Comment supprimer le virus Cryptowall?
Fermé
eric355
Messages postés
15
Date d'inscription
lundi 5 février 2007
Statut
Membre
Dernière intervention
28 février 2016
-
28 févr. 2016 à 14:15
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 28 févr. 2016 à 14:24
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 28 févr. 2016 à 14:24
Bonjour à tous,
Je cherche à supprimer sur un pc le virus Cryptowall et tant qu'à faire récupérer tous les fichiers "cryptés".
1) J'ai réalisé un CCleaner + Malwarebyte avec mise en quarantaine. Je ne pense avoir supprimé Cryptowall et les fichiers (photos, documents,...) sont toujours illisibles.
2) Je vous fais suivre le rapport ZHDiag pour vérif :
~ ZHPDiag v2016.1.31.23 Par Nicolas Coolman (2016/01/30)
~ Démarré par HP_Administrateur (Administrator) (2016/02/28 12:23:25)
~ Site: https://nicolascoolman.eu
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Etat de la version: Pas de fichier réseau
~ Mode: Scanner
~ Rapport: C:\Documents and Settings\HP_Administrateur\Bureau\ZHPDiag.txt
~ Rapport: C:\Documents and Settings\HP_Administrateur\Application Data\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ Démarrage du système: Normal (Normal boot)
Windows XP, 32-bit Service Pack 3 (Build 2600)
---\\ Navigateurs Internet (2) - 0s
GCIE: Google Chrome v48.0.2564.116
MSIE: Internet Explorer v8.0.6001.18702
---\\ Informations sur les produits Windows (3) - 0s
Windows Automatic Updates : KO
Windows Activation Technologies : KO
Windows Genuine Advantage : KO
---\\ Logiciels de protection (1) - 4s
Malwarebytes Anti-Malware version 2.1.8.1057
---\\ Logiciels d'optimisation (1) - 5s
CCleaner v5.15
---\\ Surveillance de Logiciels (2) - 5s
Adobe Flash Player 16 ActiveX
Adobe Reader 9.3
---\\ Informations sur le système (6) - 0s
~ Operating System: x86 Family 15 Model 6 Stepping 4, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 2095.5 MB (79% free)
System Restore: Désactivé (Disabled)
System drive C: has 166 GB () free of 231 GB
---\\ Mode de connexion au système (3) - 0s
~ Computer Name: CRAPULE
~ User Name: HP_Administrateur
~ Logged in as Administrator
---\\ Enumération des unités disques (4) - 0s
~ Drive C: has 166 GB free of 231 GB (System)
~ Drive D: has 0 GB free of 6 GB
~ Drive E: has GB free of 0 GB
~ Drive F: has 3 GB free of 7 GB
---\\ Etat du Centre de Sécurité Windows (9) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
---\\ Recherche particulière de fichiers génériques (23) - 0s
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - 14/04/2008 - (.Microsoft Corporation - Explorateur Windows.) -- C:\WINDOWS\Explorer.exe [1037824] =>.Microsoft Corporation
[MD5.93AD0B78C7357A05F50E594EC7C22300] - 14/04/2008 - (.Microsoft Corporation - Exécuter une DLL en tant qu'application.) -- C:\WINDOWS\System32\rundll32.exe [33792] =>.Microsoft Corporation
[MD5.E1948B1F45A176FB4A0251446A5AE86D] - 06/03/2014 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\WINDOWS\System32\wininet.dll [920064] =>.Microsoft Corporation
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - 14/04/2008 - (.Microsoft Corporation - Application d'ouverture de session Windows.) -- C:\WINDOWS\System32\Winlogon.exe [512000] =>.Microsoft Corporation
[MD5.D76A076ADB74F8132924E498D63123A2] - 03/03/2011 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\System32\dnsapi.dll [149504] =>.Microsoft Corporation
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - 17/08/2011 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [138496] =>.Microsoft Corporation
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - 13/04/2008 - (.Microsoft Corporation - IDE/ATAPI Port Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [96512] =>.Microsoft Corporation
[MD5.C885B02847F5D2FD45A24E219ED93B32] - 13/04/2008 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [63744] =>.Microsoft Corporation
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - 13/04/2008 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [62976] =>.Microsoft Corporation
[MD5.31F923EB2170FC172C81ABDA0045D18C] - 14/04/2008 - (.Microsoft Corporation - Pilote de cryptographie FIPS.) -- C:\WINDOWS\System32\drivers\Fips.sys [44672] =>.Microsoft Corporation
[MD5.573C7D0A32852B48F3058CFD8026F511] - 13/04/2008 - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - 14/04/2008 - (.Microsoft Corporation - Pilote de port i8042.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [54144] =>.Microsoft Corporation
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - 13/04/2008 - (.Microsoft Corporation - IMAPI Kernel Driver.) -- C:\WINDOWS\System32\drivers\Imapi.sys [42112] =>.Microsoft Corporation
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - 13/04/2008 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [152832] =>.Microsoft Corporation
[MD5.23C74D75E36E7158768DD63D92789A91] - 13/04/2008 - (.Microsoft Corporation - IPSec Driver.) -- C:\WINDOWS\System32\drivers\IPSec.sys [75264] =>.Microsoft Corporation
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - 15/07/2011 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [456320] =>.Microsoft Corporation
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - 13/04/2008 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [162816] =>.Microsoft Corporation
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - 13/04/2008 - (.Microsoft Corporation - NT File System Driver.) -- C:\WINDOWS\System32\drivers\ntfs.sys [574976] =>.Microsoft Corporation
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - 14/04/2008 - (.Microsoft Corporation - Pilote de port parallèle.) -- C:\WINDOWS\System32\drivers\Parport.sys [80384] =>.Microsoft Corporation
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - 13/04/2008 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [51328] =>.Microsoft Corporation
[MD5.15CABD0F7C00C47C70124907916AF3F1] - 13/04/2008 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [196224] =>.Microsoft Corporation
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - 14/04/2008 - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) -- C:\WINDOWS\System32\drivers\redbook.sys [58752] =>.Microsoft Corporation
[MD5.46DE1126684369BACE4849E4FC8C43CA] - 14/04/2008 - (.Microsoft Corporation - Pilote de cliché instantané du volume.) -- C:\WINDOWS\System32\drivers\volsnap.sys [53376] =>.Microsoft Corporation
---\\ Liste des services NT non Microsoft et non désactivés (10) - 1s
O23 - Service: Intel(R) Quick Resume technology (ELService) . (.Intel Corporation - .) - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe =>.Intel Corporation
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe =>.Intel Corporation
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe =>.Sun Microsystems, Inc.®
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - .) - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe =>.Hewlett-Packard Company
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
O23 - Service: NVIDIA Display Driver Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 91.32.) - C:\WINDOWS\system32\nvsvc32.exe =>.NVIDIA Corporation
O23 - Service: Orange update Core Service (Orange update Core Service) . (.Orange SA - Orange Upd@te.) - C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe =>.ORANGE®
O23 - Service: Reimage Real Time Protector (ReimageRealTimeProtector) . (.Reimage® - Reimage Real Time Protection.) - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe {42FA252C0EAB138AB118D98A1931718A} =>PUP.Optional.ReImageRepair
O23 - Service: WLSVC (WLSVC) . (. - WlanSvc.) - C:\Program Files\TRENDnet\TEW-648UBM\WLSVC.exe
---\\ Services non Microsoft (SR=Démarré,SS=Stoppé) (14) - 21s
SR - Auto [01/06/2006] [ 180224] Intel(R) Quick Resume technology (ELService) . (.Intel Corporation.) - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe =>.Intel Corporation
SS - Demand [03/03/2009] [ 33176] getPlus(R) Helper (getPlus(R) Helper) . (.NOS Microsystems Ltd..) - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe {034976D0066A8EA5B1AD813C3B89B656} =>.NOS Microsystems Ltd.
SS - Auto [30/08/2015] [ 144200] Service Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [30/08/2015] [ 144200] Service Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
SR - Auto [22/02/2006] [ 81920] Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe =>.Intel Corporation
SS - Demand [04/04/2005] [ 69632] InstallDriver Table Manager (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe =>.Macrovision Corporation
SR - Auto [28/08/2009] [ 152984] Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe =>.Sun Microsystems, Inc.®
SR - Auto [21/06/2006] [ 49152] LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe =>.Hewlett-Packard Company
SS - Auto [18/06/2015] [ 1133880] (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
SR - Auto [21/06/2006] [ 155715] NVIDIA Display Driver Service (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe =>.NVIDIA Corporation
SR - Auto [15/09/2014] [ 729608] Orange update Core Service (Orange update Core Service) . (.Orange SA.) - C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe =>.ORANGE®
SR - Auto [19/08/2015] [ 6324208] Reimage Real Time Protector (ReimageRealTimeProtector) . (.Reimage®.) - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe {42FA252C0EAB138AB118D98A1931718A} =>PUP.Optional.ReImageRepair
SS - Auto [11/02/2009] [ 167936] WLSVC (WLSVC) . (...) - C:\Program Files\TRENDnet\TEW-648UBM\WLSVC.exe
---\\ Processus lancés (16) - 2s
[MD5.BA523965D72D750FAD439EA51D633BAE] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe [81920] [PID.2040] =>.Intel Corporation
[MD5.32192B4EBE8720ED8D49A455C962CB91] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [152984] [PID.164] =>.Sun Microsystems, Inc.®
[MD5.5D4B38A8D8525356798F5E560C3A3090] - (.Hewlett-Packard Company - .) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [49152] [PID.200] =>.Hewlett-Packard Company
[MD5.4CF03AC8C052DC783A91B124651BCF1D] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 91.32.) -- C:\WINDOWS\system32\nvsvc32.exe [155715] [PID.512] =>.NVIDIA Corporation
[MD5.7E7E5B5501389308953ABB12D1F13CA3] - (.Orange SA - Orange Upd@te.) -- C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe [729608] [PID.524] =>.ORANGE®
[MD5.47B0091E1F412759E77F672064C16F17] - (.Reimage® - Reimage Real Time Protection.) -- C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [6324208] [PID.548] {42FA252C0EAB138AB118D98A1931718A} =>PUP.Optional.ReImageRepair
[MD5.B7F805AB96B759F4542594E2FC26CD0D] - (.Reimage® - Reimage System Protection.) -- C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe [5726696] [PID.756] {42FA252C0EAB138AB118D98A1931718A} =>PUP.Optional.ReImageRepair
[MD5.47FCF6628E1A221C41F3F0130FBF258E] - (.Intel Corporation - .) -- C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe [180224] [PID.1540] =>.Intel Corporation
[MD5.34D296AFC913E302953C70463EF09A48] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [96056] [PID.3144] =>.Hewlett-Packard Company®
[MD5.466CE40EAA865752F4930A472563E4E1] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760] [PID.3152] =>.Adobe Systems, Incorporated®
[MD5.9084AB2B397634E5F0FA4009DBE153C8] - (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [2382368] [PID.3212] =>.Hewlett Packard®
[MD5.C856B04ABD5A57CA688EF6CC2964DFBD] - (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe [6638296] [PID.3228] =>.Piriform Ltd®
[MD5.10F221B13764A3D4110B9C2A25A19DF1] - (.Copyright (C) 2010 - WlanCU MFC Application.) -- C:\Program Files\TRENDnet\TEW-648UBM\WlanCU.exe [368640] [PID.3320]
[MD5.9077C339575974669E38FBCB8C3D6A3A] - (.Orange SA - Orange Upd@te.) -- C:\Program Files\Orange\OrangeUpdate\Service\OUIndicator.exe [244232] [PID.1976] =>.ORANGE®
[MD5.FF9CE0FC9E3B4BC22001764A9EFE4741] - (.Nicolas Coolman - ZHPDiag.) -- C:\Documents and Settings\HP_Administrateur\Application Data\ZHP\ZHPDiag3.exe [2105344] [PID.2400] =>.Nicolas Coolman
[MD5.48099B7EDC91C9FEDFAD9CE73F1FC866] - (.Hewlett-Packard Co. - HPNetworkCommunicatorCom.) -- C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe [908320] [PID.2804] =>.Hewlett Packard®
---\\ Google Chrome, Démarrage,Recherche,Extensions (1) - 0s
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
---\\ Firefox, Plugins,Demarrage,Recherche,Extensions (5) - 1s
M1 - SPR:Search Page Redirection - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\Plugins\NPSWF32.dll =>.Adobe Systems Incorporated®
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\Plugins\WMP Firefox Plugin License.rtf
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\Plugins\WMP Firefox Plugin RelNotes.txt
P2 - FPN: [HKCU] [@adobe.com/FlashPlayer] - (.Adobe Systems Inc..) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll =>.Adobe Systems Inc.
---\\ Internet Explorer,Démarrage,Recherche,URLSearchHook (16) - 1s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = https://www.google.com/?gws_rd=ssl
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.google.com/?gws_rd=ssl
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
---\\ Internet Explorer,Proxy Management (5) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Internet Explorer,IniFiles, Autoloading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
---\\ Etude du fichier hosts (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (19)
---\\ Browser Helper Object de navigateur (BHO) (7) - 0s
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll =>.Adobe Systems, Incorporated®
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} (Orphean)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll =>.Microsoft Corporation®
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\ssv.dll =>.Sun Microsystems, Inc.®
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll =>.Sun Microsystems, Inc.
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll =>.Microsoft Corporation®
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll =>.Sun Microsystems, Inc.
---\\ Applications lancées au démarrage du système (17) - 1s
O4 - HKLM\..\Run: [ftutil2] . (.Microsoft Corporation - Exécuter une DLL en tant qu'application.) -- C:\WINDOWS\System32\rundll32.exe =>.Microsoft Corporation
O4 - HKLM\..\Run: [NvCplDaemon] . (.Microsoft Corporation - Exécuter une DLL en tant qu'application.) -- C:\WINDOWS\System32\RUNDLL32.EXE =>.Microsoft Corporation
O4 - HKLM\..\Run: [ALCMTR] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- C:\WINDOWS\ALCMTR.EXE =>.Realtek Semiconductor Corp.
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Computer, Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe =>.Apple Computer, Inc.
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Company®
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [configsys] . (...) -- C:\Documents and Settings\HP_Administrateur\Application Data\Windows\configsys.exe
O4 - HKCU\..\Run: [HP ENVY 4500 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe =>.Hewlett Packard®
O4 - HKCU\..\Run: [mediaux] . (.Microsoft Corporation - Exécuter une DLL en tant qu'application.) -- C:\WINDOWS\System32\rundll32.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd®
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3227581936-2605241884-3898558284-1007\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3227581936-2605241884-3898558284-1007\..\Run: [configsys] . (...) -- C:\Documents and Settings\HP_Administrateur\Application Data\Windows\configsys.exe
O4 - HKUS\S-1-5-21-3227581936-2605241884-3898558284-1007\..\Run: [HP ENVY 4500 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe =>.Hewlett Packard®
O4 - HKUS\S-1-5-21-3227581936-2605241884-3898558284-1007\..\Run: [mediaux] . (.Microsoft Corporation - Exécuter une DLL en tant qu'application.) -- C:\WINDOWS\System32\rundll32.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3227581936-2605241884-3898558284-1007\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd®
---\\ Raccourcis Global Startup (75) - 7s
O4 - GS\Desktop [Administrateur]: Amazon.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [Administrateur]: Facebook.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [Administrateur]: Hotmail.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [Administrateur]: Microsoft Excel.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\xlicons.exe
O4 - GS\Desktop [Administrateur]: Microsoft Outlook.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\outicon.exe
O4 - GS\Desktop [Administrateur]: Microsoft PowerPoint.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\pptico.exe
O4 - GS\Desktop [Administrateur]: Microsoft Word.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\wordicon.exe
O4 - GS\Desktop [Administrateur]: SyncBackFree.lnk . (.2BrightSparks Pte Ltd - SyncBackFree.) C:\Program Files\2BrightSparks\SyncBackFree\SyncBackFree.exe =>.2BrightSparks Pte Ltd®
O4 - GS\Desktop [Administrateur]: Wikipedia.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [Administrateur]: Wireless Configuration Utility.lnk . (.Copyright (C) 2010 - WlanCU MFC Application.) C:\Program Files\TRENDnet\TEW-648UBM\WlanCU.exe
O4 - GS\Desktop [Administrateur]: Youtube.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [Administrateur]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Documents and Settings\HP_Administrateur\Application Data\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrateur]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Desktop [HelpAssistant]: Amazon.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [HelpAssistant]: Facebook.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [HelpAssistant]: Hotmail.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [HelpAssistant]: Microsoft Excel.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\xlicons.exe
O4 - GS\Desktop [HelpAssistant]: Microsoft Outlook.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\outicon.exe
O4 - GS\Desktop [HelpAssistant]: Microsoft PowerPoint.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\pptico.exe
O4 - GS\Desktop [HelpAssistant]: Microsoft Word.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\wordicon.exe
O4 - GS\Desktop [HelpAssistant]: SyncBackFree.lnk . (.2BrightSparks Pte Ltd - SyncBackFree.) C:\Program Files\2BrightSparks\SyncBackFree\SyncBackFree.exe =>.2BrightSparks Pte Ltd®
O4 - GS\Desktop [HelpAssistant]: Wikipedia.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [HelpAssistant]: Wireless Configuration Utility.lnk . (.Copyright (C) 2010 - WlanCU MFC Application.) C:\Program Files\TRENDnet\TEW-648UBM\WlanCU.exe
O4 - GS\Desktop [HelpAssistant]: Youtube.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [HelpAssistant]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Documents and Settings\HP_Administrateur\Application Data\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [HelpAssistant]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Desktop [HP_Administrateur]: Amazon.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [HP_Administrateur]: Facebook.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [HP_Administrateur]: Hotmail.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [HP_Administrateur]: Microsoft Excel.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\xlicons.exe
O4 - GS\Desktop [HP_Administrateur]: Microsoft Outlook.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\outicon.exe
O4 - GS\Desktop [HP_Administrateur]: Microsoft PowerPoint.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\pptico.exe
O4 - GS\Desktop [HP_Administrateur]: Microsoft Word.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\wordicon.exe
O4 - GS\Desktop [HP_Administrateur]: SyncBackFree.lnk . (.2BrightSparks Pte Ltd - SyncBackFree.) C:\Program Files\2BrightSparks\SyncBackFree\SyncBackFree.exe =>.2BrightSparks Pte Ltd®
O4 - GS\Desktop [HP_Administrateur]: Wikipedia.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [HP_Administrateur]: Wireless Configuration Utility.lnk . (.Copyright (C) 2010 - WlanCU MFC Application.) C:\Program Files\TRENDnet\TEW-648UBM\WlanCU.exe
O4 - GS\Desktop [HP_Administrateur]: Youtube.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [HP_Administrateur]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Documents and Settings\HP_Administrateur\Application Data\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [HP_Administrateur]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Desktop [SUPPORT_388945a0]: Amazon.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [SUPPORT_388945a0]: Facebook.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [SUPPORT_388945a0]: Hotmail.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [SUPPORT_388945a0]: Microsoft Excel.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\xlicons.exe
O4 - GS\Desktop [SUPPORT_388945a0]: Microsoft Outlook.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\outicon.exe
O4 - GS\Desktop [SUPPORT_388945a0]: Microsoft PowerPoint.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\pptico.exe
O4 - GS\Desktop [SUPPORT_388945a0]: Microsoft Word.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\wordicon.exe
O4 - GS\Desktop [SUPPORT_388945a0]: SyncBackFree.lnk . (.2BrightSparks Pte Ltd - SyncBackFree.) C:\Program Files\2BrightSparks\SyncBackFree\SyncBackFree.exe =>.2BrightSparks Pte Ltd®
O4 - GS\Desktop [SUPPORT_388945a0]: Wikipedia.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [SUPPORT_388945a0]: Wireless Configuration Utility.lnk . (.Copyright (C) 2010 - WlanCU MFC Application.) C:\Program Files\TRENDnet\TEW-648UBM\WlanCU.exe
O4 - GS\Desktop [SUPPORT_388945a0]: Youtube.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [SUPPORT_388945a0]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Documents and Settings\HP_Administrateur\Application Data\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [SUPPORT_388945a0]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Desktop [SUPPORT_fddfa904]: Amazon.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [SUPPORT_fddfa904]: Facebook.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [SUPPORT_fddfa904]: Hotmail.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [SUPPORT_fddfa904]: Microsoft Excel.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\xlicons.exe
O4 - GS\Desktop [SUPPORT_fddfa904]: Microsoft Outlook.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\outicon.exe
O4 - GS\Desktop [SUPPORT_fddfa904]: Microsoft PowerPoint.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\pptico.exe
O4 - GS\Desktop [SUPPORT_fddfa904]: Microsoft Word.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\wordicon.exe
O4 - GS\Desktop [SUPPORT_fddfa904]: SyncBackFree.lnk . (.2BrightSparks Pte Ltd - SyncBackFree.) C:\Program Files\2BrightSparks\SyncBackFree\SyncBackFree.exe =>.2BrightSparks Pte Ltd®
O4 - GS\Desktop [SUPPORT_fddfa904]: Wikipedia.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [SUPPORT_fddfa904]: Wireless Configuration Utility.lnk . (.Copyright (C) 2010 - WlanCU MFC Application.) C:\Program Files\TRENDnet\TEW-648UBM\WlanCU.exe
O4 - GS\Desktop [SUPPORT_fddfa904]: Youtube.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [SUPPORT_fddfa904]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Documents and Settings\HP_Administrateur\Application Data\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [SUPPORT_fddfa904]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\CommonDesktop [Public]: Achat de consommables - HP ENVY 4500 series.lnk . (.Hewlett-Packard Co. - DesktopSureSupply.) C:\Program Files\HP\HP ENVY 4500 series\Bin\hpqDTSS.exe =>.Hewlett Packard®
O4 - GS\CommonDesktop [Public]: Adobe Reader 9.lnk . (.Adobe Systems Incorporated - Adobe Reader 9.3.) C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe =>.Adobe Systems, Incorporated®
O4 - GS\CommonDesktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd®
O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\CommonDesktop [Public]: HP ENVY 4500 series.lnk . (.Hewlett-Packard Co. - HP Printer Assistant.) C:\Program Files\HP\HP ENVY 4500 series\Bin\HP ENVY 4500 series.exe =>.Hewlett Packard®
O4 - GS\CommonDesktop [Public]: HP Photo Creations.lnk . (.Visan / RocketLife - PhotoProduct.exe.) C:\Program Files\HP Photo Creations\PhotoProduct.exe =>.Visan Industries®
O4 - GS\CommonDesktop [Public]: HP Print and Scan Doctor.lnk . (...) C:\Program Files\HP\Diagnostics\PSDR\HPPSDr.exe =>.Hewlett Packard®
O4 - GS\CommonDesktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe =>.Malwarebytes Corporation®
O4 - GS\CommonDesktop [Public]: PC Scan & Repair by Reimage.lnk . (.Reimage® - Reimage Downloader.) C:\Program Files\Reimage\Reimage Repair\ReimageRepair.exe {42FA252C0EAB138AB118D98A1931718A} =>PUP.Optional.ReImageRepair
O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player 2.1.0.) C:\Program Files\VideoLAN\VLC\vlc.exe =>.VideoLAN
---\\ Modification Domaine/Adresses DNS (3) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1CEDAE29-FA41-4AE6-BD3D-D3CBBA6A701C}: DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF54C4C8-2F6A-43AF-98B1-1FDEF213AC13}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1CEDAE29-FA41-4AE6-BD3D-D3CBBA6A701C}: DhcpDomain = americas.hpqcorp.net
---\\ Protocole additionnel (34) - 1s
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} . (.Microsoft Corporation - Microsoft SharePoint Portal Server Object M.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\PKMCDO.DLL =>.Microsoft Corporation
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\WINDOWS\system32\msvidctl.dll =>.Microsoft Corporation
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll =>.Microsoft Corporation®
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll =>.Microsoft Corporation
O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- c:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll =>.Microsoft Corporation
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll =>.Microsoft Corporation®
O18 - Handler: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} . (.Microsoft Corporation - Microsoft Office XP Web Components.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL =>.Microsoft Corporation®
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\WINDOWS\system32\msvidctl.dll =>.Microsoft Corporation
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll =>.Microsoft Corporation
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll =>.Microsoft Corporation®
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll =>.Microsoft Corporation
---\\ Logiciels installés (82) - 49s
O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {A80FA752-C491-4ED9-ABF0-4278563160B2} =>.Hewlett-Packard
O42 - Logiciel: Adobe Flash Player 16 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Reader 9.3 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-A93000000001} =>.Adobe Systems Incorporated
O42 - Logiciel: Amélioration de nos services - (.Hewlett-Packard.) [HKLM] -- {23012310-3E05-46A5-88A9-C6CBCABCAC79} =>.Hewlett-Packard
O42 - Logiciel: Amélioration de nos services - (.Hewlett-Packard.) [HKLM] -- InstallShield_{23012310-3E05-46A5-88A9-C6CBCABCAC79} =>.Hewlett-Packard
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner =>.Piriform Ltd®
O42 - Logiciel: Étude pour l'amélioration du produit HP ENVY 4500 series - (.Hewlett-Packard Co..) [HKLM] -- {150F0E5C-8D47-4E5A-BFA5-B984D0536E7D} =>.Hewlett-Packard Co.
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome =>.Google Inc®
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>.Google Inc.
O42 - Logiciel: High Definition Audio - KB888111 - (.Microsoft Corporation.) [HKLM] -- KB888111WXPSP2 =>.Microsoft Corporation®
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399 =>.Microsoft Corporation®
O42 - Logiciel: Hotfix for Windows Media Player 10 (KB903157) - (.Microsoft Corporation.) [HKLM] -- KB903157 =>.Microsoft Corporation
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5 =>.Microsoft Corporation
O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5 =>.Microsoft Corporation
O42 - Logiciel: HP ENVY 4500 series Aide - (.Hewlett Packard.) [HKLM] -- {BAF28CCD-121D-4C6C-B29D-4F7B51B2D1B4} =>.Hewlett Packard
O42 - Logiciel: HP FWUpdateEDO2 - (.Hewlett-Packard.) [HKLM] -- {415FA9AD-DA10-4ABE-97B6-5051D4795C90} =>.Hewlett-Packard
O42 - Logiciel: HP Photo Creations - (.HP.) [HKLM] -- HP Photo Creations =>.Visan Industries®
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {912D30CF-F39E-4B31-AD9A-123C6B794EE2} =>.Hewlett-Packard
O42 - Logiciel: HPDiagnosticAlert - (.Microsoft.) [HKLM] -- {B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D} =>.Microsoft
O42 - Logiciel: HPPhotoSmartExpress - (.Hewlett-Packard.) [HKLM] -- {2376813B-2E5A-4641-B7B3-A0D5ADB55229} =>.Hewlett-Packard
O42 - Logiciel: HpSdpAppCoreApp - (.Hewlett-Packard.) [HKLM] -- {DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38} =>.Hewlett-Packard
O42 - Logiciel: Intel(R) Matrix Storage Manager - (...) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Intel(R) PRO Network Connections Drivers - (...) [HKLM] -- PROSet
O42 - Logiciel: Intel(R) Quick Resume Technology Drivers - (...) [HKLM] -- EL
O42 - Logiciel: Interface Bureau Libre Free-EOS - (.Free-EOS.) [HKLM] -- BureauLibreFree-EOS
O42 - Logiciel: Java(TM) 6 Update 11 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216011FF} =>.Sun Microsystems, Inc.
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5} =>.Microsoft Corporation
O42 - Logiciel: Lecteur Windows Media 11 - (...) [HKLM] -- Windows Media Player
O42 - Logiciel: LightScribe 1.4.105.1 - (.Nom de votre société.) [HKLM] -- {9F7AF7CD-E3D0-4C68-A3BA-C76C359B3AA8}
O42 - Logiciel: Logiciel de base du périphérique HP ENVY 4500 series - (.Hewlett-Packard Co..) [HKLM] -- {6CA3B3FF-4009-48CF-8C27-43B815B03A59} =>.Hewlett-Packard Co.
O42 - Logiciel: Logitech Desktop Messenger - (...) [HKLM] -- {900B1197-53F5-4F46-A882-2CFFFE2EEDCB}
O42 - Logiciel: Malwarebytes Anti-Malware version 2.1.8.1057 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes Anti-Malware_is1 =>.Malwarebytes Corporation
O42 - Logiciel: Microsoft Application Error Reporting - (.Microsoft Corporation.) [HKLM] -- {95120000-00B9-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1 =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {06E6E30D-B498-442F-A943-07DE41D7F785} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB} =>.Microsoft Corporation
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000 =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {A059DE09-1B49-4450-B340-7AE097EC3F04} =>.Microsoft Corporation
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94} =>.Microsoft
O42 - Logiciel: MSXML 4.0 SP2 (KB927978) - (.Microsoft Corporation.) [HKLM] -- {37477865-A3F1-4772-AD43-AAFC6BCFF99F} =>.Microsoft Corporation
O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM] -- {C04E32E0-0416-434D-AFB9-6969D703A9EF} =>.Microsoft Corporation
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} =>.Microsoft Corporation
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} =>.Microsoft Corporation
O42 - Logiciel: MSXML 6 Service Pack 2 (KB973686) - (.Microsoft Corporation.) [HKLM] -- {56EA8BC0-3751-4B93-BC9D-6651CC36E5AA} =>.Microsoft Corporation
O42 - Logiciel: Notification Mail - (.Orange.) [HKLM] -- MailNotifier {7CB1C41913EE8051B715CF4B1F2E67DB} =>.Orange
O42 - Logiciel: NVIDIA Drivers - (...) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: PCI SoftV92 Modem - (...) [HKLM] -- CNXT_MODEM_PCI_VEN_14F1&DEV_2F30&SUBSYS_205514F1
O42 - Logiciel: QuickTime - (.Apple Computer, Inc..) [HKLM] -- {4E5E22C2-1386-47AE-8EDE-32DDCDCD6653} =>.Apple Computer, Inc.
O42 - Logiciel: QuickTime - (.Apple Computer, Inc..) [HKLM] -- InstallShield_{4E5E22C2-1386-47AE-8EDE-32DDCDCD6653} =>.Apple Computer, Inc.
O42 - Logiciel: Realtek High Definition Audio Driver - (...) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Reimage Repair - (.Reimage.) [HKLM] -- Reimage Repair {42FA252C0EAB138AB118D98A1931718A} =>PUP.Optional.ReImageRepair
O42 - Logiciel: Samsung Media Studio - (.Samsung.) [HKLM] -- {C20CE592-B0F8-4D20-BF31-0151CA6331A6} =>.Samsung
O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {EBA29752-DDD2-4B62-B2E3-9841F92A3E3A} =>.Samsung Electronics Co., Ltd.
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} =>.Microsoft Corporation
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906 =>.Microsoft Corporation
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} =>.Microsoft Corp
O42 - Logiciel: Sonic RecordNow Audio - (.Sonic Solutions.) [HKLM] -- {AB708C9B-97C8-4AC9-899B-DBF226AC9382} =>.Sonic Solutions
O42 - Logiciel: Sonic RecordNow Copy - (.Sonic Solutions.) [HKLM] -- {B12665F4-4E93-4AB4-B7FC-37053B524629} =>.Sonic Solutions
O42 - Logiciel: Sonic RecordNow Data - (.Sonic Solutions.) [HKLM] -- {075473F5-846A-448B-BCB3-104AA1760205} =>.Sonic Solutions
O42 - Logiciel: Sonic Update Manager - (.Sonic Solutions.) [HKLM] -- {30465B6C-B53F-49A1-9EBA-A3F187AD502E} =>.Sonic Solutions
O42 - Logiciel: Sony USB Driver - (.Sony Corporation.) [HKLM] -- {5C29CB8B-AC1E-4114-8D68-9CD080140D4A} =>.Sony Corporation
O42 - Logiciel: SyncBackFree - (.2BrightSparks.) [HKLM] -- SyncBackFree_is1 =>.2BrightSparks Pte Ltd®
O42 - Logiciel: TRENDnet TEW-648UBM Wireless N USB Adapter - (.TRENDnet.) [HKLM] -- {C5D706E3-BF18-4106-B02E-F55A7F22DDEE} =>.Macrovision Corporation®
O42 - Logiciel: Unload - (.Hewlett-Packard.) [HKLM] -- {8CE4E6E9-9D55-43FB-9DDB-688C976BFC05} =>.Hewlett-Packard
O42 - Logiciel: VLC media player 2.1.0 - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: WebFldrs XP - (.Microsoft Corporation.) [HKLM] -- {350C940c-3D7C-4EE8-BAA9-00BCB3D54227} =>.Microsoft Corporation
O42 - Logiciel: Windows Imaging Component - (.Microsoft Corporation.) [HKLM] -- WIC =>.Microsoft Corporation®
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8 =>.Microsoft Corporation®
O42 - Logiciel: Windows Media Format 11 runtime - (...) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11 =>.Microsoft Corporation®
O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11 =>.Microsoft Corporation®
O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} =>.Microsoft Corp
O42 - Logiciel: Windows XP Media Center Edition 2005 KB2502898 - (.Microsoft Corporation.) [HKLM] -- KB2502898 =>.Microsoft Corporation®
O42 - Logiciel: Windows XP Media Center Edition 2005 KB2619340 - (.Microsoft Corporation.) [HKLM] -- KB2619340 =>.Microsoft Corporation®
O42 - Logiciel: Windows XP Media Center Edition 2005 KB2628259 - (.Microsoft Corporation.) [HKLM] -- KB2628259 =>.Microsoft Corporation®
O42 - Logiciel: Windows XP Media Center Edition 2005 KB925766 - (.Microsoft Corporation.) [HKLM] -- KB925766 =>.Microsoft Corporation®
O42 - Logiciel: Windows XP Media Center Edition 2005 KB973768 - (.Microsoft Corporation.) [HKLM] -- KB973768 =>.Microsoft Corporation®
O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service =>.Microsoft Corporation®
---\\ HKCU & HKLM Software Keys (139) - 49s
HKLM\SOFTWARE\2BrightSparks
HKLM\SOFTWARE\58f
HKLM\SOFTWARE\8ec
HKLM\SOFTWARE\Aawp
HKLM\SOFTWARE\Adobe
HKLM\SOFTWARE\AdwCleaner
HKLM\SOFTWARE\Apple Computer, Inc.
HKLM\SOFTWARE\Awtp
HKLM\SOFTWARE\BackWeb
HKLM\SOFTWARE\C07ft5Y
HKLM\SOFTWARE\cameo
HKLM\SOFTWARE\CDDB
HKLM\SOFTWARE\Clara =>PUP.Optional.SupTab
HKLM\SOFTWARE\CXT
HKLM\SOFTWARE\CyberLink
HKLM\SOFTWARE\Data Fellows
HKLM\SOFTWARE\Debug
HKLM\SOFTWARE\DivXNetworks
HKLM\SOFTWARE\Electronic Arts
HKLM\SOFTWARE\Eset
HKLM\SOFTWARE\F-Secure
HKLM\SOFTWARE\FRANCE TELECOM
HKLM\SOFTWARE\FullCircle
HKLM\SOFTWARE\Gemplus
HKLM\SOFTWARE\Google
HKLM\SOFTWARE\Hewlett-Packard
HKLM\SOFTWARE\HP
HKLM\SOFTWARE\HPQ
HKLM\SOFTWARE\I.R.I.S.
HKLM\SOFTWARE\Infogrames Interactive
HKLM\SOFTWARE\InstallShield
HKLM\SOFTWARE\Intel
HKLM\SOFTWARE\JavaSoft
HKLM\SOFTWARE\LightScribe
HKLM\SOFTWARE\Logitech
HKLM\SOFTWARE\Macromedia
HKLM\SOFTWARE\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\MarkAny
HKLM\SOFTWARE\MDC
HKLM\SOFTWARE\Mozilla
HKLM\SOFTWARE\mozilla.org
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\MusicNet
HKLM\SOFTWARE\muvee Technologies
HKLM\SOFTWARE\NOS
HKLM\SOFTWARE\NVIDIA Corporation
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\Orange
HKLM\SOFTWARE\Piriform
HKLM\SOFTWARE\Program Groups
HKLM\SOFTWARE\Python
HKLM\SOFTWARE\RealNetworks
HKLM\SOFTWARE\Realtek
HKLM\SOFTWARE\Reg
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\Reimage =>PUP.Optional.ReImageRepair
HKLM\SOFTWARE\RocketLife
HKLM\SOFTWARE\RtWLan
HKLM\SOFTWARE\Safer Networking Limited
HKLM\SOFTWARE\Samsung
HKLM\SOFTWARE\Samsung Electronics Co., Ltd.
HKLM\SOFTWARE\Schlumberger
HKLM\SOFTWARE\Secure
HKLM\SOFTWARE\Sonic
HKLM\SOFTWARE\Sony Corporation
HKLM\SOFTWARE\SONY PVC
HKLM\SOFTWARE\SPPDCOM =>.Superfluous.PCSpeedUp
HKLM\SOFTWARE\Symantec
HKLM\SOFTWARE\TeamViewer
HKLM\SOFTWARE\The Silicon Realms Toolworks
HKLM\SOFTWARE\TRENDnet
HKLM\SOFTWARE\VideoLAN
HKLM\SOFTWARE\Visan
HKLM\SOFTWARE\webtogo
HKLM\SOFTWARE\Wilson WindowWare
HKLM\SOFTWARE\Windows
HKLM\SOFTWARE\Windows 3.1 Migration Status
HKLM\SOFTWARE\Wow6432Node
HKLM\SOFTWARE\Xing Technology Corp.
HKCU\SOFTWARE\2BrightSparks
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\ALWIL Software
HKCU\SOFTWARE\Anuman Interactive
HKCU\SOFTWARE\Aosu
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Aurigma
HKCU\SOFTWARE\BHO Lphant
HKCU\SOFTWARE\Bubble_Dock_FR
HKCU\SOFTWARE\CDDB
HKCU\SOFTWARE\Cyberlink
HKCU\SOFTWARE\F-Secure
HKCU\SOFTWARE\FotoWire
HKCU\SOFTWARE\FRANCE TELECOM
HKCU\SOFTWARE\Genesis Digital Innovations =>PUP.Optional.Genesis
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Hewlett-Packard
HKCU\SOFTWARE\HP
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\Iris
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\JEDI-VCL
HKCU\SOFTWARE\kde.org
HKCU\SOFTWARE\Lavasoft
HKCU\SOFTWARE\Leadertech
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\Local AppWizard-Generated Applications
HKCU\SOFTWARE\Logitech
HKCU\SOFTWARE\Lphant
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Magnet
HKCU\SOFTWARE\MainConcept
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\NVIDIA Corporation
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\RealNetworks
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\Reg
HKCU\SOFTWARE\Reimage =>PUP.Optional.ReImageRepair
HKCU\SOFTWARE\reimagerepair =>PUP.Optional.ReImageRepair
HKCU\SOFTWARE\Safer Networking Limited
HKCU\SOFTWARE\Sahu
HKCU\SOFTWARE\Samsung Media Studio
HKCU\SOFTWARE\SecuROM
HKCU\SOFTWARE\SmileboxInstall
HKCU\SOFTWARE\Software
HKCU\SOFTWARE\Sonic
HKCU\SOFTWARE\Sony Corporation
HKCU\SOFTWARE\TeamViewer
HKCU\SOFTWARE\TomTom
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\Visan
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
---\\ Contenu des dossiers Programmes (206) - 34s
O43 - CFD: 25/10/2014 - [] D -- C:\Program Files\2BrightSparks =>.2BrightSparks Pte Ltd®
O43 - CFD: 17/01/2015 - [] D -- C:\Program Files\Adobe =>.Adobe Systems, Incorporated®
O43 - CFD: 04/04/2010 - [] D -- C:\Program Files\Alwil Software
O43 - CFD: 21/04/2007 - [] D -- C:\Program Files\Astrologie & Devenir
O43 - CFD: 17/02/2007 - [] D -- C:\Program Files\ATLAS
O43 - CFD: 28/02/2016 - [] D -- C:\Program Files\CCleaner =>.Piriform Ltd®
O43 - CFD: 12/11/2005 - [0] D -- C:\Program Files\ComPlus Applications
O43 - CFD: 22/12/2006 - [] D -- C:\Program Files\CONEXANT
O43 - CFD: 23/12/2006 - [] D -- C:\Program Files\directx
O43 - CFD: 24/10/2014 - [0] D -- C:\Program Files\DivX
O43 - CFD: 02/01/2006 - [] D -- C:\Program Files\EasyBits
O43 - CFD: 24/10/2014 - [] D -- C:\Program Files\eMule
O43 - CFD: 28/02/2016 - [] D -- C:\Program Files\Fichiers communs =>.Microsoft Corporation®
O43 - CFD: 23/12/2006 - [] D -- C:\Program Files\GameSpy Arcade
O43 - CFD: 24/10/2014 - [0] D -- C:\Program Files\GemMasterFrench
O43 - CFD: 24/10/2014 - [] D -- C:\Program Files\Google =>.Google Inc®
O43 - CFD: 18/04/2007 - [] D -- C:\Program Files\Hasbro Interactive
O43 - CFD: 02/11/2014 - [] D -- C:\Program Files\Hewlett-Packard =>.Hewlett-Packard Company®
O43 - CFD: 03/01/2015 - [] D -- C:\Program Files\HP
O43 - CFD: 02/11/2014 - [] D -- C:\Program Files\HP Photo Creations =>.Visan Industries®
O43 - CFD: 24/10/2014 - [] HD -- C:\Program Files\InstallShield Installation Information
O43 - CFD: 02/01/2006 - [] D -- C:\Program Files\Intel
O43 - CFD: 28/10/2014 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 28/08/2009 - [] D -- C:\Program Files\Java =>.Sun Microsystems, Inc.®
O43 - CFD: 03/02/2007 - [] D -- C:\Program Files\KONAMI
O43 - CFD: 11/10/2007 - [] D -- C:\Program Files\Laureats
O43 - CFD: 24/10/2014 - [] D -- C:\Program Files\Logitech
O43 - CFD: 28/02/2016 - [] D -- C:\Program Files\Malwarebytes Anti-Malware =>.Malwarebytes Corporation®
O43 - CFD: 12/02/2010 - [] D -- C:\Program Files\MarkAny
O43 - CFD: 24/10/2014 - [] D -- C:\Program Files\Messenger
O43 - CFD: 28/10/2014 - [] D -- C:\Program Files\Microsoft =>.Microsoft Corporation®
O43 - CFD: 07/08/2007 - [] D -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
O43 - CFD: 15/11/2005 - [] D -- C:\Program Files\microsoft frontpage
O43 - CFD: 25/12/2006 - [] D -- C:\Program Files\Microsoft Office =>.Microsoft Corporation®
O43 - CFD: 28/02/2016 - [] D -- C:\Program Files\Microsoft Security
O43 - CFD: 28/10/2014 - [] D -- C:\Program Files\Microsoft Silverlight =>.Microsoft Corporation®
O43 - CFD: 28/10/2009 - [] D -- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 28/10/2009 - [] D -- C:\Program Files\Microsoft Sync Framework
O43 - CFD: 02/01/2006 - [] D -- C:\Program Files\Microsoft Works
O43 - CFD: 18/04/2007 - [] D -- C:\Program Files\Mindscape
O43 - CFD: 28/10/2014 - [] D -- C:\Program Files\Movie Maker
O43 - CFD: 02/01/2016 - [] D -- C:\Program Files\Mozilla Firefox
O43 - CFD: 29/10/2009 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 27/02/2007 - [] D -- C:\Program Files\MSN
O43 - CFD: 15/11/2005 - [] D -- C:\Program Files\MSN Gaming Zone
O43 - CFD: 24/10/2014 - [] D -- C:\Program Files\MSNFix
O43 - CFD: 11/01/2007 - [0] D -- C:\Program Files\MSXML 4.0
O43 - CFD: 29/10/2009 - [] D -- C:\Program Files\MSXML 6.0
O43 - CFD: 19/02/2008 - [] D -- C:\Program Files\muvee Technologies
O43 - CFD: 24/10/2014 - [] D -- C:\Program Files\NetMeeting
O43 - CFD: 27/04/2009 - [] D -- C:\Program Files\NOS {034976D0066A8EA5B1AD813C3B89B656}
O43 - CFD: 15/11/2005 - [] D -- C:\Program Files\Online Services
O43 - CFD: 28/10/2014 - [] D -- C:\Program Files\Orange =>.ORANGE®
O43 - CFD: 24/10/2014 - [] D -- C:\Program Files\Outlook Express
O43 - CFD: 22/12/2006 - [] D -- C:\Program Files\QuickTime
O43 - CFD: 02/01/2006 - [] D -- C:\Program Files\Real
O43 - CFD: 29/10/2009 - [] D -- C:\Program Files\Reference Assemblies
O43 - CFD: 23/03/2008 - [] D -- C:\Program Files\RegCleaner
O43 - CFD: 23/01/2016 - [] D -- C:\Program Files\Reimage {42FA252C0EAB138AB118D98A1931718A} =>PUP.Optional.ReImageRepair
O43 - CFD: 24/10/2014 - [] D -- C:\Program Files\Samsung
O43 - CFD: 02/01/2011 - [] D -- C:\Program Files\Securitoo
O43 - CFD: 02/01/2006 - [] D -- C:\Program Files\Services en ligne
O43 - CFD: 24/10/2014 - [] D -- C:\Program Files\Software =>PUP.Optional.Boxore
O43 - CFD: 28/10/2009 - [] D -- C:\Program Files\Sonic
O43 - CFD: 18/07/2007 - [] D -- C:\Program Files\Sony
O43 - CFD: 25/10/2014 - [] D -- C:\Program Files\Spybot - Search & Destroy 2 =>.Safer Networking Ltd.®
O43 - CFD: 15/03/2008 - [] D -- C:\Program Files\Trend Micro
O43 - CFD: 17/12/2012 - [] D -- C:\Program Files\TRENDnet
O43 - CFD: 07/05/2008 - [] HD -- C:\Program Files\Uninstall Information
O43 - CFD: 11/12/2007 - [] D -- C:\Program Files\VideoLAN
O43 - CFD: 12/02/2010 - [] D -- C:\Program Files\Wanadoo
O43 - CFD: 28/10/2009 - [] D -- C:\Program Files\Windows Live =>.Microsoft Corporation®
O43 - CFD: 06/08/2007 - [] D -- C:\Program Files\Windows Live Toolbar
O43 - CFD: 16/01/2010 - [] D -- C:\Program Files\Windows Media Connect 2
O43 - CFD: 17/01/2010 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 24/10/2014 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 15/11/2005 - [] D -- C:\Program Files\Windows Plus
O43 - CFD: 12/11/2005 - [0] HD -- C:\Program Files\WindowsUpdate
O43 - CFD: 15/11/2005 - [] D -- C:\Program Files\xerox
O43 - CFD: 28/10/2014 - [] D -- C:\Program Files\ZHPDiag
O43 - CFD: 28/02/2016 - [] D -- C:\Program Files\ZHPFix
O43 - CFD: 25/10/2014 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\2BrightSparks
O43 - CFD: 24/10/2014 - [] RD -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires
O43 - CFD: 28/10/2014 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
O43 - CFD: 02/11/2014 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HP
O43 - CFD: 02/01/2006 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Intel(R) Matrix Storage Manager
O43 - CFD: 04/11/2008 - [] RD -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Jeux
O43 - CFD: 02/01/2006 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\LightScribe Direct Disc Labeling
O43 - CFD: 24/10/2014 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Logitech
O43 - CFD: 28/02/2016 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes Anti-Malware
O43 - CFD: 28/10/2014 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Office Live Add-in
O43 - CFD: 28/10/2014 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Silverlight
O43 - CFD: 20/12/2015 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Orange
O43 - CFD: 01/02/2006 - [] RD -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils d'administration
O43 - CFD: 24/10/2014 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils et Aide
O43 - CFD: 10/01/2015 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils Microsoft Office
O43 - CFD: 22/12/2006 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\QuickTime
O43 - CFD: 23/01/2016 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Reimage Repair =>PUP.Optional.ReImageRepair
O43 - CFD: 28/10/2009 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Sonic
O43 - CFD: 17/12/2012 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\TRENDnet
O43 - CFD: 02/10/2014 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN
O43 - CFD: 03/01/2016 - [] D -- C:\Documents and Settings\All Users\Application Data\3A29F
O43 - CFD: 18/01/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\Adobe
O43 - CFD: 24/10/2014 - [0] D -- C:\Documents and Settings\All Users\Application Data\Alwil Software
O43 - CFD: 22/12/2006 - [] D -- C:\Documents and Settings\All Users\Application Data\Apple Computer
O43 - CFD: 24/10/2014 - [] D -- C:\Documents and Settings\All Users\Application Data\AVAST Software
O43 - CFD: 28/02/2016 - [] D -- C:\Documents and Settings\All Users\Application Data\Browser =>PUP.Optional.SpeedBrowser
O43 - CFD: 24/10/2014 - [] D -- C:\Documents and Settings\All Users\Application Data\F-Secure
O43 - CFD: 03/04/2008 - [] D -- C:\Documents and Settings\All Users\Applicat
Je cherche à supprimer sur un pc le virus Cryptowall et tant qu'à faire récupérer tous les fichiers "cryptés".
1) J'ai réalisé un CCleaner + Malwarebyte avec mise en quarantaine. Je ne pense avoir supprimé Cryptowall et les fichiers (photos, documents,...) sont toujours illisibles.
2) Je vous fais suivre le rapport ZHDiag pour vérif :
~ ZHPDiag v2016.1.31.23 Par Nicolas Coolman (2016/01/30)
~ Démarré par HP_Administrateur (Administrator) (2016/02/28 12:23:25)
~ Site: https://nicolascoolman.eu
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Etat de la version: Pas de fichier réseau
~ Mode: Scanner
~ Rapport: C:\Documents and Settings\HP_Administrateur\Bureau\ZHPDiag.txt
~ Rapport: C:\Documents and Settings\HP_Administrateur\Application Data\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ Démarrage du système: Normal (Normal boot)
Windows XP, 32-bit Service Pack 3 (Build 2600)
---\\ Navigateurs Internet (2) - 0s
GCIE: Google Chrome v48.0.2564.116
MSIE: Internet Explorer v8.0.6001.18702
---\\ Informations sur les produits Windows (3) - 0s
Windows Automatic Updates : KO
Windows Activation Technologies : KO
Windows Genuine Advantage : KO
---\\ Logiciels de protection (1) - 4s
Malwarebytes Anti-Malware version 2.1.8.1057
---\\ Logiciels d'optimisation (1) - 5s
CCleaner v5.15
---\\ Surveillance de Logiciels (2) - 5s
Adobe Flash Player 16 ActiveX
Adobe Reader 9.3
---\\ Informations sur le système (6) - 0s
~ Operating System: x86 Family 15 Model 6 Stepping 4, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 2095.5 MB (79% free)
System Restore: Désactivé (Disabled)
System drive C: has 166 GB () free of 231 GB
---\\ Mode de connexion au système (3) - 0s
~ Computer Name: CRAPULE
~ User Name: HP_Administrateur
~ Logged in as Administrator
---\\ Enumération des unités disques (4) - 0s
~ Drive C: has 166 GB free of 231 GB (System)
~ Drive D: has 0 GB free of 6 GB
~ Drive E: has GB free of 0 GB
~ Drive F: has 3 GB free of 7 GB
---\\ Etat du Centre de Sécurité Windows (9) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
---\\ Recherche particulière de fichiers génériques (23) - 0s
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - 14/04/2008 - (.Microsoft Corporation - Explorateur Windows.) -- C:\WINDOWS\Explorer.exe [1037824] =>.Microsoft Corporation
[MD5.93AD0B78C7357A05F50E594EC7C22300] - 14/04/2008 - (.Microsoft Corporation - Exécuter une DLL en tant qu'application.) -- C:\WINDOWS\System32\rundll32.exe [33792] =>.Microsoft Corporation
[MD5.E1948B1F45A176FB4A0251446A5AE86D] - 06/03/2014 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\WINDOWS\System32\wininet.dll [920064] =>.Microsoft Corporation
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - 14/04/2008 - (.Microsoft Corporation - Application d'ouverture de session Windows.) -- C:\WINDOWS\System32\Winlogon.exe [512000] =>.Microsoft Corporation
[MD5.D76A076ADB74F8132924E498D63123A2] - 03/03/2011 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\System32\dnsapi.dll [149504] =>.Microsoft Corporation
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - 17/08/2011 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [138496] =>.Microsoft Corporation
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - 13/04/2008 - (.Microsoft Corporation - IDE/ATAPI Port Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [96512] =>.Microsoft Corporation
[MD5.C885B02847F5D2FD45A24E219ED93B32] - 13/04/2008 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [63744] =>.Microsoft Corporation
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - 13/04/2008 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [62976] =>.Microsoft Corporation
[MD5.31F923EB2170FC172C81ABDA0045D18C] - 14/04/2008 - (.Microsoft Corporation - Pilote de cryptographie FIPS.) -- C:\WINDOWS\System32\drivers\Fips.sys [44672] =>.Microsoft Corporation
[MD5.573C7D0A32852B48F3058CFD8026F511] - 13/04/2008 - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - 14/04/2008 - (.Microsoft Corporation - Pilote de port i8042.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [54144] =>.Microsoft Corporation
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - 13/04/2008 - (.Microsoft Corporation - IMAPI Kernel Driver.) -- C:\WINDOWS\System32\drivers\Imapi.sys [42112] =>.Microsoft Corporation
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - 13/04/2008 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [152832] =>.Microsoft Corporation
[MD5.23C74D75E36E7158768DD63D92789A91] - 13/04/2008 - (.Microsoft Corporation - IPSec Driver.) -- C:\WINDOWS\System32\drivers\IPSec.sys [75264] =>.Microsoft Corporation
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - 15/07/2011 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [456320] =>.Microsoft Corporation
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - 13/04/2008 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [162816] =>.Microsoft Corporation
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - 13/04/2008 - (.Microsoft Corporation - NT File System Driver.) -- C:\WINDOWS\System32\drivers\ntfs.sys [574976] =>.Microsoft Corporation
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - 14/04/2008 - (.Microsoft Corporation - Pilote de port parallèle.) -- C:\WINDOWS\System32\drivers\Parport.sys [80384] =>.Microsoft Corporation
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - 13/04/2008 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [51328] =>.Microsoft Corporation
[MD5.15CABD0F7C00C47C70124907916AF3F1] - 13/04/2008 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [196224] =>.Microsoft Corporation
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - 14/04/2008 - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) -- C:\WINDOWS\System32\drivers\redbook.sys [58752] =>.Microsoft Corporation
[MD5.46DE1126684369BACE4849E4FC8C43CA] - 14/04/2008 - (.Microsoft Corporation - Pilote de cliché instantané du volume.) -- C:\WINDOWS\System32\drivers\volsnap.sys [53376] =>.Microsoft Corporation
---\\ Liste des services NT non Microsoft et non désactivés (10) - 1s
O23 - Service: Intel(R) Quick Resume technology (ELService) . (.Intel Corporation - .) - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe =>.Intel Corporation
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe =>.Intel Corporation
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe =>.Sun Microsystems, Inc.®
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - .) - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe =>.Hewlett-Packard Company
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
O23 - Service: NVIDIA Display Driver Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 91.32.) - C:\WINDOWS\system32\nvsvc32.exe =>.NVIDIA Corporation
O23 - Service: Orange update Core Service (Orange update Core Service) . (.Orange SA - Orange Upd@te.) - C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe =>.ORANGE®
O23 - Service: Reimage Real Time Protector (ReimageRealTimeProtector) . (.Reimage® - Reimage Real Time Protection.) - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe {42FA252C0EAB138AB118D98A1931718A} =>PUP.Optional.ReImageRepair
O23 - Service: WLSVC (WLSVC) . (. - WlanSvc.) - C:\Program Files\TRENDnet\TEW-648UBM\WLSVC.exe
---\\ Services non Microsoft (SR=Démarré,SS=Stoppé) (14) - 21s
SR - Auto [01/06/2006] [ 180224] Intel(R) Quick Resume technology (ELService) . (.Intel Corporation.) - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe =>.Intel Corporation
SS - Demand [03/03/2009] [ 33176] getPlus(R) Helper (getPlus(R) Helper) . (.NOS Microsystems Ltd..) - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe {034976D0066A8EA5B1AD813C3B89B656} =>.NOS Microsystems Ltd.
SS - Auto [30/08/2015] [ 144200] Service Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [30/08/2015] [ 144200] Service Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
SR - Auto [22/02/2006] [ 81920] Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe =>.Intel Corporation
SS - Demand [04/04/2005] [ 69632] InstallDriver Table Manager (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe =>.Macrovision Corporation
SR - Auto [28/08/2009] [ 152984] Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe =>.Sun Microsystems, Inc.®
SR - Auto [21/06/2006] [ 49152] LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe =>.Hewlett-Packard Company
SS - Auto [18/06/2015] [ 1133880] (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
SR - Auto [21/06/2006] [ 155715] NVIDIA Display Driver Service (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe =>.NVIDIA Corporation
SR - Auto [15/09/2014] [ 729608] Orange update Core Service (Orange update Core Service) . (.Orange SA.) - C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe =>.ORANGE®
SR - Auto [19/08/2015] [ 6324208] Reimage Real Time Protector (ReimageRealTimeProtector) . (.Reimage®.) - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe {42FA252C0EAB138AB118D98A1931718A} =>PUP.Optional.ReImageRepair
SS - Auto [11/02/2009] [ 167936] WLSVC (WLSVC) . (...) - C:\Program Files\TRENDnet\TEW-648UBM\WLSVC.exe
---\\ Processus lancés (16) - 2s
[MD5.BA523965D72D750FAD439EA51D633BAE] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe [81920] [PID.2040] =>.Intel Corporation
[MD5.32192B4EBE8720ED8D49A455C962CB91] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [152984] [PID.164] =>.Sun Microsystems, Inc.®
[MD5.5D4B38A8D8525356798F5E560C3A3090] - (.Hewlett-Packard Company - .) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [49152] [PID.200] =>.Hewlett-Packard Company
[MD5.4CF03AC8C052DC783A91B124651BCF1D] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 91.32.) -- C:\WINDOWS\system32\nvsvc32.exe [155715] [PID.512] =>.NVIDIA Corporation
[MD5.7E7E5B5501389308953ABB12D1F13CA3] - (.Orange SA - Orange Upd@te.) -- C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe [729608] [PID.524] =>.ORANGE®
[MD5.47B0091E1F412759E77F672064C16F17] - (.Reimage® - Reimage Real Time Protection.) -- C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [6324208] [PID.548] {42FA252C0EAB138AB118D98A1931718A} =>PUP.Optional.ReImageRepair
[MD5.B7F805AB96B759F4542594E2FC26CD0D] - (.Reimage® - Reimage System Protection.) -- C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe [5726696] [PID.756] {42FA252C0EAB138AB118D98A1931718A} =>PUP.Optional.ReImageRepair
[MD5.47FCF6628E1A221C41F3F0130FBF258E] - (.Intel Corporation - .) -- C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe [180224] [PID.1540] =>.Intel Corporation
[MD5.34D296AFC913E302953C70463EF09A48] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [96056] [PID.3144] =>.Hewlett-Packard Company®
[MD5.466CE40EAA865752F4930A472563E4E1] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760] [PID.3152] =>.Adobe Systems, Incorporated®
[MD5.9084AB2B397634E5F0FA4009DBE153C8] - (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [2382368] [PID.3212] =>.Hewlett Packard®
[MD5.C856B04ABD5A57CA688EF6CC2964DFBD] - (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe [6638296] [PID.3228] =>.Piriform Ltd®
[MD5.10F221B13764A3D4110B9C2A25A19DF1] - (.Copyright (C) 2010 - WlanCU MFC Application.) -- C:\Program Files\TRENDnet\TEW-648UBM\WlanCU.exe [368640] [PID.3320]
[MD5.9077C339575974669E38FBCB8C3D6A3A] - (.Orange SA - Orange Upd@te.) -- C:\Program Files\Orange\OrangeUpdate\Service\OUIndicator.exe [244232] [PID.1976] =>.ORANGE®
[MD5.FF9CE0FC9E3B4BC22001764A9EFE4741] - (.Nicolas Coolman - ZHPDiag.) -- C:\Documents and Settings\HP_Administrateur\Application Data\ZHP\ZHPDiag3.exe [2105344] [PID.2400] =>.Nicolas Coolman
[MD5.48099B7EDC91C9FEDFAD9CE73F1FC866] - (.Hewlett-Packard Co. - HPNetworkCommunicatorCom.) -- C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe [908320] [PID.2804] =>.Hewlett Packard®
---\\ Google Chrome, Démarrage,Recherche,Extensions (1) - 0s
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
---\\ Firefox, Plugins,Demarrage,Recherche,Extensions (5) - 1s
M1 - SPR:Search Page Redirection - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\Plugins\NPSWF32.dll =>.Adobe Systems Incorporated®
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\Plugins\WMP Firefox Plugin License.rtf
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\Plugins\WMP Firefox Plugin RelNotes.txt
P2 - FPN: [HKCU] [@adobe.com/FlashPlayer] - (.Adobe Systems Inc..) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll =>.Adobe Systems Inc.
---\\ Internet Explorer,Démarrage,Recherche,URLSearchHook (16) - 1s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = https://www.google.com/?gws_rd=ssl
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.google.com/?gws_rd=ssl
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
---\\ Internet Explorer,Proxy Management (5) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Internet Explorer,IniFiles, Autoloading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
---\\ Etude du fichier hosts (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (19)
---\\ Browser Helper Object de navigateur (BHO) (7) - 0s
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll =>.Adobe Systems, Incorporated®
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} (Orphean)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll =>.Microsoft Corporation®
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\ssv.dll =>.Sun Microsystems, Inc.®
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll =>.Sun Microsystems, Inc.
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll =>.Microsoft Corporation®
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll =>.Sun Microsystems, Inc.
---\\ Applications lancées au démarrage du système (17) - 1s
O4 - HKLM\..\Run: [ftutil2] . (.Microsoft Corporation - Exécuter une DLL en tant qu'application.) -- C:\WINDOWS\System32\rundll32.exe =>.Microsoft Corporation
O4 - HKLM\..\Run: [NvCplDaemon] . (.Microsoft Corporation - Exécuter une DLL en tant qu'application.) -- C:\WINDOWS\System32\RUNDLL32.EXE =>.Microsoft Corporation
O4 - HKLM\..\Run: [ALCMTR] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- C:\WINDOWS\ALCMTR.EXE =>.Realtek Semiconductor Corp.
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Computer, Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe =>.Apple Computer, Inc.
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Company®
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [configsys] . (...) -- C:\Documents and Settings\HP_Administrateur\Application Data\Windows\configsys.exe
O4 - HKCU\..\Run: [HP ENVY 4500 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe =>.Hewlett Packard®
O4 - HKCU\..\Run: [mediaux] . (.Microsoft Corporation - Exécuter une DLL en tant qu'application.) -- C:\WINDOWS\System32\rundll32.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd®
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3227581936-2605241884-3898558284-1007\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3227581936-2605241884-3898558284-1007\..\Run: [configsys] . (...) -- C:\Documents and Settings\HP_Administrateur\Application Data\Windows\configsys.exe
O4 - HKUS\S-1-5-21-3227581936-2605241884-3898558284-1007\..\Run: [HP ENVY 4500 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe =>.Hewlett Packard®
O4 - HKUS\S-1-5-21-3227581936-2605241884-3898558284-1007\..\Run: [mediaux] . (.Microsoft Corporation - Exécuter une DLL en tant qu'application.) -- C:\WINDOWS\System32\rundll32.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3227581936-2605241884-3898558284-1007\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd®
---\\ Raccourcis Global Startup (75) - 7s
O4 - GS\Desktop [Administrateur]: Amazon.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [Administrateur]: Facebook.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [Administrateur]: Hotmail.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [Administrateur]: Microsoft Excel.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\xlicons.exe
O4 - GS\Desktop [Administrateur]: Microsoft Outlook.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\outicon.exe
O4 - GS\Desktop [Administrateur]: Microsoft PowerPoint.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\pptico.exe
O4 - GS\Desktop [Administrateur]: Microsoft Word.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\wordicon.exe
O4 - GS\Desktop [Administrateur]: SyncBackFree.lnk . (.2BrightSparks Pte Ltd - SyncBackFree.) C:\Program Files\2BrightSparks\SyncBackFree\SyncBackFree.exe =>.2BrightSparks Pte Ltd®
O4 - GS\Desktop [Administrateur]: Wikipedia.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [Administrateur]: Wireless Configuration Utility.lnk . (.Copyright (C) 2010 - WlanCU MFC Application.) C:\Program Files\TRENDnet\TEW-648UBM\WlanCU.exe
O4 - GS\Desktop [Administrateur]: Youtube.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [Administrateur]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Documents and Settings\HP_Administrateur\Application Data\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrateur]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Desktop [HelpAssistant]: Amazon.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [HelpAssistant]: Facebook.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [HelpAssistant]: Hotmail.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [HelpAssistant]: Microsoft Excel.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\xlicons.exe
O4 - GS\Desktop [HelpAssistant]: Microsoft Outlook.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\outicon.exe
O4 - GS\Desktop [HelpAssistant]: Microsoft PowerPoint.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\pptico.exe
O4 - GS\Desktop [HelpAssistant]: Microsoft Word.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\wordicon.exe
O4 - GS\Desktop [HelpAssistant]: SyncBackFree.lnk . (.2BrightSparks Pte Ltd - SyncBackFree.) C:\Program Files\2BrightSparks\SyncBackFree\SyncBackFree.exe =>.2BrightSparks Pte Ltd®
O4 - GS\Desktop [HelpAssistant]: Wikipedia.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [HelpAssistant]: Wireless Configuration Utility.lnk . (.Copyright (C) 2010 - WlanCU MFC Application.) C:\Program Files\TRENDnet\TEW-648UBM\WlanCU.exe
O4 - GS\Desktop [HelpAssistant]: Youtube.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [HelpAssistant]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Documents and Settings\HP_Administrateur\Application Data\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [HelpAssistant]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Desktop [HP_Administrateur]: Amazon.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [HP_Administrateur]: Facebook.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [HP_Administrateur]: Hotmail.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [HP_Administrateur]: Microsoft Excel.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\xlicons.exe
O4 - GS\Desktop [HP_Administrateur]: Microsoft Outlook.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\outicon.exe
O4 - GS\Desktop [HP_Administrateur]: Microsoft PowerPoint.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\pptico.exe
O4 - GS\Desktop [HP_Administrateur]: Microsoft Word.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\wordicon.exe
O4 - GS\Desktop [HP_Administrateur]: SyncBackFree.lnk . (.2BrightSparks Pte Ltd - SyncBackFree.) C:\Program Files\2BrightSparks\SyncBackFree\SyncBackFree.exe =>.2BrightSparks Pte Ltd®
O4 - GS\Desktop [HP_Administrateur]: Wikipedia.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [HP_Administrateur]: Wireless Configuration Utility.lnk . (.Copyright (C) 2010 - WlanCU MFC Application.) C:\Program Files\TRENDnet\TEW-648UBM\WlanCU.exe
O4 - GS\Desktop [HP_Administrateur]: Youtube.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [HP_Administrateur]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Documents and Settings\HP_Administrateur\Application Data\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [HP_Administrateur]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Desktop [SUPPORT_388945a0]: Amazon.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [SUPPORT_388945a0]: Facebook.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [SUPPORT_388945a0]: Hotmail.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [SUPPORT_388945a0]: Microsoft Excel.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\xlicons.exe
O4 - GS\Desktop [SUPPORT_388945a0]: Microsoft Outlook.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\outicon.exe
O4 - GS\Desktop [SUPPORT_388945a0]: Microsoft PowerPoint.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\pptico.exe
O4 - GS\Desktop [SUPPORT_388945a0]: Microsoft Word.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\wordicon.exe
O4 - GS\Desktop [SUPPORT_388945a0]: SyncBackFree.lnk . (.2BrightSparks Pte Ltd - SyncBackFree.) C:\Program Files\2BrightSparks\SyncBackFree\SyncBackFree.exe =>.2BrightSparks Pte Ltd®
O4 - GS\Desktop [SUPPORT_388945a0]: Wikipedia.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [SUPPORT_388945a0]: Wireless Configuration Utility.lnk . (.Copyright (C) 2010 - WlanCU MFC Application.) C:\Program Files\TRENDnet\TEW-648UBM\WlanCU.exe
O4 - GS\Desktop [SUPPORT_388945a0]: Youtube.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [SUPPORT_388945a0]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Documents and Settings\HP_Administrateur\Application Data\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [SUPPORT_388945a0]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Desktop [SUPPORT_fddfa904]: Amazon.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [SUPPORT_fddfa904]: Facebook.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [SUPPORT_fddfa904]: Hotmail.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [SUPPORT_fddfa904]: Microsoft Excel.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\xlicons.exe
O4 - GS\Desktop [SUPPORT_fddfa904]: Microsoft Outlook.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\outicon.exe
O4 - GS\Desktop [SUPPORT_fddfa904]: Microsoft PowerPoint.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\pptico.exe
O4 - GS\Desktop [SUPPORT_fddfa904]: Microsoft Word.lnk . (...) C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\wordicon.exe
O4 - GS\Desktop [SUPPORT_fddfa904]: SyncBackFree.lnk . (.2BrightSparks Pte Ltd - SyncBackFree.) C:\Program Files\2BrightSparks\SyncBackFree\SyncBackFree.exe =>.2BrightSparks Pte Ltd®
O4 - GS\Desktop [SUPPORT_fddfa904]: Wikipedia.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [SUPPORT_fddfa904]: Wireless Configuration Utility.lnk . (.Copyright (C) 2010 - WlanCU MFC Application.) C:\Program Files\TRENDnet\TEW-648UBM\WlanCU.exe
O4 - GS\Desktop [SUPPORT_fddfa904]: Youtube.lnk . (...) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\BoBrowser\Application\bobrowser.exe =>PUP.Optional.BoBrowser
O4 - GS\Desktop [SUPPORT_fddfa904]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Documents and Settings\HP_Administrateur\Application Data\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [SUPPORT_fddfa904]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\CommonDesktop [Public]: Achat de consommables - HP ENVY 4500 series.lnk . (.Hewlett-Packard Co. - DesktopSureSupply.) C:\Program Files\HP\HP ENVY 4500 series\Bin\hpqDTSS.exe =>.Hewlett Packard®
O4 - GS\CommonDesktop [Public]: Adobe Reader 9.lnk . (.Adobe Systems Incorporated - Adobe Reader 9.3.) C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe =>.Adobe Systems, Incorporated®
O4 - GS\CommonDesktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd®
O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\CommonDesktop [Public]: HP ENVY 4500 series.lnk . (.Hewlett-Packard Co. - HP Printer Assistant.) C:\Program Files\HP\HP ENVY 4500 series\Bin\HP ENVY 4500 series.exe =>.Hewlett Packard®
O4 - GS\CommonDesktop [Public]: HP Photo Creations.lnk . (.Visan / RocketLife - PhotoProduct.exe.) C:\Program Files\HP Photo Creations\PhotoProduct.exe =>.Visan Industries®
O4 - GS\CommonDesktop [Public]: HP Print and Scan Doctor.lnk . (...) C:\Program Files\HP\Diagnostics\PSDR\HPPSDr.exe =>.Hewlett Packard®
O4 - GS\CommonDesktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe =>.Malwarebytes Corporation®
O4 - GS\CommonDesktop [Public]: PC Scan & Repair by Reimage.lnk . (.Reimage® - Reimage Downloader.) C:\Program Files\Reimage\Reimage Repair\ReimageRepair.exe {42FA252C0EAB138AB118D98A1931718A} =>PUP.Optional.ReImageRepair
O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player 2.1.0.) C:\Program Files\VideoLAN\VLC\vlc.exe =>.VideoLAN
---\\ Modification Domaine/Adresses DNS (3) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1CEDAE29-FA41-4AE6-BD3D-D3CBBA6A701C}: DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF54C4C8-2F6A-43AF-98B1-1FDEF213AC13}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1CEDAE29-FA41-4AE6-BD3D-D3CBBA6A701C}: DhcpDomain = americas.hpqcorp.net
---\\ Protocole additionnel (34) - 1s
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} . (.Microsoft Corporation - Microsoft SharePoint Portal Server Object M.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\PKMCDO.DLL =>.Microsoft Corporation
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\WINDOWS\system32\msvidctl.dll =>.Microsoft Corporation
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll =>.Microsoft Corporation®
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll =>.Microsoft Corporation
O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- c:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll =>.Microsoft Corporation
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll =>.Microsoft Corporation®
O18 - Handler: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} . (.Microsoft Corporation - Microsoft Office XP Web Components.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL =>.Microsoft Corporation®
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\WINDOWS\system32\msvidctl.dll =>.Microsoft Corporation
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll =>.Microsoft Corporation
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll =>.Microsoft Corporation®
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll =>.Microsoft Corporation
---\\ Logiciels installés (82) - 49s
O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {A80FA752-C491-4ED9-ABF0-4278563160B2} =>.Hewlett-Packard
O42 - Logiciel: Adobe Flash Player 16 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Reader 9.3 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-A93000000001} =>.Adobe Systems Incorporated
O42 - Logiciel: Amélioration de nos services - (.Hewlett-Packard.) [HKLM] -- {23012310-3E05-46A5-88A9-C6CBCABCAC79} =>.Hewlett-Packard
O42 - Logiciel: Amélioration de nos services - (.Hewlett-Packard.) [HKLM] -- InstallShield_{23012310-3E05-46A5-88A9-C6CBCABCAC79} =>.Hewlett-Packard
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner =>.Piriform Ltd®
O42 - Logiciel: Étude pour l'amélioration du produit HP ENVY 4500 series - (.Hewlett-Packard Co..) [HKLM] -- {150F0E5C-8D47-4E5A-BFA5-B984D0536E7D} =>.Hewlett-Packard Co.
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome =>.Google Inc®
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>.Google Inc.
O42 - Logiciel: High Definition Audio - KB888111 - (.Microsoft Corporation.) [HKLM] -- KB888111WXPSP2 =>.Microsoft Corporation®
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399 =>.Microsoft Corporation®
O42 - Logiciel: Hotfix for Windows Media Player 10 (KB903157) - (.Microsoft Corporation.) [HKLM] -- KB903157 =>.Microsoft Corporation
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5 =>.Microsoft Corporation
O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5 =>.Microsoft Corporation
O42 - Logiciel: HP ENVY 4500 series Aide - (.Hewlett Packard.) [HKLM] -- {BAF28CCD-121D-4C6C-B29D-4F7B51B2D1B4} =>.Hewlett Packard
O42 - Logiciel: HP FWUpdateEDO2 - (.Hewlett-Packard.) [HKLM] -- {415FA9AD-DA10-4ABE-97B6-5051D4795C90} =>.Hewlett-Packard
O42 - Logiciel: HP Photo Creations - (.HP.) [HKLM] -- HP Photo Creations =>.Visan Industries®
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {912D30CF-F39E-4B31-AD9A-123C6B794EE2} =>.Hewlett-Packard
O42 - Logiciel: HPDiagnosticAlert - (.Microsoft.) [HKLM] -- {B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D} =>.Microsoft
O42 - Logiciel: HPPhotoSmartExpress - (.Hewlett-Packard.) [HKLM] -- {2376813B-2E5A-4641-B7B3-A0D5ADB55229} =>.Hewlett-Packard
O42 - Logiciel: HpSdpAppCoreApp - (.Hewlett-Packard.) [HKLM] -- {DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38} =>.Hewlett-Packard
O42 - Logiciel: Intel(R) Matrix Storage Manager - (...) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Intel(R) PRO Network Connections Drivers - (...) [HKLM] -- PROSet
O42 - Logiciel: Intel(R) Quick Resume Technology Drivers - (...) [HKLM] -- EL
O42 - Logiciel: Interface Bureau Libre Free-EOS - (.Free-EOS.) [HKLM] -- BureauLibreFree-EOS
O42 - Logiciel: Java(TM) 6 Update 11 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216011FF} =>.Sun Microsystems, Inc.
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5} =>.Microsoft Corporation
O42 - Logiciel: Lecteur Windows Media 11 - (...) [HKLM] -- Windows Media Player
O42 - Logiciel: LightScribe 1.4.105.1 - (.Nom de votre société.) [HKLM] -- {9F7AF7CD-E3D0-4C68-A3BA-C76C359B3AA8}
O42 - Logiciel: Logiciel de base du périphérique HP ENVY 4500 series - (.Hewlett-Packard Co..) [HKLM] -- {6CA3B3FF-4009-48CF-8C27-43B815B03A59} =>.Hewlett-Packard Co.
O42 - Logiciel: Logitech Desktop Messenger - (...) [HKLM] -- {900B1197-53F5-4F46-A882-2CFFFE2EEDCB}
O42 - Logiciel: Malwarebytes Anti-Malware version 2.1.8.1057 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes Anti-Malware_is1 =>.Malwarebytes Corporation
O42 - Logiciel: Microsoft Application Error Reporting - (.Microsoft Corporation.) [HKLM] -- {95120000-00B9-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1 =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {06E6E30D-B498-442F-A943-07DE41D7F785} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB} =>.Microsoft Corporation
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000 =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {A059DE09-1B49-4450-B340-7AE097EC3F04} =>.Microsoft Corporation
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94} =>.Microsoft
O42 - Logiciel: MSXML 4.0 SP2 (KB927978) - (.Microsoft Corporation.) [HKLM] -- {37477865-A3F1-4772-AD43-AAFC6BCFF99F} =>.Microsoft Corporation
O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM] -- {C04E32E0-0416-434D-AFB9-6969D703A9EF} =>.Microsoft Corporation
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} =>.Microsoft Corporation
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} =>.Microsoft Corporation
O42 - Logiciel: MSXML 6 Service Pack 2 (KB973686) - (.Microsoft Corporation.) [HKLM] -- {56EA8BC0-3751-4B93-BC9D-6651CC36E5AA} =>.Microsoft Corporation
O42 - Logiciel: Notification Mail - (.Orange.) [HKLM] -- MailNotifier {7CB1C41913EE8051B715CF4B1F2E67DB} =>.Orange
O42 - Logiciel: NVIDIA Drivers - (...) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: PCI SoftV92 Modem - (...) [HKLM] -- CNXT_MODEM_PCI_VEN_14F1&DEV_2F30&SUBSYS_205514F1
O42 - Logiciel: QuickTime - (.Apple Computer, Inc..) [HKLM] -- {4E5E22C2-1386-47AE-8EDE-32DDCDCD6653} =>.Apple Computer, Inc.
O42 - Logiciel: QuickTime - (.Apple Computer, Inc..) [HKLM] -- InstallShield_{4E5E22C2-1386-47AE-8EDE-32DDCDCD6653} =>.Apple Computer, Inc.
O42 - Logiciel: Realtek High Definition Audio Driver - (...) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Reimage Repair - (.Reimage.) [HKLM] -- Reimage Repair {42FA252C0EAB138AB118D98A1931718A} =>PUP.Optional.ReImageRepair
O42 - Logiciel: Samsung Media Studio - (.Samsung.) [HKLM] -- {C20CE592-B0F8-4D20-BF31-0151CA6331A6} =>.Samsung
O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {EBA29752-DDD2-4B62-B2E3-9841F92A3E3A} =>.Samsung Electronics Co., Ltd.
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} =>.Microsoft Corporation
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906 =>.Microsoft Corporation
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} =>.Microsoft Corp
O42 - Logiciel: Sonic RecordNow Audio - (.Sonic Solutions.) [HKLM] -- {AB708C9B-97C8-4AC9-899B-DBF226AC9382} =>.Sonic Solutions
O42 - Logiciel: Sonic RecordNow Copy - (.Sonic Solutions.) [HKLM] -- {B12665F4-4E93-4AB4-B7FC-37053B524629} =>.Sonic Solutions
O42 - Logiciel: Sonic RecordNow Data - (.Sonic Solutions.) [HKLM] -- {075473F5-846A-448B-BCB3-104AA1760205} =>.Sonic Solutions
O42 - Logiciel: Sonic Update Manager - (.Sonic Solutions.) [HKLM] -- {30465B6C-B53F-49A1-9EBA-A3F187AD502E} =>.Sonic Solutions
O42 - Logiciel: Sony USB Driver - (.Sony Corporation.) [HKLM] -- {5C29CB8B-AC1E-4114-8D68-9CD080140D4A} =>.Sony Corporation
O42 - Logiciel: SyncBackFree - (.2BrightSparks.) [HKLM] -- SyncBackFree_is1 =>.2BrightSparks Pte Ltd®
O42 - Logiciel: TRENDnet TEW-648UBM Wireless N USB Adapter - (.TRENDnet.) [HKLM] -- {C5D706E3-BF18-4106-B02E-F55A7F22DDEE} =>.Macrovision Corporation®
O42 - Logiciel: Unload - (.Hewlett-Packard.) [HKLM] -- {8CE4E6E9-9D55-43FB-9DDB-688C976BFC05} =>.Hewlett-Packard
O42 - Logiciel: VLC media player 2.1.0 - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: WebFldrs XP - (.Microsoft Corporation.) [HKLM] -- {350C940c-3D7C-4EE8-BAA9-00BCB3D54227} =>.Microsoft Corporation
O42 - Logiciel: Windows Imaging Component - (.Microsoft Corporation.) [HKLM] -- WIC =>.Microsoft Corporation®
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8 =>.Microsoft Corporation®
O42 - Logiciel: Windows Media Format 11 runtime - (...) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11 =>.Microsoft Corporation®
O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11 =>.Microsoft Corporation®
O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} =>.Microsoft Corp
O42 - Logiciel: Windows XP Media Center Edition 2005 KB2502898 - (.Microsoft Corporation.) [HKLM] -- KB2502898 =>.Microsoft Corporation®
O42 - Logiciel: Windows XP Media Center Edition 2005 KB2619340 - (.Microsoft Corporation.) [HKLM] -- KB2619340 =>.Microsoft Corporation®
O42 - Logiciel: Windows XP Media Center Edition 2005 KB2628259 - (.Microsoft Corporation.) [HKLM] -- KB2628259 =>.Microsoft Corporation®
O42 - Logiciel: Windows XP Media Center Edition 2005 KB925766 - (.Microsoft Corporation.) [HKLM] -- KB925766 =>.Microsoft Corporation®
O42 - Logiciel: Windows XP Media Center Edition 2005 KB973768 - (.Microsoft Corporation.) [HKLM] -- KB973768 =>.Microsoft Corporation®
O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service =>.Microsoft Corporation®
---\\ HKCU & HKLM Software Keys (139) - 49s
HKLM\SOFTWARE\2BrightSparks
HKLM\SOFTWARE\58f
HKLM\SOFTWARE\8ec
HKLM\SOFTWARE\Aawp
HKLM\SOFTWARE\Adobe
HKLM\SOFTWARE\AdwCleaner
HKLM\SOFTWARE\Apple Computer, Inc.
HKLM\SOFTWARE\Awtp
HKLM\SOFTWARE\BackWeb
HKLM\SOFTWARE\C07ft5Y
HKLM\SOFTWARE\cameo
HKLM\SOFTWARE\CDDB
HKLM\SOFTWARE\Clara =>PUP.Optional.SupTab
HKLM\SOFTWARE\CXT
HKLM\SOFTWARE\CyberLink
HKLM\SOFTWARE\Data Fellows
HKLM\SOFTWARE\Debug
HKLM\SOFTWARE\DivXNetworks
HKLM\SOFTWARE\Electronic Arts
HKLM\SOFTWARE\Eset
HKLM\SOFTWARE\F-Secure
HKLM\SOFTWARE\FRANCE TELECOM
HKLM\SOFTWARE\FullCircle
HKLM\SOFTWARE\Gemplus
HKLM\SOFTWARE\Google
HKLM\SOFTWARE\Hewlett-Packard
HKLM\SOFTWARE\HP
HKLM\SOFTWARE\HPQ
HKLM\SOFTWARE\I.R.I.S.
HKLM\SOFTWARE\Infogrames Interactive
HKLM\SOFTWARE\InstallShield
HKLM\SOFTWARE\Intel
HKLM\SOFTWARE\JavaSoft
HKLM\SOFTWARE\LightScribe
HKLM\SOFTWARE\Logitech
HKLM\SOFTWARE\Macromedia
HKLM\SOFTWARE\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\MarkAny
HKLM\SOFTWARE\MDC
HKLM\SOFTWARE\Mozilla
HKLM\SOFTWARE\mozilla.org
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\MusicNet
HKLM\SOFTWARE\muvee Technologies
HKLM\SOFTWARE\NOS
HKLM\SOFTWARE\NVIDIA Corporation
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\Orange
HKLM\SOFTWARE\Piriform
HKLM\SOFTWARE\Program Groups
HKLM\SOFTWARE\Python
HKLM\SOFTWARE\RealNetworks
HKLM\SOFTWARE\Realtek
HKLM\SOFTWARE\Reg
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\Reimage =>PUP.Optional.ReImageRepair
HKLM\SOFTWARE\RocketLife
HKLM\SOFTWARE\RtWLan
HKLM\SOFTWARE\Safer Networking Limited
HKLM\SOFTWARE\Samsung
HKLM\SOFTWARE\Samsung Electronics Co., Ltd.
HKLM\SOFTWARE\Schlumberger
HKLM\SOFTWARE\Secure
HKLM\SOFTWARE\Sonic
HKLM\SOFTWARE\Sony Corporation
HKLM\SOFTWARE\SONY PVC
HKLM\SOFTWARE\SPPDCOM =>.Superfluous.PCSpeedUp
HKLM\SOFTWARE\Symantec
HKLM\SOFTWARE\TeamViewer
HKLM\SOFTWARE\The Silicon Realms Toolworks
HKLM\SOFTWARE\TRENDnet
HKLM\SOFTWARE\VideoLAN
HKLM\SOFTWARE\Visan
HKLM\SOFTWARE\webtogo
HKLM\SOFTWARE\Wilson WindowWare
HKLM\SOFTWARE\Windows
HKLM\SOFTWARE\Windows 3.1 Migration Status
HKLM\SOFTWARE\Wow6432Node
HKLM\SOFTWARE\Xing Technology Corp.
HKCU\SOFTWARE\2BrightSparks
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\ALWIL Software
HKCU\SOFTWARE\Anuman Interactive
HKCU\SOFTWARE\Aosu
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Aurigma
HKCU\SOFTWARE\BHO Lphant
HKCU\SOFTWARE\Bubble_Dock_FR
HKCU\SOFTWARE\CDDB
HKCU\SOFTWARE\Cyberlink
HKCU\SOFTWARE\F-Secure
HKCU\SOFTWARE\FotoWire
HKCU\SOFTWARE\FRANCE TELECOM
HKCU\SOFTWARE\Genesis Digital Innovations =>PUP.Optional.Genesis
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Hewlett-Packard
HKCU\SOFTWARE\HP
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\Iris
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\JEDI-VCL
HKCU\SOFTWARE\kde.org
HKCU\SOFTWARE\Lavasoft
HKCU\SOFTWARE\Leadertech
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\Local AppWizard-Generated Applications
HKCU\SOFTWARE\Logitech
HKCU\SOFTWARE\Lphant
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Magnet
HKCU\SOFTWARE\MainConcept
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\NVIDIA Corporation
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\RealNetworks
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\Reg
HKCU\SOFTWARE\Reimage =>PUP.Optional.ReImageRepair
HKCU\SOFTWARE\reimagerepair =>PUP.Optional.ReImageRepair
HKCU\SOFTWARE\Safer Networking Limited
HKCU\SOFTWARE\Sahu
HKCU\SOFTWARE\Samsung Media Studio
HKCU\SOFTWARE\SecuROM
HKCU\SOFTWARE\SmileboxInstall
HKCU\SOFTWARE\Software
HKCU\SOFTWARE\Sonic
HKCU\SOFTWARE\Sony Corporation
HKCU\SOFTWARE\TeamViewer
HKCU\SOFTWARE\TomTom
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\Visan
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
---\\ Contenu des dossiers Programmes (206) - 34s
O43 - CFD: 25/10/2014 - [] D -- C:\Program Files\2BrightSparks =>.2BrightSparks Pte Ltd®
O43 - CFD: 17/01/2015 - [] D -- C:\Program Files\Adobe =>.Adobe Systems, Incorporated®
O43 - CFD: 04/04/2010 - [] D -- C:\Program Files\Alwil Software
O43 - CFD: 21/04/2007 - [] D -- C:\Program Files\Astrologie & Devenir
O43 - CFD: 17/02/2007 - [] D -- C:\Program Files\ATLAS
O43 - CFD: 28/02/2016 - [] D -- C:\Program Files\CCleaner =>.Piriform Ltd®
O43 - CFD: 12/11/2005 - [0] D -- C:\Program Files\ComPlus Applications
O43 - CFD: 22/12/2006 - [] D -- C:\Program Files\CONEXANT
O43 - CFD: 23/12/2006 - [] D -- C:\Program Files\directx
O43 - CFD: 24/10/2014 - [0] D -- C:\Program Files\DivX
O43 - CFD: 02/01/2006 - [] D -- C:\Program Files\EasyBits
O43 - CFD: 24/10/2014 - [] D -- C:\Program Files\eMule
O43 - CFD: 28/02/2016 - [] D -- C:\Program Files\Fichiers communs =>.Microsoft Corporation®
O43 - CFD: 23/12/2006 - [] D -- C:\Program Files\GameSpy Arcade
O43 - CFD: 24/10/2014 - [0] D -- C:\Program Files\GemMasterFrench
O43 - CFD: 24/10/2014 - [] D -- C:\Program Files\Google =>.Google Inc®
O43 - CFD: 18/04/2007 - [] D -- C:\Program Files\Hasbro Interactive
O43 - CFD: 02/11/2014 - [] D -- C:\Program Files\Hewlett-Packard =>.Hewlett-Packard Company®
O43 - CFD: 03/01/2015 - [] D -- C:\Program Files\HP
O43 - CFD: 02/11/2014 - [] D -- C:\Program Files\HP Photo Creations =>.Visan Industries®
O43 - CFD: 24/10/2014 - [] HD -- C:\Program Files\InstallShield Installation Information
O43 - CFD: 02/01/2006 - [] D -- C:\Program Files\Intel
O43 - CFD: 28/10/2014 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 28/08/2009 - [] D -- C:\Program Files\Java =>.Sun Microsystems, Inc.®
O43 - CFD: 03/02/2007 - [] D -- C:\Program Files\KONAMI
O43 - CFD: 11/10/2007 - [] D -- C:\Program Files\Laureats
O43 - CFD: 24/10/2014 - [] D -- C:\Program Files\Logitech
O43 - CFD: 28/02/2016 - [] D -- C:\Program Files\Malwarebytes Anti-Malware =>.Malwarebytes Corporation®
O43 - CFD: 12/02/2010 - [] D -- C:\Program Files\MarkAny
O43 - CFD: 24/10/2014 - [] D -- C:\Program Files\Messenger
O43 - CFD: 28/10/2014 - [] D -- C:\Program Files\Microsoft =>.Microsoft Corporation®
O43 - CFD: 07/08/2007 - [] D -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
O43 - CFD: 15/11/2005 - [] D -- C:\Program Files\microsoft frontpage
O43 - CFD: 25/12/2006 - [] D -- C:\Program Files\Microsoft Office =>.Microsoft Corporation®
O43 - CFD: 28/02/2016 - [] D -- C:\Program Files\Microsoft Security
O43 - CFD: 28/10/2014 - [] D -- C:\Program Files\Microsoft Silverlight =>.Microsoft Corporation®
O43 - CFD: 28/10/2009 - [] D -- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 28/10/2009 - [] D -- C:\Program Files\Microsoft Sync Framework
O43 - CFD: 02/01/2006 - [] D -- C:\Program Files\Microsoft Works
O43 - CFD: 18/04/2007 - [] D -- C:\Program Files\Mindscape
O43 - CFD: 28/10/2014 - [] D -- C:\Program Files\Movie Maker
O43 - CFD: 02/01/2016 - [] D -- C:\Program Files\Mozilla Firefox
O43 - CFD: 29/10/2009 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 27/02/2007 - [] D -- C:\Program Files\MSN
O43 - CFD: 15/11/2005 - [] D -- C:\Program Files\MSN Gaming Zone
O43 - CFD: 24/10/2014 - [] D -- C:\Program Files\MSNFix
O43 - CFD: 11/01/2007 - [0] D -- C:\Program Files\MSXML 4.0
O43 - CFD: 29/10/2009 - [] D -- C:\Program Files\MSXML 6.0
O43 - CFD: 19/02/2008 - [] D -- C:\Program Files\muvee Technologies
O43 - CFD: 24/10/2014 - [] D -- C:\Program Files\NetMeeting
O43 - CFD: 27/04/2009 - [] D -- C:\Program Files\NOS {034976D0066A8EA5B1AD813C3B89B656}
O43 - CFD: 15/11/2005 - [] D -- C:\Program Files\Online Services
O43 - CFD: 28/10/2014 - [] D -- C:\Program Files\Orange =>.ORANGE®
O43 - CFD: 24/10/2014 - [] D -- C:\Program Files\Outlook Express
O43 - CFD: 22/12/2006 - [] D -- C:\Program Files\QuickTime
O43 - CFD: 02/01/2006 - [] D -- C:\Program Files\Real
O43 - CFD: 29/10/2009 - [] D -- C:\Program Files\Reference Assemblies
O43 - CFD: 23/03/2008 - [] D -- C:\Program Files\RegCleaner
O43 - CFD: 23/01/2016 - [] D -- C:\Program Files\Reimage {42FA252C0EAB138AB118D98A1931718A} =>PUP.Optional.ReImageRepair
O43 - CFD: 24/10/2014 - [] D -- C:\Program Files\Samsung
O43 - CFD: 02/01/2011 - [] D -- C:\Program Files\Securitoo
O43 - CFD: 02/01/2006 - [] D -- C:\Program Files\Services en ligne
O43 - CFD: 24/10/2014 - [] D -- C:\Program Files\Software =>PUP.Optional.Boxore
O43 - CFD: 28/10/2009 - [] D -- C:\Program Files\Sonic
O43 - CFD: 18/07/2007 - [] D -- C:\Program Files\Sony
O43 - CFD: 25/10/2014 - [] D -- C:\Program Files\Spybot - Search & Destroy 2 =>.Safer Networking Ltd.®
O43 - CFD: 15/03/2008 - [] D -- C:\Program Files\Trend Micro
O43 - CFD: 17/12/2012 - [] D -- C:\Program Files\TRENDnet
O43 - CFD: 07/05/2008 - [] HD -- C:\Program Files\Uninstall Information
O43 - CFD: 11/12/2007 - [] D -- C:\Program Files\VideoLAN
O43 - CFD: 12/02/2010 - [] D -- C:\Program Files\Wanadoo
O43 - CFD: 28/10/2009 - [] D -- C:\Program Files\Windows Live =>.Microsoft Corporation®
O43 - CFD: 06/08/2007 - [] D -- C:\Program Files\Windows Live Toolbar
O43 - CFD: 16/01/2010 - [] D -- C:\Program Files\Windows Media Connect 2
O43 - CFD: 17/01/2010 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 24/10/2014 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 15/11/2005 - [] D -- C:\Program Files\Windows Plus
O43 - CFD: 12/11/2005 - [0] HD -- C:\Program Files\WindowsUpdate
O43 - CFD: 15/11/2005 - [] D -- C:\Program Files\xerox
O43 - CFD: 28/10/2014 - [] D -- C:\Program Files\ZHPDiag
O43 - CFD: 28/02/2016 - [] D -- C:\Program Files\ZHPFix
O43 - CFD: 25/10/2014 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\2BrightSparks
O43 - CFD: 24/10/2014 - [] RD -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires
O43 - CFD: 28/10/2014 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
O43 - CFD: 02/11/2014 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HP
O43 - CFD: 02/01/2006 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Intel(R) Matrix Storage Manager
O43 - CFD: 04/11/2008 - [] RD -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Jeux
O43 - CFD: 02/01/2006 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\LightScribe Direct Disc Labeling
O43 - CFD: 24/10/2014 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Logitech
O43 - CFD: 28/02/2016 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes Anti-Malware
O43 - CFD: 28/10/2014 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Office Live Add-in
O43 - CFD: 28/10/2014 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Silverlight
O43 - CFD: 20/12/2015 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Orange
O43 - CFD: 01/02/2006 - [] RD -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils d'administration
O43 - CFD: 24/10/2014 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils et Aide
O43 - CFD: 10/01/2015 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils Microsoft Office
O43 - CFD: 22/12/2006 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\QuickTime
O43 - CFD: 23/01/2016 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Reimage Repair =>PUP.Optional.ReImageRepair
O43 - CFD: 28/10/2009 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Sonic
O43 - CFD: 17/12/2012 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\TRENDnet
O43 - CFD: 02/10/2014 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN
O43 - CFD: 03/01/2016 - [] D -- C:\Documents and Settings\All Users\Application Data\3A29F
O43 - CFD: 18/01/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\Adobe
O43 - CFD: 24/10/2014 - [0] D -- C:\Documents and Settings\All Users\Application Data\Alwil Software
O43 - CFD: 22/12/2006 - [] D -- C:\Documents and Settings\All Users\Application Data\Apple Computer
O43 - CFD: 24/10/2014 - [] D -- C:\Documents and Settings\All Users\Application Data\AVAST Software
O43 - CFD: 28/02/2016 - [] D -- C:\Documents and Settings\All Users\Application Data\Browser =>PUP.Optional.SpeedBrowser
O43 - CFD: 24/10/2014 - [] D -- C:\Documents and Settings\All Users\Application Data\F-Secure
O43 - CFD: 03/04/2008 - [] D -- C:\Documents and Settings\All Users\Applicat
A voir également:
- Comment supprimer le virus Cryptowall?
- Comment supprimer une page sur word - Guide
- Supprimer compte instagram - Guide
- Comment supprimer fausse alerte virus mcafee - Accueil - Piratage
- Supprimer pub youtube - Accueil - Streaming
- Fichier impossible à supprimer - Guide
1 réponse
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 666
28 févr. 2016 à 14:24
28 févr. 2016 à 14:24
Salut,
Windows a été infecté par un ransomware / rançongiciel chiffreur de fichiers. Ces rançongiciels s'attrapent essentiellement par l'ouverture d'une pièce jointe malicieuse dans un e-mail ou par la visite d'une page internet piégée par des exploits WEB.
A l'heure actuelle, il n'y a pas vraiment de méthode pour récupérer les documents chiffrés. Si les données sont très importantes, les stocker temporairement à l'abri car peut-être qu'il y aura dans le futur une solution pour les récupérer.
Il faut d'abord vérifier qu'aucune menace ne soit encore active.
Par précaution, pense aussi à changer tous tes mots de passe.
1°) FRST
Suis le tutoriel FRST. ( prends le temps de lire attentivement - tout y est bien expliqué ).
Télécharge et lance le scan FRST, 3 rapports FRST seront générés :
Envoie ces 3 rapports sur le site http://pjjoint.malekal.com/ et en retour donne les 3 liens pjjoint qui mènent aux rapports ici dans une nouvelle réponse afin que l'on puisse les consulter.
Windows a été infecté par un ransomware / rançongiciel chiffreur de fichiers. Ces rançongiciels s'attrapent essentiellement par l'ouverture d'une pièce jointe malicieuse dans un e-mail ou par la visite d'une page internet piégée par des exploits WEB.
A l'heure actuelle, il n'y a pas vraiment de méthode pour récupérer les documents chiffrés. Si les données sont très importantes, les stocker temporairement à l'abri car peut-être qu'il y aura dans le futur une solution pour les récupérer.
Il faut d'abord vérifier qu'aucune menace ne soit encore active.
Par précaution, pense aussi à changer tous tes mots de passe.
1°) FRST
Suis le tutoriel FRST. ( prends le temps de lire attentivement - tout y est bien expliqué ).
Télécharge et lance le scan FRST, 3 rapports FRST seront générés :
- FRST.txt
- Shortcut.txt
- Additionnal.txt
Envoie ces 3 rapports sur le site http://pjjoint.malekal.com/ et en retour donne les 3 liens pjjoint qui mènent aux rapports ici dans une nouvelle réponse afin que l'on puisse les consulter.