Bonjour, Depuis plusieurs jours j'ai un message qui s'affiche de façon intempestive en bas à droite de mon PC, je n'arrive pas à supprimer ce message comment faire ? Quelqu'un peut-il m'aider ? Merci. Lotus88 Configuration: Windows 7 / Mozilla 11.0

Virus Assitance Technique ?

Réponse 1 / 14

christopherce6 Messages postés 1493 Date d'inscription jeudi 25 juillet 2013 Statut Contributeur Dernière intervention 20 août 2023 230
16 avril 2015 à 12:48

Il s'agit sans aucun doute d'un malware

Télécharge adwcleaner installe le et lance le scan.

Ensuite vient poster le rapport ici

lotus88
16 avril 2015 à 13:15

Je ne sais pas comment poster le rapport, le copier-coller ne fonctionne pas ? Merci de m'indiquer la marche à suivre

christopherce6 Messages postés 1493 Date d'inscription jeudi 25 juillet 2013 Statut Contributeur Dernière intervention 20 août 2023 230 > lotus88
16 avril 2015 à 13:19

tu peux poster le rapport ici: https://www.cjoint.com/ il suffit ensuite de poster le lien reçu en retour :)

lotus88
16 avril 2015 à 13:25

L'avez-vous reçu ?

christopherce6 Messages postés 1493 Date d'inscription jeudi 25 juillet 2013 Statut Contributeur Dernière intervention 20 août 2023 230
16 avril 2015 à 13:27

non. quand tu as fini le scan as-tu redémarré le pc et auredémarrage cliqué sur "afficher le rapport"?

lotus88
16 avril 2015 à 13:34

Non je n'ai pas fait de redémarrage j'ai seulement cliqué sur afficher le rapport, il est apparu sur un bloc note que j'ai enregistrer sous, ensuite j'ai fait un copier-coller à l'adresse que vous m'avez envoyé, il ne fallait pas faire comme ça ?

Réponse 2 / 14

lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 18 septembre 2023 3 804
16 avril 2015 à 19:06

▶ Télécharge ici : FRST (de Farbar)
!!! En fonction de ta version de Windows, prends la "32-Bit Version" ou la "64-Bit Version" !!!
Aide : va dans Démarrer > Panneau de configuration > Système pour savoir si tu es sous 32 bits ou 64 bits.

▶ Double-clique sur l'icône FRST.exe pour lancer le programme. (Sous Windows Vista, 7 et 8, il faut faire un clic droit dessus, puis exécuter en tant qu'administrateur.) Clique ensuite sur Oui lorsqu'un message d'avertissement (Disclaimer) s'affiche.

▶ Sur le menu principal, clique sur le bouton Scan et patiente le temps de l'analyse.

▶ A la fin du scan, deux rapports s'affichent, FRST.txt et Addition.txt Poste les rapports dans ta prochaine réponse.

Les rapport se trouvent ici : C:\FRST\Logs

▶ Envoie-les sur https://www.cjoint.com/ et poste les liens obtenus en échange.

lotus88
16 avril 2015 à 19:29

J'ai un message qui m'indique que FRST64.exe n'est pas fréquemment télécharger et pourrait nuire à mon ordinateur du coup je n'ose pas l'executer ?

lotus88
16 avril 2015 à 20:00

http://www.cjoint.com/1http://apicit.net/jump/?go=http%3A%2F%2Fwww.cjoint.com%2F15av%2FEDquhyOpVRS_addition_16-04-2015_19-46-33.txt5av/EDqujmEUtRv_frst_16-04-2015_19-46-33.txt

lotus88
16 avril 2015 à 20:01

j'espère que ça va fonctionner, je ne suis pas du tout experte en informatique ...

lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 18 septembre 2023 3 804 > lotus88
16 avril 2015 à 21:37

non pas bon

lotus88 > lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 18 septembre 2023
17 avril 2015 à 08:56

Bonjour,
J'espère que cette fois c'est la bonne. Merci.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-04-2015 04
Ran by Dominique at 2015-04-16 19:45:24
Running from C:\Users\Dominique\Logiciels
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3942148593-4059427388-1367756217-1001\...\uTorrent) (Version: 3.3.2.30180 - BitTorrent Inc.)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Reader XI (11.0.10) - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
AVG 2014 (Version: 14.0.3615 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4158 - AVG Technologies) Hidden
CameraHelperMsi (x32 Version: 13.30.1395.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.03 - Piriform)
Complément Office 2007 - Microsoft Enregistrer en tant que PDF ou XPS (Beta) (HKLM-x32\...\{30120000-00B2-040C-0000-0000000FF1CE}) (Version: 12.0.4407.1005 - Microsoft Corporation)
Configuration DivX (HKLM-x32\...\DivX Setup) (Version: 2.6.0.34 - DivX, LLC)
Conseiller de mise à niveau vers Windows 7 (HKLM-x32\...\{9D10CB57-B085-44c3-B435-2D193BA153F0}) (Version: 2.0.5000.0 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Disque de souvenirs HP (HKLM-x32\...\{B376402D-58EA-45EA-BD50-DD924EB67A70}) (Version: 1.0.4.805 - Hewlett-Packard Company)
Dr. Cleanup (HKLM-x32\...\Dr Cleanup) (Version: 1.0.0.1134 - IncrediMail Ltd.)
Dr. Cleanup (x32 Version: 1.0.0.1134 - IncrediMail) Hidden
Easy Burner (HKLM-x32\...\{520C2939-555B-40BF-A91B-8B671AB560EB}) (Version: 2.5058.00033 - Aedge Performance BCN SL)
eMachines GameZone Console (HKLM-x32\...\{31D611A1-03B5-4018-BC6F-DDB5B5616478}_is1) (Version: 5.1.1.3 - Oberon Media, Inc.)
eMachines Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3002 - Acer Incorporated)
eMachines Registration (HKLM-x32\...\eMachines Registration) (Version: 1.02.3004 - Acer Incorporated)
eMachines ScreenSaver (HKLM-x32\...\eMachines Screensaver) (Version: 1.1.0812 - eMachines Incorporated)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Étude pour l'amélioration du produit HP ENVY 5530 series (HKLM\...\{8EAA1E6C-8639-4396-8C89-99EBB3502035}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
ffdshow [rev 3233] [2010-01-28] (HKLM-x32\...\ffdshow_is1) (Version: 1.0.0.3233 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
HP ENVY 5530 series Aide (HKLM-x32\...\{E0C083EB-7C0A-4748-A45C-55A4A040446D}) (Version: 30.0.0 - Hewlett Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3001 - Acer Incorporated)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
IncrediMail (x32 Version: 6.6.0.5288 - IncrediMail) Hidden
IncrediMail 2.5 (HKLM-x32\...\IncrediMail) (Version: 6.6.0.5288 - IncrediMail Ltd.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Logiciel d'archivage WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
Logiciel de base du périphérique HP ENVY 5530 series (HKLM\...\{747C00CE-6551-4962-BD45-CC9C99C41CBA}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Logitech Vid HD (HKLM-x32\...\Logitech Vid) (Version: 7.2 (7259) - Logitech Inc..)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.30 - Logitech Inc.)
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{9011040C-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Outlook Hotmail Connector 64 bits (HKLM\...\{95140000-007A-040C-1000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 64-bit (HKLM\...\{95140000-007D-0409-1000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{3B160861-7250-451E-B5EE-8B92BF30A710}) (Version: 9.7.0621 - Microsoft Corporation)
Mises à jour NVIDIA 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Module de compatibilité pour Microsoft Office System 2007 (HKLM-x32\...\{90120000-0020-040C-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
Nero 9 Essentials (HKLM-x32\...\{602d8310-b7ad-439f-a9f7-09ea903e9911}) (Version: - Nero AG)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Music Player (HKLM-x32\...\{4FCB1267-7380-4EBA-9A6C-69809C6E8227}) (Version: 2.5.11021 - Nokia Music Player)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden
Nokia_Multimedia_Common_Components_2_5 (HKLM-x32\...\{25F61E72-AAA4-4607-95D2-1E5139C98FFB}) (Version: 2.7.69 - Nokia)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: - )
NVIDIA Pilote graphique 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
Package de pilotes Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Panneau de configuration NVIDIA 307.83 (Version: 307.83 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
Photo Notifier and Animation Creator (HKLM-x32\...\Photo Notifier and Animation Creator) (Version: 1.0.0.1008 - IncrediMail Ltd.)
PhotoFiltre (HKU\S-1-5-21-3942148593-4059427388-1367756217-1001\...\PhotoFiltre) (Version: - )
PhotoMail Maker (HKLM-x32\...\PhotoMail) (Version: 6.0.0.1007 - IncrediMail Ltd.)
PhotoMail Maker (x32 Version: 6.0.0.1007 - Nom de votre société) Hidden
PixEasy (HKLM-x32\...\{8F2DCD5C-275B-405E-8086-BFB1B3CE02FE}) (Version: 1.00.00000 - Secure Digital Services)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5898 - Realtek Semiconductor Corp.)
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
Samsung New PC Studio USB Driver Installer (HKLM-x32\...\InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio USB Driver Installer (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SFR - Kit de connexion (HKLM-x32\...\SFR_Kit) (Version: 9.10.15.2 - SFR)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype Web Plugin (HKLM-x32\...\{B51DD93B-3CB5-4D9D-BFF2-FD19DBBBFD9A}) (Version: 2.9.13008.18866 - Skype Technologies S.A.)
Skype(TM) 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Snagit 12 (HKLM-x32\...\{A232C484-23B5-4A2E-A317-A70EA1D1230D}) (Version: 12.1.0 - TechSmith Corporation)
STK02N 2.3 (HKLM-x32\...\{E42E07F5-5A90-4BA9-B55A-79FCF9EAF9B5}) (Version: 2.3 - Syntek)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 1.1.5 (HKLM-x32\...\VLC media player) (Version: 1.1.5 - VideoLAN)
Welcome Center (HKLM-x32\...\eMachines Welcome Center) (Version: 1.00.3005 - Acer Incorporated)
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Zylom Games Player Plugin (HKLM-x32\...\Zylom Games Player Plugin) (Version: - Zylom Games)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

25-03-2015 22:09:26 Windows Update
30-03-2015 11:29:53 Windows Update
03-04-2015 11:13:33 Windows Update
04-04-2015 21:05:49 Windows Update
09-04-2015 09:44:18 Windows Update
12-04-2015 20:43:10 Windows Update
15-04-2015 20:57:31 Windows Update
16-04-2015 11:24:56 Uniblue PC Mechanic installation
16-04-2015 15:30:34 Opération de restauration

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {04E3583B-94A1-48F4-A32B-82C80F0D1687} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {057BFA7B-FAE9-4A74-A52A-EFBF9D56C7FD} - System32\Tasks\{B253A83D-5C02-4E9B-8413-91860B8F3CB7} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-03-25] (Skype Technologies S.A.)
Task: {06DB22B6-A8D4-48B4-970D-0A81CFA016B8} - System32\Tasks\{1FB759C5-5ABF-4879-A110-CB1E796A8373} => pcalua.exe -a c:\users\dominique\appdata\local\lollipop\lollipop_11051905.bat
Task: {0F907260-019F-421A-9C7A-09BC6A50BB1D} - System32\Tasks\{73579047-B456-4BEB-B4D1-0C45192E6B0E} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\3\SSCDUninstall.exe
Task: {11F4FF5E-BAC8-448C-BF08-CD5E6781D465} - System32\Tasks\TechSmith Updater => C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [2014-05-30] (TechSmith Corporation)
Task: {1740B297-2BB0-45D6-9E0C-9EDC6748CA7F} - System32\Tasks\4804 => Wscript.exe C:\Users\DOMINI~1\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {195D546E-5759-4334-8E63-16A1FFCAFE10} - System32\Tasks\{C71580E3-27A3-4738-B8AF-FB32EAB48297} => C:\Program Files (x86)\Common Files\LogiShrd\LWSPlugins\LWS\Applets\HelpMain\launchershortcut.exe [2011-08-26] ()
Task: {27DDBB28-23C9-491B-AD50-AA3AD70217A1} - System32\Tasks\{1B2A07DF-E653-466D-A443-77700D341EAF} => pcalua.exe -a D:\install\driver\PioneerInstaller.exe -d D:\install\driver
Task: {2E85F813-AB22-4832-AF8F-0E7D695BA96F} - System32\Tasks\{C51D8CE2-CFFF-4D99-875F-06A7E4491B17} => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
Task: {2F19633C-376E-4DB4-8244-EAC171CE9C18} - System32\Tasks\helper_king_notification_service => C:\Program Files (x86)\helper king\helper_king_notification_service.exe [2015-04-01] (FileProperties_CompanyName) <==== ATTENTION
Task: {314EABC9-21B9-4239-81A0-DFD99F54CBDE} - System32\Tasks\{C9481D81-9595-4EB6-9DFD-03A0D7BE4907} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\5\SSSDUninstall.exe
Task: {3164AF1D-5B2D-4F63-996B-BE837B9B2A87} - System32\Tasks\{9468B1E6-D8D5-4E53-A046-57EF13E26FF0} => D:\logitheque\Mahjongg.exe
Task: {3A20EC85-BAEE-44B5-A046-A533E566B0A9} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {3DABE18F-8248-41B8-9598-64380CAF2C61} - System32\Tasks\{3B9D72C6-9BA6-4508-9528-1BAC71C74CA3} => C:\Program Files (x86)\Common Files\LogiShrd\LWSPlugins\LWS\Applets\HelpMain\launchershortcut.exe [2011-08-26] ()
Task: {3EAC1C6B-778C-4F27-B063-ECE248076F5D} - System32\Tasks\{18B8C55D-D6E5-4603-8E36-9FF05D47C3D3} => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
Task: {3ED39784-1448-49CA-8F24-8A2BC2457457} - System32\Tasks\{101265C6-D4A1-4F62-A55C-E36C0396B156} => C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe [2014-12-03] (Adobe Systems Incorporated)
Task: {3ED62F9F-7053-40FA-840F-480BE8647499} - System32\Tasks\{EA8AB2F3-39D3-448B-9055-54838392AD67} => D:\logitheque\Mahjongg.exe
Task: {3FC2272E-3611-4A58-990F-89522864C4C2} - System32\Tasks\kong_games_updating_service => C:\Program Files (x86)\kong games\kong_games_updating_service.exe <==== ATTENTION
Task: {51DC0C0E-1D48-4463-BA2B-ADD80822AF3E} - System32\Tasks\{AEB62BCC-1470-4ABC-8A9B-BAE5BB5B394A} => pcalua.exe -a "C:\Program Files (x86)\CinemaHDplus-V1.8\Uninstall.exe" -c /fcp=1
Task: {529B64B1-578A-45FF-8053-72D17C94D22D} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-12-17] (Oracle Corporation)
Task: {5E333935-7E7B-40C2-8CA8-0F8EEEBF8F8C} - System32\Tasks\{E46D9E7B-1386-4AC7-94BD-9A4401D4BE3A} => pcalua.exe -a D:\install.EXE -d D:\
Task: {5F8D98E5-1201-42B5-9BEC-450A3B7EF367} - System32\Tasks\{7E5F2065-0BC9-4B30-80A0-FCB3D7736D90} => Iexplore.exe http://ui.skype.com/ui/0/6.3.0.107/fr/abandoninstall?source=lightinstaller&page=tsInstall
Task: {6CBBACB2-1084-480F-A3F6-C45330B93CD4} - System32\Tasks\kong_games_notification_service => C:\Program Files (x86)\kong games\kong_games_notification_service.exe [2015-04-02] (FileProperties_CompanyName) <==== ATTENTION
Task: {6F99C139-7499-40C0-BDCE-E8F8A591DCE8} - System32\Tasks\{D27F39D7-8D2E-4F6F-844F-470EAEE3C50F} => C:\Program Files (x86)\AVG\AVG2014\avgui.exe
Task: {6FB3B49C-7173-46B8-BB3D-C62B2819645C} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\eMachines\eMachines Recovery Management\NotificationCenter\Notification.exe [2009-07-09] (Acer)
Task: {789919E3-8FF2-4A03-B7A8-CA9FDD71F0D2} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {828B0E87-E721-41C9-B7AA-1264E76DEBA2} - System32\Tasks\{A5D9B4EB-BA62-443B-8A69-CEF737DD5FDB} => C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe [2014-12-03] (Adobe Systems Incorporated)
Task: {85FAEDBA-9F29-458D-B38D-5613ACE2347B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3942148593-4059427388-1367756217-1001UA => C:\Users\Dominique\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-13] (Facebook Inc.)
Task: {8BC8E7A1-2E8A-4D91-A40E-DE841FAD28BF} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {8C07AC7D-D5A6-4E8D-9F98-CDBB0F974387} - System32\Tasks\{93F8A551-EB78-4D2C-A8D9-F284962177C9} => C:\Program Files (x86)\AVG\AVG2014\avgui.exe
Task: {9487A5AB-DD9F-464B-8079-3BE5E0D431C3} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {97F34652-0A7E-4310-B772-CA5BDEF6C5C0} - System32\Tasks\{42407CF9-6167-4B34-A3A9-284DE1E7533A} => pcalua.exe -a D:\setup.exe -d D:\
Task: {9CA71051-19AA-4BF8-81FB-E68A4391C4A2} - System32\Tasks\{62B6CA52-0CDC-40EE-97D5-BFA579ACFF48} => pcalua.exe -a C:\Users\Dominique\Downloads\New_PC_Studio_1.5.1.10064_2.exe -d C:\Users\Dominique\Downloads
Task: {A99FBF2B-BC54-49F6-83E5-A6EAF2362766} - System32\Tasks\{20781814-434D-45BB-A5C8-5C815162096B} => pcalua.exe -a C:\Users\Dominique\Documents\Office.2007.Professionnel\Office.2007.Professionnel\SETUP.EXE -d C:\Users\Dominique\Documents\Office.2007.Professionnel\Office.2007.Professionnel
Task: {AFCA61ED-4AC2-42A5-882D-5FCDEAEF7268} - System32\Tasks\helper_king_updating_service => C:\Program Files (x86)\helper king\helper_king_updating_service.exe <==== ATTENTION
Task: {B40C98D2-8523-4252-9139-3398E2CE3E36} - System32\Tasks\{A84E1D3C-9ACA-4E38-8746-089BC24AFCEE} => Iexplore.exe http://ui.skype.com/ui/0/6.6.0.106/fr/abandoninstall?page=tsMain
Task: {B4B89788-9933-4233-A21C-90F5E1F26E1A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: {BDF5DC81-A546-4FE0-B938-DC1793E8CF81} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {C216F2E1-E436-4188-9B83-265013B1C5A2} - System32\Tasks\{E60AFF3D-CED5-48D1-BE29-54B42FCA233F} => C:\Program Files (x86)\AVG\AVG2014\avgui.exe
Task: {CBA698A6-F944-4BA9-BDBD-975697E7D4AC} - System32\Tasks\Dr. CleanUp => C:\Program Files (x86)\DrCleanUp\drCleanup.exe
Task: {CD51563C-2B3A-4774-B3B7-30B9C90CF33B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3942148593-4059427388-1367756217-1001Core => C:\Users\Dominique\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-13] (Facebook Inc.)
Task: {D2E1B1FF-AC81-492C-8837-F68945FF2794} - System32\Tasks\{A4CBBF89-E9BD-4E9F-9104-82219DA29549} => pcalua.exe -a C:\Windows\SysWOW64\DivXControlPanelApplet.cpl -c DivX Control Panel
Task: {E0257BD5-B095-4705-8CD4-1DF7A4C946DB} - System32\Tasks\{C0612F59-3520-46B6-A52E-8CF553CA775D} => D:\logitheque\Mahjongg.exe
Task: {E0EB48BD-543B-4B1F-A7BF-B061BB5AEB9D} - System32\Tasks\{3319D058-14A9-4DBE-AC65-3AAC3C4C7275} => D:\logitheque\Mahjongg.exe
Task: {E7966678-3D43-47D4-B820-978E4C2CAEDC} - System32\Tasks\{4E99CBC6-3352-460F-B58B-D9B94A9EF720} => pcalua.exe -a C:\Users\Dominique\AppData\Roaming\sweet-page\UninstallManager.exe -c -ptid=cor
Task: {EA8F8E6D-F6EC-4FE4-8C79-EEEA6C0E648C} - System32\Tasks\{AD6F6C10-FA65-44CB-9B1F-E9FF4424AC05} => C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe [2014-12-03] (Adobe Systems Incorporated)
Task: {EC4BC351-4348-4DDC-9A9D-2DEB4948A0CB} - System32\Tasks\{0315B8CD-0385-4908-8983-3FE7FF32985C} => pcalua.exe -a "C:\Users\Dominique\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J0JXV907\gamesplayerinstall[1].exe" -d C:\Users\Dominique\Desktop
Task: {EE92D609-7E84-4588-9FCB-20B9007261A1} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION
Task: {F28FC1BB-46E6-4ED1-A611-1869A402B2A3} - System32\Tasks\HPCustParticipation HP ENVY 5530 series => C:\Program Files\HP\HP ENVY 5530 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {F48FFE04-AFAB-4AFD-BD7B-ED1F368B6733} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {F855F904-ADB5-4856-9346-1E030B065569} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {FA91ADE6-F1A2-41A2-A6EB-B817292E2BF6} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3942148593-4059427388-1367756217-1001Core.job => C:\Users\Dominique\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3942148593-4059427388-1367756217-1001UA.job => C:\Users\Dominique\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\helper_king_notification_service.job => C:\Program Files (x86)\helper king\helper_king_notification_service.exeç/url='http:/cdn.selectbestopt.com/notf_sys/index.html' /crregname='helper king' /appid='73143' /srcid='2913' /bic='e88e9f06b607359f7d35e36679a14754' /verifier='531b53effb324c32c2237464c307263c' /installerversion='1.50.3.10' /statsdomain='http:/stats.buildomserv.com/data.gif?' /errorsdomain='http:/stats.buildomserv.com/data.gif?' /monetizationdomain='http:/logs.buildomserv.com/monetization.gif <==== ATTENTION
Task: C:\Windows\Tasks\helper_king_updating_service.job => C:\Program Files (x86)\helper king\helper_king_updating_service.exe¬ /campid=2913 /verid=1 /url=http:/cdn.buildomserv.com/txt/@CAMPID@/@VER@/file.txt /appid=73143 /taskname=helper_king_updating_service /funurl=http:/stats.buildomserv.com <==== ATTENTION
Task: C:\Windows\Tasks\kong_games_notification_service.job => C:\Program Files (x86)\kong games\kong_games_notification_service.exeæ/url='http:/cdn.selectbestopt.com/notf_sys/index.html' /crregname='kong games' /appid='73143' /srcid='2913' /bic='e88e9f06b607359f7d35e36679a14754' /verifier='531b53effb324c32c2237464c307263c' /installerversion='1.50.3.10' /statsdomain='http:/stats.buildomserv.com/data.gif?' /errorsdomain='http:/stats.buildomserv.com/data.gif?' /monetizationdomain='http:/logs.buildomserv.com/monetization.gif <==== ATTENTION
Task: C:\Windows\Tasks\kong_games_updating_service.job => C:\Program Files (x86)\kong games\kong_games_updating_service.exe« /campid=2913 /verid=1 /url=http:/cdn.buildomserv.com/txt/@CAMPID@/@VER@/file.txt /appid=73143 /taskname=kong_games_updating_service /funurl=http:/stats.buildomserv.com <==== ATTENTION

==================== Loaded Modules (whitelisted) ==============

2013-04-14 00:25 - 2013-01-31 11:25 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2009-04-19 17:34 - 2009-04-19 17:34 - 00625184 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
2009-04-19 17:34 - 2009-04-19 17:34 - 00070176 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll
2009-04-19 17:34 - 2009-04-19 17:34 - 00578080 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase.dll
2009-04-19 17:34 - 2009-04-19 17:34 - 00207904 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2011-08-12 13:18 - 2011-08-12 13:18 - 00265240 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2011-08-12 13:19 - 2011-08-12 13:19 - 00680984 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
2014-06-17 11:28 - 2014-06-17 11:28 - 00033128 _____ () C:\Program Files (x86)\IncrediMail\Bin\IMHttpComm.dll
2014-06-17 11:28 - 2014-06-17 11:28 - 00072104 _____ () C:\Program Files (x86)\IncrediMail\Bin\wlessfp1.dll
2014-06-17 11:28 - 2014-06-17 11:28 - 00272808 _____ () C:\Program Files (x86)\IncrediMail\Bin\ImLookExU.dll
2013-10-01 15:02 - 2013-10-01 15:02 - 00108888 _____ () C:\Program Files (x86)\IncrediMail\Bin\pmc.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 08507232 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 02354016 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 01014624 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 00364384 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 02480992 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 01346912 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 00206176 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 02653024 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 00033120 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 00035680 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 00207200 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 11166560 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll
2013-10-02 21:30 - 2013-10-02 21:30 - 00276832 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll
2013-04-15 14:26 - 2013-04-15 14:26 - 00391600 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll
2013-04-15 14:26 - 2013-04-15 14:26 - 00059280 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 00446304 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 00520544 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll
2013-10-02 21:29 - 2013-10-02 21:29 - 00720736 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll
2013-10-02 21:28 - 2013-10-02 21:28 - 00606560 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll
2013-10-02 21:30 - 2013-10-02 21:30 - 00093024 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\qjson.dll
2013-10-02 21:28 - 2013-10-02 21:28 - 00438624 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll
2010-05-07 18:35 - 2010-05-07 18:35 - 02143576 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2010-05-07 18:35 - 2010-05-07 18:35 - 07954776 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2010-05-07 18:36 - 2010-05-07 18:36 - 00340824 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2010-05-07 18:37 - 2010-05-07 18:37 - 00027480 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2010-05-07 18:37 - 2010-05-07 18:37 - 00126808 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2011-08-22 16:47 - 2011-08-22 16:47 - 00336408 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2014-06-17 11:28 - 2014-06-17 11:28 - 00080296 _____ () C:\Program Files (x86)\IncrediMail\bin\ImAppRU.dll
2014-06-17 11:28 - 2014-06-17 11:28 - 00133544 _____ () C:\Program Files (x86)\IncrediMail\Bin\ImComUtlU.dll
2011-03-27 11:09 - 2014-06-17 11:27 - 01034096 _____ () C:\Program Files (x86)\IncrediMail\bin\AE\ActionEngine.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\WinRE{33875bcb0-c571-4ac4-9d2d-87796275a886}:$WIMMOUNTDATA
AlternateDataStreams: C:\ProgramData\TEMP:04A863A6
AlternateDataStreams: C:\ProgramData\TEMP:0B9176C0
AlternateDataStreams: C:\ProgramData\TEMP:1D51C10D
AlternateDataStreams: C:\ProgramData\TEMP:2A8A3140
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
AlternateDataStreams: C:\ProgramData\TEMP:AD022376

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3942148593-4059427388-1367756217-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dominique\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^hpoddt01.exe.lnk => C:\Windows\pss\hpoddt01.exe.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Dominique^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Notification de cadeaux MSN.lnk => C:\Windows\pss\Notification de cadeaux MSN.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: NokiaMServer => C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
MSCONFIG\startupreg: NokiaOviSuite2 => C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray

==================== Accounts: =============================

Administrateur (S-1-5-21-3942148593-4059427388-1367756217-500 - Administrator - Disabled)
Dominique (S-1-5-21-3942148593-4059427388-1367756217-1001 - Administrator - Enabled) => C:\Users\Dominique
HomeGroupUser$ (S-1-5-21-3942148593-4059427388-1367756217-1002 - Limited - Enabled)
Invité (S-1-5-21-3942148593-4059427388-1367756217-501 - Limited - Disabled) => C:\Users\Invité
UpdatusUser (S-1-5-21-3942148593-4059427388-1367756217-1004 - Limited - Enabled) => C:\Users\TEMP

==================== Faulty Device Manager Devices =============

Name: Souris Microsoft PS/2
Description: Souris Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (04/16/2015 06:16:26 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1500) (User: Dominique-PC)
Description: Windows ne peut pas vous ouvrir une session car votre profil ne peut pas être chargé. Vérifiez que vous êtes connecté au réseau et que le réseau fonctionne correctement.

DÉTAIL - Accès refusé.

Error: (04/16/2015 05:04:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme IEXPLORE.EXE version 11.0.9600.17728 a cessé d'interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l'historique du problème dans le Centre de maintenance.

ID de processus : d8c

Heure de début : 01d078546ed529d0

Heure de fin : 0

Chemin d'accès de l'application : C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

ID de rapport :

Error: (04/16/2015 04:40:47 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1500) (User: Dominique-PC)
Description: Windows ne peut pas vous ouvrir une session car votre profil ne peut pas être chargé. Vérifiez que vous êtes connecté au réseau et que le réseau fonctionne correctement.

DÉTAIL - Accès refusé.

Error: (04/16/2015 04:23:33 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1500) (User: Dominique-PC)
Description: Windows ne peut pas vous ouvrir une session car votre profil ne peut pas être chargé. Vérifiez que vous êtes connecté au réseau et que le réseau fonctionne correctement.

DÉTAIL - Accès refusé.

Error: (04/16/2015 03:46:31 PM) (Source: MsiInstaller) (EventID: 11606) (User: AUTORITE NT)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.

Error: (04/16/2015 03:46:31 PM) (Source: MsiInstaller) (EventID: 11606) (User: AUTORITE NT)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.

Error: (04/16/2015 03:46:08 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1500) (User: Dominique-PC)
Description: Windows ne peut pas vous ouvrir une session car votre profil ne peut pas être chargé. Vérifiez que vous êtes connecté au réseau et que le réseau fonctionne correctement.

DÉTAIL - Accès refusé.

Error: (04/16/2015 03:30:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l'appel OnIdentity() dans l'objet System Writer.

Details:
AddWin32ServiceFiles: Unable to back up image of service globalUpdate Update Service (globalUpdatem) since QueryServiceConfig API failed

System Error:
Le fichier spécifié est introuvable.
.

Error: (04/16/2015 03:30:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l'appel OnIdentity() dans l'objet System Writer.

Details:
AddWin32ServiceFiles: Unable to back up image of service globalUpdate Update Service (globalUpdate) since QueryServiceConfig API failed

System Error:
Le fichier spécifié est introuvable.
.

Error: (04/16/2015 03:30:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Les services de chiffrement ont échoué lors du traitement de l'appel OnIdentity() dans l'objet System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary SPPD.

System Error:
Le fichier spécifié est introuvable.
.

System errors:
=============
Error: (04/16/2015 06:16:26 PM) (Source: Service Control Manager) (EventID: 7005) (User: )
Description: L'appel LoadUserProfile a échoué avec l'erreur :
%%5

Error: (04/16/2015 06:14:02 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger :
AFS

Error: (04/16/2015 06:13:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service KMService n'a pas pu démarrer en raison de l'erreur :
%%3

Error: (04/16/2015 06:12:07 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Le Gestionnaire de services de contrôle a essayé d'entreprendre une action corrective (Redémarrer le service) après la fin inattendue du service Windows Search, mais cette action a échoué en raison de l'erreur suivante :
%%1056

Error: (04/16/2015 06:11:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Windows Live ID Sign-in Assistant s'est terminé de manière inattendue. Ceci s'est produit 2 fois. L'action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service.

Error: (04/16/2015 06:11:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Windows Search s'est terminé de manière inattendue. Ceci s'est produit 2 fois. L'action corrective suivante va être effectuée dans 30000 millisecondes : Redémarrer le service.

Error: (04/16/2015 06:11:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service NVIDIA Update Service Daemon s'est terminé de façon inattendue pour la 1ème fois.

Error: (04/16/2015 06:11:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Service Partage réseau du Lecteur Windows Media s'est terminé de manière inattendue. Ceci s'est produit 1 fois. L'action corrective suivante va être effectuée dans 30000 millisecondes : Redémarrer le service.

Error: (04/16/2015 06:11:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service ServiceLayer s'est terminé de façon inattendue pour la 1ème fois.

Error: (04/16/2015 06:11:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Windows Search s'est terminé de manière inattendue. Ceci s'est produit 1 fois. L'action corrective suivante va être effectuée dans 30000 millisecondes : Redémarrer le service.

Microsoft Office Sessions:
=========================
Error: (04/16/2015 06:16:26 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1500) (User: Dominique-PC)
Description: Accès refusé.

Error: (04/16/2015 05:04:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17728d8c01d078546ed529d00C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (04/16/2015 04:40:47 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1500) (User: Dominique-PC)
Description: Accès refusé.

Error: (04/16/2015 04:23:33 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1500) (User: Dominique-PC)
Description: Accès refusé.

Error: (04/16/2015 03:46:31 PM) (Source: MsiInstaller) (EventID: 11606) (User: AUTORITE NT)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (04/16/2015 03:46:31 PM) (Source: MsiInstaller) (EventID: 11606) (User: AUTORITE NT)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (04/16/2015 03:46:08 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1500) (User: Dominique-PC)
Description: Accès refusé.

Error: (04/16/2015 03:30:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service globalUpdate Update Service (globalUpdatem) since QueryServiceConfig API failed

System Error:
Le fichier spécifié est introuvable.

Error: (04/16/2015 03:30:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service globalUpdate Update Service (globalUpdate) since QueryServiceConfig API failed

System Error:
Le fichier spécifié est introuvable.

Error: (04/16/2015 03:30:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary SPPD.

System Error:
Le fichier spécifié est introuvable.

==================== Memory info ===========================

Processor: AMD Athlon(tm) 7450 Dual-Core Processor
Percentage of memory in use: 68%
Total physical RAM: 2815.37 MB
Available physical RAM: 896.84 MB
Total Pagefile: 5628.93 MB
Available Pagefile: 2582.86 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (eMachines) (Fixed) (Total:282.99 GB) (Free:161.28 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: BF4E4FDB)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=283 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-04-2015 04
Ran by Dominique (administrator) on DOMINIQUE-PC on 16-04-2015 19:43:03
Running from C:\Users\Dominique\Logiciels
Loaded Profiles: Dominique (Available profiles: Dominique & UpdatusUser & Invité)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Français (France)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Acer Incorporated) C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe
(Acer) C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(FileProperties_CompanyName) C:\Program Files (x86)\helper king\helper_king_notification_service.exe
(FileProperties_CompanyName) C:\Program Files (x86)\kong games\kong_games_notification_service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP ENVY 5530 series\Bin\ScanToPCActivationApp.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 12\Snagit32.exe
(Syntek Ltd.) C:\Windows\STK02N\STK02NM.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 12\SnagPriv.exe
() C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Nokia) C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 12\TscHelp.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_14_0_0_125_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7981088 2009-07-20] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-08-12] (Logitech Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NokiaMusic FastStart] => C:\Program Files (x86)\Nokia\Nokia Music Player\NokiaMusicPlayer.exe [2193000 2011-10-21] (Nokia)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3942148593-4059427388-1367756217-1001\...\Run: [IncrediMail] => C:\Program Files (x86)\IncrediMail\bin\IncMail.exe [444840 2014-06-17] (IncrediMail, Ltd.)
HKU\S-1-5-21-3942148593-4059427388-1367756217-1001\...\Run: [Facebook Update] => C:\Users\Dominique\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-11-13] (Facebook Inc.)
HKU\S-1-5-21-3942148593-4059427388-1367756217-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe [761064 2014-12-03] (Adobe Systems Incorporated)
HKU\S-1-5-21-3942148593-4059427388-1367756217-1001\...\Run: [] => [X]
HKU\S-1-5-21-3942148593-4059427388-1367756217-1001\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-10-02] (Nokia)
HKU\S-1-5-21-3942148593-4059427388-1367756217-1001\...\Run: [HP ENVY 5530 series (NET)] => C:\Program Files\HP\HP ENVY 5530 series\Bin\ScanToPCActivationApp.exe [3487240 2014-03-06] (Hewlett-Packard Co.)
HKU\S-1-5-21-3942148593-4059427388-1367756217-1001\...\RunOnce: [Adobe Speed Launcher] => 1429200851
HKU\S-1-5-21-3942148593-4059427388-1367756217-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 12.lnk
ShortcutTarget: Snagit 12.lnk -> C:\Program Files (x86)\TechSmith\Snagit 12\Snagit32.exe (TechSmith Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\STK02N 2.3 PNP Monitor.lnk
ShortcutTarget: STK02N 2.3 PNP Monitor.lnk -> C:\Windows\STK02N\STK02NM.exe (Syntek Ltd.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3942148593-4059427388-1367756217-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-10-26] (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-25] (Oracle Corporation)
BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Interest recogniser for Pixeasy (powered by Spointer) -> {b9b311cd-e430-43c9-b579-07eb818ce7be} -> C:\Program Files (x86)\PixEasy\spointer\extensions\pixeasy_air_ie.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-3942148593-4059427388-1367756217-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://qtinstall.apple.com/qtactivex/qtplugin.cab
DPF: HKLM-x32 {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab
DPF: HKLM-x32 {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://game.zylom.com/activex/zylomgamesplayer.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin64.dll [2013-12-04] (Skype)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-11-08] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-10-02] ( )
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll [2012-05-31] (Oberon-Media )
FF Plugin-x32: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dll [2013-12-04] (Skype)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @zylom.com/ZylomGamesPlayer -> C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll [2009-10-23] (Zylom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3942148593-4059427388-1367756217-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Dominique\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF HKLM-x32\...\Firefox\Extensions: [***@***] - C:\Program Files (x86)\PixEasy\spointer\extensions\***@***
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-11-20]

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Profile: C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Interest Recognizer for Pixeasy) - C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaigemenfdchjldbnoeklodikdljomnf [2015-04-03]
CHR Extension: (amigcgbheognjmfkaieeeadojiibgbdp) - C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\amigcgbheognjmfkaieeeadojiibgbdp [2015-04-14]
CHR Extension: (YouTube) - C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-18]
CHR Extension: (cfnpidifppmenkapgihekkeednfoenal) - C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfnpidifppmenkapgihekkeednfoenal [2015-04-06]
CHR Extension: (Google Search) - C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-18]
CHR Extension: (No Name) - C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgmpjohfgidbnmmihaholohmeccijgog [2015-04-16]
CHR Extension: (kong games) - C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlabcihlajghaekmikmkncdhekcaaenl [2015-04-02]
CHR Extension: (dlahcjmefibiedeecoegjilekaebchhl) - C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlahcjmefibiedeecoegjilekaebchhl [2015-04-09]
CHR Extension: (eekjldapjblgadclklmgolijbagmdnfk) - C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\eekjldapjblgadclklmgolijbagmdnfk [2015-04-02]
CHR Extension: (ejmgiaknfepbhamafcfdhhfoidnoidge) - C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejmgiaknfepbhamafcfdhhfoidnoidge [2015-04-01]
CHR Extension: (kmokinipfahjbfaicnjnmlobmbfiedmp) - C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmokinipfahjbfaicnjnmlobmbfiedmp [2015-04-07]
CHR Extension: (helper king) - C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\lalfbopdcggfdchjfgkhgnifhippfnco [2015-04-01]
CHR Extension: (Skype Click to Call) - C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-04-03]
CHR Extension: (Google Wallet) - C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-04]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2015-04-03]
CHR Extension: (No Name) - C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohodmcahedcphoipgooelhjcfahodhcj [2015-04-16]
CHR Extension: (Gmail) - C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-18]
CHR HKLM-x32\...\Chrome\Extension: [aaigemenfdchjldbnoeklodikdljomnf] - C:\Program Files (x86)\PixEasy\spointer\extensions\chrome\pixeasy_air_chrome.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-01-17]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-10-26]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [625184 2009-04-19] ()
R2 Greg_Service; C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe [1150496 2009-06-04] (Acer Incorporated)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [207904 2009-04-19] ()
R2 Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [240160 2009-07-04] (Acer)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 KMService; No ImagePath

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [148792 2013-09-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [241464 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192824 2013-09-02] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-08] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
S3 DCamUSBSTK02N; C:\Windows\System32\DRIVERS\STK02NW2.sys [106496 2007-03-12] (Syntek Ltd.)
S3 DCamUSBSTK02N; C:\Windows\SysWOW64\DRIVERS\STK02NW2.sys [101520 2007-03-12] (Syntek Ltd.)
S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-16 19:40 - 2015-04-16 19:43 - 00000000 ____D () C:\FRST
2015-04-16 18:13 - 2015-04-16 18:13 - 00000354 _____ () C:\Windows\PFRO.log
2015-04-16 14:18 - 2015-04-16 16:47 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-16 14:17 - 2015-04-16 16:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-16 14:17 - 2015-04-16 16:32 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-16 14:17 - 2015-04-16 14:17 - 00001158 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-16 14:17 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-16 14:17 - 2015-03-17 06:15 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-16 14:17 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-16 13:29 - 2015-04-16 19:43 - 00000000 ____D () C:\Users\Dominique\Logiciels
2015-04-16 10:34 - 2015-04-16 18:13 - 00000168 _____ () C:\Windows\setupact.log
2015-04-16 10:34 - 2015-04-16 10:34 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-15 10:31 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 10:31 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 10:31 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 10:31 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 10:31 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 10:31 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 10:31 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 10:31 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 10:31 -

Réponse 3 / 14

christopherce6 Messages postés 1493 Date d'inscription jeudi 25 juillet 2013 Statut Contributeur Dernière intervention 20 août 2023 230
16 avril 2015 à 12:31

Bonjour,

Quel est ce message ?

lotus88
16 avril 2015 à 12:38

Le message m'indique "Assistant de notification" Est'ce que votre ordinateur marche lente ? Pour Assitence Technique Appelez gratuitement maintenant - Disponible 24/7 01 70 72 65 48 Fournie par helper king" Voilà tout ce qui est indiquer dans la fenêtre que apparait sans arrêt. En outre le ventilateur de mon PC se met très fortement en fonction cela m'inquiète beaucoup. Merci pour votre aide.
Lotus88

Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 629
16 avril 2015 à 13:55

Ce sont des messages qui ont pour but de te faire téléphoner à un support, qui n'est là que pour te dire que ton ordinateur est infecté et tenter de te faire acheter des logiciels.

Principe expliquée sur la page : Arnaques désinfection/support par téléphone

lotus88 > Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020
16 avril 2015 à 14:09

Merci Malekal, pouvez-vous m'aider à me débarrasser de cette infection, Christophe ne sait pas faire.

Réponse 4 / 14

lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 18 septembre 2023 3 804
16 avril 2015 à 13:39

Si c'est bien ça

Une fois le rapport héberger il faut copier coller le lien du rapport dans ta prochaine réponse

lotus88
16 avril 2015 à 13:43

Ok merci, il me semble que c'est ce que j'ai fait mais cela n'a pas fonctionner...
je vais recommencer.

Réponse 5 / 14

christopherce6 Messages postés 1493 Date d'inscription jeudi 25 juillet 2013 Statut Contributeur Dernière intervention 20 août 2023 230
16 avril 2015 à 13:50

alors dans premier temps ouvrir ADWCleaner et cliquer sur scanner.

L'analyse se lance:

le résultat s'affiche:

Ensuite clic sur supprimer: A la fin de la suppression tu auras ceci:

valider et tu auras ceci:

une fois le pc redémarré le rapport s'affichera tout seul:

Il suffit alors de juste sélectionner le texte , le copier et le coler dans ton prochain post.

lotus88
16 avril 2015 à 13:56

Je n'ai pas eu besoin de redémarrer mon ordi puisque j'ai enregistré le rapport sous et je viens de te le transmettre l'as-tu reçu cette fois ci ? Il est assez long.

christopherce6 Messages postés 1493 Date d'inscription jeudi 25 juillet 2013 Statut Contributeur Dernière intervention 20 août 2023 230
16 avril 2015 à 13:58

Non toujours pas. Mais où donc le postes-tu le rapport?

christopherce6 Messages postés 1493 Date d'inscription jeudi 25 juillet 2013 Statut Contributeur Dernière intervention 20 août 2023 230 > christopherce6 Messages postés 1493 Date d'inscription jeudi 25 juillet 2013 Statut Contributeur Dernière intervention 20 août 2023
16 avril 2015 à 13:59

ca va j'ai vu il est là

Réponse 6 / 14

christopherce6 Messages postés 1493 Date d'inscription jeudi 25 juillet 2013 Statut Contributeur Dernière intervention 20 août 2023 230
Modifié par christopherce6 le 16/04/2015 à 14:03

Maintenant, poste ce rapport dans la section virus du site. Tu as bien une infection, mais mes connaissances en la matière s'arrêtent ici, je préfère donc ne pas dire de bêtises et laisser la main aux spécialistes du site dans ce domaine précis.

Prenez soin de vérifier qu'une solution à votre problème n'existe pas déjà sur CCM

lotus88
16 avril 2015 à 17:56

Au secours Christofer ne me laisse pas en plan ! je ne sais toujours pas comment me débarrasser de virus et mon ordinateur est très sérieusement ralenti. Merci de m'aider

christopherce6 Messages postés 1493 Date d'inscription jeudi 25 juillet 2013 Statut Contributeur Dernière intervention 20 août 2023 230 > lotus88
16 avril 2015 à 17:58

Si tu suis le petit tuto que je t'ai indiqué plus haut tu devrais pouvoir régler le problème

lotus88 > christopherce6 Messages postés 1493 Date d'inscription jeudi 25 juillet 2013 Statut Contributeur Dernière intervention 20 août 2023
16 avril 2015 à 18:25

J'ai suivi le petit tuto que tu m'as indiqué, le rapport m'indique que le logiciel a bien supprimé tout un tas de chose mais le malware est toujours présent puisqu'il vient de se montrer. Je n'arrive pas à m'en débarrasser.

Réponse 7 / 14

lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 18 septembre 2023 3 804
16 avril 2015 à 15:14

Christophe

Il y est déjà :)

lotus88
16 avril 2015 à 17:57

Bonjour liliburhone, Christopher ne sait pas me dépanner et vous le pouvez-vous ? Merci pour votre aide.

Réponse 8 / 14

lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 18 septembre 2023 3 804
16 avril 2015 à 19:32

Tu peux passer outre c'est smartscreen

lotus88
17 avril 2015 à 12:36

Bonjour lilidurhone, Hier nous n'avons pas fini le dépannage concernant le malware d'Assistance de notification, c'est très pénible de voir cette affichage intempestif toutes les 3 ou 4 mn dans un encadré en bas à droite, pouvez vous reprendre mon dossier. Ce matin je pense avoir réussi à vous faire parvenir les 2 fichiers que vous m'aviez demandé plus haut. Merci

Réponse 9 / 14

lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 18 septembre 2023 3 804
17 avril 2015 à 13:38

Je suis au travail je te réponds ce soir

Réponse 10 / 14

lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 18 septembre 2023 3 804
17 avril 2015 à 18:49

ZHPCleaner

Désactiver l'Anti-virus

Ton moteur de recherche va se fermer il faudra le réouvrir pour poster les rapports

téléchargement : https://nicolascoolman.eu

- Cet outil ne nécessite aucune installation, il est très rapide car basé sur l'éxécution de scripts.
- Clique droit sur le dossier téléchargé

- Clique sur Scanner :

- Savoir que tous les navigateurs ou onglets ouvert seront fermés et qu'il faudra les remettre

- En cas de présence d'un proxy, un message apparaît avec la question suivante
- Avez-vous installé ce proxy ? suivi de l'adresse IP du proxy
- Si vous n'avez pas installé de Proxy, cliquer sur "NON" pour accepter la réparation du proxy.

- En cas de présence d'un serveur inconnu, un message peut apparaître avec la question suivante
- Avez-vous installé ce serveur ? suivi du nom du serveur
- Si vous n'avez pas installé de serveur,, cliquer sur "NON" pour accepter la réparation

- Fournir le rapport

lotus88
17 avril 2015 à 18:59

Bonsoir, j'ai un problème, je ne sais pas désactiver mon anti virus ? Je ne vois rien qui indique la possibilité de le désactiver

lotus88
17 avril 2015 à 19:29

Voici le rapport :

ZHPCleaner v2015.4.17.171 by Nicolas Coolman (17/04/2015)
~ Run by Dominique (Administrator) (17/04/2015 19:10:00)
~ Forum : http://forum.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Scanner
~ Report : C:\Users\Dominique\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Dominique\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 7, 64-bit Service Pack 1 (Build 7601)

---\\ Service. (4)
[S] TROUVÉ : KMService (Hijacker.Office)
[S] TROUVÉ : PCSUUCDRV (PUP.PCSpeedUp)

---\\ Navigateur internet. (3)
TROUVÉ Chrome: aaigemenfdchjldbnoeklodikdljomnf [Interest Recognizer for Pixeasy] (Adware.SPointer)
TROUVÉ Proxy: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyHttp1.1 ( 1 )
TROUVÉ fichier: C:\Users\Dominique\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\FIXIO PC Cleaner.lnk [Bad : C:\Program Files\FIXIO PC Utilities\FIXIO PC Cleaner\FIXIO PC Cleaner.exe] (PUP.FixioPCU)

---\\ Fichier hôte. (1)
~ Le fichier hôte est légitime. (21)

---\\ Tâche planifiée. (1)
TROUVÉ tâche: [SpyHunter4Startup] [C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe (Not File) ] (Crapware.SpyHunter)

---\\ Explorateur ( Dossiers, Fichiers ). (31)
TROUVÉ fichier: C:\Users\Dominique\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\FIXIO PC Cleaner.lnk (PUP.FixioPCU)
TROUVÉ fichier: C:\Windows\System32\Tasks\helper_king_notification_service (Adware.CrossRider^)
TROUVÉ fichier: C:\Windows\System32\Tasks\helper_king_updating_service (Adware.CrossRider^)
TROUVÉ fichier: C:\Windows\System32\Tasks\kong_games_notification_service (Adware.CrossRider^)
TROUVÉ fichier: C:\Windows\System32\Tasks\kong_games_updating_service (Adware.CrossRider^)
TROUVÉ fichier: C:\Program Files (x86)\helper king\helper_king_notification_service.exe [FileProperties_CompanyName - FileProperties_FileDescription] (Adware.CrossRider^)
TROUVÉ fichier: C:\Program Files (x86)\kong games\kong_games_notification_service.exe [FileProperties_CompanyName - FileProperties_FileDescription] (Adware.CrossRider^)
TROUVÉ fichier: C:\Windows\Tasks\helper_king_notification_service.job (Adware.CrossRider^)
TROUVÉ fichier: C:\Windows\Tasks\helper_king_updating_service.job (Adware.CrossRider^)
TROUVÉ fichier: C:\Windows\Tasks\kong_games_notification_service.job (Adware.CrossRider^)
TROUVÉ fichier: C:\Windows\Tasks\kong_games_updating_service.job (Adware.CrossRider^)
TROUVÉ dossier: C:\Program Files (x86)\helper king (Adware.CrossRider^)
TROUVÉ dossier: C:\Program Files (x86)\kong games (Adware.CrossRider^)
TROUVÉ fichier: C:\Program Files (x86)\Magentic\Magentic.log (Toolbar.Magentic)
TROUVÉ fichier: C:\Program Files (x86)\Magentic\Setup.log (Toolbar.Magentic)
TROUVÉ dossier: C:\Program Files (x86)\Magentic\bin (Toolbar.Magentic)
TROUVÉ dossier: C:\Program Files (x86)\Magentic\Data (Toolbar.Magentic)
TROUVÉ dossier: C:\Program Files (x86)\Magentic (Toolbar.Magentic)
TROUVÉ dossier: C:\Users\Public\Documents\GOOBZO (PUP.Goobzo)
TROUVÉ dossier: C:\Users\Dominique\Downloads\Driver Mender\Driver Mender (PUP.DriverMender)
TROUVÉ dossier: C:\Users\Dominique\Downloads\Driver Mender (PUP.DriverMender)
TROUVÉ dossier: C:\Users\Dominique\AppData\Local\Magentic\IMSys (Toolbar.Magentic)
TROUVÉ dossier: C:\Users\Dominique\AppData\Local\Magentic\Logs (Toolbar.Magentic)
TROUVÉ dossier: C:\Users\Dominique\AppData\Local\Magentic\Runtime (Toolbar.Magentic)
TROUVÉ dossier: C:\Users\Dominique\AppData\Local\Magentic (Toolbar.Magentic)
TROUVÉ fichier: C:\Windows\Installer\164c2f.msi [Aedge Performance BCN SL - InstallShield® 2011 - Professional Edition 17](Rogue.PCSpeedUp)
TROUVÉ fichier: C:\Windows\Installer\186946f.msi [Ask.com - InstallShield® 2010 - Premier Edition 16](Toolbar.Ask)
TROUVÉ fichier: C:\Windows\Installer\aa058c.msi [Secure Digital Services - InstallShield® 2010 - Professional Edition 16](Adware.SPointer)
TROUVÉ fichier: C:\Users\DOMINI~1\AppData\Local\Temp\is-HHHUT.tmp\pm-standalone-setup.exe [Uniblue Systems Limited - PC Mechanic Setup](PUP.UniblueSystem)
TROUVÉ dossier: C:\Program Files (x86)\Software (Adware.Boxore)
TROUVÉ dossier: C:\Users\Dominique\AppData\Local\Software (Adware.Boxore)

---\\ Base de Registres ( Clés, Valeurs, Données ). (92)
TROUVÉ valeur: [X64] HKLM\SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions\\HKLM64\SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions\\***@*** [C:\Program Files (x86)\PixEasy\spointer\extensions\***@***] (Adware.SPointer)
TROUVÉ: HKCU\SOFTWARE\Google\Chrome\Extensions\aaigemenfdchjldbnoeklodikdljomnf (Adware.SPointer)
TROUVÉ: [X64] HKLM\SOFTWARE\Google\Chrome\Extensions\aaigemenfdchjldbnoeklodikdljomnf (Adware.SPointer)
TROUVÉ: [X64] HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaigemenfdchjldbnoeklodikdljomnf (Adware.SPointer)
TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b9b311cd-e430-43c9-b579-07eb818ce7be} [Interest recogniser for Pixeasy (powered by Spointer)] (Adware.SPointer)
TROUVÉ clé: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{b9b311cd-e430-43c9-b579-07eb818ce7be} [] (Adware.SPointer)
TROUVÉ clé: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{b9b311cd-e430-43c9-b579-07eb818ce7be} [] (Adware.SPointer)
TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{b9b311cd-e430-43c9-b579-07eb818ce7be} [Interest recogniser for Pixeasy (powered by Spointer)] (Adware.SPointer)
TROUVÉ clé: HKLM\SYSTEM\CurrentControlSet\Services\KMService [] (Hijacker.Office)
TROUVÉ clé: [X64] HKLM\SYSTEM\CurrentControlSet\Services\esgiguard [C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys (Not File)] (Crapware.SpyHunter)
TROUVÉ clé: [X64] HKLM\SYSTEM\CurrentControlSet\Services\PCSUUCDRV [ (Not File)] (PUP.PCSpeedUp)
TROUVÉ valeur: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\HKLM64\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\NokiaMusic FastStart ["C:\Program Files (x86)\Nokia\Nokia Music Player\NokiaMusicPlayer.exe" /command:faststart] (PUP.FastStart)
TROUVÉ clé: HKCU\Software\helperking [] (Adware.CrossRider^)
TROUVÉ clé: HKCU\Software\konggames [] (Adware.CrossRider^)
TROUVÉ clé: HKCU\Software\helper king [] (Adware.CrossRider^)
TROUVÉ clé: HKCU\Software\kong games [] (Adware.CrossRider^)
TROUVÉ donnée: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\\Application [Bad : http://www.fileextensionpro.com/redir.aspx?s=limyc1_0_0_0_0,f879543c-82de-4d39-b52a-c992cac3a420,&LangID=%04x&Ext=%s] (Hijacker.Association)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{110B7B64-F3CD-4CC4-87C5-B66F918ED7} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1157BD04-21FE-4BFD-9888-4223AC21E3C} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{279AE481-24BB-41FB-AE82-E77F1AFABDC} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2DB0CC76-68E4-4803-ADC8-5711BBFA263} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4C263A16-596-42EF-B7BA-62CDB6B41975} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4DB9EC43-E49-4686-B332-AC62A65E395C} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{548B7525-5268-4460-93FA-C8BCE597F96D} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5507F348-9EAF-4803-85A2-9199DBEB7C57} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{583726AC-BEE5-4D53-B1B1-528A4CF69254} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{58F3EFFB-3103-4D97-9DDF-11530CD3DE7} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5991AEBD-6831-4455-824C-E11EDDAAFAE4} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5A6A3CDF-53AF-4FC0-B03C-342616F25EAF} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61263091-C56A-43EB-B5D4-FF4932795311} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{63048372-E019-4FF3-B558-20EEE82FDF24} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{630D7042-D709-4D41-9EBF-D1AE7D64AB89} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C9DE13F-5B2B-4FF9-9D5A-C8F8427A2A1} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6CB3031-8D7E-41A4-B4A0-8B4ABD4CEA76} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6D927460-F86D-468C-8B15-1859D3154E9E} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70A1174D-7103-487E-BADD-5B3CE0CAE01C} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{736B1BD6-E279-4C09-88AA-3357F67982F} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C6D43A-C05A-4F08-86DA-D07CB92EEBE6} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{77C7940F-834A-4AAE-AAB6-93A42DFF5023} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7CAF3F11-F02D-4967-B04-2845F5A946} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8534F879-FB61-4F8C-8B65-1F3C8784A1EB} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89EB9B3B-96BB-4B67-90BF-AE7B92BDDB9E} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D1BE9EC-CA38-4A0D-B579-724F326CC695} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8EA61EA0-7CEC-4C35-812E-80242EEA3C1} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8F5B724-6BBE-4197-8490-19E610827866} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95212061-D457-4F01-ADCA-8CEF3313457} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A3696ECB-6256-4475-84B9-91A6F4948634} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} [C:\Program Files (x86)\Ask.com\ (Not File)] (Toolbar.Ask)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B49729B9-74A8-403D-B52D-61746E7B63A} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B60D1B1-233D-44DD-82D-BBC3382B1A9} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BB9DC668-B919-43C8-AF4E-F6ABBCD9F2C} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BE07597B-A059-4C8A-881F-22ABD2E9058} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2C2BE87-B459-4CBD-BE62-9552748FBB5A} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7B3B165-11CA-4DF1-BD0-671D34094B0} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CBC10FD3-CD72-4665-BFCE-811CEED5302} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DCE77776-8911-47BD-BB47-F72656BFA73} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F4CE4AED-64B4-4958-8C3A-27B0E96280CC} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FDB3A168-D8FF-4C85-AF88-DE1E973B105F} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\TypeLib\{0D692EBA-C5C8-4357-B4E2-81C323FB0C6F} [SpointerWindowlessCtrl 1.0 Type Library] (Adware.SPointer)
TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\TypeLib\{101F66B6-C4B3-43AF-A9B5-466598130905} [SpointerControl 1.0 Type Library] (Adware.SPointer)
TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\Pixeasy.Spointer [] (Adware.SPointer)
TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\Pixeasy.Spointer.1 [] (Adware.SPointer)
TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\Pixeasy.SpointerCtrl [] (Adware.SPointer)
TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\Pixeasy.SpointerCtrl.1 [] (Adware.SPointer)
TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\Pixeasy.SpointerWebDisp [] (Adware.SPointer)
TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\Pixeasy.SpointerWebDisp.1 [] (Adware.SPointer)
TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A} [IESmartBar.MSG] (Hijacker.SmartBar)
TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6} [IESmartBar.BandObjectStyle] (Hijacker.SmartBar)
TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E} [IESmartBar.POINT] (Hijacker.SmartBar)
TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95} [IESmartBar.DBIM] (Hijacker.SmartBar)
TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24} [IESmartBar.DESKBANDINFO] (Hijacker.SmartBar)
TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9} [IESmartBar.DBIMF] (Hijacker.SmartBar)
TROUVÉ clé: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Driver Mender [] (PUP.DriverMender)
TROUVÉ clé: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WebCakeUpdaterService [] (PUP.WebCake)
TROUVÉ clé: [X64] HKLM\SOFTWARE\EnigmaSoftwareGroup [] (PUP.EnigmaSoftware)
TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{54fb367f-f2c8-4a81-88fe-3bc8703dd859} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83a29689-1526-430c-b4c6-f4412bbc6793} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98bdc3c2-1e10-492c-bacb-e150cbdde114} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f4615f1b-e39e-493d-bae4-cfa70a3fefec} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DuuquUpdate.exe [] (PUP.FrameFox)
TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3942148593-4059427388-1367756217-1001\Products\B2207CB30EDC4664A96B3ECE52EC46A4 [Yahoo Community Smartbar] (PUP.QuickShare)
TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\TypeLib\{0D692EBA-C5C8-4357-B4E2-81C323FB0C6F} [SpointerWindowlessCtrl 1.0 Type Library] (Adware.SPointer)
TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\TypeLib\{101F66B6-C4B3-43AF-A9B5-466598130905} [SpointerControl 1.0 Type Library] (Adware.SPointer)
TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{520C2939-555B-40BF-A91B-8B671AB560EB} [Aedge Performance BCN SL] (Rogue.PCSpeedUp)
TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8F2DCD5C-275B-405E-8086-BFB1B3CE02FE} [Secure Digital Services] (Adware.SPointer)
TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{54fb367f-f2c8-4a81-88fe-3bc8703dd859} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83a29689-1526-430c-b4c6-f4412bbc6793} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98bdc3c2-1e10-492c-bacb-e150cbdde114} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ac98424b-4b54-4a82-84e7-cc23fb2b1f03} [C:\Program Files (x86)\PixEasy\spointer (Not File)] (Adware.SPointer)
TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f4615f1b-e39e-493d-bae4-cfa70a3fefec} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)

---\\ Bilan de la réparation
~ Aucune réparation effectuée.
~ Ce navigateur est absent (Mozilla Firefox)
~ Ce navigateur est absent (Opera Software)

---\\ Statistiques
~ Items scannés : 75830
~ Items trouvés : 132
~ Items réparés : 0

End of clean at 19:20:31
===================
ZHPCleaner-[S]-17042015-19_20_31.txt

Est ce que les 132 Items trouvés sont des malwares ?

Réponse 11 / 14

lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 18 septembre 2023 3 804
17 avril 2015 à 19:44

Pas tous :)

Y a un faux positif concernant Nokia

Ne fais pas nettoyer pour l'instant

lotus88
18 avril 2015 à 12:35

Bonjour, finalement n'ayant pas eu ta réponse pour le nettoyage, ce matin j'ai renouvelé l'opération et j'ai nettoyer cela a parfaitement fonctionner et mon ordinateur est comme neuf, je n'ai plus le message intempestif en bas à droite, mon ordinateur répond au quart de tour. Merci beaucoup pour ton aide.

Réponse 12 / 14

lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 18 septembre 2023 3 804
18 avril 2015 à 12:39

Super

Tu peux me poster le rapport

lotus88
18 avril 2015 à 12:49

Voici le rapport :

ZHPCleaner v2015.4.17.171 by Nicolas Coolman (18/04/2015)
~ Run by Dominique (Administrator) (18/04/2015 10:43:13)
~ Forum : http://forum.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version KO
~ Type : Netttoyer
~ Report : C:\Users\Dominique\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Dominique\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 7, 64-bit Service Pack 1 (Build 7601)

---\\ Service. (3)

SUPPRIMÉ : esgiguard (Crapware.SpyHunter)
SUPPRIMÉ : PCSUUCDRV (PUP.PCSpeedUp)

---\\ Navigateur internet. (3)
SUPPRIMÉ Chrome: aaigemenfdchjldbnoeklodikdljomnf [Interest Recognizer for Pixeasy] (Adware.SPointer)
REMPLACÉ Proxy: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyHttp1.1 ( 1 )
DEPLACÉ fichier: C:\Users\Dominique\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\FIXIO PC Cleaner.lnk [Bad : C:\Program Files\FIXIO PC Utilities\FIXIO PC Cleaner\FIXIO PC Cleaner.exe] (PUP.FixioPCU)

---\\ Fichier hôte. (1)
~ Le fichier hôte est légitime. (21)

---\\ Tâche planifiée. (1)
SUPPRIMÉ tâche: [SpyHunter4Startup] [C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe (Not File) ] (Crapware.SpyHunter)

---\\ Explorateur ( Dossiers, Fichiers ). (22)
DEPLACÉ fichier: C:\Windows\System32\Tasks\helper_king_notification_service (Adware.CrossRider^)
DEPLACÉ fichier: C:\Program Files (x86)\helper king\helper_king_notification_service.exe [FileProperties_CompanyName - FileProperties_FileDescription] (Adware.CrossRider^)
DEPLACÉ fichier: C:\Windows\Tasks\helper_king_notification_service.job (Adware.CrossRider^)
DEPLACÉ fichier: C:\Windows\System32\Tasks\helper_king_updating_service (Adware.CrossRider^)
DEPLACÉ fichier: C:\Windows\Tasks\helper_king_updating_service.job (Adware.CrossRider^)
DEPLACÉ fichier: C:\Windows\System32\Tasks\kong_games_notification_service (Adware.CrossRider^)
DEPLACÉ fichier: C:\Program Files (x86)\kong games\kong_games_notification_service.exe [FileProperties_CompanyName - FileProperties_FileDescription] (Adware.CrossRider^)
DEPLACÉ fichier: C:\Windows\Tasks\kong_games_notification_service.job (Adware.CrossRider^)
DEPLACÉ fichier: C:\Windows\System32\Tasks\kong_games_updating_service (Adware.CrossRider^)
DEPLACÉ fichier: C:\Windows\Tasks\kong_games_updating_service.job (Adware.CrossRider^)
DEPLACÉ fichier: C:\Windows\Installer\164c2f.msi [Aedge Performance BCN SL - InstallShield® 2011 - Professional Edition 17] (Rogue.PCSpeedUp)
DEPLACÉ fichier: C:\Windows\Installer\186946f.msi [Ask.com - InstallShield® 2010 - Premier Edition 16] (Toolbar.Ask)
DEPLACÉ fichier: C:\Windows\Installer\aa058c.msi [Secure Digital Services - InstallShield® 2010 - Professional Edition 16] (Adware.SPointer)
DEPLACÉ fichier: C:\Users\DOMINI~1\AppData\Local\Temp\is-HHHUT.tmp\pm-standalone-setup.exe [Uniblue Systems Limited - PC Mechanic Setup] (PUP.UniblueSystem)
DEPLACÉ dossier: C:\Program Files (x86)\helper king (Adware.CrossRider^)
DEPLACÉ dossier: C:\Program Files (x86)\kong games (Adware.CrossRider^)
DEPLACÉ dossier: C:\Program Files (x86)\Magentic (Toolbar.Magentic)
DEPLACÉ dossier: C:\Users\Public\Documents\GOOBZO (PUP.Goobzo)
DEPLACÉ dossier: C:\Users\Dominique\Downloads\Driver Mender (PUP.DriverMender)
DEPLACÉ dossier: C:\Users\Dominique\AppData\Local\Magentic (Toolbar.Magentic)
DEPLACÉ dossier: C:\Program Files (x86)\Software (Adware.Boxore)
DEPLACÉ dossier: C:\Users\Dominique\AppData\Local\Software (Adware.Boxore)

---\\ Base de Registres ( Clés, Valeurs, Données ). (90)
SUPPRIMÉ: [X64] HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaigemenfdchjldbnoeklodikdljomnf (Adware.SPointer)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b9b311cd-e430-43c9-b579-07eb818ce7be} [Interest recogniser for Pixeasy (powered by Spointer)] (Adware.SPointer)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\TypeLib\{0D692EBA-C5C8-4357-B4E2-81C323FB0C6F} [SpointerWindowlessCtrl 1.0 Type Library] (Adware.SPointer)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\TypeLib\{101F66B6-C4B3-43AF-A9B5-466598130905} [SpointerControl 1.0 Type Library] (Adware.SPointer)
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b9b311cd-e430-43c9-b579-07eb818ce7be} [Interest recogniser for Pixeasy (powered by Spointer)] (Adware.SPointer)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{b9b311cd-e430-43c9-b579-07eb818ce7be} [] (Adware.SPointer)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{b9b311cd-e430-43c9-b579-07eb818ce7be} [] (Adware.SPointer)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{b9b311cd-e430-43c9-b579-07eb818ce7be} [Interest recogniser for Pixeasy (powered by Spointer)] (Adware.SPointer)
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\KMService [] (Hijacker.Office)
SUPPRIMÉ clé*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\esgiguard [C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys (Not File)] (Crapware.SpyHunter)
SUPPRIMÉ clé*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\PCSUUCDRV [] (PUP.PCSpeedUp)
SUPPRIMÉ clé*: HKCU\Software\helperking [] (Adware.CrossRider^)
SUPPRIMÉ clé*: HKCU\Software\helper king [] (Adware.CrossRider^)
SUPPRIMÉ clé*: HKCU\Software\konggames [] (Adware.CrossRider^)
SUPPRIMÉ clé*: HKCU\Software\kong games [] (Adware.CrossRider^)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{110B7B64-F3CD-4CC4-87C5-B66F918ED7} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1157BD04-21FE-4BFD-9888-4223AC21E3C} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{279AE481-24BB-41FB-AE82-E77F1AFABDC} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2DB0CC76-68E4-4803-ADC8-5711BBFA263} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4C263A16-596-42EF-B7BA-62CDB6B41975} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4DB9EC43-E49-4686-B332-AC62A65E395C} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{548B7525-5268-4460-93FA-C8BCE597F96D} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5507F348-9EAF-4803-85A2-9199DBEB7C57} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{583726AC-BEE5-4D53-B1B1-528A4CF69254} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{58F3EFFB-3103-4D97-9DDF-11530CD3DE7} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5991AEBD-6831-4455-824C-E11EDDAAFAE4} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5A6A3CDF-53AF-4FC0-B03C-342616F25EAF} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61263091-C56A-43EB-B5D4-FF4932795311} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{63048372-E019-4FF3-B558-20EEE82FDF24} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{630D7042-D709-4D41-9EBF-D1AE7D64AB89} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C9DE13F-5B2B-4FF9-9D5A-C8F8427A2A1} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6CB3031-8D7E-41A4-B4A0-8B4ABD4CEA76} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6D927460-F86D-468C-8B15-1859D3154E9E} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70A1174D-7103-487E-BADD-5B3CE0CAE01C} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{736B1BD6-E279-4C09-88AA-3357F67982F} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C6D43A-C05A-4F08-86DA-D07CB92EEBE6} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{77C7940F-834A-4AAE-AAB6-93A42DFF5023} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7CAF3F11-F02D-4967-B04-2845F5A946} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8534F879-FB61-4F8C-8B65-1F3C8784A1EB} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89EB9B3B-96BB-4B67-90BF-AE7B92BDDB9E} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D1BE9EC-CA38-4A0D-B579-724F326CC695} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8EA61EA0-7CEC-4C35-812E-80242EEA3C1} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8F5B724-6BBE-4197-8490-19E610827866} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95212061-D457-4F01-ADCA-8CEF3313457} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A3696ECB-6256-4475-84B9-91A6F4948634} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} [C:\Program Files (x86)\Ask.com\ (Not File)] (Toolbar.Ask)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B49729B9-74A8-403D-B52D-61746E7B63A} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B60D1B1-233D-44DD-82D-BBC3382B1A9} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BB9DC668-B919-43C8-AF4E-F6ABBCD9F2C} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BE07597B-A059-4C8A-881F-22ABD2E9058} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2C2BE87-B459-4CBD-BE62-9552748FBB5A} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7B3B165-11CA-4DF1-BD0-671D34094B0} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CBC10FD3-CD72-4665-BFCE-811CEED5302} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DCE77776-8911-47BD-BB47-F72656BFA73} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F4CE4AED-64B4-4958-8C3A-27B0E96280CC} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FDB3A168-D8FF-4C85-AF88-DE1E973B105F} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Classes\TypeLib\{0D692EBA-C5C8-4357-B4E2-81C323FB0C6F} [SpointerWindowlessCtrl 1.0 Type Library] (Adware.SPointer)
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Classes\TypeLib\{101F66B6-C4B3-43AF-A9B5-466598130905} [SpointerControl 1.0 Type Library] (Adware.SPointer)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Pixeasy.Spointer [] (Adware.SPointer)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Pixeasy.Spointer.1 [] (Adware.SPointer)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Pixeasy.SpointerCtrl [] (Adware.SPointer)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Pixeasy.SpointerCtrl.1 [] (Adware.SPointer)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Pixeasy.SpointerWebDisp [] (Adware.SPointer)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Pixeasy.SpointerWebDisp.1 [] (Adware.SPointer)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A} [IESmartBar.MSG] (Hijacker.SmartBar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6} [IESmartBar.BandObjectStyle] (Hijacker.SmartBar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E} [IESmartBar.POINT] (Hijacker.SmartBar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95} [IESmartBar.DBIM] (Hijacker.SmartBar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24} [IESmartBar.DESKBANDINFO] (Hijacker.SmartBar)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9} [IESmartBar.DBIMF] (Hijacker.SmartBar)
SUPPRIMÉ clé*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Driver Mender [] (PUP.DriverMender)
SUPPRIMÉ clé*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WebCakeUpdaterService [] (PUP.WebCake)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\EnigmaSoftwareGroup [] (PUP.EnigmaSoftware)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{54fb367f-f2c8-4a81-88fe-3bc8703dd859} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83a29689-1526-430c-b4c6-f4412bbc6793} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98bdc3c2-1e10-492c-bacb-e150cbdde114} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f4615f1b-e39e-493d-bae4-cfa70a3fefec} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DuuquUpdate.exe [] (PUP.FrameFox)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3942148593-4059427388-1367756217-1001\Products\B2207CB30EDC4664A96B3ECE52EC46A4 [Yahoo Community Smartbar] (PUP.QuickShare)
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\TypeLib\{0D692EBA-C5C8-4357-B4E2-81C323FB0C6F} [SpointerWindowlessCtrl 1.0 Type Library] (Adware.SPointer)
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\TypeLib\{101F66B6-C4B3-43AF-A9B5-466598130905} [SpointerControl 1.0 Type Library] (Adware.SPointer)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{520C2939-555B-40BF-A91B-8B671AB560EB} [Aedge Performance BCN SL] (Rogue.PCSpeedUp)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8F2DCD5C-275B-405E-8086-BFB1B3CE02FE} [Secure Digital Services] (Adware.SPointer)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{54fb367f-f2c8-4a81-88fe-3bc8703dd859} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83a29689-1526-430c-b4c6-f4412bbc6793} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98bdc3c2-1e10-492c-bacb-e150cbdde114} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ac98424b-4b54-4a82-84e7-cc23fb2b1f03} [C:\Program Files (x86)\PixEasy\spointer (Not File)] (Adware.SPointer)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f4615f1b-e39e-493d-bae4-cfa70a3fefec} [C:\Program Files (x86)\Object Browser (Not File)] (PUP.ObjectBrowser)
SUPPRIMÉ valeur: [X64] HKLM\SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions\\***@*** [C:\Program Files (x86)\PixEasy\spointer\extensions\***@***] (Adware.SPointer)
SUPPRIMÉ valeur: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\NokiaMusic FastStart ["C:\Program Files (x86)\Nokia\Nokia Music Player\NokiaMusicPlayer.exe" /command:faststart] (PUP.FastStart)

---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
~ Ce navigateur est absent (Mozilla Firefox)
~ Ce navigateur est absent (Opera Software)
~ Le système a été redémarré.

---\\ Statistiques
~ Items scannés : 696
~ Items trouvés : 0
~ Items réparés : 119

End of clean at 10:43:37
===================
ZHPCleaner-[R]-18042015-10_43_37.txt
ZHPCleaner-[S]-17042015-19_20_31.txt
ZHPCleaner-[S]-18042015-10_41_20.txt

Encore un grand merci.

Réponse 13 / 14

lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 18 septembre 2023 3 804
18 avril 2015 à 12:52

:)

refais quand même frst

lotus88
18 avril 2015 à 13:03

C'est fait voici le rapport, tout est en anglais et je ne comprend rien à cette langue, il a t-il encore des mauvais items ?

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-04-2015 01
Ran by Dominique (administrator) on DOMINIQUE-PC on 18-04-2015 12:55:08
Running from C:\Users\Dominique\Logiciels
Loaded Profiles: Dominique (Available profiles: Dominique & UpdatusUser & Invité)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Français (France)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Acer Incorporated) C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe
(Acer) C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP ENVY 5530 series\Bin\ScanToPCActivationApp.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 12\Snagit32.exe
(Syntek Ltd.) C:\Windows\STK02N\STK02NM.exe
() C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 12\SnagPriv.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Nokia) C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 12\TscHelp.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_14_0_0_125_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP ENVY 5530 series\Bin\HPNetworkCommunicatorCom.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7981088 2009-07-20] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-08-12] (Logitech Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3942148593-4059427388-1367756217-1001\...\Run: [IncrediMail] => C:\Program Files (x86)\IncrediMail\bin\IncMail.exe [444840 2014-06-17] (IncrediMail, Ltd.)
HKU\S-1-5-21-3942148593-4059427388-1367756217-1001\...\Run: [Facebook Update] => C:\Users\Dominique\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-11-13] (Facebook Inc.)
HKU\S-1-5-21-3942148593-4059427388-1367756217-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe [761064 2014-12-03] (Adobe Systems Incorporated)
HKU\S-1-5-21-3942148593-4059427388-1367756217-1001\...\Run: [] => [X]
HKU\S-1-5-21-3942148593-4059427388-1367756217-1001\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-10-02] (Nokia)
HKU\S-1-5-21-3942148593-4059427388-1367756217-1001\...\Run: [HP ENVY 5530 series (NET)] => C:\Program Files\HP\HP ENVY 5530 series\Bin\ScanToPCActivationApp.exe [3487240 2014-03-06] (Hewlett-Packard Co.)
HKU\S-1-5-21-3942148593-4059427388-1367756217-1001\...\RunOnce: [Adobe Speed Launcher] => 1429346918
HKU\S-1-5-21-3942148593-4059427388-1367756217-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 12.lnk
ShortcutTarget: Snagit 12.lnk -> C:\Program Files (x86)\TechSmith\Snagit 12\Snagit32.exe (TechSmith Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\STK02N 2.3 PNP Monitor.lnk
ShortcutTarget: STK02N 2.3 PNP Monitor.lnk -> C:\Windows\STK02N\STK02NM.exe (Syntek Ltd.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3942148593-4059427388-1367756217-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-10-26] (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-25] (Oracle Corporation)
BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-3942148593-4059427388-1367756217-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://qtinstall.apple.com/qtactivex/qtplugin.cab
DPF: HKLM-x32 {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab
DPF: HKLM-x32 {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://game.zylom.com/activex/zylomgamesplayer.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin64.dll [2013-12-04] (Skype)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-11-08] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-10-02] ( )
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll [2012-05-31] (Oberon-Media )
FF Plugin-x32: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dll [2013-12-04] (Skype)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @zylom.com/ZylomGamesPlayer -> C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll [2009-10-23] (Zylom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3942148593-4059427388-1367756217-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Dominique\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-11-20]

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Profile: C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (amigcgbheognjmfkaieeeadojiibgbdp) - C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\amigcgbheognjmfkaieeeadojiibgbdp [2015-04-14]
CHR Extension: (YouTube) - C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-18]
CHR Extension: (cfnpidifppmenkapgihekkeednfoenal) - C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfnpidifppmenkapgihekkeednfoenal [2015-04-06]
CHR Extension: (Google Search) - C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-18]
CHR Extension: (No Name) - C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgmpjohfgidbnmmihaholohmeccijgog [2015-04-16]
CHR Extension: (kong games) - C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlabcihlajghaekmikmkncdhekcaaenl [2015-04-02]
CHR Extension: (dlahcjmefibiedeecoegjilekaebchhl) - C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlahcjmefibiedeecoegjilekaebchhl [2015-04-09]
CHR Extension: (eekjldapjblgadclklmgolijbagmdnfk) - C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\eekjldapjblgadclklmgolijbagmdnfk [2015-04-02]
CHR Extension: (ejmgiaknfepbhamafcfdhhfoidnoidge) - C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejmgiaknfepbhamafcfdhhfoidnoidge [2015-04-01]
CHR Extension: (kmokinipfahjbfaicnjnmlobmbfiedmp) - C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmokinipfahjbfaicnjnmlobmbfiedmp [2015-04-07]
CHR Extension: (helper king) - C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\lalfbopdcggfdchjfgkhgnifhippfnco [2015-04-01]
CHR Extension: (Skype Click to Call) - C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-04-03]
CHR Extension: (Google Wallet) - C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-04]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2015-04-03]
CHR Extension: (No Name) - C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohodmcahedcphoipgooelhjcfahodhcj [2015-04-16]
CHR Extension: (Gmail) - C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-18]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-01-17]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-10-26]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [625184 2009-04-19] ()
R2 Greg_Service; C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe [1150496 2009-06-04] (Acer Incorporated)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [207904 2009-04-19] ()
R2 Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [240160 2009-07-04] (Acer)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [148792 2013-09-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [241464 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192824 2013-09-02] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-08] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
S3 DCamUSBSTK02N; C:\Windows\System32\DRIVERS\STK02NW2.sys [106496 2007-03-12] (Syntek Ltd.)
S3 DCamUSBSTK02N; C:\Windows\SysWOW64\DRIVERS\STK02NW2.sys [101520 2007-03-12] (Syntek Ltd.)
S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-18 10:29 - 2015-04-18 10:51 - 01794048 _____ () C:\Users\Dominique\ZHPCleaner.exe
2015-04-17 19:08 - 2015-04-18 10:51 - 00000693 _____ () C:\Users\Dominique\Desktop\ZHPCleaner.lnk
2015-04-17 19:08 - 2015-04-18 10:43 - 00000000 ____D () C:\Users\Dominique\AppData\Roaming\ZHP
2015-04-16 19:40 - 2015-04-18 12:55 - 00000000 ____D () C:\FRST
2015-04-16 18:13 - 2015-04-16 18:13 - 00000354 _____ () C:\Windows\PFRO.log
2015-04-16 14:18 - 2015-04-16 16:47 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-16 14:17 - 2015-04-16 16:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-16 14:17 - 2015-04-16 16:32 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-16 14:17 - 2015-04-16 14:17 - 00001158 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-16 14:17 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-16 14:17 - 2015-03-17 06:15 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-16 14:17 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-16 13:29 - 2015-04-18 12:55 - 00000000 ____D () C:\Users\Dominique\Logiciels
2015-04-16 10:34 - 2015-04-18 10:45 - 00000336 _____ () C:\Windows\setupact.log
2015-04-16 10:34 - 2015-04-16 10:34 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-15 10:31 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 10:31 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 10:31 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 10:31 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 10:31 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 10:31 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 10:31 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 10:31 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 10:31 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 10:31 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 10:31 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 10:31 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 10:31 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 10:31 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 10:31 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 10:31 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 10:31 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 10:31 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 10:31 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 10:31 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 10:31 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 10:31 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 10:31 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 10:31 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 10:31 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 10:31 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 10:30 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 10:30 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 10:30 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 10:30 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 10:30 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-15 10:30 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 10:30 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 10:30 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 10:30 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-15 10:30 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 10:30 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 10:30 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-15 10:30 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 10:30 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 10:30 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 10:30 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 10:30 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-15 10:30 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 10:30 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 10:30 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 10:30 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 10:30 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 10:30 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 10:30 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 10:30 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 10:30 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 10:30 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-15 10:30 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-15 10:30 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 10:30 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 10:30 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 10:30 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 10:30 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 10:30 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 10:30 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-15 10:30 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-15 10:30 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 10:30 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-15 10:30 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-15 10:30 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-15 10:30 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-15 10:30 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-15 10:30 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-15 10:30 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-15 10:30 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-15 10:30 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-15 10:30 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-15 10:30 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-15 10:30 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-15 10:30 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-15 10:30 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-15 10:30 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-15 10:30 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-15 10:30 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-15 10:30 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-15 10:30 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-15 10:30 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-15 10:30 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-15 10:30 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-15 10:30 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 10:30 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 10:30 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 10:30 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 10:30 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 10:30 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 10:29 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 10:29 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-15 10:29 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 10:29 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 10:29 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 10:29 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 10:29 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 10:29 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 10:29 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 10:29 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 10:29 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 10:29 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-15 10:29 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 10:29 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-15 10:29 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-15 10:29 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-15 10:29 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 10:29 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 10:29 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-15 10:29 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-15 10:29 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-15 10:29 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-15 10:29 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-15 10:29 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 10:29 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 10:29 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-15 10:29 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 10:29 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-15 10:29 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-15 10:29 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-15 10:29 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 10:29 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-15 10:29 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 10:29 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 10:29 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 10:29 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 10:29 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 10:29 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 10:28 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 10:28 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 10:28 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 10:28 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 10:28 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 10:28 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 10:28 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 10:28 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 10:28 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 10:28 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 10:28 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 10:28 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-15 10:28 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 10:28 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 10:28 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 10:28 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 10:28 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-15 10:28 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 10:28 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 10:28 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-15 10:28 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 10:25 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 10:25 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 10:24 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-04 21:06 - 2015-04-16 16:32 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-04 21:06 - 2015-04-16 16:32 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-01 19:57 - 2015-04-18 10:03 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-03-22 19:49 - 2015-03-22 19:49 - 00000000 ____D () C:\ProgramData\Visan
2015-03-22 19:49 - 2015-03-22 19:49 - 00000000 ____D () C:\ProgramData\HP Photo Creations
2015-03-22 19:49 - 2015-03-22 19:49 - 00000000 ____D () C:\Program Files (x86)\HP Photo Creations
2015-03-22 19:48 - 2015-04-06 10:12 - 00000000 ____D () C:\Users\Dominique\AppData\Roaming\HpUpdate
2015-03-22 19:48 - 2015-03-22 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-03-22 19:48 - 2015-03-22 19:48 - 00003632 _____ () C:\Windows\System32\Tasks\HPCustParticipation HP ENVY 5530 series
2015-03-22 19:48 - 2015-03-22 19:48 - 00002228 _____ () C:\Users\Public\Desktop\HP ENVY 5530 series.lnk
2015-03-22 19:48 - 2014-03-06 13:51 - 00763912 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPMC311.dll
2015-03-22 19:47 - 2015-03-22 19:48 - 00000000 ____D () C:\Program Files (x86)\HP
2015-03-22 19:47 - 2015-03-22 19:47 - 00000000 ____D () C:\ProgramData\HP
2015-03-22 19:47 - 2015-03-22 19:47 - 00000000 ____D () C:\Program Files\HP
2015-03-22 19:44 - 2015-03-22 19:44 - 00000057 _____ () C:\ProgramData\Ament.ini
2015-03-22 19:42 - 2015-03-22 19:49 - 00000000 ____D () C:\Users\Dominique\AppData\Local\HP

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-18 12:29 - 2014-06-28 15:58 - 00001002 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-18 12:28 - 2010-08-11 19:04 - 00003968 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{BE08FC52-F6D9-47D6-AACC-B4C4E0B17FB4}
2015-04-18 12:02 - 2010-08-11 14:02 - 00001070 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-18 11:38 - 2012-03-03 17:44 - 00000944 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3942148593-4059427388-1367756217-1001UA.job
2015-04-18 11:38 - 2012-03-03 17:44 - 00000922 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3942148593-4059427388-1367756217-1001Core.job
2015-04-18 10:54 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-18 10:54 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-18 10:51 - 2010-08-11 13:42 - 00000000 ____D () C:\Users\Dominique
2015-04-18 10:49 - 2010-08-11 13:33 - 01399847 _____ () C:\Windows\WindowsUpdate.log
2015-04-18 10:45 - 2010-08-11 14:02 - 00001066 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-18 10:45 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-17 20:52 - 2010-08-12 14:12 - 00000000 ____D () C:\Users\Dominique\AppData\Roaming\Skype
2015-04-17 09:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-17 09:36 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-16 19:21 - 2011-05-01 00:36 - 00000000 ____D () C:\Users\Dominique\FILMS
2015-04-16 18:30 - 2013-10-30 21:44 - 00000000 ____D () C:\AdwCleaner
2015-04-16 18:11 - 2014-06-28 12:03 - 00001156 _____ () C:\Users\Dominique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2015-04-16 16:32 - 2015-01-24 10:55 - 00000000 ____D () C:\Users\TEMP
2015-04-16 16:32 - 2014-12-11 11:40 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-16 16:32 - 2014-04-30 21:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-16 16:32 - 2012-01-25 23:38 - 00000000 ____D () C:\Users\Invité
2015-04-16 16:32 - 2011-11-20 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-16 16:32 - 2010-08-12 14:11 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-16 16:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-16 16:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-04-16 16:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2015-04-16 16:29 - 2010-08-11 13:56 - 00000000 ____D () C:\Users\Dominique\AppData\Local\Google
2015-04-16 16:28 - 2010-08-12 14:11 - 00000000 ____D () C:\ProgramData\Skype
2015-04-16 13:11 - 2012-05-09 19:45 - 00044544 ___SH () C:\Users\Dominique\Thumbs.db
2015-04-16 10:20 - 2014-07-03 16:47 - 00000000 ____D () C:\Users\Dominique\AppData\Local\CrashDumps
2015-04-15 21:17 - 2010-08-19 00:18 - 01668326 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-15 21:17 - 2010-08-11 22:59 - 00756094 _____ () C:\Windows\system32\perfh00C.dat
2015-04-15 21:17 - 2010-08-11 22:59 - 00153698 _____ () C:\Windows\system32\perfc00C.dat
2015-04-15 21:17 - 2009-07-14 07:13 - 01668326 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-15 21:14 - 2013-07-26 21:53 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 21:04 - 2010-08-12 16:47 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-22 19:49 - 2010-08-12 12:40 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2015-03-22 19:37 - 2010-08-19 11:51 - 00000000 ____D () C:\Users\Dominique\Courrier

==================== Files in the root of some directories =======

2009-08-25 21:27 - 2008-04-29 15:04 - 0157442 _____ () C:\Program Files (x86)\Common Files\emachines.ico
2010-08-18 23:59 - 2010-08-18 23:59 - 0000000 _____ () C:\Users\Dominique\AppData\Roaming\wklnhst.dat
2010-09-18 17:31 - 2015-02-25 12:43 - 0086016 _____ () C:\Users\Dominique\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-11-01 20:58 - 2010-11-01 20:58 - 0000329 ____H () C:\Users\Dominique\AppData\Local\hpothb07.dat
2010-11-01 20:58 - 2010-11-01 20:58 - 0000000 ____H () C:\Users\Dominique\AppData\Local\hpothb07.tif
2011-09-15 09:31 - 2011-09-15 09:31 - 0004096 ____H () C:\Users\Dominique\AppData\Local\keyfile3.drm
2015-03-22 19:44 - 2015-03-22 19:44 - 0000057 _____ () C:\ProgramData\Ament.ini
2010-08-12 14:15 - 2010-08-12 14:15 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2009-08-25 21:28 - 2009-07-18 03:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe
2010-11-01 11:02 - 2010-11-01 20:58 - 0000270 ____H () C:\ProgramData\hpothb07.dat
2010-11-01 11:02 - 2010-11-01 20:58 - 0000000 ____H () C:\ProgramData\hpothb07.tif
2010-01-13 17:24 - 2011-01-20 16:30 - 0001146 _____ () C:\ProgramData\hpzinstall.log

Files to move or delete:
====================
C:\ProgramData\hpothb07.dat
C:\Users\Dominique\hpothb07.dat
C:\Users\Dominique\ZHPCleaner.exe

Some content of TEMP:
====================
C:\Users\Dominique\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Dominique\AppData\Local\Temp\Quarantine.exe
C:\Users\Dominique\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-04-14 12:19

==================== End Of Log ============================

Réponse 14 / 14

lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 18 septembre 2023 3 804
18 avril 2015 à 13:12

ça m'a l'air bon :)

Si plus de souci

1)Désinstallation des outils de désinfection
Télécharges Delfix ici https://www.commentcamarche.net/telecharger/securite/7111-delfix/

Exécutes le en tant qu'administrateur(si tu es sous xp double clic sur le fichier téléchargé) puis une fois sur l'interface coches les cases suivantes

-supprimer les outils de désinfections
-purger la restauration du système

Cliques ensuite sur Exécuter puis patientes pendant le processus de suppression.

Le rapport sera enregistré dans le presse-papier et sur le disque dur (C:\DelFix.txt).
Poste le rapport

2)N'oublies pas de mettre à jour java adobe reader et flashplayer pour IE (chrome l'intègre déjà)
Un lien utile à lire https://www.commentcamarche.net/faq/13362-mettre-a-jour-son-pc-contre-les-failles-de-securite
N'oublies pas aussi de maintenir Windows à jour via Windows update
https://www.java.com/fr/download/manual.jsp

3)Pour permettre de mettre à jour tes logiciels je te conseille d'utiliser Filehippo update checker

Tu peux le télécharger ici https://www.commentcamarche.net/telecharger/utilitaires/9771-filehippo-app-manager/

Pour l'installation de filehippo décoches seulement mettre l'icône dans la barre de lancement rapide

4)Pour nettoyer les fichiers temporaires (attention pas de nettoyage registre ) tu peux utiliser Ccleaner avec tuto pour bien le configurer (https://www.commentcamarche.net/telecharger/utilitaires/5647-ccleaner/
Lien du téléchargement https://www.commentcamarche.net/telecharger/utilitaires/5647-ccleaner/
Tu peux aussi utiliser le nettoyeur de disque windows
N'oublies pas de défragmenter de temps en temps ton disque dur soit par le biais de l'utilitaire soit par le biais d'un logiciel tiers comme par exemple Deffagler ou auslogic Disk Defrag

Oublies les genres de nettoyeurs comme Tuneup ,Glary et autre nettoyeurs miracles ils ne te feront que ralentir ta machine et nettoyer plus blanc que blanc peut provoquer de graves dysfonctionnements

5)Sécurise tes navigateurs par exemple avec WOT et simple adblock pour Internet explorer
Pour télécharger WOT pour ie c'est par ici https://chrome.google.com/webstore/detail/wot-web-of-trust-website/bhmmomiinigofkjcapegjjndpbikblnp
https://adblockplus.org/
Pour chrome(si tu possèdes Chrome)

Wot disponible ici https://chrome.google.com/webstore/detail/wot-web-of-trust-website/bhmmomiinigofkjcapegjjndpbikblnp?hl=fr

Adblock disponible ici https://www.commentcamarche.net/telecharger/web-internet/2555-adblock-plus-pour-chrome/

Lien du téléchargement pour wot sur firefox
https://addons.mozilla.org/fr/firefox/addon/wot-safe-browsing-tool/

Lien pour télécharger adblock +

https://addons.mozilla.org/fr/firefox/addon/adblock-plus/?src=ss

6)Fais attention à ce que tu télécharges où et comment
Evites si possible de télécharger sur O1net,tom's guide,télécharger.com et Softonic et compagnie car ils repackent les logiciels avec des programmes potientellement indésirables
A lire
http://www.stoppublicites.fr/
https://www.malekal.com/adwares-pup-protection/

7)Pourquoi faut-il éviter de télécharger sur du p2p

Les risques sont gros la machine risque de devenir un pc zombie
Un peu de lecture concernant les dangers et le risque
https://forum.malekal.com/viewtopic.php?t=3208&start=
https://forum.malekal.com/viewtopic.php?t=893&start=

8)Petit exercice pour éviter de se faire piéger

https://forum.security-x.fr/tutoriels-317/s

lotus88
18 avril 2015 à 14:18

Ouf ! que d'information d'un seul coup ... Merci beaucoup tu m'as rendu un fier service. Désormais je vais faire plus attention à ce que je télécharge ou regarde sur IE. Heureusement qu'il y a des gens comme toi sans cela ce serait une belle pagaille dans les ordinateurs.

Virus Assitance Technique ?

14 réponses

Discussions similaires

Newsletters