Sujet Précédent Sujet Suivant

Probleme de pub

Fermé
sonic83 Messages postés 27 Date d'inscription vendredi 15 novembre 2013 Statut Membre Dernière intervention 30 novembre 2013 - 15 nov. 2013 à 14:19
irongege Messages postés 40847 Date d'inscription jeudi 1 novembre 2007 Statut Modérateur Dernière intervention 29 juin 2023 - 30 nov. 2013 à 22:02
bonjour ,

j'ai quelques soucis avec mon pc qui rame et je n'arrete pas de recevoir des pub !!


pouvez vous m'aider sil vous plait , merci d'avance .

sonic .
A voir également:

44 réponses

Réponse 1 / 44
nadellen Messages postés 12292 Date d'inscription mercredi 1 mai 2013 Statut Membre Dernière intervention 7 janvier 2024 6 657
15 nov. 2013 à 14:29
bonjour
c'est surement une "petite" infection

telecharge, met jour, et fais une analyse avec malwarebite
vire les fichiers indesirables
recommence
retire (et desinstalle toutes les barres inutiles (exemple yahoo toolbar, google toolbar.. et bien d'autres )

si apres nettoyage, tu constates encore des symptomes, il faudra aller plus loin dans les soins, c'est pas encore la grippe, mais c'est que n'est plus un petit rhume non plus lol
d'ou l'importance d'etre prudent avec sa navigation,
1
lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 18 septembre 2023 3 804
15 nov. 2013 à 14:30
Hello

https://forums.commentcamarche.net/forum/affich-29112049-probleme-de-pub#1
0
Réponse 2 / 44
irongege Messages postés 40847 Date d'inscription jeudi 1 novembre 2007 Statut Modérateur Dernière intervention 29 juin 2023 5 054
Modifié par irongege le 15/11/2013 à 18:53
Salut

Bah alors le motard, y a plein de moucherons sur la visière de ton écran !!!!!!

Il faut que tu fasses ce que lilidurhone te demande dans sa 1ère réponse.

"Bleue pour la route, verte pour la piste et rouge pour le tout terrain.
1,2,3 le compte est bon !!!!!"
1
Réponse 3 / 44
lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 18 septembre 2023 3 804
15 nov. 2013 à 14:24
Tu as dû installer des logiciels potentiellement indésirables


Pour éviter ce genre de problème :

- Ne télécharge aucun programme proposé dans des publicités ou sur des sites suspects. A noter que certains sites connus comme O1net, Softronic, Tuto4PC, etc modifient parfois les programmes proposés au téléchargement pour y ajouter des logiciels publicitaires ==> Préfère toujours le téléchargement directement sur le site de l'éditeur.


- Au cours de l'installation d'un programme gratuit, lis bien attentivement et décoche tous les programmes additionnels qui sont proposés, en particulier les barres d'outils.

Pour ton information lis ces dossier sur les Programmes Potentiellement Indésirables et Les Barres d'Outils ce n'est pas obligatoires

* Télécharge cet outil simple d'utilisation

http://general-changelog-team.fr/fr/downloads/viewdownload/20-outils-de-xplode/2-adwcleaner (de Xplode) sur ton bureau.


* Si problème avec le 1er lien prends le ici https://www.commentcamarche.net/telecharger/securite/2759-adwcleaner/

* Lance le (Sous vista/seven/8 clic droit dessus,et sur exécuter en tant qu'administrateur)si tu es sous xp double cliques dessus

* Cliques sur scanner
* Poste le rapport de recherche C:\Adwcleaner[R]

* Note le rapport de recherche est également sauvegardé sous C:\Adwcleaner[R1]
0
Réponse 4 / 44
sonic83 Messages postés 27 Date d'inscription vendredi 15 novembre 2013 Statut Membre Dernière intervention 30 novembre 2013
15 nov. 2013 à 18:56
merci beaucoup pour la rapidité de réponse , je regarde ça et vous tiens au courant , merci
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 44
sonic83 Messages postés 27 Date d'inscription vendredi 15 novembre 2013 Statut Membre Dernière intervention 30 novembre 2013
15 nov. 2013 à 19:16
# AdwCleaner v3.012 - Rapport créé le 15/11/2013 à 19:05:43
# Mis à jour le 11/11/2013 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : lili - PC-DE-LILI
# Exécuté depuis : C:\Users\lili\Downloads\adwcleaner-3.012.exe
# Option : Scanner

***** [ Services ] *****

Service Présent : BackupStack

***** [ Fichiers / Dossiers ] *****

Dossier Présent C:\Program Files (x86)\Advanced System Protector
Dossier Présent C:\Program Files (x86)\MyPC Backup
Dossier Présent C:\Program Files (x86)\RegClean Pro
Dossier Présent C:\ProgramData\boost_interprocess
Dossier Présent C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
Dossier Présent C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Dossier Présent C:\ProgramData\Systweak
Dossier Présent C:\Users\lili\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Dossier Présent C:\Users\lili\AppData\Roaming\Systweak
Fichier Présent : C:\Users\lili\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
Fichier Présent : C:\Users\Public\Desktop\Advanced System Protector.lnk
Fichier Présent : C:\Users\Public\Desktop\RegClean Pro.lnk
Fichier Présent : C:\Windows\System32\roboot64.exe
Fichier Présent : C:\Windows\System32\Tasks\Advanced System Protector_startup
Fichier Présent : C:\Windows\System32\Tasks\RegClean Pro
Fichier Présent : C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
Fichier Présent : C:\Windows\System32\Tasks\RegClean Pro_UPDATES
Fichier Présent : C:\Windows\Tasks\RegClean Pro_DEFAULT.job
Fichier Présent : C:\Windows\Tasks\RegClean Pro_UPDATES.job

***** [ Raccourcis ] *****


***** [ Registre ] *****

Clé Présente : HKCU\Software\InstallCore
Clé Présente : HKCU\Software\systweak
Clé Présente : HKCU\Software\UpdateStar
Clé Présente : [x64] HKCU\Software\InstallCore
Clé Présente : [x64] HKCU\Software\systweak
Clé Présente : [x64] HKCU\Software\UpdateStar
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
Clé Présente : HKLM\Software\systweak
Clé Présente : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Clé Présente : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup

***** [ Navigateurs ] *****

-\\ Internet Explorer v10.0.9200.16736


-\\ Mozilla Firefox v25.0 (fr)

[ Fichier : C:\Users\lili\AppData\Roaming\Mozilla\Firefox\Profiles\74mnyuce.default\prefs.js ]


-\\ Google Chrome v31.0.1650.57

[ Fichier : C:\Users\lili\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [61201 octets] - [12/11/2013 13:37:05]
AdwCleaner[R1].txt - [57757 octets] - [12/11/2013 13:39:08]
AdwCleaner[R2].txt - [3173 octets] - [15/11/2013 19:05:43]
AdwCleaner[S0].txt - [4487 octets] - [12/11/2013 13:38:32]
AdwCleaner[S1].txt - [56353 octets] - [12/11/2013 13:39:53]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [3354 octets] ##########
0
Réponse 6 / 44
lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 18 septembre 2023 3 804
15 nov. 2013 à 19:20
Phase nettoyer poste le rapport puis passe JRT


* Télécharge Junkware Removal Tool à cette adresse (ne clique pas sur télécharger, le téléchargement va débuter automatiquement) : https://www.bleepingcomputer.com/download/junkware-removal-tool/dl/131/

* Enregistre-le sur ton bureau.

* Ferme toutes les applications en cours.

* Ouvre JRT.exe et appuie sur Entrée : si tu es sous Windows Vista, 7 ou 8, ouvre-le en faisant : clic droit => Exécuter en tant qu'administrateur.

* Patiente le temps que l'outil travaille : le bureau va disparaître quelques instants, c'est tout à fait normal.

* À la fin de l'analyse, un rapport nommé JRT.txt va s'ouvrir. Héberge-le comme ceci et poste le lien obtenu dans ta prochaine réponse.

Tutoriel : http://www.forum-entraide-informatique.com/support/junkware-removal-tool-tutoriel-t8260.html
0
Réponse 7 / 44
sonic83 Messages postés 27 Date d'inscription vendredi 15 novembre 2013 Statut Membre Dernière intervention 30 novembre 2013
15 nov. 2013 à 20:24
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by lili on 15/11/2013 at 19:58:29,69
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpdataaccessor
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpdataaccessor.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpdownloadstatus
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpdownloadstatus.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpfiledownloadservice
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpfiledownloadservice.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpproxyinfo
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpproxyinfo.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpservice
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpservice.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpservicefactory
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\curl.httpservicefactory.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{266294D5-5A0D-46E8-9294-BCB6EAFA478F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{518CA0FD-F755-4F98-A2A8-CD450FB203AB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{5E9B4D72-C58D-48BF-AC09-68182D472160}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{72434BC1-E46D-47A1-A597-8749DFBCC24A}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{7DBA2B02-EA31-4B98-812B-C6E8AE5C2972}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{929FCA79-44E2-4408-83E7-F93AAE0B0909}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{94FBDF11-676E-42E5-A516-1FD39970386B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9932C738-5580-4408-A0E8-5EA03BE5FB18}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{A288B32D-1001-479F-8DA2-E259010B7A31}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{A5D99259-ADA3-48A5-B861-39813B713DCB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{AFFA986E-4B0F-4F15-9DDC-19FE8129602A}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{B348A16C-64A6-4EAE-A42A-722623572C7E}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C29CF951-7F4F-4B8D-ACA8-C4EE934C27DC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{D60A7941-4F69-4A79-BED7-72ADA784B8F7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{DFF35F25-E783-4E26-8DA6-EBB66B8B0E39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{E57D3C8D-ADD0-4AE0-8A14-0D0F6A3487FB}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4261095863-2040284751-431665412-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EFD2D094-5348-4367-A422-A47C4E466C91}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{FA87E4C7-DDD2-47AB-9E86-1EE44B8F8E94}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EFD2D094-5348-4367-A422-A47C4E466C91}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{FA87E4C7-DDD2-47AB-9E86-1EE44B8F8E94}



~~~ Files



~~~ Folders

Failed to delete: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\lili\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\lili\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Program Files (x86)\free youtube downloader"
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{006B2A35-96E4-4C8A-8C4E-21C120E2CFDC}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{006DA6CC-1D39-45F5-B9FC-014F2791C2C9}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{01FFC5DD-0B94-4757-8A8F-D231607541AE}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{0314C35A-C20F-4CDC-9A75-7A9437132401}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{034799CD-7B63-4C56-A41D-C2B8CFBBCEB5}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{03B2DDBD-92AE-4D04-AFED-8606EA75FED8}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{0485EBDF-1B08-4250-A831-4B6A62882A6C}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{04C38132-D88C-422E-AC6E-97CE69D1F73A}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{05A55240-E312-44E8-B027-63164F089EDA}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{05A7684D-F61E-4662-BAB9-FD4902B5A180}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{068314C1-72F6-4B78-A19A-2F7208DF8529}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{06CBE31F-8D62-4E60-A051-369D26223CE9}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{06F60949-D7BA-4022-BBBB-774BE75DBDE3}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{0729D728-DBDE-4D36-8149-F89760A858F2}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{073C1CA9-FABF-42E3-85A0-57DD81BF0888}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{07E0FE04-44C8-44DC-88E4-8EAC28F6D21F}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{083CD2D1-E7FE-4E92-95DA-59C486722F24}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{09026217-3756-423F-AC3E-8D5B94B2475D}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{094B5975-12F8-4244-B6BC-AC3177F60FF0}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{09C56CCC-20B3-45B7-AFC4-DE3403386DA2}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{09D2FE5D-1652-4603-A361-0FFE88D12A45}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{0A125E84-084B-4C22-BFB5-3DA297A970B6}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{0A3C86AF-62B9-4791-A9A3-40AAF5922A2C}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{0A7E6200-6CB6-4FC8-875F-1DC87933EE11}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{0B32FF90-0026-4627-8EC8-30A89FC092C5}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{0C218A2B-C25F-4333-86DB-44004EFD10F3}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{0C66BD64-8F75-48A8-B39C-F55A58C578F4}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{0CB07B20-4DA0-4B9B-ACAC-71B168C6E735}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{0CB4F3FE-DEEC-46EC-B4FD-BE5FE5341AB0}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{0D50A445-B572-403F-A4A2-7B780E9ECD4C}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{0E2E548A-5624-4C9E-A503-2D7122DD569A}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{0E6A0ED8-4093-48EA-A3B3-61124CE22FC5}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{0EF8AB86-2DAB-4717-9513-CC6D730A6338}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{115926BA-FB8C-4041-AE49-597C3621D72F}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{11610CBC-E233-4849-A731-C4F80A8C8C4A}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{12B88DD8-AF2E-468A-8DD8-1A4E014687C2}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{136B55EF-5141-40AA-B615-F87887E7FDF0}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{13802DFD-118F-4459-9861-82F6CBB20578}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{149F0C5F-105E-41AE-8E23-647E260B2AA9}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{15AF89BF-3AF2-414A-ADEF-BA421B488356}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{16408CB8-9934-42E4-96A1-8C99018E0E7F}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{164CA455-AC50-45AD-83D4-33239EC9B399}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{1675AEDA-5AAD-4AE1-81AD-6ACBBF9A5E82}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{17286B2D-5FDB-49A0-BDAF-AF637CDCC224}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{177943B1-2F7D-4FFE-95AB-4EC2922C9563}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{17D1CCB2-1478-486F-805A-B635551D913C}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{18E0855C-2A89-47E4-844B-8D19451B7F5E}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{1926BF24-9C21-4894-9EC0-F4A340D5D320}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{1928537B-0001-48AA-88F4-E1745ABC9DC3}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{19783CB9-0C68-4DFF-994E-E0D76AE096E7}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{1A098777-62C4-425C-A35F-274F94DC7D81}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{1A5CD291-CECA-46B2-8BA2-7BBB13E59CC6}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{1A60C3C9-E707-4B64-A45D-5899161A8167}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{1A7B50B8-8177-46C8-9404-3A58E989769E}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{1A854D9A-E099-44E5-9DA8-7F64B3E6E7CD}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{1B1023B0-2ED6-4B1B-98D1-81C3FFB5C43F}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{1B39C510-41D2-4C6F-BD21-93E3139E68ED}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{1B7DF3EF-2B99-426A-821D-10DA8325A7E5}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{1BECD06C-F3CD-4177-A57F-99DA3DC4FB0C}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{1C182207-A29E-453C-A958-CF9BF92FB60A}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{1C85214F-77BA-434C-8F01-F29410B7D644}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{1D2EE75F-E0BD-4EAB-AF79-AE5EB9F3E80C}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{1D796C0B-C470-44B5-ADFE-61443327BFA9}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{1DD5FF0F-89E4-4FFF-9F20-9AEB83C39EC1}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{1E244F25-559F-47B9-A183-8643F5934494}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{1F4C4FE7-E6AC-4CE5-89C0-9715005D4CDE}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{1FF6FBF2-38BA-4481-BDC7-B14C2BFDFDEC}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{20C2C4E4-A78E-4FC2-ABDA-5F2B25119B24}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{20E76BF8-4654-4E18-A724-821FD31C89F7}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{217E7DBC-02B4-4700-A3F2-D56424264121}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{21955752-6A83-42E2-9593-51F6E7EC0D95}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{2199BABA-9613-4C3C-B11E-67C5517D2060}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{2220D6A7-7D91-4902-B026-FFB279C79125}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{23035B4E-267C-4658-85FF-3D98D889D9BD}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{23928945-E699-409C-B954-526E970845DE}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{23D3523D-55D0-4256-99A3-73E938AD4C7D}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{264EC57D-969C-4228-B109-1645B1ACD2B6}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{26E38E3F-DCE1-4823-B6E3-F4711A4C400F}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{27F42C1F-24E1-493C-AFDD-E656012A64D0}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{2834A5CE-798F-4E1C-A938-BF2B70ACB67A}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{2A02F02D-1FEB-4668-BB96-77541C6DACF5}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{2A3233E5-BF4C-429C-AA15-03B187779735}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{2B7DCC29-068E-4432-AC63-98A783549B1F}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{2B882C65-5792-481A-BEBF-1B9B908992A7}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{2BED4228-075C-4115-A62F-E7BD63A27B85}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{2CDB0B34-6E7C-4E54-AD78-FAFC80C01DCA}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{2D2F4DA8-9348-4B38-A8B0-4B422A8278A2}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{2DD949F5-5B97-45DF-A982-9332DB4C73F1}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{2E383564-1958-431B-B900-A649B588C9FA}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{2EECEF70-6C4C-4806-9D55-5DAF20626FDB}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{2F3FBF41-D94A-4527-A109-FC368E34E363}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{2FD95E27-04A0-495C-BC9B-5E385A0D02C9}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{3002FB76-7FFF-40C0-A605-89E6EA54F545}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{30CB6934-B9E9-473D-A967-463A290F92C7}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{31AF1D47-ECE1-44F0-BD47-773B64707503}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{31F5E9CB-2B53-4E65-A431-98C6809C21D7}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{32B686EB-B14B-4D63-907E-4B5ACA2810B2}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{32F806B4-C6A6-442E-9EDA-BF27BDCB7206}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{3419A1B9-A2A6-46A3-9012-F7EB8363B77E}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{34F157B9-B2E7-4B3A-A357-82F7FCCD2C1A}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{355348E8-52A9-47B0-8C3B-3A5F89D55184}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{360FA354-7CC9-44A0-AC9F-037F1B02FBF3}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{36D43DA5-BCD6-424B-A836-19E0AEC3E0BE}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{3753D025-40D5-4E6D-B882-A65C6838C347}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{377A1771-C008-4049-9139-0F5D70B7658E}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{37CA1B53-8B56-452F-8645-13A66DEF3596}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{38750977-7AF6-4095-A438-82CB1D560BB1}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{38B0E695-72E4-405A-8CF3-3992D685C3F7}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{39217FD7-591B-41B8-80DB-615396D549CF}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{39C51D0B-74A4-4116-BE35-2A66EE2DD700}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{39D7130C-69FD-4CF4-AB7E-F47E14F97D07}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{3A060ADD-360A-49EC-A229-21906C434947}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{3A55687B-89D6-4532-98E0-62339C700A45}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{3B0209C7-8BFF-4900-890E-474087C4AE72}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{3B918D29-A28F-46FD-B666-3490AD57D6CB}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{3BEDBA58-C684-400C-A0D2-7B19ADCBEE01}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{3C371022-7E3E-495B-B44D-F7F2C35C7AD5}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{3CA59BFE-7FC3-4817-A991-CF2FC27109B4}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{3CC8D5B5-FADF-4A6E-B0BB-B75F4EE44FA4}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{3D33E5B3-1167-437C-9800-B6093FF177D6}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{3D79650F-FD3C-4619-9D1F-7720BD16F3F3}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{3DC37A7B-8EE8-4099-AD5D-9516408A0CB8}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{3DCFFF88-D89B-4F86-A12A-5FC02D89B358}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{3E02497B-673E-4F1A-B80B-A1B95B0A7C1F}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{3E724570-5B2D-43CC-A692-92D39DAF685D}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{3EFEF977-B4BC-4C96-8EF7-4D1C3EFFE72E}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{3F574624-53BB-4CC4-B11C-9624DEF5D917}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{405C4F48-EBD4-4C6B-8EAF-2E858DDE59CE}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{40698445-048D-48EE-9CFD-53AB99291A9A}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{4157286B-57D8-4DDC-AA32-61DC8691AD52}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{416B55CD-945A-4BD2-855B-C2281120C960}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{416E5AA1-F326-4615-A8A5-65CFDC51AF40}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{4179EB07-FE80-4579-8A89-36C1922339AD}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{41B098EA-0E3A-4A00-BA01-BC38F1EA662A}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{42AB52C9-E699-486D-BCA7-B68339DB2094}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{42BE6574-6690-48EC-B70D-C29F68626947}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{436BA5A4-6FD1-4FDE-82BD-948F0B559223}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{43D3907B-65C2-4F31-9F54-1BCEA5B651DB}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{44C901F5-2746-489A-A521-5EDE4EA67D89}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{459A5A5B-9927-4A6E-94B3-C6C0A2F3832A}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{460A5F0D-45E4-4C5E-AD14-D1254DB0769C}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{47031419-17E6-4B03-9A98-DCF584FB87C1}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{482E832B-5431-47D9-96E8-20055875E4B2}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{495A72C2-8ECE-4D49-A1B0-380E1D69EA4C}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{496865EB-3915-4D7C-A5BA-DAF7F9B1A345}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{49E6121A-99AF-4A48-A2BF-DA5A49EB5D42}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{4A866298-8332-4373-A0D5-7CAC7EB5EA6D}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{4A94EF8A-36C0-41DE-A6A7-036297FE3D28}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{4B18A176-40DE-49A9-887F-46E956232384}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{4BE29E3F-147C-4626-B19C-9995CA66342E}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{4BF67F8C-C52E-44D7-B31F-5558CF15C322}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{4BF73D91-F811-4DFF-85DE-1E9F88C82B1A}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{4C973DF7-43A3-4541-8084-2EAF192CFD9E}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{4CE2BE2A-13C6-4352-951D-DCC7C50D8AC8}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{4D66EC16-CD4C-40E0-9DF2-0990BFAAE233}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{4DF586F3-2C54-497D-9678-1607B6EF33EE}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{4E85257D-E51C-4FC0-A43E-8FBAD651FAAE}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{4F5F0DEE-4BC8-4A2B-AF20-0663A03E48E3}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{4F7C0797-3BC4-407C-B6F9-D4BCC7AE80C8}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{4FFD2A7A-1097-4D02-9194-C3414BF39ADC}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{504ABA5C-6AC3-4A72-99F7-2928998D3649}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{5068647F-6E5C-4116-8B1C-80ECDE880D57}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{5137D952-AA13-4A8B-B058-8B14D72A355E}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{51CA09AA-9751-48B2-9CC4-253725609088}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{527E6678-31AF-443B-A0AA-1414E5AE1D21}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{529A4291-08CB-4CA5-90AE-347791C01551}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{52A46F46-0A9A-43B4-B184-D8CBB81F6EFB}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{52A9F378-EA81-4123-ABA9-66A10481E325}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{5306E142-6945-441D-93CE-D3180F496FEC}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{530DFF4A-73B2-46E4-A3DB-DA03375E4BB5}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{54673140-DC17-47D9-9CCD-ABCAD70AC569}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{5477B890-C0EF-47F4-8B9D-A532503ADAB0}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{54A7059C-D782-4327-A42F-2E721C5BE4C7}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{54E97681-72E4-4B4A-B58A-3B5ECEE95622}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{5507219F-02F3-4C7F-90F0-2085C63F5DDD}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{550B18AA-CDDE-4B12-98EE-44D56DAEF9D1}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{5510F52F-0742-4419-9397-37B5B9306E9D}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{551B7586-77F4-41DC-BE13-20CCEEABBF92}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{55452AF9-27F5-41BC-A3CB-0EFCBFD58F87}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{55E136AA-9640-4AE4-BEED-87ED46E51222}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{55F75E75-8F30-4840-9B2E-2FF0A924C3DA}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{562DF8AF-335B-40C3-BE01-7A0A0D2EA5E0}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{5643F891-6627-4121-A046-A71DD6DCF4D1}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{569C8A77-1F46-4BF0-A650-70E68252DA4C}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{56A99982-1340-4E11-98F5-7BED28323D65}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{56E6F38D-4024-4104-8550-DD8B0B99E430}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{571D8142-F69A-4A95-AB7E-BA4B1E76C948}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{58071FD9-0F11-48C1-BB99-78449D54D736}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{58D9D34B-725B-428E-9B93-3B309EE02908}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{5B13FCFD-EA6D-4C94-A6C5-E0B981C3CB27}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{5BBE50BB-F3FD-4FEA-B5AC-19D30E0A1D94}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{5BC08D60-7C82-4BF8-84EE-D0FE70623748}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{5BFFB791-3952-4B88-8F34-E6366F63A15D}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{5C450787-CEB7-4F15-8F38-47EE6EEDDFE1}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{5C7DE315-4008-4D4F-A7AF-990EEB1629D7}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{5CCB7E2E-1148-45EC-AF26-688752CD1E14}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{5E2AF51F-A315-483E-B3EE-1D79F8885901}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{5EBE1731-7E0A-42E2-A417-C6BF341E74DD}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{5EE58392-CB68-4530-9D56-CCF007B7912B}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{5EF6B21A-16E4-4FD8-964C-76253045282D}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{5FEACCF9-EB88-4A09-94F9-BA41CF534EAC}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{602FE547-C1B7-4C1F-85A0-4BE444DA9B3D}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{603A0B59-BE0E-406C-B994-9B9FF7407D9A}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{60815CBD-8EEA-4974-8D0A-330D463A6075}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{60D537E6-7D67-4F69-8036-BA6457B538DF}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{616F06F0-4BD8-4744-9A1A-FDC5D7F98AF5}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{61ED8788-D39E-4DB7-A9B7-FE6E8B6E9002}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{622E886E-1DDA-453B-A20B-5C557EC3D7C6}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{62686CF2-F2C1-4B45-9700-7527789B1504}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{62790457-FAD5-47FD-9ADF-FB5E7E75E730}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{636B6BD2-D0A3-411F-B102-79783CAE43B7}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{64123296-520D-4905-9378-E5967671B189}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{645D0EC0-B3EC-4DB1-BA6E-C5CB13B9C961}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{6517A22B-7146-4AC4-9628-EB398D9DE403}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{65D0B8D8-6900-4CA1-BF2F-FDD2BFB91D80}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{65FDB815-30E4-40BC-A5CE-4210AF24DAC4}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{6657938B-90BC-481F-BD90-2507BF783938}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{6666588D-B651-4726-B9A1-705869F27B3E}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{66BA290F-5E84-47E7-921E-18B5C4E4FDD6}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{674A6F88-1499-46DE-9CFA-7CA5EA0F075A}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{67DCF49E-4F91-45C0-98E6-551416648F25}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{684E4686-B765-46D9-9A6C-8191DED373E1}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{689C4C89-A43A-4321-95F1-8C95708B6A15}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{68C32BE6-A2EE-4D52-8034-C7E75855C7EA}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{68E1124F-2D0B-4010-846D-54C025B54FDC}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{68E2A257-C0F0-413C-9BBF-B971736F4D95}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{68EE63C4-3956-4B08-BD3C-3CA2E16814A4}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{6B9C7A31-7E66-4338-8387-00B863D855E7}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{6BA4A30B-2C3C-4118-B3AF-B80274348C55}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{6BB58A88-023E-486A-9316-2D2A43AFE386}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{6CB626F7-BC44-4D9A-9A44-905FF17C5AED}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{6DBDE254-DBE7-4FA2-BBC5-D2E718AD5AED}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{6DEDB5C7-8A19-4073-9355-EAD3B9E0505B}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{6FA2B152-BDC1-4BF5-B636-097EB226B13B}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{70045E14-24B1-4750-B706-EF4BAE58666C}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{70117D3B-ED51-49C5-8305-1A4327C60676}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{70360872-257A-441D-AA36-199CA42D70C3}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{70D60CCF-1336-4DBF-87B3-4B6F1EE114F7}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{7118C4A4-E81F-4D78-89B0-2DC76DC6E3E2}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{71444230-0D1E-4659-B6D2-9E0D503C3053}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{7152CC87-7EF7-4FD2-BF2E-AF8D70EB2C8F}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{7172347D-BE75-4DD4-94CD-0098FBA8262D}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{72291A39-7AFB-42B9-A489-050D689547BA}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{735D89F0-A94A-4D7F-BA23-5525738A5AD6}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{741C8312-5A85-4BA7-9C6E-6977942A8331}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{7550FFFF-F49B-4239-B893-493BE4B49981}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{763C1194-CE17-4DB2-AB68-75AACB3D0173}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{7789E790-5C33-45F1-A444-FBF79824ECDF}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{77ABCBAC-0921-4B8E-997D-A53C031B5AB4}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{79A9BF6B-95BF-4989-8D29-D87FD11D6123}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{79DFFC9A-57A7-4859-BFF2-7B25F2E9C4B5}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{7A93CC24-9979-4B77-AA74-F11BB4ED6E1B}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{7B0ED00A-D8C8-46D4-8762-8DD059C8FE56}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{7B4B9546-B6B9-4D6D-9E55-7824B06CD9A8}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{7B752A34-CD2C-4FD4-A743-2C9876960B93}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{7CF8CD54-F422-48EC-8B6F-BF83E7FC961A}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{7D404720-7408-43BB-9E45-43BF455B6554}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{7DDA2FC4-0985-4A91-99C6-07607A6D790A}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{7E5AABB0-E623-4808-A628-32D34CD424E2}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{7EC02246-7B06-452B-8C22-45F372AE9F71}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{7F476F14-F036-4779-902D-3D42AF329ABD}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{803ABF98-9BD4-4403-84C8-953C692DAF22}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{8090CBC9-DB84-4928-843C-66CC79568BB7}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{81AF8727-E3CE-49B9-B85A-95244C519246}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{827584E0-D5E2-49DA-A747-28B4C9FAE4EE}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{83A8A2F7-79FD-4A82-90BF-D5DF9FFDA580}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{83A93379-7D06-4643-BF57-357F46F422B0}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{83B1F412-3B2B-45D6-BD1B-A879B0587364}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{85619D51-9CAC-48F4-9700-0C2D4D94EB85}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{85B5E664-BC20-4072-ACC6-0B9CB800818E}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{85BC5420-4D93-40D1-AC1A-CB860E641A68}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{8630961F-3FCD-46DA-90B6-C1813B64769E}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{86565939-5E28-4CD6-9AE7-3C735BEF9A08}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{8678482A-2B8E-4DDA-8306-8E2ECEAC8B9B}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{86A52912-16CC-4B52-BD75-865A7071006B}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{87B5AF55-42AC-4426-9C7F-8516A70D7293}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{880CC407-D89F-4552-BD69-EEA06180A0AD}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{88917AAC-C920-41C1-8BB7-56CA22011E61}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{89293D90-3B36-46EC-BA6E-064F5E1E75C8}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{899613FE-7A4E-4EB2-8E11-632C68D6E330}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{899A7D9E-DABA-493D-B29A-06E8AA8A17ED}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{8A3F9D43-D5A0-44A4-9FED-7DA07D4142A6}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{8A4C415D-07EE-46CE-83F8-70311C7302BD}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{8AC2449E-0B44-435F-89FA-3575642BBD90}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{8B780B54-3C95-4710-9DD9-6F39E706E9E6}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{8B819CD4-4441-4D59-BC05-AA8D01FD5B21}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{8C4B5FA2-2234-4A29-A7AD-E0DA1F1BFE6F}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{8C503208-4522-444F-A810-3AFAB4A375E1}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{8D2C5126-1923-474C-85E4-BE3A7E2C4A82}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{8D56FFB4-8F68-44BC-B8CC-7020DDF9B97A}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{901B55EC-EF8C-45CC-9839-64C5C72BD31A}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{905C8E0B-8913-47DF-8E2F-A5794D518932}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{90B88A0B-9EFA-4E08-B133-2A783F59E145}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{91BC7E79-33A1-4CEC-8F76-11A5DE7AA030}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{9269A834-5626-40E3-85FE-3502E716718D}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{927E2124-7070-4331-9311-F4868216C480}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{92B79DA7-F0B5-4537-8E1E-2BBCAD9956DB}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{934A1DFD-C70B-4272-AF42-E2A86A52B6E8}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{935C861B-EC1E-4EB1-96CA-7D624FD7F93A}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{9447CBFF-4097-4BFA-A38A-57F31F5CD11A}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{9449AEFE-0D84-4BD6-B3AF-BE457AC56B6D}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{94E71792-0D44-47CE-BFE0-6C0F0536ED73}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{9556237C-E3DB-415D-B85A-AD26B660CB28}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{956BFD02-888E-42A0-9246-F79EDF55E1A3}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{95799CE2-9074-49C5-97FE-94FE859DC5E8}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{95FE0686-184A-4043-9671-995C057DC096}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{967DE982-304D-49F5-A134-AD9780AF72AA}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{96B13B68-3ABE-48A4-AAD4-3A0A3DD80569}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{9752591B-8741-448B-9E90-C25491DFCC45}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{97C13BAC-F7FA-42B7-A95D-C3E977A70B5E}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{989D30C9-3F2C-4CB3-B554-367F620C06F4}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{98C94B4A-CED0-413D-A07B-4E409C72FEDF}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{993C38D3-8961-4FAB-A718-5FE066C8D00B}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{996084CE-2E04-4683-897E-6CB8184BB23E}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{997BA947-78E0-4963-8C5D-D1AC19AFD76D}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{9A1FEA1E-88D2-45FC-84A6-B70FE2D3D9DC}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{9B2C7075-D65B-4BD3-A37B-D5473DB3234E}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{9CDCA4DA-A8E2-4196-8474-2B81921FB762}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{9D62D602-DF14-46B1-8698-4624E8FD9657}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{9E05CC67-D9D9-41F8-9489-3B370EEF14A8}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{9E7F08C9-9047-4641-8234-5955F3FDB640}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{9EA17CCC-3876-4BF5-9B2A-1CDD56A30340}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{9F38FEA7-3909-4F6F-AF46-09B7796ED7AE}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{9F6A0C27-647C-4FC6-8CF4-B5EB0E9F8E6F}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{9F6D6542-4E29-4084-96CA-D7A6647948F1}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{9F887166-AD1A-4567-ADF0-9903E28F7CAB}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{A022BEC3-75C5-4AF3-BB9C-471DA6B9F362}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{A0304A90-CF08-45A3-9CAC-06AA097EE976}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{A0FC052C-27CB-4F49-B367-F2F773B3730F}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{A14FE7D7-BCD1-4D01-A618-DD39C3FFB6A9}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{A158F5EB-C31B-4D8E-999A-CBD826CDE212}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{A26F7BB9-B7E9-4EA4-89B7-6AD79E6CD4D3}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{A27D0BC4-FCFD-478E-9495-D177E2E34363}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{A2D7B12F-2095-4A4A-9D2C-4D1A27E4897F}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{A31FF1E0-AF70-44D5-AA1E-957076104EFC}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{A366B8A2-C714-483C-B9B5-1A0C4EE0D2AE}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{A3A92321-9A43-4FC7-A4C4-9E26228E0AA5}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{A3BCC3F2-B576-4C58-99D9-2BFF47F929CF}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{A40F31EC-06B9-4248-9920-BE3190F51B7E}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{A466F8A9-AA89-4ABF-A923-84C7BA8989A0}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{A497AB53-500E-4DCD-9562-0B1C732D3D02}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{A5A0FC36-A930-4FD0-8530-A49F137ED10D}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{A5AC8B85-0F18-4829-94E8-8CBA98871A18}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{A6295292-784D-4D4B-A07F-777554E31818}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{A640BC48-273F-40B6-924F-AFE775FC2879}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{A66E91E1-A241-4607-A832-D3BA6565364A}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{A684FDAA-3103-46ED-A397-96F4C93FC473}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{A6A0C484-5771-44E8-B11C-9F98C023B77B}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{A77988A6-00FA-4F9B-90E9-5845D1FBAC86}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{A7E027DF-9F05-4040-B233-F6597DFF3FB9}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{A860596B-8E30-45CB-AC87-E3DEF7C09BA5}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{A8E8FAF5-AC25-44E9-9A0A-0790B7C3AD81}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{A8FAB050-D3DA-42AA-A14C-A482A94537D1}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{A8FBAC29-1DE4-4B01-9D88-C280206E6449}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{A8FFF3CE-7DC0-4D0C-A01F-60B8BB220387}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{A90B7318-0AAC-4D6A-B0C5-EC8717839ABE}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{A90FD8E2-45A8-4833-A6C9-71E389B71ECA}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{AAC2BDB2-410E-413F-8FB8-C35DE2B4C0B4}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{AADD28EF-FB1D-4964-913B-C13C1E516486}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{AB5E4684-E0E2-4949-8654-485C007C79A4}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{ABBF5EF3-9D33-423F-9F63-0DD16933F705}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{ABF85800-1F65-43E0-9A09-EF3EA5D8D4F4}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{AC717694-409F-458A-A69A-EE0AA6B1EF20}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{AD18843F-5E75-4913-81F3-F3FE09F11AE4}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{AD4D1503-E132-4D92-BEC9-5841C352191B}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{AD709B88-CE79-4B42-B1B9-06F7011BE470}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{ADABCD95-0721-4A1E-9EC8-2F41361FD053}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{ADFFCA53-B3F2-4622-92D3-867488705817}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{AE286DCE-A423-4209-8198-39D541A91713}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{AF1E3A8F-2482-46B7-A5ED-F75EDAF00AA1}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{AFB2835A-D73E-4624-9385-2F5AA43624F3}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{AFB5F7B2-29AA-4F3D-A907-CE48660F5A2F}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{AFF40B0B-C056-4240-926C-AE654150D5AB}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{AFFD6078-A89E-4624-9B1A-A5BF036707E9}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{B032A334-DC61-4DEA-98F2-B765C26F9078}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{B14AAF62-1A6C-491A-AB9E-372BF619AC71}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{B17DE246-8F75-4A67-93D0-0FDE017D5F53}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{B1E75C2D-D024-459D-A316-9A3F2F79B2CE}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{B1F22A47-DBFA-4FE1-AAD2-E52D9A8B8538}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{B26B6005-48F0-416C-AB63-05657B04989A}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{B38C8CB9-66E4-4361-B3AD-D70FEBA4A01D}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{B3E78DDB-A25B-41AE-8610-C057BECD94F5}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{B49C116C-95B7-45B2-929B-4136E1CDBC3C}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{B4BCC098-79D5-476C-B645-8DBA761D3F82}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{B5FC8DB2-B060-42D7-90DF-84433436F722}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{B6055141-0739-4D5F-B2A8-A2C3569E9462}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{B639A7FD-451F-4425-BF53-8BF55EE56DFD}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{B642F413-8C38-4E1B-A39E-B542E21A9F72}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{B670E8CA-6AE2-4F7D-B62B-5DF043A0DBE8}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{B6A9E034-0247-4B4E-A460-4574A41A783E}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{B7715F4F-3594-438B-B59B-B1778A19FC0B}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{B7894429-3530-441A-8985-B3D23004D10A}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{B7A95235-09F4-4078-8195-36F30E0F446D}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{B8E687A6-FDD2-4962-93AA-1101CFD5414F}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{B940882C-F651-4611-9EBC-139641CDBFD5}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{B9B55D28-C442-4219-8DE0-E44108C83C19}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{B9CC953F-6AE3-416E-90CC-B888CF268AEE}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{B9EF542D-D98E-4EF9-8290-C595DD572A97}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{BA33AFE4-C972-4577-8A07-B9221D72EDF4}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{BA3FB5F4-B70B-438E-A978-C4442A4C0E40}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{BA9CDA4A-4A9D-447F-8C94-14DBA1731314}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{BBE502A7-70BF-40D2-BF9E-58BCD9FD13C0}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{BC42BEB9-0AA3-4A82-AD11-280FF3444365}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{BCA9480D-77DD-44E0-936A-CE6002C26AF0}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{BD30747A-032D-4870-B395-18ADB19AD7BE}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{BEC5C4FE-5B07-439C-A7D4-4355E50EB74B}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{BEE18430-DAF7-4A77-9593-1737CF80F5D7}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{BF401052-59EA-43AC-8116-CD144FD23120}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{C01A302F-99FC-44EA-922D-A8F2C2A9C171}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{C02B4233-A085-4A38-9891-AEA307426F64}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{C0662A13-E96E-49B4-B368-2DDE8690BAD9}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{C0A3D401-D193-4B2C-AAE7-99DC9CC7E36F}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{C1108B80-DDB6-48C2-9350-BC4651DC56D2}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{C176783D-B9D0-4AB2-A39B-A0A51D8CC743}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{C1E837A0-B7AD-4BDC-8889-566C6DA293FB}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{C3439422-F4FD-4F54-BC49-4F00527E9C0D}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{C3D93858-035F-46F3-9095-D765E7DA909F}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{C3E5C653-F731-4C57-BA96-E7DD17050DCB}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{C48F7A4F-7DFF-4774-B95F-87F0AAD6F37D}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{C4C4CA96-CDD3-4388-8F6A-8761C8FA7FC5}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{C5D870B6-E930-4BB5-9816-EDB63E8E3009}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{C6507737-6644-4A3C-9752-23034C7BF0BA}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{C6DBB482-073D-49EE-A07E-5A56B80240EE}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{C717E753-ECDD-4497-BF40-16315485F881}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{C746BBFF-7820-4648-B1F1-9133A76ECC5F}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{C774D8B7-13A6-42FB-8829-BC5C53619E91}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{C789A497-21F1-43CA-BD82-5D76DD126BC8}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{C7D0FAFC-0714-445E-ACE9-5042CE2ABF93}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{C8071C4C-3D8E-4573-B534-F46A1FE67511}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{C838F49B-DC47-4B74-874A-71A85FCD9FBF}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{C86F3120-4398-46F4-8EA7-CC49086D8C49}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{C896144B-0F03-4D5C-A8B1-721CF1D52B28}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{C95353C6-8824-47E6-A7F2-CC792FF4C490}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{CA1C9F42-ED28-46DE-A9EF-16E8DD57878A}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{CA404C69-6104-402D-B909-F07D10D84691}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{CA4A95E4-99D4-4ECD-9AFB-6F93748C8B56}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{CAB26D18-8A4C-4A72-B48B-EE6921495494}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{CAFADCCB-283D-4499-9660-E98693ABDF63}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{CAFC865E-B9B0-4FC3-B573-F9713F236F30}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{CB5CDD97-CB5A-4507-A25D-7F8DE3FD58B7}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{CBBBDDB2-2F00-4902-8C7C-BE97965C77EE}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{CBD1EE05-FC71-4477-BF1C-4224B00B3A52}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{CBD68F28-8169-48BC-86B6-A606C808B0C3}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{CC2C2901-9CEC-448F-8581-F4F61FEA7A27}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{CC2E382A-3E3C-4D84-87F0-361CAC2D09DC}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{CCDFD920-3249-49F6-8458-32031AD62365}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{CD813199-4FA8-42CD-A1F9-CCC3B9E7A0C9}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{CD87D304-58A8-4647-9EAF-2344658DC76A}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{CE749347-A9CF-4426-90E7-9D3C587D8B77}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{CF026564-75BB-41BF-BB74-C155F4518308}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{CF918D58-E5D4-46D5-A97B-D1E985B79D55}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{D019F54E-9084-4BE4-8501-60169609C532}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{D04CE3B4-1EE9-4593-BC12-03E3DDE9B648}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{D058781F-C6CD-4241-8D42-F33DC83AAD39}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{D071226A-F908-49E0-BFF1-9FADFFB20A74}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{D0C5A907-388B-4E56-825C-2706E6B3148F}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{D1AD15AB-4E1F-41B6-8B03-3E245C1072D4}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{D22CE282-6C4B-4806-955A-96EDC06D1310}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{D250C12E-F085-4872-80E1-EAAA53DE57EE}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{D26CA6D4-6760-4E0B-89E3-31E082778A58}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{D2BF1DC5-8BD8-4BD0-97BE-CC37CFB70462}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{D357A2A9-36D8-4EDA-8654-7B4378EA8FB1}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{D3C82A4C-E48F-45F1-BEBB-6DE055CE6188}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{D3EA421B-9F5D-42DC-B136-2DAE5D40501B}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{D4292F43-1A4F-4935-9B05-8865EA383A81}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{D52E6926-91CE-46D1-9B58-20D98C6461A0}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{D542EE6E-329C-43EB-ABB6-47DC0C219D9E}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{D5831F13-C387-4824-8D64-89EBAF695B31}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{D664B672-A992-494E-AFD5-12A7EAF57ACB}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{D6F3269B-D01D-42E7-AC43-E25513BF5122}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{D78DA26D-4E00-4E15-8280-C238BD259673}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{D7B068B0-583B-462F-A27D-11CDC39D541A}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{D7B71B74-2B55-45E6-B778-66CCC928AFC6}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{D7EBC963-832E-428F-A712-D7DF35AFF3D4}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{D7F11143-990B-42D4-846E-66FC273B9CC3}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{D8935924-8E34-4522-A1F1-9EA499C57995}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{D8A21D7B-C5D1-4326-A898-484CE24968F0}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{D8B9CD83-FF12-4EB7-9779-0FA538612D4B}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{D93A0DD7-5DC6-4226-927D-E5ED861C6EDE}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{D9B85905-2F68-45A1-9722-AC4E28A2DB72}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{D9ED7CC3-BF3F-4D1B-884E-DA5E6483B495}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{DA60D29D-42CE-4677-84F0-BA0C44A2568B}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{DAB8C893-5890-4583-A3DC-ABB371693850}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{DB996C8F-82B8-4E3F-AD85-B4D0A365EFD6}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{DC295542-56E5-48EE-B331-0E4675D2C8B3}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{DC61CBC0-C85E-40FF-B630-41261A477F40}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{DC9407E6-4315-4B70-95D2-8FCAD1D3C9BA}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{DD181A80-AE07-40C4-94EE-5F13B234F8CB}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{DD19E6B8-0DC3-464E-87CA-96E95801E877}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{DD8BC825-072D-458D-AF79-D4C062BA7B29}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{DDC929CB-2A3B-4EA7-9C8B-AA366B32D7BE}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{DE25BE3D-8059-4C41-BF72-48B0090AB200}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{DF06B03F-32EB-491D-8A36-B9F34A4D1A2B}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{DF331B22-72E8-4B0A-B83D-D413EB1610E8}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{DF66552F-A709-4E46-BEB6-349D3943C4FD}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{DF7F32C2-FBE5-464A-8D07-EADA9298B261}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{E0ABEDF6-F403-4616-A6FF-CF51F230ED8D}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{E1771EBC-2B17-4B50-9610-35C210AD665E}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{E1822FF5-E615-4ACC-B502-21D79C363F5D}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{E21A2ABB-0FE8-4EAA-8DAB-6C65BA597872}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{E26ED506-27E8-427D-8DF3-A66AC47DD1EB}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{E2D15E00-C19E-4060-880A-06C5D370F127}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{E3FFB5B7-99B7-4B54-97E8-6F971478FD54}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{E52256C3-E89A-404D-A260-1D91E33A9E13}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{E5DE3CEC-22B3-434F-BA63-6633A17404BD}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{E6298E59-6962-4DCC-B02E-1FC12EB26879}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{E65E6E2F-D868-4A7A-A119-D46316B8A1A3}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{E6AAE138-A726-4E5B-AE85-5BCB8740ECB1}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{E6B42CD7-4687-4D97-9D45-0909564E4C54}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{E6BEDF4D-E9C0-48C1-903F-35EED4A44A89}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{E6E87217-F0C8-4AE0-90DE-AC0AB8D9BECF}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{E6EA90E7-B75A-4119-BC4D-B15F8C2FD1CB}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{E707E742-6629-490E-8DD4-9CFF35294A1E}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{E723B0DE-41F5-4CDB-B494-5FA073865A12}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{E91F7687-7E4D-4D29-BF46-093791412CA5}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{E96AB932-A105-452B-84E8-C856347B0BFB}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{E9A6B727-0F70-4B4B-8E7D-4783CDA00381}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{E9BB5B23-8811-4F41-A7A9-1056A781B4B8}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{E9E16516-C42F-49A1-BE30-7C27CB3BA2F5}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{EAFCDE01-12D3-4A44-8CD1-4F5635D1D130}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{EB9E3896-83D4-44BA-A80C-E55218119D9E}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{EBCF85F4-F651-4B2A-BB88-18AC76B4BBA3}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{EBDC7F8B-FC8C-4D87-9841-AC971C3FE22A}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{ECD469F5-6501-4A88-A8CD-EE04DF5BB2F6}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{EDA487FE-37A5-4251-B76A-09A79C17E0FC}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{EE0E839C-A20B-4629-85C2-02EE4E13C0F9}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{EEB2AF31-1B8D-4BB7-BDE5-C9D9FBA61885}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{F020A436-C034-49B1-B4A7-1E02CFD1755D}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{F0B9F842-E99D-4C69-A97F-C918DD4830B2}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{F0ED53AC-5A61-43BA-B20B-12BE9A475366}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{F0EF50F0-40EF-40A6-8468-C10DC17A6A51}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{F3A3DC70-AF8A-46EE-B112-3663262E4934}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{F798D6E2-E30D-4A38-A9AF-D7682C890D4E}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{F85DCFDA-3515-48D8-A430-614D90C4D697}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{F88BE96C-50F5-4A20-AA91-D944E53F02E9}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{F890DE03-E9EA-40D9-8434-F13B2E9CB562}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{F89C39E9-8E56-4F15-AB3C-B7F35194E069}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{F8FCFE22-8886-46DA-B1C3-4B5E49616862}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{F96CDE3E-E275-4564-8CCC-CD3AD451306E}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{F9DAEFDD-197A-43D3-AB7D-1904C84F8741}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{F9E89EE4-E9E7-470A-9986-44DCBDF8DBBB}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{FBA9B7F1-5EB0-4D99-8E65-CBABAC4CC4AF}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{FC2D45B2-5C5A-4804-8E15-CFC89033C09C}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{FC690DCD-0A75-4C26-8C8E-01E9505B7BBC}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{FE0C627A-7120-4E69-9DBB-1A9395180393}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{FE178A9B-69EC-438A-8B86-E93DF7B5B586}
Successfully deleted: [Empty Folder] C:\Users\lili\appdata\local\{FE23E2B3-90FD-4BA3-850C-E1F53FE1AC
0
Réponse 8 / 44
lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 18 septembre 2023 3 804
15 nov. 2013 à 20:26
* Télécharge ZHPDiag (de Nicolas Coolman)
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html ou https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/

* Au cas où le premier lien ne marcherai pas, clique sur celui de dessous
ftp://zebulon.fr/ZHPDiag2.exe

* Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.

* Surtout, n'oublie pas d'installer son icône sur le bureau l'icône est en forme de parchemin
https://www.cjoint.com/13sp/CIvuQfap3YY_zhpdiag.png

* A l'ouverture du logiciel il te sera proposé deux options "rechercher" et "configurer"

* Cliques sur configurer

* Options puis tous

* Clique sur l'icône représentant une loupe + (« Lancer le diagnostic »)

* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette

* Pour héberger le rapport, rends toi sur cjoint.com
* Clique sur choisissez un fichier va chercher le rapport dans ton PC.

* Le rapport est sauvegardé dans C:\ZHP\ZHPDiag.txt

* Une fois le rapport trouvé, sélectionne le, et clique sur Ouvrir

* Choisis le type de diffusion(je te conseille privée 4 jours il sera détruit)

* Puis cliques sur créer le lien cjoint

* Une fois que tu auras obtenu le lien copies colle dans ta prochaine réponse

* Pour t'aider http://www.pc-infopratique.com/forum-informatique/tutoriel-heberger-rapport-vt-67934.html
0
Réponse 9 / 44
sonic83 Messages postés 27 Date d'inscription vendredi 15 novembre 2013 Statut Membre Dernière intervention 30 novembre 2013
15 nov. 2013 à 21:44
~ Rapport de ZHPDiag v2013.11.14.33 - Nicolas Coolman (14/11/2013)
~ Lancé par lili (15/11/2013 21:22:25)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16736
MFIE: Mozilla Firefox 25.0 (Defaut)
GCIE: Google Chrome v31.0.1650.57
OBIE: Safari v5.34.57.2

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_COA_NSLP channel
Windows ID Activation : OK
~ Windows Partial Key : 2J7QR
Windows License : OK
~ Windows Remaining Initializations Number : 5
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
Computer Security 12.77.101.0
Pack Sécurité v1.77.243.0
Pack Sécurité v1.77.243.0
McAfee Security Scan Plus v3.8.130.10
Windows Defender W7

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer
Tuto Emule1.0.0.0

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader XI

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 6, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4095 MB (52% free)
System Restore: Activé (Enable)
System drive C: has 607 GB (66%) free of 918 GB

---\\ Mode de connexion au système
~ Computer Name: PC-DE-LILI
~ User Name: lili
~ All Users Names: lili, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\lili\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\lili\AppData\Roaming\
~ %Desktop% : C:\Users\lili\Desktop\
~ %Favorites% : C:\Users\lili\Favorites\
~ %LocalAppData% : C:\Users\lili\AppData\Local\
~ %StartMenu% : C:\Users\lili\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 607 Go of 918 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 14 Go)
E: CD-ROM drive (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.9706C99DAEBE3FEAC811B239617E98C4] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.12/10/2013 - 09:45:20.) -- C:\Windows\System32\wininet.dll [2241536]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 5/2583
~ Mes musiques (My Musics) : 189/2067
~ Mes Videos (My Videos) : 1/94
~ Mes Favoris (My Favorites) : 1/41
~ Mes Documents (My Documents) : 1/2248
~ Mon Bureau (My Desktop) : 1/744
~ Menu demarrer (Programs) : 1/30
~ Hidden Files: Scanned in 00mn 06s



---\\ Processus lancés
[MD5.2DC64A3446C8C6E020E781456B46573D] - (.Microsoft Corporation - Tablet PC Input Panel Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe [10240] [PID.1752]
[MD5.78A724720BE21AE29FF70AD3EC77CFE6] - (.Analog Devices, Inc. - SoundMAX Audio Settings (32-bit).) -- C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe [3862528] [PID.2132]
[MD5.1A1E3B7B2A03F121D627B28362AEFCE0] - (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [966656] [PID.2160]
[MD5.4AD13EBF04EDC31B2C3D5F8E2338F2F4] - (.OLYMPUS IMAGING CORP. - OLYMPUS ib Resident Program.) -- C:\Program Files (x86)\Olympus\ib\olycamdetect.exe [93360] [PID.2176]
[MD5.44E31B7CFB3D6A1B067AE47275954E0F] - (.Hewlett-Packard - HP TouchSmart Calendar & Notes.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe [26928] [PID.2312]
[MD5.8EEFD0B92F46B6762A5EC41EF55F7043] - (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248208] [PID.2992]
[MD5.A4159CBC4FC1EC188948DC5E65DF5150] - (.TomTom - MyTomTom.) -- C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe [455608] [PID.2680]
[MD5.D6B3AF9E3CE610B69AB1D38262DAE833] - (.Plex, Inc. - Plex Media Server.) -- C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [2699344] [PID.2808]
[MD5.B54921381A950C8215FB363B485C432B] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [270336] [PID.3284]
[MD5.037BA4C6B4A569B23FD2BCC5152E5CF6] - (.Hewlett-Packard - HP.CPC.TS.) -- c:\Program Files (x86)\Hewlett-Packard\HP Touch Screen Enhance Service\HPTSEnProxy.exe [65536] [PID.3368]
[MD5.940251B5F65443969ADC2A2597644D9A] - (.Hewlett Packard - FastUser MFC Application.) -- C:\Program Files (x86)\Hewlett Packard\Buttons & OSDs control application gen2\FastUserSwitching.exe [208896] [PID.3556]
[MD5.309C7161F58C75EE88B07F55CA858280] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [189736] [PID.3584]
[MD5.B6F6228AB545E2819A60C0D63A84E52E] - (.CyberLink Corp. - HP DVDSmart Resident Program.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [1148200] [PID.3696]
[MD5.29D6909817AE94A7D3DBDD46F1303720] - (.Hewlett Packard - OSD MFC Application.) -- C:\Program Files (x86)\Hewlett Packard\Buttons & OSDs control application gen2\HWManager.exe [233472] [PID.3724]
[MD5.512FB594263ED858FBA167DA3D24C5C2] - (.Hewlett-Packard - Keyboard & Mouse Battery Volume Detection.) -- C:\Program Files (x86)\Hewlett-Packard\HP KEYBOARD\HPKEYBOARD.exe [471040] [PID.3756]
[MD5.554A50B5310E702029D3A675459108FF] - (.Hewlett-Packard - hpsysdrv.) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768] [PID.3764]
[MD5.E8BF582DEDABD7BA6B87C9E802CCC629] - (.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [1152296] [PID.3780]
[MD5.A11F236C31EFDF0EA507C1A37E4A0EBB] - (.Hewlett Packard - OSDForm MFC Application.) -- C:\Program Files (x86)\Hewlett Packard\Buttons & OSDs control application gen2\OSDForm.exe [102400] [PID.4076]
[MD5.EC87FE6FC28C21AB9F41112234008522] - (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1314816] [PID.2648]
[MD5.FBDC0E172AA0D341FF0084A3DBFD00F5] - (.SEIKO EPSON CORPORATION - Fax Reception.) -- C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [502952] [PID.4012]
[MD5.635DFB2E71D6359E07977E74703ED47E] - (.SEIKO EPSON CORPORATION - Fax Transmission.) -- C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863400] [PID.3660]
[MD5.46D3D19A4745B67DCA6692AFAB0E136D] - (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912] [PID.4052]
[MD5.BAF535F843A3E790E04A7613811B55BC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.4128]
[MD5.A0F2C92F410EBAE832DFE507C7E4D6FA] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files (x86)\SFR\Pack_Securite\fshoster32.exe [188400] [PID.2372]
[MD5.5DF9D84032F52FBD736DA2AC6ABE860D] - (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSM32.exe [310208] [PID.4180]
[MD5.9921C2433D4F2CE89C17AC9ABD6E1D76] - (...) -- C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe [33360] [PID.5880]
[MD5.C416F1BBBBBFEB586CC319A64A1D5FBF] - (.Broadcom Corporation. - Bluetooth Headset Skype Proxy.) -- c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe [14376] [PID.6428]
[MD5.F16EEA6CCA9D8A7D1193AE80E43FBBC7] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe [168960] [PID.6652]
[MD5.8A9FACCB684500829F7D0BCC67B386CC] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe [559104] [PID.6712]
[MD5.883008A9B5BFF94A153D99DBA54CB5C1] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe [362496] [PID.6796]
[MD5.5397E32E882C0148CEC13D9EACFB7157] - (.Microsoft Corporation - Internet Low-Mic Utility Tool.) -- C:\Program Files (x86)\Internet Explorer\IELowutil.exe [222208] [PID.5784]
[MD5.EF01D104449CC654FDCF423C92BD8846] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.5000]
[MD5.2A43A30EF7FCFD1284F8C3318B784A68] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [18544] [PID.3036]
[MD5.CEED3CE0035F55A08EEEC34B5804723C] - (.Adobe Systems, Inc. - Adobe Flash Player 11.9 r900.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe [1862536] [PID.5788]
[MD5.A9B236A317FD2D8C9C9F43F33707667E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8216064] [PID.2044]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1808]
[MD5.30E3850F303EAE5C364782EA78579CC9] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624] [PID.1872]
[MD5.2928B8A09EFAB1E1919A8C8EEC8FBED2] - (.Hewlett-Packard - HP TouchSmart Calendar.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [21296] [PID.1160]
[MD5.45303CDBC1FD8F8D371E726BF126F771] - (.F-Secure Corporation - F-Secure ORSP Service.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\CCF_Reputation\fsorsp.exe [60352] [PID.2496]
[MD5.6D45DCE299CC7B52CDDF2A6DC26C7BBC] - (.Hewlett-Packard - HP.CPC.TS.S.) -- c:\Program Files (x86)\Hewlett-Packard\HP Touch Screen Enhance Service\HPTSEnSrv.exe [100864] [PID.2516]
[MD5.1658B96575182F53C0424586EC03B7A0] - (.F-Secure Corporation - F-Secure Gatekeeper Handler 32-bit.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Anti-Virus\FSGK32.exe [621608] [PID.2548]
[MD5.3CAE2BBC86FCF7F94C9696994AF30386] - (.Pas de propriétaire - PassThruSvr Application.) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424] [PID.2788]
[MD5.0765EE4A7A0D6609BF91CA2E4700E885] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [93072] [PID.2884]
[MD5.56C50689D22EEC7EB963665848BA6E1B] - (...) -- C:\Program Files (x86)\BuzzSearch\bin\utilBuzzSearch.exe [66336] [PID.3892]
[MD5.480F368D8AD18D57A0A9F4B562A00A84] - (.F-Secure Corporation - F-Secure Management Agent.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSMA32.exe [207808] [PID.5536]
[MD5.537F5AA8CD3AA0DDDA640FB55538FBF8] - (.F-Secure Corporation - F-Secure Scanner Manager 32-bit.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Anti-Virus\fssm32.exe [1162280] [PID.4084]
[MD5.56C50689D22EEC7EB963665848BA6E1B] - (...) -- C:\Program Files (x86)\BuzzSearch\updateBuzzSearch.exe [66336] [PID.5248]
~ Processes Running: Scanned in 00mn 01s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\lili\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 0 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.msn.com/fr-fr/
~ IE Browser: 16 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: BuzzSearch [64Bits] - {5cf5a690-c8f4-488e-9d20-f21aef602d41} . (.BuzzSearch - BuzzSearch.) -- C:\Program Files (x86)\BuzzSearch\BuzzSearchbho.dll
~ BHO: 11 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar [64Bits] - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
O3 - Toolbar: (no name) [64Bits] - [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Epson Easy Photo Print.lnk . (.SEIKO EPSON CORPORATION - Pas de description.) -- C:\Program Files (x86)\Epson Software\Easy Photo Print\EPQuicker.exe
O4 - GS\Desktop [Public]: Epson Guide réseau WF-2510 Series.lnk . (...) -- C:\Program Files (x86)\Epson Software\Epson Manual\WF-2510 Series\fr\Netg\index.htm
O4 - GS\Desktop [Public]: EPSON Scan.lnk . (.SEIKO EPSON CORP. - EPSON Scan.) -- C:\Windows\twain_32\escndv\escndv.exe
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: Google Earth.lnk . (.Google - Google Earth.) -- C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe =>.Google Inc
O4 - GS\Desktop [Public]: Help and Support.lnk - Clé orpheline
O4 - GS\Desktop [Public]: HP TouchSmart.lnk . (.Hewlett-Packard - SmartCenter.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\SmartCenter 2.0\SmartCenter.exe
O4 - GS\Desktop [Public]: Magic Desktop.lnk . (.EasyBits Software AS - EasyBits Security Shield.) -- C:\Program Files (x86)\EasyBits For Kids\ezSecShield.exe =>.EasyBits Software AS
O4 - GS\Desktop [Public]: McAfee Security Scan Plus.lnk . (.McAfee, Inc. - McAfee.) -- C:\Program Files\McAfee Security Scan\3.8.130\McUICnt.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: Pack Sécurité.lnk . (.F-Secure Corporation - F-Secure Service Enabler GUI Launcher.) -- C:\Program Files (x86)\SFR\Pack_Securite\trigger.exe
O4 - GS\Desktop [Public]: Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\Desktop [Public]: SP800UZ Manuel d'instructions.lnk . (...) -- C:\Users\Public\Documents\OLYMPUS\Camera Manual\SP800UZ\FRA.pdf (.not file.)
O4 - GS\Program [Public]: HP Total Care Advisor.lnk . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - GS\Program [Public]: Magic Desktop.lnk . (.EasyBits Software AS - EasyBits Security Shield.) -- C:\Program Files (x86)\EasyBits For Kids\ezSecShield.exe =>.EasyBits Software AS
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Optimize for Mouse.lnk . (.Hewlett-Packard Development Company, L.P. - HP Touch Optimizer.) -- C:\Program Files (x86)\Hewlett-Packard\HP Touch Optimizer\HPTouchOptimizer.exe
O4 - GS\Program [Public]: Optimize for Touch.lnk . (.Hewlett-Packard Development Company, L.P. - HP Touch Optimizer.) -- C:\Program Files (x86)\Hewlett-Packard\HP Touch Optimizer\HPTouchOptimizer.exe
O4 - GS\Program [Public]: Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\Program [Public]: Windows Journal.lnk . (...) -- C:\Program Files (x86)\Windows Journal\Journal.exe (.not file.)
O4 - GS\QuickLaunch [lili]: Apple Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\QuickLaunch [lili]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [lili]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [lili]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\lili\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\TaskBar [lili]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [lili]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [lili]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [lili]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [lili]: Adobe Photoshop CS.lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CS.) -- C:\Program Files (x86)\Adobe\Photoshop CS\Photoshop.exe =>.Adobe Systems Incorporated
O4 - GS\Desktop [lili]: HP TouchSmart.lnk . (.Hewlett-Packard - SmartCenter.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\SmartCenter 2.0\SmartCenter.exe
O4 - GS\Desktop [lili]: ib.lnk . (.OLYMPUS IMAGING CORP. - OLYMPUS ib Main Program.) -- C:\Program Files (x86)\Olympus\ib\ib.exe
O4 - GS\Desktop [lili]: Téléchargements - Raccourci.lnk . (...) -- C:\Users\lili\Downloads
O4 - GS\Desktop [lili]: Vegas Pro 10.0 (64-bit).lnk . (...) -- C:\Program Files (x86)\Sony\Vegas Pro 10.0\vegas100.exe (.not file.)
O4 - GS\Desktop [lili]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\lili\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 101 Legitimates Filtered in 00mn 02s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: Adobe Gamma Loader.lnk . (.Adobe Systems, Inc. - Adobe Gamma Loader.) -- C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - GS\Startup [Public]: BTTray.lnk . (...) -- C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe (.not file.)
O4 - GS\Startup [Public]: HP Digital Imaging Monitor.lnk . (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe =>.Hewlett-Packard Co
O4 - GS\Startup [Public]: McAfee Security Scan Plus.lnk . (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
O4 - HKLM\..\Run: [OsdMaestro] . (.OsdMaestro - On-Screen Caps/Num/Scroll Lock Indicator.) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe
O4 - HKLM\..\Run: [SoundMAX] . (.Analog Devices, Inc. - SoundMAX Audio Settings (32-bit).) -- C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe
O4 - HKLM\..\Run: [IntelliType Pro] . (.Microsoft Corporation - IType.exe.) -- c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
O4 - HKLM\..\Run: [IntelliPoint] . (.Microsoft Corporation - IPoint.exe.) -- c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
O4 - HKCU\..\Run: [HPAdvisor] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKCU\..\Run: [Olympus ib] . (.OLYMPUS IMAGING CORP. - OLYMPUS ib Resident Program.) -- C:\Program Files (x86)\Olympus\ib\olycamdetect.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (.not file.)
O4 - HKCU\..\Run: [Nero MediaHome 4] C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe (.not file.)
O4 - HKCU\..\Run: [MyTomTomSA.exe] . (.TomTom - MyTomTom.) -- C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIXE.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIXE.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [Plex Media Server] . (.Plex, Inc. - Plex Media Server.) -- c:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
O4 - HKLM\..\Wow6432Node\Run: [Buttons & OSDs control application gen2] . (.Hewlett Packard - FastUser MFC Application.) -- C:\Program Files (x86)\Hewlett Packard\Buttons & OSDs control application gen2\FastUserSwitching.exe
O4 - HKLM\..\Wow6432Node\Run: [CLMLServer for HP TouchSmart] . (.CyberLink - CyberLink MediaLibray Service.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
O4 - HKLM\..\Wow6432Node\Run: [DVDAgent] . (.CyberLink Corp. - HP DVDSmart Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Health Check Scheduler] . (.Hewlett-Packard - HP Health Check Scheduler.) -- c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Wow6432Node\Run: [HP KEYBOARD] . (.Hewlett-Packard - Keyboard & Mouse Battery Volume Detection.) -- C:\Program Files (x86)\Hewlett-Packard\HP KEYBOARD\HPKEYBOARD.exe
O4 - HKLM\..\Wow6432Node\Run: [hpsysdrv] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [ORAHSSSessionManager] C:\Program Files (x86)\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [OsdMaestro] . (.OsdMaestro - On-Screen Caps/Num/Scroll Lock Indicator.) -- c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe
O4 - HKLM\..\Wow6432Node\Run: [TSMAgent] . (.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
O4 - HKLM\..\Wow6432Node\Run: [UCam_Menu] . (.CyberLink Corp. - StartMen Application.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateLBPShortCut] . (.CyberLink Corp. - StartMen Application.) -- c:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateP2GoShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdatePDIRShortCut] . (.CyberLink Corp. - StartMen Application.) -- c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdatePSTShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [MDS_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [Olympus ib] . (.OLYMPUS IMAGING CORP. - OLYMPUS ib Resident Program.) -- C:\Program Files (x86)\Olympus\ib\olycamdetect.exe
O4 - HKLM\..\Wow6432Node\Run: [SoundMAXPnP] . (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Wow6432Node\Run: [hpqSRMon] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Wow6432Node\Run: [AppleSyncNotifier] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [FUFAXRCV] . (.SEIKO EPSON CORPORATION - Fax Reception.) -- C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
O4 - HKLM\..\Wow6432Node\Run: [FUFAXSTM] . (.SEIKO EPSON CORPORATION - Fax Transmission.) -- C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
O4 - HKLM\..\Wow6432Node\Run: [EEventManager] . (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [F-Secure Hoster (44996)] . (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files (x86)\SFR\Pack_Securite\fshoster32.exe
O4 - HKLM\..\Wow6432Node\Run: [F-Secure Manager] . (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSM32.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [HPAdvisor] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [Olympus ib] . (.OLYMPUS IMAGING CORP. - OLYMPUS ib Resident Program.) -- C:\Program Files (x86)\Olympus\ib\olycamdetect.exe
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (.not file.)
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [Nero MediaHome 4] C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe (.not file.)
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [MyTomTomSA.exe] . (.TomTom - MyTomTom.) -- C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIXE.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [EPLTarget\P0000000000000001] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIXE.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [Plex Media Server] . (.Plex, Inc. - Plex Media Server.) -- c:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @btrez.dll,-12650 [64Bits] - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- c:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] *.starstable.com
~ IE Zone Confiance: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{05DA647F-A88D-4573-8368-5AF6C5D7D69D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{85CEFEA6-A9F1-4F1E-BEEE-E16266337F69}: DhcpNameServer = 172.20.2.39 172.20.2.10
O17 - HKLM\System\CCS\Services\Tcpip\..\{EC6F2A62-420F-44A8-B445-6656C6CCBED3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{05DA647F-A88D-4573-8368-5AF6C5D7D69D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{85CEFEA6-A9F1-4F1E-BEEE-E16266337F69}: DhcpNameServer = 172.20.2.39 172.20.2.10
O17 - HKLM\System\CS1\Services\Tcpip\..\{EC6F2A62-420F-44A8-B445-6656C6CCBED3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{05DA647F-A88D-4573-8368-5AF6C5D7D69D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{85CEFEA6-A9F1-4F1E-BEEE-E16266337F69}: DhcpNameServer = 172.20.2.39 172.20.2.10
O17 - HKLM\System\CS2\Services\Tcpip\..\{EC6F2A62-420F-44A8-B445-6656C6CCBED3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Update BuzzSearch (Update BuzzSearch) . (...) - C:\Program Files (x86)\BuzzSearch\updateBuzzSearch.exe
O23 - Service: Util BuzzSearch (Util BuzzSearch) . (...) - C:\Program Files (x86)\BuzzSearch\bin\utilBuzzSearch.exe
O23 - Service: Power Control [2009/02/12 09:08:56] ({55662437-DA8C-40c0-AADA-2C816A897A49}) . (.CyberLink Corp. - Pas de description.) - c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
~ Services: 19 Legitimates Filtered in 00mn 20s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Windows\web\wallpaper\chp.jpg
O24 - Desktop General: WallPaper - .(...) - C:\Windows\web\wallpaper\chp.jpg
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [{5048E7A8-176A-4A81-A517-CBE272C872EC}] (...) -- C:\Program Files (x86)\HP\Digital Imaging\{B46AC30C-22D2-4610-B041-1DA7BB29EB57}\hpzstub.exe (.not file.) [0]
~ Scheduled Task: 15 Legitimates Filtered in 00mn 04s



---\\ Logiciels installés (O42)
O42 - Logiciel: BuzzSearch 2013.11.07.232809 - (.BuzzSearch.) [HKLM][64Bits] -- BuzzSearch
O42 - Logiciel: FoxTab PDF Converter - (...) [HKCU][64Bits] -- FoxTab PDF Converter
O42 - Logiciel: Yahoo! Toolbar - (...) [HKLM][64Bits] -- Yahoo! Companion
~ Logic: 191 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\BuzzSearch]
[HKLM\Software\Wow6432Node\BuzzSearch]
~ Key Software: 273 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 15/01/2013 - 10:52:47 - [0,049] ----D C:\Program Files (x86)\ALFANO_VUE
O43 - CFD: 12/11/2013 - 23:36:44 - [2,260] ----D C:\Program Files (x86)\BuzzSearch
O43 - CFD: 08/07/2013 - 06:33:15 - [0] ----D C:\Program Files (x86)\GUM79B1.tmp
O43 - CFD: 15/11/2013 - 19:44:03 - [0] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 04/04/2011 - 14:53:19 - [0] ----D C:\Users\lili\AppData\Local\ib
~ Program Folder: 203 Legitimates Filtered in 00mn 47s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.CB423BB9E0EECC4BD1D8A821A28E0D68] - 02/11/2013 - 12:57:58 ---A- . (...) -- C:\Windows\setup.iss [308]
O44 - LFC:[MD5.CB8572E790FCE09714143741C20E9934] - 12/11/2013 - 15:34:42 ---A- . (...) -- C:\Windows\SysNative\sasnative64.exe [16896]
O44 - LFC:[MD5.CB8572E790FCE09714143741C20E9934] - 12/11/2013 - 15:34:42 ---A- . (...) -- C:\Windows\System32\sasnative64.exe [16896]
O44 - LFC:[MD5.65DAD6734DE7B41379410E1951F51E1E] - 12/11/2013 - 19:39:13 ---A- . (...) -- C:\Windows\fspplugin.log [19265]
O44 - LFC:[MD5.B2D2FE825ADB89E7985AD8CE3AF5D69E] - 12/11/2013 - 19:39:21 ---A- . (...) -- C:\Windows\FSDEPH.log [147248]
O44 - LFC:[MD5.392DEA6C7B8348FD41BD6CC379BF09FF] - 12/11/2013 - 19:39:28 ---A- . (...) -- C:\Windows\prodsett_copy.ini [19474]
O44 - LFC:[MD5.80CDF706A9C4C2DD246385B8516CAE8B] - 12/11/2013 - 19:39:55 ---A- . (...) -- C:\Windows\DAASINST.LOG [2425]
O44 - LFC:[MD5.0F1EDED01CB43BEAB5DA0F7FF0E326A4] - 12/11/2013 - 19:40:02 ---A- . (...) -- C:\Windows\FSAVINST.LOG [73179]
O44 - LFC:[MD5.4209DDD95992388207273B0589A763E9] - 12/11/2013 - 19:40:02 ---A- . (...) -- C:\Windows\fsav_db_setup.log [675]
O44 - LFC:[MD5.CE82A41835EB4608D0B40B86082BD6D7] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\FSAVCSIN.LOG [10585]
O44 - LFC:[MD5.7357AD2D23D7334BB99423AB52343469] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\FSGKIAIN.log [4068]
O44 - LFC:[MD5.AA191EA010EC6991EF883D3C98F9A47F] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\FSISU.log [3961472]
O44 - LFC:[MD5.09F63C771210D81C134C95A5F05922CC] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\FSLDIN.LOG [1873]
O44 - LFC:[MD5.03DA7790D26CD8073B77EAE66CCA50A8] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\FSPROD.log [135631]
O44 - LFC:[MD5.A4E6B3A32732C45085D2DC273D3B2D69] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\FSSETUP.log [760918]
O44 - LFC:[MD5.6D11BF7C2A5B4BDA81E38FA5FE84C1DD] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\FSSFM.log [860194]
O44 - LFC:[MD5.39D9369C6D6CB15E1933DA7306020E08] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\RunSetup.log [111807]
O44 - LFC:[MD5.92AFD1964E411C15E87F1DE4E3E6CC49] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\fsavunin.log [3391]
O44 - LFC:[MD5.F59F2C574AA5D84477EB89F87C938F16] - 12/11/2013 - 19:47:06 ---A- . (...) -- C:\Windows\System32\Drivers\fsbts.sys [56016]
~ Files: 123 Legitimates Filtered in 00mn 27s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.1978372EBC8D9BB6AA2EA549A4310109] - 12/11/2013 - 12:53:54 ---A- - C:\Windows\Prefetch\BNDCORE.EXE-3B252194.pf
O45 - LFCP:[MD5.2FE179A506FF93A2B9C478C190779DBE] - 12/11/2013 - 13:28:29 ---A- - C:\Windows\Prefetch\UTORRENTBAR_FRTOOLBARHELPER.E-341E0519.pf =>P2P.µTorrent
O45 - LFCP:[MD5.F17B0D796117FDFF68A071F53E31797F] - 15/11/2013 - 21:20:30 ---A- - C:\Windows\Prefetch\FSADMINSETTINGS.EXE-B5299168.pf
~ Prefetcher: 61 Legitimates Filtered in 00mn 00s



---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{9c3f39a7-a35c-11e2-8779-00247e18f338}\AutoRun\command. (...) -- G:\HTC_Sync_Manager_PC.exe (.not file.)
O51 - MPSK:{e45cbf3d-d588-11e2-ada8-00247e18f338}\AutoRun\command. (...) -- G:\HTC_Sync_Manager_PC.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 21 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLogoff"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoClose"=0
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.0FA60A409E1C8AB9A81901311D15393D] - 22/06/2009 - 18:01:26 ---A- . (.Analog Devices, Inc. - High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\ADIHdAud.sys [497152]
O58 - SDL:[MD5.A83B43AC95F83940E6AE0FB4023602B2] - 12/11/2013 - 19:40:05 ---A- . (...) -- C:\Windows\SysWOW64\drivers\fsbts.sys [41024]
O58 - SDL:[MD5.DDEE99DC54EFA20BD5A442CD733C4462] - 20/03/2013 - 09:07:16 ---A- . (...) -- C:\Windows\SysWOW64\FsUsbExDisk.Sys [37344]
~ Drivers: 21 Legitimates Filtered in 00mn 00s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 09/05/2046 - 21:29:36 ---A- . (...) -- C:\Users\lili\Documents\carte DS\Mario_Party_DS_Eur.SAV [524288]
O61 - LFC: 12/11/2013 - 21:30:06 ---A- . (...) -- C:\Users\lili\Downloads\adwcleaner.exe [1085542]
O61 - LFC: 12/11/2013 - 21:30:09 ---A- . (...) -- C:\Users\lili\Downloads\lg-smart-share.exe [679280]
O61 - LFC: 15/11/2013 - 21:24:58 ---A- . (...) -- C:\Users\lili\AppData\Local\Mozilla\updates\E7CF176E110C211B\active-update.xml [1474]
O61 - LFC: 15/11/2013 - 21:24:58 ---A- . (...) -- C:\Users\lili\AppData\Local\Mozilla\updates\E7CF176E110C211B\updates.xml [57]
O61 - LFC: 15/11/2013 - 21:24:58 ---A- . (...) -- C:\Users\lili\AppData\Local\Mozilla\updates\E7CF176E110C211B\updates\0\update.mar [1800000]
O61 - LFC: 15/11/2013 - 21:24:58 ---A- . (...) -- C:\Users\lili\AppData\Local\Mozilla\updates\E7CF176E110C211B\updates\0\update.status [12]
O61 - LFC: 15/11/2013 - 21:29:33 ---A- . (...) -- C:\Users\lili\AppData\Roaming\ZHP\Log.txt [19246] =>.Nicolas Coolman
O61 - LFC: 15/11/2013 - 21:29:33 ---A- . (...) -- C:\Users\lili\AppData\Roaming\ZHP\TestsZHPDiag.txt [2835] =>.Nicolas Coolman
O61 - LFC: 15/11/2013 - 21:30:02 ---A- . (...) -- C:\Users\lili\Downloads\adwcleaner(1).exe [1085542]
O61 - LFC: 15/11/2013 - 21:30:04 ---A- . (...) -- C:\Users\lili\Downloads\adwcleaner-3.012.exe [1085542]
O61 - LFC: 24/03/2044 - 21:29:36 ---A- . (...) -- C:\Users\lili\Documents\carte DS\[NDS]Diddy_Kong_Racing[EUR]\Diddy Kong Racing.SAV [524288]
~ 14 Fichiers temporaires (Temporary files)
~ Files: 2848 Legitimates Filtered in 06mn 37s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {446A2CBA-A660-4E9C-8BF9-6D948E6DE706} - (Yahoo!) - https://fr.search.yahoo.com/
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - https://www.google.fr/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {F8B37423-0AD9-4E57-BB22-30675C5A1C24} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.858D895AD40DE9779E78C39A116F9553] [SPRF][12/11/2013] (...) -- C:\Users\lili\AppData\Local\Temp\BackupSetup.exe [10355400]
[MD5.378189889438568FEF3D98588283B3A5] [SPRF][11/11/2013] (...) -- C:\Users\lili\AppData\Local\Temp\Quarantine.exe [350377]
[MD5.2E575012FD49F34380630F8662DA5C03] [SPRF][31/10/2013] (.Conduit - Search Protect by Conduit.) -- C:\Users\lili\AppData\Local\Temp\SPSetup.exe [5591784] =>Toolbar.Conduit
[MD5.37E8FE0E839985A6074CF527517A1186] [SPRF][05/11/2013] (...) -- C:\Users\lili\AppData\Roaming\wklnhst.dat [12994]
~ Files: 8 Legitimates Filtered in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{9EED8D0D-DBD4-4DCC-84F8-CEFAF1D6DEB4}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.) =>Adware.Bandoo
O87 - FAEL: "{6E29D05A-7964-4882-AEE4-E451F1CACA94}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.) =>Adware.Bandoo
O87 - FAEL: "TCP Query User{72731FB5-0F0D-4AEE-BC97-FAFCB433FE8F}C:\users\lili\downloads\redsn0w_win_0.9.10b1\redsn0w_win_0.9.10b1\redsn0w.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\lili\downloads\redsn0w_win_0.9.10b1\redsn0w_win_0.9.10b1\redsn0w.exe (.not file.)
O87 - FAEL: "UDP Query User{55AF6D8D-F41B-4A31-A8F3-41A8FD936E61}C:\users\lili\downloads\redsn0w_win_0.9.10b1\redsn0w_win_0.9.10b1\redsn0w.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\lili\downloads\redsn0w_win_0.9.10b1\redsn0w_win_0.9.10b1\redsn0w.exe (.not file.)
~ Firewall: 237 Legitimates Filtered in 00mn 01s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.7AE5FF598B22E4F65558BAF73107FA7E] [WIS][14/05/2009] (.Builds the Destinations MSI - Builds the Destinations MSI.) -- C:\Windows\Installer\2137bd.msi [459264]
[MD5.A672E4C77ED7CCC851575B10B46CC8AD] [WIS][19/04/2012] (.IMinent - IMinent Toolbar.) -- C:\Windows\Installer\286a28d.msi [1019392] =>Adware.IMBooster
[MD5.54D2F6EC72B0A9F8F85E07137F6D098A] [WIS][13/01/2012] (.SweetIM Technologies Ltd. - SweetIM for Messenger 3.6.) -- C:\Windows\Installer\35f486b.msi [3552768] =>PUP.SweetIM
[MD5.5432060AD2A9F196CAF1E808B3160743] [WIS][13/01/2012] (.SweetIM Technologies Ltd. - SweetIM Toolbar for Internet Explorer 4.0.) -- C:\Windows\Installer\35f4871.msi [3012096] =>PUP.SweetIM
[MD5.0003D9969DF849B9FC84920A0B7B3274] [WIS][26/11/2011] (.Plex, Inc. - Plex Media Server for Windows.) -- C:\Windows\Installer\3bbfdb5.msi [53235712]
[MD5.EAE55A2DA2ADF0E0D7C3C30A8720B316] [WIS][12/02/2009] (.Broadcom Corp. - WIDCOMM Bluetooth Profile Pack.) -- C:\Windows\Installer\51ed8.msi [4665856]
[MD5.9B99C084F89126B43605B595E5811D7D] [WIS][18/02/2011] (.DeviceManagementQFolder - DeviceManagementQFolder.) -- C:\Windows\Installer\f8cb2.msi [121344]
[MD5.8B0BDE37CC36545C16DE589CEBBC5068] [WIS][18/02/2011] (.DocumentViewerQFolder - DocumentViewerQFolder.) -- C:\Windows\Installer\f8cfe.msi [121344]
~ WIS: 170 Legitimates Filtered in 00mn 19s



---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 12/11/2013 68096 | (Adobe LM Service) . (...) - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
SR - | Auto 11/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 15/07/2008 111616 | (AEADIFilters) . (.Andrea Electronics Corporation.) - C:\Windows\System32\AEADISRV.exe
SR - | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 14/05/2008 796712 | (btwdins) . (.Broadcom Corporation..) - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
SR - | Auto 29/12/2008 21296 | (CalendarSynchService) . (.Hewlett-Packard.) - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
SR - | Auto 05/09/2013 653888 | (EpsonCustomerResearchParticipation) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
SR - | Auto 12/12/2011 135824 | (EpsonScanSvc) . (.Seiko Epson Corporation.) - C:\Windows\system32\EscSvc64.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\ezsvc7.dll (ezSharedSvc) . (.EasyBits Sofware AS.) - C:\Windows\System32\svchost.exe
SR - | Auto 18/01/2013 188400 | (fshoster) . (.F-Secure Corporation.) - C:\Program Files (x86)\SFR\Pack_Securite\fshoster32.exe
SR - | Demand 20/08/2013 207808 | (FSMA) . (.F-Secure Corporation.) - C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSMA32.exe
SR - | Auto 12/11/2013 60352 | (FSORSPClient) . (.F-Secure Corporation.) - C:\Program Files (x86)\SFR\Pack_Securite\apps\CCF_Reputation\fsorsp.exe
SS - | Demand 23/06/2008 164600 | (GameConsoleService) . (.WildTangent, Inc..) - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
SS - | Auto 19/02/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 19/02/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 22/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 04/12/2008 94208 | (HP Health Check Service) . (.Hewlett-Packard.) - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
SR - | Auto 10/07/2008 100864 | (HP Touch Screen Enhance) . (.Hewlett-Packard.) - c:\Program Files (x86)\Hewlett-Packard\HP Touch Screen Enhance Service\HPTSEnSrv.exe
SR - | Demand 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\system32\svchost.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Demand 02/11/2013 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Demand 06/09/2013 288776 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
SS - | Demand 26/10/2013 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 29/06/2010 159336 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\System32\nvvsvc.exe
SR - | Auto 07/12/2012 167424 | (PassThru Service) . (...) - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 22/03/2013 93072 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
SR - | Auto 08/11/2013 66336 | (Update BuzzSearch) . (...) - C:\Program Files (x86)\BuzzSearch\updateBuzzSearch.exe
SR - | Auto 12/11/2013 66336 | (Util BuzzSearch) . (...) - C:\Program Files (x86)\BuzzSearch\bin\utilBuzzSearch.exe
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Demand 10/07/1658 0 | (WPFFontCache_v0400) . (...) - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 28/11/2008 146928 | ({55662437-DA8C-40c0-AADA-2C816A897A49}) . (.CyberLink Corp..) - c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
~ Services: Scanned in 00mn 22s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by lili at 15/11/2013 21:34:22
~ OS 64 not supported by MBR tool
~ MBR: 0 Legitimates Filtered in 00mn 00s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by lili at 15/11/2013 21:34:24

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 12994 - (14/11/2013)
Clés trouvées (Keys found) : 71
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 5

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\482AA67AD25E6E74E9F48BD5FBE8533C] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F479A18A22A86E3429341589FF57D81A] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Tuto Emule_is1] =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC] =>PUP.SweetI
0
Réponse 10 / 44
lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 18 septembre 2023 3 804
16 nov. 2013 à 07:14
Désinstalles
" McAfee Security Scan Plus v3.8.130.10 "

Yahoo! Toolbar

On va faire un scan généralisé pour voir si d'autres infections ne se cachent pas

Attention le scan peut durer assez longtemps environ 2h voire plus suivant la capacité des disques durs

* Télécharge MalwareBytes' anti-malware sur le bureau
https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/

* Cliques droit sur l'icône Download_mbam-setup.exe afin de l'exécuter en tant qu'admin pour lancer le processus d'installation

* Si le pare-feu demande l'autorisation de se connecter pour malwareBytes, accepte

* Décoche pour la version d'essai pour malwarebytes pro

* Il va se mettre à jour une fois faite

* Va dans l'onglet recherche

* Sélectionne exécuter un examen complet

* Clique sur rechercher

* Le scan démarre

* A la fin de l'analyse, le message s'affiche: L'examen s'est terminé normalement.

* Clique sur afficher les résultats pour afficher les objets trouvés

* Clique sur OK pour poursuivre

* Si des malwares ont été détectés, cliquer sur afficher les résultats

* Sélectionne tout (ou laisser coché)

* Clique sur tout supprimer

* MalwareBytes va détruire les fichiers et les clés de registre et en mettre une
copie dans la quarantaine

* Malwarebytes va ouvrir le bloc-note et y copier le rapport

* Redémarre le PC

* Une fois redémarré, double-clique sur MalwareBytes

* Va dans l'onglet rapport/log

* Clique dessus pour l'afficher une fois affiché, cliquer sur édition
en haut du bloc-note puis sur sélectionner tout

* Reviens sur édition, puis sur copier et reviens
sur le forum dans ta réponse

* Clic droit dans le cadre de la réponse et coller

Bonne chance
0
Réponse 11 / 44
sonic83 Messages postés 27 Date d'inscription vendredi 15 novembre 2013 Statut Membre Dernière intervention 30 novembre 2013
16 nov. 2013 à 14:19
Malwarebytes Anti-Malware (Essai) 1.75.0.1300
www.malwarebytes.org

Version de la base de données: v2013.11.16.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16736
lili :: PC-DE-LILI [administrateur]

Protection: Activé

16/11/2013 12:32:16
mbam-log-2013-11-16 (12-32-16).txt

Type d'examen: Examen complet (C:\|D:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 458336
Temps écoulé: 1 heure(s), 30 minute(s), 54 seconde(s)

Processus mémoire détecté(s): 2
C:\Program Files (x86)\BuzzSearch\updateBuzzSearch.exe (PUP.Optional.BuzzSearch.A) -> 4060 -> Suppression au redémarrage.
C:\Program Files (x86)\BuzzSearch\bin\utilBuzzSearch.exe (PUP.Optional.BuzzSearch.A) -> 4320 -> Suppression au redémarrage.

Module(s) mémoire détecté(s): 1
C:\Program Files (x86)\BuzzSearch\bin\sqlite3.dll (PUP.Optional.BuzzSearch.A) -> Suppression au redémarrage.

Clé(s) du Registre détectée(s): 10
HKLM\SYSTEM\CurrentControlSet\Services\Update BuzzSearch (PUP.Optional.BuzzSearch.A) -> Mis en quarantaine et supprimé avec succès.
HKLM\SYSTEM\CurrentControlSet\Services\Util BuzzSearch (PUP.Optional.BuzzSearch.A) -> Mis en quarantaine et supprimé avec succès.
HKCR\CLSID\{5cf5a690-c8f4-488e-9d20-f21aef602d41} (PUP.Optional.BuzzSearch.A) -> Mis en quarantaine et supprimé avec succès.
HKCR\TypeLib\{396ecd31-edf7-489f-bda1-83dba4c36e81} (PUP.Optional.BuzzSearch.A) -> Mis en quarantaine et supprimé avec succès.
HKCR\Interface\{D0EC4142-5808-41D2-A4DC-6081CF1A9693} (PUP.Optional.BuzzSearch.A) -> Mis en quarantaine et supprimé avec succès.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CF5A690-C8F4-488E-9D20-F21AEF602D41} (PUP.Optional.BuzzSearch.A) -> Mis en quarantaine et supprimé avec succès.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5CF5A690-C8F4-488E-9D20-F21AEF602D41} (PUP.Optional.BuzzSearch.A) -> Mis en quarantaine et supprimé avec succès.
HKCR\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} (PUP.Optional.BrowseFox.A) -> Mis en quarantaine et supprimé avec succès.
HKCU\SOFTWARE\BuzzSearch (PUP.Optional.BuzzSearch.A) -> Mis en quarantaine et supprimé avec succès.
HKLM\SOFTWARE\BuzzSearch (PUP.Optional.BuzzSearch.A) -> Mis en quarantaine et supprimé avec succès.

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 3
C:\Program Files (x86)\BuzzSearch (PUP.Optional.BuzzSearch.A) -> Suppression au redémarrage.
C:\Program Files (x86)\BuzzSearch\bin (PUP.Optional.BuzzSearch.A) -> Suppression au redémarrage.
C:\Program Files (x86)\BuzzSearch\bin\plugins (PUP.Optional.BuzzSearch.A) -> Mis en quarantaine et supprimé avec succès.

Fichier(s) détecté(s): 103
C:\Program Files (x86)\BuzzSearch\updateBuzzSearch.exe (PUP.Optional.BuzzSearch.A) -> Suppression au redémarrage.
C:\Program Files (x86)\BuzzSearch\bin\utilBuzzSearch.exe (PUP.Optional.BuzzSearch.A) -> Suppression au redémarrage.
C:\Program Files (x86)\BuzzSearch\BuzzSearchBHO.dll (PUP.Optional.BuzzSearch.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPlyTune.dll.vir (PUP.Optional.Dealply) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPlyUpdate.exe.vir (PUP.Optional.Dealply) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPlyUpdateRun.exe.vir (PUP.Optional.Dealply) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\uninst.exe.vir (PUP.Optional.Dealply) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\I Want This\I Want This.dll.vir (Adware.GamePlayLabs) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\I Want This\I Want This.exe.vir (Adware.GamePlayLabs) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\I Want This\I Want ThisGui.exe.vir (Adware.GamePlayLabs) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\I Want This\Uninstall.exe.vir (Adware.GamePlayLabs) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\Main\bin\CltMngSvc.exe.vir (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\Main\bin\SPTool.dll.vir (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\Main\bin\SPtool.dll_1380222432919.vir (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\Main\bin\SPtool.dll_1380222433028.vir (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\Main\bin\SPtool.dll_1381074356898.vir (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\Main\bin\SPtool.dll_1381074356961.vir (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\Main\bin\SPtool.dll_1382457101218.vir (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\Main\bin\SPtool.dll_1382457101265.vir (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\Main\bin\SPtool.dll_1383735781466.vir (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\Main\bin\SPtool.dll_1383735781544.vir (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\Main\bin\uninstall.exe.vir (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\cltmng.exe.vir (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\SPTool64.exe.vir (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\SPVC32.dll.vir (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\SPVC32Loader.dll.vir (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\SPVC64.dll.vir (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\SPVC64Loader.dll.vir (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\UI\bin\cltmngui.exe.vir (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\ContentPackagesActivationHandler.exe.vir (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll.vir (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgArchive.dll.vir (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgcommon.dll.vir (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll.vir (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgconfig.dll.vir (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgFlashPlayer.dll.vir (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mghooking.dll.vir (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgICQAuto.dll.vir (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgICQMessengerAdapter.dll.vir (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mglogger.dll.vir (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgMediaPlayer.dll.vir (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgMsnAuto.dll.vir (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgMsnMessengerAdapter.dll.vir (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll.vir (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgSweetIM.dll.vir (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll.vir (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll.vir (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgYahooAuto.dll.vir (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgYahooMessengerAdapter.dll.vir (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\SweetIM.exe.vir (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll.vir (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\ClearHist.exe.vir (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgcommon.dll.vir (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgconfig.dll.vir (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll.vir (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe.vir (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mghooking.dll.vir (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mglogger.dll.vir (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll.vir (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll.vir (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll.vir (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll.vir (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\~BabylonToolbar\~BabylonToolbar\~1.5.3.17\~BabylonToolbarApp.dll.vir (PUP.Optional.BabylonToolBar.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\~BabylonToolbar\~BabylonToolbar\~1.5.3.17\~BabylonToolbarEng.dll.vir (PUP.Optional.BabylonToolBar.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\~BabylonToolbar\~BabylonToolbar\~1.5.3.17\~BabylonToolbarsrv.exe.vir (PUP.Optional.BabylonToolBar.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\~BabylonToolbar\~BabylonToolbar\~1.5.3.17\~BabylonToolbarTlbr.dll.vir (PUP.Optional.BabylonToolBar.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\~BabylonToolbar\~BabylonToolbar\~1.5.3.17\~uninstall.exe.vir (PUP.Optional.BabylonToolBar.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\ProgramData\SweetIM\Messenger\update\sweetimsetup.exe.vir (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Users\lili\AppData\Local\Conduit\CT2851639\uTorrentBar_FRAutoUpdateHelper.exe.vir (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Users\lili\AppData\Local\TempDir\BetterInstaller.exe.vir (PUP.Optional.Somoto.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Users\lili\AppData\Roaming\Agence-Exclusive\Agence-Exclusive\UpdatePCTuto.exe.vir (PUP.Tuto4PC) -> Mis en quarantaine et supprimé avec succès.
C:\Users\lili\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4TGMB20O\Britney Spears - Ooh La La 2013 Single 320Kbps By D.O.exe.bl1zc0p.partial (PUP.Optional.Installrex) -> Mis en quarantaine et supprimé avec succès.
C:\Users\lili\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4TGMB20O\Download.exe.sfo3qi6.partial (PUP.Optional.Installrex) -> Mis en quarantaine et supprimé avec succès.
C:\Users\lili\AppData\Local\Temp\SPSetup.exe (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\lili\Downloads\lg-smart-share.exe (PUP.Optional.Installcore) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\Installer\35f486b.msi (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\Installer\35f4871.msi (PUP.Optional.SweetIM) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\Temp\nsd2243.exe (PUP.Optional.SearchProtect.A) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\Temp\nsdA85.exe (PUP.Optional.SearchProtect.A) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\Temp\nsdFD8.exe (PUP.Optional.SearchProtect.A) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\Temp\nseA0BC.exe (PUP.Optional.SearchProtect.A) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\Temp\nseA0BD.exe (PUP.Optional.SearchProtect.A) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\Temp\nsi1045.exe (PUP.Optional.SearchProtect.A) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\Temp\nsi2262.exe (PUP.Optional.SearchProtect.A) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\Temp\nsjAA5.exe (PUP.Optional.SearchProtect.A) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\Temp\nsn5B9.exe (PUP.Optional.SearchProtect.A) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\Temp\nsn7ED4.exe (PUP.Optional.SearchProtect.A) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\Temp\nsoABA5.exe (PUP.Optional.SearchProtect.A) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\Temp\nst14F2.exe (PUP.Optional.SearchProtect.A) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\Temp\nst14F3.exe (PUP.Optional.SearchProtect.A) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\Temp\nst5D9.exe (PUP.Optional.SearchProtect.A) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\Temp\nsy7F13.exe (PUP.Optional.SearchProtect.A) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\Temp\nsyAB47.exe (PUP.Optional.SearchProtect.A) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files (x86)\BuzzSearch\BuzzSearch.ico (PUP.Optional.BuzzSearch.A) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files (x86)\BuzzSearch\BuzzSearchUninstall.exe (PUP.Optional.BuzzSearch.A) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files (x86)\BuzzSearch\jhjjdgbhohaallcimgcmakfiobacimkm.crx (PUP.Optional.BuzzSearch.A) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files (x86)\BuzzSearch\sqlite3.exe (PUP.Optional.BuzzSearch.A) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files (x86)\BuzzSearch\updateBuzzSearch.InstallState (PUP.Optional.BuzzSearch.A) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files (x86)\BuzzSearch\bin\sqlite3.dll (PUP.Optional.BuzzSearch.A) -> Suppression au redémarrage.
C:\Program Files (x86)\BuzzSearch\bin\utilBuzzSearch.InstallState (PUP.Optional.BuzzSearch.A) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files (x86)\BuzzSearch\bin\plugins\BuzzSearch.FFUpdate.dll (PUP.Optional.BuzzSearch.A) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files (x86)\BuzzSearch\bin\plugins\BuzzSearch.GCUpdate.dll (PUP.Optional.BuzzSearch.A) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files (x86)\BuzzSearch\bin\plugins\BuzzSearch.IEUpdate.dll (PUP.Optional.BuzzSearch.A) -> Mis en quarantaine et supprimé avec succès.

(fin)
0
Réponse 12 / 44
sonic83 Messages postés 27 Date d'inscription vendredi 15 novembre 2013 Statut Membre Dernière intervention 30 novembre 2013
Modifié par sonic83 le 16/11/2013 à 14:21
et le deuxième aussi ? c'est ProgramData ???
0
Réponse 13 / 44
lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 18 septembre 2023 3 804
16 nov. 2013 à 14:20
Super :)

Fais un nouveau zhpdiag
0
Réponse 14 / 44
sonic83 Messages postés 27 Date d'inscription vendredi 15 novembre 2013 Statut Membre Dernière intervention 30 novembre 2013
16 nov. 2013 à 16:44
~ Rapport de ZHPDiag v2013.11.14.33 - Nicolas Coolman (14/11/2013)
~ Lancé par lili (16/11/2013 16:26:37)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16736
MFIE: Mozilla Firefox 25.0.1 (Defaut)
GCIE: Google Chrome v31.0.1650.57
OBIE: Safari v5.34.57.2

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_COA_NSLP channel
Windows ID Activation : OK
~ Windows Partial Key : 2J7QR
Windows License : OK
~ Windows Remaining Initializations Number : 5
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
Computer Security 12.77.101.0
Pack Sécurité v1.77.243.0
Pack Sécurité v1.77.243.0
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer
Tuto Emule1.0.0.0

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader XI

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 6, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4095 MB (51% free)
System Restore: Activé (Enable)
System drive C: has 606 GB (66%) free of 918 GB

---\\ Mode de connexion au système
~ Computer Name: PC-DE-LILI
~ User Name: lili
~ All Users Names: lili, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\lili\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\lili\AppData\Roaming\
~ %Desktop% : C:\Users\lili\Desktop\
~ %Favorites% : C:\Users\lili\Favorites\
~ %LocalAppData% : C:\Users\lili\AppData\Local\
~ %StartMenu% : C:\Users\lili\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 606 Go of 918 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 14 Go)
E: CD-ROM drive (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.9706C99DAEBE3FEAC811B239617E98C4] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.12/10/2013 - 09:45:20.) -- C:\Windows\System32\wininet.dll [2241536]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 5/2586
~ Mes musiques (My Musics) : 189/2067
~ Mes Videos (My Videos) : 1/94
~ Mes Favoris (My Favorites) : 1/41
~ Mes Documents (My Documents) : 1/2249
~ Mon Bureau (My Desktop) : 1/744
~ Menu demarrer (Programs) : 1/30
~ Hidden Files: Scanned in 00mn 05s



---\\ Processus lancés
[MD5.2DC64A3446C8C6E020E781456B46573D] - (.Microsoft Corporation - Tablet PC Input Panel Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe [10240] [PID.1692]
[MD5.44E31B7CFB3D6A1B067AE47275954E0F] - (.Hewlett-Packard - HP TouchSmart Calendar & Notes.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe [26928] [PID.2444]
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.2772]
[MD5.037BA4C6B4A569B23FD2BCC5152E5CF6] - (.Hewlett-Packard - HP.CPC.TS.) -- c:\Program Files (x86)\Hewlett-Packard\HP Touch Screen Enhance Service\HPTSEnProxy.exe [65536] [PID.988]
[MD5.78A724720BE21AE29FF70AD3EC77CFE6] - (.Analog Devices, Inc. - SoundMAX Audio Settings (32-bit).) -- C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe [3862528] [PID.2008]
[MD5.1A1E3B7B2A03F121D627B28362AEFCE0] - (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [966656] [PID.2668]
[MD5.4AD13EBF04EDC31B2C3D5F8E2338F2F4] - (.OLYMPUS IMAGING CORP. - OLYMPUS ib Resident Program.) -- C:\Program Files (x86)\Olympus\ib\olycamdetect.exe [93360] [PID.3720]
[MD5.8EEFD0B92F46B6762A5EC41EF55F7043] - (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248208] [PID.1256]
[MD5.A4159CBC4FC1EC188948DC5E65DF5150] - (.TomTom - MyTomTom.) -- C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe [455608] [PID.1984]
[MD5.B54921381A950C8215FB363B485C432B] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [270336] [PID.4860]
[MD5.940251B5F65443969ADC2A2597644D9A] - (.Hewlett Packard - FastUser MFC Application.) -- C:\Program Files (x86)\Hewlett Packard\Buttons & OSDs control application gen2\FastUserSwitching.exe [208896] [PID.4444]
[MD5.309C7161F58C75EE88B07F55CA858280] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [189736] [PID.4592]
[MD5.B6F6228AB545E2819A60C0D63A84E52E] - (.CyberLink Corp. - HP DVDSmart Resident Program.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [1148200] [PID.4652]
[MD5.29D6909817AE94A7D3DBDD46F1303720] - (.Hewlett Packard - OSD MFC Application.) -- C:\Program Files (x86)\Hewlett Packard\Buttons & OSDs control application gen2\HWManager.exe [233472] [PID.4856]
[MD5.512FB594263ED858FBA167DA3D24C5C2] - (.Hewlett-Packard - Keyboard & Mouse Battery Volume Detection.) -- C:\Program Files (x86)\Hewlett-Packard\HP KEYBOARD\HPKEYBOARD.exe [471040] [PID.4132]
[MD5.554A50B5310E702029D3A675459108FF] - (.Hewlett-Packard - hpsysdrv.) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768] [PID.4436]
[MD5.E8BF582DEDABD7BA6B87C9E802CCC629] - (.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [1152296] [PID.4664]
[MD5.A11F236C31EFDF0EA507C1A37E4A0EBB] - (.Hewlett Packard - OSDForm MFC Application.) -- C:\Program Files (x86)\Hewlett Packard\Buttons & OSDs control application gen2\OSDForm.exe [102400] [PID.4684]
[MD5.EC87FE6FC28C21AB9F41112234008522] - (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1314816] [PID.4536]
[MD5.FBDC0E172AA0D341FF0084A3DBFD00F5] - (.SEIKO EPSON CORPORATION - Fax Reception.) -- C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [502952] [PID.5036]
[MD5.635DFB2E71D6359E07977E74703ED47E] - (.SEIKO EPSON CORPORATION - Fax Transmission.) -- C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863400] [PID.4340]
[MD5.46D3D19A4745B67DCA6692AFAB0E136D] - (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912] [PID.4976]
[MD5.BAF535F843A3E790E04A7613811B55BC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.4304]
[MD5.A0F2C92F410EBAE832DFE507C7E4D6FA] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files (x86)\SFR\Pack_Securite\fshoster32.exe [188400] [PID.2136]
[MD5.5DF9D84032F52FBD736DA2AC6ABE860D] - (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSM32.exe [310208] [PID.4616]
[MD5.C416F1BBBBBFEB586CC319A64A1D5FBF] - (.Broadcom Corporation. - Bluetooth Headset Skype Proxy.) -- c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe [14376] [PID.5540]
[MD5.F16EEA6CCA9D8A7D1193AE80E43FBBC7] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe [168960] [PID.5708]
[MD5.8A9FACCB684500829F7D0BCC67B386CC] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe [559104] [PID.3388]
[MD5.883008A9B5BFF94A153D99DBA54CB5C1] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe [362496] [PID.5932]
[MD5.077D59BA0FD4007E841B6C670862B065] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.6184]
[MD5.E0B173F23D873286169995D66B9E3CDF] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [18544] [PID.3156]
[MD5.CEED3CE0035F55A08EEEC34B5804723C] - (.Adobe Systems, Inc. - Adobe Flash Player 11.9 r900.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe [1862536] [PID.6528]
[MD5.A9B236A317FD2D8C9C9F43F33707667E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8216064] [PID.2428]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1456]
[MD5.30E3850F303EAE5C364782EA78579CC9] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624] [PID.1820]
[MD5.2928B8A09EFAB1E1919A8C8EEC8FBED2] - (.Hewlett-Packard - HP TouchSmart Calendar.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [21296] [PID.1596]
[MD5.45303CDBC1FD8F8D371E726BF126F771] - (.F-Secure Corporation - F-Secure ORSP Service.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\CCF_Reputation\fsorsp.exe [60352] [PID.2260]
[MD5.6D45DCE299CC7B52CDDF2A6DC26C7BBC] - (.Hewlett-Packard - HP.CPC.TS.S.) -- c:\Program Files (x86)\Hewlett-Packard\HP Touch Screen Enhance Service\HPTSEnSrv.exe [100864] [PID.2280]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.2352]
[MD5.1658B96575182F53C0424586EC03B7A0] - (.F-Secure Corporation - F-Secure Gatekeeper Handler 32-bit.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Anti-Virus\FSGK32.exe [621608] [PID.2364]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.2484]
[MD5.3CAE2BBC86FCF7F94C9696994AF30386] - (.Pas de propriétaire - PassThruSvr Application.) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424] [PID.2680]
[MD5.0765EE4A7A0D6609BF91CA2E4700E885] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [93072] [PID.2856]
[MD5.537F5AA8CD3AA0DDDA640FB55538FBF8] - (.F-Secure Corporation - F-Secure Scanner Manager 32-bit.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Anti-Virus\fssm32.exe [1162280] [PID.3580]
[MD5.480F368D8AD18D57A0A9F4B562A00A84] - (.F-Secure Corporation - F-Secure Management Agent.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSMA32.exe [207808] [PID.3404]
~ Processes Running: Scanned in 00mn 01s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\lili\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 0 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.msn.com/fr-fr/
~ IE Browser: 16 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar [64Bits] - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
O3 - Toolbar: (no name) [64Bits] - [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Epson Easy Photo Print.lnk . (.SEIKO EPSON CORPORATION - Pas de description.) -- C:\Program Files (x86)\Epson Software\Easy Photo Print\EPQuicker.exe
O4 - GS\Desktop [Public]: Epson Guide réseau WF-2510 Series.lnk . (...) -- C:\Program Files (x86)\Epson Software\Epson Manual\WF-2510 Series\fr\Netg\index.htm
O4 - GS\Desktop [Public]: EPSON Scan.lnk . (.SEIKO EPSON CORP. - EPSON Scan.) -- C:\Windows\twain_32\escndv\escndv.exe
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: Google Earth.lnk . (.Google - Google Earth.) -- C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe =>.Google Inc
O4 - GS\Desktop [Public]: Help and Support.lnk - Clé orpheline
O4 - GS\Desktop [Public]: HP TouchSmart.lnk . (.Hewlett-Packard - SmartCenter.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\SmartCenter 2.0\SmartCenter.exe
O4 - GS\Desktop [Public]: Magic Desktop.lnk . (.EasyBits Software AS - EasyBits Security Shield.) -- C:\Program Files (x86)\EasyBits For Kids\ezSecShield.exe =>.EasyBits Software AS
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: Pack Sécurité.lnk . (.F-Secure Corporation - F-Secure Service Enabler GUI Launcher.) -- C:\Program Files (x86)\SFR\Pack_Securite\trigger.exe
O4 - GS\Desktop [Public]: Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\Desktop [Public]: SP800UZ Manuel d'instructions.lnk . (...) -- C:\Users\Public\Documents\OLYMPUS\Camera Manual\SP800UZ\FRA.pdf (.not file.)
O4 - GS\Program [Public]: HP Total Care Advisor.lnk . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - GS\Program [Public]: Magic Desktop.lnk . (.EasyBits Software AS - EasyBits Security Shield.) -- C:\Program Files (x86)\EasyBits For Kids\ezSecShield.exe =>.EasyBits Software AS
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Optimize for Mouse.lnk . (.Hewlett-Packard Development Company, L.P. - HP Touch Optimizer.) -- C:\Program Files (x86)\Hewlett-Packard\HP Touch Optimizer\HPTouchOptimizer.exe
O4 - GS\Program [Public]: Optimize for Touch.lnk . (.Hewlett-Packard Development Company, L.P. - HP Touch Optimizer.) -- C:\Program Files (x86)\Hewlett-Packard\HP Touch Optimizer\HPTouchOptimizer.exe
O4 - GS\Program [Public]: Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\Program [Public]: Windows Journal.lnk . (...) -- C:\Program Files (x86)\Windows Journal\Journal.exe (.not file.)
O4 - GS\QuickLaunch [lili]: Apple Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\QuickLaunch [lili]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [lili]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [lili]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\lili\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\TaskBar [lili]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [lili]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [lili]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [lili]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [lili]: Adobe Photoshop CS.lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CS.) -- C:\Program Files (x86)\Adobe\Photoshop CS\Photoshop.exe =>.Adobe Systems Incorporated
O4 - GS\Desktop [lili]: HP TouchSmart.lnk . (.Hewlett-Packard - SmartCenter.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\SmartCenter 2.0\SmartCenter.exe
O4 - GS\Desktop [lili]: ib.lnk . (.OLYMPUS IMAGING CORP. - OLYMPUS ib Main Program.) -- C:\Program Files (x86)\Olympus\ib\ib.exe
O4 - GS\Desktop [lili]: Téléchargements - Raccourci.lnk . (...) -- C:\Users\lili\Downloads
O4 - GS\Desktop [lili]: Vegas Pro 10.0 (64-bit).lnk . (...) -- C:\Program Files (x86)\Sony\Vegas Pro 10.0\vegas100.exe (.not file.)
O4 - GS\Desktop [lili]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\lili\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 100 Legitimates Filtered in 00mn 01s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: Adobe Gamma Loader.lnk . (.Adobe Systems, Inc. - Adobe Gamma Loader.) -- C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - GS\Startup [Public]: BTTray.lnk . (...) -- C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe (.not file.)
O4 - GS\Startup [Public]: HP Digital Imaging Monitor.lnk . (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Run: [OsdMaestro] . (.OsdMaestro - On-Screen Caps/Num/Scroll Lock Indicator.) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe
O4 - HKLM\..\Run: [SoundMAX] . (.Analog Devices, Inc. - SoundMAX Audio Settings (32-bit).) -- C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe
O4 - HKLM\..\Run: [IntelliType Pro] . (.Microsoft Corporation - IType.exe.) -- c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
O4 - HKLM\..\Run: [IntelliPoint] . (.Microsoft Corporation - IPoint.exe.) -- c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
O4 - HKCU\..\Run: [HPAdvisor] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKCU\..\Run: [Olympus ib] . (.OLYMPUS IMAGING CORP. - OLYMPUS ib Resident Program.) -- C:\Program Files (x86)\Olympus\ib\olycamdetect.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (.not file.)
O4 - HKCU\..\Run: [Nero MediaHome 4] C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe (.not file.)
O4 - HKCU\..\Run: [MyTomTomSA.exe] . (.TomTom - MyTomTom.) -- C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIXE.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIXE.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [Plex Media Server] . (.Plex, Inc. - Plex Media Server.) -- c:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
O4 - HKLM\..\Wow6432Node\Run: [Buttons & OSDs control application gen2] . (.Hewlett Packard - FastUser MFC Application.) -- C:\Program Files (x86)\Hewlett Packard\Buttons & OSDs control application gen2\FastUserSwitching.exe
O4 - HKLM\..\Wow6432Node\Run: [CLMLServer for HP TouchSmart] . (.CyberLink - CyberLink MediaLibray Service.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
O4 - HKLM\..\Wow6432Node\Run: [DVDAgent] . (.CyberLink Corp. - HP DVDSmart Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Health Check Scheduler] . (.Hewlett-Packard - HP Health Check Scheduler.) -- c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Wow6432Node\Run: [HP KEYBOARD] . (.Hewlett-Packard - Keyboard & Mouse Battery Volume Detection.) -- C:\Program Files (x86)\Hewlett-Packard\HP KEYBOARD\HPKEYBOARD.exe
O4 - HKLM\..\Wow6432Node\Run: [hpsysdrv] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [ORAHSSSessionManager] C:\Program Files (x86)\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [OsdMaestro] . (.OsdMaestro - On-Screen Caps/Num/Scroll Lock Indicator.) -- c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe
O4 - HKLM\..\Wow6432Node\Run: [TSMAgent] . (.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
O4 - HKLM\..\Wow6432Node\Run: [UCam_Menu] . (.CyberLink Corp. - StartMen Application.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateLBPShortCut] . (.CyberLink Corp. - StartMen Application.) -- c:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateP2GoShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdatePDIRShortCut] . (.CyberLink Corp. - StartMen Application.) -- c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdatePSTShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [MDS_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [Olympus ib] . (.OLYMPUS IMAGING CORP. - OLYMPUS ib Resident Program.) -- C:\Program Files (x86)\Olympus\ib\olycamdetect.exe
O4 - HKLM\..\Wow6432Node\Run: [SoundMAXPnP] . (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Wow6432Node\Run: [hpqSRMon] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Wow6432Node\Run: [AppleSyncNotifier] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [FUFAXRCV] . (.SEIKO EPSON CORPORATION - Fax Reception.) -- C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
O4 - HKLM\..\Wow6432Node\Run: [FUFAXSTM] . (.SEIKO EPSON CORPORATION - Fax Transmission.) -- C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
O4 - HKLM\..\Wow6432Node\Run: [EEventManager] . (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [F-Secure Hoster (44996)] . (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files (x86)\SFR\Pack_Securite\fshoster32.exe
O4 - HKLM\..\Wow6432Node\Run: [F-Secure Manager] . (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSM32.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [HPAdvisor] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [Olympus ib] . (.OLYMPUS IMAGING CORP. - OLYMPUS ib Resident Program.) -- C:\Program Files (x86)\Olympus\ib\olycamdetect.exe
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (.not file.)
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [Nero MediaHome 4] C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe (.not file.)
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [MyTomTomSA.exe] . (.TomTom - MyTomTom.) -- C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIXE.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [EPLTarget\P0000000000000001] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIXE.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [Plex Media Server] . (.Plex, Inc. - Plex Media Server.) -- c:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @btrez.dll,-12650 [64Bits] - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- c:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] *.starstable.com
~ IE Zone Confiance: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{05DA647F-A88D-4573-8368-5AF6C5D7D69D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{85CEFEA6-A9F1-4F1E-BEEE-E16266337F69}: DhcpNameServer = 172.20.2.39 172.20.2.10
O17 - HKLM\System\CCS\Services\Tcpip\..\{EC6F2A62-420F-44A8-B445-6656C6CCBED3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{05DA647F-A88D-4573-8368-5AF6C5D7D69D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{85CEFEA6-A9F1-4F1E-BEEE-E16266337F69}: DhcpNameServer = 172.20.2.39 172.20.2.10
O17 - HKLM\System\CS1\Services\Tcpip\..\{EC6F2A62-420F-44A8-B445-6656C6CCBED3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{05DA647F-A88D-4573-8368-5AF6C5D7D69D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{85CEFEA6-A9F1-4F1E-BEEE-E16266337F69}: DhcpNameServer = 172.20.2.39 172.20.2.10
O17 - HKLM\System\CS2\Services\Tcpip\..\{EC6F2A62-420F-44A8-B445-6656C6CCBED3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Windows\web\wallpaper\chp.jpg
O24 - Desktop General: WallPaper - .(...) - C:\Windows\web\wallpaper\chp.jpg
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [{5048E7A8-176A-4A81-A517-CBE272C872EC}] (...) -- C:\Program Files (x86)\HP\Digital Imaging\{B46AC30C-22D2-4610-B041-1DA7BB29EB57}\hpzstub.exe (.not file.) [0]
~ Scheduled Task: 15 Legitimates Filtered in 00mn 05s



---\\ Logiciels installés (O42)
O42 - Logiciel: BuzzSearch 2013.11.07.232809 - (.BuzzSearch.) [HKLM][64Bits] -- BuzzSearch
O42 - Logiciel: FoxTab PDF Converter - (...) [HKCU][64Bits] -- FoxTab PDF Converter
~ Logic: 189 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 15/01/2013 - 10:52:47 - [0,049] ----D C:\Program Files (x86)\ALFANO_VUE
O43 - CFD: 08/07/2013 - 06:33:15 - [0] ----D C:\Program Files (x86)\GUM79B1.tmp
O43 - CFD: 15/11/2013 - 19:44:03 - [0] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 04/04/2011 - 14:53:19 - [0] ----D C:\Users\lili\AppData\Local\ib
~ Program Folder: 203 Legitimates Filtered in 00mn 41s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.CB423BB9E0EECC4BD1D8A821A28E0D68] - 02/11/2013 - 12:57:58 ---A- . (...) -- C:\Windows\setup.iss [308]
O44 - LFC:[MD5.CB8572E790FCE09714143741C20E9934] - 12/11/2013 - 15:34:42 ---A- . (...) -- C:\Windows\SysNative\sasnative64.exe [16896]
O44 - LFC:[MD5.CB8572E790FCE09714143741C20E9934] - 12/11/2013 - 15:34:42 ---A- . (...) -- C:\Windows\System32\sasnative64.exe [16896]
O44 - LFC:[MD5.65DAD6734DE7B41379410E1951F51E1E] - 12/11/2013 - 19:39:13 ---A- . (...) -- C:\Windows\fspplugin.log [19265]
O44 - LFC:[MD5.B2D2FE825ADB89E7985AD8CE3AF5D69E] - 12/11/2013 - 19:39:21 ---A- . (...) -- C:\Windows\FSDEPH.log [147248]
O44 - LFC:[MD5.392DEA6C7B8348FD41BD6CC379BF09FF] - 12/11/2013 - 19:39:28 ---A- . (...) -- C:\Windows\prodsett_copy.ini [19474]
O44 - LFC:[MD5.80CDF706A9C4C2DD246385B8516CAE8B] - 12/11/2013 - 19:39:55 ---A- . (...) -- C:\Windows\DAASINST.LOG [2425]
O44 - LFC:[MD5.0F1EDED01CB43BEAB5DA0F7FF0E326A4] - 12/11/2013 - 19:40:02 ---A- . (...) -- C:\Windows\FSAVINST.LOG [73179]
O44 - LFC:[MD5.4209DDD95992388207273B0589A763E9] - 12/11/2013 - 19:40:02 ---A- . (...) -- C:\Windows\fsav_db_setup.log [675]
O44 - LFC:[MD5.CE82A41835EB4608D0B40B86082BD6D7] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\FSAVCSIN.LOG [10585]
O44 - LFC:[MD5.7357AD2D23D7334BB99423AB52343469] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\FSGKIAIN.log [4068]
O44 - LFC:[MD5.AA191EA010EC6991EF883D3C98F9A47F] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\FSISU.log [3961472]
O44 - LFC:[MD5.09F63C771210D81C134C95A5F05922CC] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\FSLDIN.LOG [1873]
O44 - LFC:[MD5.03DA7790D26CD8073B77EAE66CCA50A8] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\FSPROD.log [135631]
O44 - LFC:[MD5.A4E6B3A32732C45085D2DC273D3B2D69] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\FSSETUP.log [760918]
O44 - LFC:[MD5.6D11BF7C2A5B4BDA81E38FA5FE84C1DD] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\FSSFM.log [860194]
O44 - LFC:[MD5.39D9369C6D6CB15E1933DA7306020E08] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\RunSetup.log [111807]
O44 - LFC:[MD5.92AFD1964E411C15E87F1DE4E3E6CC49] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\fsavunin.log [3391]
O44 - LFC:[MD5.F59F2C574AA5D84477EB89F87C938F16] - 12/11/2013 - 19:47:06 ---A- . (...) -- C:\Windows\System32\Drivers\fsbts.sys [56016]
~ Files: 125 Legitimates Filtered in 00mn 10s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.1978372EBC8D9BB6AA2EA549A4310109] - 12/11/2013 - 12:53:54 ---A- - C:\Windows\Prefetch\BNDCORE.EXE-3B252194.pf
O45 - LFCP:[MD5.2FE179A506FF93A2B9C478C190779DBE] - 12/11/2013 - 13:28:29 ---A- - C:\Windows\Prefetch\UTORRENTBAR_FRTOOLBARHELPER.E-341E0519.pf =>P2P.µTorrent
~ Prefetcher: 60 Legitimates Filtered in 00mn 00s



---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{9c3f39a7-a35c-11e2-8779-00247e18f338}\AutoRun\command. (...) -- G:\HTC_Sync_Manager_PC.exe (.not file.)
O51 - MPSK:{e45cbf3d-d588-11e2-ada8-00247e18f338}\AutoRun\command. (...) -- G:\HTC_Sync_Manager_PC.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 21 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLogoff"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoClose"=0
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.0FA60A409E1C8AB9A81901311D15393D] - 22/06/2009 - 18:01:26 ---A- . (.Analog Devices, Inc. - High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\ADIHdAud.sys [497152]
O58 - SDL:[MD5.A83B43AC95F83940E6AE0FB4023602B2] - 12/11/2013 - 19:40:05 ---A- . (...) -- C:\Windows\SysWOW64\drivers\fsbts.sys [41024]
O58 - SDL:[MD5.DDEE99DC54EFA20BD5A442CD733C4462] - 20/03/2013 - 09:07:16 ---A- . (...) -- C:\Windows\SysWOW64\FsUsbExDisk.Sys [37344]
~ Drivers: 21 Legitimates Filtered in 00mn 00s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 09/05/2046 - 16:33:37 ---A- . (...) -- C:\Users\lili\Documents\carte DS\Mario_Party_DS_Eur.SAV [524288]
O61 - LFC: 15/11/2013 - 16:29:04 ---A- . (...) -- C:\Users\lili\AppData\Local\Mozilla\updates\E7CF176E110C211B\active-update.xml [57]
O61 - LFC: 15/11/2013 - 16:29:04 ---A- . (...) -- C:\Users\lili\AppData\Local\Mozilla\updates\E7CF176E110C211B\updates.xml [1529]
O61 - LFC: 15/11/2013 - 16:33:35 ---A- . (...) -- C:\Users\lili\AppData\Roaming\ZHP\ZHPADSReport.txt [351] =>.Nicolas Coolman
O61 - LFC: 15/11/2013 - 16:33:35 ---A- . (...) -- C:\Users\lili\AppData\Roaming\ZHP\ZHPDiag.txt [65385] =>.Nicolas Coolman
O61 - LFC: 15/11/2013 - 16:33:49 ---A- . (...) -- C:\Users\lili\Documents\ZHPDiag.Txt [65385] =>.Nicolas Coolman
O61 - LFC: 15/11/2013 - 16:33:49 ---A- . (...) -- C:\Users\lili\Downloads\adwcleaner(1).exe [1085542]
O61 - LFC: 15/11/2013 - 16:33:49 ---A- . (...) -- C:\Users\lili\Downloads\adwcleaner-3.012.exe [1085542]
O61 - LFC: 16/11/2013 - 16:33:35 ---A- . (...) -- C:\Users\lili\AppData\Roaming\ZHP\Log.txt [41205] =>.Nicolas Coolman
O61 - LFC: 16/11/2013 - 16:33:35 ---A- . (...) -- C:\Users\lili\AppData\Roaming\ZHP\TestsZHPDiag.txt [2835] =>.Nicolas Coolman
O61 - LFC: 24/03/2044 - 16:33:38 ---A- . (...) -- C:\Users\lili\Documents\carte DS\[NDS]Diddy_Kong_Racing[EUR]\Diddy Kong Racing.SAV [524288]
~ 9 Fichiers temporaires (Temporary files)
~ Files: 148 Legitimates Filtered in 05mn 53s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {446A2CBA-A660-4E9C-8BF9-6D948E6DE706} [DefaultScope] - (Yahoo!) - https://fr.search.yahoo.com/
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - https://www.google.fr/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {F8B37423-0AD9-4E57-BB22-30675C5A1C24} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.858D895AD40DE9779E78C39A116F9553] [SPRF][12/11/2013] (...) -- C:\Users\lili\AppData\Local\Temp\BackupSetup.exe [10355400]
[MD5.378189889438568FEF3D98588283B3A5] [SPRF][11/11/2013] (...) -- C:\Users\lili\AppData\Local\Temp\Quarantine.exe [350377]
[MD5.37E8FE0E839985A6074CF527517A1186] [SPRF][05/11/2013] (...) -- C:\Users\lili\AppData\Roaming\wklnhst.dat [12994]
~ Files: 7 Legitimates Filtered in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{9EED8D0D-DBD4-4DCC-84F8-CEFAF1D6DEB4}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.) =>Adware.Bandoo
O87 - FAEL: "{6E29D05A-7964-4882-AEE4-E451F1CACA94}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.) =>Adware.Bandoo
O87 - FAEL: "TCP Query User{72731FB5-0F0D-4AEE-BC97-FAFCB433FE8F}C:\users\lili\downloads\redsn0w_win_0.9.10b1\redsn0w_win_0.9.10b1\redsn0w.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\lili\downloads\redsn0w_win_0.9.10b1\redsn0w_win_0.9.10b1\redsn0w.exe (.not file.)
O87 - FAEL: "UDP Query User{55AF6D8D-F41B-4A31-A8F3-41A8FD936E61}C:\users\lili\downloads\redsn0w_win_0.9.10b1\redsn0w_win_0.9.10b1\redsn0w.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\lili\downloads\redsn0w_win_0.9.10b1\redsn0w_win_0.9.10b1\redsn0w.exe (.not file.)
~ Firewall: 237 Legitimates Filtered in 00mn 01s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.7AE5FF598B22E4F65558BAF73107FA7E] [WIS][14/05/2009] (.Builds the Destinations MSI - Builds the Destinations MSI.) -- C:\Windows\Installer\2137bd.msi [459264]
[MD5.A672E4C77ED7CCC851575B10B46CC8AD] [WIS][19/04/2012] (.IMinent - IMinent Toolbar.) -- C:\Windows\Installer\286a28d.msi [1019392] =>Adware.IMBooster
[MD5.0003D9969DF849B9FC84920A0B7B3274] [WIS][26/11/2011] (.Plex, Inc. - Plex Media Server for Windows.) -- C:\Windows\Installer\3bbfdb5.msi [53235712]
[MD5.EAE55A2DA2ADF0E0D7C3C30A8720B316] [WIS][12/02/2009] (.Broadcom Corp. - WIDCOMM Bluetooth Profile Pack.) -- C:\Windows\Installer\51ed8.msi [4665856]
[MD5.9B99C084F89126B43605B595E5811D7D] [WIS][18/02/2011] (.DeviceManagementQFolder - DeviceManagementQFolder.) -- C:\Windows\Installer\f8cb2.msi [121344]
[MD5.8B0BDE37CC36545C16DE589CEBBC5068] [WIS][18/02/2011] (.DocumentViewerQFolder - DocumentViewerQFolder.) -- C:\Windows\Installer\f8cfe.msi [121344]
~ WIS: 168 Legitimates Filtered in 00mn 17s



---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 12/11/2013 68096 | (Adobe LM Service) . (...) - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
SR - | Auto 11/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 15/07/2008 111616 | (AEADIFilters) . (.Andrea Electronics Corporation.) - C:\Windows\System32\AEADISRV.exe
SR - | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 14/05/2008 796712 | (btwdins) . (.Broadcom Corporation..) - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
SR - | Auto 29/12/2008 21296 | (CalendarSynchService) . (.Hewlett-Packard.) - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
SR - | Auto 05/09/2013 653888 | (EpsonCustomerResearchParticipation) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
SR - | Auto 12/12/2011 135824 | (EpsonScanSvc) . (.Seiko Epson Corporation.) - C:\Windows\system32\EscSvc64.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\ezsvc7.dll (ezSharedSvc) . (.EasyBits Sofware AS.) - C:\Windows\System32\svchost.exe
SR - | Auto 18/01/2013 188400 | (fshoster) . (.F-Secure Corporation.) - C:\Program Files (x86)\SFR\Pack_Securite\fshoster32.exe
SR - | Demand 20/08/2013 207808 | (FSMA) . (.F-Secure Corporation.) - C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSMA32.exe
SR - | Auto 12/11/2013 60352 | (FSORSPClient) . (.F-Secure Corporation.) - C:\Program Files (x86)\SFR\Pack_Securite\apps\CCF_Reputation\fsorsp.exe
SS - | Demand 23/06/2008 164600 | (GameConsoleService) . (.WildTangent, Inc..) - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
SS - | Auto 19/02/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 19/02/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 22/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 04/12/2008 94208 | (HP Health Check Service) . (.Hewlett-Packard.) - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
SR - | Auto 10/07/2008 100864 | (HP Touch Screen Enhance) . (.Hewlett-Packard.) - c:\Program Files (x86)\Hewlett-Packard\HP Touch Screen Enhance Service\HPTSEnSrv.exe
SR - | Demand 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\system32\svchost.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Demand 02/11/2013 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Demand 15/11/2013 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 29/06/2010 159336 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\System32\nvvsvc.exe
SR - | Auto 07/12/2012 167424 | (PassThru Service) . (...) - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 22/03/2013 93072 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Demand 10/07/1658 0 | (WPFFontCache_v0400) . (...) - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 28/11/2008 146928 | ({55662437-DA8C-40c0-AADA-2C816A897A49}) . (.CyberLink Corp..) - c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
~ Services: Scanned in 00mn 19s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by lili at 16/11/2013 16:36:36
~ OS 64 not supported by MBR tool
~ MBR: 0 Legitimates Filtered in 00mn 00s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by lili at 16/11/2013 16:36:38

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 12994 - (14/11/2013)
Clés trouvées (Keys found) : 70
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 1

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\482AA67AD25E6E74E9F48BD5FBE8533C] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F479A18A22A86E3429341589FF57D81A] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Tuto Emule_is1] =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FA20CB7A821113A4CB8FA1E38E303D3B] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Inst
0
Réponse 15 / 44
lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 18 septembre 2023 3 804
16 nov. 2013 à 21:47
Héberge le :)
0
Réponse 16 / 44
sonic83 Messages postés 27 Date d'inscription vendredi 15 novembre 2013 Statut Membre Dernière intervention 30 novembre 2013
18 nov. 2013 à 12:04
~ Rapport de ZHPDiag v2013.11.14.33 - Nicolas Coolman (14/11/2013)
~ Lancé par lili (17/11/2013 11:25:02)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program


---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16736
MFIE: Mozilla Firefox 25.0.1 (Defaut)
GCIE: Google Chrome v31.0.1650.57
OBIE: Safari v5.34.57.2

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_COA_NSLP channel
Windows ID Activation : OK
~ Windows Partial Key : 2J7QR
Windows License : OK
~ Windows Remaining Initializations Number : 5
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
Computer Security 12.77.101.0
Pack Sécurité v1.77.243.0
Pack Sécurité v1.77.243.0
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer
Tuto Emule1.0.0.0

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader XI

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 6, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4095 MB (52% free)
System Restore: Activé (Enable)
System drive C: has 604 GB (65%) free of 918 GB

---\\ Mode de connexion au système
~ Computer Name: PC-DE-LILI
~ User Name: lili
~ All Users Names: lili, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\lili\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\lili\AppData\Roaming\
~ %Desktop% : C:\Users\lili\Desktop\
~ %Favorites% : C:\Users\lili\Favorites\
~ %LocalAppData% : C:\Users\lili\AppData\Local\
~ %StartMenu% : C:\Users\lili\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 604 Go of 918 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 14 Go)
E: CD-ROM drive (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.9706C99DAEBE3FEAC811B239617E98C4] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.12/10/2013 - 09:45:20.) -- C:\Windows\System32\wininet.dll [2241536]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 5/2586
~ Mes musiques (My Musics) : 189/2067
~ Mes Videos (My Videos) : 1/94
~ Mes Favoris (My Favorites) : 1/41
~ Mes Documents (My Documents) : 1/2249
~ Mon Bureau (My Desktop) : 1/744
~ Menu demarrer (Programs) : 1/30
~ Hidden Files: Scanned in 00mn 03s



---\\ Processus lancés
[MD5.2DC64A3446C8C6E020E781456B46573D] - (.Microsoft Corporation - Tablet PC Input Panel Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe [10240] [PID.1796]
[MD5.78A724720BE21AE29FF70AD3EC77CFE6] - (.Analog Devices, Inc. - SoundMAX Audio Settings (32-bit).) -- C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe [3862528] [PID.2388]
[MD5.1A1E3B7B2A03F121D627B28362AEFCE0] - (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [966656] [PID.2512]
[MD5.4AD13EBF04EDC31B2C3D5F8E2338F2F4] - (.OLYMPUS IMAGING CORP. - OLYMPUS ib Resident Program.) -- C:\Program Files (x86)\Olympus\ib\olycamdetect.exe [93360] [PID.2572]
[MD5.8EEFD0B92F46B6762A5EC41EF55F7043] - (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248208] [PID.2696]
[MD5.44E31B7CFB3D6A1B067AE47275954E0F] - (.Hewlett-Packard - HP TouchSmart Calendar & Notes.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe [26928] [PID.2884]
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.2912]
[MD5.B54921381A950C8215FB363B485C432B] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [270336] [PID.3656]
[MD5.940251B5F65443969ADC2A2597644D9A] - (.Hewlett Packard - FastUser MFC Application.) -- C:\Program Files (x86)\Hewlett Packard\Buttons & OSDs control application gen2\FastUserSwitching.exe [208896] [PID.3820]
[MD5.309C7161F58C75EE88B07F55CA858280] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [189736] [PID.3960]
[MD5.B6F6228AB545E2819A60C0D63A84E52E] - (.CyberLink Corp. - HP DVDSmart Resident Program.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [1148200] [PID.4016]
[MD5.037BA4C6B4A569B23FD2BCC5152E5CF6] - (.Hewlett-Packard - HP.CPC.TS.) -- c:\Program Files (x86)\Hewlett-Packard\HP Touch Screen Enhance Service\HPTSEnProxy.exe [65536] [PID.4068]
[MD5.512FB594263ED858FBA167DA3D24C5C2] - (.Hewlett-Packard - Keyboard & Mouse Battery Volume Detection.) -- C:\Program Files (x86)\Hewlett-Packard\HP KEYBOARD\HPKEYBOARD.exe [471040] [PID.3088]
[MD5.554A50B5310E702029D3A675459108FF] - (.Hewlett-Packard - hpsysdrv.) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768] [PID.3244]
[MD5.E8BF582DEDABD7BA6B87C9E802CCC629] - (.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [1152296] [PID.3448]
[MD5.29D6909817AE94A7D3DBDD46F1303720] - (.Hewlett Packard - OSD MFC Application.) -- C:\Program Files (x86)\Hewlett Packard\Buttons & OSDs control application gen2\HWManager.exe [233472] [PID.3476]
[MD5.A11F236C31EFDF0EA507C1A37E4A0EBB] - (.Hewlett Packard - OSDForm MFC Application.) -- C:\Program Files (x86)\Hewlett Packard\Buttons & OSDs control application gen2\OSDForm.exe [102400] [PID.2124]
[MD5.EC87FE6FC28C21AB9F41112234008522] - (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1314816] [PID.4048]
[MD5.FBDC0E172AA0D341FF0084A3DBFD00F5] - (.SEIKO EPSON CORPORATION - Fax Reception.) -- C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [502952] [PID.3988]
[MD5.635DFB2E71D6359E07977E74703ED47E] - (.SEIKO EPSON CORPORATION - Fax Transmission.) -- C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863400] [PID.1468]
[MD5.46D3D19A4745B67DCA6692AFAB0E136D] - (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912] [PID.3852]
[MD5.BAF535F843A3E790E04A7613811B55BC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.4028]
[MD5.A0F2C92F410EBAE832DFE507C7E4D6FA] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files (x86)\SFR\Pack_Securite\fshoster32.exe [188400] [PID.2200]
[MD5.5DF9D84032F52FBD736DA2AC6ABE860D] - (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSM32.exe [310208] [PID.3992]
[MD5.C416F1BBBBBFEB586CC319A64A1D5FBF] - (.Broadcom Corporation. - Bluetooth Headset Skype Proxy.) -- c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe [14376] [PID.4548]
[MD5.F16EEA6CCA9D8A7D1193AE80E43FBBC7] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe [168960] [PID.2100]
[MD5.8A9FACCB684500829F7D0BCC67B386CC] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe [559104] [PID.984]
[MD5.883008A9B5BFF94A153D99DBA54CB5C1] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe [362496] [PID.4496]
[MD5.077D59BA0FD4007E841B6C670862B065] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.5056]
[MD5.E0B173F23D873286169995D66B9E3CDF] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [18544] [PID.6640]
[MD5.CEED3CE0035F55A08EEEC34B5804723C] - (.Adobe Systems, Inc. - Adobe Flash Player 11.9 r900.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe [1862536] [PID.6224]
[MD5.A9B236A317FD2D8C9C9F43F33707667E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8216064] [PID.3788]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1456]
[MD5.30E3850F303EAE5C364782EA78579CC9] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624] [PID.1756]
[MD5.2928B8A09EFAB1E1919A8C8EEC8FBED2] - (.Hewlett-Packard - HP TouchSmart Calendar.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [21296] [PID.1196]
[MD5.45303CDBC1FD8F8D371E726BF126F771] - (.F-Secure Corporation - F-Secure ORSP Service.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\CCF_Reputation\fsorsp.exe [60352] [PID.2396]
[MD5.6D45DCE299CC7B52CDDF2A6DC26C7BBC] - (.Hewlett-Packard - HP.CPC.TS.S.) -- c:\Program Files (x86)\Hewlett-Packard\HP Touch Screen Enhance Service\HPTSEnSrv.exe [100864] [PID.2448]
[MD5.1658B96575182F53C0424586EC03B7A0] - (.F-Secure Corporation - F-Secure Gatekeeper Handler 32-bit.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Anti-Virus\FSGK32.exe [621608] [PID.2464]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.2528]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.2676]
[MD5.3CAE2BBC86FCF7F94C9696994AF30386] - (.Pas de propriétaire - PassThruSvr Application.) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424] [PID.2904]
[MD5.0765EE4A7A0D6609BF91CA2E4700E885] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [93072] [PID.2052]
[MD5.537F5AA8CD3AA0DDDA640FB55538FBF8] - (.F-Secure Corporation - F-Secure Scanner Manager 32-bit.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Anti-Virus\fssm32.exe [1162280] [PID.2652]
[MD5.480F368D8AD18D57A0A9F4B562A00A84] - (.F-Secure Corporation - F-Secure Management Agent.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSMA32.exe [207808] [PID.5804]
~ Processes Running: Scanned in 00mn 01s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\lili\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 0 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.msn.com/fr-fr/
~ IE Browser: 16 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar [64Bits] - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
O3 - Toolbar: (no name) [64Bits] - [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Epson Easy Photo Print.lnk . (.SEIKO EPSON CORPORATION - Pas de description.) -- C:\Program Files (x86)\Epson Software\Easy Photo Print\EPQuicker.exe
O4 - GS\Desktop [Public]: Epson Guide réseau WF-2510 Series.lnk . (...) -- C:\Program Files (x86)\Epson Software\Epson Manual\WF-2510 Series\fr\Netg\index.htm
O4 - GS\Desktop [Public]: EPSON Scan.lnk . (.SEIKO EPSON CORP. - EPSON Scan.) -- C:\Windows\twain_32\escndv\escndv.exe
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: Google Earth.lnk . (.Google - Google Earth.) -- C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe =>.Google Inc
O4 - GS\Desktop [Public]: Help and Support.lnk - Clé orpheline
O4 - GS\Desktop [Public]: HP TouchSmart.lnk . (.Hewlett-Packard - SmartCenter.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\SmartCenter 2.0\SmartCenter.exe
O4 - GS\Desktop [Public]: Magic Desktop.lnk . (.EasyBits Software AS - EasyBits Security Shield.) -- C:\Program Files (x86)\EasyBits For Kids\ezSecShield.exe =>.EasyBits Software AS
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: Pack Sécurité.lnk . (.F-Secure Corporation - F-Secure Service Enabler GUI Launcher.) -- C:\Program Files (x86)\SFR\Pack_Securite\trigger.exe
O4 - GS\Desktop [Public]: Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\Desktop [Public]: SP800UZ Manuel d'instructions.lnk . (...) -- C:\Users\Public\Documents\OLYMPUS\Camera Manual\SP800UZ\FRA.pdf (.not file.)
O4 - GS\Program [Public]: HP Total Care Advisor.lnk . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - GS\Program [Public]: Magic Desktop.lnk . (.EasyBits Software AS - EasyBits Security Shield.) -- C:\Program Files (x86)\EasyBits For Kids\ezSecShield.exe =>.EasyBits Software AS
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Optimize for Mouse.lnk . (.Hewlett-Packard Development Company, L.P. - HP Touch Optimizer.) -- C:\Program Files (x86)\Hewlett-Packard\HP Touch Optimizer\HPTouchOptimizer.exe
O4 - GS\Program [Public]: Optimize for Touch.lnk . (.Hewlett-Packard Development Company, L.P. - HP Touch Optimizer.) -- C:\Program Files (x86)\Hewlett-Packard\HP Touch Optimizer\HPTouchOptimizer.exe
O4 - GS\Program [Public]: Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\Program [Public]: Windows Journal.lnk . (...) -- C:\Program Files (x86)\Windows Journal\Journal.exe (.not file.)
O4 - GS\QuickLaunch [lili]: Apple Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\QuickLaunch [lili]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [lili]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [lili]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\lili\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\TaskBar [lili]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [lili]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [lili]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [lili]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [lili]: Adobe Photoshop CS.lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CS.) -- C:\Program Files (x86)\Adobe\Photoshop CS\Photoshop.exe =>.Adobe Systems Incorporated
O4 - GS\Desktop [lili]: HP TouchSmart.lnk . (.Hewlett-Packard - SmartCenter.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\SmartCenter 2.0\SmartCenter.exe
O4 - GS\Desktop [lili]: ib.lnk . (.OLYMPUS IMAGING CORP. - OLYMPUS ib Main Program.) -- C:\Program Files (x86)\Olympus\ib\ib.exe
O4 - GS\Desktop [lili]: Téléchargements - Raccourci.lnk . (...) -- C:\Users\lili\Downloads
O4 - GS\Desktop [lili]: Vegas Pro 10.0 (64-bit).lnk . (...) -- C:\Program Files (x86)\Sony\Vegas Pro 10.0\vegas100.exe (.not file.)
O4 - GS\Desktop [lili]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\lili\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 100 Legitimates Filtered in 00mn 05s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: Adobe Gamma Loader.lnk . (.Adobe Systems, Inc. - Adobe Gamma Loader.) -- C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - GS\Startup [Public]: BTTray.lnk . (...) -- C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe (.not file.)
O4 - GS\Startup [Public]: HP Digital Imaging Monitor.lnk . (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Run: [OsdMaestro] . (.OsdMaestro - On-Screen Caps/Num/Scroll Lock Indicator.) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe
O4 - HKLM\..\Run: [SoundMAX] . (.Analog Devices, Inc. - SoundMAX Audio Settings (32-bit).) -- C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe
O4 - HKLM\..\Run: [IntelliType Pro] . (.Microsoft Corporation - IType.exe.) -- c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
O4 - HKLM\..\Run: [IntelliPoint] . (.Microsoft Corporation - IPoint.exe.) -- c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
O4 - HKCU\..\Run: [HPAdvisor] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKCU\..\Run: [Olympus ib] . (.OLYMPUS IMAGING CORP. - OLYMPUS ib Resident Program.) -- C:\Program Files (x86)\Olympus\ib\olycamdetect.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (.not file.)
O4 - HKCU\..\Run: [Nero MediaHome 4] C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe (.not file.)
O4 - HKCU\..\Run: [MyTomTomSA.exe] . (.TomTom - MyTomTom.) -- C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIXE.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIXE.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [Plex Media Server] . (.Plex, Inc. - Plex Media Server.) -- c:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
O4 - HKLM\..\Wow6432Node\Run: [Buttons & OSDs control application gen2] . (.Hewlett Packard - FastUser MFC Application.) -- C:\Program Files (x86)\Hewlett Packard\Buttons & OSDs control application gen2\FastUserSwitching.exe
O4 - HKLM\..\Wow6432Node\Run: [CLMLServer for HP TouchSmart] . (.CyberLink - CyberLink MediaLibray Service.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
O4 - HKLM\..\Wow6432Node\Run: [DVDAgent] . (.CyberLink Corp. - HP DVDSmart Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Health Check Scheduler] . (.Hewlett-Packard - HP Health Check Scheduler.) -- c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Wow6432Node\Run: [HP KEYBOARD] . (.Hewlett-Packard - Keyboard & Mouse Battery Volume Detection.) -- C:\Program Files (x86)\Hewlett-Packard\HP KEYBOARD\HPKEYBOARD.exe
O4 - HKLM\..\Wow6432Node\Run: [hpsysdrv] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [ORAHSSSessionManager] C:\Program Files (x86)\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [OsdMaestro] . (.OsdMaestro - On-Screen Caps/Num/Scroll Lock Indicator.) -- c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe
O4 - HKLM\..\Wow6432Node\Run: [TSMAgent] . (.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
O4 - HKLM\..\Wow6432Node\Run: [UCam_Menu] . (.CyberLink Corp. - StartMen Application.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateLBPShortCut] . (.CyberLink Corp. - StartMen Application.) -- c:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateP2GoShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdatePDIRShortCut] . (.CyberLink Corp. - StartMen Application.) -- c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdatePSTShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [MDS_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [Olympus ib] . (.OLYMPUS IMAGING CORP. - OLYMPUS ib Resident Program.) -- C:\Program Files (x86)\Olympus\ib\olycamdetect.exe
O4 - HKLM\..\Wow6432Node\Run: [SoundMAXPnP] . (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Wow6432Node\Run: [hpqSRMon] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Wow6432Node\Run: [AppleSyncNotifier] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [FUFAXRCV] . (.SEIKO EPSON CORPORATION - Fax Reception.) -- C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
O4 - HKLM\..\Wow6432Node\Run: [FUFAXSTM] . (.SEIKO EPSON CORPORATION - Fax Transmission.) -- C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
O4 - HKLM\..\Wow6432Node\Run: [EEventManager] . (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [F-Secure Hoster (44996)] . (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files (x86)\SFR\Pack_Securite\fshoster32.exe
O4 - HKLM\..\Wow6432Node\Run: [F-Secure Manager] . (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSM32.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [HPAdvisor] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [Olympus ib] . (.OLYMPUS IMAGING CORP. - OLYMPUS ib Resident Program.) -- C:\Program Files (x86)\Olympus\ib\olycamdetect.exe
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (.not file.)
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [Nero MediaHome 4] C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe (.not file.)
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [MyTomTomSA.exe] . (.TomTom - MyTomTom.) -- C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIXE.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [EPLTarget\P0000000000000001] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIXE.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [Plex Media Server] . (.Plex, Inc. - Plex Media Server.) -- c:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @btrez.dll,-12650 [64Bits] - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- c:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] *.starstable.com
~ IE Zone Confiance: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{05DA647F-A88D-4573-8368-5AF6C5D7D69D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{85CEFEA6-A9F1-4F1E-BEEE-E16266337F69}: DhcpNameServer = 172.20.2.39 172.20.2.10
O17 - HKLM\System\CCS\Services\Tcpip\..\{EC6F2A62-420F-44A8-B445-6656C6CCBED3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{05DA647F-A88D-4573-8368-5AF6C5D7D69D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{85CEFEA6-A9F1-4F1E-BEEE-E16266337F69}: DhcpNameServer = 172.20.2.39 172.20.2.10
O17 - HKLM\System\CS1\Services\Tcpip\..\{EC6F2A62-420F-44A8-B445-6656C6CCBED3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{05DA647F-A88D-4573-8368-5AF6C5D7D69D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{85CEFEA6-A9F1-4F1E-BEEE-E16266337F69}: DhcpNameServer = 172.20.2.39 172.20.2.10
O17 - HKLM\System\CS2\Services\Tcpip\..\{EC6F2A62-420F-44A8-B445-6656C6CCBED3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Windows\web\wallpaper\chp.jpg
O24 - Desktop General: WallPaper - .(...) - C:\Windows\web\wallpaper\chp.jpg
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [{5048E7A8-176A-4A81-A517-CBE272C872EC}] (...) -- C:\Program Files (x86)\HP\Digital Imaging\{B46AC30C-22D2-4610-B041-1DA7BB29EB57}\hpzstub.exe (.not file.) [0]
~ Scheduled Task: 16 Legitimates Filtered in 00mn 04s



---\\ Logiciels installés (O42)
O42 - Logiciel: BuzzSearch 2013.11.07.232809 - (.BuzzSearch.) [HKLM][64Bits] -- BuzzSearch
O42 - Logiciel: FoxTab PDF Converter - (...) [HKCU][64Bits] -- FoxTab PDF Converter
~ Logic: 189 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 15/01/2013 - 10:52:47 - [0,049] ----D C:\Program Files (x86)\ALFANO_VUE
O43 - CFD: 08/07/2013 - 06:33:15 - [0] ----D C:\Program Files (x86)\GUM79B1.tmp
O43 - CFD: 15/11/2013 - 19:44:03 - [0] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 04/04/2011 - 14:53:19 - [0] ----D C:\Users\lili\AppData\Local\ib
~ Program Folder: 203 Legitimates Filtered in 01mn 06s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.CB423BB9E0EECC4BD1D8A821A28E0D68] - 02/11/2013 - 12:57:58 ---A- . (...) -- C:\Windows\setup.iss [308]
O44 - LFC:[MD5.CB8572E790FCE09714143741C20E9934] - 12/11/2013 - 15:34:42 ---A- . (...) -- C:\Windows\SysNative\sasnative64.exe [16896]
O44 - LFC:[MD5.CB8572E790FCE09714143741C20E9934] - 12/11/2013 - 15:34:42 ---A- . (...) -- C:\Windows\System32\sasnative64.exe [16896]
O44 - LFC:[MD5.65DAD6734DE7B41379410E1951F51E1E] - 12/11/2013 - 19:39:13 ---A- . (...) -- C:\Windows\fspplugin.log [19265]
O44 - LFC:[MD5.B2D2FE825ADB89E7985AD8CE3AF5D69E] - 12/11/2013 - 19:39:21 ---A- . (...) -- C:\Windows\FSDEPH.log [147248]
O44 - LFC:[MD5.392DEA6C7B8348FD41BD6CC379BF09FF] - 12/11/2013 - 19:39:28 ---A- . (...) -- C:\Windows\prodsett_copy.ini [19474]
O44 - LFC:[MD5.80CDF706A9C4C2DD246385B8516CAE8B] - 12/11/2013 - 19:39:55 ---A- . (...) -- C:\Windows\DAASINST.LOG [2425]
O44 - LFC:[MD5.0F1EDED01CB43BEAB5DA0F7FF0E326A4] - 12/11/2013 - 19:40:02 ---A- . (...) -- C:\Windows\FSAVINST.LOG [73179]
O44 - LFC:[MD5.4209DDD95992388207273B0589A763E9] - 12/11/2013 - 19:40:02 ---A- . (...) -- C:\Windows\fsav_db_setup.log [675]
O44 - LFC:[MD5.CE82A41835EB4608D0B40B86082BD6D7] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\FSAVCSIN.LOG [10585]
O44 - LFC:[MD5.7357AD2D23D7334BB99423AB52343469] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\FSGKIAIN.log [4068]
O44 - LFC:[MD5.AA191EA010EC6991EF883D3C98F9A47F] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\FSISU.log [3961472]
O44 - LFC:[MD5.09F63C771210D81C134C95A5F05922CC] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\FSLDIN.LOG [1873]
O44 - LFC:[MD5.03DA7790D26CD8073B77EAE66CCA50A8] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\FSPROD.log [135631]
O44 - LFC:[MD5.A4E6B3A32732C45085D2DC273D3B2D69] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\FSSETUP.log [760918]
O44 - LFC:[MD5.6D11BF7C2A5B4BDA81E38FA5FE84C1DD] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\FSSFM.log [860194]
O44 - LFC:[MD5.39D9369C6D6CB15E1933DA7306020E08] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\RunSetup.log [111807]
O44 - LFC:[MD5.92AFD1964E411C15E87F1DE4E3E6CC49] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\fsavunin.log [3391]
O44 - LFC:[MD5.F59F2C574AA5D84477EB89F87C938F16] - 12/11/2013 - 19:47:06 ---A- . (...) -- C:\Windows\System32\Drivers\fsbts.sys [56016]
~ Files: 125 Legitimates Filtered in 00mn 11s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.1978372EBC8D9BB6AA2EA549A4310109] - 12/11/2013 - 12:53:54 ---A- - C:\Windows\Prefetch\BNDCORE.EXE-3B252194.pf
O45 - LFCP:[MD5.2FE179A506FF93A2B9C478C190779DBE] - 12/11/2013 - 13:28:29 ---A- - C:\Windows\Prefetch\UTORRENTBAR_FRTOOLBARHELPER.E-341E0519.pf =>P2P.µTorrent
O45 - LFCP:[MD5.0C69A91A79B2DAC2448FA105B9E88C1E] - 17/11/2013 - 10:20:49 ---A- - C:\Windows\Prefetch\FUFAXRCV.EXE-B4DFC0C0.pf
O45 - LFCP:[MD5.89D3E7D0154ADE8C1CCAF0D685334570] - 17/11/2013 - 10:25:38 ---A- - C:\Windows\Prefetch\TRIGGER.EXE-A0ECBE75.pf
~ Prefetcher: 116 Legitimates Filtered in 00mn 00s



---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{9c3f39a7-a35c-11e2-8779-00247e18f338}\AutoRun\command. (...) -- G:\HTC_Sync_Manager_PC.exe (.not file.)
O51 - MPSK:{e45cbf3d-d588-11e2-ada8-00247e18f338}\AutoRun\command. (...) -- G:\HTC_Sync_Manager_PC.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 21 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLogoff"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoClose"=0
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.0FA60A409E1C8AB9A81901311D15393D] - 22/06/2009 - 18:01:26 ---A- . (.Analog Devices, Inc. - High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\ADIHdAud.sys [497152]
O58 - SDL:[MD5.A83B43AC95F83940E6AE0FB4023602B2] - 12/11/2013 - 19:40:05 ---A- . (...) -- C:\Windows\SysWOW64\drivers\fsbts.sys [41024]
O58 - SDL:[MD5.DDEE99DC54EFA20BD5A442CD733C4462] - 20/03/2013 - 09:07:16 ---A- . (...) -- C:\Windows\SysWOW64\FsUsbExDisk.Sys [37344]
~ Drivers: 21 Legitimates Filtered in 00mn 00s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 09/05/2046 - 11:32:20 ---A- . (...) -- C:\Users\lili\Documents\carte DS\Mario_Party_DS_Eur.SAV [524288]
O61 - LFC: 15/11/2013 - 11:27:39 ---A- . (...) -- C:\Users\lili\AppData\Local\Mozilla\updates\E7CF176E110C211B\active-update.xml [57]
O61 - LFC: 15/11/2013 - 11:27:39 ---A- . (...) -- C:\Users\lili\AppData\Local\Mozilla\updates\E7CF176E110C211B\updates.xml [1529]
O61 - LFC: 15/11/2013 - 11:32:40 ---A- . (...) -- C:\Users\lili\Documents\ZHPDiag.Txt [65385] =>.Nicolas Coolman
O61 - LFC: 15/11/2013 - 11:32:42 ---A- . (...) -- C:\Users\lili\Downloads\adwcleaner(1).exe [1085542]
O61 - LFC: 15/11/2013 - 11:32:44 ---A- . (...) -- C:\Users\lili\Downloads\adwcleaner-3.012.exe [1085542]
O61 - LFC: 16/11/2013 - 11:32:18 ---A- . (...) -- C:\Users\lili\AppData\Roaming\ZHP\ZHPADSReport.txt [351] =>.Nicolas Coolman
O61 - LFC: 16/11/2013 - 11:32:18 ---A- . (...) -- C:\Users\lili\AppData\Roaming\ZHP\ZHPDiag.txt [62427] =>.Nicolas Coolman
O61 - LFC: 16/11/2013 - 11:32:47 R--A- . (...) -- C:\Users\lili\Downloads\Mike Will Made It Ft. Miley Cyrus, Juicy J & Wiz Khalifa - 23 [Explicit] 720p [Sbyky].mp4 [104356528]
O61 - LFC: 17/11/2013 - 11:32:18 ---A- . (...) -- C:\Users\lili\AppData\Roaming\ZHP\Log.txt [63164] =>.Nicolas Coolman
O61 - LFC: 17/11/2013 - 11:32:18 ---A- . (...) -- C:\Users\lili\AppData\Roaming\ZHP\TestsZHPDiag.txt [2835] =>.Nicolas Coolman
O61 - LFC: 24/03/2044 - 11:32:21 ---A- . (...) -- C:\Users\lili\Documents\carte DS\[NDS]Diddy_Kong_Racing[EUR]\Diddy Kong Racing.SAV [524288]
~ 10 Fichiers temporaires (Temporary files)
~ Files: 139 Legitimates Filtered in 06mn 30s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {446A2CBA-A660-4E9C-8BF9-6D948E6DE706} [DefaultScope] - (Yahoo!) - https://fr.search.yahoo.com/
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - https://www.google.fr/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {F8B37423-0AD9-4E57-BB22-30675C5A1C24} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.858D895AD40DE9779E78C39A116F9553] [SPRF][12/11/2013] (...) -- C:\Users\lili\AppData\Local\Temp\BackupSetup.exe [10355400]
[MD5.378189889438568FEF3D98588283B3A5] [SPRF][11/11/2013] (...) -- C:\Users\lili\AppData\Local\Temp\Quarantine.exe [350377]
[MD5.37E8FE0E839985A6074CF527517A1186] [SPRF][05/11/2013] (...) -- C:\Users\lili\AppData\Roaming\wklnhst.dat [12994]
~ Files: 7 Legitimates Filtered in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{9EED8D0D-DBD4-4DCC-84F8-CEFAF1D6DEB4}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.) =>Adware.Bandoo
O87 - FAEL: "{6E29D05A-7964-4882-AEE4-E451F1CACA94}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.) =>Adware.Bandoo
O87 - FAEL: "TCP Query User{72731FB5-0F0D-4AEE-BC97-FAFCB433FE8F}C:\users\lili\downloads\redsn0w_win_0.9.10b1\redsn0w_win_0.9.10b1\redsn0w.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\lili\downloads\redsn0w_win_0.9.10b1\redsn0w_win_0.9.10b1\redsn0w.exe (.not file.)
O87 - FAEL: "UDP Query User{55AF6D8D-F41B-4A31-A8F3-41A8FD936E61}C:\users\lili\downloads\redsn0w_win_0.9.10b1\redsn0w_win_0.9.10b1\redsn0w.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\lili\downloads\redsn0w_win_0.9.10b1\redsn0w_win_0.9.10b1\redsn0w.exe (.not file.)
~ Firewall: 237 Legitimates Filtered in 00mn 01s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.7AE5FF598B22E4F65558BAF73107FA7E] [WIS][14/05/2009] (.Builds the Destinations MSI - Builds the Destinations MSI.) -- C:\Windows\Installer\2137bd.msi [459264]
[MD5.A672E4C77ED7CCC851575B10B46CC8AD] [WIS][19/04/2012] (.IMinent - IMinent Toolbar.) -- C:\Windows\Installer\286a28d.msi [1019392] =>Adware.IMBooster
[MD5.0003D9969DF849B9FC84920A0B7B3274] [WIS][26/11/2011] (.Plex, Inc. - Plex Media Server for Windows.) -- C:\Windows\Installer\3bbfdb5.msi [53235712]
[MD5.EAE55A2DA2ADF0E0D7C3C30A8720B316] [WIS][12/02/2009] (.Broadcom Corp. - WIDCOMM Bluetooth Profile Pack.) -- C:\Windows\Installer\51ed8.msi [4665856]
[MD5.9B99C084F89126B43605B595E5811D7D] [WIS][18/02/2011] (.DeviceManagementQFolder - DeviceManagementQFolder.) -- C:\Windows\Installer\f8cb2.msi [121344]
[MD5.8B0BDE37CC36545C16DE589CEBBC5068] [WIS][18/02/2011] (.DocumentViewerQFolder - DocumentViewerQFolder.) -- C:\Windows\Installer\f8cfe.msi [121344]
~ WIS: 168 Legitimates Filtered in 00mn 17s



---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 12/11/2013 68096 | (Adobe LM Service) . (...) - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
SR - | Auto 11/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 15/07/2008 111616 | (AEADIFilters) . (.Andrea Electronics Corporation.) - C:\Windows\System32\AEADISRV.exe
SR - | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 14/05/2008 796712 | (btwdins) . (.Broadcom Corporation..) - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
SR - | Auto 29/12/2008 21296 | (CalendarSynchService) . (.Hewlett-Packard.) - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
SR - | Auto 05/09/2013 653888 | (EpsonCustomerResearchParticipation) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
SR - | Auto 12/12/2011 135824 | (EpsonScanSvc) . (.Seiko Epson Corporation.) - C:\Windows\system32\EscSvc64.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\ezsvc7.dll (ezSharedSvc) . (.EasyBits Sofware AS.) - C:\Windows\System32\svchost.exe
SR - | Auto 18/01/2013 188400 | (fshoster) . (.F-Secure Corporation.) - C:\Program Files (x86)\SFR\Pack_Securite\fshoster32.exe
SR - | Demand 20/08/2013 207808 | (FSMA) . (.F-Secure Corporation.) - C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSMA32.exe
SR - | Auto 12/11/2013 60352 | (FSORSPClient) . (.F-Secure Corporation.) - C:\Program Files (x86)\SFR\Pack_Securite\apps\CCF_Reputation\fsorsp.exe
SS - | Demand 23/06/2008 164600 | (GameConsoleService) . (.WildTangent, Inc..) - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
SS - | Auto 19/02/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 19/02/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 22/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 04/12/2008 94208 | (HP Health Check Service) . (.Hewlett-Packard.) - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
SR - | Auto 10/07/2008 100864 | (HP Touch Screen Enhance) . (.Hewlett-Packard.) - c:\Program Files (x86)\Hewlett-Packard\HP Touch Screen Enhance Service\HPTSEnSrv.exe
SR - | Demand 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\system32\svchost.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Demand 02/11/2013 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Demand 15/11/2013 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 29/06/2010 159336 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\System32\nvvsvc.exe
SR - | Auto 07/12/2012 167424 | (PassThru Service) . (...) - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 22/03/2013 93072 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Demand 10/07/1658 0 | (WPFFontCache_v0400) . (...) - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 28/11/2008 146928 | ({55662437-DA8C-40c0-AADA-2C816A897A49}) . (.CyberLink Corp..) - c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
~ Services: Scanned in 00mn 18s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by lili at 17/11/2013 11:36:13
~ OS 64 not supported by MBR tool
~ MBR: 0 Legitimates Filtered in 00mn 00s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by lili at 17/11/2013 11:36:15

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 12994 - (14/11/2013)
Clés trouvées (Keys found) : 70
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 1

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\482AA67AD25E6E74E9F48BD5FBE8533C] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F479A18A22A86E3429341589FF57D81A] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Tuto Emule_is1] =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FA20CB7A821113A4CB8FA1E38E303D3B] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\
0
Réponse 17 / 44
sonic83 Messages postés 27 Date d'inscription vendredi 15 novembre 2013 Statut Membre Dernière intervention 30 novembre 2013
18 nov. 2013 à 16:59
je peux pas poster l'hébergement , ça me dit déja posté ce message
0
irongege Messages postés 40847 Date d'inscription jeudi 1 novembre 2007 Statut Modérateur Dernière intervention 29 juin 2023 5 054
18 nov. 2013 à 17:26
Salut poto

J'ai restauré le message bloqué par le robot.
0
Réponse 18 / 44
lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 18 septembre 2023 3 804
18 nov. 2013 à 17:43
Héberges le sûr cjoint il passe pas sur le forum


0
irongege Messages postés 40847 Date d'inscription jeudi 1 novembre 2007 Statut Modérateur Dernière intervention 29 juin 2023 5 054
18 nov. 2013 à 17:53
Il est juste au dessus.
0
noctambule28 Messages postés 31791 Date d'inscription samedi 12 mai 2007 Statut Webmaster Dernière intervention 13 février 2022 2 858
18 nov. 2013 à 17:56
Au dessus mais tronqué, il faut l'héberger ;-)
0
irongege Messages postés 40847 Date d'inscription jeudi 1 novembre 2007 Statut Modérateur Dernière intervention 29 juin 2023 5 054
18 nov. 2013 à 18:03
Va peiner à le faire, il est plus doué sur sa moto que sur son pc :DDDDDDDDDD
0
Réponse 19 / 44
lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 18 septembre 2023 3 804
18 nov. 2013 à 18:00
Merci Noc

Iron
Incomplet :)
0
Réponse 20 / 44
sonic83 Messages postés 27 Date d'inscription vendredi 15 novembre 2013 Statut Membre Dernière intervention 30 novembre 2013
18 nov. 2013 à 18:13
~ Rapport de ZHPDiag v2013.11.14.33 - Nicolas Coolman (14/11/2013)
~ Lancé par lili (17/11/2013 11:25:02)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program


---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16736
MFIE: Mozilla Firefox 25.0.1 (Defaut)
GCIE: Google Chrome v31.0.1650.57
OBIE: Safari v5.34.57.2

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_COA_NSLP channel
Windows ID Activation : OK
~ Windows Partial Key : 2J7QR
Windows License : OK
~ Windows Remaining Initializations Number : 5
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
Computer Security 12.77.101.0
Pack Sécurité v1.77.243.0
Pack Sécurité v1.77.243.0
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer
Tuto Emule1.0.0.0

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader XI

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 6, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4095 MB (52% free)
System Restore: Activé (Enable)
System drive C: has 604 GB (65%) free of 918 GB

---\\ Mode de connexion au système
~ Computer Name: PC-DE-LILI
~ User Name: lili
~ All Users Names: lili, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\lili\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\lili\AppData\Roaming\
~ %Desktop% : C:\Users\lili\Desktop\
~ %Favorites% : C:\Users\lili\Favorites\
~ %LocalAppData% : C:\Users\lili\AppData\Local\
~ %StartMenu% : C:\Users\lili\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 604 Go of 918 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 14 Go)
E: CD-ROM drive (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.9706C99DAEBE3FEAC811B239617E98C4] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.12/10/2013 - 09:45:20.) -- C:\Windows\System32\wininet.dll [2241536]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 5/2586
~ Mes musiques (My Musics) : 189/2067
~ Mes Videos (My Videos) : 1/94
~ Mes Favoris (My Favorites) : 1/41
~ Mes Documents (My Documents) : 1/2249
~ Mon Bureau (My Desktop) : 1/744
~ Menu demarrer (Programs) : 1/30
~ Hidden Files: Scanned in 00mn 03s



---\\ Processus lancés
[MD5.2DC64A3446C8C6E020E781456B46573D] - (.Microsoft Corporation - Tablet PC Input Panel Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe [10240] [PID.1796]
[MD5.78A724720BE21AE29FF70AD3EC77CFE6] - (.Analog Devices, Inc. - SoundMAX Audio Settings (32-bit).) -- C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe [3862528] [PID.2388]
[MD5.1A1E3B7B2A03F121D627B28362AEFCE0] - (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [966656] [PID.2512]
[MD5.4AD13EBF04EDC31B2C3D5F8E2338F2F4] - (.OLYMPUS IMAGING CORP. - OLYMPUS ib Resident Program.) -- C:\Program Files (x86)\Olympus\ib\olycamdetect.exe [93360] [PID.2572]
[MD5.8EEFD0B92F46B6762A5EC41EF55F7043] - (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248208] [PID.2696]
[MD5.44E31B7CFB3D6A1B067AE47275954E0F] - (.Hewlett-Packard - HP TouchSmart Calendar & Notes.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe [26928] [PID.2884]
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.2912]
[MD5.B54921381A950C8215FB363B485C432B] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [270336] [PID.3656]
[MD5.940251B5F65443969ADC2A2597644D9A] - (.Hewlett Packard - FastUser MFC Application.) -- C:\Program Files (x86)\Hewlett Packard\Buttons & OSDs control application gen2\FastUserSwitching.exe [208896] [PID.3820]
[MD5.309C7161F58C75EE88B07F55CA858280] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [189736] [PID.3960]
[MD5.B6F6228AB545E2819A60C0D63A84E52E] - (.CyberLink Corp. - HP DVDSmart Resident Program.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [1148200] [PID.4016]
[MD5.037BA4C6B4A569B23FD2BCC5152E5CF6] - (.Hewlett-Packard - HP.CPC.TS.) -- c:\Program Files (x86)\Hewlett-Packard\HP Touch Screen Enhance Service\HPTSEnProxy.exe [65536] [PID.4068]
[MD5.512FB594263ED858FBA167DA3D24C5C2] - (.Hewlett-Packard - Keyboard & Mouse Battery Volume Detection.) -- C:\Program Files (x86)\Hewlett-Packard\HP KEYBOARD\HPKEYBOARD.exe [471040] [PID.3088]
[MD5.554A50B5310E702029D3A675459108FF] - (.Hewlett-Packard - hpsysdrv.) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768] [PID.3244]
[MD5.E8BF582DEDABD7BA6B87C9E802CCC629] - (.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [1152296] [PID.3448]
[MD5.29D6909817AE94A7D3DBDD46F1303720] - (.Hewlett Packard - OSD MFC Application.) -- C:\Program Files (x86)\Hewlett Packard\Buttons & OSDs control application gen2\HWManager.exe [233472] [PID.3476]
[MD5.A11F236C31EFDF0EA507C1A37E4A0EBB] - (.Hewlett Packard - OSDForm MFC Application.) -- C:\Program Files (x86)\Hewlett Packard\Buttons & OSDs control application gen2\OSDForm.exe [102400] [PID.2124]
[MD5.EC87FE6FC28C21AB9F41112234008522] - (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1314816] [PID.4048]
[MD5.FBDC0E172AA0D341FF0084A3DBFD00F5] - (.SEIKO EPSON CORPORATION - Fax Reception.) -- C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [502952] [PID.3988]
[MD5.635DFB2E71D6359E07977E74703ED47E] - (.SEIKO EPSON CORPORATION - Fax Transmission.) -- C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863400] [PID.1468]
[MD5.46D3D19A4745B67DCA6692AFAB0E136D] - (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912] [PID.3852]
[MD5.BAF535F843A3E790E04A7613811B55BC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.4028]
[MD5.A0F2C92F410EBAE832DFE507C7E4D6FA] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files (x86)\SFR\Pack_Securite\fshoster32.exe [188400] [PID.2200]
[MD5.5DF9D84032F52FBD736DA2AC6ABE860D] - (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSM32.exe [310208] [PID.3992]
[MD5.C416F1BBBBBFEB586CC319A64A1D5FBF] - (.Broadcom Corporation. - Bluetooth Headset Skype Proxy.) -- c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe [14376] [PID.4548]
[MD5.F16EEA6CCA9D8A7D1193AE80E43FBBC7] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe [168960] [PID.2100]
[MD5.8A9FACCB684500829F7D0BCC67B386CC] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe [559104] [PID.984]
[MD5.883008A9B5BFF94A153D99DBA54CB5C1] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe [362496] [PID.4496]
[MD5.077D59BA0FD4007E841B6C670862B065] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.5056]
[MD5.E0B173F23D873286169995D66B9E3CDF] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [18544] [PID.6640]
[MD5.CEED3CE0035F55A08EEEC34B5804723C] - (.Adobe Systems, Inc. - Adobe Flash Player 11.9 r900.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe [1862536] [PID.6224]
[MD5.A9B236A317FD2D8C9C9F43F33707667E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8216064] [PID.3788]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1456]
[MD5.30E3850F303EAE5C364782EA78579CC9] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624] [PID.1756]
[MD5.2928B8A09EFAB1E1919A8C8EEC8FBED2] - (.Hewlett-Packard - HP TouchSmart Calendar.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [21296] [PID.1196]
[MD5.45303CDBC1FD8F8D371E726BF126F771] - (.F-Secure Corporation - F-Secure ORSP Service.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\CCF_Reputation\fsorsp.exe [60352] [PID.2396]
[MD5.6D45DCE299CC7B52CDDF2A6DC26C7BBC] - (.Hewlett-Packard - HP.CPC.TS.S.) -- c:\Program Files (x86)\Hewlett-Packard\HP Touch Screen Enhance Service\HPTSEnSrv.exe [100864] [PID.2448]
[MD5.1658B96575182F53C0424586EC03B7A0] - (.F-Secure Corporation - F-Secure Gatekeeper Handler 32-bit.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Anti-Virus\FSGK32.exe [621608] [PID.2464]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.2528]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.2676]
[MD5.3CAE2BBC86FCF7F94C9696994AF30386] - (.Pas de propriétaire - PassThruSvr Application.) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424] [PID.2904]
[MD5.0765EE4A7A0D6609BF91CA2E4700E885] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [93072] [PID.2052]
[MD5.537F5AA8CD3AA0DDDA640FB55538FBF8] - (.F-Secure Corporation - F-Secure Scanner Manager 32-bit.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Anti-Virus\fssm32.exe [1162280] [PID.2652]
[MD5.480F368D8AD18D57A0A9F4B562A00A84] - (.F-Secure Corporation - F-Secure Management Agent.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSMA32.exe [207808] [PID.5804]
~ Processes Running: Scanned in 00mn 01s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\lili\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 0 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.msn.com/fr-fr/
~ IE Browser: 16 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar [64Bits] - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
O3 - Toolbar: (no name) [64Bits] - [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Epson Easy Photo Print.lnk . (.SEIKO EPSON CORPORATION - Pas de description.) -- C:\Program Files (x86)\Epson Software\Easy Photo Print\EPQuicker.exe
O4 - GS\Desktop [Public]: Epson Guide réseau WF-2510 Series.lnk . (...) -- C:\Program Files (x86)\Epson Software\Epson Manual\WF-2510 Series\fr\Netg\index.htm
O4 - GS\Desktop [Public]: EPSON Scan.lnk . (.SEIKO EPSON CORP. - EPSON Scan.) -- C:\Windows\twain_32\escndv\escndv.exe
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: Google Earth.lnk . (.Google - Google Earth.) -- C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe =>.Google Inc
O4 - GS\Desktop [Public]: Help and Support.lnk - Clé orpheline
O4 - GS\Desktop [Public]: HP TouchSmart.lnk . (.Hewlett-Packard - SmartCenter.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\SmartCenter 2.0\SmartCenter.exe
O4 - GS\Desktop [Public]: Magic Desktop.lnk . (.EasyBits Software AS - EasyBits Security Shield.) -- C:\Program Files (x86)\EasyBits For Kids\ezSecShield.exe =>.EasyBits Software AS
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: Pack Sécurité.lnk . (.F-Secure Corporation - F-Secure Service Enabler GUI Launcher.) -- C:\Program Files (x86)\SFR\Pack_Securite\trigger.exe
O4 - GS\Desktop [Public]: Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\Desktop [Public]: SP800UZ Manuel d'instructions.lnk . (...) -- C:\Users\Public\Documents\OLYMPUS\Camera Manual\SP800UZ\FRA.pdf (.not file.)
O4 - GS\Program [Public]: HP Total Care Advisor.lnk . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - GS\Program [Public]: Magic Desktop.lnk . (.EasyBits Software AS - EasyBits Security Shield.) -- C:\Program Files (x86)\EasyBits For Kids\ezSecShield.exe =>.EasyBits Software AS
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Optimize for Mouse.lnk . (.Hewlett-Packard Development Company, L.P. - HP Touch Optimizer.) -- C:\Program Files (x86)\Hewlett-Packard\HP Touch Optimizer\HPTouchOptimizer.exe
O4 - GS\Program [Public]: Optimize for Touch.lnk . (.Hewlett-Packard Development Company, L.P. - HP Touch Optimizer.) -- C:\Program Files (x86)\Hewlett-Packard\HP Touch Optimizer\HPTouchOptimizer.exe
O4 - GS\Program [Public]: Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\Program [Public]: Windows Journal.lnk . (...) -- C:\Program Files (x86)\Windows Journal\Journal.exe (.not file.)
O4 - GS\QuickLaunch [lili]: Apple Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\QuickLaunch [lili]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [lili]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [lili]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\lili\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\TaskBar [lili]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [lili]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [lili]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [lili]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [lili]: Adobe Photoshop CS.lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CS.) -- C:\Program Files (x86)\Adobe\Photoshop CS\Photoshop.exe =>.Adobe Systems Incorporated
O4 - GS\Desktop [lili]: HP TouchSmart.lnk . (.Hewlett-Packard - SmartCenter.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\SmartCenter 2.0\SmartCenter.exe
O4 - GS\Desktop [lili]: ib.lnk . (.OLYMPUS IMAGING CORP. - OLYMPUS ib Main Program.) -- C:\Program Files (x86)\Olympus\ib\ib.exe
O4 - GS\Desktop [lili]: Téléchargements - Raccourci.lnk . (...) -- C:\Users\lili\Downloads
O4 - GS\Desktop [lili]: Vegas Pro 10.0 (64-bit).lnk . (...) -- C:\Program Files (x86)\Sony\Vegas Pro 10.0\vegas100.exe (.not file.)
O4 - GS\Desktop [lili]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\lili\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 100 Legitimates Filtered in 00mn 05s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: Adobe Gamma Loader.lnk . (.Adobe Systems, Inc. - Adobe Gamma Loader.) -- C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - GS\Startup [Public]: BTTray.lnk . (...) -- C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe (.not file.)
O4 - GS\Startup [Public]: HP Digital Imaging Monitor.lnk . (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Run: [OsdMaestro] . (.OsdMaestro - On-Screen Caps/Num/Scroll Lock Indicator.) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe
O4 - HKLM\..\Run: [SoundMAX] . (.Analog Devices, Inc. - SoundMAX Audio Settings (32-bit).) -- C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe
O4 - HKLM\..\Run: [IntelliType Pro] . (.Microsoft Corporation - IType.exe.) -- c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
O4 - HKLM\..\Run: [IntelliPoint] . (.Microsoft Corporation - IPoint.exe.) -- c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
O4 - HKCU\..\Run: [HPAdvisor] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKCU\..\Run: [Olympus ib] . (.OLYMPUS IMAGING CORP. - OLYMPUS ib Resident Program.) -- C:\Program Files (x86)\Olympus\ib\olycamdetect.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (.not file.)
O4 - HKCU\..\Run: [Nero MediaHome 4] C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe (.not file.)
O4 - HKCU\..\Run: [MyTomTomSA.exe] . (.TomTom - MyTomTom.) -- C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIXE.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIXE.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [Plex Media Server] . (.Plex, Inc. - Plex Media Server.) -- c:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
O4 - HKLM\..\Wow6432Node\Run: [Buttons & OSDs control application gen2] . (.Hewlett Packard - FastUser MFC Application.) -- C:\Program Files (x86)\Hewlett Packard\Buttons & OSDs control application gen2\FastUserSwitching.exe
O4 - HKLM\..\Wow6432Node\Run: [CLMLServer for HP TouchSmart] . (.CyberLink - CyberLink MediaLibray Service.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
O4 - HKLM\..\Wow6432Node\Run: [DVDAgent] . (.CyberLink Corp. - HP DVDSmart Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Health Check Scheduler] . (.Hewlett-Packard - HP Health Check Scheduler.) -- c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Wow6432Node\Run: [HP KEYBOARD] . (.Hewlett-Packard - Keyboard & Mouse Battery Volume Detection.) -- C:\Program Files (x86)\Hewlett-Packard\HP KEYBOARD\HPKEYBOARD.exe
O4 - HKLM\..\Wow6432Node\Run: [hpsysdrv] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [ORAHSSSessionManager] C:\Program Files (x86)\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [OsdMaestro] . (.OsdMaestro - On-Screen Caps/Num/Scroll Lock Indicator.) -- c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe
O4 - HKLM\..\Wow6432Node\Run: [TSMAgent] . (.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
O4 - HKLM\..\Wow6432Node\Run: [UCam_Menu] . (.CyberLink Corp. - StartMen Application.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateLBPShortCut] . (.CyberLink Corp. - StartMen Application.) -- c:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateP2GoShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdatePDIRShortCut] . (.CyberLink Corp. - StartMen Application.) -- c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdatePSTShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [MDS_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [Olympus ib] . (.OLYMPUS IMAGING CORP. - OLYMPUS ib Resident Program.) -- C:\Program Files (x86)\Olympus\ib\olycamdetect.exe
O4 - HKLM\..\Wow6432Node\Run: [SoundMAXPnP] . (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Wow6432Node\Run: [hpqSRMon] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Wow6432Node\Run: [AppleSyncNotifier] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [FUFAXRCV] . (.SEIKO EPSON CORPORATION - Fax Reception.) -- C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
O4 - HKLM\..\Wow6432Node\Run: [FUFAXSTM] . (.SEIKO EPSON CORPORATION - Fax Transmission.) -- C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
O4 - HKLM\..\Wow6432Node\Run: [EEventManager] . (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [F-Secure Hoster (44996)] . (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files (x86)\SFR\Pack_Securite\fshoster32.exe
O4 - HKLM\..\Wow6432Node\Run: [F-Secure Manager] . (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSM32.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [HPAdvisor] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [Olympus ib] . (.OLYMPUS IMAGING CORP. - OLYMPUS ib Resident Program.) -- C:\Program Files (x86)\Olympus\ib\olycamdetect.exe
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (.not file.)
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [Nero MediaHome 4] C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe (.not file.)
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [MyTomTomSA.exe] . (.TomTom - MyTomTom.) -- C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIXE.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [EPLTarget\P0000000000000001] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIXE.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-4261095863-2040284751-431665412-1000\..\Run: [Plex Media Server] . (.Plex, Inc. - Plex Media Server.) -- c:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @btrez.dll,-12650 [64Bits] - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- c:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] *.starstable.com
~ IE Zone Confiance: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{05DA647F-A88D-4573-8368-5AF6C5D7D69D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{85CEFEA6-A9F1-4F1E-BEEE-E16266337F69}: DhcpNameServer = 172.20.2.39 172.20.2.10
O17 - HKLM\System\CCS\Services\Tcpip\..\{EC6F2A62-420F-44A8-B445-6656C6CCBED3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{05DA647F-A88D-4573-8368-5AF6C5D7D69D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{85CEFEA6-A9F1-4F1E-BEEE-E16266337F69}: DhcpNameServer = 172.20.2.39 172.20.2.10
O17 - HKLM\System\CS1\Services\Tcpip\..\{EC6F2A62-420F-44A8-B445-6656C6CCBED3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{05DA647F-A88D-4573-8368-5AF6C5D7D69D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{85CEFEA6-A9F1-4F1E-BEEE-E16266337F69}: DhcpNameServer = 172.20.2.39 172.20.2.10
O17 - HKLM\System\CS2\Services\Tcpip\..\{EC6F2A62-420F-44A8-B445-6656C6CCBED3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Windows\web\wallpaper\chp.jpg
O24 - Desktop General: WallPaper - .(...) - C:\Windows\web\wallpaper\chp.jpg
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [{5048E7A8-176A-4A81-A517-CBE272C872EC}] (...) -- C:\Program Files (x86)\HP\Digital Imaging\{B46AC30C-22D2-4610-B041-1DA7BB29EB57}\hpzstub.exe (.not file.) [0]
~ Scheduled Task: 16 Legitimates Filtered in 00mn 04s



---\\ Logiciels installés (O42)
O42 - Logiciel: BuzzSearch 2013.11.07.232809 - (.BuzzSearch.) [HKLM][64Bits] -- BuzzSearch
O42 - Logiciel: FoxTab PDF Converter - (...) [HKCU][64Bits] -- FoxTab PDF Converter
~ Logic: 189 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 15/01/2013 - 10:52:47 - [0,049] ----D C:\Program Files (x86)\ALFANO_VUE
O43 - CFD: 08/07/2013 - 06:33:15 - [0] ----D C:\Program Files (x86)\GUM79B1.tmp
O43 - CFD: 15/11/2013 - 19:44:03 - [0] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 04/04/2011 - 14:53:19 - [0] ----D C:\Users\lili\AppData\Local\ib
~ Program Folder: 203 Legitimates Filtered in 01mn 06s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.CB423BB9E0EECC4BD1D8A821A28E0D68] - 02/11/2013 - 12:57:58 ---A- . (...) -- C:\Windows\setup.iss [308]
O44 - LFC:[MD5.CB8572E790FCE09714143741C20E9934] - 12/11/2013 - 15:34:42 ---A- . (...) -- C:\Windows\SysNative\sasnative64.exe [16896]
O44 - LFC:[MD5.CB8572E790FCE09714143741C20E9934] - 12/11/2013 - 15:34:42 ---A- . (...) -- C:\Windows\System32\sasnative64.exe [16896]
O44 - LFC:[MD5.65DAD6734DE7B41379410E1951F51E1E] - 12/11/2013 - 19:39:13 ---A- . (...) -- C:\Windows\fspplugin.log [19265]
O44 - LFC:[MD5.B2D2FE825ADB89E7985AD8CE3AF5D69E] - 12/11/2013 - 19:39:21 ---A- . (...) -- C:\Windows\FSDEPH.log [147248]
O44 - LFC:[MD5.392DEA6C7B8348FD41BD6CC379BF09FF] - 12/11/2013 - 19:39:28 ---A- . (...) -- C:\Windows\prodsett_copy.ini [19474]
O44 - LFC:[MD5.80CDF706A9C4C2DD246385B8516CAE8B] - 12/11/2013 - 19:39:55 ---A- . (...) -- C:\Windows\DAASINST.LOG [2425]
O44 - LFC:[MD5.0F1EDED01CB43BEAB5DA0F7FF0E326A4] - 12/11/2013 - 19:40:02 ---A- . (...) -- C:\Windows\FSAVINST.LOG [73179]
O44 - LFC:[MD5.4209DDD95992388207273B0589A763E9] - 12/11/2013 - 19:40:02 ---A- . (...) -- C:\Windows\fsav_db_setup.log [675]
O44 - LFC:[MD5.CE82A41835EB4608D0B40B86082BD6D7] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\FSAVCSIN.LOG [10585]
O44 - LFC:[MD5.7357AD2D23D7334BB99423AB52343469] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\FSGKIAIN.log [4068]
O44 - LFC:[MD5.AA191EA010EC6991EF883D3C98F9A47F] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\FSISU.log [3961472]
O44 - LFC:[MD5.09F63C771210D81C134C95A5F05922CC] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\FSLDIN.LOG [1873]
O44 - LFC:[MD5.03DA7790D26CD8073B77EAE66CCA50A8] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\FSPROD.log [135631]
O44 - LFC:[MD5.A4E6B3A32732C45085D2DC273D3B2D69] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\FSSETUP.log [760918]
O44 - LFC:[MD5.6D11BF7C2A5B4BDA81E38FA5FE84C1DD] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\FSSFM.log [860194]
O44 - LFC:[MD5.39D9369C6D6CB15E1933DA7306020E08] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\RunSetup.log [111807]
O44 - LFC:[MD5.92AFD1964E411C15E87F1DE4E3E6CC49] - 12/11/2013 - 19:40:04 ---A- . (...) -- C:\Windows\fsavunin.log [3391]
O44 - LFC:[MD5.F59F2C574AA5D84477EB89F87C938F16] - 12/11/2013 - 19:47:06 ---A- . (...) -- C:\Windows\System32\Drivers\fsbts.sys [56016]
~ Files: 125 Legitimates Filtered in 00mn 11s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.1978372EBC8D9BB6AA2EA549A4310109] - 12/11/2013 - 12:53:54 ---A- - C:\Windows\Prefetch\BNDCORE.EXE-3B252194.pf
O45 - LFCP:[MD5.2FE179A506FF93A2B9C478C190779DBE] - 12/11/2013 - 13:28:29 ---A- - C:\Windows\Prefetch\UTORRENTBAR_FRTOOLBARHELPER.E-341E0519.pf =>P2P.µTorrent
O45 - LFCP:[MD5.0C69A91A79B2DAC2448FA105B9E88C1E] - 17/11/2013 - 10:20:49 ---A- - C:\Windows\Prefetch\FUFAXRCV.EXE-B4DFC0C0.pf
O45 - LFCP:[MD5.89D3E7D0154ADE8C1CCAF0D685334570] - 17/11/2013 - 10:25:38 ---A- - C:\Windows\Prefetch\TRIGGER.EXE-A0ECBE75.pf
~ Prefetcher: 116 Legitimates Filtered in 00mn 00s



---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{9c3f39a7-a35c-11e2-8779-00247e18f338}\AutoRun\command. (...) -- G:\HTC_Sync_Manager_PC.exe (.not file.)
O51 - MPSK:{e45cbf3d-d588-11e2-ada8-00247e18f338}\AutoRun\command. (...) -- G:\HTC_Sync_Manager_PC.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 21 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLogoff"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoClose"=0
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.0FA60A409E1C8AB9A81901311D15393D] - 22/06/2009 - 18:01:26 ---A- . (.Analog Devices, Inc. - High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\ADIHdAud.sys [497152]
O58 - SDL:[MD5.A83B43AC95F83940E6AE0FB4023602B2] - 12/11/2013 - 19:40:05 ---A- . (...) -- C:\Windows\SysWOW64\drivers\fsbts.sys [41024]
O58 - SDL:[MD5.DDEE99DC54EFA20BD5A442CD733C4462] - 20/03/2013 - 09:07:16 ---A- . (...) -- C:\Windows\SysWOW64\FsUsbExDisk.Sys [37344]
~ Drivers: 21 Legitimates Filtered in 00mn 00s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 09/05/2046 - 11:32:20 ---A- . (...) -- C:\Users\lili\Documents\carte DS\Mario_Party_DS_Eur.SAV [524288]
O61 - LFC: 15/11/2013 - 11:27:39 ---A- . (...) -- C:\Users\lili\AppData\Local\Mozilla\updates\E7CF176E110C211B\active-update.xml [57]
O61 - LFC: 15/11/2013 - 11:27:39 ---A- . (...) -- C:\Users\lili\AppData\Local\Mozilla\updates\E7CF176E110C211B\updates.xml [1529]
O61 - LFC: 15/11/2013 - 11:32:40 ---A- . (...) -- C:\Users\lili\Documents\ZHPDiag.Txt [65385] =>.Nicolas Coolman
O61 - LFC: 15/11/2013 - 11:32:42 ---A- . (...) -- C:\Users\lili\Downloads\adwcleaner(1).exe [1085542]
O61 - LFC: 15/11/2013 - 11:32:44 ---A- . (...) -- C:\Users\lili\Downloads\adwcleaner-3.012.exe [1085542]
O61 - LFC: 16/11/2013 - 11:32:18 ---A- . (...) -- C:\Users\lili\AppData\Roaming\ZHP\ZHPADSReport.txt [351] =>.Nicolas Coolman
O61 - LFC: 16/11/2013 - 11:32:18 ---A- . (...) -- C:\Users\lili\AppData\Roaming\ZHP\ZHPDiag.txt [62427] =>.Nicolas Coolman
O61 - LFC: 16/11/2013 - 11:32:47 R--A- . (...) -- C:\Users\lili\Downloads\Mike Will Made It Ft. Miley Cyrus, Juicy J & Wiz Khalifa - 23 [Explicit] 720p [Sbyky].mp4 [104356528]
O61 - LFC: 17/11/2013 - 11:32:18 ---A- . (...) -- C:\Users\lili\AppData\Roaming\ZHP\Log.txt [63164] =>.Nicolas Coolman
O61 - LFC: 17/11/2013 - 11:32:18 ---A- . (...) -- C:\Users\lili\AppData\Roaming\ZHP\TestsZHPDiag.txt [2835] =>.Nicolas Coolman
O61 - LFC: 24/03/2044 - 11:32:21 ---A- . (...) -- C:\Users\lili\Documents\carte DS\[NDS]Diddy_Kong_Racing[EUR]\Diddy Kong Racing.SAV [524288]
~ 10 Fichiers temporaires (Temporary files)
~ Files: 139 Legitimates Filtered in 06mn 30s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {446A2CBA-A660-4E9C-8BF9-6D948E6DE706} [DefaultScope] - (Yahoo!) - https://fr.search.yahoo.com/
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - https://www.google.fr/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {F8B37423-0AD9-4E57-BB22-30675C5A1C24} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.858D895AD40DE9779E78C39A116F9553] [SPRF][12/11/2013] (...) -- C:\Users\lili\AppData\Local\Temp\BackupSetup.exe [10355400]
[MD5.378189889438568FEF3D98588283B3A5] [SPRF][11/11/2013] (...) -- C:\Users\lili\AppData\Local\Temp\Quarantine.exe [350377]
[MD5.37E8FE0E839985A6074CF527517A1186] [SPRF][05/11/2013] (...) -- C:\Users\lili\AppData\Roaming\wklnhst.dat [12994]
~ Files: 7 Legitimates Filtered in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{9EED8D0D-DBD4-4DCC-84F8-CEFAF1D6DEB4}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.) =>Adware.Bandoo
O87 - FAEL: "{6E29D05A-7964-4882-AEE4-E451F1CACA94}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.) =>Adware.Bandoo
O87 - FAEL: "TCP Query User{72731FB5-0F0D-4AEE-BC97-FAFCB433FE8F}C:\users\lili\downloads\redsn0w_win_0.9.10b1\redsn0w_win_0.9.10b1\redsn0w.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\lili\downloads\redsn0w_win_0.9.10b1\redsn0w_win_0.9.10b1\redsn0w.exe (.not file.)
O87 - FAEL: "UDP Query User{55AF6D8D-F41B-4A31-A8F3-41A8FD936E61}C:\users\lili\downloads\redsn0w_win_0.9.10b1\redsn0w_win_0.9.10b1\redsn0w.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\lili\downloads\redsn0w_win_0.9.10b1\redsn0w_win_0.9.10b1\redsn0w.exe (.not file.)
~ Firewall: 237 Legitimates Filtered in 00mn 01s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.7AE5FF598B22E4F65558BAF73107FA7E] [WIS][14/05/2009] (.Builds the Destinations MSI - Builds the Destinations MSI.) -- C:\Windows\Installer\2137bd.msi [459264]
[MD5.A672E4C77ED7CCC851575B10B46CC8AD] [WIS][19/04/2012] (.IMinent - IMinent Toolbar.) -- C:\Windows\Installer\286a28d.msi [1019392] =>Adware.IMBooster
[MD5.0003D9969DF849B9FC84920A0B7B3274] [WIS][26/11/2011] (.Plex, Inc. - Plex Media Server for Windows.) -- C:\Windows\Installer\3bbfdb5.msi [53235712]
[MD5.EAE55A2DA2ADF0E0D7C3C30A8720B316] [WIS][12/02/2009] (.Broadcom Corp. - WIDCOMM Bluetooth Profile Pack.) -- C:\Windows\Installer\51ed8.msi [4665856]
[MD5.9B99C084F89126B43605B595E5811D7D] [WIS][18/02/2011] (.DeviceManagementQFolder - DeviceManagementQFolder.) -- C:\Windows\Installer\f8cb2.msi [121344]
[MD5.8B0BDE37CC36545C16DE589CEBBC5068] [WIS][18/02/2011] (.DocumentViewerQFolder - DocumentViewerQFolder.) -- C:\Windows\Installer\f8cfe.msi [121344]
~ WIS: 168 Legitimates Filtered in 00mn 17s



---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 12/11/2013 68096 | (Adobe LM Service) . (...) - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
SR - | Auto 11/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 15/07/2008 111616 | (AEADIFilters) . (.Andrea Electronics Corporation.) - C:\Windows\System32\AEADISRV.exe
SR - | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 14/05/2008 796712 | (btwdins) . (.Broadcom Corporation..) - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
SR - | Auto 29/12/2008 21296 | (CalendarSynchService) . (.Hewlett-Packard.) - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
SR - | Auto 05/09/2013 653888 | (EpsonCustomerResearchParticipation) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
SR - | Auto 12/12/2011 135824 | (EpsonScanSvc) . (.Seiko Epson Corporation.) - C:\Windows\system32\EscSvc64.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\ezsvc7.dll (ezSharedSvc) . (.EasyBits Sofware AS.) - C:\Windows\System32\svchost.exe
SR - | Auto 18/01/2013 188400 | (fshoster) . (.F-Secure Corporation.) - C:\Program Files (x86)\SFR\Pack_Securite\fshoster32.exe
SR - | Demand 20/08/2013 207808 | (FSMA) . (.F-Secure Corporation.) - C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSMA32.exe
SR - | Auto 12/11/2013 60352 | (FSORSPClient) . (.F-Secure Corporation.) - C:\Program Files (x86)\SFR\Pack_Securite\apps\CCF_Reputation\fsorsp.exe
SS - | Demand 23/06/2008 164600 | (GameConsoleService) . (.WildTangent, Inc..) - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
SS - | Auto 19/02/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 19/02/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 22/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 04/12/2008 94208 | (HP Health Check Service) . (.Hewlett-Packard.) - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
SR - | Auto 10/07/2008 100864 | (HP Touch Screen Enhance) . (.Hewlett-Packard.) - c:\Program Files (x86)\Hewlett-Packard\HP Touch Screen Enhance Service\HPTSEnSrv.exe
SR - | Demand 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\system32\svchost.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Demand 02/11/2013 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Demand 15/11/2013 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 29/06/2010 159336 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\System32\nvvsvc.exe
SR - | Auto 07/12/2012 167424 | (PassThru Service) . (...) - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 22/03/2013 93072 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Demand 10/07/1658 0 | (WPFFontCache_v0400) . (...) - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 28/11/2008 146928 | ({55662437-DA8C-40c0-AADA-2C816A897A49}) . (.CyberLink Corp..) - c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
~ Services: Scanned in 00mn 18s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by lili at 17/11/2013 11:36:13
~ OS 64 not supported by MBR tool
~ MBR: 0 Legitimates Filtered in 00mn 00s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by lili at 17/11/2013 11:36:15

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 12994 - (14/11/2013)
Clés trouvées (Keys found) : 70
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 1

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\482AA67AD25E6E74E9F48BD5FBE8533C] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F479A18A22A86E3429341589FF57D81A] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Tuto Emule_is1] =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FA20CB7A821113A4CB8FA1E38E303D3B] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\
0

Discussions similaires

Musique pub Skoda IV
SkodaIV -
Duck -

16 réponses
Cherche chanteur et titre chanson pub kinder noel 2023
Herme80 -
trekipat -

16 réponses
M6 Replay désactiver le bloqueur de publicité
katydel88 -
Mathieu -

14 réponses
Enlever la pub sur sa tv?
DrFake -
Stryte005 -

10 réponses