Avast bloque le scan minutieux à 7% depuis hier après-midi!

Dans un tel cas il serait préférable de faire une diagnostique d'abord non ?

Parce que le scan de Malware bytes ce n'est pas un diagnostic ????

merci!!! La honte pour spybot search and destroy!!!lol mais bon c'est en apprenant qu'on devient forgeron!!! Alors je le désinstallerai de mon ordinateur aussi!!! Bon commençons par les choses essentiels j'essaie de télécharger la version gratuite et de l'installer via une carte sd sur son ordi! et lance le scan...bien-entendu je stoppa Avast?!
Merci je vous tiens au courant dès que c'est fait!!!

et bien cela commence fort...même sur mon pc... 33 éléments détectés en 3 mn!!! houlala...

Pas besoin de stopper Avast pour faire tourner Malwarebytes car il détecte les fichiers d'Avast et ne les traite pas comme des fichiers infectés.

# AdwCleaner v3.016 - Rapport créé le 09/01/2014 à 22:50:16
# Mis à jour le 23/12/2013 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : alexandra - ALEXANDRA-PC
# Exécuté depuis : C:\Users\alexandra\Desktop\adwcleaner-3.016.exe
# Option : Scanner

***** [ Services ] *****


***** [ Fichiers / Dossiers ] *****

Dossier Présent : C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\algmakeomkafjglfhpomolfhjppoojff

***** [ Raccourcis ] *****


***** [ Registre ] *****


***** [ Navigateurs ] *****

-\\ Internet Explorer v10.0.9200.16750


-\\ Mozilla Firefox v26.0 (fr)

[ Fichier : C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\0sjsypxp.default\prefs.js ]


-\\ Google Chrome v31.0.1650.63

[ Fichier : C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [25068 octets] - [09/01/2014 14:14:36]
AdwCleaner[R1].txt - [1082 octets] - [09/01/2014 15:01:02]
AdwCleaner[R2].txt - [1070 octets] - [09/01/2014 22:50:16]
AdwCleaner[S0].txt - [23796 octets] - [09/01/2014 14:15:41]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [1191 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by alexandra on 09/01/2014 at 23:03:52,39
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1080305164-741099875-3881920656-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311531129}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311531129}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\alexandra\appdata\local\software"
Successfully deleted: [Empty Folder] C:\Users\alexandra\appdata\local\{049897CC-7F89-486C-ABB0-5D5955028D12}
Successfully deleted: [Empty Folder] C:\Users\alexandra\appdata\local\{04C6D7CB-3A8D-47E7-B572-25FFE674DCDD}
Successfully deleted: [Empty Folder] C:\Users\alexandra\appdata\local\{10863CB4-AD45-4B4E-9D0B-CC11521A461C}
Successfully deleted: [Empty Folder] C:\Users\alexandra\appdata\local\{4963A35D-BA7D-4FBC-AB31-D2AB99598365}
Successfully deleted: [Empty Folder] C:\Users\alexandra\appdata\local\{522BF3DA-F825-4113-BD77-1A073D8F0FEA}
Successfully deleted: [Empty Folder] C:\Users\alexandra\appdata\local\{6F7F9B19-43B3-45D5-B070-03444B04BE90}
Successfully deleted: [Empty Folder] C:\Users\alexandra\appdata\local\{73186F95-9A84-4560-BE5F-2836BDAB9507}
Successfully deleted: [Empty Folder] C:\Users\alexandra\appdata\local\{7BB005B2-DDE4-460F-8FFF-03EB2CB21DD5}
Successfully deleted: [Empty Folder] C:\Users\alexandra\appdata\local\{7BD47D55-1CF1-4934-BFC4-CA61FA501F67}
Successfully deleted: [Empty Folder] C:\Users\alexandra\appdata\local\{856D75EC-32E0-4476-9802-00DD853F093F}
Successfully deleted: [Empty Folder] C:\Users\alexandra\appdata\local\{9022902F-9421-4EFD-AFE7-75F70317C32D}
Successfully deleted: [Empty Folder] C:\Users\alexandra\appdata\local\{9F861A54-C735-41B4-85BF-BEF4CA7B2461}
Successfully deleted: [Empty Folder] C:\Users\alexandra\appdata\local\{A62D3A86-A732-4D1F-B9CE-F5839CAF2DFA}
Successfully deleted: [Empty Folder] C:\Users\alexandra\appdata\local\{B76B70D5-14CA-4F03-8CA2-42D1B0260C38}
Successfully deleted: [Empty Folder] C:\Users\alexandra\appdata\local\{C221928B-7736-4419-B74A-26F959184DBB}
Successfully deleted: [Empty Folder] C:\Users\alexandra\appdata\local\{D236A6F7-009E-4FDA-A0E0-D40518341B76}
Successfully deleted: [Empty Folder] C:\Users\alexandra\appdata\local\{DBF47D97-E961-4B5A-9F9A-03842AB0D91E}
Successfully deleted: [Empty Folder] C:\Users\alexandra\appdata\local\{F65CD253-E28B-4B7A-8687-7B0FA2D74AC5}
Successfully deleted: [Empty Folder] C:\Users\alexandra\appdata\local\{F77D8630-F79F-41D3-AEE7-D901F1B1C045}



~~~ FireFox

Successfully deleted: [File] C:\user.js



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09/01/2014 at 23:17:34,18
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

2014/01/10 07:35:52 +0100 ALEXANDRA-PC alexandra MESSAGE Starting protection
2014/01/10 07:35:52 +0100 ALEXANDRA-PC alexandra MESSAGE Protection started successfully
2014/01/10 07:35:52 +0100 ALEXANDRA-PC alexandra MESSAGE Starting IP protection
2014/01/10 07:36:01 +0100 ALEXANDRA-PC alexandra MESSAGE IP Protection started successfully
2014/01/10 07:39:17 +0100 ALEXANDRA-PC alexandra MESSAGE Starting database refresh
2014/01/10 07:39:17 +0100 ALEXANDRA-PC alexandra MESSAGE Stopping IP protection
2014/01/10 07:39:18 +0100 ALEXANDRA-PC alexandra MESSAGE IP Protection stopped successfully
2014/01/10 07:39:22 +0100 ALEXANDRA-PC alexandra MESSAGE Database refreshed successfully
2014/01/10 07:39:22 +0100 ALEXANDRA-PC alexandra MESSAGE Starting IP protection
2014/01/10 07:39:28 +0100 ALEXANDRA-PC alexandra MESSAGE IP Protection started successfully

rebonjour Faeris,
Voilà, je crois tout avoir fait?! J'espère que je ne me suis pas trompée! Qu'en pensez-vous, me croyez-vous enfin débarrassé de ces bébêtes?! Juste pour enfin, pouvez-vous m'expliquer quand et à quelle occasion elle s'immisce dans l'ordinateur, je serai moins bécasse! Enfin, il y a longtemps, j'avais par inadvertance télécharger driver Reviver et malgré tous les nettoyages, lorsque j'allume le PC, Une fenêtre apparaît à chaque fois avec Reviver :failed to load language File: c:\PROGRA~2REVIVE~1\DRIVER~1\lang.lng unable to continue
J'ai essayer de le supprimer via Ccleaner mais cela ne fonctionne pas et toujours présent malgré tous les nettoyages indiqués...
Excusez-moi, je vous dérange tôt...et tard!
Encore merci pour tous vos conseils.

~ Rapport de ZHPDiag v2014.1.2.5 - Nicolas Coolman (02/01/2014)
~ Lancé par alexandra (09/01/2014 21:38:08)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program


---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16750
MFIE: Mozilla Firefox 26.0
GCIE: Google Chrome v31.0.1650.63 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : RMV82
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
avast! Free Antivirus v9.0.2011
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7

---\\ Logiciels d'optimisation du système
CCleaner v3.16 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 9 ActiveX
Adobe Reader XI
Java 7 Update 45

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4092 MB (55% free)
System Restore: Activé (Enable)
System drive C: has 352 GB (77%) free of 451 GB

---\\ Mode de connexion au système
~ Computer Name: ALEXANDRA-PC
~ User Name: alexandra
~ All Users Names: alexandra, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\alexandra\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\alexandra\AppData\Roaming\
~ %Desktop% : C:\Users\alexandra\Desktop\
~ %Favorites% : C:\Users\alexandra\Favorites\
~ %LocalAppData% : C:\Users\alexandra\AppData\Local\
~ %StartMenu% : C:\Users\alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 352 Go of 451 Go)
D: CD-ROM drive (Not Inserted)
E: CD-ROM drive (Free 0 Go of 4 Go)
G: Hard drive, Flash drive, Thumb drive (Free 385 Go of 466 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 41 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.E7099336BF7531B6FCC920DCB5101259] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.25/10/2013 - 07:19:22.) -- C:\Windows\System32\wininet.dll [2241536]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/1946
~ Mes musiques (My Musics) : 76/85
~ Mes Videos (My Videos) : 2/247
~ Mes Favoris (My Favorites) : 1/166
~ Mes Documents (My Documents) : 0/0
~ Mon Bureau (My Desktop) : 2/95
~ Menu demarrer (Programs) : 1/33
~ Hidden Files: Scanned in 00mn 00s



---\\ Processus lancés
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.2652]
[MD5.4B657635B8B17E9544E7E931474ADBCC] - (.Reviversoft, (www.reviversoft.com) - ReviverSoft - Driver Reviver.) -- C:\Program Files (x86)\Reviversoft\Driver Reviver\DriverReviver.exe [2912576] [PID.3088]
[MD5.5AF1E9600E3FF841E522703A4993ED0C] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904] [PID.3436]
[MD5.0A1C2B7C7E018E727307F23317F0A304] - (.Pas de propriétaire - Printer Device Monitor.) -- C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe [770728] [PID.3564]
[MD5.83E38F890E3252AD3F20EF38917CB524] - (...) -- C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe [139944] [PID.3812]
[MD5.CAFE5B48E48E6CD8FB7D05A82CD56248] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3366200] [PID.3500]
[MD5.58920E6A409046BA06548D9D139CE0F0] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608] [PID.3712]
[MD5.EA16227299D6889B6765BCDF686EC1E8] - (.Panasonic Corporation - AutoStartService.) -- C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe [172544] [PID.4024]
[MD5.F0EA603E7B91046CA48EA4B3593A007D] - (.Micro Application - Pas de description.) -- C:\Program Files (x86)\Micro Application\LauncherMA.exe [485376] [PID.2244]
[MD5.E977A3AF3D7B55C2E88D6489D7AFD467] - (.Pas de propriétaire - DataSafeOnline.) -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe [1807600] [PID.3880]
[MD5.1F5A26DF97C33CD24A8ED4D4A1FF1348] - (.CyberLink Corp. - CyberLink PowerDVD Resident Program.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe [140520] [PID.3152]
[MD5.80B62FF105908EC9E4B072AFB1CFC824] - (.Creative Technology Ltd - WebcamDell2.exe.) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744] [PID.1244]
[MD5.AFEBF9E0B223FF04709F747C172D3540] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024] [PID.3672]
[MD5.C1DB9BDF885C2F1ADC15264FBEA2788F] - (.Pas de propriétaire - HOSTS Anti-PUPs/Adwares.) -- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe [302961] [PID.4344]
[MD5.46F0B95A7D98C7FA4E00D0D092D7B1E3] - (.Mozilla Corporation - Thunderbird.) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [390256] [PID.5560]
[MD5.486BDC196F8914845302745A15310D62] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8321024] [PID.5008]
[MD5.D74884939D53612FD84AC82C59CCFE27] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1412]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1756]
[MD5.30E3850F303EAE5C364782EA78579CC9] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624] [PID.1776]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.1496]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.1492]
[MD5.7AEA4DF1CA68FD45DD4BBE1F0243CE7F] - (...) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096] [PID.1908]
[MD5.7548066DF68A8A1A56B043359F915F37] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [354840] [PID.2216]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [algmakeomkafjglfhpomolfhjppoojff] Pricora v.1.24.84, (Activé) =>Adware.Pricora
G2 - GCE: Preference [User Data\Default] [pbmbgangfmfbhnngbdgkplhjnfoaeihd] i-beta v.0.1.8 (Désactivé) =>PUP.i-Beta
~ Google Browser: 17 Legitimates Filtered in 00mn 01s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\0sjsypxp.default\prefs.js
M3 - MFPP: Plugins - [alexandra] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\sweet-page.xml
~ Firefox Browser: 22 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 06s
~ Nombre de lignes (Lines number): 17720



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! Online Security - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: Lancer Accueil de l'imprimante Dell.LNK . (...) -- C:\Program Files (x86)\Dell\Dashboard\DL__Dashboard.exe (.not file.)
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: PHOTOfunSTUDIO 5.0.lnk . (.Panasonic Corporation - PHOTOfunSTUDIO.) -- C:\Program Files (x86)\Panasonic\PHOTOfunSTUDIO 5.0\PHOTOfunSTUDIO.exe
O4 - GS\Program [Public]: Documentation d'aide de Dell.lnk . (...) -- C:\Program Files (x86)\Dell Inc\Dell Edoc Viewer\EDocs.exe (.not file.)
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [alexandra]: DeepBurner.lnk . (.Astonsoft - CD/DVD recording software.) -- C:\Program Files (x86)\Astonsoft\DeepBurner\DeepBurner.exe
O4 - GS\QuickLaunch [alexandra]: Driver Reviver.lnk . (.Reviversoft, (www.reviversoft.com) - ReviverSoft - Driver Reviver.) -- C:\Program Files (x86)\Reviversoft\Driver Reviver\DriverReviver.exe
O4 - GS\QuickLaunch [alexandra]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [alexandra]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [alexandra]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Program [alexandra]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [alexandra]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [alexandra]: AD-R.lnk . (...) -- C:\Program Files (x86)\Ad-Remover\main.exe
O4 - GS\Desktop [alexandra]: DeepBurner.lnk . (.Astonsoft - CD/DVD recording software.) -- C:\Program Files (x86)\Astonsoft\DeepBurner\DeepBurner.exe
O4 - GS\Desktop [alexandra]: Desktop.lnk . (...) -- C:\Users\alexandra\Desktop
O4 - GS\Desktop [alexandra]: Downloads.lnk . (...) -- C:\Users\alexandra\Downloads
O4 - GS\Desktop [alexandra]: Poste de travail.lnk - Clé orpheline
~ Global Startup: 93 Legitimates Filtered in 00mn 00s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: PHOTOfunSTUDIO 5.0.lnk . (.Panasonic Corporation - AutoStartService.) -- C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
O4 - GS\Startup [alexandra]: Dell Dock.lnk . (...) -- C:\Program Files (x86)\Dell\DellDock\DellDock.exe (.not file.)
O4 - GS\Startup [alexandra]: Lanceur.lnk . (.Micro Application - Pas de description.) -- C:\Program Files (x86)\Micro Application\LauncherMA.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe
O4 - HKLM\..\Run: [IAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [Windows Mobile Device Center] . (.Microsoft Corporation - Gestionnaire pour appareils Windows Mobile.) -- C:\Windows\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [dleamon.exe] . (.Pas de propriétaire - Printer Device Monitor.) -- C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe
O4 - HKLM\..\Run: [EzPrint] . (...) -- C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe
O4 - HKCU\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics Co
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\alexandra\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [Dell DataSafe Online] . (.Pas de propriétaire - DataSafeOnline.) -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
O4 - HKLM\..\Wow6432Node\Run: [PDVDDXSrv] . (.CyberLink Corp. - CyberLink PowerDVD Resident Program.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
O4 - HKLM\..\Wow6432Node\Run: [Dell Webcam Central] . (.Creative Technology Ltd - WebcamDell2.exe.) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [HOSTS Anti-Adware_PUPs] . (.Pas de propriétaire - HOSTS Anti-PUPs/Adwares.) -- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1080305164-741099875-3881920656-1000\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics Co
O4 - HKUS\S-1-5-21-1080305164-741099875-3881920656-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\alexandra\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-1080305164-741099875-3881920656-1000\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKUS\S-1-5-21-1080305164-741099875-3881920656-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
~ Application: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{60D2EEFB-FD81-4B6D-AD55-D05D11FF226F}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\..\{AD574ADB-9040-4A2B-BFA4-6FF94FF20C92}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{60D2EEFB-FD81-4B6D-AD55-D05D11FF226F}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{AD574ADB-9040-4A2B-BFA4-6FF94FF20C92}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{60D2EEFB-FD81-4B6D-AD55-D05D11FF226F}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{AD574ADB-9040-4A2B-BFA4-6FF94FF20C92}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll (.not file.) =>PUP.BitGuard
~ AppInit DLL: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: dleaCATSCustConnectService (dleaCATSCustConnectService) . (.Pas de propriétaire - Service Executable.) - C:\Windows\system32\spool\DRIVERS\x64\3\dleaserv.exe
O23 - Service: Audio Service (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
~ Services: 16 Legitimates Filtered in 00mn 09s



---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [alexandra Local Autobackup] (...) -- C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBCore.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{121DA354-24D7-4029-9C7F-A4DC4941ED21}] (...) -- C:\Users\alexandra\AppData\Local\Temp\NERO02000168\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{429C8CD2-56BA-4CD6-B375-B438256091A7}] (...) -- D:\For Windows\InstMsiW.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{556A3C59-BD65-4308-ACDD-96523912A9EF}] (...) -- D:\BelkinBluetooth.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{75E329CC-2CCC-4968-9963-3CED81B22C79}] (...) -- C:\Program Files (x86)\InstallShield Installation Information\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B71181AD-3880-4139-89E0-3028779FDD62}] (...) -- E:\DCIM\Nouveau dossier\setup50.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F26F5459-6BDD-41C9-ABFB-76148C0C9A2C}] (...) -- C:\Users\alexandra\Downloads\Convertisseur_Works_pour_Word_2000_____________.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F9F907EB-060A-419D-B143-00511D5FD49A}] (...) -- C:\Users\alexandra\Downloads\Player_Setup(2).exe (.not file.) [0]
~ Scheduled Task: 28 Legitimates Filtered in 00mn 06s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\AutoPrntApp]
[HKCU\Software\optitoolbar LTD] =>Hijacker.OptiToolbar
[HKCU\Software\tikatoolbar LTD] =>Hijacker.TikaToolbar
[HKLM\Software\Wow6432Node\IncrediMail]
[HKLM\Software\Wow6432Node\i-beta] =>PUP.i-Beta
~ Key Software: 323 Legitimates Filtered in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 26/09/2013 - 11:57:05 - [11,962] ----D C:\Program Files (x86)\i-beta =>PUP.i-Beta
O43 - CFD: 07/01/2014 - 21:39:48 - [0] ----D C:\Users\alexandra\AppData\Roaming\wp_update =>PUP.WpManager
~ 18 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 273 Legitimates Filtered in 00mn 22s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.3BA78EDDB2DEFB5CC8690F1FE718BE4E] - 09/01/2014 - 03:01:44 ---A- . (...) -- C:\Windows\IE11_main.log [26436]
O44 - LFC:[MD5.D2972AA91D29049A34F029961A02C834] - 09/01/2014 - 12:56:42 ---A- . (...) -- C:\Ad-Report-SCAN[1].txt [2473]
O44 - LFC:[MD5.60763093B32929A3ACE83B4217AB7CC3] - 09/01/2014 - 12:58:03 ---A- . (...) -- C:\Ad-Report-CLEAN[1].txt [544]
O44 - LFC:[MD5.ED814D31CC2D8B7CBC902B26973AB03C] - 09/01/2014 - 13:48:42 ---A- . (...) -- C:\Windows\ntbtlog.txt [177848]
O44 - LFC:[MD5.AA80E25391495BF1AC298658AFA559A0] - 09/01/2014 - 14:53:13 ---A- . (...) -- C:\Ad-Report-CLEAN[2].txt [43923]
~ Files: 23 Legitimates Filtered in 00mn 05s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.9D8CF88EC924CCBB67D505B5BABCE328] - 09/01/2014 - 12:57:04 ---A- - C:\Windows\Prefetch\PRICORA-FIREFOXINSTALLER.EXE-D497764C.pf =>Adware.Pricora
O45 - LFCP:[MD5.4976992898293DCB1FE82697B54C3F68] - 09/01/2014 - 19:20:18 ---A- - C:\Windows\Prefetch\INSTUP.EXE-DCA24DB4.pf
~ Prefetcher: 67 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.94E31F248BE12B214474F058AF0B6B2E] - 02/12/2005 - 14:01:37 ---A- . (.ALWIL Software - avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP.) -- C:\Windows\System32\Drivers\aavmker4.sys [17920]
O58 - SDL:[MD5.8A88E436931AAA644658B3497DE1E960] - 02/12/2005 - 14:05:59 ---A- . (.ALWIL Software - avast! File System Filter Driver for Windows XP.) -- C:\Windows\System32\Drivers\aswmon2.sys [56320]
O58 - SDL:[MD5.C04F7B373881009D7994D9BF55D24AB4] - 22/11/2013 - 09:43:03 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776]
O58 - SDL:[MD5.90399625F341AB76BA4B85A5E860EB1F] - 08/01/2014 - 00:50:08 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [207904]
O58 - SDL:[MD5.DEF365F0F6E017888C4B869D3BA4B8E0] - 30/07/2010 - 06:51:52 ---A- . (.Devguru Co., Ltd - Device Error Recovery SDK(x86).) -- C:\Windows\System32\Drivers\dgderdrv.sys [20552]
O58 - SDL:[MD5.46571ED73AE84469DCA53081D33CF3C8] - 21/03/2013 - 06:22:21 ---A- . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\Drivers\dtsoftbus01.sys [283200]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.41AC348DBD378F618CB4FDEE54270692] - 06/02/2013 - 06:42:08 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [102936]
O58 - SDL:[MD5.B4C983DA20E2970E21893BF0E4EE2AD8] - 06/02/2013 - 06:42:10 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [203544]
O58 - SDL:[MD5.E57B778208C783D8DEBAB320C16A1B82] - 12/11/2009 - 13:48:56 ---A- . (...) -- C:\Windows\System32\Drivers\StarOpen.sys [5504]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:[MD5.02E784FA49032F84964DB90A3ED81890] - 29/06/2009 - 05:44:38 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\Drivers\stwrt64.sys [487424]
O58 - SDL:[MD5.CE4B6956E4E12492715A53076E58761F] - 24/06/2010 - 14:00:14 ---A- . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\System32\Drivers\TFsExDisk.sys [16392]
O58 - SDL:[MD5.F8A6018193BE629B8EA4C5D7B2452B70] - 16/09/2004 - 12:26:40 ---A- . (...) -- C:\Windows\SysWOW64\drivers\ADFUUD.SYS [12634]
O58 - SDL:[MD5.3BE1651C63954067940E7F473498AD70] - 30/07/2010 - 06:51:50 ---A- . (.Devguru Co., Ltd - Device Error Recovery SDK(x86).) -- C:\Windows\SysWOW64\drivers\dgderdrv.sys [18120]
O58 - SDL:[MD5.F92254B0BCFCD10CAAC7BCCC7CB7F467] - 12/11/2009 - 13:48:56 ---A- . (...) -- C:\Windows\SysWOW64\drivers\StarOpen.sys [7168]
O58 - SDL:[MD5.CE4B6956E4E12492715A53076E58761F] - 24/06/2010 - 14:00:14 ---A- . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys [16392]
~ Drivers: 16 Legitimates Filtered in 00mn 36s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 07/01/2014 - 21:40:10 ---A- . (...) -- C:\Users\alexandra\AppData\Roaming\wp_update\currentVersion.txt [1] =>PUP.WpManager
O61 - LFC: 08/01/2014 - 21:39:59 ---A- . (...) -- C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\First Run [0]
O61 - LFC: 08/01/2014 - 21:39:59 ---A- . (...) -- C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\manifest.fingerprint [66]
O61 - LFC: 08/01/2014 - 21:39:59 ---A- . (...) -- C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\fr-FR-3-0.bdic [1074744]
O61 - LFC: 08/01/2014 - 21:40:00 ---A- . (...) -- C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdm.dll [6940304]
O61 - LFC: 08/01/2014 - 21:40:00 ---A- . (...) -- C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\manifest.json [848]
O61 - LFC: 09/01/2014 - 21:39:54 ---A- . (...) -- C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [266232]
O61 - LFC: 09/01/2014 - 21:39:59 ---A- . (...) -- C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\Local State [50385]
O61 - LFC: 09/01/2014 - 21:40:10 ---A- . (...) -- C:\Users\alexandra\AppData\Roaming\ZHP\HOSTS.txt [591994] =>.Nicolas Coolman
O61 - LFC: 09/01/2014 - 21:40:10 ---A- . (...) -- C:\Users\alexandra\AppData\Roaming\ZHP\Log.txt [30578] =>.Nicolas Coolman
O61 - LFC: 09/01/2014 - 21:40:10 ---A- . (...) -- C:\Users\alexandra\AppData\Roaming\ZHP\TestsZHPDiag.txt [2926] =>.Nicolas Coolman
O61 - LFC: 09/01/2014 - 21:40:14 ---A- . (...) -- C:\Users\alexandra\Downloads\adwcleaner-3.016.exe [1233962]
~ 43 Fichiers temporaires (Temporary files)
~ Files: 773 Legitimates Filtered in 00mn 39s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: Ad-Remover par C_XX - (.C_XX.) [HKLM] -- Ad-Remover
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} [DefaultScope] - (@ieframe.dll,-12512) - https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.FBC207AD85D053D4FD9DD93C595D1A1D] [SPRF][09/01/2014] (.Pas de propriétaire - HOSTS Anti-PUPs/Adwares.) -- C:\Users\alexandra\AppData\Local\Temp\Install_HOSTS_Anti-Adware.exe [285455]
[MD5.D7247CE8E5E1CEE2DA711AF2354D64B7] [SPRF][15/01/2012] (...) -- C:\Users\alexandra\AppData\Roaming\wklnhst.dat [2040]
[MD5.AF5C84446657B48C9B9B870C46438261] [SPRF][09/01/2014] (...) -- C:\Users\alexandra\Desktop\adwcleaner-3.016.exe [1233962]
[MD5.FCE23FBF8A4495ECC17CACFE11A2D544] [SPRF][18/05/2011] (.Inekman - Xtremsplit v1.2.) -- C:\Users\alexandra\Desktop\Xtremsplit.exe [305664]
~ Files: 6 Legitimates Filtered in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{8895E9CE-DBB9-4431-996D-E56829E95F5F}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.) =>PUP.Datamngr
O87 - FAEL: "{B84A756F-855A-4856-BD94-277E7FC5A317}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.) =>PUP.Datamngr
~ Firewall: 222 Legitimates Filtered in 00mn 01s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.70E15AAED4F3B9A8553B74783B1A7FD2] [WIS][19/12/2013] (.Canneverbe Limited - CDBurnerXP 4.5.2.4478 Windows Installer.) -- C:\Windows\Installer\4ae7885.msi [8392704]
~ WIS: 133 Legitimates Filtered in 00mn 15s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 11/12/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 21/05/2010 45224 | (dleaCATSCustConnectService) . (...) - C:\Windows\system32\spool\DRIVERS\x64\3\dleaserv.exe
SS - | Auto 08/01/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 08/01/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 09/01/2014 285795 | (HOSTS Anti-PUPs) . (...) - C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe
SS - | Demand 05/12/2013 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 05/09/2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe

SR - | Auto 11/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 25/06/2009 203264 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 08/01/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 30/07/2010 119632 | (dgdersvc) . (.Devguru Co., Ltd..) - C:\Windows\system32\dgdersvc.exe
SR - | Auto 21/05/2010 1052328 | (dlea_device) . (...) - C:\Windows\system32\dleacoms.exe
SR - | Auto 05/06/2009 354840 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 04/03/2010 71096 | (NMSAccess) . (...) - C:\Program Files\CDBurnerXP\NMSAccessU.exe
SR - | Auto 22/09/2010 249136 | (SeaPort) . (.Microsoft Corporation.) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
SR - | Auto 29/06/2009 240128 | (STacSV) . (.IDT, Inc..) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 17s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by alexandra at 09/01/2014 21:41:15
~ OS 64 not supported by MBR tool

~ MBR: 0 Legitimates Filtered in 00mn 00s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by alexandra at 09/01/2014 21:41:17

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin

~ MBR: Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 13018 - (02/01/2014)
Clés trouvées (Keys found) : 9
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 5
Fichiers trouvés (Files found) : 3

[HKLM\Software\Google\Chrome\Extensions\algmakeomkafjglfhpomolfhjppoojff] =>Adware.Pricora^
[HKLM\Software\Google\Chrome\Extensions\pbmbgangfmfbhnngbdgkplhjnfoaeihd] =>PUP.i-Beta^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110311531129}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220322532229}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531129}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311531129}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\algmakeomkafjglfhpomolfhjppoojff =>Adware.Pricora^
C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbmbgangfmfbhnngbdgkplhjnfoaeihd =>PUP.i-Beta^
C:\Program Files (x86)\i-beta =>PUP.i-Beta^
C:\Users\alexandra\AppData\Roaming\wp_update =>PUP.WpManager^
C:\Users\alexandra\AppData\Local\Software =>Adware.Boxore
[HKCU\Software\optitoolbar LTD] =>Hijacker.OptiToolbar^
[HKCU\Software\tikatoolbar LTD] =>Hijacker.TikaToolbar^
[HKLM\Software\Wow6432Node\i-beta] =>PUP.i-Beta^
~ Additionnel Scan: 270125 Items scanned in 00mn 28s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/29294184-adware-pricora =>Adware.Pricora
~ http://nicolascoolman.webs.com/apps/blog/show/33755964-pup-i-beta =>PUP.i-Beta
~ http://nicolascoolman.webs.com/apps/blog/show/32979753-pup-bitguard =>PUP.BitGuard
~ http://nicolascoolman.webs.com/apps/blog/show/35190950-hijacker-tikatoolbar =>Hijacker.TikaToolbar
~ http://nicolascoolman.webs.com/apps/blog/show/38737316-pup-wpmanager =>PUP.WpManager
~ http://nicolascoolman.webs.com/apps/blog/show/27583992-pup-datamngr =>PUP.Datamngr
~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma
~ http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider =>PUP.CrossRider
~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
~ MSI: 9 link(s) detected in 00mn 28s



~ 2153 Legitimates filtered by white list
End of the scan (533 lines in 03mn 38s)(0)

recoucou, je regardais les résultats sans les comprendre!!!lol mais cherche quand même à en savoir un peu plus donc j'ai vu que mon fichier host n'a pas pu être réparé??? Faut-il que je désactive l'antivirus avast et que je refasse ce que tu m'as dit plus haut? J'ai vu aussi un rogue killer!!! c'est le nom de la bêbête dont vous m'aviez parlé via "driver reviver " qui revient tout le temps et que je n'arrive pas à désinstaller...Mais il faut nettoyer sa bécane tous les jours??? avec tout ses logiciels??? Du coup je n'ose plus rien faire...à part mon shopping mdr!!!

Faeris???