4D82-8C19-C19C96494532}: DhcpNameServer = 109.0.66.10 109.0.66.20
O17 - HKLM\System\CS1\Services\Tcpip\..\{DD1A6843-CB00-4DCC-9A44-20F649F6D9CE}: DhcpNameServer = 77.234.40.79
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 109.0.66.10 109.0.66.20
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AFBAgent (AFBAgent) . (.ASUSTeK Computer Inc. - ASUS FastBoot.) - C:\Windows\system32\FBAgent.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Service de sauvegarde avast! BackUp (avastBackUpbackup) . (.avast! - Programme d'amorçage du service avast! Back.) - C:\Program Files\AVAST Software\BackUp\avastBackUpbackup.exe
O23 - Service: Freemake Improver (Freemake Improver) . (.Freemake - FreemakeUtilsService.) - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: GamesAppIntegrationService (GamesAppIntegrationService) . (.WildTangent - WildTangent Games App Integration Service.) - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: Ad-Aware Service 11 (LavasoftAdAwareService11) . (...) - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: SpyHunter 4 Service (SpyHunter 4 Service) . (.Enigma Software Group USA, LLC. - Service scanner interface.) - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe =>PUP.EnigmaSoftware
~ Services: 12 Scanned in 00mn 45s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sdnclean64.exe) - File not found
~ BEX: 2 Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
[MD5.3E04F1E482357B1FC8B088197C3D9FF8] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152]
[MD5.080255CDCB878813B481B8C348D47D8E] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [267440]
[MD5.C6D3BB61E24F66EB976C6CC55346B5F2] [APT] [ASUS InstantOn Config] (.ASUS.) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [1196416]
[MD5.DB0C938BC311B31CF90C13821AE682B3] [APT] [ASUS Live Update] (.ASUSTeK Computer Inc..) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [1559936]
[MD5.0BC5A4142F38A6BB35DECD01A2BC2ED7] [APT] [ASUS P4G] (.ASUS.) -- C:\Program Files\ASUS\P4G\BatteryLife.exe [1018240]
[MD5.6B0C1049D98223D31165198D2DD3E062] [APT] [ASUS Smart Gesture Launcher] (.AsusTek.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18232]
[MD5.C570FD825751F7805CE226F68C4605DE] [APT] [ASUS Splendid ACMON] (.ASUS.) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [54488]
[MD5.B07086D59443DAC6A668D691B27B968C] [APT] [ASUS Splendid ColorU] (.ASUSTeK Computer Inc..) -- C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [176240]
[MD5.97432AB9F1B3B3E63E778C1E69E71E91] [APT] [ASUS USB Charger Plus] (.ASUSTek Computer Inc..) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [1124032]
[MD5.7529BF17445E16315A95B450CE985C11] [APT] [AsusVibeSchedule] (...) -- C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [1957040]
[MD5.4BB7714617D50D77FCDA6B0182FD8A9A] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [857888]
[MD5.F217EF2EA31D8F73504B1CD2F9787D9D] [APT] [avastBCLRestartS-1-5-21-3911577134-1621002325-3162563356-1001] (.Google Inc..) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [809288]
[MD5.A75228DE9117A017BC7A3B44953B2648] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [5529880]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-3911577134-1621002325-3162563356-1001Core] (.Facebook Inc..) -- C:\Users\BastienetYanis\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-3911577134-1621002325-3162563356-1001UA] (.Facebook Inc..) -- C:\Users\BastienetYanis\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.6ACCFC315FF55C983934811451DDEE66] [APT] [FastAgain PC Booster] (.Activeris.) -- C:\Program Files (x86)\FastAgain PC Booster\PCBooster.exe [8034816] =>PUP.Activeris
[MD5.6ACCFC315FF55C983934811451DDEE66] [APT] [FastAgain PC Booster_DEFAULT] (.Activeris.) -- C:\Program Files (x86)\FastAgain PC Booster\PCBooster.exe [8034816] =>PUP.Activeris
[MD5.6ACCFC315FF55C983934811451DDEE66] [APT] [FastAgain PC Booster_UPDATES] (.Activeris.) -- C:\Program Files (x86)\FastAgain PC Booster\PCBooster.exe [8034816] =>PUP.Activeris
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.F9D8F716896508EB088535DD4B4C296C] [APT] [Norton Security Scan for BastienetYanis] (.Symantec Corporation.) -- C:\Program Files (x86)\NORTON~2\Engine\410~1.28\Nss.exe [1419104]
[MD5.00000000000000000000000000000000] [APT] [ParetoLogic Update Version3 Startup Task] (...) -- C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe (.not file.) [0] =>PUP.Paretologic
[MD5.F845E730A534BA17372368372DF01579] [APT] [SpyHunter4Startup] (.Enigma Software Group USA, LLC..) -- C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [8260480] =>PUP.EnigmaSoftware
[MD5.00000000000000000000000000000000] [APT] [UpdateVO] (...) -- C:\Users\BastienetYanis\AppData\Roaming\VOPackage\VOPackage.exe (.not file.) [0] =>Adware.Downware
[MD5.00000000000000000000000000000000] [APT] [{148A78C4-6AB6-4F04-B670-9373698B5E22}] (...) -- C:\Users\BastienetYanis\AppData\Roaming\Nosibay\Bubble Dock\Uninstall Bubble Dock.exe (.not file.) [0] =>PUP.BubbleDock
[MD5.00000000000000000000000000000000] [APT] [{9B02FA26-A9DC-49AB-B067-F42CB88B2701}] (...) -- c:\program files (x86)\speed browser\application\chrome.exe (.not file.) [0] =>PUP.SpeedBrowser
[MD5.00000000000000000000000000000000] [APT] [{9B1EACFF-21DD-4567-A7E4-7A77E88D07A8}] (...) -- c:\program files (x86)\speed browser\application\chrome.exe (.not file.) [0] =>PUP.SpeedBrowser
[MD5.F217EF2EA31D8F73504B1CD2F9787D9D] [APT] [{AEAA0A87-9BAB-4EE4-A6FC-B00CFB7F5D9A}] (.Google Inc..) -- c:\program files (x86)\google\chrome\application\chrome.exe [809288]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: - (..) -- C:\Windows\Tasks\AllmyappsUpdateTask.job [432]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-3911577134-1621002325-3162563356-1001Core - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3911577134-1621002325-3162563356-1001Core.job [960]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-3911577134-1621002325-3162563356-1001Core - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3911577134-1621002325-3162563356-1001Core [960]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-3911577134-1621002325-3162563356-1001UA - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3911577134-1621002325-3162563356-1001UA.job [982]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-3911577134-1621002325-3162563356-1001UA - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3911577134-1621002325-3162563356-1001UA [982]
O39 - APT: FastAgain PC Booster_DEFAULT - (.Activeris.) -- C:\Windows\Tasks\FastAgain PC Booster_DEFAULT.job [324] =>PUP.Activeris
O39 - APT: FastAgain PC Booster_DEFAULT - (.Activeris.) -- C:\Windows\System32\Tasks\FastAgain PC Booster_DEFAULT [324] =>PUP.Activeris
O39 - APT: FastAgain PC Booster_UPDATES - (.Activeris.) -- C:\Windows\Tasks\FastAgain PC Booster_UPDATES.job [332] =>PUP.Activeris
O39 - APT: FastAgain PC Booster_UPDATES - (.Activeris.) -- C:\Windows\System32\Tasks\FastAgain PC Booster_UPDATES [332] =>PUP.Activeris
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1090]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1090]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1094]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1094]
O39 - APT: Norton Security Scan for BastienetYanis - (.Symantec Corporation.) -- C:\Windows\Tasks\Norton Security Scan for BastienetYanis.job [488]
O39 - APT: Norton Security Scan for BastienetYanis - (.Symantec Corporation.) -- C:\Windows\System32\Tasks\Norton Security Scan for BastienetYanis [488]
O39 - APT: - (..) -- C:\Windows\Tasks\OWST.job [1380]
O39 - APT: ParetoLogic Update Version3 Startup Task - (...) -- C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job [530] =>PUP.Paretologic
O39 - APT: ParetoLogic Update Version3 Startup Task - (...) -- C:\Windows\System32\Tasks\ParetoLogic Update Version3 Startup Task [530] =>PUP.Paretologic
O39 - APT: - (..) -- C:\Windows\Tasks\RJIIB.job [1382]
~ Scheduled Task: 44 Scanned in 00mn 25s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll
~ Active Setup: 9 Scanned in 00mn 00s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: C:\Windows\System32\drivers\ahcache.sys (ahcache) . (.Microsoft Corporation - Application Compatibility Cache.) - C:\Windows\System32\DRIVERS\ahcache.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\drivers\aswRdr2.sys
O41 - Driver: (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\Windows\system32\drivers\aswSnx.sys
O41 - Driver: (aswSP) . (.AVAST Software - avast! self protection module.) - C:\Windows\system32\drivers\aswSP.sys
O41 - Driver: (ATKWMIACPIIO) . (.ASUS - ATK WMIACPI Utility.) - C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
O41 - Driver: (avastBackUpFilter) . (.Mozy, Inc. - Mozy Change Monitor Filter Driver.) - C:\Windows\System32\DRIVERS\avastBackUp.sys
O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys
O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys
O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (eeCtrl) . (.Symantec Corporation - Symantec Eraser Control Driver.) - C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
O41 - Driver: (mbamchameleon) . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) - C:\WINDOWS\system32\drivers\mbamchameleon.sys
O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
~ Drivers: 46 Scanned in 00mn 01s
---\\ Logiciels installés (O42)
O42 - Logiciel: Ad-Aware Antivirus - (.Lavasoft.) [HKLM][64Bits] -- {FF054A8C-C0A4-4C78-8910-E2A459BEFF05}_AdAwareUpdater
O42 - Logiciel: AdAwareInstaller - (.Lavasoft.) [HKLM][64Bits] -- {2676D270-8FE3-4C9F-ADDB-6A8D22FE5C4C}
O42 - Logiciel: AdAwareUpdater - (.Lavasoft.) [HKLM][64Bits] -- {FF054A8C-C0A4-4C78-8910-E2A459BEFF05}
O42 - Logiciel: Adobe Flash Player 16 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI
O42 - Logiciel: Adobe Reader XI (11.0.10) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001802114130}
O42 - Logiciel: Allmyapps - (.Allmyapps.) [HKCU][64Bits] -- Allmyapps
O42 - Logiciel: AntimalwareEngine - (.Lavasoft.) [HKLM][64Bits] -- {6E5FAEC8-C3C1-44E8-B8DE-CE3F9568BF85}
O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM][64Bits] -- Avast
O42 - Logiciel: Avast Packages - (...) [HKCU][64Bits] -- Avast Packages =>Adware.InstallCore
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: Freemake Video Converter version 4.1.5 - (.Ellora Assets Corporation.) [HKLM][64Bits] -- Freemake Video Converter_is1
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Image Resizer - (.Tweaks.) [HKLM][64Bits] -- Tweaks Image Resizer
O42 - Logiciel: Image Resizer Packages - (...) [HKCU][64Bits] -- Image Resizer Packages =>Adware.InstallCore
O42 - Logiciel: Java 7 Update 40 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86417040F0}
O42 - Logiciel: Java 7 Update 67 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F06417067FF}
O42 - Logiciel: Java technology allows you to work and play in a secure computing environme - (...) [HKCU][64Bits] -- Java technology allows you to work and play in a secure computing environment. Packages
O42 - Logiciel: Lollipop - (.Lollipop Network, S.L..) [HKCU][64Bits] -- lollipop_01070657 =>Adware.Lollipop
O42 - Logiciel: Malwarebytes Anti-Malware version 2.1.4.1018 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM][64Bits] -- McAfee Security Scan
O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- OneDriveSetup.exe
O42 - Logiciel: Office 15 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-0000-0000-0000000FF1CE}
O42 - Logiciel: Office 15 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008F-0000-1000-0000000FF1CE}
O42 - Logiciel: Office 15 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-040C-0000-0000000FF1CE}
O42 - Logiciel: Snap.Do Engine - (.ReSoft Ltd..) [HKCU][64Bits] -- {b9b81f85-446e-4d45-aff5-d95c2be8fbf2} =>Hijacker.SmartBar
O42 - Logiciel: SpyHunter 4 - (.Enigma Software Group, LLC.) [HKLM][64Bits] -- SpyHunter =>PUP.EnigmaSoftware
O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU][64Bits] -- UnityWebPlayer
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: Visual Studio 2012 x64 Redistributables - (.AVG Technologies.) [HKLM][64Bits] -- {8C775E70-A791-4DA8-BCC3-6AB7136F4484}
O42 - Logiciel: Visual Studio 2012 x86 Redistributables - (.AVG Technologies CZ, s.r.o..) [HKLM][64Bits] -- {98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}
O42 - Logiciel: Windows Driver Package - ASUS (ATP) Mouse (05/09/2013 1.0.0.173) - (.ASUS.) [HKLM][64Bits] -- 1016059FBF327ED9E3BAE758BD08CF10D3C6252D
O42 - Logiciel: Windows Mobile Device Updater Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {F2CB8C3C-9C9E-4FAB-9067-655601C5F748}
O42 - Logiciel: Youtube Music Downloader V7.3.4 - (.Youtube Music Downloader.) [HKLM][64Bits] -- Youtube Music Downloader_is1
O42 - Logiciel: Zune - (.Microsoft Corporation.) [HKLM][64Bits] -- Zune
O42 - Logiciel: Zune - (.Microsoft Corporation.) [HKLM][64Bits] -- {9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}
O42 - Logiciel: Zune Language Pack (CHS) - (.Microsoft Corporation.) [HKLM][64Bits] -- {2A9DFFD8-4E09-4B91-B957-454805B0D7C4}
O42 - Logiciel: Zune Language Pack (CHT) - (.Microsoft Corporation.) [HKLM][64Bits] -- {A5A53EA8-A11E-49F0-BDF5-AE536426A31A}
O42 - Logiciel: Zune Language Pack (CSY) - (.Microsoft Corporation.) [HKLM][64Bits] -- {A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}
O42 - Logiciel: Zune Language Pack (DAN) - (.Microsoft Corporation.) [HKLM][64Bits] -- {8B112338-2B08-4851-AF84-E7CAD74CEB32}
O42 - Logiciel: Zune Language Pack (DEU) - (.Microsoft Corporation.) [HKLM][64Bits] -- {BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}
O42 - Logiciel: Zune Language Pack (ELL) - (.Microsoft Corporation.) [HKLM][64Bits] -- {3589A659-F732-4E65-A89A-5438C332E59D}
O42 - Logiciel: Zune Language Pack (ESP) - (.Microsoft Corporation.) [HKLM][64Bits] -- {6B33492E-FBBC-4EC3-8738-09E16E395A10}
O42 - Logiciel: Zune Language Pack (FIN) - (.Microsoft Corporation.) [HKLM][64Bits] -- {B4870774-5F3A-46D9-9DFE-06FB5599E26B}
O42 - Logiciel: Zune Language Pack (FRA) - (.Microsoft Corporation.) [HKLM][64Bits] -- {C68D33B1-0204-4EBE-BC45-A6E432B1D13A}
O42 - Logiciel: Zune Language Pack (HUN) - (.Microsoft Corporation.) [HKLM][64Bits] -- {C6BE19C6-B102-4038-B2A6-1C313872DBB4}
O42 - Logiciel: Zune Language Pack (IND) - (.Microsoft Corporation.) [HKLM][64Bits] -- {92ECE3F9-591E-4C12-8A62-B9FCE38BF646}
O42 - Logiciel: Zune Language Pack (ITA) - (.Microsoft Corporation.) [HKLM][64Bits] -- {C5D37FFA-7483-410B-982B-91E93FD3B7DA}
O42 - Logiciel: Zune Language Pack (JPN) - (.Microsoft Corporation.) [HKLM][64Bits] -- {D8A781C9-3892-4E2E-9320-480CF896CFBB}
O42 - Logiciel: Zune Language Pack (KOR) - (.Microsoft Corporation.) [HKLM][64Bits] -- {51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}
O42 - Logiciel: Zune Language Pack (MSL) - (.Microsoft Corporation.) [HKLM][64Bits] -- {76BA306B-2AA0-47C0-AB6B-F313AB56C136}
O42 - Logiciel: Zune Language Pack (NLD) - (.Microsoft Corporation.) [HKLM][64Bits] -- {6740BCB0-5863-47F4-80F4-44F394DE4FE2}
O42 - Logiciel: Zune Language Pack (NOR) - (.Microsoft Corporation.) [HKLM][64Bits] -- {5DEFD397-4012-46C3-B6DA-E8013E660772}
O42 - Logiciel: Zune Language Pack (PLK) - (.Microsoft Corporation.) [HKLM][64Bits] -- {8960A0A1-BB5A-479E-92CF-65AB9D684B43}
O42 - Logiciel: Zune Language Pack (PTB) - (.Microsoft Corporation.) [HKLM][64Bits] -- {07EEE598-5F21-4B57-B40B-46592625B3D9}
O42 - Logiciel: Zune Language Pack (PTG) - (.Microsoft Corporation.) [HKLM][64Bits] -- {5C93E291-A1CC-4E51-85C6-E194209FCDB4}
O42 - Logiciel: Zune Language Pack (RUS) - (.Microsoft Corporation.) [HKLM][64Bits] -- {57C51D56-B287-4C11-9192-EC3C46EF76A4}
O42 - Logiciel: Zune Language Pack (SVE) - (.Microsoft Corporation.) [HKLM][64Bits] -- {6EB931CD-A7DA-4A44-B74A-89C8EB50086F}
~ Logic: 51 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ASKDefaultSearch]
[HKCU\Software\ASKHomePage]
[HKCU\Software\ASUS]
[HKCU\Software\AVAST Software]
[HKCU\Software\Activeris] =>PUP.Activeris
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Apps Hat] =>PUP.CrossRider
[HKCU\Software\AppDataLow\Software\Canon]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\Unity]
[HKCU\Software\AppDataLow\Software\adawarebp]
[HKCU\Software\AppDataLow]
[HKCU\Software\Browser]
[HKCU\Software\Canon]
[HKCU\Software\Chromium]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\ClkApp]
[HKCU\Software\CoinisRevShare]
[HKCU\Software\CyberLink]
[HKCU\Software\ECAREME]
[HKCU\Software\Facebook]
[HKCU\Software\Freemake]
[HKCU\Software\GamesClient]
[HKCU\Software\GoldenGate]
[HKCU\Software\Google]
[HKCU\Software\HookNetwork]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\KasperskyLab]
[HKCU\Software\Lake]
[HKCU\Software\Licenses]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\MCAFEE]
[HKCU\Software\Macromedia]
[HKCU\Software\Mine]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\OB]
[HKCU\Software\ODBC]
[HKCU\Software\Opera Software]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Probit Software] =>PUP.ProbitSoftware
[HKCU\Software\Realtek]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\SP20]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\SearchProtectINTSM] =>PUP.SearchProtect
[HKCU\Software\ShieldPlus] =>Adware.ShieldPlus
[HKCU\Software\SkypeRS]
[HKCU\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\Software]
[HKCU\Software\TeleCharger]
[HKCU\Software\Trolltech]
[HKCU\Software\TuneUp]
[HKCU\Software\Unity]
[HKCU\Software\Waves Audio]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\avast]
[HKCU\Software\kde.org]
[HKCU\Software\skype]
[HKCU\Software\telecharger-gratuit]
[HKCU\Software\teras games]
[HKLM\Software\ASUS]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Agere]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\DTS]
[HKLM\Software\Dolby]
[HKLM\Software\ECAREME]
[HKLM\Software\EnigmaSoftwareGroup] =>PUP.EnigmaSoftware
[HKLM\Software\Google]
[HKLM\Software\IM Providers]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\Khronos]
[HKLM\Software\Knowles]
[HKLM\Software\LSI]
[HKLM\Software\Lavasoft]
[HKLM\Software\Macromedia]
[HKLM\Software\McAfee]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\SonicFocus]
[HKLM\Software\Synaptics]
[HKLM\Software\TuneUp]
[HKLM\Software\Waves Audio]
[HKLM\Software\Wow6432Node\ASIO]
[HKLM\Software\Wow6432Node\ASUS]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\Activeris] =>PUP.Activeris
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\AppDataLow]
[HKLM\Software\Wow6432Node\AsLdr]
[HKLM\Software\Wow6432Node\Atheros]
[HKLM\Software\Wow6432Node\Browser]
[HKLM\Software\Wow6432Node\Canon]
[HKLM\Software\Wow6432Node\Canon_Inc_IC]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\DVDVideoSoft]
[HKLM\Software\Wow6432Node\ECAREME]
[HKLM\Software\Wow6432Node\Freemake]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\IM Providers]
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\KasperskyLab]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Lake]
[HKLM\Software\Wow6432Node\Lavasoft]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\MaxPower]
[HKLM\Software\Wow6432Node\McAfee.com]
[HKLM\Software\Wow6432Node\McAfee]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Norton]
[HKLM\Software\Wow6432Node\Nuance]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\Opera Software]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Qualcomm Atheros]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Safer Networking Limited]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\Software]
[HKLM\Software\Wow6432Node\SuppHelpDir]
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\TuneUp]
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\anset]
[HKLM\Software\Wow6432Node\dotNetInstaller]
[HKLM\Software\Wow6432Node\mamverifier]
[HKLM\Software\Wow6432Node\mcafeeupdater]
[HKLM\Software\Wow6432Node]
[HKLM\Software\avast]
[HKLM\Software\mcafeeupdater]
~ Key Software: 276 Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 17/01/2014 - 21:24:53 - [] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 15/03/2014 - 11:55:31 - [] ----D C:\Program Files (x86)\Advanced Disk Recovery
O43 - CFD: 03/01/2014 - 20:52:29 - [] ----D C:\Program Files (x86)\ASUS
O43 - CFD: 15/01/2014 - 17:33:03 - [] ----D C:\Program Files (x86)\Canon
O43 - CFD: 18/03/2015 - 15:13:46 - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 03/01/2014 - 20:51:18 - [] ----D C:\Program Files (x86)\CyberLink
O43 - CFD: 16/03/2015 - 13:36:27 - [] ----D C:\Program Files (x86)\DVDVideoSoft
O43 - CFD: 29/03/2015 - 23:19:00 - [] ----D C:\Program Files (x86)\FastAgain PC Booster
O43 - CFD: 13/01/2015 - 14:00:00 - [] ----D C:\Program Files (x86)\Freemake
O43 - CFD: 04/01/2014 - 14:21:35 - [] ----D C:\Program Files (x86)\Google
O43 - CFD: 04/01/2015 - 12:49:11 - [] ----D C:\Program Files (x86)\Image Resizer
O43 - CFD: 07/04/2014 - 15:28:14 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 06/01/2014 - 15:37:48 - [] ----D C:\Program Files (x86)\Intel
O43 - CFD: 13/03/2015 - 22:27:16 - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 07/06/2014 - 22:19:16 - [] ----D C:\Program Files (x86)\Java
O43 - CFD: 28/03/2015 - 15:57:54 - [] ----D C:\Program Files (x86)\Malwarebytes Anti-Malware
O43 - CFD: 18/09/2014 - 10:59:35 - [] ----D C:\Program Files (x86)\McAfee Security Scan
O43 - CFD: 26/04/2013 - 01:13:52 - [] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 26/04/2013 - 01:16:41 - [] ----D C:\Program Files (x86)\Microsoft SkyDrive =>.Microsoft Corporation
O43 - CFD: 26/04/2013 - 01:17:30 - [] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 09/01/2014 - 20:33:19 - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 15/03/2014 - 11:35:20 - [] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 06/01/2014 - 15:19:19 - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 29/08/2014 - 18:09:08 - [] ----D C:\Program Files (x86)\Norton Security Scan
O43 - CFD: 29/08/2014 - 18:09:03 - [] ----D C:\Program Files (x86)\NortonInstaller
O43 - CFD: 27/12/2014 - 22:46:22 - [] ----D C:\Program Files (x86)\Opera
O43 - CFD: 07/04/2014 - 15:22:19 - [] ----D C:\Program Files (x86)\Qualcomm Atheros
O43 - CFD: 07/04/2014 - 15:28:44 - [] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 06/01/2014 - 15:19:19 - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 07/09/2014 - 03:47:25 - [] R---D C:\Program Files (x86)\Skype
O43 - CFD: 15/03/2014 - 13:34:05 - [] ----D C:\Program Files (x86)\Software
O43 - CFD: 31/03/2015 - 13:49:24 - [] ----D C:\Program Files (x86)\Spybot - Search & Destroy 2
O43 - CFD: 16/10/2013 - 20:40:45 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 21/05/2014 - 16:26:19 - [] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 26/04/2013 - 01:20:44 - [] ----D C:\Program Files (x86)\WildGames
O43 - CFD: 22/07/2014 - 03:46:39 - [] ----D C:\Program Files (x86)\WildTangent Games
O43 - CFD: 13/03/2015 - 22:31:54 - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 26/04/2013 - 01:17:29 - [] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 13/03/2015 - 22:27:17 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 13/03/2015 - 22:27:16 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 13/03/2015 - 22:27:16 - [] ----D C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 22/08/2013 - 17:36:30 - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 13/03/2015 - 22:27:15 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 13/03/2015 - 22:27:16 - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 06/01/2014 - 15:37:53 - [] -SH-D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 22/08/2013 - 17:36:30 - [] ----D C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 27/12/2014 - 21:40:43 - [] ----D C:\Program Files (x86)\YouTubeMusicDownloader
O43 - CFD: 31/03/2015 - 13:47:36 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 17/01/2014 - 21:25:15 - [] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 09/01/2014 - 20:33:23 - [] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 27/12/2014 - 19:14:29 - [] ----D C:\Program Files (x86)\Common Files\DVDVideoSoft
O43 - CFD: 16/10/2013 - 20:40:11 - [] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 06/01/2014 - 15:27:52 - [] ----D C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 12/02/2014 - 18:17:04 - [] ----D C:\Program Files (x86)\Common Files\mcafee
O43 - CFD: 09/01/2014 - 20:33:24 - [] ----D C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 16/10/2013 - 20:36:45 - [] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 03/01/2014 - 20:52:18 - [] ----D C:\Program Files (x86)\Common Files\SceneSwitch
O43 - CFD: 22/08/2013 - 17:36:33 - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 07/09/2014 - 03:47:25 - [] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 13/01/2015 - 17:34:10 - [] ----D C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 13/03/2015 - 22:27:13 - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 26/04/2013 - 01:16:31 - [] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 30/01/2014 - 22:48:08 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 22/08/2013 - 16:45:52 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 26/04/2013 - 01:16:21 - [] ----D C:\ProgramData\ASUS WebStorage
O43 - CFD: 26/04/2013 - 01:15:20 - [] ----D C:\ProgramData\ASUSLogos
O43 - CFD: 16/10/2013 - 20:52:23 - [] ----D C:\ProgramData\ASUSVibe
O43 - CFD: 10/05/2014 - 15:44:18 - [] ----D C:\ProgramData\AVAST Software
O43 - CFD: 02/04/2014 - 12:25:34 - [] ----D C:\ProgramData\AVG2014
O43 - CFD: 18/03/2015 - 17:18:58 - [] ----D C:\ProgramData\BdVhmPMe
O43 - CFD: 22/07/2014 - 03:47:21 - [] ----D C:\ProgramData\BlueStacks
O43 - CFD: 06/01/2014 - 15:53:42 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 15/01/2014 - 17:10:58 - [] --H-D C:\ProgramData\CanonBJ
O43 - CFD: 30/01/2014 - 11:57:14 - [] --H-D C:\ProgramData\CanonIJMIG
O43 - CFD: 17/01/2014 - 01:21:22 - [] --H-D C:\ProgramData\CanonIJMyPrinter
O43 - CFD: 02/02/2015 - 10:56:09 - [] ----D C:\ProgramData\CanonIJPLM
O43 - CFD: 15/01/2014 - 23:28:44 - [] --H-D C:\ProgramData\CanonIJQuickMenu
O43 - CFD: 15/01/2014 - 17:31:46 - [] ----D C:\ProgramData\CanonIJWSpt
O43 - CFD: 23/02/2014 - 22:32:23 - [] --H-D C:\ProgramData\Common Files
O43 - CFD: 15/01/2014 - 20:46:27 - [] ----D C:\ProgramData\CyberLink
O43 - CFD: 22/08/2013 - 16:45:52 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 22/08/2013 - 16:45:52 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 13/01/2015 - 14:01:06 - [] ----D C:\ProgramData\Freemake
O43 - CFD: 16/10/2013 - 20:37:08 - [] ----D C:\ProgramData\Intel
O43 - CFD: 10/05/2014 - 15:07:36 - [] ----D C:\ProgramData\Kaspersky Lab
O43 - CFD: 29/03/2015 - 00:01:52 - [] ----D C:\ProgramData\Lavasoft
O43 - CFD: 17/03/2015 - 14:41:47 - [] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 04/03/2014 - 16:47:40 - [] ----D C:\ProgramData\McAfee
O43 - CFD: 18/09/2014 - 10:59:47 - [] ----D C:\ProgramData\McAfee Security Scan
O43 - CFD: 06/01/2014 - 15:53:42 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 02/04/2014 - 12:25:34 - [] ----D C:\ProgramData\MFAData
O43 - CFD: 31/03/2015 - 13:47:51 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 26/04/2013 - 01:16:41 - [] ----D C:\ProgramData\Microsoft OneDrive
O43 - CFD: 06/01/2014 - 15:53:42 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 29/08/2014 - 18:09:08 - [] ----D C:\ProgramData\Norton
O43 - CFD: 29/08/2014 - 18:09:03 - [] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 19/10/2014 - 14:28:58 - [0] ----D C:\ProgramData\Oracle
O43 - CFD: 03/11/2014 - 11:06:57 - [] ----D C:\ProgramData\P4G
O43 - CFD: 06/01/2014 - 15:37:56 - [] ----D C:\ProgramData\PRICache
O43 - CFD: 16/10/2013 - 20:32:48 - [] ----D C:\ProgramData\Qualcomm Atheros
O43 - CFD: 18/03/2015 - 18:02:26 - [] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 13/10/2014 - 21:40:45 - [] ----D C:\ProgramData\Skype
O43 - CFD: 31/03/2015 - 13:47:52 - [] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 22/08/2013 - 16:45:52 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 26/05/2014 - 00:28:32 - [] ----D C:\ProgramData\Sun
O43 - CFD: 19/05/2014 - 18:51:01 - [] ---AD C:\ProgramData\Temp
O43 - CFD: 22/08/2013 - 16:45:52 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 27/12/2014 - 19:34:27 - [] ----D C:\ProgramData\TuneUp Software
O43 - CFD: 16/10/2013 - 20:58:50 - [] ----D C:\ProgramData\USBChargerPlus
O43 - CFD: 22/07/2014 - 03:46:37 - [] ----D C:\ProgramData\WildTangent
O43 - CFD: 27/12/2014 - 19:30:30 - [] -SH-D C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 13/03/2015 - 22:31:52 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 13/03/2015 - 22:31:56 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 13/03/2015 - 22:31:52 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 15/03/2014 - 11:55:31 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Disk Recovery
O43 - CFD: 06/01/2014 - 15:42:16 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
O43 - CFD: 06/01/2014 - 15:37:55 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUSDVD
O43 - CFD: 15/03/2015 - 23:11:43 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
O43 - CFD: 03/11/2014 - 11:06:56 - [] -S--D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! BackUp
O43 - CFD: 15/01/2014 - 17:23:01 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2400 series Manual
O43 - CFD: 15/01/2014 - 17:31:51 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
O43 - CFD: 29/03/2015 - 13:14:14 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 06/01/2014 - 15:37:55 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
O43 - CFD: 15/01/2014 - 17:33:05 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enregistrement utilisateur de Canon MG2400 series =>.Canon Inc
O43 - CFD: 29/03/2015 - 23:19:13 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastAgain PC Booster
O43 - CFD: 13/01/2015 - 14:00:05 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
O43 - CFD: 23/03/2015 - 01:25:24 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 21/11/2014 - 22:59:15 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 04/01/2015 - 12:49:12 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Resizer
O43 - CFD: 06/01/2014 - 15:42:16 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
O43 - CFD: 11/11/2014 - 19:23:04 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 29/03/2015 - 00:29:24 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
O43 - CFD: 22/08/2013 - 17:36:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 28/03/2015 - 15:57:54 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 18/09/2014 - 10:59:40 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
O43 - CFD: 24/04/2014 - 10:57:26 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
O43 - CFD: 29/08/2014 - 18:09:17 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
O43 - CFD: 13/10/2014 - 21:40:40 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 07/12/2014 - 14:32:53 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 13/03/2015 - 22:31:52 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 14/11/2013 - 09:16:50 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 11/01/2015 - 19:39:17 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 27/12/2014 - 21:40:42 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Youtube Music Downloader
O43 - CFD: 31/03/2015 - 13:47:36 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 01/03/2015 - 23:08:51 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zune
O43 - CFD: 31/03/2015 - 01:27:31 - [] ----D C:\Users\BastienetYanis\AppData\Roaming\Activeris =>PUP.Activeris
O43 - CFD: 30/01/2014 - 16:32:58 - [] ----D C:\Users\BastienetYanis\AppData\Roaming\Adobe
O43 - CFD: 03/01/2014 - 20:27:32 - [] ----D C:\Users\BastienetYanis\AppData\Roaming\ASUS WebStorage
O43 - CFD: 10/05/2014 - 15:51:18 - [] ----D C:\Users\BastienetYanis\AppData\Roaming\AVAST Software
O43 - CFD: 17/01/2014 - 21:22:41 - [] ----D C:\Users\BastienetYanis\AppData\R
~ Lancé par BastienetYanis (31/03/2015 15:41:21)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum https://nicolascoolman.eu
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17690
GCIE: Google Chrome v41.0.2272.101 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
~ Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : JHRD6
Windows License : OK
~ Windows Remaining Initializations Number : 999
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 8.1, 64-bit (Build 9600)
---\\ Logiciels de protection du système
Avast Free Antivirus v10.0.2208
Malwarebytes Anti-Malware version 2.1.4.1018
Ad-Aware Antivirus v11.6.306.7947
McAfee Security Scan Plus v3.0.285.6
Windows Defender W8 (Deactivate)
---\\ Logiciels d'optimisation du système
CCleaner v5.04
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 16 NPAPI
Adobe Reader XI
Java 7 Update 40 (64-bit)
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3981 MB (39% free)
System Restore: Activé (Enable)
System drive C: has 91 GB (49%) free of 186 GB
---\\ Mode de connexion au système
~ Computer Name: SANDRINA
~ User Name: BastienetYanis
~ All Users Names: HomeGroupUser$, BastienetYanis, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\BastienetYanis\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\BastienetYanis\AppData\Roaming\
~ %Desktop% : C:\Users\BastienetYanis\Desktop\
~ %Favorites% : C:\Users\BastienetYanis\Favorites\
~ %LocalAppData% : C:\Users\BastienetYanis\AppData\Local\
~ %StartMenu% : C:\Users\BastienetYanis\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 91 Go of 186 Go)
D: Hard drive, Flash drive, Thumb drive (Free 258 Go of 258 Go)
E: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 49 Scanned in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.C10A66189DC8C090E7C84873EDCEBC88] - (.Microsoft Corporation - Explorateur Windows.) (.28/01/2015 - 00:47:12.) -- C:\Windows\Explorer.exe [2501368]
[MD5.A570A64292214C43E0BA50E6A72A6380] - (.Microsoft Corporation - Application de démarrage de Windows.) (.29/10/2014 - 02:25:54.) -- C:\Windows\System32\Wininit.exe [145920]
[MD5.36F99BD8A0F09BDBB7850A138845A014] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.20/02/2015 - 02:28:25.) -- C:\Windows\System32\wininet.dll [2358784]
[MD5.EC498BAE1F0D3E0E401C963F8D76C437] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.29/10/2014 - 02:22:52.) -- C:\Windows\System32\Winlogon.exe [572416]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/12/2013 - 09:54:07.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.374E27295F0A9DCAA8FC96370F9BEEA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.30/05/2014 - 04:03:03.) -- C:\Windows\system32\Drivers\AFD.sys [563200]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 13:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 12:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 09:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.06/03/2014 - 10:22:50.) -- C:\Windows\system32\Drivers\DfsC.sys [134144]
[MD5.D4B7ED39C7900384D9E5C1283F1E7926] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.24/07/2014 - 12:45:39.) -- C:\Windows\system32\Drivers\HDAudBus.sys [76800]
[MD5.D887446F3F6051C60C26F4FD1FC8D43F] - (.Microsoft Corporation - Pilote de port i8042.) (.07/10/2014 - 04:29:50.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.27/11/2013 - 13:02:29.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.31233271EDE50D1BBB220F78AFA60486] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.08/10/2014 - 08:32:10.) -- C:\Windows\system32\Drivers\MRxSmb.sys [405504]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 12:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.7F68063A5A0461E02BC860CE0E6BFDDC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.15/10/2014 - 09:32:37.) -- C:\Windows\system32\Drivers\ntfs.sys [2025792]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Pilote de port parallèle.) (.22/08/2013 - 12:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 12:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.14/11/2013 - 08:16:40.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 14:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.64CA2B4A49A8EAF495E435623ECCE7DB] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.19/06/2014 - 03:13:36.) -- C:\Windows\system32\Drivers\volsnap.sys [310080]
~ Generic Processes: Scanned in 00mn 01s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 10/1860
~ Mes musiques (My Musics) : 27/220
~ Mes Videos (My Videos) : 1/21
~ Mes Favoris (My Favorites) : 1/11
~ Mes Documents (My Documents) : 2/341
~ Mon Bureau (My Desktop) : 2/309
~ Menu demarrer (Programs) : 1/27
~ Hidden Files: Scanned in 00mn 11s
---\\ Processus lancés
[MD5.D0A518D233620D59A3D2D79511FBB736] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [6212408] [PID.3108]
[MD5.F217EF2EA31D8F73504B1CD2F9787D9D] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [809288] [PID.5204]
[MD5.96B182BCB95057D4C7B8E25811BF6D2A] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192] [PID.5896]
[MD5.B7995C675014EEBE77A0BEB7AFCCFC08] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432] [PID.2360]
[MD5.DB0C938BC311B31CF90C13821AE682B3] - (.ASUSTeK Computer Inc. - ASUS Live Update.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [1559936] [PID.6936]
[MD5.70BC8374217BFC5C24D4504C2459FEB6] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [111120] [PID.2964]
[MD5.695BE0A3D240FFF4B876D9289110634A] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe [5227648] [PID.6840]
[MD5.C570FD825751F7805CE226F68C4605DE] - (.ASUS - ACMON.) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [54488] [PID.3604]
[MD5.B07086D59443DAC6A668D691B27B968C] - (.ASUSTeK Computer Inc. - ASUS Color Engine.) -- C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [176240] [PID.3640]
[MD5.97432AB9F1B3B3E63E778C1E69E71E91] - (.ASUSTek Computer Inc. - ASUS USB Charger Plus.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [1124032] [PID.2860]
[MD5.F7AB23B768E0470EAA01353F7CCCDB4B] - (.ASUSTeK Computer Inc. - ASUS Quick Gesture Exe.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe [20280] [PID.7640]
[MD5.2D32F0EF950AED6AD007D042676FD39E] - (.ASUSTek Computer Inc. - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [328064] [PID.7184]
[MD5.0B50F07E63EE15383CDFDC26D7A3D3E3] - (.ASUSTek Computer Inc. - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [205184] [PID.7188]
[MD5.1FF6EB4030CC1C5B49F333D4B45E5FCC] - (.Microsoft Corporation - Microsoft Office Document Cache Sync Client.) -- C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.exe [84200] [PID.5656]
[MD5.06CC578BC150D9AAAE20672130A36CB9] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8190976] [PID.5292]
~ Processes Running: Scanned in 00mn 03s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Preferences
---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 0 Scanned in 00mn 07s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M2 - MFEP: RegExtension {0011ebb6-4390-4e21-a2e3-8dd2a85e92d2} . (...) -- C:\Program Files (x86)\DealsCompare\150.xpi (.not file.) =>PUP.DealsCompare
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.67.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\WINDOWS\system32\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.67.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.67.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (...) -- C:\Users\BastienetYanis\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (.not file.)
P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS - Unity Player 4.5.3f3.) -- C:\Users\BastienetYanis\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
~ Firefox Browser: 6 Scanned in 00mn 01s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.9600.17496 (winblue_r5.141121-1500)) -- C:\Windows\SysWOW64\ieframe.dll
~ IE Browser: 15 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
O1 - Hosts: 54.225.95.126 dmcecclamecbinmplcolhaljlclhbgah
~ Nombre lignes détournées 1/23 (Hosts file redirected)
~ Hosts File: Scanned in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Canon Easy-WebPrint EX BHO [64Bits] - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} . (.CANON INC. - Easy-WebPrint EX.) -- C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Safe Money Plugin [64Bits] - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (.not file.)
O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} Clé orpheline
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Clé orpheline
O2 - BHO: (no name) [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} Clé orpheline
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} Clé orpheline
~ BHO: 10 Scanned in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
O3 - Toolbar: Canon Easy-WebPrint EX - [HKLM]{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} . (.CANON INC. - Easy-WebPrint EX.) -- C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\QuickLaunch [BastienetYanis]: Launch Internet Explorer Browser.lnk . (...) -- C:\Program Files (x86)\speed browser\Application\chrome.exe (.not file.) =>PUP.SpeedBrowser
O4 - GS\Program [BastienetYanis]: Aide.lnk . (...) -- C:\Program Files (x86)\Probit Software\Easy Speed PC\EasySpeedPC.chm (.not file.) =>PUP.ProbitSoftware
O4 - GS\Program [BastienetYanis]: Search.lnk . (...) -- C:\Program Files (x86)\speed browser\Application\chrome.exe (.not file.) =>PUP.SpeedBrowser
O4 - GS\Program [BastienetYanis]: Uninstall.lnk . (...) -- C:\Program Files (x86)\Probit Software\Easy Speed PC\uninstall.exe (.not file.) =>PUP.ProbitSoftware
O4 - GS\Desktop [BastienetYanis]: SpyHunter.lnk . (...) -- C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe (.not file.) =>PUP.EnigmaSoftware
~ Global Startup: 5 Scanned in 00mn 07s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [V-bates] C:\Program Files\V-bates\notifier64.exe (.not file.) =>Adware.Incredibar
O4 - HKLM\..\Run: [Zune Launcher] . (.Microsoft Corporation - Zune Auto-Launcher.) -- C:\Program Files\Zune\ZuneLauncher.exe
O4 - HKLM\..\Run: [AdAwareTray] . (...) -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe
O4 - HKCU\..\Run: [Power2GoExpress] . (.CyberLink Corp. - Power2Go Desktop Burning Gadget.) -- C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\BastienetYanis\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_9F74275482CCA6BB132B2854FD98E9A5] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKCU\..\Run: [Allmyapps] C:\Users\BastienetYanis\AppData\Roaming\Allmyapps\Allmyapps.exe (.not file.)
O4 - HKCU\..\Run: [Allmyapps Update] C:\Users\BastienetYanis\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe (.not file.)
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
O4 - HKLM\..\Wow6432Node\Run: [CLMLServer] . (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
O4 - HKLM\..\Wow6432Node\Run: [CanonQuickMenu] . (.CANON INC. - Canon Quick Menu.) -- C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.exe
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKUS\S-1-5-21-3911577134-1621002325-3162563356-1001\..\Run: [Power2GoExpress] . (.CyberLink Corp. - Power2Go Desktop Burning Gadget.) -- C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe
O4 - HKUS\S-1-5-21-3911577134-1621002325-3162563356-1001\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\BastienetYanis\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-3911577134-1621002325-3162563356-1001\..\Run: [GoogleChromeAutoLaunch_9F74275482CCA6BB132B2854FD98E9A5] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKUS\S-1-5-21-3911577134-1621002325-3162563356-1001\..\Run: [Allmyapps] C:\Users\BastienetYanis\AppData\Roaming\Allmyapps\Allmyapps.exe (.not file.)
O4 - HKUS\S-1-5-21-3911577134-1621002325-3162563356-1001\..\Run: [Allmyapps Update] C:\Users\BastienetYanis\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe (.not file.)
O4 - HKUS\S-1-5-21-3911577134-1621002325-3162563356-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-3911577134-1621002325-3162563356-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
~ Application: Scanned in 00mn 00s
---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\lync.exe (.not file.)
O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\WINDOWS\system32\napinsp.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\WINDOWS\system32\NLAapi.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
~ Winsock: 6 Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{5F1D33C0-D5C1-4D82-8C19-C19C96494532}: DhcpNameServer = 109.0.66.10 109.0.66.20
O17 - HKLM\System\CCS\Services\Tcpip\..\{DD1A6843-CB00-4DCC-9A44-20F649F6D9CE}: DhcpNameServer = 77.234.40.79
O17 - HKLM\System\CS1\Services\Tcpip\..\{5F1D33C0-D5C1-4D82-8C19-C19C96494532}: DhcpNameServer = 109.0.66.10 109.0.66.20
O17 - HKLM\System\CS1\Services\Tcpip\..\{DD1A6843-CB00-4DCC-9A44-20F649F6D9CE}: DhcpNameServer = 77.234.40.79
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 109.0.66.10 109.0.66.20
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AFBAgent (AFBAgent) . (.ASUSTeK Computer Inc. - ASUS FastBoot.) - C:\Windows\system32\FBAgent.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Service de sauvegarde avast! BackUp (avastBackUpbackup) . (.avast! - Programme d'amorçage du service avast! Back.) - C:\Program Files\AVAST Software\BackUp\avastBackUpbackup.exe
O23 - Service: Freemake Improver (Freemake Improver) . (.Freemake - FreemakeUtilsService.) - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: GamesAppIntegrationService (GamesAppIntegrationService) . (.WildTangent - WildTangent Games App Integration Service.) - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: Ad-Aware Service 11 (LavasoftAdAwareService11) . (...) - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: SpyHunter 4 Service (SpyHunter 4 Service) . (.Enigma Software Group USA, LLC. - Service scanner interface.) - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe =>PUP.EnigmaSoftware
~ Services: 12 Scanned in 00mn 45s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sdnclean64.exe) - File not found
~ BEX: 2 Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
[MD5.3E04F1E482357B1FC8B088197C3D9FF8] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152]
[MD5.080255CDCB878813B481B8C348D47D8E] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [267440]
[MD5.C6D3BB61E24F66EB976C6CC55346B5F2] [APT] [ASUS InstantOn Config] (.ASUS.) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [1196416]
[MD5.DB0C938BC311B31CF90C13821AE682B3] [APT] [ASUS Live Update] (.ASUSTeK Computer Inc..) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [1559936]
[MD5.0BC5A4142F38A6BB35DECD01A2BC2ED7] [APT] [ASUS P4G] (.ASUS.) -- C:\Program Files\ASUS\P4G\BatteryLife.exe [1018240]
[MD5.6B0C1049D98223D31165198D2DD3E062] [APT] [ASUS Smart Gesture Launcher] (.AsusTek.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18232]
[MD5.C570FD825751F7805CE226F68C4605DE] [APT] [ASUS Splendid ACMON] (.ASUS.) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [54488]
[MD5.B07086D59443DAC6A668D691B27B968C] [APT] [ASUS Splendid ColorU] (.ASUSTeK Computer Inc..) -- C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [176240]
[MD5.97432AB9F1B3B3E63E778C1E69E71E91] [APT] [ASUS USB Charger Plus] (.ASUSTek Computer Inc..) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [1124032]
[MD5.7529BF17445E16315A95B450CE985C11] [APT] [AsusVibeSchedule] (...) -- C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [1957040]
[MD5.4BB7714617D50D77FCDA6B0182FD8A9A] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [857888]
[MD5.F217EF2EA31D8F73504B1CD2F9787D9D] [APT] [avastBCLRestartS-1-5-21-3911577134-1621002325-3162563356-1001] (.Google Inc..) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [809288]
[MD5.A75228DE9117A017BC7A3B44953B2648] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [5529880]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-3911577134-1621002325-3162563356-1001Core] (.Facebook Inc..) -- C:\Users\BastienetYanis\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-3911577134-1621002325-3162563356-1001UA] (.Facebook Inc..) -- C:\Users\BastienetYanis\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.6ACCFC315FF55C983934811451DDEE66] [APT] [FastAgain PC Booster] (.Activeris.) -- C:\Program Files (x86)\FastAgain PC Booster\PCBooster.exe [8034816] =>PUP.Activeris
[MD5.6ACCFC315FF55C983934811451DDEE66] [APT] [FastAgain PC Booster_DEFAULT] (.Activeris.) -- C:\Program Files (x86)\FastAgain PC Booster\PCBooster.exe [8034816] =>PUP.Activeris
[MD5.6ACCFC315FF55C983934811451DDEE66] [APT] [FastAgain PC Booster_UPDATES] (.Activeris.) -- C:\Program Files (x86)\FastAgain PC Booster\PCBooster.exe [8034816] =>PUP.Activeris
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.F9D8F716896508EB088535DD4B4C296C] [APT] [Norton Security Scan for BastienetYanis] (.Symantec Corporation.) -- C:\Program Files (x86)\NORTON~2\Engine\410~1.28\Nss.exe [1419104]
[MD5.00000000000000000000000000000000] [APT] [ParetoLogic Update Version3 Startup Task] (...) -- C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe (.not file.) [0] =>PUP.Paretologic
[MD5.F845E730A534BA17372368372DF01579] [APT] [SpyHunter4Startup] (.Enigma Software Group USA, LLC..) -- C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [8260480] =>PUP.EnigmaSoftware
[MD5.00000000000000000000000000000000] [APT] [UpdateVO] (...) -- C:\Users\BastienetYanis\AppData\Roaming\VOPackage\VOPackage.exe (.not file.) [0] =>Adware.Downware
[MD5.00000000000000000000000000000000] [APT] [{148A78C4-6AB6-4F04-B670-9373698B5E22}] (...) -- C:\Users\BastienetYanis\AppData\Roaming\Nosibay\Bubble Dock\Uninstall Bubble Dock.exe (.not file.) [0] =>PUP.BubbleDock
[MD5.00000000000000000000000000000000] [APT] [{9B02FA26-A9DC-49AB-B067-F42CB88B2701}] (...) -- c:\program files (x86)\speed browser\application\chrome.exe (.not file.) [0] =>PUP.SpeedBrowser
[MD5.00000000000000000000000000000000] [APT] [{9B1EACFF-21DD-4567-A7E4-7A77E88D07A8}] (...) -- c:\program files (x86)\speed browser\application\chrome.exe (.not file.) [0] =>PUP.SpeedBrowser
[MD5.F217EF2EA31D8F73504B1CD2F9787D9D] [APT] [{AEAA0A87-9BAB-4EE4-A6FC-B00CFB7F5D9A}] (.Google Inc..) -- c:\program files (x86)\google\chrome\application\chrome.exe [809288]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: - (..) -- C:\Windows\Tasks\AllmyappsUpdateTask.job [432]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-3911577134-1621002325-3162563356-1001Core - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3911577134-1621002325-3162563356-1001Core.job [960]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-3911577134-1621002325-3162563356-1001Core - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3911577134-1621002325-3162563356-1001Core [960]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-3911577134-1621002325-3162563356-1001UA - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3911577134-1621002325-3162563356-1001UA.job [982]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-3911577134-1621002325-3162563356-1001UA - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3911577134-1621002325-3162563356-1001UA [982]
O39 - APT: FastAgain PC Booster_DEFAULT - (.Activeris.) -- C:\Windows\Tasks\FastAgain PC Booster_DEFAULT.job [324] =>PUP.Activeris
O39 - APT: FastAgain PC Booster_DEFAULT - (.Activeris.) -- C:\Windows\System32\Tasks\FastAgain PC Booster_DEFAULT [324] =>PUP.Activeris
O39 - APT: FastAgain PC Booster_UPDATES - (.Activeris.) -- C:\Windows\Tasks\FastAgain PC Booster_UPDATES.job [332] =>PUP.Activeris
O39 - APT: FastAgain PC Booster_UPDATES - (.Activeris.) -- C:\Windows\System32\Tasks\FastAgain PC Booster_UPDATES [332] =>PUP.Activeris
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1090]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1090]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1094]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1094]
O39 - APT: Norton Security Scan for BastienetYanis - (.Symantec Corporation.) -- C:\Windows\Tasks\Norton Security Scan for BastienetYanis.job [488]
O39 - APT: Norton Security Scan for BastienetYanis - (.Symantec Corporation.) -- C:\Windows\System32\Tasks\Norton Security Scan for BastienetYanis [488]
O39 - APT: - (..) -- C:\Windows\Tasks\OWST.job [1380]
O39 - APT: ParetoLogic Update Version3 Startup Task - (...) -- C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job [530] =>PUP.Paretologic
O39 - APT: ParetoLogic Update Version3 Startup Task - (...) -- C:\Windows\System32\Tasks\ParetoLogic Update Version3 Startup Task [530] =>PUP.Paretologic
O39 - APT: - (..) -- C:\Windows\Tasks\RJIIB.job [1382]
~ Scheduled Task: 44 Scanned in 00mn 25s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll
~ Active Setup: 9 Scanned in 00mn 00s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: C:\Windows\System32\drivers\ahcache.sys (ahcache) . (.Microsoft Corporation - Application Compatibility Cache.) - C:\Windows\System32\DRIVERS\ahcache.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\drivers\aswRdr2.sys
O41 - Driver: (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\Windows\system32\drivers\aswSnx.sys
O41 - Driver: (aswSP) . (.AVAST Software - avast! self protection module.) - C:\Windows\system32\drivers\aswSP.sys
O41 - Driver: (ATKWMIACPIIO) . (.ASUS - ATK WMIACPI Utility.) - C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
O41 - Driver: (avastBackUpFilter) . (.Mozy, Inc. - Mozy Change Monitor Filter Driver.) - C:\Windows\System32\DRIVERS\avastBackUp.sys
O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys
O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys
O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (eeCtrl) . (.Symantec Corporation - Symantec Eraser Control Driver.) - C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
O41 - Driver: (mbamchameleon) . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) - C:\WINDOWS\system32\drivers\mbamchameleon.sys
O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
~ Drivers: 46 Scanned in 00mn 01s
---\\ Logiciels installés (O42)
O42 - Logiciel: Ad-Aware Antivirus - (.Lavasoft.) [HKLM][64Bits] -- {FF054A8C-C0A4-4C78-8910-E2A459BEFF05}_AdAwareUpdater
O42 - Logiciel: AdAwareInstaller - (.Lavasoft.) [HKLM][64Bits] -- {2676D270-8FE3-4C9F-ADDB-6A8D22FE5C4C}
O42 - Logiciel: AdAwareUpdater - (.Lavasoft.) [HKLM][64Bits] -- {FF054A8C-C0A4-4C78-8910-E2A459BEFF05}
O42 - Logiciel: Adobe Flash Player 16 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI
O42 - Logiciel: Adobe Reader XI (11.0.10) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001802114130}
O42 - Logiciel: Allmyapps - (.Allmyapps.) [HKCU][64Bits] -- Allmyapps
O42 - Logiciel: AntimalwareEngine - (.Lavasoft.) [HKLM][64Bits] -- {6E5FAEC8-C3C1-44E8-B8DE-CE3F9568BF85}
O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM][64Bits] -- Avast
O42 - Logiciel: Avast Packages - (...) [HKCU][64Bits] -- Avast Packages =>Adware.InstallCore
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: Freemake Video Converter version 4.1.5 - (.Ellora Assets Corporation.) [HKLM][64Bits] -- Freemake Video Converter_is1
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Image Resizer - (.Tweaks.) [HKLM][64Bits] -- Tweaks Image Resizer
O42 - Logiciel: Image Resizer Packages - (...) [HKCU][64Bits] -- Image Resizer Packages =>Adware.InstallCore
O42 - Logiciel: Java 7 Update 40 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86417040F0}
O42 - Logiciel: Java 7 Update 67 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F06417067FF}
O42 - Logiciel: Java technology allows you to work and play in a secure computing environme - (...) [HKCU][64Bits] -- Java technology allows you to work and play in a secure computing environment. Packages
O42 - Logiciel: Lollipop - (.Lollipop Network, S.L..) [HKCU][64Bits] -- lollipop_01070657 =>Adware.Lollipop
O42 - Logiciel: Malwarebytes Anti-Malware version 2.1.4.1018 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM][64Bits] -- McAfee Security Scan
O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- OneDriveSetup.exe
O42 - Logiciel: Office 15 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-0000-0000-0000000FF1CE}
O42 - Logiciel: Office 15 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008F-0000-1000-0000000FF1CE}
O42 - Logiciel: Office 15 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-040C-0000-0000000FF1CE}
O42 - Logiciel: Snap.Do Engine - (.ReSoft Ltd..) [HKCU][64Bits] -- {b9b81f85-446e-4d45-aff5-d95c2be8fbf2} =>Hijacker.SmartBar
O42 - Logiciel: SpyHunter 4 - (.Enigma Software Group, LLC.) [HKLM][64Bits] -- SpyHunter =>PUP.EnigmaSoftware
O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU][64Bits] -- UnityWebPlayer
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: Visual Studio 2012 x64 Redistributables - (.AVG Technologies.) [HKLM][64Bits] -- {8C775E70-A791-4DA8-BCC3-6AB7136F4484}
O42 - Logiciel: Visual Studio 2012 x86 Redistributables - (.AVG Technologies CZ, s.r.o..) [HKLM][64Bits] -- {98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}
O42 - Logiciel: Windows Driver Package - ASUS (ATP) Mouse (05/09/2013 1.0.0.173) - (.ASUS.) [HKLM][64Bits] -- 1016059FBF327ED9E3BAE758BD08CF10D3C6252D
O42 - Logiciel: Windows Mobile Device Updater Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {F2CB8C3C-9C9E-4FAB-9067-655601C5F748}
O42 - Logiciel: Youtube Music Downloader V7.3.4 - (.Youtube Music Downloader.) [HKLM][64Bits] -- Youtube Music Downloader_is1
O42 - Logiciel: Zune - (.Microsoft Corporation.) [HKLM][64Bits] -- Zune
O42 - Logiciel: Zune - (.Microsoft Corporation.) [HKLM][64Bits] -- {9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}
O42 - Logiciel: Zune Language Pack (CHS) - (.Microsoft Corporation.) [HKLM][64Bits] -- {2A9DFFD8-4E09-4B91-B957-454805B0D7C4}
O42 - Logiciel: Zune Language Pack (CHT) - (.Microsoft Corporation.) [HKLM][64Bits] -- {A5A53EA8-A11E-49F0-BDF5-AE536426A31A}
O42 - Logiciel: Zune Language Pack (CSY) - (.Microsoft Corporation.) [HKLM][64Bits] -- {A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}
O42 - Logiciel: Zune Language Pack (DAN) - (.Microsoft Corporation.) [HKLM][64Bits] -- {8B112338-2B08-4851-AF84-E7CAD74CEB32}
O42 - Logiciel: Zune Language Pack (DEU) - (.Microsoft Corporation.) [HKLM][64Bits] -- {BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}
O42 - Logiciel: Zune Language Pack (ELL) - (.Microsoft Corporation.) [HKLM][64Bits] -- {3589A659-F732-4E65-A89A-5438C332E59D}
O42 - Logiciel: Zune Language Pack (ESP) - (.Microsoft Corporation.) [HKLM][64Bits] -- {6B33492E-FBBC-4EC3-8738-09E16E395A10}
O42 - Logiciel: Zune Language Pack (FIN) - (.Microsoft Corporation.) [HKLM][64Bits] -- {B4870774-5F3A-46D9-9DFE-06FB5599E26B}
O42 - Logiciel: Zune Language Pack (FRA) - (.Microsoft Corporation.) [HKLM][64Bits] -- {C68D33B1-0204-4EBE-BC45-A6E432B1D13A}
O42 - Logiciel: Zune Language Pack (HUN) - (.Microsoft Corporation.) [HKLM][64Bits] -- {C6BE19C6-B102-4038-B2A6-1C313872DBB4}
O42 - Logiciel: Zune Language Pack (IND) - (.Microsoft Corporation.) [HKLM][64Bits] -- {92ECE3F9-591E-4C12-8A62-B9FCE38BF646}
O42 - Logiciel: Zune Language Pack (ITA) - (.Microsoft Corporation.) [HKLM][64Bits] -- {C5D37FFA-7483-410B-982B-91E93FD3B7DA}
O42 - Logiciel: Zune Language Pack (JPN) - (.Microsoft Corporation.) [HKLM][64Bits] -- {D8A781C9-3892-4E2E-9320-480CF896CFBB}
O42 - Logiciel: Zune Language Pack (KOR) - (.Microsoft Corporation.) [HKLM][64Bits] -- {51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}
O42 - Logiciel: Zune Language Pack (MSL) - (.Microsoft Corporation.) [HKLM][64Bits] -- {76BA306B-2AA0-47C0-AB6B-F313AB56C136}
O42 - Logiciel: Zune Language Pack (NLD) - (.Microsoft Corporation.) [HKLM][64Bits] -- {6740BCB0-5863-47F4-80F4-44F394DE4FE2}
O42 - Logiciel: Zune Language Pack (NOR) - (.Microsoft Corporation.) [HKLM][64Bits] -- {5DEFD397-4012-46C3-B6DA-E8013E660772}
O42 - Logiciel: Zune Language Pack (PLK) - (.Microsoft Corporation.) [HKLM][64Bits] -- {8960A0A1-BB5A-479E-92CF-65AB9D684B43}
O42 - Logiciel: Zune Language Pack (PTB) - (.Microsoft Corporation.) [HKLM][64Bits] -- {07EEE598-5F21-4B57-B40B-46592625B3D9}
O42 - Logiciel: Zune Language Pack (PTG) - (.Microsoft Corporation.) [HKLM][64Bits] -- {5C93E291-A1CC-4E51-85C6-E194209FCDB4}
O42 - Logiciel: Zune Language Pack (RUS) - (.Microsoft Corporation.) [HKLM][64Bits] -- {57C51D56-B287-4C11-9192-EC3C46EF76A4}
O42 - Logiciel: Zune Language Pack (SVE) - (.Microsoft Corporation.) [HKLM][64Bits] -- {6EB931CD-A7DA-4A44-B74A-89C8EB50086F}
~ Logic: 51 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ASKDefaultSearch]
[HKCU\Software\ASKHomePage]
[HKCU\Software\ASUS]
[HKCU\Software\AVAST Software]
[HKCU\Software\Activeris] =>PUP.Activeris
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Apps Hat] =>PUP.CrossRider
[HKCU\Software\AppDataLow\Software\Canon]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\Unity]
[HKCU\Software\AppDataLow\Software\adawarebp]
[HKCU\Software\AppDataLow]
[HKCU\Software\Browser]
[HKCU\Software\Canon]
[HKCU\Software\Chromium]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\ClkApp]
[HKCU\Software\CoinisRevShare]
[HKCU\Software\CyberLink]
[HKCU\Software\ECAREME]
[HKCU\Software\Facebook]
[HKCU\Software\Freemake]
[HKCU\Software\GamesClient]
[HKCU\Software\GoldenGate]
[HKCU\Software\Google]
[HKCU\Software\HookNetwork]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\KasperskyLab]
[HKCU\Software\Lake]
[HKCU\Software\Licenses]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\MCAFEE]
[HKCU\Software\Macromedia]
[HKCU\Software\Mine]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\OB]
[HKCU\Software\ODBC]
[HKCU\Software\Opera Software]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Probit Software] =>PUP.ProbitSoftware
[HKCU\Software\Realtek]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\SP20]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\SearchProtectINTSM] =>PUP.SearchProtect
[HKCU\Software\ShieldPlus] =>Adware.ShieldPlus
[HKCU\Software\SkypeRS]
[HKCU\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\Software]
[HKCU\Software\TeleCharger]
[HKCU\Software\Trolltech]
[HKCU\Software\TuneUp]
[HKCU\Software\Unity]
[HKCU\Software\Waves Audio]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\avast]
[HKCU\Software\kde.org]
[HKCU\Software\skype]
[HKCU\Software\telecharger-gratuit]
[HKCU\Software\teras games]
[HKLM\Software\ASUS]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Agere]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\DTS]
[HKLM\Software\Dolby]
[HKLM\Software\ECAREME]
[HKLM\Software\EnigmaSoftwareGroup] =>PUP.EnigmaSoftware
[HKLM\Software\Google]
[HKLM\Software\IM Providers]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\Khronos]
[HKLM\Software\Knowles]
[HKLM\Software\LSI]
[HKLM\Software\Lavasoft]
[HKLM\Software\Macromedia]
[HKLM\Software\McAfee]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\SonicFocus]
[HKLM\Software\Synaptics]
[HKLM\Software\TuneUp]
[HKLM\Software\Waves Audio]
[HKLM\Software\Wow6432Node\ASIO]
[HKLM\Software\Wow6432Node\ASUS]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\Activeris] =>PUP.Activeris
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\AppDataLow]
[HKLM\Software\Wow6432Node\AsLdr]
[HKLM\Software\Wow6432Node\Atheros]
[HKLM\Software\Wow6432Node\Browser]
[HKLM\Software\Wow6432Node\Canon]
[HKLM\Software\Wow6432Node\Canon_Inc_IC]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\DVDVideoSoft]
[HKLM\Software\Wow6432Node\ECAREME]
[HKLM\Software\Wow6432Node\Freemake]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\IM Providers]
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\KasperskyLab]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Lake]
[HKLM\Software\Wow6432Node\Lavasoft]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\MaxPower]
[HKLM\Software\Wow6432Node\McAfee.com]
[HKLM\Software\Wow6432Node\McAfee]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Norton]
[HKLM\Software\Wow6432Node\Nuance]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\Opera Software]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Qualcomm Atheros]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Safer Networking Limited]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\Software]
[HKLM\Software\Wow6432Node\SuppHelpDir]
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\TuneUp]
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\anset]
[HKLM\Software\Wow6432Node\dotNetInstaller]
[HKLM\Software\Wow6432Node\mamverifier]
[HKLM\Software\Wow6432Node\mcafeeupdater]
[HKLM\Software\Wow6432Node]
[HKLM\Software\avast]
[HKLM\Software\mcafeeupdater]
~ Key Software: 276 Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 17/01/2014 - 21:24:53 - [] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 15/03/2014 - 11:55:31 - [] ----D C:\Program Files (x86)\Advanced Disk Recovery
O43 - CFD: 03/01/2014 - 20:52:29 - [] ----D C:\Program Files (x86)\ASUS
O43 - CFD: 15/01/2014 - 17:33:03 - [] ----D C:\Program Files (x86)\Canon
O43 - CFD: 18/03/2015 - 15:13:46 - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 03/01/2014 - 20:51:18 - [] ----D C:\Program Files (x86)\CyberLink
O43 - CFD: 16/03/2015 - 13:36:27 - [] ----D C:\Program Files (x86)\DVDVideoSoft
O43 - CFD: 29/03/2015 - 23:19:00 - [] ----D C:\Program Files (x86)\FastAgain PC Booster
O43 - CFD: 13/01/2015 - 14:00:00 - [] ----D C:\Program Files (x86)\Freemake
O43 - CFD: 04/01/2014 - 14:21:35 - [] ----D C:\Program Files (x86)\Google
O43 - CFD: 04/01/2015 - 12:49:11 - [] ----D C:\Program Files (x86)\Image Resizer
O43 - CFD: 07/04/2014 - 15:28:14 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 06/01/2014 - 15:37:48 - [] ----D C:\Program Files (x86)\Intel
O43 - CFD: 13/03/2015 - 22:27:16 - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 07/06/2014 - 22:19:16 - [] ----D C:\Program Files (x86)\Java
O43 - CFD: 28/03/2015 - 15:57:54 - [] ----D C:\Program Files (x86)\Malwarebytes Anti-Malware
O43 - CFD: 18/09/2014 - 10:59:35 - [] ----D C:\Program Files (x86)\McAfee Security Scan
O43 - CFD: 26/04/2013 - 01:13:52 - [] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 26/04/2013 - 01:16:41 - [] ----D C:\Program Files (x86)\Microsoft SkyDrive =>.Microsoft Corporation
O43 - CFD: 26/04/2013 - 01:17:30 - [] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 09/01/2014 - 20:33:19 - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 15/03/2014 - 11:35:20 - [] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 06/01/2014 - 15:19:19 - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 29/08/2014 - 18:09:08 - [] ----D C:\Program Files (x86)\Norton Security Scan
O43 - CFD: 29/08/2014 - 18:09:03 - [] ----D C:\Program Files (x86)\NortonInstaller
O43 - CFD: 27/12/2014 - 22:46:22 - [] ----D C:\Program Files (x86)\Opera
O43 - CFD: 07/04/2014 - 15:22:19 - [] ----D C:\Program Files (x86)\Qualcomm Atheros
O43 - CFD: 07/04/2014 - 15:28:44 - [] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 06/01/2014 - 15:19:19 - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 07/09/2014 - 03:47:25 - [] R---D C:\Program Files (x86)\Skype
O43 - CFD: 15/03/2014 - 13:34:05 - [] ----D C:\Program Files (x86)\Software
O43 - CFD: 31/03/2015 - 13:49:24 - [] ----D C:\Program Files (x86)\Spybot - Search & Destroy 2
O43 - CFD: 16/10/2013 - 20:40:45 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 21/05/2014 - 16:26:19 - [] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 26/04/2013 - 01:20:44 - [] ----D C:\Program Files (x86)\WildGames
O43 - CFD: 22/07/2014 - 03:46:39 - [] ----D C:\Program Files (x86)\WildTangent Games
O43 - CFD: 13/03/2015 - 22:31:54 - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 26/04/2013 - 01:17:29 - [] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 13/03/2015 - 22:27:17 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 13/03/2015 - 22:27:16 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 13/03/2015 - 22:27:16 - [] ----D C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 22/08/2013 - 17:36:30 - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 13/03/2015 - 22:27:15 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 13/03/2015 - 22:27:16 - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 06/01/2014 - 15:37:53 - [] -SH-D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 22/08/2013 - 17:36:30 - [] ----D C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 27/12/2014 - 21:40:43 - [] ----D C:\Program Files (x86)\YouTubeMusicDownloader
O43 - CFD: 31/03/2015 - 13:47:36 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 17/01/2014 - 21:25:15 - [] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 09/01/2014 - 20:33:23 - [] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 27/12/2014 - 19:14:29 - [] ----D C:\Program Files (x86)\Common Files\DVDVideoSoft
O43 - CFD: 16/10/2013 - 20:40:11 - [] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 06/01/2014 - 15:27:52 - [] ----D C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 12/02/2014 - 18:17:04 - [] ----D C:\Program Files (x86)\Common Files\mcafee
O43 - CFD: 09/01/2014 - 20:33:24 - [] ----D C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 16/10/2013 - 20:36:45 - [] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 03/01/2014 - 20:52:18 - [] ----D C:\Program Files (x86)\Common Files\SceneSwitch
O43 - CFD: 22/08/2013 - 17:36:33 - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 07/09/2014 - 03:47:25 - [] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 13/01/2015 - 17:34:10 - [] ----D C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 13/03/2015 - 22:27:13 - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 26/04/2013 - 01:16:31 - [] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 30/01/2014 - 22:48:08 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 22/08/2013 - 16:45:52 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 26/04/2013 - 01:16:21 - [] ----D C:\ProgramData\ASUS WebStorage
O43 - CFD: 26/04/2013 - 01:15:20 - [] ----D C:\ProgramData\ASUSLogos
O43 - CFD: 16/10/2013 - 20:52:23 - [] ----D C:\ProgramData\ASUSVibe
O43 - CFD: 10/05/2014 - 15:44:18 - [] ----D C:\ProgramData\AVAST Software
O43 - CFD: 02/04/2014 - 12:25:34 - [] ----D C:\ProgramData\AVG2014
O43 - CFD: 18/03/2015 - 17:18:58 - [] ----D C:\ProgramData\BdVhmPMe
O43 - CFD: 22/07/2014 - 03:47:21 - [] ----D C:\ProgramData\BlueStacks
O43 - CFD: 06/01/2014 - 15:53:42 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 15/01/2014 - 17:10:58 - [] --H-D C:\ProgramData\CanonBJ
O43 - CFD: 30/01/2014 - 11:57:14 - [] --H-D C:\ProgramData\CanonIJMIG
O43 - CFD: 17/01/2014 - 01:21:22 - [] --H-D C:\ProgramData\CanonIJMyPrinter
O43 - CFD: 02/02/2015 - 10:56:09 - [] ----D C:\ProgramData\CanonIJPLM
O43 - CFD: 15/01/2014 - 23:28:44 - [] --H-D C:\ProgramData\CanonIJQuickMenu
O43 - CFD: 15/01/2014 - 17:31:46 - [] ----D C:\ProgramData\CanonIJWSpt
O43 - CFD: 23/02/2014 - 22:32:23 - [] --H-D C:\ProgramData\Common Files
O43 - CFD: 15/01/2014 - 20:46:27 - [] ----D C:\ProgramData\CyberLink
O43 - CFD: 22/08/2013 - 16:45:52 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 22/08/2013 - 16:45:52 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 13/01/2015 - 14:01:06 - [] ----D C:\ProgramData\Freemake
O43 - CFD: 16/10/2013 - 20:37:08 - [] ----D C:\ProgramData\Intel
O43 - CFD: 10/05/2014 - 15:07:36 - [] ----D C:\ProgramData\Kaspersky Lab
O43 - CFD: 29/03/2015 - 00:01:52 - [] ----D C:\ProgramData\Lavasoft
O43 - CFD: 17/03/2015 - 14:41:47 - [] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 04/03/2014 - 16:47:40 - [] ----D C:\ProgramData\McAfee
O43 - CFD: 18/09/2014 - 10:59:47 - [] ----D C:\ProgramData\McAfee Security Scan
O43 - CFD: 06/01/2014 - 15:53:42 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 02/04/2014 - 12:25:34 - [] ----D C:\ProgramData\MFAData
O43 - CFD: 31/03/2015 - 13:47:51 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 26/04/2013 - 01:16:41 - [] ----D C:\ProgramData\Microsoft OneDrive
O43 - CFD: 06/01/2014 - 15:53:42 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 29/08/2014 - 18:09:08 - [] ----D C:\ProgramData\Norton
O43 - CFD: 29/08/2014 - 18:09:03 - [] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 19/10/2014 - 14:28:58 - [0] ----D C:\ProgramData\Oracle
O43 - CFD: 03/11/2014 - 11:06:57 - [] ----D C:\ProgramData\P4G
O43 - CFD: 06/01/2014 - 15:37:56 - [] ----D C:\ProgramData\PRICache
O43 - CFD: 16/10/2013 - 20:32:48 - [] ----D C:\ProgramData\Qualcomm Atheros
O43 - CFD: 18/03/2015 - 18:02:26 - [] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 13/10/2014 - 21:40:45 - [] ----D C:\ProgramData\Skype
O43 - CFD: 31/03/2015 - 13:47:52 - [] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 22/08/2013 - 16:45:52 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 26/05/2014 - 00:28:32 - [] ----D C:\ProgramData\Sun
O43 - CFD: 19/05/2014 - 18:51:01 - [] ---AD C:\ProgramData\Temp
O43 - CFD: 22/08/2013 - 16:45:52 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 27/12/2014 - 19:34:27 - [] ----D C:\ProgramData\TuneUp Software
O43 - CFD: 16/10/2013 - 20:58:50 - [] ----D C:\ProgramData\USBChargerPlus
O43 - CFD: 22/07/2014 - 03:46:37 - [] ----D C:\ProgramData\WildTangent
O43 - CFD: 27/12/2014 - 19:30:30 - [] -SH-D C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 13/03/2015 - 22:31:52 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 13/03/2015 - 22:31:56 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 13/03/2015 - 22:31:52 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 15/03/2014 - 11:55:31 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Disk Recovery
O43 - CFD: 06/01/2014 - 15:42:16 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
O43 - CFD: 06/01/2014 - 15:37:55 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUSDVD
O43 - CFD: 15/03/2015 - 23:11:43 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
O43 - CFD: 03/11/2014 - 11:06:56 - [] -S--D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! BackUp
O43 - CFD: 15/01/2014 - 17:23:01 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2400 series Manual
O43 - CFD: 15/01/2014 - 17:31:51 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
O43 - CFD: 29/03/2015 - 13:14:14 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 06/01/2014 - 15:37:55 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
O43 - CFD: 15/01/2014 - 17:33:05 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enregistrement utilisateur de Canon MG2400 series =>.Canon Inc
O43 - CFD: 29/03/2015 - 23:19:13 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastAgain PC Booster
O43 - CFD: 13/01/2015 - 14:00:05 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
O43 - CFD: 23/03/2015 - 01:25:24 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 21/11/2014 - 22:59:15 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 04/01/2015 - 12:49:12 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Resizer
O43 - CFD: 06/01/2014 - 15:42:16 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
O43 - CFD: 11/11/2014 - 19:23:04 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 29/03/2015 - 00:29:24 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
O43 - CFD: 22/08/2013 - 17:36:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 28/03/2015 - 15:57:54 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 18/09/2014 - 10:59:40 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
O43 - CFD: 24/04/2014 - 10:57:26 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
O43 - CFD: 29/08/2014 - 18:09:17 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
O43 - CFD: 13/10/2014 - 21:40:40 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 07/12/2014 - 14:32:53 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 13/03/2015 - 22:31:52 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 14/11/2013 - 09:16:50 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 11/01/2015 - 19:39:17 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 27/12/2014 - 21:40:42 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Youtube Music Downloader
O43 - CFD: 31/03/2015 - 13:47:36 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 01/03/2015 - 23:08:51 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zune
O43 - CFD: 31/03/2015 - 01:27:31 - [] ----D C:\Users\BastienetYanis\AppData\Roaming\Activeris =>PUP.Activeris
O43 - CFD: 30/01/2014 - 16:32:58 - [] ----D C:\Users\BastienetYanis\AppData\Roaming\Adobe
O43 - CFD: 03/01/2014 - 20:27:32 - [] ----D C:\Users\BastienetYanis\AppData\Roaming\ASUS WebStorage
O43 - CFD: 10/05/2014 - 15:51:18 - [] ----D C:\Users\BastienetYanis\AppData\Roaming\AVAST Software
O43 - CFD: 17/01/2014 - 21:22:41 - [] ----D C:\Users\BastienetYanis\AppData\R
Utilisateur anonyme
31 mars 2015 à 17:19
31 mars 2015 à 17:19
je pense que je serais plus rapide en passant les logiciels par la fenêtre vu que tu habites pas trop loin de chez moi ! :mdr:
Télécharge et enregistre Zhpcleaner sur ton bureau :
https://nicolascoolman.eu
[*] Fais un clique droit dessus, lance le en tant qu'administrateur !
[*] Accepte le contrat de licence d'utilisation finale (CLUF),
[*] Clique sur "Nettoyer"
[*] Clique sur rapport (normalement le rapport s'affiche)
[*] Enregistre le rapport sur ton bureau
[*] Héberge son rapport de modification qui se trouve sur le Bureau :
https://www.cjoint.com/ à lire => https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers
, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum </gras>
Note :
- Cet outil ne nécessite pas d'installation !
- Le rapport se trouve également dans ce répertoire "%AppData%".
Télécharge et enregistre Zhpcleaner sur ton bureau :
https://nicolascoolman.eu
[*] Fais un clique droit dessus, lance le en tant qu'administrateur !
[*] Accepte le contrat de licence d'utilisation finale (CLUF),
[*] Clique sur "Nettoyer"
[*] Clique sur rapport (normalement le rapport s'affiche)
[*] Enregistre le rapport sur ton bureau
[*] Héberge son rapport de modification qui se trouve sur le Bureau :
https://www.cjoint.com/ à lire => https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers
, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum </gras>
Note :
- Cet outil ne nécessite pas d'installation !
- Le rapport se trouve également dans ce répertoire "%AppData%".
meyllia69100
Messages postés
11
Date d'inscription
mardi 31 mars 2015
Statut
Membre
Dernière intervention
31 mars 2015
31 mars 2015 à 18:16
31 mars 2015 à 18:16
mdrrr attends alors jte les jettent rattrape les bien !mdr
~ ZHPCleaner v2015.3.31.148 by Nicolas Coolman (31/03/2015)
~ Run by BastienetYanis (Administrator) (31/03/2015 17:28:50)
~ Forum : https://nicolascoolman.eu
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Réparer
~ Report : C:\Users\BastienetYanis\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\BastienetYanis\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 81, 64-bit (Build 9600)
---\\ Service. (0)
~ Aucun élément malicieux trouvé.
---\\ Navigateur internet. (5)
DEPLACÉ fichier: C:\Users\BastienetYanis\Desktop\SpyHunter.lnk [Bad : C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe] (Crapware.SpyHunter)
DEPLACÉ fichier: C:\Users\BastienetYanis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [Bad : C:\Program Files (x86)\speed browser\Application\chrome.exe] (PUP.SpeedBrowser)
DEPLACÉ fichier: C:\Users\BastienetYanis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aide.lnk [Bad : C:\Program Files (x86)\Probit Software\Easy Speed PC\EasySpeedPC.chm] (PUP.ProbitSoftware)
DEPLACÉ fichier: C:\Users\BastienetYanis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk [Bad : C:\Program Files (x86)\speed browser\Application\chrome.exe] (PUP.SpeedBrowser)
DEPLACÉ fichier: C:\Users\BastienetYanis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uninstall.lnk [Bad : C:\Program Files (x86)\Probit Software\Easy Speed PC\uninstall.exe] (PUP.ProbitSoftware)
---\\ Fichier hôte. (2)
REMPLACÉ: 54.225.95.126 dmcecclamecbinmplcolhaljlclhbgah
~ Nombre de redirections trouvées 1/24
---\\ Tâche planifiée. (7)
SUPPRIMÉ tâche: [ParetoLogic Update Version3 Startup Task] [C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe (Not File) ] (PUP.Paretologic)
SUPPRIMÉ tâche: [SpyHunter4Startup] [C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe] (Crapware.SpyHunter)
SUPPRIMÉ tâche: [UpdateVO] [C:\Users\BastienetYanis\AppData\Roaming\VOPackage\VOPackage.exe (Not File) ] (Adware.Downware)
SUPPRIMÉ tâche: [{148A78C4-6AB6-4F04-B670-9373698B5E22}] [C:\Users\BastienetYanis\AppData\Roaming\Nosibay\Bubble Dock\Uninstall Bubble Dock.exe (Not File) ] (PUP.BubbleDock)
SUPPRIMÉ tâche: [{9B02FA26-A9DC-49AB-B067-F42CB88B2701}] [c:\program files (x86)\speed browser\application\chrome.exe (Not File) ] (PUP.SpeedBrowser)
SUPPRIMÉ tâche: [{9B1EACFF-21DD-4567-A7E4-7A77E88D07A8}] [c:\program files (x86)\speed browser\application\chrome.exe (Not File) ] (PUP.SpeedBrowser)
SUPPRIMÉ tâche: [ParetoLogic Update Version3 Startup Task] [C:\WINDOWS\Tasks\ParetoLogic Update Version3 Startup Task.job (Not File) ] (PUP.Paretologic)
---\\ Explorateur ( Dossiers, Fichiers ). (51)
DEPLACÉ fichier: C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [Enigma Software Group USA, LLC. - Service scanner interface] (Crapware.SpyHunter)
DEPLACÉ fichier: C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [Enigma Software Group USA, LLC. - SpyHunter4 application] (Crapware.SpyHunter)
DEPLACÉ dossier*: C:\Program Files\Enigma Software Group\SpyHunter (PUP.EnigmaSoftware)
DEPLACÉ dossier*: C:\Program Files\Enigma Software Group (PUP.EnigmaSoftware)
DEPLACÉ fichier: C:\Users\BastienetYanis\AppData\Roaming\Enigma Software Group\sh_installer.exe [Enigma Software Group USA, LLC. - Enigma Installer] (PUP.EnigmaSoftware)
DEPLACÉ dossier: C:\Users\BastienetYanis\AppData\Roaming\Activeris\FastAgain PC Booster (PUP.Activeris)
DEPLACÉ dossier: C:\Users\BastienetYanis\AppData\Roaming\Activeris (PUP.Activeris)
DEPLACÉ dossier: C:\Users\BastienetYanis\AppData\Roaming\Enigma Software Group (PUP.EnigmaSoftware)
DEPLACÉ dossier: C:\Users\BastienetYanis\AppData\Local\CrashRpt\UnsentCrashReports (LOG.CrashReports)
DEPLACÉ dossier: C:\Users\BastienetYanis\AppData\Local\CrashRpt (LOG.CrashReports)
DEPLACÉ dossier: C:\Users\BastienetYanis\AppData\Local\ShieldPlus (Adware.ShieldPlus)
DEPLACÉ fichier: C:\WINDOWS\Prefetch\BUBBLE DOCK ADDONSUI.EXE-940225A3.pf (PUP.BubbleDock)
DEPLACÉ fichier: C:\WINDOWS\Prefetch\BUBBLE DOCK.EXE-EA818FAD.pf (PUP.BubbleDock)
DEPLACÉ fichier: C:\WINDOWS\Prefetch\CONSTASURF.PURBROWSE64.EXE-3C7AFB09.pf (PUP.ConstaSurf)
DEPLACÉ fichier: C:\WINDOWS\Prefetch\PARETOLOGIC PC HEALTH ADVISOR-CEAC296A.pf (PUP.Paretologic)
DEPLACÉ fichier: C:\WINDOWS\Prefetch\REIMAGE.EXE-BEE43FC1.pf (PUP.ReimageRepair)
DEPLACÉ fichier: C:\WINDOWS\Prefetch\REIMAGEPACKAGE.EXE-6568545C.pf (PUP.ReimageRepair)
DEPLACÉ fichier: C:\WINDOWS\Prefetch\REIMAGEREPAIR (1).EXE-58102378.pf (PUP.ReimageRepair)
DEPLACÉ fichier: C:\WINDOWS\Prefetch\REIMAGEREPAIR.EXE-D755EC56.pf (PUP.ReimageRepair)
DEPLACÉ fichier: C:\WINDOWS\Prefetch\SPYHUNTER-INSTALLER (1).EXE-65DB59B0.pf (Crapware.SpyHunter)
DEPLACÉ fichier: C:\WINDOWS\Prefetch\SPYHUNTER-INSTALLER.EXE-A27CA18E.pf (Crapware.SpyHunter)
DEPLACÉ fichier: C:\WINDOWS\Prefetch\SPYHUNTER4.EXE-3B4E3201.pf (Crapware.SpyHunter)
DEPLACÉ fichier: C:\WINDOWS\Prefetch\UNINSTALL BUBBLE DOCK.EXE-02EC93A0.pf (PUP.BubbleDock)
DEPLACÉ fichier: C:\WINDOWS\Prefetch\UNINSTALL BUBBLE DOCK.EXE-94BDCD0F.pf (PUP.BubbleDock)
DEPLACÉ fichier: C:\WINDOWS\Prefetch\VOPACKAGE.EXE-D78136F8.pf (Adware.Downware)
DEPLACÉ fichier: C:\Users\BastienetYanis\Downloads\Activeris AntiMalware.lnk (PUP.Activeris)
DEPLACÉ fichier: C:\Users\BastienetYanis\Downloads\DriverRestore.vtsafe.exe [Driver Restore - This installer database contains the logic and data required to install Driver Restore.] (PUP.DriverRestore)
DEPLACÉ fichier: C:\Users\BastienetYanis\Downloads\FlvPlayer.lnk (PUP.FLVPlayer)
DEPLACÉ fichier: C:\Users\BastienetYanis\Downloads\NewPlayer.lnk (Adware.NewPlayer)
DEPLACÉ fichier: C:\Users\BastienetYanis\Downloads\ParetoLogic PC Health Advisor.lnk (PUP.Paretologic)
DEPLACÉ fichier: C:\Users\BastienetYanis\Downloads\ParetoLogic PC Health Advisor_fr.exe [ParetoLogic Inc. - PC Health Advisor Installer] (PUP.Paretologic)
DEPLACÉ fichier: C:\Users\BastienetYanis\Downloads\SpyHunter-Installer.exe [Enigma Software Group USA, LLC. - Enigma Installer] (Crapware.SpyHunter)
DEPLACÉ fichier: C:\Users\BASTIE~1\AppData\Local\Temp\Tsu514D98CA.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] (PUP.Tarma)
DEPLACÉ fichier: C:\Users\BASTIE~1\AppData\Local\Temp\TsuB8D44AF5.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] (PUP.Tarma)
DEPLACÉ fichier: C:\Users\BASTIE~1\AppData\Local\Temp\{E61B0B94-02FD-4F03-ADE8-4ADF3DF82962}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] (PUP.Tarma)
DEPLACÉ fichier****: C:\Users\BASTIE~1\AppData\Local\Temp\{12B11AB1-2C55-4B6E-A985-6477C9523847}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] (PUP.Tarma)
DEPLACÉ fichier*: C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.re-markit00.re-markit.co_0.localstorage (PUP.ReMarkIt)
DEPLACÉ fichier*: C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.re-markit00.re-markit.co_0.localstorage-journal (PUP.ReMarkIt)
DEPLACÉ fichier*: C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markit00.re-markit.co_0.localstorage (PUP.ReMarkIt)
DEPLACÉ fichier*: C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markit00.re-markit.co_0.localstorage-journal (PUP.ReMarkIt)
DEPLACÉ fichier: C:\Users\BASTIE~1\AppData\Local\Temp\SearchTheWeb.ico13c288 (Adware.IMBooster)
DEPLACÉ fichier: C:\Users\BASTIE~1\AppData\Local\Temp\SearchTheWeb.xml13c288 (Adware.IMBooster)
DEPLACÉ fichier: C:\Users\BASTIE~1\AppData\Local\Temp\StartWeb.xml13c298 (Adware.IMBooster)
DEPLACÉ fichier: C:\Users\BASTIE~1\AppData\Local\Temp\WinkHandler.exe13c298 (Adware.IMBooster)
DEPLACÉ fichier: C:\WINDOWS\System32\Drivers\EsgScanner.sys (PUP.EnigmaSoftware)
DEPLACÉ dossier: C:\Rei (PUP.ReimageRepair)
DEPLACÉ dossier: C:\Program Files (x86)\Software (Adware.Boxore)
DEPLACÉ dossier: C:\Users\BastienetYanis\AppData\Local\com (PUP.Optional)
DEPLACÉ dossier: C:\Users\BastienetYanis\AppData\Local\Software (Adware.Boxore)
DEPLACÉ dossier: C:\Users\BastienetYanis\AppData\Local\{0445CDBA-EF9B-4226-9114-1158288FC05B} (Empty)
DEPLACÉ dossier: C:\Users\BastienetYanis\AppData\Local\{742A313D-D575-47B0-8D60-B84B84D8371C} (Empty)
---\\ Base de Registres ( Clés, Valeurs, Données ). (58)
SUPPRIMÉ valeur: HKCU\Software\Mozilla\Firefox\Extensions\\{0011ebb6-4390-4e21-a2e3-8dd2a85e92d2} [C:\Program Files (x86)\DealsCompare\150.xpi] (PUP.DealsCompare)
SUPPRIMÉ clé: HKCR\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} [http://ww7.certified-toolbar.com[...]] [Web Search] (PUP.CertifiedToolbar)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5428abe0-4c3e-40be-b6cb-4ca07f6180ea} http://www.secure-surf.com/web?q={searchTerms} [secure-surf] (PUP.SecureSurf)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Clients\StartMenuInternet\speed browser ["C:\Program Files (x86)\speed browser\Application\chrome.exe" (Not File)] (PUP.SpeedBrowser)
SUPPRIMÉ valeur: [X64] HKLM\Software\Classes\.htm\OpenWithProgIDs\\BrowserHTM [] (PUP.SpeedBrowser)
SUPPRIMÉ valeur: [X64] HKLM\Software\Classes\.html\OpenWithProgIDs\\BrowserHTM [] (PUP.SpeedBrowser)
SUPPRIMÉ valeur: [X64] HKLM\Software\Classes\.shtml\OpenWithProgIDs\\BrowserHTM [] (PUP.SpeedBrowser)
SUPPRIMÉ valeur: [X64] HKLM\Software\Classes\.webp\OpenWithProgIDs\\BrowserHTM [] (PUP.SpeedBrowser)
SUPPRIMÉ valeur: [X64] HKLM\Software\Classes\.xht\OpenWithProgIDs\\BrowserHTM [] (PUP.SpeedBrowser)
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\EsgScanner [system32\DRIVERS\EsgScanner.sys] (PUP.EnigmaSoftware)
SUPPRIMÉ clé^: HKLM\SYSTEM\CurrentControlSet\Services\SpyHunter 4 Service [C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe (Not File)] (Crapware.SpyHunter)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422052294} [CrossriderApp0040594.Sandbox] (PUP.CrossRider)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422902284} [CrossriderApp0049084.Sandbox] (PUP.CrossRider)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444054494} [] (PUP.CrossRider)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444904484} [] (PUP.CrossRider)
SUPPRIMÉ valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_9F74275482CCA6BB132B2854FD98E9A5 ["C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window] (PUP.Vosteran)
SUPPRIMÉ valeur: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\V-bates [C:\Program Files\V-bates\notifier64.exe] (Adware.Incredibar)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3911577134-1621002325-3162563356-1001\Software\Activeris [] (PUP.Activeris)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3911577134-1621002325-3162563356-1001\Software\Probit Software [] (PUP.ProbitSoftware)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3911577134-1621002325-3162563356-1001\Software\SearchProtectINTSM [] (PUP.SearchProtect)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3911577134-1621002325-3162563356-1001\Software\ShieldPlus [] (Adware.ShieldPlus)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3911577134-1621002325-3162563356-1001\Software\Smartbar [] (PUP.QuickShare)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3911577134-1621002325-3162563356-1001\Software\Classes\.bubbledock [bubbledock] (PUP.BubbleDock)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3911577134-1621002325-3162563356-1001\Software\Classes\BoBrowser.FK4QXPKUK653NSRMP4WZRVY554 [] (PUP.BoBrowser)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3911577134-1621002325-3162563356-1001\Software\Classes\BoBrowsHTML.FK4QXPKUK653NSRMP4WZRVY554 [BoBrowser HTML Document] (PUP.BoBrowser)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3911577134-1621002325-3162563356-1001\Software\Classes\bubbledock [Bubble Dock add-in] (PUP.BubbleDock)
SUPPRIMÉ clé*: HKCU\Software\AppDataLow\Software\adawarebp [] (PUP.ToolbarCleaner)
SUPPRIMÉ clé*: HKCU\Software\AppDataLow\Software\Apps Hat [] (PUP.CrossRider)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Avast Packages [Avast Packages] (Adware.InstallCore)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Image Resizer Packages [Image Resizer Packages] (Adware.InstallCore)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\lollipop_01070657 [Lollipop Network, S.L.] (Adware.Lollipop)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{b9b81f85-446e-4d45-aff5-d95c2be8fbf2} [Snap.Do Engine] (Hijacker.SmartBar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\BrowserHTM [Browser HTML Document] (PUP.SpeedBrowser)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{738C1447-DF84-92AE-76BF-F84A7E3C12E6} [tOpbuyeur] (PUP.TopBuyer)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A} [IESmartBar.MSG] (Hijacker.SmartBar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6} [IESmartBar.BandObjectStyle] (Hijacker.SmartBar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E} [IESmartBar.POINT] (Hijacker.SmartBar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95} [IESmartBar.DBIM] (Hijacker.SmartBar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24} [IESmartBar.DESKBANDINFO] (Hijacker.SmartBar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9} [IESmartBar.DBIMF] (Hijacker.SmartBar)
SUPPRIMÉ clé*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update ConstaSurf [] (PUP.ConstaSurf)
SUPPRIMÉ clé*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util ConstaSurf [] (PUP.ConstaSurf)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\EnigmaSoftwareGroup [] (PUP.EnigmaSoftware)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0F81D0DC-1355-4fac-800F-2467CF365CCD} [C:\Program Files\HomeTab\IE (Not File)] (PUP.CertifiedToolbar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Reimage.exe [C:\Program Files\Reimage\Reimage Repair\Reimage.exe (Not File)] (PUP.ReimageRepair)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\spprt.exe [C:\Users\BastienetYanis\AppData\Local\ShieldPlus\spprt\spprt.exe (Not File)] (Adware.ShieldPlus)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3911577134-1621002325-3162563356-1001\Products\CB600452ED7928C41A1A2AAB2D250038 [Snap.Do] (Hijacker.SmartBar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\016A7206F164D5243BE66200904CD4AC [01:\Software\Smartbar\version (Not File)] (Hijacker.SmartBar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\016A7206F164D5243BE662E09C4CD4AC [01:\Software\Smartbar\version (Not File)] (Hijacker.SmartBar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Activeris [] (PUP.Activeris)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\mamverifier [] (Toolbar.Mamverifier)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SpyHunter [Enigma Software Group, LLC] (Crapware.SpyHunter)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{816dbd76-48e0-4bdc-9051-24958bca5ef5}\InprocServer32 [C:\Program Files\HomeTab\IE\HomeTab.dll (Not File)] (PUP.CertifiedToolbar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{986fe2c6-7ab7-4337-b0f2-568542d8b628}\InprocServer32 [C:\Program Files\HomeTab\IE\HomeTab.dll (Not File)] (PUP.CertifiedToolbar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{e74a487b-dfe6-493e-8f16-0bc551137039}\InprocServer32 [C:\Program Files\HomeTab\IE\HomeTab.dll (Not File)] (PUP.CertifiedToolbar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{816dbd76-48e0-4bdc-9051-24958bca5ef5} [SourceSinkImpl Class] (PUP.CertifiedToolbar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{986fe2c6-7ab7-4337-b0f2-568542d8b628} [NotificationSource Class] (PUP.CertifiedToolbar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{e74a487b-dfe6-493e-8f16-0bc551137039} [ToolbarInfo Class] (PUP.CertifiedToolbar)
---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
~ Ce navigateur est absent (Mozilla Firefox)
~ Le système a été redémarré.
---\\ Statistiques
~ Items scannés : 85708
~ Items trouvés : 1
~ Items réparés : 123
End of clean at 17:55:24
===================
ZHPCleaner-[R]-31032015-17_55_24.txt
~ ZHPCleaner v2015.3.31.148 by Nicolas Coolman (31/03/2015)
~ Run by BastienetYanis (Administrator) (31/03/2015 17:28:50)
~ Forum : https://nicolascoolman.eu
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Réparer
~ Report : C:\Users\BastienetYanis\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\BastienetYanis\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 81, 64-bit (Build 9600)
---\\ Service. (0)
~ Aucun élément malicieux trouvé.
---\\ Navigateur internet. (5)
DEPLACÉ fichier: C:\Users\BastienetYanis\Desktop\SpyHunter.lnk [Bad : C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe] (Crapware.SpyHunter)
DEPLACÉ fichier: C:\Users\BastienetYanis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [Bad : C:\Program Files (x86)\speed browser\Application\chrome.exe] (PUP.SpeedBrowser)
DEPLACÉ fichier: C:\Users\BastienetYanis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aide.lnk [Bad : C:\Program Files (x86)\Probit Software\Easy Speed PC\EasySpeedPC.chm] (PUP.ProbitSoftware)
DEPLACÉ fichier: C:\Users\BastienetYanis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk [Bad : C:\Program Files (x86)\speed browser\Application\chrome.exe] (PUP.SpeedBrowser)
DEPLACÉ fichier: C:\Users\BastienetYanis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uninstall.lnk [Bad : C:\Program Files (x86)\Probit Software\Easy Speed PC\uninstall.exe] (PUP.ProbitSoftware)
---\\ Fichier hôte. (2)
REMPLACÉ: 54.225.95.126 dmcecclamecbinmplcolhaljlclhbgah
~ Nombre de redirections trouvées 1/24
---\\ Tâche planifiée. (7)
SUPPRIMÉ tâche: [ParetoLogic Update Version3 Startup Task] [C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe (Not File) ] (PUP.Paretologic)
SUPPRIMÉ tâche: [SpyHunter4Startup] [C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe] (Crapware.SpyHunter)
SUPPRIMÉ tâche: [UpdateVO] [C:\Users\BastienetYanis\AppData\Roaming\VOPackage\VOPackage.exe (Not File) ] (Adware.Downware)
SUPPRIMÉ tâche: [{148A78C4-6AB6-4F04-B670-9373698B5E22}] [C:\Users\BastienetYanis\AppData\Roaming\Nosibay\Bubble Dock\Uninstall Bubble Dock.exe (Not File) ] (PUP.BubbleDock)
SUPPRIMÉ tâche: [{9B02FA26-A9DC-49AB-B067-F42CB88B2701}] [c:\program files (x86)\speed browser\application\chrome.exe (Not File) ] (PUP.SpeedBrowser)
SUPPRIMÉ tâche: [{9B1EACFF-21DD-4567-A7E4-7A77E88D07A8}] [c:\program files (x86)\speed browser\application\chrome.exe (Not File) ] (PUP.SpeedBrowser)
SUPPRIMÉ tâche: [ParetoLogic Update Version3 Startup Task] [C:\WINDOWS\Tasks\ParetoLogic Update Version3 Startup Task.job (Not File) ] (PUP.Paretologic)
---\\ Explorateur ( Dossiers, Fichiers ). (51)
DEPLACÉ fichier: C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [Enigma Software Group USA, LLC. - Service scanner interface] (Crapware.SpyHunter)
DEPLACÉ fichier: C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [Enigma Software Group USA, LLC. - SpyHunter4 application] (Crapware.SpyHunter)
DEPLACÉ dossier*: C:\Program Files\Enigma Software Group\SpyHunter (PUP.EnigmaSoftware)
DEPLACÉ dossier*: C:\Program Files\Enigma Software Group (PUP.EnigmaSoftware)
DEPLACÉ fichier: C:\Users\BastienetYanis\AppData\Roaming\Enigma Software Group\sh_installer.exe [Enigma Software Group USA, LLC. - Enigma Installer] (PUP.EnigmaSoftware)
DEPLACÉ dossier: C:\Users\BastienetYanis\AppData\Roaming\Activeris\FastAgain PC Booster (PUP.Activeris)
DEPLACÉ dossier: C:\Users\BastienetYanis\AppData\Roaming\Activeris (PUP.Activeris)
DEPLACÉ dossier: C:\Users\BastienetYanis\AppData\Roaming\Enigma Software Group (PUP.EnigmaSoftware)
DEPLACÉ dossier: C:\Users\BastienetYanis\AppData\Local\CrashRpt\UnsentCrashReports (LOG.CrashReports)
DEPLACÉ dossier: C:\Users\BastienetYanis\AppData\Local\CrashRpt (LOG.CrashReports)
DEPLACÉ dossier: C:\Users\BastienetYanis\AppData\Local\ShieldPlus (Adware.ShieldPlus)
DEPLACÉ fichier: C:\WINDOWS\Prefetch\BUBBLE DOCK ADDONSUI.EXE-940225A3.pf (PUP.BubbleDock)
DEPLACÉ fichier: C:\WINDOWS\Prefetch\BUBBLE DOCK.EXE-EA818FAD.pf (PUP.BubbleDock)
DEPLACÉ fichier: C:\WINDOWS\Prefetch\CONSTASURF.PURBROWSE64.EXE-3C7AFB09.pf (PUP.ConstaSurf)
DEPLACÉ fichier: C:\WINDOWS\Prefetch\PARETOLOGIC PC HEALTH ADVISOR-CEAC296A.pf (PUP.Paretologic)
DEPLACÉ fichier: C:\WINDOWS\Prefetch\REIMAGE.EXE-BEE43FC1.pf (PUP.ReimageRepair)
DEPLACÉ fichier: C:\WINDOWS\Prefetch\REIMAGEPACKAGE.EXE-6568545C.pf (PUP.ReimageRepair)
DEPLACÉ fichier: C:\WINDOWS\Prefetch\REIMAGEREPAIR (1).EXE-58102378.pf (PUP.ReimageRepair)
DEPLACÉ fichier: C:\WINDOWS\Prefetch\REIMAGEREPAIR.EXE-D755EC56.pf (PUP.ReimageRepair)
DEPLACÉ fichier: C:\WINDOWS\Prefetch\SPYHUNTER-INSTALLER (1).EXE-65DB59B0.pf (Crapware.SpyHunter)
DEPLACÉ fichier: C:\WINDOWS\Prefetch\SPYHUNTER-INSTALLER.EXE-A27CA18E.pf (Crapware.SpyHunter)
DEPLACÉ fichier: C:\WINDOWS\Prefetch\SPYHUNTER4.EXE-3B4E3201.pf (Crapware.SpyHunter)
DEPLACÉ fichier: C:\WINDOWS\Prefetch\UNINSTALL BUBBLE DOCK.EXE-02EC93A0.pf (PUP.BubbleDock)
DEPLACÉ fichier: C:\WINDOWS\Prefetch\UNINSTALL BUBBLE DOCK.EXE-94BDCD0F.pf (PUP.BubbleDock)
DEPLACÉ fichier: C:\WINDOWS\Prefetch\VOPACKAGE.EXE-D78136F8.pf (Adware.Downware)
DEPLACÉ fichier: C:\Users\BastienetYanis\Downloads\Activeris AntiMalware.lnk (PUP.Activeris)
DEPLACÉ fichier: C:\Users\BastienetYanis\Downloads\DriverRestore.vtsafe.exe [Driver Restore - This installer database contains the logic and data required to install Driver Restore.] (PUP.DriverRestore)
DEPLACÉ fichier: C:\Users\BastienetYanis\Downloads\FlvPlayer.lnk (PUP.FLVPlayer)
DEPLACÉ fichier: C:\Users\BastienetYanis\Downloads\NewPlayer.lnk (Adware.NewPlayer)
DEPLACÉ fichier: C:\Users\BastienetYanis\Downloads\ParetoLogic PC Health Advisor.lnk (PUP.Paretologic)
DEPLACÉ fichier: C:\Users\BastienetYanis\Downloads\ParetoLogic PC Health Advisor_fr.exe [ParetoLogic Inc. - PC Health Advisor Installer] (PUP.Paretologic)
DEPLACÉ fichier: C:\Users\BastienetYanis\Downloads\SpyHunter-Installer.exe [Enigma Software Group USA, LLC. - Enigma Installer] (Crapware.SpyHunter)
DEPLACÉ fichier: C:\Users\BASTIE~1\AppData\Local\Temp\Tsu514D98CA.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] (PUP.Tarma)
DEPLACÉ fichier: C:\Users\BASTIE~1\AppData\Local\Temp\TsuB8D44AF5.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] (PUP.Tarma)
DEPLACÉ fichier: C:\Users\BASTIE~1\AppData\Local\Temp\{E61B0B94-02FD-4F03-ADE8-4ADF3DF82962}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] (PUP.Tarma)
DEPLACÉ fichier****: C:\Users\BASTIE~1\AppData\Local\Temp\{12B11AB1-2C55-4B6E-A985-6477C9523847}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] (PUP.Tarma)
DEPLACÉ fichier*: C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.re-markit00.re-markit.co_0.localstorage (PUP.ReMarkIt)
DEPLACÉ fichier*: C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.re-markit00.re-markit.co_0.localstorage-journal (PUP.ReMarkIt)
DEPLACÉ fichier*: C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markit00.re-markit.co_0.localstorage (PUP.ReMarkIt)
DEPLACÉ fichier*: C:\Users\BastienetYanis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markit00.re-markit.co_0.localstorage-journal (PUP.ReMarkIt)
DEPLACÉ fichier: C:\Users\BASTIE~1\AppData\Local\Temp\SearchTheWeb.ico13c288 (Adware.IMBooster)
DEPLACÉ fichier: C:\Users\BASTIE~1\AppData\Local\Temp\SearchTheWeb.xml13c288 (Adware.IMBooster)
DEPLACÉ fichier: C:\Users\BASTIE~1\AppData\Local\Temp\StartWeb.xml13c298 (Adware.IMBooster)
DEPLACÉ fichier: C:\Users\BASTIE~1\AppData\Local\Temp\WinkHandler.exe13c298 (Adware.IMBooster)
DEPLACÉ fichier: C:\WINDOWS\System32\Drivers\EsgScanner.sys (PUP.EnigmaSoftware)
DEPLACÉ dossier: C:\Rei (PUP.ReimageRepair)
DEPLACÉ dossier: C:\Program Files (x86)\Software (Adware.Boxore)
DEPLACÉ dossier: C:\Users\BastienetYanis\AppData\Local\com (PUP.Optional)
DEPLACÉ dossier: C:\Users\BastienetYanis\AppData\Local\Software (Adware.Boxore)
DEPLACÉ dossier: C:\Users\BastienetYanis\AppData\Local\{0445CDBA-EF9B-4226-9114-1158288FC05B} (Empty)
DEPLACÉ dossier: C:\Users\BastienetYanis\AppData\Local\{742A313D-D575-47B0-8D60-B84B84D8371C} (Empty)
---\\ Base de Registres ( Clés, Valeurs, Données ). (58)
SUPPRIMÉ valeur: HKCU\Software\Mozilla\Firefox\Extensions\\{0011ebb6-4390-4e21-a2e3-8dd2a85e92d2} [C:\Program Files (x86)\DealsCompare\150.xpi] (PUP.DealsCompare)
SUPPRIMÉ clé: HKCR\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} [http://ww7.certified-toolbar.com[...]] [Web Search] (PUP.CertifiedToolbar)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5428abe0-4c3e-40be-b6cb-4ca07f6180ea} http://www.secure-surf.com/web?q={searchTerms} [secure-surf] (PUP.SecureSurf)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Clients\StartMenuInternet\speed browser ["C:\Program Files (x86)\speed browser\Application\chrome.exe" (Not File)] (PUP.SpeedBrowser)
SUPPRIMÉ valeur: [X64] HKLM\Software\Classes\.htm\OpenWithProgIDs\\BrowserHTM [] (PUP.SpeedBrowser)
SUPPRIMÉ valeur: [X64] HKLM\Software\Classes\.html\OpenWithProgIDs\\BrowserHTM [] (PUP.SpeedBrowser)
SUPPRIMÉ valeur: [X64] HKLM\Software\Classes\.shtml\OpenWithProgIDs\\BrowserHTM [] (PUP.SpeedBrowser)
SUPPRIMÉ valeur: [X64] HKLM\Software\Classes\.webp\OpenWithProgIDs\\BrowserHTM [] (PUP.SpeedBrowser)
SUPPRIMÉ valeur: [X64] HKLM\Software\Classes\.xht\OpenWithProgIDs\\BrowserHTM [] (PUP.SpeedBrowser)
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\EsgScanner [system32\DRIVERS\EsgScanner.sys] (PUP.EnigmaSoftware)
SUPPRIMÉ clé^: HKLM\SYSTEM\CurrentControlSet\Services\SpyHunter 4 Service [C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe (Not File)] (Crapware.SpyHunter)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422052294} [CrossriderApp0040594.Sandbox] (PUP.CrossRider)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422902284} [CrossriderApp0049084.Sandbox] (PUP.CrossRider)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444054494} [] (PUP.CrossRider)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444904484} [] (PUP.CrossRider)
SUPPRIMÉ valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_9F74275482CCA6BB132B2854FD98E9A5 ["C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window] (PUP.Vosteran)
SUPPRIMÉ valeur: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\V-bates [C:\Program Files\V-bates\notifier64.exe] (Adware.Incredibar)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3911577134-1621002325-3162563356-1001\Software\Activeris [] (PUP.Activeris)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3911577134-1621002325-3162563356-1001\Software\Probit Software [] (PUP.ProbitSoftware)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3911577134-1621002325-3162563356-1001\Software\SearchProtectINTSM [] (PUP.SearchProtect)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3911577134-1621002325-3162563356-1001\Software\ShieldPlus [] (Adware.ShieldPlus)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3911577134-1621002325-3162563356-1001\Software\Smartbar [] (PUP.QuickShare)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3911577134-1621002325-3162563356-1001\Software\Classes\.bubbledock [bubbledock] (PUP.BubbleDock)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3911577134-1621002325-3162563356-1001\Software\Classes\BoBrowser.FK4QXPKUK653NSRMP4WZRVY554 [] (PUP.BoBrowser)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3911577134-1621002325-3162563356-1001\Software\Classes\BoBrowsHTML.FK4QXPKUK653NSRMP4WZRVY554 [BoBrowser HTML Document] (PUP.BoBrowser)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3911577134-1621002325-3162563356-1001\Software\Classes\bubbledock [Bubble Dock add-in] (PUP.BubbleDock)
SUPPRIMÉ clé*: HKCU\Software\AppDataLow\Software\adawarebp [] (PUP.ToolbarCleaner)
SUPPRIMÉ clé*: HKCU\Software\AppDataLow\Software\Apps Hat [] (PUP.CrossRider)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Avast Packages [Avast Packages] (Adware.InstallCore)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Image Resizer Packages [Image Resizer Packages] (Adware.InstallCore)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\lollipop_01070657 [Lollipop Network, S.L.] (Adware.Lollipop)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{b9b81f85-446e-4d45-aff5-d95c2be8fbf2} [Snap.Do Engine] (Hijacker.SmartBar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\BrowserHTM [Browser HTML Document] (PUP.SpeedBrowser)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{738C1447-DF84-92AE-76BF-F84A7E3C12E6} [tOpbuyeur] (PUP.TopBuyer)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A} [IESmartBar.MSG] (Hijacker.SmartBar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6} [IESmartBar.BandObjectStyle] (Hijacker.SmartBar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E} [IESmartBar.POINT] (Hijacker.SmartBar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95} [IESmartBar.DBIM] (Hijacker.SmartBar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24} [IESmartBar.DESKBANDINFO] (Hijacker.SmartBar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9} [IESmartBar.DBIMF] (Hijacker.SmartBar)
SUPPRIMÉ clé*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update ConstaSurf [] (PUP.ConstaSurf)
SUPPRIMÉ clé*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util ConstaSurf [] (PUP.ConstaSurf)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\EnigmaSoftwareGroup [] (PUP.EnigmaSoftware)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0F81D0DC-1355-4fac-800F-2467CF365CCD} [C:\Program Files\HomeTab\IE (Not File)] (PUP.CertifiedToolbar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Reimage.exe [C:\Program Files\Reimage\Reimage Repair\Reimage.exe (Not File)] (PUP.ReimageRepair)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\spprt.exe [C:\Users\BastienetYanis\AppData\Local\ShieldPlus\spprt\spprt.exe (Not File)] (Adware.ShieldPlus)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3911577134-1621002325-3162563356-1001\Products\CB600452ED7928C41A1A2AAB2D250038 [Snap.Do] (Hijacker.SmartBar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\016A7206F164D5243BE66200904CD4AC [01:\Software\Smartbar\version (Not File)] (Hijacker.SmartBar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\016A7206F164D5243BE662E09C4CD4AC [01:\Software\Smartbar\version (Not File)] (Hijacker.SmartBar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Activeris [] (PUP.Activeris)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\mamverifier [] (Toolbar.Mamverifier)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SpyHunter [Enigma Software Group, LLC] (Crapware.SpyHunter)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{816dbd76-48e0-4bdc-9051-24958bca5ef5}\InprocServer32 [C:\Program Files\HomeTab\IE\HomeTab.dll (Not File)] (PUP.CertifiedToolbar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{986fe2c6-7ab7-4337-b0f2-568542d8b628}\InprocServer32 [C:\Program Files\HomeTab\IE\HomeTab.dll (Not File)] (PUP.CertifiedToolbar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{e74a487b-dfe6-493e-8f16-0bc551137039}\InprocServer32 [C:\Program Files\HomeTab\IE\HomeTab.dll (Not File)] (PUP.CertifiedToolbar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{816dbd76-48e0-4bdc-9051-24958bca5ef5} [SourceSinkImpl Class] (PUP.CertifiedToolbar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{986fe2c6-7ab7-4337-b0f2-568542d8b628} [NotificationSource Class] (PUP.CertifiedToolbar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{e74a487b-dfe6-493e-8f16-0bc551137039} [ToolbarInfo Class] (PUP.CertifiedToolbar)
---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
~ Ce navigateur est absent (Mozilla Firefox)
~ Le système a été redémarré.
---\\ Statistiques
~ Items scannés : 85708
~ Items trouvés : 1
~ Items réparés : 123
End of clean at 17:55:24
===================
ZHPCleaner-[R]-31032015-17_55_24.txt
Utilisateur anonyme
31 mars 2015 à 18:18
31 mars 2015 à 18:18
ok,
redémarre le pc,
aide toi de ce poste pour me faire passer un nouveau rapport complet, via cjoint :
https://forums.commentcamarche.net/forum/affich-31775503-ordinateur-infecte#1
redémarre le pc,
aide toi de ce poste pour me faire passer un nouveau rapport complet, via cjoint :
https://forums.commentcamarche.net/forum/affich-31775503-ordinateur-infecte#1
meyllia69100
Messages postés
11
Date d'inscription
mardi 31 mars 2015
Statut
Membre
Dernière intervention
31 mars 2015
31 mars 2015 à 19:13
31 mars 2015 à 19:13
Utilisateur anonyme
31 mars 2015 à 19:47
31 mars 2015 à 19:47
installe la dernière version d'Adobe flash player et java depuis
leurs sites dédiés, attention à l'installation des barres d'outils !
désinstalle Ad-Aware Antivirus et McAfee Security Scan Plus !!
Lance ZHPFix via le raccourci sur ton Bureau, l'icône est sous forme de seringue.
/!\Utilisateur de Vista, Seven et W8 :
Clique sur « importer »
Tu vas voir apparaitre un message d'avertissement, clique sur Ok.
---------------------------------------------------------
Script Zhpfix
M2 - MFEP: RegExtension {0011ebb6-4390-4e21-a2e3-8dd2a85e92d2} . (...) -- C:\Program Files (x86)\DealsCompare\150.xpi (.not file.)
O1 - Hosts: 54.225.95.126 dmcecclamecbinmplcolhaljlclhbgah
O4 - GS\QuickLaunch [BastienetYanis]: Launch Internet Explorer Browser.lnk . (...) -- C:\Program Files (x86)\speed browser\Application\chrome.exe (.not file.)
O4 - GS\Program [BastienetYanis]: Aide.lnk . (...) -- C:\Program Files (x86)\Probit Software\Easy Speed PC\EasySpeedPC.chm (.not file.)
O4 - GS\Program [BastienetYanis]: Search.lnk . (...) -- C:\Program Files (x86)\speed browser\Application\chrome.exe (.not file.)
O4 - GS\Program [BastienetYanis]: Uninstall.lnk . (...) -- C:\Program Files (x86)\Probit Software\Easy Speed PC\uninstall.exe (.not file.)
O4 - GS\Desktop [BastienetYanis]: SpyHunter.lnk . (...) -- C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe (.not file.)
O4 - HKLM\..\Run: [V-bates] C:\Program Files\V-bates\notifier64.exe (.not file.)
O23 - Service: SpyHunter 4 Service (SpyHunter 4 Service) . (.Enigma Software Group USA, LLC. - Service scanner interface.) - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
[MD5.6ACCFC315FF55C983934811451DDEE66] [APT] [FastAgain PC Booster] (.Activeris.) -- C:\Program Files (x86)\FastAgain PC Booster\PCBooster.exe [8034816]
[MD5.6ACCFC315FF55C983934811451DDEE66] [APT] [FastAgain PC Booster_DEFAULT] (.Activeris.) -- C:\Program Files (x86)\FastAgain PC Booster\PCBooster.exe [8034816]
[MD5.6ACCFC315FF55C983934811451DDEE66] [APT] [FastAgain PC Booster_UPDATES] (.Activeris.) -- C:\Program Files (x86)\FastAgain PC Booster\PCBooster.exe [8034816]
[MD5.00000000000000000000000000000000] [APT] [ParetoLogic Update Version3 Startup Task] (...) -- C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe (.not file.) [0]
[MD5.F845E730A534BA17372368372DF01579] [APT] [SpyHunter4Startup] (.Enigma Software Group USA, LLC..) -- C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [8260480]
[MD5.00000000000000000000000000000000] [APT] [UpdateVO] (...) -- C:\Users\BastienetYanis\AppData\Roaming\VOPackage\VOPackage.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{148A78C4-6AB6-4F04-B670-9373698B5E22}] (...) -- C:\Users\BastienetYanis\AppData\Roaming\Nosibay\Bubble Dock\Uninstall Bubble Dock.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{9B02FA26-A9DC-49AB-B067-F42CB88B2701}] (...) -- c:\program files (x86)\speed browser\application\chrome.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{9B1EACFF-21DD-4567-A7E4-7A77E88D07A8}] (...) -- c:\program files (x86)\speed browser\application\chrome.exe (.not file.) [0]
O39 - APT: FastAgain PC Booster_DEFAULT - (.Activeris.) -- C:\Windows\Tasks\FastAgain PC Booster_DEFAULT.job [324]
O39 - APT: FastAgain PC Booster_DEFAULT - (.Activeris.) -- C:\Windows\System32\Tasks\FastAgain PC Booster_DEFAULT [324]
O39 - APT: FastAgain PC Booster_UPDATES - (.Activeris.) -- C:\Windows\Tasks\FastAgain PC Booster_UPDATES.job [332]
O39 - APT: FastAgain PC Booster_UPDATES - (.Activeris.) -- C:\Windows\System32\Tasks\FastAgain PC Booster_UPDATES [332]
O39 - APT: ParetoLogic Update Version3 Startup Task - (...) -- C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job [530]
O42 - Logiciel: Avast Packages - (...) [HKCU][64Bits] -- Avast Packages
O42 - Logiciel: Image Resizer - (.Tweaks.) [HKLM][64Bits] -- Tweaks Image Resizer
O42 - Logiciel: Image Resizer Packages - (...) [HKCU][64Bits] -- Image Resizer Packages
O42 - Logiciel: Lollipop - (.Lollipop Network, S.L..) [HKCU][64Bits] -- lollipop_01070657
O42 - Logiciel: Snap.Do Engine - (.ReSoft Ltd..) [HKCU][64Bits] -- {b9b81f85-446e-4d45-aff5-d95c2be8fbf2}
O42 - Logiciel: SpyHunter 4 - (.Enigma Software Group, LLC.) [HKLM][64Bits] -- SpyHunter
[HKCU\Software\Activeris]
[HKCU\Software\AppDataLow\Software\Apps Hat]
[HKCU\Software\Probit Software]
[HKCU\Software\Smartbar]
[HKLM\Software\EnigmaSoftwareGroup]
[HKLM\Software\Wow6432Node\Activeris]
C:\Program Files (x86)\Software
C:\Users\BastienetYanis\AppData\Roaming\Activeris
C:\Users\BastienetYanis\AppData\Roaming\Enigma Software Group
C:\Users\BastienetYanis\AppData\Local\Apps
C:\Users\BastienetYanis\AppData\Local\com
C:\Users\BastienetYanis\AppData\Local\Software
O44 - LFC:[MD5.3B32CAA07D672F8A2E0DF5CB3A873F45] - 30/03/2015 - 22:30:40 ---A- . (...) -- C:\Windows\System32\Drivers\EsgScanner.sys [22704]
O45 - LFCP:[MD5.623B15D8C83942EC578E84B910065636] - 30/03/2015 - 22:27:27 ---A- - C:\Windows\Prefetch\SPYHUNTER-INSTALLER.EXE-A27CA18E.pf
O45 - LFCP:[MD5.D7AA1CFB11083E4DD331528555103B30] - 30/03/2015 - 22:40:52 ---A- - C:\Windows\Prefetch\SPYHUNTER4.EXE-3B4E3201.pf
O58 - SDL:30/03/2015 - 22:30:40 ---A- . (...) -- C:\Windows\System32\Drivers\EsgScanner.sys [22704]
O61 - LFC: 30/03/2015 - 14:11:38 ---A- . (.Enigma Software Group USA, LLC..) -- C:\Users\BastienetYanis\AppData\Roaming\Enigma Software Group\sh_installer.exe [3109248]
O61 - LFC: 30/03/2015 - 14:11:44 ---A- . (.Enigma Software Group USA, LLC..) -- C:\Users\BastienetYanis\Downloads\SpyHunter-Installer.exe [3109248]
O68 - StartMenuInternet: <speed browser> <speed browser> [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\speed browser\Application\chrome.exe (.not file.)
O69 - SBI: SearchScopes [HKCU] {5428abe0-4c3e-40be-b6cb-4ca07f6180ea} - (secure-surf) - http://www.secure-surf.com
O69 - SBI: SearchScopes [HKCR] {afdbddaa-5d3f-42ee-b79c-185a7020515b} [DefaultScope] - (Web Search) - http://ww7.certified-toolbar.com
[HKCR\CLSID\{22222222-2222-2222-2222-220422052294}] (CrossriderApp0040594.Sandbox)
[HKCR\CLSID\{22222222-2222-2222-2222-220422902284}] (CrossriderApp0049084.Sandbox)
SR - | Auto 30/03/2015 1026432 | (SpyHunter 4 Service) . (.Enigma Software Group USA, LLC..) - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
[HKLM\SYSTEM\CurrentControlSet\Services\SpyHunter 4 Service]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Avast Packages]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Image Resizer Packages]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\lollipop_01070657]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SpyHunter]
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220422052294}]
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220422902284}]
C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
O39 - APT: - (..) -- C:\Windows\Tasks\OWST.job [1380]
O43 - CFD: 29/03/2015 - 23:19:00 - [] ----D C:\Program Files (x86)\FastAgain PC Booster
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FastAgain PC Booster_DEFAULT]
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FastAgain PC Booster_UPDATES]
C:\Program Files (x86)\FastAgain PC Booster\PCBooster.exe
C:\Windows\Tasks\FastAgain PC Booster_DEFAULT.job
C:\Windows\System32\Tasks\FastAgain PC Booster_DEFAULT
C:\Windows\Tasks\FastAgain PC Booster_UPDATES.job
C:\Windows\System32\Tasks\FastAgain PC Booster_UPDATES
[HKCU\Software\SearchProtectINTSM]
C:\Users\BastienetYanis\Desktop\SpyHunter.lnk
O3 - Toolbar: (no name) - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
[HKCU\Software\ASKDefaultSearch]
[HKCU\Software\ASKHomePage]
[HKLM\Software\Wow6432Node\mamverifier]
Hostfix
EmptyPrefetch
ShortcutFix
Emptytemp
EmptyClsid
----------------------------------------------------------
- Clique sur le bouton « GO » pour lancer le nettoyage,
- confirme le nettoyage
- Héberge le rapport ZHPFIX.txt sur
https://www.cjoint.com/
puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.
Tuto en bas de cette page :
https://nicolascoolman.eu
leurs sites dédiés, attention à l'installation des barres d'outils !
désinstalle Ad-Aware Antivirus et McAfee Security Scan Plus !!
- /!\ Avertissement /!\,
- ce script est seulement valable pour ce pc, en cours du nettoyage, à ne pas utiliser sur un autre pc, risque de plantage !
/!\Utilisateur de Vista, Seven et W8 :
- Clique droit sur le logo de ZHPfix, « exécuter en tant qu'Administrateur »
Clique sur « importer »
Tu vas voir apparaitre un message d'avertissement, clique sur Ok.
- * Copie ( Ctrl + C ) et colle ( Ctrl + V ) les lignes suivantes en gras dans la fenêtre de Zhpfix :
---------------------------------------------------------
Script Zhpfix
M2 - MFEP: RegExtension {0011ebb6-4390-4e21-a2e3-8dd2a85e92d2} . (...) -- C:\Program Files (x86)\DealsCompare\150.xpi (.not file.)
O1 - Hosts: 54.225.95.126 dmcecclamecbinmplcolhaljlclhbgah
O4 - GS\QuickLaunch [BastienetYanis]: Launch Internet Explorer Browser.lnk . (...) -- C:\Program Files (x86)\speed browser\Application\chrome.exe (.not file.)
O4 - GS\Program [BastienetYanis]: Aide.lnk . (...) -- C:\Program Files (x86)\Probit Software\Easy Speed PC\EasySpeedPC.chm (.not file.)
O4 - GS\Program [BastienetYanis]: Search.lnk . (...) -- C:\Program Files (x86)\speed browser\Application\chrome.exe (.not file.)
O4 - GS\Program [BastienetYanis]: Uninstall.lnk . (...) -- C:\Program Files (x86)\Probit Software\Easy Speed PC\uninstall.exe (.not file.)
O4 - GS\Desktop [BastienetYanis]: SpyHunter.lnk . (...) -- C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe (.not file.)
O4 - HKLM\..\Run: [V-bates] C:\Program Files\V-bates\notifier64.exe (.not file.)
O23 - Service: SpyHunter 4 Service (SpyHunter 4 Service) . (.Enigma Software Group USA, LLC. - Service scanner interface.) - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
[MD5.6ACCFC315FF55C983934811451DDEE66] [APT] [FastAgain PC Booster] (.Activeris.) -- C:\Program Files (x86)\FastAgain PC Booster\PCBooster.exe [8034816]
[MD5.6ACCFC315FF55C983934811451DDEE66] [APT] [FastAgain PC Booster_DEFAULT] (.Activeris.) -- C:\Program Files (x86)\FastAgain PC Booster\PCBooster.exe [8034816]
[MD5.6ACCFC315FF55C983934811451DDEE66] [APT] [FastAgain PC Booster_UPDATES] (.Activeris.) -- C:\Program Files (x86)\FastAgain PC Booster\PCBooster.exe [8034816]
[MD5.00000000000000000000000000000000] [APT] [ParetoLogic Update Version3 Startup Task] (...) -- C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe (.not file.) [0]
[MD5.F845E730A534BA17372368372DF01579] [APT] [SpyHunter4Startup] (.Enigma Software Group USA, LLC..) -- C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [8260480]
[MD5.00000000000000000000000000000000] [APT] [UpdateVO] (...) -- C:\Users\BastienetYanis\AppData\Roaming\VOPackage\VOPackage.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{148A78C4-6AB6-4F04-B670-9373698B5E22}] (...) -- C:\Users\BastienetYanis\AppData\Roaming\Nosibay\Bubble Dock\Uninstall Bubble Dock.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{9B02FA26-A9DC-49AB-B067-F42CB88B2701}] (...) -- c:\program files (x86)\speed browser\application\chrome.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{9B1EACFF-21DD-4567-A7E4-7A77E88D07A8}] (...) -- c:\program files (x86)\speed browser\application\chrome.exe (.not file.) [0]
O39 - APT: FastAgain PC Booster_DEFAULT - (.Activeris.) -- C:\Windows\Tasks\FastAgain PC Booster_DEFAULT.job [324]
O39 - APT: FastAgain PC Booster_DEFAULT - (.Activeris.) -- C:\Windows\System32\Tasks\FastAgain PC Booster_DEFAULT [324]
O39 - APT: FastAgain PC Booster_UPDATES - (.Activeris.) -- C:\Windows\Tasks\FastAgain PC Booster_UPDATES.job [332]
O39 - APT: FastAgain PC Booster_UPDATES - (.Activeris.) -- C:\Windows\System32\Tasks\FastAgain PC Booster_UPDATES [332]
O39 - APT: ParetoLogic Update Version3 Startup Task - (...) -- C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job [530]
O42 - Logiciel: Avast Packages - (...) [HKCU][64Bits] -- Avast Packages
O42 - Logiciel: Image Resizer - (.Tweaks.) [HKLM][64Bits] -- Tweaks Image Resizer
O42 - Logiciel: Image Resizer Packages - (...) [HKCU][64Bits] -- Image Resizer Packages
O42 - Logiciel: Lollipop - (.Lollipop Network, S.L..) [HKCU][64Bits] -- lollipop_01070657
O42 - Logiciel: Snap.Do Engine - (.ReSoft Ltd..) [HKCU][64Bits] -- {b9b81f85-446e-4d45-aff5-d95c2be8fbf2}
O42 - Logiciel: SpyHunter 4 - (.Enigma Software Group, LLC.) [HKLM][64Bits] -- SpyHunter
[HKCU\Software\Activeris]
[HKCU\Software\AppDataLow\Software\Apps Hat]
[HKCU\Software\Probit Software]
[HKCU\Software\Smartbar]
[HKLM\Software\EnigmaSoftwareGroup]
[HKLM\Software\Wow6432Node\Activeris]
C:\Program Files (x86)\Software
C:\Users\BastienetYanis\AppData\Roaming\Activeris
C:\Users\BastienetYanis\AppData\Roaming\Enigma Software Group
C:\Users\BastienetYanis\AppData\Local\Apps
C:\Users\BastienetYanis\AppData\Local\com
C:\Users\BastienetYanis\AppData\Local\Software
O44 - LFC:[MD5.3B32CAA07D672F8A2E0DF5CB3A873F45] - 30/03/2015 - 22:30:40 ---A- . (...) -- C:\Windows\System32\Drivers\EsgScanner.sys [22704]
O45 - LFCP:[MD5.623B15D8C83942EC578E84B910065636] - 30/03/2015 - 22:27:27 ---A- - C:\Windows\Prefetch\SPYHUNTER-INSTALLER.EXE-A27CA18E.pf
O45 - LFCP:[MD5.D7AA1CFB11083E4DD331528555103B30] - 30/03/2015 - 22:40:52 ---A- - C:\Windows\Prefetch\SPYHUNTER4.EXE-3B4E3201.pf
O58 - SDL:30/03/2015 - 22:30:40 ---A- . (...) -- C:\Windows\System32\Drivers\EsgScanner.sys [22704]
O61 - LFC: 30/03/2015 - 14:11:38 ---A- . (.Enigma Software Group USA, LLC..) -- C:\Users\BastienetYanis\AppData\Roaming\Enigma Software Group\sh_installer.exe [3109248]
O61 - LFC: 30/03/2015 - 14:11:44 ---A- . (.Enigma Software Group USA, LLC..) -- C:\Users\BastienetYanis\Downloads\SpyHunter-Installer.exe [3109248]
O68 - StartMenuInternet: <speed browser> <speed browser> [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\speed browser\Application\chrome.exe (.not file.)
O69 - SBI: SearchScopes [HKCU] {5428abe0-4c3e-40be-b6cb-4ca07f6180ea} - (secure-surf) - http://www.secure-surf.com
O69 - SBI: SearchScopes [HKCR] {afdbddaa-5d3f-42ee-b79c-185a7020515b} [DefaultScope] - (Web Search) - http://ww7.certified-toolbar.com
[HKCR\CLSID\{22222222-2222-2222-2222-220422052294}] (CrossriderApp0040594.Sandbox)
[HKCR\CLSID\{22222222-2222-2222-2222-220422902284}] (CrossriderApp0049084.Sandbox)
SR - | Auto 30/03/2015 1026432 | (SpyHunter 4 Service) . (.Enigma Software Group USA, LLC..) - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
[HKLM\SYSTEM\CurrentControlSet\Services\SpyHunter 4 Service]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Avast Packages]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Image Resizer Packages]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\lollipop_01070657]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SpyHunter]
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220422052294}]
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220422902284}]
C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
O39 - APT: - (..) -- C:\Windows\Tasks\OWST.job [1380]
O43 - CFD: 29/03/2015 - 23:19:00 - [] ----D C:\Program Files (x86)\FastAgain PC Booster
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FastAgain PC Booster_DEFAULT]
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FastAgain PC Booster_UPDATES]
C:\Program Files (x86)\FastAgain PC Booster\PCBooster.exe
C:\Windows\Tasks\FastAgain PC Booster_DEFAULT.job
C:\Windows\System32\Tasks\FastAgain PC Booster_DEFAULT
C:\Windows\Tasks\FastAgain PC Booster_UPDATES.job
C:\Windows\System32\Tasks\FastAgain PC Booster_UPDATES
[HKCU\Software\SearchProtectINTSM]
C:\Users\BastienetYanis\Desktop\SpyHunter.lnk
O3 - Toolbar: (no name) - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
[HKCU\Software\ASKDefaultSearch]
[HKCU\Software\ASKHomePage]
[HKLM\Software\Wow6432Node\mamverifier]
Hostfix
EmptyPrefetch
ShortcutFix
Emptytemp
EmptyClsid
----------------------------------------------------------
- Clique sur le bouton « GO » pour lancer le nettoyage,
- confirme le nettoyage
- Héberge le rapport ZHPFIX.txt sur
https://www.cjoint.com/
puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.
Tuto en bas de cette page :
https://nicolascoolman.eu
31 mars 2015 à 14:36