Sujet Précédent Sujet Suivant

Infecté par Optimizer Pro

Résolu/Fermé
alexiia65 - 9 juin 2013 à 14:10
billmaxime Messages postés 49931 Date d'inscription dimanche 20 novembre 2011 Statut Contributeur Dernière intervention 25 avril 2024 - 9 juin 2013 à 22:00
Bonjour,



Je suis infecté par Optimizer Pro depuis quelques temps et je sais pas comment m'en débarrasser ! Est ce que quelqu'un peut m'aider ?

Merci beaucoup
A voir également:

25 réponses

  • 1
  • 2
Réponse 1 / 25
billmaxime Messages postés 49931 Date d'inscription dimanche 20 novembre 2011 Statut Contributeur Dernière intervention 25 avril 2024 5 946
9 juin 2013 à 14:12
salut

pour ton problème, fait ceci

télécharge adwcleaner sur ton bureau (clique sur la flèche verte)

le lien https://toolslib.net

utlisateurs vista-w7-w8 exécuter en tant qu'administrateur (clic droit)

choisis le mode suppression

le rapport s'affichera sur ton bureau et dans C:\adw[S1].txt

poste le rapport via 1 copier/coller

@+

0
Réponse 2 / 25
alexiiia65 Messages postés 16 Date d'inscription dimanche 9 juin 2013 Statut Membre Dernière intervention 2 mai 2018
9 juin 2013 à 14:23
Oui merci, j'ai pas fait attention pour le doublon je sais pas comment le supprimer, voici le rapport ça a été long car l'ordi a redémarrer.



# AdwCleaner v2.303 - Rapport créé le 09/06/2013 à 14:17:24
# Mis à jour le 08/06/2013 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Alexia - ALEXIA-PC
# Mode de démarrage : Normal
# Exécuté depuis : C:\Users\Alexia\Downloads\adwcleaner.exe
# Option [Suppression]


***** [Services] *****

Arrêté & Supprimé : IBUpdaterService

***** [Fichiers / Dossiers] *****

Dossier Supprimé : C:\Program Files (x86)\Conduit
Dossier Supprimé : C:\Program Files (x86)\Nosibay
Dossier Supprimé : C:\Program Files (x86)\Optimizer Pro
Dossier Supprimé : C:\Program Files (x86)\Services x86
Dossier Supprimé : C:\Program Files (x86)\Software
Dossier Supprimé : C:\Program Files (x86)\SweetIM
Dossier Supprimé : C:\Program Files (x86)\sweetpacks bundle uninstaller
Dossier Supprimé : C:\Program Files (x86)\uTorrentBar_FR
Dossier Supprimé : C:\ProgramData\Babylon
Dossier Supprimé : C:\ProgramData\Browwsye2suave
Dossier Supprimé : C:\ProgramData\InstallMate
Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro
Dossier Supprimé : C:\ProgramData\SoftSafe
Dossier Supprimé : C:\ProgramData\SweetIM
Dossier Supprimé : C:\ProgramData\Tarma Installer
Dossier Supprimé : C:\Users\Alexia\AppData\Local\Conduit
Dossier Supprimé : C:\Users\Alexia\AppData\Local\EoRezo
Dossier Supprimé : C:\Users\Alexia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Dossier Supprimé : C:\Users\Alexia\AppData\Local\Google\Chrome\User Data\Default\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib
Dossier Supprimé : C:\Users\Alexia\AppData\Local\Temp\CT2851639
Dossier Supprimé : C:\Users\Alexia\AppData\LocalLow\BabylonToolbar
Dossier Supprimé : C:\Users\Alexia\AppData\LocalLow\Browwsye2suave
Dossier Supprimé : C:\Users\Alexia\AppData\LocalLow\Conduit
Dossier Supprimé : C:\Users\Alexia\AppData\LocalLow\Delta
Dossier Supprimé : C:\Users\Alexia\AppData\LocalLow\PriceGong
Dossier Supprimé : C:\Users\Alexia\AppData\LocalLow\uTorrentBar_FR
Dossier Supprimé : C:\Users\Alexia\AppData\Roaming\Babylon
Dossier Supprimé : C:\Users\Alexia\AppData\Roaming\DealPly
Dossier Supprimé : C:\Users\Alexia\AppData\Roaming\Mozilla\Firefox\Profiles\wnb8nmdm.default\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}
Dossier Supprimé : C:\Users\Alexia\AppData\Roaming\Mozilla\Firefox\Profiles\wnb8nmdm.default\extensions\217e8200-a3b3-43df-b951-8ec01d483d7f@b98c6809-1f3f-41a1-bb1c-692cf84781e9.com
Dossier Supprimé : C:\Users\Alexia\AppData\Roaming\Mozilla\Firefox\Profiles\wnb8nmdm.default\extensions\ffxtlbr@babylon.com
Dossier Supprimé : C:\Users\Alexia\AppData\Roaming\Mozilla\Firefox\Profiles\wnb8nmdm.default\extensions\pxk.rv@aaoy-wpvi.com
Dossier Supprimé : C:\Users\Alexia\AppData\Roaming\Nosibay
Dossier Supprimé : C:\Users\Alexia\AppData\Roaming\Optimizer Pro
Dossier Supprimé : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Dossier Supprimé : C:\Windows\SysWOW64\WNLT
Fichier Supprimé : C:\Users\Alexia\AppData\Roaming\Mozilla\Firefox\Profiles\wnb8nmdm.default\searchplugins\Babylon.xml
Fichier Supprimé : C:\Users\Alexia\AppData\Roaming\Mozilla\Firefox\Profiles\wnb8nmdm.default\searchplugins\babylon1.xml
Fichier Supprimé : C:\Users\Alexia\AppData\Roaming\Mozilla\Firefox\Profiles\wnb8nmdm.default\searchplugins\BrowserProtect.xml
Fichier Supprimé : C:\Users\Alexia\AppData\Roaming\Mozilla\Firefox\Profiles\wnb8nmdm.default\searchplugins\Conduit.xml
Fichier Supprimé : C:\Users\Alexia\AppData\Roaming\Mozilla\Firefox\Profiles\wnb8nmdm.default\searchplugins\delta.xml
Fichier Supprimé : C:\Users\Alexia\AppData\Roaming\Mozilla\Firefox\Profiles\wnb8nmdm.default\searchplugins\mngr.xml
Fichier Supprimé : C:\Users\Alexia\Desktop\Optimizer Pro.lnk
Supprimé au redémarrage : C:\Users\Alexia\AppData\Local\Google\Chrome\User Data\Default\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib

***** [Registre] *****

Clé Supprimée : HKCU\Software\AppDataLow\Software\Conduit
Clé Supprimée : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Clé Supprimée : HKCU\Software\AppDataLow\Software\Crossrider
Clé Supprimée : HKCU\Software\AppDataLow\Software\PriceGong
Clé Supprimée : HKCU\Software\AppDataLow\Software\Services x86
Clé Supprimée : HKCU\Software\AppDataLow\Software\SmartBar
Clé Supprimée : HKCU\Software\AppDataLow\Software\uTorrentBar_FR
Clé Supprimée : HKCU\Software\AppDataLow\SProtector
Clé Supprimée : HKCU\Software\AppDataLow\Toolbar
Clé Supprimée : HKCU\Software\BabSolution
Clé Supprimée : HKCU\Software\Conduit
Clé Supprimée : HKCU\Software\Cr_Installer
Clé Supprimée : HKCU\Software\DataMngr
Clé Supprimée : HKCU\Software\DataMngr_Toolbar
Clé Supprimée : HKCU\Software\Google\Chrome\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib
Clé Supprimée : HKCU\Software\IM
Clé Supprimée : HKCU\Software\ImInstaller
Clé Supprimée : HKCU\Software\InstallCore
Clé Supprimée : HKCU\Software\InstalledBrowserExtensions
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110211701196}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{23AF19F7-1D5B-442C-B14C-3D1081953C94}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{37F2111B-758B-91D5-A377-0A80B18938D5}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110211701196}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{23AF19F7-1D5B-442C-B14C-3D1081953C94}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{37F2111B-758B-91D5-A377-0A80B18938D5}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Clé Supprimée : HKCU\Software\Nosibay
Clé Supprimée : HKCU\Software\Optimizer Pro
Clé Supprimée : HKCU\Software\Tuto4PC
Clé Supprimée : HKCU\Software\Tutorials
Clé Supprimée : HKCU\Software\TutoTag
Clé Supprimée : HKCU\Software\uTorrentBar_FR
Clé Supprimée : HKCU\Software\WNLT
Clé Supprimée : HKCU\Software\d2dedab534b947
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clé Supprimée : HKLM\Software\Babylon
Clé Supprimée : HKLM\Software\Boxore
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Clé Supprimée : HKLM\SOFTWARE\Classes\CrossriderApp0027096.BHO
Clé Supprimée : HKLM\SOFTWARE\Classes\CrossriderApp0027096.BHO.1
Clé Supprimée : HKLM\SOFTWARE\Classes\CrossriderApp0027096.Sandbox
Clé Supprimée : HKLM\SOFTWARE\Classes\CrossriderApp0027096.Sandbox.1
Clé Supprimée : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Clé Supprimée : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Clé Supprimée : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Clé Supprimée : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Clé Supprimée : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Clé Supprimée : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Clé Supprimée : HKLM\SOFTWARE\Classes\Prod.cap
Clé Supprimée : HKLM\SOFTWARE\Classes\sim-packages
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2851639
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440244704496}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Clé Supprimée : HKLM\Software\Conduit
Clé Supprimée : HKLM\Software\DataMngr
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\boxore_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\boxore_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Giant Savings_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Giant Savings_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Giant Savings-InternalInstaller_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Giant Savings-InternalInstaller_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211701196}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D6533F74-218B-41BE-9D91-5BD471FECFFD}
Clé Supprimée : HKLM\Software\Services x86
Clé Supprimée : HKLM\Software\SP Global
Clé Supprimée : HKLM\Software\SProtector
Clé Supprimée : HKLM\Software\Tuto4PC
Clé Supprimée : HKLM\Software\uTorrentBar_FR
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110211701196}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220222702296}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{23AF19F7-1D5B-442C-B14C-3D1081953C94}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D6533F74-218B-41BE-9D91-5BD471FECFFD}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{55555555-5555-5555-5555-550255705596}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66666666-6666-6666-6666-660266706696}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\d2dedab534b947
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{351613B0-28C5-4004-80E2-239AA05A542F}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37FDD748-DD80-4A87-AFB0-A3A5D6A03AA1}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110211701196}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23AF19F7-1D5B-442C-B14C-3D1081953C94}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Services x86
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SweetIM Bundle by SweetPacks
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_FR Toolbar
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550255705596}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266706696}
Clé Supprimée : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}]
Valeur Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Bubble Dock]
Valeur Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [tuto4pc_fr_38]
Valeur Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}]
Valeur Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Valeur Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [Navigateurs] *****

-\\ Internet Explorer v9.0.8112.16455

Remplacé : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&CUI=UN15872313091402697&UM=1&ctid=CT2851639 --> hxxp://www.google.com
Remplacé : [HKCU\Software\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=FR&userid=dca77db8-5d8a-44d9-859b-9fec0448164c&searchtype=ds&q={searchTerms} --> hxxp://www.google.com
Remplacé : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=FR&userid=dca77db8-5d8a-44d9-859b-9fec0448164c&searchtype=ds&q={searchTerms} --> hxxp://www.google.com

-\\ Mozilla Firefox v [Impossible d'obtenir la version]

Fichier : C:\Users\Alexia\AppData\Roaming\Mozilla\Firefox\Profiles\wnb8nmdm.default\prefs.js

C:\Users\Alexia\AppData\Roaming\Mozilla\Firefox\Profiles\wnb8nmdm.default\user.js ... Supprimé !

Supprimée : user_pref("CT2851639.FF19Solved", "true");
Supprimée : user_pref("CT2851639.UserID", "UN14096592271977329");
Supprimée : user_pref("CT2851639.addressUrlXPETakeover", "true");
Supprimée : user_pref("CT2851639.autoDisableScopes", -1);
Supprimée : user_pref("CT2851639.browser.search.defaultthis.engineName", "true");
Supprimée : user_pref("CT2851639.defaultSearchXPETakeover", "true");
Supprimée : user_pref("CT2851639.installDate", "19/5/2013 17:14:02");
Supprimée : user_pref("CT2851639.installerVersion", "1.3.7.3");
Supprimée : user_pref("CT2851639.keyword", "true");
Supprimée : user_pref("CT2851639.smartbar.homepage", "true");
Supprimée : user_pref("CT2851639.startPageXPETakeover", "true");
Supprimée : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Supprimée : user_pref("browser.search.defaultthis.engineName", "uTorrentBar_FR Customized Web Search");
Supprimée : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&CUI[...]
Supprimée : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT2851639&CUI=UN140965922[...]
Supprimée : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]
Supprimée : user_pref("smartbar.originalHomepage", "about:home");
Supprimée : user_pref("smartbar.originalSearchAddressUrl", "");
Supprimée : user_pref("smartbar.originalSearchEngine", "");

-\\ Google Chrome v27.0.1453.110

Fichier : C:\Users\Alexia\AppData\Local\Google\Chrome\User Data\Default\Preferences

Supprimée [l.38] : icon_url = "hxxp://www.babylon.com/favicon.ico",
Supprimée [l.41] : keyword = "babylon.com",
Supprimée [l.45] : search_url = "hxxp://search.babylon.com/?q={searchTerms}&affID=119549&tl=280113_9107&tt=30051[...]
Supprimée [l.2377] : homepage = "hxxp://search.babylon.com/?affID=120518&tl=280113_9107&tt=030613_spct&babsrc=HP_ss_w[...]
Supprimée [l.3066] : urls_to_restore_on_startup = [ "hxxp://search.babylon.com/?affID=120518&tl=280113_9107&tt=030[...]

*************************

AdwCleaner[S1].txt - [22498 octets] - [25/11/2012 18:49:45]
AdwCleaner[S2].txt - [17689 octets] - [09/06/2013 14:17:24]

########## EOF - C:\AdwCleaner[S2].txt - [17750 octets] ##########
0
Réponse 3 / 25
billmaxime Messages postés 49931 Date d'inscription dimanche 20 novembre 2011 Statut Contributeur Dernière intervention 25 avril 2024 5 946
9 juin 2013 à 14:30
re

pour supprimer ton "doublon" clique sur la croix a coté de "signaler" en haut a droite

dans le message

relance adwcleaner et choisis désinstaller

ensuite fais ceci

télécharge zhpdiag sur ton bureau (outil de diagnostic)

le lien https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/

le tuto http://www.security-helpzone.com/forum/Thread-ZHPDiag-Generer-un-rapport

utilisateurs vista-w7-w8 exécuter en tant qu'administrateur (clic droit)

pour lancer le scan clique sur la loupe avec le + (2ème bouton en haut a gauche)

le rapport s'affichera sur ton bureau et dans C:\zhpdiag.txt

poste le rapport via ce lien https://www.cjoint.com/

@+

0
Réponse 4 / 25
alexiiia65 Messages postés 16 Date d'inscription dimanche 9 juin 2013 Statut Membre Dernière intervention 2 mai 2018
9 juin 2013 à 14:33
Je sais pas si c'est normal mais du coup j'ai plus l'icone de optimizer pro, ni sur le bureau ni dans mes programmes
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 25
billmaxime Messages postés 49931 Date d'inscription dimanche 20 novembre 2011 Statut Contributeur Dernière intervention 25 avril 2024 5 946
9 juin 2013 à 14:37
re

Je sais pas si c'est normal mais du coup j'ai plus l'icone de optimizer pro, ni sur le bureau ni dans mes programmes


oui c'est normal, adwcleaner l'a supprimé

Dossier Supprimé : C:\Program Files (x86)\Optimizer Pro

tu me fais le zhpdiag s'il te plaît

merci

@+
0
Réponse 6 / 25
alexiiia65 Messages postés 16 Date d'inscription dimanche 9 juin 2013 Statut Membre Dernière intervention 2 mai 2018
9 juin 2013 à 14:52
Rapport de ZHPDiag v2013.6.7.12 par Nicolas Coolman, Update du 07/06/2013
Run by Alexia at 09/06/2013 14:44:02
WebSite: https://nicolascoolman.webs.com/
State : Version à jour.
WhiteList : Enable
High Elevated Privileges : OK
UAC : Activate by user


---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421

---\\ Windows Product Information
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7QJB7
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Protection
avast! Free Antivirus v7.0.1466.0
Norton Internet Security v19.9.1.14
McAfee Security Scan Plus v3.0.318.3
Windows Defender W7

---\\ System Optimizer

---\\ Peer To Peer (P2P)
µTorrent v2.2.1 =>P2P.µTorrent

---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 9

---\\ System Information
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3932 MB (51% free)
System Restore: Activé (Enable)
System drive C: has 54 GB (12%) free of 448 GB

---\\ Logged in mode
~ Computer Name: ALEXIA-PC
~ User Name: Alexia
~ All Users Names: HomeGroupUser$, Alexia, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Alexia\AppData\Roaming\
~ %Desktop% : C:\Users\Alexia\Desktop\
~ %Favorites% : C:\Users\Alexia\Favorites\
~ %LocalAppData% : C:\Users\Alexia\AppData\Local\
~ %StartMenu% : C:\Users\Alexia\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 54 Go of 448 Go)
D:\ CD-ROM drive (Not Inserted)
Q:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 29 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.14/07/2011 - 06:30:29.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.A19DB004D954BBC9C4EC125711E1D1C2] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.08/10/2012 - 12:23:52.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.06/04/2012 - 09:32:06.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.14/07/2011 - 06:33:59.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/17
~ Mes musiques (My Musics) : 1/19
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/30
~ Mes Documents (My Documents) : 1/2766
~ Mon Bureau (My Desktop) : 1/554
~ Menu demarrer (Programs) : 1/28
~ Hidden Files: Scanned in 00mn 11s



---\\ Processus lancés
[MD5.1A7F10605F9672E101BFA27CAED210D5] - (.Dritek System Inc. - Launch Manager Worker.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe [343632] [PID.2084]
[MD5.0429FCA3CE38367C98B9EECFAA17B35A] - (.http://www.goforfiles.com/ - Go for Files Updater.) -- C:\Program Files (x86)\GoforFiles\GFFUpdater.exe [200336] [PID.2100] =>P2P.GoforFiles
[MD5.F2840DBFE9322F35557219AE82CC4597] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272] [PID.2676]
[MD5.BB7245420097B251D1271F5B6F0C9F02] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\Alexia\AppData\Roaming\uTorrent\uTorrent.exe [802136] [PID.3460] =>P2P.µTorrent
[MD5.BD713579A87D698E1F2158CE10E48130] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe [272248] [PID.3636]
[MD5.749949494676218FFA99501F4AA22ECC] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe [10376704] [PID.3888]
[MD5.47C1DE0A890613FFCFF1D67648EEDF90] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920] [PID.3920]
[MD5.FE668B0E3E87077A46FE77AFB0E27F9C] - (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe [1105488] [PID.3928]
[MD5.BAD0D303EF0A519409C625738F3E10A3] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4282728] [PID.3936]
[MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848] [PID.3944]
[MD5.4EE367B8B1964160A1F1B80095183D3A] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin [10368512] [PID.4024]
[MD5.4AFFDCAADCB1DBBFFAF06C7F82E7F6FC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776] [PID.4076]
[MD5.2F3390C8E3620B3991D7D82014E26AA7] - (.Google Inc. - Google Chrome.) -- C:\Users\Alexia\AppData\Local\Google\Chrome\Application\chrome.exe [825808] [PID.2528]
[MD5.0D28A18940E35EA867155657371BB6FE] - (.CyberLink - MediaEspresso DeviceDetector.) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [988456] [PID.4500]
[MD5.BA58BE8F544B058C160E7CCDB7A6EA72] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7472128] [PID.3276]
[MD5.04AC21E821F259845BD7367CEE057290] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44808] [PID.1336]
[MD5.11A52CF7B265631DEEB24C6149309EFF] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [64952] [PID.1612]
[MD5.A5299D04ED225D64CF07A568A3E1BF8C] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184] [PID.1632]
[MD5.C02FF01B821FBB72104132E56EC5B881] - (.Dritek System Inc. - Dritek WMI Service.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe [355920] [PID.1536]
[MD5.32096F187020A54D29C95B3A1467D963] - (.Acer Incorporated - Global Registration Service.) -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [28264] [PID.2260]
[MD5.D98B7ABBBB55FD3A4D9F7B8A7869FCBF] - (.Dritek System Inc. - Launch Manager utility process.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe [419408] [PID.2268]
[MD5.DBD76BC1D498FE368F2C8CB76C3E00A4] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560] [PID.2580]
[MD5.6BB516A31DE232DAB436FF3A117E1E80] - (.Acer Incorporated - Updater Service.) -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [255376] [PID.2640]
[MD5.C3CDDD18F43D44AB713CF8C4916F7696] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [219496] [PID.3012]
[MD5.13693B6354DD6E72DC5131DA7D764B90] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [508776] [PID.2424]
[MD5.72794D112CBAFF3BC0C29BF7350D4741] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822624] [PID.3664]
[MD5.545462D0DBE24AF379BA869B7C185CCD] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13592] [PID.3044]
[MD5.86E4CC39C953D11EF57CF54C4DC78238] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [277784] [PID.5272]
[MD5.13AA2130F2A104DD775EAD0F0EE5417B] - (.Nero AG - NeroUpdate.) -- C:\Program Files (x86)\Nero\Update\NASvc.exe [598312] [PID.5372]
[MD5.D80B1075B69B57A3AB78F750CE463ECE] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [363800] [PID.2612]
~ Processes Running: Scanned in 00mn 01s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Alexia\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://search.babylon.com =>Toolbar.Babylon
~ Google Browser: 8 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Alexia\AppData\Roaming\Mozilla\Firefox\Profiles\wnb8nmdm.default\prefs.js
M0 - MFSP: prefs.js [Alexia - wnb8nmdm.default] r_pref("browser.startup.homepage", );
~ Firefox Browser: 7 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe (.not file.)
O4 - HKLM\..\Run: [Power Management] . (.Acer Incorporated - ePowerTray.) -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
O4 - HKCU\..\Run: [ares] C:\Program Files (x86)\Ares\Ares.exe (.not file.)
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Alexia\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\Alexia\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Alexia\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.µTorrent
O4 - HKLM\..\Wow6432Node\Run: [Norton Online Backup] . (.Symantec Corporation - Norton Online Backup Service.) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Wow6432Node\Run: [LManager] . (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-4090331007-744543911-3614191107-1001\..\Run: [ares] C:\Program Files (x86)\Ares\Ares.exe (.not file.)
O4 - HKUS\S-1-5-21-4090331007-744543911-3614191107-1001\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Alexia\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-4090331007-744543911-3614191107-1001\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\Alexia\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-4090331007-744543911-3614191107-1001\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Alexia\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.µTorrent
~ Application: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\TaskBar: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\Alexia\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Welcome Center.lnk . (.Acer Incorporated - Welcome Center.) -- C:\Program Files (x86)\Packard Bell\Welcome Center\OEMWelcomeCenter.exe
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O4 - GS\Programs: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: monAlbumPhoto.lnk . (.monAlbumPhoto - monAlbumPhoto.) -- C:\Program Files (x86)\monAlbumPhoto\monAlbumphoto.exe
O4 - GS\QuickLaunch: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Alexia\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.µTorrent
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\Windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
O4 - GS\Desktop: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\Alexia\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop: Media Crawler.lnk . (...) -- C:\Program Files (x86)\Media Crawler\MediaCrawler.exe
O4 - GS\Desktop: Movies2iPhone.lnk . (...) -- C:\Program Files (x86)\Movies2iPhone\Movies2iPhone.exe
O4 - GS\Desktop: OpenOffice.org 3.4.1.lnk . (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
O4 - GS\Desktop: TopSharewares.lnk . (.TopSharewares - Pas de description.) -- C:\Program Files (x86)\TopSharewares\TopLaunch\topsharewares.exe
~ Global Startup: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{ADA8E176-9D97-4D2E-ACF3-261C6E7E70F1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{D85942BA-6320-419A-AFDB-3C21BC2666BC}: DhcpNameServer = 192.168.1.250
O17 - HKLM\System\CCS\Services\Tcpip\..\{D85942BA-6320-419A-AFDB-3C21BC2666BC}: DhcpDomain = PXE.ACER.COM
O17 - HKLM\System\CS1\Services\Tcpip\..\{ADA8E176-9D97-4D2E-ACF3-261C6E7E70F1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{D85942BA-6320-419A-AFDB-3C21BC2666BC}: DhcpNameServer = 192.168.1.250
O17 - HKLM\System\CS1\Services\Tcpip\..\{D85942BA-6320-419A-AFDB-3C21BC2666BC}: DhcpDomain = PXE.ACER.COM
O17 - HKLM\System\CS2\Services\Tcpip\..\{ADA8E176-9D97-4D2E-ACF3-261C6E7E70F1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{D85942BA-6320-419A-AFDB-3C21BC2666BC}: DhcpNameServer = 192.168.1.250
O17 - HKLM\System\CS2\Services\Tcpip\..\{D85942BA-6320-419A-AFDB-3C21BC2666BC}: DhcpDomain = PXE.ACER.COM
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Dealply.job [294] =>PUP.DealPly
[MD5.00000000000000000000000000000000] [APT] [Dealply] (...) -- C:\Users\Alexia\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>PUP.DealPly
[MD5.0429FCA3CE38367C98B9EECFAA17B35A] [APT] [Go for FilesUpdate] (.http://www.goforfiles.com/ -- C:\Program Files (x86)\GoforFiles\GFFUpdater.exe [200336] =>P2P.GoforFiles
~ Scheduled Task: 24 Legitimates Filtered in 00mn 04s



---\\ Logiciels installés (O42)
O42 - Logiciel: GoforFiles - (.http://www.goforfiles.com/ [HKCU][64Bits] -- GoforFiles =>P2P.GoforFiles
~ Logic: 148 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\ChrmTB]
[HKCU\Software\IncrediMail]
[HKCU\Software\Media Crawler Org.]
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\DomaIQ] =>Toolbar.DomaIQ
[HKLM\Software\WNLT] =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\GoforFiles] =>P2P.GoforFiles
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
~ Key Software: 208 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 29/01/2013 - 13:32:00 - [8,105] ----D C:\Program Files (x86)\GoforFiles =>P2P.GoforFiles
O43 - CFD: 03/06/2013 - 20:24:13 - [7,484] ----D C:\Program Files (x86)\Media Crawler
O43 - CFD: 03/06/2013 - 20:49:44 - [47,747] ----D C:\Program Files (x86)\TopSharewares
O43 - CFD: 29/01/2013 - 13:32:04 - [0,001] ----D C:\Users\Alexia\AppData\Roaming\GoforFiles =>P2P.GoforFiles
O43 - CFD: 08/10/2012 - 21:04:03 - [0,087] ----D C:\Users\Alexia\AppData\Local\Ares
~ 4 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 175 Legitimates Filtered in 00mn 41s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.56D0C60E3D3D4BD8D04E2E86A153F84B] - 08/06/2013 - 22:47:10 ---A- . (...) -- C:\Windows\IE9_main.log [234764]
O44 - LFC:[MD5.043275B0486E1704DDB37E9BFB82BA5E] - 05/06/2013 - 13:29:58 ---A- . (...) -- C:\Windows\wininit.ini [576]
O44 - LFC:[MD5.08E6745B20457ED6913D321EB0B35351] - 04/06/2013 - 23:24:53 ---A- . (...) -- C:\Windows\SysNative\dmwu.exe [1277744]
O44 - LFC:[MD5.695946F7F4CEEAF05394D763A45C6CC5] - 04/06/2013 - 23:24:53 ---A- . (.IncrediMail, Ltd. - IMHttpCo Dynamic Link Library.) -- C:\Windows\SysNative\ImHttpComm.dll [35328]
O44 - LFC:[MD5.08E6745B20457ED6913D321EB0B35351] - 04/06/2013 - 23:24:53 RSHAD . (...) -- C:\Windows\System32\dmwu.exe [1277744]
O44 - LFC:[MD5.695946F7F4CEEAF05394D763A45C6CC5] - 04/06/2013 - 23:24:53 RSHAD . (.IncrediMail, Ltd. - IMHttpCo Dynamic Link Library.) -- C:\Windows\System32\ImHttpComm.dll [35328]
~ Files: 20 Legitimates Filtered in 00mn 20s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.B3CF87E13C6DFCD8AFBB8EC1C31B86B6] - 03/06/2013 - 01:56:22 ---A- - C:\Windows\Prefetch\BROWSERPROTECT.EXE-FB038691.pf =>Hijacker.Eazel
O45 - LFCP:[MD5.6FF522D8B0FF553895A8638F7C253573] - 03/06/2013 - 19:22:42 ---A- - C:\Windows\Prefetch\BOOK.EXE-0F66772C.pf
O45 - LFCP:[MD5.7BDDEBD39BD31D52852E83C3BFCAE584] - 03/06/2013 - 19:23:00 ---A- - C:\Windows\Prefetch\QTRAXINSTALLER.EXE-4761AEDE.pf
O45 - LFCP:[MD5.09AA8619706C3CF0E890948310AA38D9] - 03/06/2013 - 19:23:15 ---A- - C:\Windows\Prefetch\DELTATB.EXE-DC0890A0.pf =>Toolbar.DeltaSearch
O45 - LFCP:[MD5.809422E990324B2DDBCDFFF7460ADF01] - 03/06/2013 - 19:23:17 ---A- - C:\Windows\Prefetch\SETUP-D502DD2B71B5.EXE-1A026CCC.pf
O45 - LFCP:[MD5.8EDE17A5E0E2A2F4D8684E953551F7D5] - 03/06/2013 - 19:23:19 ---A- - C:\Windows\Prefetch\SETUP-D502DD2B71B5-1014.EXE-7EE7A7AD.pf
O45 - LFCP:[MD5.A446BF6B87E2C60F09A25D9AB9522249] - 03/06/2013 - 19:23:24 ---A- - C:\Windows\Prefetch\DP.EXE-6B9B223C.pf
O45 - LFCP:[MD5.6524BECC689E6886215242BFB9D82EA4] - 03/06/2013 - 19:23:27 ---A- - C:\Windows\Prefetch\UNINST.EXE-3B5428EA.pf
O45 - LFCP:[MD5.3C252B02CBB1B0F151B309B620C6DEBB] - 03/06/2013 - 19:23:51 ---A- - C:\Windows\Prefetch\TUTO4PC_SETUP_FR.EXE-3D68059A.pf =>PUP.Eorezo
O45 - LFCP:[MD5.353BB33ED33598C5277468A56250FD03] - 03/06/2013 - 19:23:51 ---A- - C:\Windows\Prefetch\TUTO4PC_SETUP_FR.TMP-64D8DD57.pf =>PUP.Eorezo
O45 - LFCP:[MD5.C6D8CE6B8AF6612C20F77BBBE7432D5C] - 03/06/2013 - 19:23:56 ---A- - C:\Windows\Prefetch\MYBABYLONTB.EXE-8394C204.pf =>Toolbar.Babylon
O45 - LFCP:[MD5.B8F77E37988C80991385E4026ACC3EBD] - 03/06/2013 - 19:24:10 ---A- - C:\Windows\Prefetch\TUTO4PC_FR_38.EXE-EA2EF526.pf =>PUP.Eorezo
O45 - LFCP:[MD5.545A3E938516DB38DFC2B3CBD3FAB198] - 03/06/2013 - 19:24:10 ---A- - C:\Windows\Prefetch\WC-0490.EXE-5338A8EE.pf
O45 - LFCP:[MD5.1622303F3FA5A8BF110798E2BCB5A37C] - 03/06/2013 - 19:24:10 ---A- - C:\Windows\Prefetch\WC.EXE-F8FECB77.pf
O45 - LFCP:[MD5.A794698775474348E1DDBDD05C924AB2] - 03/06/2013 - 19:24:15 ---A- - C:\Windows\Prefetch\BBA1D3.EXE-B06DB153.pf
O45 - LFCP:[MD5.70DFAFA073CFFA2D9E08585B5DD2F26F] - 03/06/2013 - 19:54:11 ---A- - C:\Windows\Prefetch\DELTA4IE.EXE-FEE130F5.pf
O45 - LFCP:[MD5.6C50BB688E452F43327CB1B0AACFDC5D] - 03/06/2013 - 19:54:12 ---A- - C:\Windows\Prefetch\DELTA4FFX.EXE-6387AB03.pf
O45 - LFCP:[MD5.24D7A0E4A765F637DDB302574DDD7D9A] - 05/06/2013 - 14:03:43 ---A- - C:\Windows\Prefetch\UPT4PC_FR_38.EXE-78CD34E5.pf
O45 - LFCP:[MD5.97D1BA9298AF3DF1901BAB49A7C2D5BB] - 08/06/2013 - 20:07:44 ---A- - C:\Windows\Prefetch\PACKARD BELL.SCR-63E3B79C.pf
O45 - LFCP:[MD5.49659E4750509F46FDA812702938B1BA] - 08/06/2013 - 22:47:10 ---A- - C:\Windows\Prefetch\WU-IE9-WINDOWS7-X64.EXE-A3889E4B.pf
O45 - LFCP:[MD5.D3B882EB1AE98FA4852D060554C969DA] - 09/06/2013 - 12:17:28 ---A- - C:\Windows\Prefetch\MEDIACRAWLER.EXE-E10B580E.pf
O45 - LFCP:[MD5.33769D4F24ABB79D98BFD9811262448C] - 09/06/2013 - 12:21:46 ---A- - C:\Windows\Prefetch\DELTASRV.EXE-10108BB2.pf
O45 - LFCP:[MD5.3FA62DCB3ADD38DABB6782F3F4F972ED] - 09/06/2013 - 12:28:49 ---A- - C:\Windows\Prefetch\DEALPLYUPDATEVER.EXE-30F881A9.pf =>PUP.DealPly
~ Prefetcher: 141 Legitimates Filtered in 00mn 02s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
~ MWPS: 17 Legitimates Filtered in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:[MD5.B280C4608AC389DA9515A35AC4CAB0FD] - 24/06/2010 - 23:53:04 ---A- . (.https://sourceforge.net/p/libusb-win32/wiki/Home/ - LibUSB-Win32 - Kernel Driver.) -- C:\Windows\SysWOW64\drivers\libusb0.sys [21504]
~ Drivers: Scanned in 00mn 00s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 07/06/2013 - 10:23:02 ---A- C:\Users\Alexia\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [268840]
O61 - LFC: 08/06/2013 - 22:37:54 ---A- C:\Users\Alexia\Downloads\Collection Karaoké Vidéo Part. 3.rar.torrent [20479]
O61 - LFC: 09/06/2013 - 13:27:34 ---A- C:\Users\Alexia\Downloads\Collection Karaoké Vidéo Part. 3.rar [8439829373]
O61 - LFC: 09/06/2013 - 13:45:45 ---A- C:\Users\Alexia\AppData\Local\Google\Chrome\User Data\Local State [35957]
~ 10 Fichiers temporaires (Temporary files)
~ Files: 343 Legitimates Filtered in 02mn 04s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <Google Chrome.WJOOAI753LQCIIUOVKQNEO4JKE> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Alexia\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: prefs.js [Alexia - wnb8nmdm.default] user_pref("extensions.crossrider.bic", "13b1f44912c27a3734ae0c9d07a11bb2"); =>PUP.CrossRider
O69 - SBI: SearchScopes [HKCU] {E2173427-3939-49E6-A955-84D4EFD2F3EE} - (uTorrentBar_FR Customized Web Search) - http://search.conduit.com =>P2P.µTorrent
~ Keys: Scanned in 00mn 00s



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.9A9712183538B83E2A7914AF9088EC58] [SPRF][07/12/2012] (...) -- C:\Users\Alexia\AppData\Local\Temp\802E2C6B-7EC9-44A8-983E-66FA3E0FB420.dat [1722]
[MD5.32DCED18FFFEA0035E4FA975CA0AE8BE] [SPRF][22/04/2013] (.The Software Group - Software Update Setup.) -- C:\Users\Alexia\AppData\Local\Temp\BoxoreInstaller.exe [620656] =>Adware.Boxore
[MD5.7B4113C6A223750ED6F5A405353C08EE] [SPRF][22/05/2013] (...) -- C:\Users\Alexia\AppData\Local\Temp\bundlesweetimsetup.exe [5242880] =>PUP.SweetIM
[MD5.F542074766AE141E247EBA7ABCC0F7A8] [SPRF][13/05/2013] (...) -- C:\Users\Alexia\AppData\Local\Temp\FE7FBAEE-C5E7-4A35-B8B3-B0C120F797B3.dat [1862]
[MD5.CBEA94357CF0600E9096A1AD20C4F48A] [SPRF][04/06/2013] (.TODO: <Company name> - TODO: <File description>.) -- C:\Users\Alexia\AppData\Local\Temp\GenericUninstall.exe [123904]
[MD5.F6278B5A16F830885B184D5F72E1B935] [SPRF][19/05/2013] (.Terra Informatica Software, Inc., British C - HTMLayout - embeddable HTML rendering and layout component.) -- C:\Users\Alexia\AppData\Local\Temp\htmlayout.dll [947200]
[MD5.B11B629FFA7A5DDB5A38E64795E824B1] [SPRF][05/12/2012] (...) -- C:\Users\Alexia\AppData\Local\Temp\Mapdb-20130104-1357816.dat [37654528]
[MD5.8A4AF3B0695F29186AD02E2FD766FA3B] [SPRF][04/06/2013] (.SweetIM Technologies Ltd. - SQLite DLL.) -- C:\Users\Alexia\AppData\Local\Temp\mgsqlite3.dll [393016] =>PUP.SweetIM
[MD5.920E73C4E9426A0571C430174B2764DE] [SPRF][25/09/2012] (...) -- C:\Users\Alexia\AppData\Local\Temp\qc_a402013b_7656_4f6f_b57f_5a8ef69f5fc4_32.exe [44809728]
[MD5.5A8222C703B4A34F2227A652A49A2827] [SPRF][11/03/2011] (.Tarma Software Research Pty Ltd - Tarma® Installer.) -- C:\Users\Alexia\AppData\Local\Temp\Setup-D502DD2B71B5-1014.exe [227984] =>Toolbar.Tarma
[MD5.F3EEAE3F78AB44FE413A560ACF1C6515] [SPRF][29/01/2013] (.Babylon Ltd. - Babylon Client Setup.) -- C:\Users\Alexia\AppData\Local\Temp\toolbar2495017.exe [867992] =>Toolbar.Babylon
[MD5.89505DACB8B6A97A448F3409DAB18BCD] [SPRF][20/05/2013] (.Babylon Ltd. - Uninstaller Application.) -- C:\Users\Alexia\AppData\Local\Temp\uninst1.exe [395248] =>Toolbar.Babylon
[MD5.E990FC354E1A08AC8C7B544FB1A32ABA] [SPRF][04/06/2013] (.TODO: <Company name> - TODO: <File description>.) -- C:\Users\Alexia\AppData\Local\Temp\uninstaller.exe [376832]
[MD5.5682236F5A6DF29E3294573BDAC11958] [SPRF][19/05/2013] (...) -- C:\Users\Alexia\AppData\Local\Temp\utt435.tmp.exe [8194048]
[MD5.5682236F5A6DF29E3294573BDAC11958] [SPRF][10/05/2013] (...) -- C:\Users\Alexia\AppData\Local\Temp\utt4C0B.tmp.exe [8194048]
[MD5.5A8222C703B4A34F2227A652A49A2827] [SPRF][11/03/2011] (.Tarma Software Research Pty Ltd - Tarma® Installer.) -- C:\Users\Alexia\AppData\Local\Temp\wc-0490.exe [227984] =>Toolbar.Tarma
[MD5.C79EF333384F37CDEB10C1BC57326F0D] [SPRF][04/06/2013] (...) -- C:\Users\Alexia\AppData\Local\Temp\WSSetup.exe [3243944]
~ Files: Scanned in 00mn 03s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{49725E98-E1F2-4756-8939-82C15837C97C}" | In - Public - P17 - TRUE | .(.Atheros Communication Inc. - Atheros DirectConnect DHCP Service.) -- C:\Program Files (x86)\Packard Bell\WDAgent\DCDhcpService.exe
O87 - FAEL: "TCP Query User{F1FC89D9-369B-4997-804B-0083819F4742}C:\program files (x86)\ares\ares.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\ares\ares.exe (.not file.)
O87 - FAEL: "UDP Query User{549327DC-C550-46A0-9C98-3D8EA11CC417}C:\program files (x86)\ares\ares.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\ares\ares.exe (.not file.)
O87 - FAEL: "TCP Query User{0EB00785-C881-4B45-B204-C718DEA091C7}C:\program files (x86)\ares\ares.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\ares\ares.exe (.not file.)
O87 - FAEL: "UDP Query User{30924CCE-4BCB-44C8-A79A-13F0D1608F8B}C:\program files (x86)\ares\ares.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\ares\ares.exe (.not file.)
O87 - FAEL: "TCP Query User{07EBECA0-DF5B-4CDF-BEB5-3FBD7EDBC5A7}C:\program files (x86)\media crawler\mediacrawler.exe" | In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\media crawler\mediacrawler.exe
O87 - FAEL: "UDP Query User{59E3D7B6-2092-4A95-A9E8-524BFA98D685}C:\program files (x86)\media crawler\mediacrawler.exe" | In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\media crawler\mediacrawler.exe
O87 - FAEL: "{691AAFBA-FBB5-448F-8D04-2A177E838649}" | In - Private - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
O87 - FAEL: "{0CCBA79C-6ED7-42C0-9C3E-ED7B5036016C}" | In - Private - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
O87 - FAEL: "{1E6931E5-3C06-47FD-90FD-DC778F03E7C2}" | In - Public - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
O87 - FAEL: "{585559F5-F527-47FC-8240-B164FF8857D2}" | In - Public - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
~ Firewall: 230 Legitimates Filtered in 00mn 01s



---\\ Scan Additionnel (O88)
Database Version : v2.12437 - (07/06/2013)
Clés trouvées (Keys found) : 48
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 8

[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\WNLT] =>Adware.IncrediBar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
C:\Users\Alexia\AppData\Local\Temp\uninst1.exe =>Toolbar.Babylon
C:\Users\Alexia\AppData\Local\Temp\bundlesweetimsetup.exe =>PUP.SweetIM
C:\Users\Alexia\AppData\Local\Temp\BoxoreInstaller.exe =>Adware.Boxore
C:\Users\Alexia\AppData\Local\Temp\mgsqlite3.dll =>PUP.SweetIM
C:\Users\Alexia\AppData\Local\Temp\toolbar2495017.exe =>Toolbar.Babylon
~ Additionnel Scan: 279493 Items scanned in 00mn 36s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 06/06/2011 64952 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 17/05/2013 256904 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 11/08/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 21/08/2012 44808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SS - | Demand 23/04/2012 276248 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 18/01/2012 111776 | (DCDhcpService) . (.Atheros Communication Inc..) - C:\Program Files (x86)\Packard Bell\WDAgent\DCDhcpService.exe
SR - | Auto 23/03/2012 355920 | (DsiWMIService) . (.Dritek System Inc..) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
SR - | Auto 07/02/2012 871296 | (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SR - | Auto 29/02/2012 28264 | (GREGService) . (.Acer Incorporated.) - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
SR - | Auto 02/02/2012 13592 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 02/02/2012 628448 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Demand 09/09/2012 936848 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 08/02/2012 161560 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 07/02/2012 255376 | (Live Updater Service) . (.Acer Incorporated.) - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
SR - | Auto 08/02/2012 277784 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SS - | Demand 05/02/2013 235216 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
SR - | Auto 29/03/2011 598312 | (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SR - | Auto 16/06/2012 138272 | (NIS) . (.Symantec Corporation.) - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
SR - | Auto 01/06/2010 2804568 | (NOBU) . (.Symantec Corporation.) - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
SS - | Auto 13/07/2012 160944 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 08/02/2012 363800 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 02s



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by Alexia at 09/06/2013 14:50:18

device: opened successfully
user: error reading MBR

Disk trace:
error: Read Descripteur non valide
kernel: error reading MBR
~ MBR: 9 Legitimates Filtered in 00mn 02s



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Alexia at 09/06/2013 14:50:20

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s



~ 1937 Legitimates filtered by white list
End of the scan (564 lines in 06mn 18s)(0)




Desolé cétait assez long
0
Réponse 7 / 25
billmaxime Messages postés 49931 Date d'inscription dimanche 20 novembre 2011 Statut Contributeur Dernière intervention 25 avril 2024 5 946
9 juin 2013 à 18:00
re

tu as 3 antivirus
avast! Free Antivirus v7.0.1466.0
Norton Internet Security v19.9.1.14
McAfee Security Scan Plus v3.0.318.3

désinstalle Norton Internet Security v19.9.1.14 et McAfee Security Scan Plus v3.0.318.3

pour norton

pour mcafee

ensuite, met avast a jour

mettre avast a jour

désinstalle Adobe Reader X et Java 7 Update 9 via programmes et fonctionnalités du

panneau de configuration et télécharge les dernières versions

pour adode reader

pour java
=====================================================
ensuite fais ceci

lance zhpfix en tant qu'administrateur (clic droit)

copie tout le texte depuis ce lien https://www.cjoint.com/?CFjr6TSP2I4

clique sur le 2ème bouton en haut a gauche (coller le presse papier)

clic sur GO en bas de page et confirme par oui pour lancer le nettoyage des données

le rapport s'affichera sur ton bureau et dans C:\zhpfix.txt

poste le rapport via ce lien https://www.cjoint.com/
=====================================================
ensuite, refais moi 1 zhpdiag en cliquant sur la loupe avec le + et poste le rapport

via ce lien https://www.cjoint.com/index.php

merci

@+

0
Réponse 8 / 25
alexiiia65 Messages postés 16 Date d'inscription dimanche 9 juin 2013 Statut Membre Dernière intervention 2 mai 2018
9 juin 2013 à 18:59
Désolé jeme suis trompé ^^, j'ai posté le rapport zhpfix sur le site
0
Réponse 9 / 25
billmaxime Messages postés 49931 Date d'inscription dimanche 20 novembre 2011 Statut Contributeur Dernière intervention 25 avril 2024 5 946
9 juin 2013 à 19:13
re

non, tu as bien posté le zhpdiag

Rapport de ZHPDiag v2013.6.7.12 par Nicolas Coolman, Update du 07/06/2013
Run by Alexia at 09/06/2013 14:44:02

@+
0
Réponse 10 / 25
alexiiia65 Messages postés 16 Date d'inscription dimanche 9 juin 2013 Statut Membre Dernière intervention 2 mai 2018
9 juin 2013 à 19:55
Rapport de ZHPFix 2013.6.4.1 par Nicolas Coolman, Update du 04/06/2013
Fichier d'export Registre :
Run by Alexia at 09/06/2013 18:55:30
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Corbeille vidée

========== Logiciel(s) ==========
ABSENT Software Key: GoforFiles

========== Processus mémoire ==========
SUPPRIME Memory Process: C:\Program Files (x86)\GoforFiles\GFFUpdater.exe
SUPPRIME Memory Process: C:\Users\Alexia\AppData\Local\Temp\BoxoreInstaller.exe
SUPPRIME Memory Process: C:\Users\Alexia\AppData\Local\Temp\bundlesweetimsetup.exe
SUPPRIME Memory Process: C:\Users\Alexia\AppData\Local\Temp\Setup-D502DD2B71B5-1014.exe
SUPPRIME Memory Process: C:\Users\Alexia\AppData\Local\Temp\toolbar2495017.exe
SUPPRIME Memory Process: C:\Users\Alexia\AppData\Local\Temp\uninst1.exe
SUPPRIME Memory Process: C:\Users\Alexia\AppData\Local\Temp\wc-0490.exe

========== Module(s) mémoire ==========
SUPPRIME Memory Module: C:\Users\Alexia\AppData\Local\Temp\mgsqlite3.dll

========== Clé(s) du Registre ==========
SUPPRIME Key: CLSID: [HKLM\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
ABSENT Key: HKCU\Software\ChrmTB
SUPPRIME Key: HKCU\Software\SweetIM
SUPPRIME Key*: HKLM\Software\DomaIQ
SUPPRIME Key*: HKLM\Software\WNLT
SUPPRIME Key: HKLM\Software\Wow6432Node\GoforFiles
SUPPRIME Key: HKLM\Software\Wow6432Node\SweetIM
SUPPRIME Key: SearchScopes :{E2173427-3939-49E6-A955-84D4EFD2F3EE}
ABSENT Key: HKCU\Software\SweetIM
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

========== Valeur(s) du Registre ==========
SUPPRIME Toolbar: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
SUPPRIME RunValue: ares
ABSENT RunValue: ares
ABSENT TCP Query User{F1FC89D9-369B-4997-804B-0083819F4742}C:/program files (x86)/ares/ares.exe
ABSENT UDP Query User{549327DC-C550-46A0-9C98-3D8EA11CC417}C:/program files (x86)/ares/ares.exe
ABSENT TCP Query User{0EB00785-C881-4B45-B204-C718DEA091C7}C:/program files (x86)/ares/ares.exe
ABSENT UDP Query User{30924CCE-4BCB-44C8-A79A-13F0D1608F8B}C:/program files (x86)/ares/ares.exe
ABSENT Valeur Standard Profile: FirewallRaz :
ABSENT Valeur Domain Profile: FirewallRaz :
SUPPRIME FirewallRaz (Domain) : NetPres-In-TCP-NoScope
SUPPRIME FirewallRaz (Domain) : NetPres-Out-TCP-NoScope
SUPPRIME FirewallRaz (None) : NetPres-WSD-In-UDP
SUPPRIME FirewallRaz (None) : NetPres-WSD-Out-UDP
SUPPRIME FirewallRaz (Public) : NetPres-In-TCP
SUPPRIME FirewallRaz (Public) : NetPres-Out-TCP
SUPPRIME FirewallRaz (Private) : TCP Query User{F1FC89D9-369B-4997-804B-0083819F4742}C:\program files (x86)\ares\ares.exe
SUPPRIME FirewallRaz (Private) : UDP Query User{549327DC-C550-46A0-9C98-3D8EA11CC417}C:\program files (x86)\ares\ares.exe
SUPPRIME FirewallRaz (Public) : TCP Query User{0EB00785-C881-4B45-B204-C718DEA091C7}C:\program files (x86)\ares\ares.exe
SUPPRIME FirewallRaz (Public) : UDP Query User{30924CCE-4BCB-44C8-A79A-13F0D1608F8B}C:\program files (x86)\ares\ares.exe
SUPPRIME FirewallRaz (Private) : {7F773FFA-8272-4473-9E63-5DBC66473578}
SUPPRIME FirewallRaz (Private) : {B2AAB555-CDD0-4225-873D-C1840A4F49B8}
SUPPRIME FirewallRaz (Private) : {5E4789F5-2EBA-489A-AF03-23D7AA9B809A}
SUPPRIME FirewallRaz (Private) : {6D0FAB3D-BDF8-49C2-A1AA-D32F53416113}

========== Elément(s) de donnée du Registre ==========
REMPLACE Value NoActiveDesktopChanges : Good (0) - Bad (1)

========== Préférences navigateur ==========
PRESENT Chrome File: C:\Users\Alexia\AppData\Local\Google\Chrome\User Data\Default\Preferences
ABSENT Chrome Site: http://search.babylon.com
SUPPRIME Mozilla Pref: user_pref("extensions.crossrider.bic", "13b1f44912c27a3734ae0c9d07a11bb2");

========== Dossier(s) ==========
SUPPRIME Folder: C:\Users\Alexia\AppData\Local\{0E454D55-29F6-474C-BD15-CBAFEC7AD5A7}
SUPPRIME Folder: C:\Users\Alexia\AppData\Local\{4494F018-4236-4C82-9F31-E2044609F89F}
SUPPRIME Folder: C:\Users\Alexia\AppData\Local\{67CF12D8-F7C5-4DFA-BAC9-4FF879C95B55}
SUPPRIME Folder: C:\Users\Alexia\AppData\Local\{B47EE5DB-D469-474B-920D-BF5928BEB008}
SUPPRIME Temporaires Windows
SUPPRIME Flash Cookies

========== Fichier(s) ==========
SUPPRIME File***: c:\program files (x86)\goforfiles\gffupdater.exe
ABSENT File: c:\program files (x86)\ares\ares.exe
SUPPRIME File: c:\windows\tasks\dealply.job
ABSENT Folder/File: c:\program files (x86)\goforfiles\gffupdater.exe
SUPPRIME File: c:\windows\prefetch\browserprotect.exe-fb038691.pf
SUPPRIME File: c:\windows\prefetch\deltatb.exe-dc0890a0.pf
SUPPRIME File: c:\windows\prefetch\tuto4pc_setup_fr.exe-3d68059a.pf
SUPPRIME File: c:\windows\prefetch\tuto4pc_setup_fr.tmp-64d8dd57.pf
SUPPRIME File: c:\windows\prefetch\mybabylontb.exe-8394c204.pf
SUPPRIME File: c:\windows\prefetch\tuto4pc_fr_38.exe-ea2ef526.pf
SUPPRIME File: c:\windows\prefetch\delta4ie.exe-fee130f5.pf
SUPPRIME File: c:\windows\prefetch\delta4ffx.exe-6387ab03.pf
SUPPRIME File: c:\windows\prefetch\upt4pc_fr_38.exe-78cd34e5.pf
SUPPRIME File: c:\windows\prefetch\deltasrv.exe-10108bb2.pf
SUPPRIME File: c:\windows\prefetch\dealplyupdatever.exe-30f881a9.pf
SUPPRIME File: c:\users\alexia\appdata\local\temp\boxoreinstaller.exe
SUPPRIME File: c:\users\alexia\appdata\local\temp\bundlesweetimsetup.exe
SUPPRIME File*: c:\users\alexia\appdata\local\temp\mgsqlite3.dll
SUPPRIME File: c:\users\alexia\appdata\local\temp\setup-d502dd2b71b5-1014.exe
SUPPRIME File: c:\users\alexia\appdata\local\temp\toolbar2495017.exe
SUPPRIME File: c:\users\alexia\appdata\local\temp\uninst1.exe
SUPPRIME File: c:\users\alexia\appdata\local\temp\wc-0490.exe
ABSENT Folder/File: c:\users\alexia\appdata\local\temp\uninst1.exe
ABSENT Folder/File: c:\users\alexia\appdata\local\temp\bundlesweetimsetup.exe
ABSENT Folder/File: c:\users\alexia\appdata\local\temp\boxoreinstaller.exe
ABSENT Folder/File: c:\users\alexia\appdata\local\temp\mgsqlite3.dll
ABSENT Folder/File: c:\users\alexia\appdata\local\temp\toolbar2495017.exe
SUPPRIME Temporaires Windows
SUPPRIME Flash Cookies

========== Tache planifiée ==========
SUPPRIME Task: Dealply
SUPPRIME Task: Go for FilesUpdate

========== Restauration Système ==========
Point de restauration du système créé avec succès


========== Récapitulatif ==========
7 : Processus mémoire
1 : Module(s) mémoire
54 : Clé(s) du Registre
23 : Valeur(s) du Registre
1 : Elément(s) de donnée du Registre
6 : Dossier(s)
29 : Fichier(s)
1 : Logiciel(s)
3 : Préférences navigateur
2 : Tache planifiée
1 : Restauration Système


End of clean in 01mn 28s

========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 09/06/2013 18:55:34 [12644]
0
Réponse 11 / 25
alexiiia65 Messages postés 16 Date d'inscription dimanche 9 juin 2013 Statut Membre Dernière intervention 2 mai 2018
9 juin 2013 à 19:56
Rapport de ZHPDiag v2013.6.7.12 par Nicolas Coolman, Update du 07/06/2013
Run by Alexia at 09/06/2013 19:00:58
WebSite: https://nicolascoolman.webs.com/
State : Version à jour.
WhiteList : Enable
High Elevated Privileges : OK
UAC : Activate by user


---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421

---\\ Windows Product Information
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7QJB7
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Protection
avast! Free Antivirus v8.0.1489.0
Windows Defender W7

---\\ System Optimizer

---\\ Peer To Peer (P2P)
µTorrent v2.2.1 =>P2P.µTorrent

---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader XI
Java 7 Update 21

---\\ System Information
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3932 MB (57% free)
System Restore: Activé (Enable)
System drive C: has 77 GB (17%) free of 448 GB

---\\ Logged in mode
~ Computer Name: ALEXIA-PC
~ User Name: Alexia
~ All Users Names: HomeGroupUser$, Alexia, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Alexia\AppData\Roaming\
~ %Desktop% : C:\Users\Alexia\Desktop\
~ %Favorites% : C:\Users\Alexia\Favorites\
~ %LocalAppData% : C:\Users\Alexia\AppData\Local\
~ %StartMenu% : C:\Users\Alexia\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 77 Go of 448 Go)
D:\ CD-ROM drive (Not Inserted)
Q:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)



---\\ Security Center & Tools Informations
~ Security Center: 29 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.14/07/2011 - 06:30:29.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.A19DB004D954BBC9C4EC125711E1D1C2] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.08/10/2012 - 12:23:52.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.06/04/2012 - 09:32:06.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.14/07/2011 - 06:33:59.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/17
~ Mes musiques (My Musics) : 1/19
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/30
~ Mes Documents (My Documents) : 1/2990
~ Mon Bureau (My Desktop) : 1/555
~ Menu demarrer (Programs) : 1/28
~ Hidden Files: Scanned in 00mn 07s



---\\ Processus lancés
[MD5.1A7F10605F9672E101BFA27CAED210D5] - (.Dritek System Inc. - Launch Manager Worker.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe [343632] [PID.1044]
[MD5.0D28A18940E35EA867155657371BB6FE] - (.CyberLink - MediaEspresso DeviceDetector.) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [988456] [PID.3692]
[MD5.A1B303E029EE731119B1D985677FFAD2] - (.Ask - Ask Updater.) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1646216] [PID.3004]
[MD5.BB7245420097B251D1271F5B6F0C9F02] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\Alexia\AppData\Roaming\uTorrent\uTorrent.exe [802136] [PID.2520] =>P2P.µTorrent
[MD5.FE668B0E3E87077A46FE77AFB0E27F9C] - (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe [1105488] [PID.2168]
[MD5.3F11B20D12D89365D7721BDC860CE5F0] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968] [PID.4060]
[MD5.4AFFDCAADCB1DBBFFAF06C7F82E7F6FC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776] [PID.4068]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816] [PID.3920]
[MD5.749949494676218FFA99501F4AA22ECC] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe [10376704] [PID.4576]
[MD5.4EE367B8B1964160A1F1B80095183D3A] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin [10368512] [PID.2220]
[MD5.2F3390C8E3620B3991D7D82014E26AA7] - (.Google Inc. - Google Chrome.) -- C:\Users\Alexia\AppData\Local\Google\Chrome\Application\chrome.exe [825808] [PID.3548]
[MD5.BA58BE8F544B058C160E7CCDB7A6EA72] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7472128] [PID.4912]
[MD5.28D6701C710AD7BA3CB95E75F8F1A9AA] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808] [PID.1260]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1848]
[MD5.A5299D04ED225D64CF07A568A3E1BF8C] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184] [PID.1888]
[MD5.C02FF01B821FBB72104132E56EC5B881] - (.Dritek System Inc. - Dritek WMI Service.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe [355920] [PID.1292]
[MD5.D98B7ABBBB55FD3A4D9F7B8A7869FCBF] - (.Dritek System Inc. - Launch Manager utility process.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe [419408] [PID.1456]
[MD5.32096F187020A54D29C95B3A1467D963] - (.Acer Incorporated - Global Registration Service.) -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [28264] [PID.1484]
[MD5.DBD76BC1D498FE368F2C8CB76C3E00A4] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560] [PID.1588]
[MD5.6BB516A31DE232DAB436FF3A117E1E80] - (.Acer Incorporated - Updater Service.) -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [255376] [PID.1672]
[MD5.C3CDDD18F43D44AB713CF8C4916F7696] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [219496] [PID.2308]
[MD5.13693B6354DD6E72DC5131DA7D764B90] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [508776] [PID.2428]
[MD5.72794D112CBAFF3BC0C29BF7350D4741] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822624] [PID.2652]
[MD5.545462D0DBE24AF379BA869B7C185CCD] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13592] [PID.4048]
[MD5.86E4CC39C953D11EF57CF54C4DC78238] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [277784] [PID.3000]
[MD5.13AA2130F2A104DD775EAD0F0EE5417B] - (.Nero AG - NeroUpdate.) -- C:\Program Files (x86)\Nero\Update\NASvc.exe [598312] [PID.4588]
[MD5.D80B1075B69B57A3AB78F750CE463ECE] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [363800] [PID.5792]
~ Processes Running: Scanned in 00mn 01s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Alexia\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://www.search.ask.com/?o=10148&l=dis
G2 - GCE: Preference [User Data\Default] [aaaaojmikegpiepcfdkkjaplodkpfmlo] Ask Toolbar v.7.15.23.42079 (Activé) =>Toolbar.Ask
~ Google Browser: 7 Legitimates Filtered in 00mn 09s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Alexia\AppData\Roaming\Mozilla\Firefox\Profiles\wnb8nmdm.default\prefs.js
M3 - MFPP: Plugins - [Alexia] -- C:\Users\Alexia\AppData\Roaming\Mozilla\Firefox\Profiles\wnb8nmdm.default\searchplugins\askcom.xml
M0 - MFSP: prefs.js [Alexia - wnb8nmdm.default] r_pref("browser.startup.homepage", );
M2 - MFEP: prefs.js [Alexia - wnb8nmdm.default\toolbar@ask.com] [] v (..)
~ Firefox Browser: 9 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R3 - URLSearchHook: UrlSearchHook Class [64Bits] - {00000000-6E41-4FD3-8538-502F5495E5FC} . (.Ask - Ask Toolbar.) (5.15.23.36191) -- C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll =>Toolbar.Ask
~ IE Browser: 18 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Ask Toolbar BHO [64Bits] - {D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Ask Toolbar.) -- C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll =>Toolbar.Ask
~ BHO: 5 Legitimates Filtered in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe (.not file.)
O4 - HKLM\..\Run: [Power Management] . (.Acer Incorporated - ePowerTray.) -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Alexia\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\Alexia\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Alexia\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.µTorrent
O4 - HKLM\..\Wow6432Node\Run: [LManager] . (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Wow6432Node\Run: [ApnUpdater] . (.Ask - Ask Updater.) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-4090331007-744543911-3614191107-1001\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Alexia\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-4090331007-744543911-3614191107-1001\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\Alexia\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-4090331007-744543911-3614191107-1001\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Alexia\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.µTorrent
~ Application: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\TaskBar: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\Alexia\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Welcome Center.lnk . (.Acer Incorporated - Welcome Center.) -- C:\Program Files (x86)\Packard Bell\Welcome Center\OEMWelcomeCenter.exe
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O4 - GS\Programs: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: monAlbumPhoto.lnk . (.monAlbumPhoto - monAlbumPhoto.) -- C:\Program Files (x86)\monAlbumPhoto\monAlbumphoto.exe
O4 - GS\QuickLaunch: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Alexia\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.µTorrent
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\Windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
O4 - GS\Desktop: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\Alexia\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop: Media Crawler.lnk . (...) -- C:\Program Files (x86)\Media Crawler\MediaCrawler.exe
O4 - GS\Desktop: Movies2iPhone.lnk . (...) -- C:\Program Files (x86)\Movies2iPhone\Movies2iPhone.exe
O4 - GS\Desktop: OpenOffice.org 3.4.1.lnk . (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
O4 - GS\Desktop: TopSharewares.lnk . (.TopSharewares - Pas de description.) -- C:\Program Files (x86)\TopSharewares\TopLaunch\topsharewares.exe
~ Global Startup: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{ADA8E176-9D97-4D2E-ACF3-261C6E7E70F1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{D85942BA-6320-419A-AFDB-3C21BC2666BC}: DhcpNameServer = 192.168.1.250
O17 - HKLM\System\CCS\Services\Tcpip\..\{D85942BA-6320-419A-AFDB-3C21BC2666BC}: DhcpDomain = PXE.ACER.COM
O17 - HKLM\System\CS1\Services\Tcpip\..\{ADA8E176-9D97-4D2E-ACF3-261C6E7E70F1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{D85942BA-6320-419A-AFDB-3C21BC2666BC}: DhcpNameServer = 192.168.1.250
O17 - HKLM\System\CS1\Services\Tcpip\..\{D85942BA-6320-419A-AFDB-3C21BC2666BC}: DhcpDomain = PXE.ACER.COM
O17 - HKLM\System\CS2\Services\Tcpip\..\{ADA8E176-9D97-4D2E-ACF3-261C6E7E70F1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{D85942BA-6320-419A-AFDB-3C21BC2666BC}: DhcpNameServer = 192.168.1.250
O17 - HKLM\System\CS2\Services\Tcpip\..\{D85942BA-6320-419A-AFDB-3C21BC2666BC}: DhcpDomain = PXE.ACER.COM
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.AEF195FC98A19DB3BAF3A88D8708AFBF] [APT] [Scheduled Update for Ask Toolbar] (...) -- C:\Program Files (x86)\Ask.com\UpdateTask.exe [137864] =>Toolbar.Ask
~ Scheduled Task: 23 Legitimates Filtered in 00mn 01s



---\\ Logiciels installés (O42)
O42 - Logiciel: Ask Toolbar - (.Ask.com.) [HKLM][64Bits] -- {86D4B82A-ABED-442A-BE86-96357B70F4FE} =>Toolbar.Ask
O42 - Logiciel: Ask Toolbar Updater - (.Ask.com.) [HKCU][64Bits] -- {79A765E1-C399-405B-85AF-466F52E918B0} =>Toolbar.Ask
O42 - Logiciel: GoforFiles - (.http://www.goforfiles.com/ [HKCU][64Bits] -- GoforFiles =>P2P.GoforFiles
~ Logic: 147 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\APN]
[HKCU\Software\AppDataLow\Software\AskToolbar]
[HKCU\Software\Ask.com]
[HKCU\Software\IncrediMail]
[HKCU\Software\Media Crawler Org.]
[HKLM\Software\Wow6432Node\APN]
[HKLM\Software\Wow6432Node\AskToolbar]
~ Key Software: 203 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 09/06/2013 - 18:46:05 - [3,515] ----D C:\Program Files (x86)\Ask.com
O43 - CFD: 03/06/2013 - 20:24:13 - [7,484] ----D C:\Program Files (x86)\Media Crawler
O43 - CFD: 03/06/2013 - 20:49:44 - [47,747] ----D C:\Program Files (x86)\TopSharewares
O43 - CFD: 09/06/2013 - 18:33:45 - [4,340] ----D C:\ProgramData\Ask
O43 - CFD: 09/06/2013 - 18:45:59 - [0,192] ----D C:\Users\Alexia\AppData\Local\APN
~ Program Folder: 165 Legitimates Filtered in 00mn 13s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.56D0C60E3D3D4BD8D04E2E86A153F84B] - 08/06/2013 - 22:47:10 ---A- . (...) -- C:\Windows\IE9_main.log [234764]
O44 - LFC:[MD5.043275B0486E1704DDB37E9BFB82BA5E] - 05/06/2013 - 13:29:58 ---A- . (...) -- C:\Windows\wininit.ini [576]
O44 - LFC:[MD5.08E6745B20457ED6913D321EB0B35351] - 04/06/2013 - 23:24:53 ---A- . (...) -- C:\Windows\SysNative\dmwu.exe [1277744]
O44 - LFC:[MD5.695946F7F4CEEAF05394D763A45C6CC5] - 04/06/2013 - 23:24:53 ---A- . (.IncrediMail, Ltd. - IMHttpCo Dynamic Link Library.) -- C:\Windows\SysNative\ImHttpComm.dll [35328]
O44 - LFC:[MD5.08E6745B20457ED6913D321EB0B35351] - 04/06/2013 - 23:24:53 RSHAD . (...) -- C:\Windows\System32\dmwu.exe [1277744]
O44 - LFC:[MD5.695946F7F4CEEAF05394D763A45C6CC5] - 04/06/2013 - 23:24:53 RSHAD . (.IncrediMail, Ltd. - IMHttpCo Dynamic Link Library.) -- C:\Windows\System32\ImHttpComm.dll [35328]
~ Files: 23 Legitimates Filtered in 00mn 18s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.6FF522D8B0FF553895A8638F7C253573] - 03/06/2013 - 19:22:42 ---A- - C:\Windows\Prefetch\BOOK.EXE-0F66772C.pf
O45 - LFCP:[MD5.7BDDEBD39BD31D52852E83C3BFCAE584] - 03/06/2013 - 19:23:00 ---A- - C:\Windows\Prefetch\QTRAXINSTALLER.EXE-4761AEDE.pf
O45 - LFCP:[MD5.809422E990324B2DDBCDFFF7460ADF01] - 03/06/2013 - 19:23:17 ---A- - C:\Windows\Prefetch\SETUP-D502DD2B71B5.EXE-1A026CCC.pf
O45 - LFCP:[MD5.8EDE17A5E0E2A2F4D8684E953551F7D5] - 03/06/2013 - 19:23:19 ---A- - C:\Windows\Prefetch\SETUP-D502DD2B71B5-1014.EXE-7EE7A7AD.pf
O45 - LFCP:[MD5.A446BF6B87E2C60F09A25D9AB9522249] - 03/06/2013 - 19:23:24 ---A- - C:\Windows\Prefetch\DP.EXE-6B9B223C.pf
O45 - LFCP:[MD5.6524BECC689E6886215242BFB9D82EA4] - 03/06/2013 - 19:23:27 ---A- - C:\Windows\Prefetch\UNINST.EXE-3B5428EA.pf
O45 - LFCP:[MD5.545A3E938516DB38DFC2B3CBD3FAB198] - 03/06/2013 - 19:24:10 ---A- - C:\Windows\Prefetch\WC-0490.EXE-5338A8EE.pf
O45 - LFCP:[MD5.1622303F3FA5A8BF110798E2BCB5A37C] - 03/06/2013 - 19:24:10 ---A- - C:\Windows\Prefetch\WC.EXE-F8FECB77.pf
O45 - LFCP:[MD5.A794698775474348E1DDBDD05C924AB2] - 03/06/2013 - 19:24:15 ---A- - C:\Windows\Prefetch\BBA1D3.EXE-B06DB153.pf
O45 - LFCP:[MD5.97D1BA9298AF3DF1901BAB49A7C2D5BB] - 08/06/2013 - 20:07:44 ---A- - C:\Windows\Prefetch\PACKARD BELL.SCR-63E3B79C.pf
O45 - LFCP:[MD5.49659E4750509F46FDA812702938B1BA] - 08/06/2013 - 22:47:10 ---A- - C:\Windows\Prefetch\WU-IE9-WINDOWS7-X64.EXE-A3889E4B.pf
O45 - LFCP:[MD5.D3B882EB1AE98FA4852D060554C969DA] - 09/06/2013 - 12:17:28 ---A- - C:\Windows\Prefetch\MEDIACRAWLER.EXE-E10B580E.pf
~ Prefetcher: 130 Legitimates Filtered in 00mn 01s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
~ MWPS: 17 Legitimates Filtered in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:[MD5.B280C4608AC389DA9515A35AC4CAB0FD] - 24/06/2010 - 23:53:04 ---A- . (.https://sourceforge.net/p/libusb-win32/wiki/Home/ - LibUSB-Win32 - Kernel Driver.) -- C:\Windows\SysWOW64\drivers\libusb0.sys [21504]
~ Drivers: Scanned in 00mn 00s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 07/06/2013 - 10:23:02 ---A- C:\Users\Alexia\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [268840]
O61 - LFC: 08/06/2013 - 22:37:54 ---A- C:\Users\Alexia\Downloads\Collection Karaoké Vidéo Part. 3.rar.torrent [20479]
O61 - LFC: 09/06/2013 - 17:29:43 ---A- C:\Users\Alexia\Downloads\chromeinstall-7u21.exe [903072]
O61 - LFC: 09/06/2013 - 17:35:55 ---A- C:\Users\Alexia\Downloads\AdbeRdr11003_fr_FR.exe [50094152]
O61 - LFC: 09/06/2013 - 18:01:34 ---A- C:\Users\Alexia\AppData\Local\Google\Chrome\User Data\Local State [36130]
~ Files: 228 Legitimates Filtered in 01mn 25s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <Google Chrome.WJOOAI753LQCIIUOVKQNEO4JKE> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Alexia\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: C:\Users\Alexia\AppData\Roaming\Mozilla\Firefox\Profiles\wnb8nmdm.default\searchplugins\askcom.xml
O69 - SBI: prefs.js [Alexia - wnb8nmdm.default] user_pref("extensions.asktb.ff-original-keyword-url", "");
O69 - SBI: SearchScopes [HKCU] {3B5AF0EB-E1BB-414D-B13A-DC4D1B069DBB} - (Ask Search) - http://www.search.ask.com/?o=10148&l=dis
~ Keys: Scanned in 00mn 00s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{49725E98-E1F2-4756-8939-82C15837C97C}" | In - Public - P17 - TRUE | .(.Atheros Communication Inc. - Atheros DirectConnect DHCP Service.) -- C:\Program Files (x86)\Packard Bell\WDAgent\DCDhcpService.exe
O87 - FAEL: "TCP Query User{07EBECA0-DF5B-4CDF-BEB5-3FBD7EDBC5A7}C:\program files (x86)\media crawler\mediacrawler.exe" | In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\media crawler\mediacrawler.exe
O87 - FAEL: "UDP Query User{59E3D7B6-2092-4A95-A9E8-524BFA98D685}C:\program files (x86)\media crawler\mediacrawler.exe" | In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\media crawler\mediacrawler.exe
O87 - FAEL: "{691AAFBA-FBB5-448F-8D04-2A177E838649}" | In - Private - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
O87 - FAEL: "{0CCBA79C-6ED7-42C0-9C3E-ED7B5036016C}" | In - Private - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
O87 - FAEL: "{1E6931E5-3C06-47FD-90FD-DC778F03E7C2}" | In - Public - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
O87 - FAEL: "{585559F5-F527-47FC-8240-B164FF8857D2}" | In - Public - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
~ Firewall: 216 Legitimates Filtered in 00mn 01s



---\\ Scan Additionnel (O88)
Database Version : v2.12437 - (07/06/2013)
Clés trouvées (Keys found) : 49
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 4
Fichiers trouvés (Files found) : 0

[HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] =>Adware.AskSBAR
[HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}] =>Toolbar.Ask
[HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask
[HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Adware.AskSBAR
[HKLM\Software\Wow6432Node\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Adware.AskSBAR
[HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Adware.AskSBAR
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Adware.AskSBAR
[HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Adware.AskSBAR
[HKLM\Software\Classes\AppID\GenericAskToolbar.DLL] =>Adware.AskSBAR
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd] =>Adware.AskSBAR
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1] =>Adware.AskSBAR
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED] =>Toolbar.Ask
[HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9] =>Adware.MyWebSearch
[HKCU\Software\APN] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\APN] =>Toolbar.Ask
[HKCU\Software\Ask.com] =>Toolbar.AskBar
[HKCU\Software\AppDataLow\Software\AskToolbar] =>Toolbar.AskTBar
[HKLM\Software\Wow6432Node\AskToolbar] =>Toolbar.AskTBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}] =>Toolbar.AskBar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo] =>Toolbar.Ask
[HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks]:{00000000-6E41-4FD3-8538-502F5495E5FC} =>Adware.ShopperReports
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Adware.AskSBAR
C:\Program Files (x86)\Ask.com =>Toolbar.AskBar
C:\Users\Alexia\AppData\LocalLow\AskToolbar =>Toolbar.AskTBar
C:\Users\Alexia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo =>Toolbar.Ask
C:\Users\Alexia\AppData\Roaming\Mozilla\Firefox\Profiles\wnb8nmdm.default\Extensions\toolbar@ask.com =>Toolbar.AskTBar
~ Additionnel Scan: 255976 Items scanned in 00mn 26s



---\\ Product Upgrade Codes (O90)
O90 - PUC: "A28B4D68DEBAA244EB686953B7074FEF" . (.Ask Toolbar.) -- C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ARPPRODUCTICON.exe =>Toolbar.Ask
~ Update Products: 415 Legitimates Filtered in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 11/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 17/05/2013 256904 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 11/08/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 09/05/2013 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SS - | Demand 23/04/2012 276248 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 18/01/2012 111776 | (DCDhcpService) . (.Atheros Communication Inc..) - C:\Program Files (x86)\Packard Bell\WDAgent\DCDhcpService.exe
SR - | Auto 23/03/2012 355920 | (DsiWMIService) . (.Dritek System Inc..) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
SR - | Auto 07/02/2012 871296 | (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SR - | Auto 29/02/2012 28264 | (GREGService) . (.Acer Incorporated.) - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
SS - | Auto 09/06/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 09/06/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SR - | Auto 02/02/2012 13592 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 02/02/2012 628448 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Demand 09/09/2012 936848 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 08/02/2012 161560 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 07/02/2012 255376 | (Live Updater Service) . (.Acer Incorporated.) - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
SR - | Auto 08/02/2012 277784 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 29/03/2011 598312 | (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SS - | Auto 13/07/2012 160944 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 08/02/2012 363800 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 01s



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ MBR: 1 Legitimates Filtered in 00mn 02s



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Alexia at 09/06/2013 19:04:53

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s



~ 1749 Legitimates filtered by white list
End of the scan (520 lines in 03mn 54s)(0)
0
Réponse 12 / 25
alexiiia65 Messages postés 16 Date d'inscription dimanche 9 juin 2013 Statut Membre Dernière intervention 2 mai 2018
9 juin 2013 à 19:56
Voila c'est tout ce que tu m'as demandé
0
Réponse 13 / 25
billmaxime Messages postés 49931 Date d'inscription dimanche 20 novembre 2011 Statut Contributeur Dernière intervention 25 avril 2024 5 946
9 juin 2013 à 20:11
re

fais ceci s'il te plaît

télécharge adwcleaner sur ton bureau (clique sur la flèche verte)

le lien https://toolslib.net

utlisateurs vista-w7-w8 exécuter en tant qu'administrateur (clic droit)

choisis le mode suppression

le rapport s'affichera sur ton bureau et dans C:\adw[S1].txt

poste le rapport via 1 copier/coller

@+

0
Réponse 14 / 25
alexiiia65 Messages postés 16 Date d'inscription dimanche 9 juin 2013 Statut Membre Dernière intervention 2 mai 2018
9 juin 2013 à 20:16
# AdwCleaner v2.303 - Rapport créé le 09/06/2013 à 20:12:30
# Mis à jour le 08/06/2013 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Alexia - ALEXIA-PC
# Mode de démarrage : Normal
# Exécuté depuis : C:\Users\Alexia\Downloads\adwcleaner.exe
# Option [Suppression]


***** [Services] *****


***** [Fichiers / Dossiers] *****

Dossier Supprimé : C:\Program Files (x86)\Ask.com
Dossier Supprimé : C:\ProgramData\Ask
Dossier Supprimé : C:\Users\Alexia\AppData\Local\APN
Dossier Supprimé : C:\Users\Alexia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Dossier Supprimé : C:\Users\Alexia\AppData\LocalLow\AskToolbar
Dossier Supprimé : C:\Users\Alexia\AppData\Roaming\Mozilla\Firefox\Profiles\wnb8nmdm.default\extensions\toolbar@ask.com
Dossier Supprimé : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Fichier Supprimé : C:\Users\Alexia\AppData\Roaming\Mozilla\Firefox\Profiles\wnb8nmdm.default\searchplugins\Askcom.xml

***** [Registre] *****

Clé Supprimée : HKCU\Software\APN
Clé Supprimée : HKCU\Software\AppDataLow\Software\AskToolbar
Clé Supprimée : HKCU\Software\Ask.com
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Clé Supprimée : HKLM\Software\APN
Clé Supprimée : HKLM\Software\AskToolbar
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Clé Supprimée : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Clé Supprimée : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Clé Supprimée : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Valeur Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Navigateurs] *****

-\\ Internet Explorer v9.0.8112.16455

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Mozilla Firefox v [Impossible d'obtenir la version]

Fichier : C:\Users\Alexia\AppData\Roaming\Mozilla\Firefox\Profiles\wnb8nmdm.default\prefs.js

Supprimée : user_pref("browser.search.selectedEngine", "Ask.com");
Supprimée : user_pref("browser.search.order.1", "Ask.com");
Supprimée : user_pref("browser.search.defaultengine", "Ask.com");
Supprimée : user_pref("browser.search.defaultenginename", "Ask.com");
Supprimée : user_pref("extensions.asktb.ff-original-keyword-url", "");

-\\ Google Chrome v27.0.1453.110

Fichier : C:\Users\Alexia\AppData\Local\Google\Chrome\User Data\Default\Preferences

Supprimée [l.28] : icon_url = "hxxp://www.ask.com/favicon.ico",
Supprimée [l.31] : keyword = "ask.com",
Supprimée [l.35] : search_url = "hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=A4[...]
Supprimée [l.36] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms[...]

*************************

AdwCleaner[S1].txt - [4949 octets] - [09/06/2013 20:12:30]

########## EOF - C:\AdwCleaner[S1].txt - [5009 octets] ##########
0
Réponse 15 / 25
billmaxime Messages postés 49931 Date d'inscription dimanche 20 novembre 2011 Statut Contributeur Dernière intervention 25 avril 2024 5 946
9 juin 2013 à 20:35
re

tu dois faire attention quand tu télécharges sur certains sites du style 01net softonic

car ils refilent des publiciels/adwares etc...

tu avais chopé la toolbars ASK

fais moi 1 nouveau zhpdiag en cliquant sur loupe avec le + et poste le rapport

via ce lien https://www.cjoint.com/

merci

@+
0
Réponse 16 / 25
alexiiia65 Messages postés 16 Date d'inscription dimanche 9 juin 2013 Statut Membre Dernière intervention 2 mai 2018
9 juin 2013 à 21:02
Rapport de ZHPDiag v2013.6.7.12 par Nicolas Coolman, Update du 07/06/2013
Run by Alexia at 09/06/2013 20:36:46
WebSite: https://nicolascoolman.webs.com/
State : Version à jour.
WhiteList : Enable
High Elevated Privileges : OK
UAC : Deactivate by program


---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421

---\\ Windows Product Information
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7QJB7
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Protection
avast! Free Antivirus v8.0.1489.0
Windows Defender W7

---\\ System Optimizer

---\\ Peer To Peer (P2P)
µTorrent v2.2.1 =>P2P.µTorrent

---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader XI
Java 7 Update 21

---\\ System Information
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3932 MB (58% free)
System Restore: Activé (Enable)
System drive C: has 77 GB (17%) free of 448 GB

---\\ Logged in mode
~ Computer Name: ALEXIA-PC
~ User Name: Alexia
~ All Users Names: HomeGroupUser$, Alexia, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Alexia\AppData\Roaming\
~ %Desktop% : C:\Users\Alexia\Desktop\
~ %Favorites% : C:\Users\Alexia\Favorites\
~ %LocalAppData% : C:\Users\Alexia\AppData\Local\
~ %StartMenu% : C:\Users\Alexia\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 77 Go of 448 Go)
D:\ CD-ROM drive (Not Inserted)
Q:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)



---\\ Security Center & Tools Informations
~ Security Center: 29 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.14/07/2011 - 06:30:29.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.A19DB004D954BBC9C4EC125711E1D1C2] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.08/10/2012 - 12:23:52.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.06/04/2012 - 09:32:06.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.14/07/2011 - 06:33:59.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/17
~ Mes musiques (My Musics) : 1/19
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/30
~ Mes Documents (My Documents) : 1/2990
~ Mon Bureau (My Desktop) : 1/555
~ Menu demarrer (Programs) : 1/28
~ Hidden Files: Scanned in 00mn 04s



---\\ Processus lancés
[MD5.1A7F10605F9672E101BFA27CAED210D5] - (.Dritek System Inc. - Launch Manager Worker.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe [343632] [PID.1424]
[MD5.BB7245420097B251D1271F5B6F0C9F02] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\Alexia\AppData\Roaming\uTorrent\uTorrent.exe [802136] [PID.2660] =>P2P.µTorrent
[MD5.749949494676218FFA99501F4AA22ECC] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe [10376704] [PID.2900]
[MD5.4EE367B8B1964160A1F1B80095183D3A] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin [10368512] [PID.2920]
[MD5.FE668B0E3E87077A46FE77AFB0E27F9C] - (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe [1105488] [PID.2940]
[MD5.3F11B20D12D89365D7721BDC860CE5F0] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968] [PID.3068]
[MD5.4AFFDCAADCB1DBBFFAF06C7F82E7F6FC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776] [PID.1792]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816] [PID.1156]
[MD5.2F3390C8E3620B3991D7D82014E26AA7] - (.Google Inc. - Google Chrome.) -- C:\Users\Alexia\AppData\Local\Google\Chrome\Application\chrome.exe [825808] [PID.3108]
[MD5.0D28A18940E35EA867155657371BB6FE] - (.CyberLink - MediaEspresso DeviceDetector.) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [988456] [PID.4412]
[MD5.A80C173AC5C75706BB74AE4D78F2A53D] - (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe [164864] [PID.780]
[MD5.BA58BE8F544B058C160E7CCDB7A6EA72] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7472128] [PID.1224]
[MD5.28D6701C710AD7BA3CB95E75F8F1A9AA] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808] [PID.1264]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1728]
[MD5.A5299D04ED225D64CF07A568A3E1BF8C] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184] [PID.1844]
[MD5.C02FF01B821FBB72104132E56EC5B881] - (.Dritek System Inc. - Dritek WMI Service.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe [355920] [PID.1296]
[MD5.D98B7ABBBB55FD3A4D9F7B8A7869FCBF] - (.Dritek System Inc. - Launch Manager utility process.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe [419408] [PID.1420]
[MD5.32096F187020A54D29C95B3A1467D963] - (.Acer Incorporated - Global Registration Service.) -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [28264] [PID.1632]
[MD5.DBD76BC1D498FE368F2C8CB76C3E00A4] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560] [PID.1992]
[MD5.6BB516A31DE232DAB436FF3A117E1E80] - (.Acer Incorporated - Updater Service.) -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [255376] [PID.2064]
[MD5.C3CDDD18F43D44AB713CF8C4916F7696] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [219496] [PID.2548]
[MD5.13693B6354DD6E72DC5131DA7D764B90] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [508776] [PID.2716]
[MD5.72794D112CBAFF3BC0C29BF7350D4741] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822624] [PID.3816]
[MD5.545462D0DBE24AF379BA869B7C185CCD] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13592] [PID.5096]
[MD5.86E4CC39C953D11EF57CF54C4DC78238] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [277784] [PID.2708]
[MD5.13AA2130F2A104DD775EAD0F0EE5417B] - (.Nero AG - NeroUpdate.) -- C:\Program Files (x86)\Nero\Update\NASvc.exe [598312] [PID.4404]
[MD5.D80B1075B69B57A3AB78F750CE463ECE] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [363800] [PID.3892]
~ Processes Running: Scanned in 00mn 01s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Alexia\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://www.search.ask.com/?o=10148&l=dis
~ Google Browser: 6 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Alexia\AppData\Roaming\Mozilla\Firefox\Profiles\wnb8nmdm.default\prefs.js
M0 - MFSP: prefs.js [Alexia - wnb8nmdm.default] r_pref("browser.startup.homepage", );
~ Firefox Browser: 7 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe (.not file.)
O4 - HKLM\..\Run: [Power Management] . (.Acer Incorporated - ePowerTray.) -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Alexia\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\Alexia\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Alexia\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.µTorrent
O4 - HKLM\..\Wow6432Node\Run: [LManager] . (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-4090331007-744543911-3614191107-1001\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Alexia\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-4090331007-744543911-3614191107-1001\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\Alexia\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-4090331007-744543911-3614191107-1001\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Alexia\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.µTorrent
~ Application: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\TaskBar: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\Alexia\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Welcome Center.lnk . (.Acer Incorporated - Welcome Center.) -- C:\Program Files (x86)\Packard Bell\Welcome Center\OEMWelcomeCenter.exe
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O4 - GS\Programs: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: monAlbumPhoto.lnk . (.monAlbumPhoto - monAlbumPhoto.) -- C:\Program Files (x86)\monAlbumPhoto\monAlbumphoto.exe
O4 - GS\QuickLaunch: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Alexia\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.µTorrent
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\Windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
O4 - GS\Desktop: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\Alexia\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop: Media Crawler.lnk . (...) -- C:\Program Files (x86)\Media Crawler\MediaCrawler.exe
O4 - GS\Desktop: Movies2iPhone.lnk . (...) -- C:\Program Files (x86)\Movies2iPhone\Movies2iPhone.exe
O4 - GS\Desktop: OpenOffice.org 3.4.1.lnk . (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
O4 - GS\Desktop: TopSharewares.lnk . (.TopSharewares - Pas de description.) -- C:\Program Files (x86)\TopSharewares\TopLaunch\topsharewares.exe
~ Global Startup: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{ADA8E176-9D97-4D2E-ACF3-261C6E7E70F1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{D85942BA-6320-419A-AFDB-3C21BC2666BC}: DhcpNameServer = 192.168.1.250
O17 - HKLM\System\CCS\Services\Tcpip\..\{D85942BA-6320-419A-AFDB-3C21BC2666BC}: DhcpDomain = PXE.ACER.COM
O17 - HKLM\System\CS1\Services\Tcpip\..\{ADA8E176-9D97-4D2E-ACF3-261C6E7E70F1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{D85942BA-6320-419A-AFDB-3C21BC2666BC}: DhcpNameServer = 192.168.1.250
O17 - HKLM\System\CS1\Services\Tcpip\..\{D85942BA-6320-419A-AFDB-3C21BC2666BC}: DhcpDomain = PXE.ACER.COM
O17 - HKLM\System\CS2\Services\Tcpip\..\{ADA8E176-9D97-4D2E-ACF3-261C6E7E70F1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{D85942BA-6320-419A-AFDB-3C21BC2666BC}: DhcpNameServer = 192.168.1.250
O17 - HKLM\System\CS2\Services\Tcpip\..\{D85942BA-6320-419A-AFDB-3C21BC2666BC}: DhcpDomain = PXE.ACER.COM
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [Scheduled Update for Ask Toolbar] (...) -- C:\Program Files (x86)\Ask.com\UpdateTask.exe (.not file.) [0] =>Toolbar.Ask
~ Scheduled Task: 23 Legitimates Filtered in 00mn 03s



---\\ Logiciels installés (O42)
O42 - Logiciel: GoforFiles - (.http://www.goforfiles.com/ [HKCU][64Bits] -- GoforFiles =>P2P.GoforFiles
~ Logic: 145 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\IncrediMail]
[HKCU\Software\Media Crawler Org.]
~ Key Software: 200 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 03/06/2013 - 20:24:13 - [7,484] ----D C:\Program Files (x86)\Media Crawler
O43 - CFD: 03/06/2013 - 20:49:44 - [47,747] ----D C:\Program Files (x86)\TopSharewares
~ Program Folder: 162 Legitimates Filtered in 00mn 20s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.56D0C60E3D3D4BD8D04E2E86A153F84B] - 08/06/2013 - 22:47:10 ---A- . (...) -- C:\Windows\IE9_main.log [234764]
O44 - LFC:[MD5.043275B0486E1704DDB37E9BFB82BA5E] - 05/06/2013 - 13:29:58 ---A- . (...) -- C:\Windows\wininit.ini [576]
O44 - LFC:[MD5.08E6745B20457ED6913D321EB0B35351] - 04/06/2013 - 23:24:53 ---A- . (...) -- C:\Windows\SysNative\dmwu.exe [1277744]
O44 - LFC:[MD5.695946F7F4CEEAF05394D763A45C6CC5] - 04/06/2013 - 23:24:53 ---A- . (.IncrediMail, Ltd. - IMHttpCo Dynamic Link Library.) -- C:\Windows\SysNative\ImHttpComm.dll [35328]
O44 - LFC:[MD5.08E6745B20457ED6913D321EB0B35351] - 04/06/2013 - 23:24:53 RSHAD . (...) -- C:\Windows\System32\dmwu.exe [1277744]
O44 - LFC:[MD5.695946F7F4CEEAF05394D763A45C6CC5] - 04/06/2013 - 23:24:53 RSHAD . (.IncrediMail, Ltd. - IMHttpCo Dynamic Link Library.) -- C:\Windows\System32\ImHttpComm.dll [35328]
~ Files: 24 Legitimates Filtered in 00mn 20s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.6FF522D8B0FF553895A8638F7C253573] - 03/06/2013 - 19:22:42 ---A- - C:\Windows\Prefetch\BOOK.EXE-0F66772C.pf
O45 - LFCP:[MD5.7BDDEBD39BD31D52852E83C3BFCAE584] - 03/06/2013 - 19:23:00 ---A- - C:\Windows\Prefetch\QTRAXINSTALLER.EXE-4761AEDE.pf
O45 - LFCP:[MD5.809422E990324B2DDBCDFFF7460ADF01] - 03/06/2013 - 19:23:17 ---A- - C:\Windows\Prefetch\SETUP-D502DD2B71B5.EXE-1A026CCC.pf
O45 - LFCP:[MD5.8EDE17A5E0E2A2F4D8684E953551F7D5] - 03/06/2013 - 19:23:19 ---A- - C:\Windows\Prefetch\SETUP-D502DD2B71B5-1014.EXE-7EE7A7AD.pf
O45 - LFCP:[MD5.A446BF6B87E2C60F09A25D9AB9522249] - 03/06/2013 - 19:23:24 ---A- - C:\Windows\Prefetch\DP.EXE-6B9B223C.pf
O45 - LFCP:[MD5.6524BECC689E6886215242BFB9D82EA4] - 03/06/2013 - 19:23:27 ---A- - C:\Windows\Prefetch\UNINST.EXE-3B5428EA.pf
O45 - LFCP:[MD5.545A3E938516DB38DFC2B3CBD3FAB198] - 03/06/2013 - 19:24:10 ---A- - C:\Windows\Prefetch\WC-0490.EXE-5338A8EE.pf
O45 - LFCP:[MD5.1622303F3FA5A8BF110798E2BCB5A37C] - 03/06/2013 - 19:24:10 ---A- - C:\Windows\Prefetch\WC.EXE-F8FECB77.pf
O45 - LFCP:[MD5.A794698775474348E1DDBDD05C924AB2] - 03/06/2013 - 19:24:15 ---A- - C:\Windows\Prefetch\BBA1D3.EXE-B06DB153.pf
O45 - LFCP:[MD5.49659E4750509F46FDA812702938B1BA] - 08/06/2013 - 22:47:10 ---A- - C:\Windows\Prefetch\WU-IE9-WINDOWS7-X64.EXE-A3889E4B.pf
O45 - LFCP:[MD5.D3B882EB1AE98FA4852D060554C969DA] - 09/06/2013 - 12:17:28 ---A- - C:\Windows\Prefetch\MEDIACRAWLER.EXE-E10B580E.pf
O45 - LFCP:[MD5.A2E188B2041350EF9F3FFB28F963FBA6] - 09/06/2013 - 18:15:04 ---A- - C:\Windows\Prefetch\PACKARD BELL.SCR-63E3B79C.pf
~ Prefetcher: 141 Legitimates Filtered in 00mn 01s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
~ MWPS: 17 Legitimates Filtered in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:[MD5.B280C4608AC389DA9515A35AC4CAB0FD] - 24/06/2010 - 23:53:04 ---A- . (.https://sourceforge.net/p/libusb-win32/wiki/Home/ - LibUSB-Win32 - Kernel Driver.) -- C:\Windows\SysWOW64\drivers\libusb0.sys [21504]
~ Drivers: Scanned in 00mn 00s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 07/06/2013 - 10:23:02 ---A- C:\Users\Alexia\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [268840]
O61 - LFC: 08/06/2013 - 22:37:54 ---A- C:\Users\Alexia\Downloads\Collection Karaoké Vidéo Part. 3.rar.torrent [20479]
O61 - LFC: 09/06/2013 - 17:29:43 ---A- C:\Users\Alexia\Downloads\chromeinstall-7u21.exe [903072]
O61 - LFC: 09/06/2013 - 17:35:55 ---A- C:\Users\Alexia\Downloads\AdbeRdr11003_fr_FR.exe [50094152]
O61 - LFC: 09/06/2013 - 19:12:22 ---A- C:\Users\Alexia\Downloads\adwcleaner.exe [648201]
O61 - LFC: 09/06/2013 - 19:37:47 ---A- C:\Users\Alexia\AppData\Local\Google\Chrome\User Data\Local State [36130]
~ Files: 147 Legitimates Filtered in 01mn 30s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <Google Chrome.WJOOAI753LQCIIUOVKQNEO4JKE> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Alexia\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {3B5AF0EB-E1BB-414D-B13A-DC4D1B069DBB} - (Ask Search) - http://www.search.ask.com/?o=10148&l=dis
~ Keys: Scanned in 00mn 00s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{49725E98-E1F2-4756-8939-82C15837C97C}" | In - Public - P17 - TRUE | .(.Atheros Communication Inc. - Atheros DirectConnect DHCP Service.) -- C:\Program Files (x86)\Packard Bell\WDAgent\DCDhcpService.exe
O87 - FAEL: "TCP Query User{07EBECA0-DF5B-4CDF-BEB5-3FBD7EDBC5A7}C:\program files (x86)\media crawler\mediacrawler.exe" | In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\media crawler\mediacrawler.exe
O87 - FAEL: "UDP Query User{59E3D7B6-2092-4A95-A9E8-524BFA98D685}C:\program files (x86)\media crawler\mediacrawler.exe" | In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\media crawler\mediacrawler.exe
O87 - FAEL: "{691AAFBA-FBB5-448F-8D04-2A177E838649}" | In - Private - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
O87 - FAEL: "{0CCBA79C-6ED7-42C0-9C3E-ED7B5036016C}" | In - Private - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
O87 - FAEL: "{1E6931E5-3C06-47FD-90FD-DC778F03E7C2}" | In - Public - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
O87 - FAEL: "{585559F5-F527-47FC-8240-B164FF8857D2}" | In - Public - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
~ Firewall: 216 Legitimates Filtered in 00mn 01s



---\\ Scan Additionnel (O88)
Database Version : v2.12437 - (07/06/2013)
Clés trouvées (Keys found) : 21
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9] =>Adware.MyWebSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2] =>Toolbar.Ask
~ Additionnel Scan: 256207 Items scanned in 00mn 28s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 11/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 17/05/2013 256904 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 11/08/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 09/05/2013 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SS - | Demand 23/04/2012 276248 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 18/01/2012 111776 | (DCDhcpService) . (.Atheros Communication Inc..) - C:\Program Files (x86)\Packard Bell\WDAgent\DCDhcpService.exe
SR - | Auto 23/03/2012 355920 | (DsiWMIService) . (.Dritek System Inc..) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
SR - | Auto 07/02/2012 871296 | (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SR - | Auto 29/02/2012 28264 | (GREGService) . (.Acer Incorporated.) - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
SS - | Auto 09/06/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 09/06/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SR - | Auto 02/02/2012 13592 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 02/02/2012 628448 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Demand 09/09/2012 936848 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 08/02/2012 161560 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 07/02/2012 255376 | (Live Updater Service) . (.Acer Incorporated.) - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
SR - | Auto 08/02/2012 277784 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 29/03/2011 598312 | (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SS - | Auto 13/07/2012 160944 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 08/02/2012 363800 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 01s



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ MBR: 1 Legitimates Filtered in 00mn 02s



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Alexia at 09/06/2013 20:40:54

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s



~ 1669 Legitimates filtered by white list
End of the scan (453 lines in 04mn 08s)(0)
0
Réponse 17 / 25
billmaxime Messages postés 49931 Date d'inscription dimanche 20 novembre 2011 Statut Contributeur Dernière intervention 25 avril 2024 5 946
9 juin 2013 à 21:32
re

fais ceci s'il te plaît

lance zhpfix en tant qu'administrateur (clic droit)

copie tout le texte en gras ci-dessous

clique sur le 2ème bouton en haut a gauche (coller le presse papier)

clic sur GO en bas de page et confirme par oui pour lancer le nettoyage des données

le rapport s'affichera sur ton bureau et dans C:\zhpfix.txt

poste le rapport via ce lien https://www.cjoint.com/

le texte a copier


G1 - GCS: Preference [User Data\Default] http://www.search.ask.com/?o=10148&l=dis
[MD5.00000000000000000000000000000000] [APT] [Scheduled Update for Ask Toolbar] (...) -- C:\Program Files (x86)\Ask.com\UpdateTask.exe (.not file.) [0] =>Toolbar.Ask
O42 - Logiciel: GoforFiles - (.http://www.goforfiles.com/ [HKCU][64Bits] -- GoforFiles =>P2P.GoforFiles
O69 - SBI: SearchScopes [HKCU] {3B5AF0EB-E1BB-414D-B13A-DC4D1B069DBB} - (Ask Search) - http://www.search.ask.com/?o=10148&l=dis
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9] =>Adware.MyWebSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2] =>Toolbar.Ask

SysRestore
FirewallRAZ
EmptyCLSID
EmptyTemp
EmptyFlash


@+
0
Réponse 18 / 25
alexiiia65 Messages postés 16 Date d'inscription dimanche 9 juin 2013 Statut Membre Dernière intervention 2 mai 2018
9 juin 2013 à 21:42
Rapport de ZHPFix 2013.6.4.1 par Nicolas Coolman, Update du 04/06/2013
Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-09-06-2013-21-34-42.txt
Run by Alexia at 09/06/2013 21:34:41
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Corbeille vidée

========== Logiciel(s) ==========
ABSENT Software Key: GoforFiles

========== Clé(s) du Registre ==========
SUPPRIME Key: SearchScopes :{3B5AF0EB-E1BB-414D-B13A-DC4D1B069DBB}
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2

========== Valeur(s) du Registre ==========
ABSENT Valeur Standard Profile: FirewallRaz :
ABSENT Valeur Domain Profile: FirewallRaz :

========== Préférences navigateur ==========
PRESENT Chrome File: C:\Users\Alexia\AppData\Local\Google\Chrome\User Data\Default\Preferences
SUPPRIME Chrome Site: http://www.search.ask.com/?o=10148&l=dis

========== Dossier(s) ==========
Aucun dossiers CLSID Local utilisateur vide
SUPPRIME Temporaires Windows
SUPPRIME Flash Cookies

========== Fichier(s) ==========
SUPPRIME Temporaires Windows
SUPPRIME Flash Cookies

========== Tache planifiée ==========
SUPPRIME Task: Scheduled Update for Ask Toolbar

========== Restauration Système ==========
Point de restauration du système créé avec succès


========== Récapitulatif ==========
22 : Clé(s) du Registre
2 : Valeur(s) du Registre
3 : Dossier(s)
2 : Fichier(s)
1 : Logiciel(s)
2 : Préférences navigateur
1 : Tache planifiée
1 : Restauration Système


End of clean in 00mn 27s

========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 09/06/2013 17:55:34 [12697]
C:\ZHP\ZHPFix[R2].txt - 09/06/2013 21:34:42 [4355]
0
Réponse 19 / 25
billmaxime Messages postés 49931 Date d'inscription dimanche 20 novembre 2011 Statut Contributeur Dernière intervention 25 avril 2024 5 946
9 juin 2013 à 21:43
re

ok, et comment va le pc?

@+
0
Réponse 20 / 25
alexiiia65 Messages postés 16 Date d'inscription dimanche 9 juin 2013 Statut Membre Dernière intervention 2 mai 2018
9 juin 2013 à 21:45
Il va très bien et rame moins, c'est tout ce qu'il y a à faire ?
0

Discussions similaires

pro direct soccer fiable ?
Doudy28 -
Sm81 -

6 réponses
Avis sur Pro Foot X
rimka -
Loulou -

32 réponses
Mode d'utilisation de la caméra V380 en français
delacree -
Loukai -

12 réponses