Mon pc es envahie de pub,help
Résolu/Fermé
EUREKA fr
Messages postés
19
Date d'inscription
mardi 1 avril 2008
Statut
Membre
Dernière intervention
26 mars 2014
-
25 mars 2014 à 09:05
EUREKA fr Messages postés 19 Date d'inscription mardi 1 avril 2008 Statut Membre Dernière intervention 26 mars 2014 - 26 mars 2014 à 09:34
EUREKA fr Messages postés 19 Date d'inscription mardi 1 avril 2008 Statut Membre Dernière intervention 26 mars 2014 - 26 mars 2014 à 09:34
Bonjour, je pense avoir un virus car mes navigateur s'allume tout seul avec des pages de pub.,ou lorsque je suis sur une page elle es remplacer soudainement par de la pub, j'ai essayer spybot et essentiel security de MS il ne trouve rien ou ce qu'il trouve ils le nettoye mais mon probleme est toujours là. je joint mon rapport. merci
~ Rapport de ZHPDiag v2014.3.24.29 - Nicolas Coolman (24/03/2014)
~ Lancé par EUREKA (25/03/2014 08:34:21)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16521
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : Absent (Not found)
Windows ID Activation : Inconnue (Unknown)
Windows Licence : Inconnue (Unknown)
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
Windows Defender W7
---\\ Logiciels d'optimisation du système
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
---\\ Informations sur le système
~ Processor: x86 Family 16 Model 2 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3070 MB (33% free)
System Restore: Activé (Enable)
System drive C: has 169 GB (51%) free of 327 GB
---\\ Mode de connexion au système
~ Computer Name: EUREKA-PC
~ User Name: EUREKA
~ All Users Names: UpdatusUser, Mcx1-EUREKA-PC, HomeGroupUser$, EUREKA, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\EUREKA\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\EUREKA\AppData\Roaming\
~ %Desktop% : C:\Users\EUREKA\Desktop\
~ %Favorites% : C:\Users\EUREKA\Favorites\
~ %LocalAppData% : C:\Users\EUREKA\AppData\Local\
~ %StartMenu% : C:\Users\EUREKA\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 169 Go of 327 Go)
D: CD-ROM drive (Not Inserted)
E: Hard drive, Flash drive, Thumb drive (Free 91 Go of 335 Go)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)
J: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSetProgramAccessAndDefaults: Modified =>PUA.StartShow
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowNetConn: Modified
~ Security Center: 47 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.FFA7CC2EFC6B7B85A49F741E4511DE95] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.AAFEAB4FC9D70253F8C7E353E879E8A2] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.01/03/2014 - 03:32:16.) -- C:\Windows\System32\wininet.dll [1820160]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 13:17:54.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 13:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.14/09/2013 - 01:48:58.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 09:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 14:45:29.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 09:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 13:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/238
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 2/68
~ Mes Favoris (My Favorites) : 1/54
~ Mes Documents (My Documents) : 1/226
~ Mon Bureau (My Desktop) : 2/3332
~ Menu demarrer (Programs) : 1/8
~ Hidden Files: Scanned in 00mn 00s
---\\ Processus lancés
[MD5.023C8783CF214A5C2081C83B341F9381] - (...) -- C:\Users\EUREKA\AppData\Local\fst_fr_125\upfst_fr_125.exe [3234256] [PID.2812] =>PUA.FSTfr9
[MD5.093B09407737D7D006C0C6F9DA1ED46A] - (.Pas de propriétaire - Device Monitor.) -- C:\Program Files\Lexmark 2500 Series\lxddmon.exe [291496] [PID.3064]
[MD5.7EAB207FB02A850DE14A7563858B23F7] - (.Pas de propriétaire - Device Monitor Application.) -- C:\Program Files\Lexmark 2500 Series\lxddamon.exe [25256] [PID.3900]
[MD5.255E405D801CF01247390F38F92D8042] - (...) -- C:\Program Files\Unlocker\UnlockerAssistant.exe [17408] [PID.3748]
[MD5.68B7A5320065FCC7F4DF5A0DC3281EA5] - (.SlySoft, Inc. - CloneCD Tray.) -- C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [57344] [PID.3940]
[MD5.86C9088E2DB222E57EE069151FCA84CB] - (...) -- C:\Program Files\HomePlayer\HomePlayer.exe [294912] [PID.2952]
[MD5.9F744D3FEFAF7C8992B6924752DA7317] - (.Iminent - Iminent.) -- C:\Program Files\Iminent\Iminent.exe [1073744] [PID.3952] =>Adware.IMBooster
[MD5.9C29587EC4C447F90D650C7B8A1C0174] - (.Iminent - Iminent.) -- C:\Program Files\Iminent\Iminent.Messengers.exe [884816] [PID.2764] =>Adware.IMBooster
[MD5.DA6ADF92BB52BE3E1C08E60B0E47C6C6] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [1821984] [PID.4688]
[MD5.92795FA4A2057713ABF46948B5D5D461] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10967656] [PID.5304]
[MD5.5300552AC15F1A877C4B6BB6512AD1FD] - (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe [1387288] [PID.5432]
[MD5.588BEEE7B106E6520F550A45897D00B2] - (.NVIDIA Corporation - NVIDIA NvTmru Application.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384] [PID.5596]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336] [PID.5620]
[MD5.6017CA94BE482BCB527D92C6D481B2CC] - (.Duuqu Group - FrameFox Extensions.) -- C:\Program Files\FrameFox\Extensions\InternetExplorer\framefox.exe [287216] [PID.6080] =>PUP.Duuqu
[MD5.3BD79A1F6D2EA0FDDEA3F8914B2A6A0C] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984] [PID.6096]
[MD5.16AFB34618E1286FF856DC600AC49C79] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968] [PID.6132]
[MD5.61F5A23510D46FE7C02931604AFC8407] - (.Logitech, Inc. - Logitech KHAL Main Process.) -- C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe [149784] [PID.4748]
[MD5.51A98A836A755122128E3D96ECAC8232] - (...) -- C:\Program Files\fst_fr_125\fst_fr_125.exe [3982800] [PID.2812] =>PUA.FSTfr9
[MD5.AFE6E79A9E890B3088679B44CC804B88] - (...) -- C:\Users\EUREKA\Downloads\Tor Browser\App\vidalia.exe [5402115] [PID.4944]
[MD5.390679F7A217A5E73D756276C40AE887] - (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480] [PID.5100]
[MD5.092F603E84017B760D1D7FD8FCA1A5C3] - (.Skillbrains - Lightshot.) -- C:\Users\EUREKA\AppData\Local\Skillbrains\lightshot\5.1.0.15\Lightshot.exe [440096] [PID.5248]
[MD5.AE0026F5A347C02967492FCD2EF294A1] - (.Avant Force - Avant Browser.) -- C:\Program Files\Avant Browser\avant.exe [1698584] [PID.5740]
[MD5.431DBE5710B1246BC452823B8AC8F65D] - (.Avant Force - Avant Browser.) -- C:\Program Files\Avant Browser\avantvw.exe [1028888] [PID.7624]
[MD5.03400E568F832D8D76DEDDD32AF8D960] - (.Mozilla Corporation - Avant Gecko Engine.) -- C:\Program Files\Avant Browser\gecko\firefox.exe [231704] [PID.4124]
[MD5.A6A2DEC52040279283F3E35029BA29D4] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Avant Browser\gecko\plugin-container.exe [9728] [PID.1124]
[MD5.497E84A1B6767142987A17574C57C04E] - (.Adobe Systems, Inc. - Adobe Flash Player 12.0 r0.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe [1863560] [PID.7108]
[MD5.1A71CA0C02AC3972FCB7FC22C329CD81] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8179200] [PID.5736]
~ Processes Running: Scanned in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\EUREKA\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js (.not file.)
C:\Users\EUREKA\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
C:\Users\EUREKA\AppData\Roaming\Mozilla\Firefox\Profiles\ucky0z92.default\prefs.js
C:\Users\EUREKA\AppData\Roaming\Mozilla\Firefox\Profiles\ucky0z92.default\user.js
M3 - MFPP: Plugins - [EUREKA] -- C:\Users\EUREKA\AppData\Roaming\Mozilla\Firefox\Profiles\ucky0z92.default\searchplugins\buenosearch.xml =>PUP.BuenoSearch
M3 - MFPP: Plugins - [EUREKA] -- C:\Users\EUREKA\AppData\Roaming\Mozilla\Firefox\Profiles\ucky0z92.default\searchplugins\conduit-search.xml =>Toolbar.Conduit
M3 - MFPP: Plugins - [EUREKA] -- C:\Users\EUREKA\AppData\Roaming\Mozilla\Firefox\Profiles\ucky0z92.default\searchplugins\SearchTheWeb.xml
M3 - MFPP: Plugins - [EUREKA] -- C:\Users\EUREKA\AppData\Roaming\Mozilla\Firefox\Profiles\ucky0z92.default\searchplugins\softonic.xml =>Toolbar.Conduit
M3 - MFPP: Plugins - [EUREKA] -- C:\Users\EUREKA\AppData\Roaming\Mozilla\Firefox\Profiles\ucky0z92.default\searchplugins\Web Search.xml =>Parasite.Pugi
M3 - MFPP: Plugins - [EUREKA] -- C:\Program Files\Mozilla FireFox\searchplugins\awesomehp.xml =>PUP.Awesomehp
M3 - MFPP: Plugins - [EUREKA] -- C:\Program Files\Mozilla FireFox\searchplugins\nationzoom.xml =>Hijacker.NationZoom
M0 - MFSP: prefs.js [EUREKA - ucky0z92.default] http://search.iminent.com =>Adware.IMBooster
M2 - MFEP: prefs.js [EUREKA - ucky0z92.default\0c822a17-a68f-4066-9257-d229458d21ca@9c178d17-dc61-4aaf-b2da-1425ac7300ac.com] [] MediaPlayerEnhance v (..) =>PUP.MediaPlayerEnhance
M2 - MFEP: prefs.js [EUREKA - ucky0z92.default\d43e4d33-1c9f-4167-9600-b4929087f116@3cc778fb-659e-4988-abd4-592fc6b8806a.com] [] free ven v (..)
P2 - FPN: [HKLM] [@www.duuqu.com/omaha/tools//Duuqu Update;version=3] - (.Duuqu Group - Duuqu Update.) -- C:\Program Files\Duuqu\Update\1.3.37.0\npDuuquUpdate3.dll =>PUP.Duuqu
P2 - FPN: [HKLM] [@www.duuqu.com/omaha/tools//Duuqu Update;version=9] - (.Duuqu Group - Duuqu Update.) -- C:\Program Files\Duuqu\Update\1.3.37.0\npDuuquUpdate3.dll =>PUP.Duuqu
~ Firefox Browser: 35 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.iminent.com =>Adware.IMBooster
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp.com =>PUP.Awesomehp
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://search.safefinder.com/?q= =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com =>PUP.Awesomehp
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://search.safefinder.com/?q= =>Hijacker.SmartBar
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com =>PUP.Awesomehp
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = https://search.safefinder.com/?q= =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.awesomehp.com =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.awesomehp.com =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.awesomehp.com =>PUP.Awesomehp
R3 - URLSearchHook: GagetBox - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} . (...) (No version) -- (.not file.)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (...) (No version) -- (.not file.)
~ IE Browser: 20 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,C:\Users\EUREKA\AppData\Roaming\Microsoft\lsass.exe
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 06s
~ Nombre de lignes (Lines number): 15514
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: CrossriderApp0044150 - {11111111-1111-1111-1111-110411411150} . (.freeven - media enhance BHO.) -- C:\Program Files\media enhance\media enhance-bho.dll =>PUP.CrossRider
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} . (.Thinknice Co. Limited - SupTab setup package.) -- C:\Program Files\SupTab\SupTab.dll =>PUP.SupTab
O2 - BHO: Funmoods Helper Object - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} Clé orpheline =>PUP.Funmoods
O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} . (.Iminent - Iminent BHO.) -- C:\Program Files\Iminent\Iminent.WebBooster.InternetExplorer.dll =>Adware.IMBooster
O2 - BHO: Fortunitas - {c6f3fc7b-d607-44ec-9caf-2a41d547137f} . (.Fortunitas - Fortunitas.) -- C:\Program Files\Fortunitas\Fortunitasbho.dll =>PUP.Fortunitas
~ BHO: 52 Legitimates Filtered in 00mn 01s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: GagetBox - [HKLM]{3B81079D-2AC9-425f-A494-A1C7D93AFA3C} . (.GadgetBox - GadgetBox Toolbar For Internet Explorer.) -- C:\Program Files\GadgetBox\gadgetBoxTB.dll =>Hijacker.GadgetBox
O3 - Toolbar: Bing Bar - [HKLM]{eec0f710-38b5-4aba-99bf-ec87564a4e13} . (.Microsoft Corporation. - Extensions du client Bing.) -- C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll =>Toolbar.Bing
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{977AE9CC-AF83-45E8-9E03-E2798216E2D5} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Diablo II.lnk . (.Blizzard North - Diablo II.) -- C:\Program Files\Diablo II\Diablo II.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Conseiller de mise à niveau vers Windows 7.lnk . (.Microsoft Corporation - Windows 7 Upgrade Advisor.) -- C:\Program Files\Microsoft Windows 7 Upgrade Advisor\WindowsUpgradeAdvisor.exe
O4 - GS\QuickLaunch [Mcx1-EUREKA-PC]: Avant Browser.lnk . (.Avant Force - Avant Browser.) -- C:\Program Files\Avant Browser\avant.exe
O4 - GS\Desktop [Mcx1-EUREKA-PC]: 3Planesoft Screensaver Manager.lnk . (...) -- C:\Windows\System32\3Planesoft\Screensaver Manager\Configurator.exe
O4 - GS\Desktop [Mcx1-EUREKA-PC]: Aquarium Screensaver.lnk . (.Axialis Software - Screen Saver.) -- C:\Windows\System32\Aquarium.scr
O4 - GS\Desktop [Mcx1-EUREKA-PC]: Coral Clock 3D Screensaver.lnk . (.3Planesoft - Coral Clock 3D Screensaver.) -- C:\Windows\System32\Coral Clock 3D Screensaver.exe
O4 - GS\Desktop [Mcx1-EUREKA-PC]: EVEREST Home Edition.lnk . (...) -- C:\Program Files\Lavalys\EVEREST Home Edition\everest.exe
O4 - GS\Desktop [Mcx1-EUREKA-PC]: HomePlayer.lnk . (...) -- C:\Program Files\HomePlayer\HomePlayer.exe
O4 - GS\QuickLaunch [EUREKA]: Avant Browser.lnk . (.Avant Force - Avant Browser.) -- C:\Program Files\Avant Browser\avant.exe
O4 - GS\QuickLaunch [EUREKA]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [EUREKA]: Marine Aquarium 3.lnk . (.SereneScreen - MarineAquarium3.) -- C:\Windows\System32\MarineAquarium3.scr =>Adware.MarineAquarium
O4 - GS\QuickLaunch [EUREKA]: Spybot - Search & Destroy.lnk . (.Safer Networking Limited - Spybot - Search & Destroy.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
O4 - GS\QuickLaunch [EUREKA]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) -- E:\torrent log\uTorrent.exe =>P2P.BitTorrent
O4 - GS\TaskBar [EUREKA]: Avant Browser.lnk . (.Avant Force - Avant Browser.) -- C:\Program Files\Avant Browser\avant.exe
O4 - GS\TaskBar [EUREKA]: EVEREST Home Edition.lnk . (...) -- C:\Program Files\Lavalys\EVEREST Home Edition\everest.exe
O4 - GS\TaskBar [EUREKA]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [EUREKA]: HomePlayer.lnk . (...) -- C:\Program Files\HomePlayer\HomePlayer.exe
O4 - GS\TaskBar [EUREKA]: Lexmark Imaging Studio - 2500 Series.LNK . (...) -- C:\Program Files\Lexmark 2500 Series\App4R.exe
O4 - GS\TaskBar [EUREKA]: LightShot .lnk . (...) -- C:\Users\EUREKA\AppData\Local\Skillbrains\lightshot\LightShot.exe
O4 - GS\TaskBar [EUREKA]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\TaskBar [EUREKA]: My 7 CustoBox.lnk . (.http://ww38.my7vision.fr/ - My 7 CustoBox.) -- C:\Program Files\My 7 CustoBox\My7CustoBox.exe
O4 - GS\TaskBar [EUREKA]: Start Tor Browser.lnk . (...) -- C:\Users\EUREKA\Downloads\Tor Browser\Start Tor Browser.exe
O4 - GS\TaskBar [EUREKA]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) -- E:\torrent log\uTorrent.exe =>P2P.BitTorrent
O4 - GS\Desktop [EUREKA]: FranceDemon SlayerConnexion rapide au jeu.lnk . (.7Road - ?????.) -- C:\Users\EUREKA\Downloads\Client_Demon_Slayer.exe
O4 - GS\Desktop [EUREKA]: LightShot .lnk . (...) -- C:\Users\EUREKA\AppData\Local\Skillbrains\lightshot\LightShot.exe
O4 - GS\Desktop [EUREKA]: Spybot - Search & Destroy.lnk . (.Safer Networking Limited - Spybot - Search & Destroy.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
~ Global Startup: 87 Legitimates Filtered in 00mn 00s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKLM\..\Run: [lxddmon.exe] . (.Pas de propriétaire - Device Monitor.) -- C:\Program Files\Lexmark 2500 Series\lxddmon.exe
O4 - HKLM\..\Run: [lxddamon] . (.Pas de propriétaire - Device Monitor Application.) -- C:\Program Files\Lexmark 2500 Series\lxddamon.exe
O4 - HKLM\..\Run: [UnlockerAssistant] . (...) -- C:\Program Files\Unlocker\UnlockerAssistant.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [HomePlayer] . (...) -- C:\Program Files\HomePlayer\HomePlayer.exe
O4 - HKLM\..\Run: [EoEngine] Clé orpheline
O4 - HKLM\..\Run: [CloneCDTray] . (.SlySoft, Inc. - CloneCD Tray.) -- C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [Iminent] . (.Iminent - Iminent.) -- C:\Program Files\Iminent\Iminent.exe =>Adware.IMBooster
O4 - HKLM\..\Run: [IminentMessenger] . (.Iminent - Iminent.) -- C:\Program Files\Iminent\Iminent.Messengers.exe =>Adware.IMBooster
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [MSWUpdate] . (.Microsoft Corporation - Visual Basic Command Line Compiler.) -- C:\Users\EUREKA\AppData\Roaming\Microsoft\lsass.exe
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation
O4 - HKLM\..\Run: [EvtMgr6] . (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
O4 - HKLM\..\Run: [Nvtmru] . (.NVIDIA Corporation - NVIDIA NvTmru Application.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe (.not file.) =>PUP.Mobogenie
O4 - HKLM\..\Run: [DivXMediaServer] . (.DivX, LLC - DivX DLNA Media Server.) -- C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [FrameFox Extensions] . (.Duuqu Group - FrameFox Extensions.) -- C:\Program Files\FrameFox\Extensions\InternetExplorer\framefox.exe =>PUP.Duuqu
O4 - HKLM\..\Run: [ShadowPlay] . (.NVIDIA Corporation - NVIDIA Capture Server Proxy.) -- C:\Windows\system32\nvspcap.dll
O4 - HKLM\..\Run: [VirtualCloneDrive] . (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe =>.Elaborate Bytes AG
O4 - HKLM\..\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
O4 - HKLM\..\Run: [fst_fr_125] . (...) -- C:\Program Files\fst_fr_125\fst_fr_125.exe =>PUA.FSTfr9
O4 - HKLM\..\RunOnce: [upfst_fr_125.exe] . (...) -- C:\Users\EUREKA\AppData\Local\fst_fr_125\upfst_fr_125.exe =>PUA.FSTfr9
O4 - HKLM\..\RunOnce: [SpybotSnD] . (.Safer Networking Limited - Spybot - Search & Destroy.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [Vidalia] . (...) -- C:\Users\EUREKA\Downloads\Tor Browser\App\vidalia.exe
O4 - HKCU\..\Run: [Bubble Dock] C:\Users\EUREKA\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe (.not file.) =>PUP.BubbleDock
O4 - HKCU\..\Run: [MSWUpdate] . (.Microsoft Corporation - Visual Basic Command Line Compiler.) -- C:\Users\EUREKA\AppData\Roaming\Microsoft\lsass.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] C:\Users\EUREKA\AppData\Local\Akamai\netsession_win.exe (.not file.)
O4 - HKCU\..\Run: [Browser Infrastructure Helper] C:\Users\EUREKA\AppData\Local\Smartbar\Application\Smartbar.exe (.not file.) =>Hijacker.SmartBar
O4 - HKCU\..\Run: [LightShot] . (.Pas de propriétaire - Starter Module.) -- C:\Users\EUREKA\AppData\Local\Skillbrains\lightshot\Lightshot.exe
O4 - HKLM\..\policies\Explorer\Run: [MSWUpdate] . (.Microsoft Corporation - Visual Basic Command Line Compiler.) -- C:\Users\EUREKA\AppData\Roaming\Microsoft\lsass.exe
O4 - HKCU\..\policies\Explorer\Run: [MSWUpdate] . (.Microsoft Corporation - Visual Basic Command Line Compiler.) -- C:\Users\EUREKA\AppData\Roaming\Microsoft\lsass.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1161600617-2033378515-994556156-1001\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1161600617-2033378515-994556156-1001\..\Run: [Vidalia] . (...) -- C:\Users\EUREKA\Downloads\Tor Browser\App\vidalia.exe
O4 - HKUS\S-1-5-21-1161600617-2033378515-994556156-1001\..\Run: [Bubble Dock] C:\Users\EUREKA\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe (.not file.) =>PUP.BubbleDock
O4 - HKUS\S-1-5-21-1161600617-2033378515-994556156-1001\..\Run: [MSWUpdate] . (.Microsoft Corporation - Visual Basic Command Line Compiler.) -- C:\Users\EUREKA\AppData\Roaming\Microsoft\lsass.exe
O4 - HKUS\S-1-5-21-1161600617-2033378515-994556156-1001\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-21-1161600617-2033378515-994556156-1001\..\Run: [Akamai NetSession Interface] C:\Users\EUREKA\AppData\Local\Akamai\netsession_win.exe (.not file.)
O4 - HKUS\S-1-5-21-1161600617-2033378515-994556156-1001\..\Run: [Browser Infrastructure Helper] C:\Users\EUREKA\AppData\Local\Smartbar\Application\Smartbar.exe (.not file.) =>Hijacker.SmartBar
O4 - HKUS\S-1-5-21-1161600617-2033378515-994556156-1001\..\Run: [LightShot] . (.Pas de propriétaire - Starter Module.) -- C:\Users\EUREKA\AppData\Local\Skillbrains\lightshot\Lightshot.exe
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -- Clé orpheline
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] *.clonewarsadventures.com
O15 - Trusted Zone: [HKCU\...\Domains] *.freerealms.com
O15 - Trusted Zone: [HKCU\...\Domains] *.soe.com
O15 - Trusted Zone: [HKCU\...\Domains] *.sony.com
~ IE Zone Confiance: Scanned in 00mn 01s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{5134E4FE-83EC-47E1-9EE7-655F50108285}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS1\Services\Tcpip\..\{5134E4FE-83EC-47E1-9EE7-655F50108285}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS2\Services\Tcpip\..\{5134E4FE-83EC-47E1-9EE7-655F50108285}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: LBTWlgn . (.Logitech, Inc. - Logitech Bluetooth Service.) -- c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\Program Files\Optimizer Pro\OptProCrash.dll =>PUP.OptimizerPro
~ AppInit DLL: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Optimizer Pro Crash Monitor (ca82e1a5) . (...) - C:\Program Files\optimizer pro\optprocrashSvc.dll =>PUP.OptimizerPro
O23 - Service: Duuqu Update Service (dqupdate) (dqupdate) . (.Duuqu Group - Duuqu Installer.) - C:\Program Files\Duuqu\Update\DuuquUpdate.exe =>PUP.Duuqu
O23 - Service: IePlugin Service (IePluginService) . (.Cherished Technololgy LIMITED - IePlugin Service.) - C:\ProgramData\IePluginService\PluginService.exe =>Trojan.SProtector
O23 - Service: Update Fortunitas (Update Fortunitas) . (...) - C:\Program Files\Fortunitas\updateFortunitas.exe =>PUP.Fortunitas
O23 - Service: WajamUpdaterV3 (WajamUpdaterV3) . (...) - C:\Program Files\Wajam\Updater\WajamUpdaterV3.exe (.not file.) =>PUP.Wajam
O23 - Service: WinZiper service (winzipersvc) . (.Taiwan Shui Mu Chih Ching Technology Limite - update service.) - C:\Program Files\WinZipper\winzipersvc.exe
O23 - Service: Wpm Service (Wpm) . (.Cherished Technololgy LIMITED - WPM Service.) - C:\ProgramData\WPM\wprotectmanager.exe =>PUP.WpManager
~ Services: 17 Legitimates Filtered in 00mn 05s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\APSnotifierPP1.job [368] =>PUP.AnyProtect
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\APSnotifierPP2.job [366] =>PUP.AnyProtect
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\APSnotifierPP3.job [366] =>PUP.AnyProtect
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AutoKMS.job [268]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Digital Sites.job [312]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\DigitalSite.job [310] =>Hijacker.DSite
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\DuuquUpdateTaskMachineCore.job [872] =>PUP.Duuqu
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\DuuquUpdateTaskMachineUA.job [876] =>PUP.Duuqu
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\free ven-chromeinstaller.job [3070]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\free ven-firefoxinstaller.job [2240]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\media enhance-chromeinstaller.job [3090]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\media enhance-codedownloader.job [1530]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\media enhance-enabler.job [1430]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\media enhance-firefoxinstaller.job [2346]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\media enhance-updater.job [1576]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\update-S-1-5-21-1161600617-2033378515-994556156-1001.job [378]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\update-sys.job [378]
[MD5.00000000000000000000000000000000] [APT] [APSnotifierPP1] (...) -- C:\Program Files\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect
[MD5.00000000000000000000000000000000] [APT] [APSnotifierPP2] (...) -- C:\Program Files\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect
[MD5.00000000000000000000000000000000] [APT] [APSnotifierPP3] (...) -- C:\Program Files\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect
[MD5.07605ABEB10FC533881C91F19DECF69A] [APT] [AutoKMS] (...) -- C:\Windows\AutoKMS\AutoKMS.exe [1923584] =>Trojan.Keygen
[MD5.534C82F1D7246EDF654B5257CA82FE70] [APT] [DealPly] (...) -- C:\Users\EUREKA\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe [93728] =>PUP.DealPly
[MD5.00000000000000000000000000000000] [APT] [DealPlyUpdate] (...) -- C:\Program Files\DealPly\DealPlyUpdate.exe (.not file.) [0] =>PUP.DealPly
[MD5.1D915D5E8E564B00C2AC53BE2805EB0B] [APT] [Digital Sites] (...) -- C:\Users\EUREKA\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe [113152] =>Hijacker.DSite
[MD5.C7ACCBE7E79C17F230B44367A8A3CCD2] [APT] [DigitalSite] (...) -- C:\Users\EUREKA\AppData\Roaming\DigitalSite\UpdateProc\UpdateTask.exe [101376] =>Hijacker.DSite
[MD5.136E913B1D3771B3535C3622C36B5E38] [APT] [DuuquUpdateTaskMachineCore] (.Duuqu Group.) -- C:\Program Files\Duuqu\Update\DuuquUpdate.exe [98360] =>PUP.Duuqu
[MD5.136E913B1D3771B3535C3622C36B5E38] [APT] [DuuquUpdateTaskMachineUA] (.Duuqu Group.) -- C:\Program Files\Duuqu\Update\DuuquUpdate.exe [98360] =>PUP.Duuqu
[MD5.EDB77250D6DE6E5D28E1560B8C3D49DA] [APT] [free ven-chromeinstaller] (.freeven.) -- C:\Program Files\free ven\free ven-chromeinstaller.exe [2051072]
[MD5.3175539F4552624D1C5629107C7A6B9D] [APT] [free ven-firefoxinstaller] (.freeven.) -- C:\Program Files\free ven\free ven-firefoxinstaller.exe [958464]
[MD5.A2E0EDE89BD80E3D2F1CFED9C66F993C] [APT] [media enhance-chromeinstaller] (.freeven.) -- C:\Program Files\media enhance\media enhance-chromeinstaller.exe [2051584]
[MD5.4086760BD5B5E6588263BA60AF4698B7] [APT] [media enhance-codedownloader] (.freeven.) -- C:\Program Files\media enhance\media enhance-codedownloader.exe [567296]
[MD5.C29388FC76A8BA5F0C2062A40D0D29B8] [APT] [media enhance-enabler] (.freeven.) -- C:\Program Files\media enhance\media enhance-enabler.exe [407040]
[MD5.E08D400A516915E6E573392101F586B0] [APT] [media enhance-firefoxinstaller] (.freeven.) -- C:\Program Files\media enhance\media enhance-firefoxinstaller.exe [958464]
[MD5.0960BAECB32B21E82AAA442F9CF9CEDD] [APT] [media enhance-updater] (.freeven.) -- C:\Program Files\media enhance\media enhance-updater.exe [391680]
[MD5.00000000000000000000000000000000] [APT] [RunAsStdUser] (...) -- C:\Program Files\Desk 365\desk365.exe (.not file.) [0] =>Hijacker.22Find
[MD5.71D63875DB82FB0BF3FAA16206761681] [APT] [update-S-1-5-21-1161600617-2033378515-994556156-1001] (...) -- C:\Program Files\Skillbrains\Updater\Updater.exe [112416]
[MD5.71D63875DB82FB0BF3FAA16206761681] [APT] [update-sys] (...) -- C:\Program Files\Skillbrains\Updater\Updater.exe [112416]
[MD5.00000000000000000000000000000000] [APT] [{56E15B5E-DCB4-478E-97A2-2594F52B6361}] (...) -- C:\Program Files\Steam\Steam.exe (.not file.) [0]
~ Scheduled Task: 55 Legitimates Filtered in 00mn 05s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (argpuyby) . (. - .) - C:\Windows\system32\drivers\argpuyby.sys (.not file.)
~ Drivers: 66 Legitimates Filtered in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: Codec Pack Packages - (...) [HKCU] -- Codec Pack Packages
~ Logic: 2 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\5bed98ae535ee41]
[HKCU\Software\AnyProtect] =>PUP.AnyProtect
[HKCU\Software\Avant Browser]
[HKCU\Software\BonanzaDealsLive] =>Adware.BonanzaDeals
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\Duuqu] =>PUP.Duuqu
[HKCU\Software\ELIGCHK]
[HKCU\Software\Fortunitas] =>PUP.Fortunitas
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\IncrediMail]
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKCU\Software\OrcaBrowser]
[HKCU\Software\Screensavers]
[HKCU\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\TutoTag] =>Spyware.AgenceExclusive
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKCU\Software\freesofttoday] =>Adware.FreeSoftToday
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKCU\Software\?? ?? ???? ????? ??? ?? ????]
[HKLM\Software\5bed98ae535ee41]
[HKLM\Software\BonanzaDealsLive] =>Adware.BonanzaDeals
[HKLM\Software\Boxore] =>Adware.Boxore
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\DomaIQ] =>Adware.DomaIQ
[HKLM\Software\Duuqu] =>PUP.Duuqu
[HKLM\Software\Fortunitas] =>PUP.Fortunitas
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKLM\Software\Taronja]
[HKLM\Software\Tutorials] =>Spyware.AgenceExclusive
[HKLM\Software\Vittalia] =>Adware.Vittalia
[HKLM\Software\Wpm] =>PUP.WpManager
[HKLM\Software\anset]
[HKLM\Software\free ven]
[HKLM\Software\free_soft_to_day] =>Adware.FreeSoftToday
[HKLM\Software\media enhance]
[HKLM\Software\supTab] =>PUP.SupTab
[HKLM\Software\supWPM] =>PUP.WpManager
~ Key Software: 216 Legitimates Filtered in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 17/05/2013 - 04:37:51 - [194,117] ----D C:\Program Files\Avant Browser
O43 - CFD: 13/11/2013 - 22:12:34 - [0,851] ----D C:\Program Files\BonanzaDeals =>Adware.BonanzaDeals
O43 - CFD: 13/11/2013 - 23:04:43 - [0] ----D C:\Program Files\BonanzaDealsLive =>Adware.BonanzaDeals
O43 - CFD: 16/03/2012 - 00:20:55 - [0,079] ----D C:\Program Files\Coral Clock 3D Screensaver
O43 - CFD: 27/10/2013 - 14:24:09 - [2,156] ----D C:\Program Files\Duuqu =>PUP.Duuqu
O43 - CFD: 13/03/2014 - 20:23:47 - [1,739] ----D C:\Program Files\Fortunitas =>PUP.Fortunitas
O43 - CFD: 27/10/2013 - 14:24:36 - [0,390] ----D C:\Program Files\FrameFox
O43 - CFD: 15/03/2014 - 15:45:47 - [5,925] ----D C:\Program Files\free ven
O43 - CFD: 14/03/2014 - 09:45:25 - [8,243] ----D C:\Program Files\fst_fr_125 =>PUA.FSTfr9
O43 - CFD: 03/05/2012 - 18:39:20 - [15,344] ----D C:\Program Files\Iminent =>Adware.IMBooster
O43 - CFD: 14/03/2014 - 09:47:01 - [8,244] ----D C:\Program Files\media enhance
O43 - CFD: 16/08/2011 - 17:10:14 - [7,161] ----D C:\Program Files\My 7 CustoBox
O43 - CFD: 10/05/2013 - 22:56:04 - [0] ----D C:\Program Files\Pando Networks
O43 - CFD: 13/03/2014 - 20:00:14 - [2,359] ----D C:\Program Files\SupTab =>PUP.SupTab
O43 - CFD: 30/10/2013 - 23:33:03 - [0,046] ----D C:\Program Files\Uninstaller
O43 - CFD: 14/07/2012 - 22:44:50 - [0,179] ----D C:\ProgramData\Bcool =>Adware.JustPlugIt
O43 - CFD: 21/10/2013 - 11:58:39 - [2,260] ----D C:\ProgramData\BonanzaDealsLive =>Adware.BonanzaDeals
O43 - CFD: 13/03/2014 - 20:00:11 - [0,484] ----D C:\ProgramData\IePluginService =>Trojan.SProtector
O43 - CFD: 03/05/2012 - 18:39:35 - [0,093] ----D C:\ProgramData\Iminent =>Adware.IMBooster
O43 - CFD: 04/05/2012 - 08:35:44 - [1,479] ----D C:\ProgramData\InstallMate =>PUP.Tarma
O43 - CFD: 04/05/2012 - 08:35:42 - [0] ----D C:\ProgramData\Premium
O43 - CFD: 16/11/2013 - 02:11:54 - [0] ----D C:\ProgramData\Tarma Installer =>PUP.Tarma
O43 - CFD: 12/12/2013 - 01:27:17 - [0,477] ----D C:\ProgramData\WPM =>PUP.WpManager
O43 - CFD: 04/04/2013 - 20:52:03 - [23,535] -SH-D C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
O43 - CFD: 21/10/2013 - 11:59:50 - [1,063] ----D C:\Users\EUREKA\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
O43 - CFD: 10/01/2012 - 10:04:48 - [129,390] ----D C:\Users\EUREKA\AppData\Roaming\Avant Profiles
O43 - CFD: 29/05/2013 - 12:03:23 - [0,090] ----D C:\Users\EUREKA\AppData\Roaming\DealPly =>PUP.DealPly
O43 - CFD: 03/05/2012 - 18:39:46 - [2,150] ----D C:\Users\EUREKA\AppData\Roaming\Iminent =>Adware.IMBooster
O43 - CFD: 10/03/2012 - 22:02:24 - [0,001] ----D C:\Users\EUREKA\AppData\Roaming\Marine Aquarium 3
O43 - CFD: 01/11/2013 - 16:45:15 - [30,681] ----D C:\Users\EUREKA\AppData\Roaming\OpenCandy =>Adware.OpenCandy
O43 - CFD: 16/08/2011 - 18:54:54 - [107,422] ----D C:\Users\EUREKA\AppData\Roaming\Orca Profiles
O43 - CFD: 23/03/2014 - 18:00:43 - [0,495] ----D C:\Users\EUREKA\AppData\Roaming\SupTab =>PUP.SupTab
O43 - CFD: 21/10/2013 - 11:58:39 - [0] ----D C:\Users\EUREKA\AppData\Local\BonanzaDealsLive =>Adware.BonanzaDeals
O43 - CFD: 27/10/2013 - 14:24:09 - [0] ----D C:\Users\EUREKA\AppData\Local\Duuqu =>PUP.Duuqu
O43 - CFD: 25/03/2014 - 08:09:58 - [9,225] ----D C:\Users\EUREKA\AppData\Local\fst_fr_125 =>PUA.FSTfr9
O43 - CFD: 27/10/2013 - 14:24:04 - [0,278] ----D C:\Users\EUREKA\AppData\Local\SwvUpdater =>PUP.Software.Updater
O43 - CFD: 22/12/2011 - 01:19:12 - [1,635] ----D C:\Users\EUREKA\AppData\Local\vghd
~ 237 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 515 Legitimates Filtered in 00mn 41s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.48B32FC7C6754341EE41DE380CCF0BCD] - 14/03/2014 - 10:19:20 ---A- . (...) -- C:\Windows\wininit.ini [14553]
~ Files: 36 Legitimates Filtered in 00mn 04s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "RunLogonScriptSync"=1
O55 - MWPS:[HKLM\...\Policies\System] - "SynchronousMachineGroupPolicy"=0
O55 - MWPS:[HKLM\...\Policies\System] - "SynchronousUserGroupPolicy"=0
~ MWPS: 20 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "LinkResolveIgnoreLinkInfo"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoResolveSearch"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoResolveTrack"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 14/07/2009 - 02:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 13/07/2009 - 23:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 24/07/2006 - 15:05:00 ---A- . (...) -- C:\Windows\System32\Drivers\StarOpen.sys [5632]
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 14/07/2009 - 02:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 22:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.77EBF3E9386DAA51551AF429052D88D0] - 03/04/1996 - 20:33:26 ---A- . (...) -- C:\Windows\System32\giveio.sys [5248]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 22:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 22:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 22:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 22:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 22:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 22:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 22:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 22:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 22:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 22:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 22:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 20 Legitimates Filtered in 00mn 03s
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 22/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\bookmarkbackups\bookmarks-2014-03-22.json [3173]
O61 - LFC: 23/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\bookmarkbackups\bookmarks-2014-03-23.json [3173]
O61 - LFC: 23/03/2014 - 08:36:44 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\CustomsData [2198] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:44 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\bank [1] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:44 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\categoryNav [890] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:44 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\game [1] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:44 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\hot [1] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:44 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\job [1] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:44 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\mostvisitData [747] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:44 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\music [1] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:44 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\news [1] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:44 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\set_country [3] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:44 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\shopping [1] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:45 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\__addurl_default_tab [1] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:45 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\__ajax_cache [1] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:45 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\__import_data [82] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:45 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\__tips_manager [19] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:45 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\_ver [6] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:45 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\sliders [436] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:45 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\social [1] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:45 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\video [1] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:45 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\wallpaper_all [1275] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:45 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\wallpaper_data [1] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:45 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\wallpaper_option [2] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:45 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\wallpaper_options [31] =>PUP.SupTab
O61 - LFC: 24/03/2014 - 08:35:46 ---A- . (...) -- C:\Users\EUREKA\AppData\Local\fst_fr_125\fst_fr_125\1.10\eorezo.cyl [69] =>PUA.FSTfr9
O61 - LFC: 24/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\blockedpopups.dat [0]
O61 - LFC: 24/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\conf\conf.dat [1380]
O61 - LFC: 24/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\conf\conf.dat.bak [1380]
O61 - LFC: 24/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\conf\conf.dat.vdt [44]
O61 - LFC: 24/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\favicons.dat [634880]
O61 - LFC: 24/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\formdata\forms.dat [23364]
O61 - LFC: 24/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\formdata\forms.dat.bak [23364]
O61 - LFC: 24/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\formdata\forms.dat.vdt [44]
O61 - LFC: 24/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\blocklist.xml [115007]
O61 - LFC: 24/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\bookmarkbackups\bookmarks-2014-03-24.json [3173]
O61 - LFC: 24/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\cert8.db [196608]
O61 - LFC: 24/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\key3.db [16384]
O61 - LFC: 24/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\permissions.sqlite [65536]
O61 - LFC: 24/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\webappsstore.sqlite [1802240]
O61 - LFC: 24/03/2014 - 08:36:45 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Vidalia\vidalia.pid [4]
O61 - LFC: 25/03/2014 - 08:35:46 ---A- . (...) -- C:\Users\EUREKA\AppData\Local\fst_fr_125\fst_fr_125\1.10\cnf.cyl [139] =>PUA.FSTfr9
O61 - LFC: 25/03/2014 - 08:35:46 ---A- . (...) -- C:\Users\EUREKA\AppData\Local\fst_fr_125\upfst_fr_125.cyp [652] =>PUA.FSTfr9
O61 - LFC: 25/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\.atmp [292]
O61 - LFC: 25/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\.index [68]
O61 - LFC: 25/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\459700.opg [4159]
O61 - LFC: 25/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\blockedads.dat [53514]
O61 - LFC: 25/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\bookmarks\bookmarks.dat [11940]
O61 - LFC: 25/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\bookmarks\bookmarks.dat.bak [11940]
O61 - LFC: 25/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\bookmarks\bookmarks.dat.vdt [44]
O61 - LFC: 25/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\closedtabs.dat [76]
O61 - LFC: 25/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\conf.dat [3108]
O61 - LFC: 25/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\conf.dat.bak [3108]
O61 - LFC: 25/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\conf.dat.vdt [44]
O61 - LFC: 25/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\_CACHE_CLEAN_ [1]
O61 - LFC: 25/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\cookies.sqlite [1572864]
O61 - LFC: 25/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\cookies.sqlite-shm [32768]
O61 - LFC: 25/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\cookies.sqlite-wal [262368]
O61 - LFC: 25/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\downloads.sqlite [98304]
O61 - LFC: 25/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\formhistory.sqlite [196608]
O61 - LFC: 25/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\localstore.rdf [4478]
O61 - LFC: 25/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\places.sqlite [10485760]
O61 - LFC: 25/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\places.sqlite-shm [32768]
O61 - LFC: 25/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\places.sqlite-wal [32824]
O61 - LFC: 25/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\prefs.js [4400]
O61 - LFC: 25/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\startupCache\startupCache.4.little [1151815]
O61 - LFC: 25/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\urlclassifierkey3.txt [154]
O61 - LFC: 25/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\webapps\webapps.json [2]
O61 - LFC: 25/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\webappsstore.sqlite-shm [32768]
O61 - LFC: 25/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\webappsstore.sqlite-wal [0]
O61 - LFC: 25/03/2014 - 08:36:16 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\recenttabs.dat [15679]
O61 - LFC: 25/03/2014 - 08:36:16 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\sites.dat [290816]
O61 - LFC: 25/03/2014 - 08:36:16 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\temp.dat [2255]
O61 - LFC: 25/03/2014 - 08:36:46 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\ZHP\Log.txt [37237] =>.Nicolas Coolman
O61 - LFC: 25/03/2014 - 08:36:46 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\ZHP\TestsZHPDiag.txt [2759] =>.Nicolas Coolman
~ 2 Fichiers temporaires (Temporary files)
~ Files: 133 Legitimates Filtered in 06mn 18s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 0
~ Rapport de ZHPDiag v2014.3.24.29 - Nicolas Coolman (24/03/2014)
~ Lancé par EUREKA (25/03/2014 08:34:21)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16521
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : Absent (Not found)
Windows ID Activation : Inconnue (Unknown)
Windows Licence : Inconnue (Unknown)
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
Windows Defender W7
---\\ Logiciels d'optimisation du système
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
---\\ Informations sur le système
~ Processor: x86 Family 16 Model 2 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3070 MB (33% free)
System Restore: Activé (Enable)
System drive C: has 169 GB (51%) free of 327 GB
---\\ Mode de connexion au système
~ Computer Name: EUREKA-PC
~ User Name: EUREKA
~ All Users Names: UpdatusUser, Mcx1-EUREKA-PC, HomeGroupUser$, EUREKA, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\EUREKA\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\EUREKA\AppData\Roaming\
~ %Desktop% : C:\Users\EUREKA\Desktop\
~ %Favorites% : C:\Users\EUREKA\Favorites\
~ %LocalAppData% : C:\Users\EUREKA\AppData\Local\
~ %StartMenu% : C:\Users\EUREKA\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 169 Go of 327 Go)
D: CD-ROM drive (Not Inserted)
E: Hard drive, Flash drive, Thumb drive (Free 91 Go of 335 Go)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)
J: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSetProgramAccessAndDefaults: Modified =>PUA.StartShow
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowNetConn: Modified
~ Security Center: 47 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.FFA7CC2EFC6B7B85A49F741E4511DE95] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.AAFEAB4FC9D70253F8C7E353E879E8A2] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.01/03/2014 - 03:32:16.) -- C:\Windows\System32\wininet.dll [1820160]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 13:17:54.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 13:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.14/09/2013 - 01:48:58.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 09:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 14:45:29.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 09:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 13:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/238
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 2/68
~ Mes Favoris (My Favorites) : 1/54
~ Mes Documents (My Documents) : 1/226
~ Mon Bureau (My Desktop) : 2/3332
~ Menu demarrer (Programs) : 1/8
~ Hidden Files: Scanned in 00mn 00s
---\\ Processus lancés
[MD5.023C8783CF214A5C2081C83B341F9381] - (...) -- C:\Users\EUREKA\AppData\Local\fst_fr_125\upfst_fr_125.exe [3234256] [PID.2812] =>PUA.FSTfr9
[MD5.093B09407737D7D006C0C6F9DA1ED46A] - (.Pas de propriétaire - Device Monitor.) -- C:\Program Files\Lexmark 2500 Series\lxddmon.exe [291496] [PID.3064]
[MD5.7EAB207FB02A850DE14A7563858B23F7] - (.Pas de propriétaire - Device Monitor Application.) -- C:\Program Files\Lexmark 2500 Series\lxddamon.exe [25256] [PID.3900]
[MD5.255E405D801CF01247390F38F92D8042] - (...) -- C:\Program Files\Unlocker\UnlockerAssistant.exe [17408] [PID.3748]
[MD5.68B7A5320065FCC7F4DF5A0DC3281EA5] - (.SlySoft, Inc. - CloneCD Tray.) -- C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [57344] [PID.3940]
[MD5.86C9088E2DB222E57EE069151FCA84CB] - (...) -- C:\Program Files\HomePlayer\HomePlayer.exe [294912] [PID.2952]
[MD5.9F744D3FEFAF7C8992B6924752DA7317] - (.Iminent - Iminent.) -- C:\Program Files\Iminent\Iminent.exe [1073744] [PID.3952] =>Adware.IMBooster
[MD5.9C29587EC4C447F90D650C7B8A1C0174] - (.Iminent - Iminent.) -- C:\Program Files\Iminent\Iminent.Messengers.exe [884816] [PID.2764] =>Adware.IMBooster
[MD5.DA6ADF92BB52BE3E1C08E60B0E47C6C6] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [1821984] [PID.4688]
[MD5.92795FA4A2057713ABF46948B5D5D461] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10967656] [PID.5304]
[MD5.5300552AC15F1A877C4B6BB6512AD1FD] - (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe [1387288] [PID.5432]
[MD5.588BEEE7B106E6520F550A45897D00B2] - (.NVIDIA Corporation - NVIDIA NvTmru Application.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384] [PID.5596]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336] [PID.5620]
[MD5.6017CA94BE482BCB527D92C6D481B2CC] - (.Duuqu Group - FrameFox Extensions.) -- C:\Program Files\FrameFox\Extensions\InternetExplorer\framefox.exe [287216] [PID.6080] =>PUP.Duuqu
[MD5.3BD79A1F6D2EA0FDDEA3F8914B2A6A0C] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984] [PID.6096]
[MD5.16AFB34618E1286FF856DC600AC49C79] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968] [PID.6132]
[MD5.61F5A23510D46FE7C02931604AFC8407] - (.Logitech, Inc. - Logitech KHAL Main Process.) -- C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe [149784] [PID.4748]
[MD5.51A98A836A755122128E3D96ECAC8232] - (...) -- C:\Program Files\fst_fr_125\fst_fr_125.exe [3982800] [PID.2812] =>PUA.FSTfr9
[MD5.AFE6E79A9E890B3088679B44CC804B88] - (...) -- C:\Users\EUREKA\Downloads\Tor Browser\App\vidalia.exe [5402115] [PID.4944]
[MD5.390679F7A217A5E73D756276C40AE887] - (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480] [PID.5100]
[MD5.092F603E84017B760D1D7FD8FCA1A5C3] - (.Skillbrains - Lightshot.) -- C:\Users\EUREKA\AppData\Local\Skillbrains\lightshot\5.1.0.15\Lightshot.exe [440096] [PID.5248]
[MD5.AE0026F5A347C02967492FCD2EF294A1] - (.Avant Force - Avant Browser.) -- C:\Program Files\Avant Browser\avant.exe [1698584] [PID.5740]
[MD5.431DBE5710B1246BC452823B8AC8F65D] - (.Avant Force - Avant Browser.) -- C:\Program Files\Avant Browser\avantvw.exe [1028888] [PID.7624]
[MD5.03400E568F832D8D76DEDDD32AF8D960] - (.Mozilla Corporation - Avant Gecko Engine.) -- C:\Program Files\Avant Browser\gecko\firefox.exe [231704] [PID.4124]
[MD5.A6A2DEC52040279283F3E35029BA29D4] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Avant Browser\gecko\plugin-container.exe [9728] [PID.1124]
[MD5.497E84A1B6767142987A17574C57C04E] - (.Adobe Systems, Inc. - Adobe Flash Player 12.0 r0.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe [1863560] [PID.7108]
[MD5.1A71CA0C02AC3972FCB7FC22C329CD81] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8179200] [PID.5736]
~ Processes Running: Scanned in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\EUREKA\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js (.not file.)
C:\Users\EUREKA\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
C:\Users\EUREKA\AppData\Roaming\Mozilla\Firefox\Profiles\ucky0z92.default\prefs.js
C:\Users\EUREKA\AppData\Roaming\Mozilla\Firefox\Profiles\ucky0z92.default\user.js
M3 - MFPP: Plugins - [EUREKA] -- C:\Users\EUREKA\AppData\Roaming\Mozilla\Firefox\Profiles\ucky0z92.default\searchplugins\buenosearch.xml =>PUP.BuenoSearch
M3 - MFPP: Plugins - [EUREKA] -- C:\Users\EUREKA\AppData\Roaming\Mozilla\Firefox\Profiles\ucky0z92.default\searchplugins\conduit-search.xml =>Toolbar.Conduit
M3 - MFPP: Plugins - [EUREKA] -- C:\Users\EUREKA\AppData\Roaming\Mozilla\Firefox\Profiles\ucky0z92.default\searchplugins\SearchTheWeb.xml
M3 - MFPP: Plugins - [EUREKA] -- C:\Users\EUREKA\AppData\Roaming\Mozilla\Firefox\Profiles\ucky0z92.default\searchplugins\softonic.xml =>Toolbar.Conduit
M3 - MFPP: Plugins - [EUREKA] -- C:\Users\EUREKA\AppData\Roaming\Mozilla\Firefox\Profiles\ucky0z92.default\searchplugins\Web Search.xml =>Parasite.Pugi
M3 - MFPP: Plugins - [EUREKA] -- C:\Program Files\Mozilla FireFox\searchplugins\awesomehp.xml =>PUP.Awesomehp
M3 - MFPP: Plugins - [EUREKA] -- C:\Program Files\Mozilla FireFox\searchplugins\nationzoom.xml =>Hijacker.NationZoom
M0 - MFSP: prefs.js [EUREKA - ucky0z92.default] http://search.iminent.com =>Adware.IMBooster
M2 - MFEP: prefs.js [EUREKA - ucky0z92.default\0c822a17-a68f-4066-9257-d229458d21ca@9c178d17-dc61-4aaf-b2da-1425ac7300ac.com] [] MediaPlayerEnhance v (..) =>PUP.MediaPlayerEnhance
M2 - MFEP: prefs.js [EUREKA - ucky0z92.default\d43e4d33-1c9f-4167-9600-b4929087f116@3cc778fb-659e-4988-abd4-592fc6b8806a.com] [] free ven v (..)
P2 - FPN: [HKLM] [@www.duuqu.com/omaha/tools//Duuqu Update;version=3] - (.Duuqu Group - Duuqu Update.) -- C:\Program Files\Duuqu\Update\1.3.37.0\npDuuquUpdate3.dll =>PUP.Duuqu
P2 - FPN: [HKLM] [@www.duuqu.com/omaha/tools//Duuqu Update;version=9] - (.Duuqu Group - Duuqu Update.) -- C:\Program Files\Duuqu\Update\1.3.37.0\npDuuquUpdate3.dll =>PUP.Duuqu
~ Firefox Browser: 35 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.iminent.com =>Adware.IMBooster
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp.com =>PUP.Awesomehp
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://search.safefinder.com/?q= =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com =>PUP.Awesomehp
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://search.safefinder.com/?q= =>Hijacker.SmartBar
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com =>PUP.Awesomehp
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = https://search.safefinder.com/?q= =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.awesomehp.com =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.awesomehp.com =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.awesomehp.com =>PUP.Awesomehp
R3 - URLSearchHook: GagetBox - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} . (...) (No version) -- (.not file.)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (...) (No version) -- (.not file.)
~ IE Browser: 20 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,C:\Users\EUREKA\AppData\Roaming\Microsoft\lsass.exe
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 06s
~ Nombre de lignes (Lines number): 15514
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: CrossriderApp0044150 - {11111111-1111-1111-1111-110411411150} . (.freeven - media enhance BHO.) -- C:\Program Files\media enhance\media enhance-bho.dll =>PUP.CrossRider
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} . (.Thinknice Co. Limited - SupTab setup package.) -- C:\Program Files\SupTab\SupTab.dll =>PUP.SupTab
O2 - BHO: Funmoods Helper Object - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} Clé orpheline =>PUP.Funmoods
O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} . (.Iminent - Iminent BHO.) -- C:\Program Files\Iminent\Iminent.WebBooster.InternetExplorer.dll =>Adware.IMBooster
O2 - BHO: Fortunitas - {c6f3fc7b-d607-44ec-9caf-2a41d547137f} . (.Fortunitas - Fortunitas.) -- C:\Program Files\Fortunitas\Fortunitasbho.dll =>PUP.Fortunitas
~ BHO: 52 Legitimates Filtered in 00mn 01s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: GagetBox - [HKLM]{3B81079D-2AC9-425f-A494-A1C7D93AFA3C} . (.GadgetBox - GadgetBox Toolbar For Internet Explorer.) -- C:\Program Files\GadgetBox\gadgetBoxTB.dll =>Hijacker.GadgetBox
O3 - Toolbar: Bing Bar - [HKLM]{eec0f710-38b5-4aba-99bf-ec87564a4e13} . (.Microsoft Corporation. - Extensions du client Bing.) -- C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll =>Toolbar.Bing
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{977AE9CC-AF83-45E8-9E03-E2798216E2D5} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Diablo II.lnk . (.Blizzard North - Diablo II.) -- C:\Program Files\Diablo II\Diablo II.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Conseiller de mise à niveau vers Windows 7.lnk . (.Microsoft Corporation - Windows 7 Upgrade Advisor.) -- C:\Program Files\Microsoft Windows 7 Upgrade Advisor\WindowsUpgradeAdvisor.exe
O4 - GS\QuickLaunch [Mcx1-EUREKA-PC]: Avant Browser.lnk . (.Avant Force - Avant Browser.) -- C:\Program Files\Avant Browser\avant.exe
O4 - GS\Desktop [Mcx1-EUREKA-PC]: 3Planesoft Screensaver Manager.lnk . (...) -- C:\Windows\System32\3Planesoft\Screensaver Manager\Configurator.exe
O4 - GS\Desktop [Mcx1-EUREKA-PC]: Aquarium Screensaver.lnk . (.Axialis Software - Screen Saver.) -- C:\Windows\System32\Aquarium.scr
O4 - GS\Desktop [Mcx1-EUREKA-PC]: Coral Clock 3D Screensaver.lnk . (.3Planesoft - Coral Clock 3D Screensaver.) -- C:\Windows\System32\Coral Clock 3D Screensaver.exe
O4 - GS\Desktop [Mcx1-EUREKA-PC]: EVEREST Home Edition.lnk . (...) -- C:\Program Files\Lavalys\EVEREST Home Edition\everest.exe
O4 - GS\Desktop [Mcx1-EUREKA-PC]: HomePlayer.lnk . (...) -- C:\Program Files\HomePlayer\HomePlayer.exe
O4 - GS\QuickLaunch [EUREKA]: Avant Browser.lnk . (.Avant Force - Avant Browser.) -- C:\Program Files\Avant Browser\avant.exe
O4 - GS\QuickLaunch [EUREKA]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [EUREKA]: Marine Aquarium 3.lnk . (.SereneScreen - MarineAquarium3.) -- C:\Windows\System32\MarineAquarium3.scr =>Adware.MarineAquarium
O4 - GS\QuickLaunch [EUREKA]: Spybot - Search & Destroy.lnk . (.Safer Networking Limited - Spybot - Search & Destroy.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
O4 - GS\QuickLaunch [EUREKA]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) -- E:\torrent log\uTorrent.exe =>P2P.BitTorrent
O4 - GS\TaskBar [EUREKA]: Avant Browser.lnk . (.Avant Force - Avant Browser.) -- C:\Program Files\Avant Browser\avant.exe
O4 - GS\TaskBar [EUREKA]: EVEREST Home Edition.lnk . (...) -- C:\Program Files\Lavalys\EVEREST Home Edition\everest.exe
O4 - GS\TaskBar [EUREKA]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [EUREKA]: HomePlayer.lnk . (...) -- C:\Program Files\HomePlayer\HomePlayer.exe
O4 - GS\TaskBar [EUREKA]: Lexmark Imaging Studio - 2500 Series.LNK . (...) -- C:\Program Files\Lexmark 2500 Series\App4R.exe
O4 - GS\TaskBar [EUREKA]: LightShot .lnk . (...) -- C:\Users\EUREKA\AppData\Local\Skillbrains\lightshot\LightShot.exe
O4 - GS\TaskBar [EUREKA]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\TaskBar [EUREKA]: My 7 CustoBox.lnk . (.http://ww38.my7vision.fr/ - My 7 CustoBox.) -- C:\Program Files\My 7 CustoBox\My7CustoBox.exe
O4 - GS\TaskBar [EUREKA]: Start Tor Browser.lnk . (...) -- C:\Users\EUREKA\Downloads\Tor Browser\Start Tor Browser.exe
O4 - GS\TaskBar [EUREKA]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) -- E:\torrent log\uTorrent.exe =>P2P.BitTorrent
O4 - GS\Desktop [EUREKA]: FranceDemon SlayerConnexion rapide au jeu.lnk . (.7Road - ?????.) -- C:\Users\EUREKA\Downloads\Client_Demon_Slayer.exe
O4 - GS\Desktop [EUREKA]: LightShot .lnk . (...) -- C:\Users\EUREKA\AppData\Local\Skillbrains\lightshot\LightShot.exe
O4 - GS\Desktop [EUREKA]: Spybot - Search & Destroy.lnk . (.Safer Networking Limited - Spybot - Search & Destroy.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
~ Global Startup: 87 Legitimates Filtered in 00mn 00s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKLM\..\Run: [lxddmon.exe] . (.Pas de propriétaire - Device Monitor.) -- C:\Program Files\Lexmark 2500 Series\lxddmon.exe
O4 - HKLM\..\Run: [lxddamon] . (.Pas de propriétaire - Device Monitor Application.) -- C:\Program Files\Lexmark 2500 Series\lxddamon.exe
O4 - HKLM\..\Run: [UnlockerAssistant] . (...) -- C:\Program Files\Unlocker\UnlockerAssistant.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [HomePlayer] . (...) -- C:\Program Files\HomePlayer\HomePlayer.exe
O4 - HKLM\..\Run: [EoEngine] Clé orpheline
O4 - HKLM\..\Run: [CloneCDTray] . (.SlySoft, Inc. - CloneCD Tray.) -- C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [Iminent] . (.Iminent - Iminent.) -- C:\Program Files\Iminent\Iminent.exe =>Adware.IMBooster
O4 - HKLM\..\Run: [IminentMessenger] . (.Iminent - Iminent.) -- C:\Program Files\Iminent\Iminent.Messengers.exe =>Adware.IMBooster
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [MSWUpdate] . (.Microsoft Corporation - Visual Basic Command Line Compiler.) -- C:\Users\EUREKA\AppData\Roaming\Microsoft\lsass.exe
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation
O4 - HKLM\..\Run: [EvtMgr6] . (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
O4 - HKLM\..\Run: [Nvtmru] . (.NVIDIA Corporation - NVIDIA NvTmru Application.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe (.not file.) =>PUP.Mobogenie
O4 - HKLM\..\Run: [DivXMediaServer] . (.DivX, LLC - DivX DLNA Media Server.) -- C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [FrameFox Extensions] . (.Duuqu Group - FrameFox Extensions.) -- C:\Program Files\FrameFox\Extensions\InternetExplorer\framefox.exe =>PUP.Duuqu
O4 - HKLM\..\Run: [ShadowPlay] . (.NVIDIA Corporation - NVIDIA Capture Server Proxy.) -- C:\Windows\system32\nvspcap.dll
O4 - HKLM\..\Run: [VirtualCloneDrive] . (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe =>.Elaborate Bytes AG
O4 - HKLM\..\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
O4 - HKLM\..\Run: [fst_fr_125] . (...) -- C:\Program Files\fst_fr_125\fst_fr_125.exe =>PUA.FSTfr9
O4 - HKLM\..\RunOnce: [upfst_fr_125.exe] . (...) -- C:\Users\EUREKA\AppData\Local\fst_fr_125\upfst_fr_125.exe =>PUA.FSTfr9
O4 - HKLM\..\RunOnce: [SpybotSnD] . (.Safer Networking Limited - Spybot - Search & Destroy.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [Vidalia] . (...) -- C:\Users\EUREKA\Downloads\Tor Browser\App\vidalia.exe
O4 - HKCU\..\Run: [Bubble Dock] C:\Users\EUREKA\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe (.not file.) =>PUP.BubbleDock
O4 - HKCU\..\Run: [MSWUpdate] . (.Microsoft Corporation - Visual Basic Command Line Compiler.) -- C:\Users\EUREKA\AppData\Roaming\Microsoft\lsass.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] C:\Users\EUREKA\AppData\Local\Akamai\netsession_win.exe (.not file.)
O4 - HKCU\..\Run: [Browser Infrastructure Helper] C:\Users\EUREKA\AppData\Local\Smartbar\Application\Smartbar.exe (.not file.) =>Hijacker.SmartBar
O4 - HKCU\..\Run: [LightShot] . (.Pas de propriétaire - Starter Module.) -- C:\Users\EUREKA\AppData\Local\Skillbrains\lightshot\Lightshot.exe
O4 - HKLM\..\policies\Explorer\Run: [MSWUpdate] . (.Microsoft Corporation - Visual Basic Command Line Compiler.) -- C:\Users\EUREKA\AppData\Roaming\Microsoft\lsass.exe
O4 - HKCU\..\policies\Explorer\Run: [MSWUpdate] . (.Microsoft Corporation - Visual Basic Command Line Compiler.) -- C:\Users\EUREKA\AppData\Roaming\Microsoft\lsass.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1161600617-2033378515-994556156-1001\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1161600617-2033378515-994556156-1001\..\Run: [Vidalia] . (...) -- C:\Users\EUREKA\Downloads\Tor Browser\App\vidalia.exe
O4 - HKUS\S-1-5-21-1161600617-2033378515-994556156-1001\..\Run: [Bubble Dock] C:\Users\EUREKA\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe (.not file.) =>PUP.BubbleDock
O4 - HKUS\S-1-5-21-1161600617-2033378515-994556156-1001\..\Run: [MSWUpdate] . (.Microsoft Corporation - Visual Basic Command Line Compiler.) -- C:\Users\EUREKA\AppData\Roaming\Microsoft\lsass.exe
O4 - HKUS\S-1-5-21-1161600617-2033378515-994556156-1001\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-21-1161600617-2033378515-994556156-1001\..\Run: [Akamai NetSession Interface] C:\Users\EUREKA\AppData\Local\Akamai\netsession_win.exe (.not file.)
O4 - HKUS\S-1-5-21-1161600617-2033378515-994556156-1001\..\Run: [Browser Infrastructure Helper] C:\Users\EUREKA\AppData\Local\Smartbar\Application\Smartbar.exe (.not file.) =>Hijacker.SmartBar
O4 - HKUS\S-1-5-21-1161600617-2033378515-994556156-1001\..\Run: [LightShot] . (.Pas de propriétaire - Starter Module.) -- C:\Users\EUREKA\AppData\Local\Skillbrains\lightshot\Lightshot.exe
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -- Clé orpheline
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] *.clonewarsadventures.com
O15 - Trusted Zone: [HKCU\...\Domains] *.freerealms.com
O15 - Trusted Zone: [HKCU\...\Domains] *.soe.com
O15 - Trusted Zone: [HKCU\...\Domains] *.sony.com
~ IE Zone Confiance: Scanned in 00mn 01s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{5134E4FE-83EC-47E1-9EE7-655F50108285}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS1\Services\Tcpip\..\{5134E4FE-83EC-47E1-9EE7-655F50108285}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS2\Services\Tcpip\..\{5134E4FE-83EC-47E1-9EE7-655F50108285}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: LBTWlgn . (.Logitech, Inc. - Logitech Bluetooth Service.) -- c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\Program Files\Optimizer Pro\OptProCrash.dll =>PUP.OptimizerPro
~ AppInit DLL: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Optimizer Pro Crash Monitor (ca82e1a5) . (...) - C:\Program Files\optimizer pro\optprocrashSvc.dll =>PUP.OptimizerPro
O23 - Service: Duuqu Update Service (dqupdate) (dqupdate) . (.Duuqu Group - Duuqu Installer.) - C:\Program Files\Duuqu\Update\DuuquUpdate.exe =>PUP.Duuqu
O23 - Service: IePlugin Service (IePluginService) . (.Cherished Technololgy LIMITED - IePlugin Service.) - C:\ProgramData\IePluginService\PluginService.exe =>Trojan.SProtector
O23 - Service: Update Fortunitas (Update Fortunitas) . (...) - C:\Program Files\Fortunitas\updateFortunitas.exe =>PUP.Fortunitas
O23 - Service: WajamUpdaterV3 (WajamUpdaterV3) . (...) - C:\Program Files\Wajam\Updater\WajamUpdaterV3.exe (.not file.) =>PUP.Wajam
O23 - Service: WinZiper service (winzipersvc) . (.Taiwan Shui Mu Chih Ching Technology Limite - update service.) - C:\Program Files\WinZipper\winzipersvc.exe
O23 - Service: Wpm Service (Wpm) . (.Cherished Technololgy LIMITED - WPM Service.) - C:\ProgramData\WPM\wprotectmanager.exe =>PUP.WpManager
~ Services: 17 Legitimates Filtered in 00mn 05s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\APSnotifierPP1.job [368] =>PUP.AnyProtect
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\APSnotifierPP2.job [366] =>PUP.AnyProtect
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\APSnotifierPP3.job [366] =>PUP.AnyProtect
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AutoKMS.job [268]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Digital Sites.job [312]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\DigitalSite.job [310] =>Hijacker.DSite
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\DuuquUpdateTaskMachineCore.job [872] =>PUP.Duuqu
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\DuuquUpdateTaskMachineUA.job [876] =>PUP.Duuqu
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\free ven-chromeinstaller.job [3070]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\free ven-firefoxinstaller.job [2240]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\media enhance-chromeinstaller.job [3090]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\media enhance-codedownloader.job [1530]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\media enhance-enabler.job [1430]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\media enhance-firefoxinstaller.job [2346]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\media enhance-updater.job [1576]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\update-S-1-5-21-1161600617-2033378515-994556156-1001.job [378]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\update-sys.job [378]
[MD5.00000000000000000000000000000000] [APT] [APSnotifierPP1] (...) -- C:\Program Files\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect
[MD5.00000000000000000000000000000000] [APT] [APSnotifierPP2] (...) -- C:\Program Files\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect
[MD5.00000000000000000000000000000000] [APT] [APSnotifierPP3] (...) -- C:\Program Files\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect
[MD5.07605ABEB10FC533881C91F19DECF69A] [APT] [AutoKMS] (...) -- C:\Windows\AutoKMS\AutoKMS.exe [1923584] =>Trojan.Keygen
[MD5.534C82F1D7246EDF654B5257CA82FE70] [APT] [DealPly] (...) -- C:\Users\EUREKA\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe [93728] =>PUP.DealPly
[MD5.00000000000000000000000000000000] [APT] [DealPlyUpdate] (...) -- C:\Program Files\DealPly\DealPlyUpdate.exe (.not file.) [0] =>PUP.DealPly
[MD5.1D915D5E8E564B00C2AC53BE2805EB0B] [APT] [Digital Sites] (...) -- C:\Users\EUREKA\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe [113152] =>Hijacker.DSite
[MD5.C7ACCBE7E79C17F230B44367A8A3CCD2] [APT] [DigitalSite] (...) -- C:\Users\EUREKA\AppData\Roaming\DigitalSite\UpdateProc\UpdateTask.exe [101376] =>Hijacker.DSite
[MD5.136E913B1D3771B3535C3622C36B5E38] [APT] [DuuquUpdateTaskMachineCore] (.Duuqu Group.) -- C:\Program Files\Duuqu\Update\DuuquUpdate.exe [98360] =>PUP.Duuqu
[MD5.136E913B1D3771B3535C3622C36B5E38] [APT] [DuuquUpdateTaskMachineUA] (.Duuqu Group.) -- C:\Program Files\Duuqu\Update\DuuquUpdate.exe [98360] =>PUP.Duuqu
[MD5.EDB77250D6DE6E5D28E1560B8C3D49DA] [APT] [free ven-chromeinstaller] (.freeven.) -- C:\Program Files\free ven\free ven-chromeinstaller.exe [2051072]
[MD5.3175539F4552624D1C5629107C7A6B9D] [APT] [free ven-firefoxinstaller] (.freeven.) -- C:\Program Files\free ven\free ven-firefoxinstaller.exe [958464]
[MD5.A2E0EDE89BD80E3D2F1CFED9C66F993C] [APT] [media enhance-chromeinstaller] (.freeven.) -- C:\Program Files\media enhance\media enhance-chromeinstaller.exe [2051584]
[MD5.4086760BD5B5E6588263BA60AF4698B7] [APT] [media enhance-codedownloader] (.freeven.) -- C:\Program Files\media enhance\media enhance-codedownloader.exe [567296]
[MD5.C29388FC76A8BA5F0C2062A40D0D29B8] [APT] [media enhance-enabler] (.freeven.) -- C:\Program Files\media enhance\media enhance-enabler.exe [407040]
[MD5.E08D400A516915E6E573392101F586B0] [APT] [media enhance-firefoxinstaller] (.freeven.) -- C:\Program Files\media enhance\media enhance-firefoxinstaller.exe [958464]
[MD5.0960BAECB32B21E82AAA442F9CF9CEDD] [APT] [media enhance-updater] (.freeven.) -- C:\Program Files\media enhance\media enhance-updater.exe [391680]
[MD5.00000000000000000000000000000000] [APT] [RunAsStdUser] (...) -- C:\Program Files\Desk 365\desk365.exe (.not file.) [0] =>Hijacker.22Find
[MD5.71D63875DB82FB0BF3FAA16206761681] [APT] [update-S-1-5-21-1161600617-2033378515-994556156-1001] (...) -- C:\Program Files\Skillbrains\Updater\Updater.exe [112416]
[MD5.71D63875DB82FB0BF3FAA16206761681] [APT] [update-sys] (...) -- C:\Program Files\Skillbrains\Updater\Updater.exe [112416]
[MD5.00000000000000000000000000000000] [APT] [{56E15B5E-DCB4-478E-97A2-2594F52B6361}] (...) -- C:\Program Files\Steam\Steam.exe (.not file.) [0]
~ Scheduled Task: 55 Legitimates Filtered in 00mn 05s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (argpuyby) . (. - .) - C:\Windows\system32\drivers\argpuyby.sys (.not file.)
~ Drivers: 66 Legitimates Filtered in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: Codec Pack Packages - (...) [HKCU] -- Codec Pack Packages
~ Logic: 2 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\5bed98ae535ee41]
[HKCU\Software\AnyProtect] =>PUP.AnyProtect
[HKCU\Software\Avant Browser]
[HKCU\Software\BonanzaDealsLive] =>Adware.BonanzaDeals
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\Duuqu] =>PUP.Duuqu
[HKCU\Software\ELIGCHK]
[HKCU\Software\Fortunitas] =>PUP.Fortunitas
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\IncrediMail]
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKCU\Software\OrcaBrowser]
[HKCU\Software\Screensavers]
[HKCU\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\TutoTag] =>Spyware.AgenceExclusive
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKCU\Software\freesofttoday] =>Adware.FreeSoftToday
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKCU\Software\?? ?? ???? ????? ??? ?? ????]
[HKLM\Software\5bed98ae535ee41]
[HKLM\Software\BonanzaDealsLive] =>Adware.BonanzaDeals
[HKLM\Software\Boxore] =>Adware.Boxore
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\DomaIQ] =>Adware.DomaIQ
[HKLM\Software\Duuqu] =>PUP.Duuqu
[HKLM\Software\Fortunitas] =>PUP.Fortunitas
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKLM\Software\Taronja]
[HKLM\Software\Tutorials] =>Spyware.AgenceExclusive
[HKLM\Software\Vittalia] =>Adware.Vittalia
[HKLM\Software\Wpm] =>PUP.WpManager
[HKLM\Software\anset]
[HKLM\Software\free ven]
[HKLM\Software\free_soft_to_day] =>Adware.FreeSoftToday
[HKLM\Software\media enhance]
[HKLM\Software\supTab] =>PUP.SupTab
[HKLM\Software\supWPM] =>PUP.WpManager
~ Key Software: 216 Legitimates Filtered in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 17/05/2013 - 04:37:51 - [194,117] ----D C:\Program Files\Avant Browser
O43 - CFD: 13/11/2013 - 22:12:34 - [0,851] ----D C:\Program Files\BonanzaDeals =>Adware.BonanzaDeals
O43 - CFD: 13/11/2013 - 23:04:43 - [0] ----D C:\Program Files\BonanzaDealsLive =>Adware.BonanzaDeals
O43 - CFD: 16/03/2012 - 00:20:55 - [0,079] ----D C:\Program Files\Coral Clock 3D Screensaver
O43 - CFD: 27/10/2013 - 14:24:09 - [2,156] ----D C:\Program Files\Duuqu =>PUP.Duuqu
O43 - CFD: 13/03/2014 - 20:23:47 - [1,739] ----D C:\Program Files\Fortunitas =>PUP.Fortunitas
O43 - CFD: 27/10/2013 - 14:24:36 - [0,390] ----D C:\Program Files\FrameFox
O43 - CFD: 15/03/2014 - 15:45:47 - [5,925] ----D C:\Program Files\free ven
O43 - CFD: 14/03/2014 - 09:45:25 - [8,243] ----D C:\Program Files\fst_fr_125 =>PUA.FSTfr9
O43 - CFD: 03/05/2012 - 18:39:20 - [15,344] ----D C:\Program Files\Iminent =>Adware.IMBooster
O43 - CFD: 14/03/2014 - 09:47:01 - [8,244] ----D C:\Program Files\media enhance
O43 - CFD: 16/08/2011 - 17:10:14 - [7,161] ----D C:\Program Files\My 7 CustoBox
O43 - CFD: 10/05/2013 - 22:56:04 - [0] ----D C:\Program Files\Pando Networks
O43 - CFD: 13/03/2014 - 20:00:14 - [2,359] ----D C:\Program Files\SupTab =>PUP.SupTab
O43 - CFD: 30/10/2013 - 23:33:03 - [0,046] ----D C:\Program Files\Uninstaller
O43 - CFD: 14/07/2012 - 22:44:50 - [0,179] ----D C:\ProgramData\Bcool =>Adware.JustPlugIt
O43 - CFD: 21/10/2013 - 11:58:39 - [2,260] ----D C:\ProgramData\BonanzaDealsLive =>Adware.BonanzaDeals
O43 - CFD: 13/03/2014 - 20:00:11 - [0,484] ----D C:\ProgramData\IePluginService =>Trojan.SProtector
O43 - CFD: 03/05/2012 - 18:39:35 - [0,093] ----D C:\ProgramData\Iminent =>Adware.IMBooster
O43 - CFD: 04/05/2012 - 08:35:44 - [1,479] ----D C:\ProgramData\InstallMate =>PUP.Tarma
O43 - CFD: 04/05/2012 - 08:35:42 - [0] ----D C:\ProgramData\Premium
O43 - CFD: 16/11/2013 - 02:11:54 - [0] ----D C:\ProgramData\Tarma Installer =>PUP.Tarma
O43 - CFD: 12/12/2013 - 01:27:17 - [0,477] ----D C:\ProgramData\WPM =>PUP.WpManager
O43 - CFD: 04/04/2013 - 20:52:03 - [23,535] -SH-D C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
O43 - CFD: 21/10/2013 - 11:59:50 - [1,063] ----D C:\Users\EUREKA\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
O43 - CFD: 10/01/2012 - 10:04:48 - [129,390] ----D C:\Users\EUREKA\AppData\Roaming\Avant Profiles
O43 - CFD: 29/05/2013 - 12:03:23 - [0,090] ----D C:\Users\EUREKA\AppData\Roaming\DealPly =>PUP.DealPly
O43 - CFD: 03/05/2012 - 18:39:46 - [2,150] ----D C:\Users\EUREKA\AppData\Roaming\Iminent =>Adware.IMBooster
O43 - CFD: 10/03/2012 - 22:02:24 - [0,001] ----D C:\Users\EUREKA\AppData\Roaming\Marine Aquarium 3
O43 - CFD: 01/11/2013 - 16:45:15 - [30,681] ----D C:\Users\EUREKA\AppData\Roaming\OpenCandy =>Adware.OpenCandy
O43 - CFD: 16/08/2011 - 18:54:54 - [107,422] ----D C:\Users\EUREKA\AppData\Roaming\Orca Profiles
O43 - CFD: 23/03/2014 - 18:00:43 - [0,495] ----D C:\Users\EUREKA\AppData\Roaming\SupTab =>PUP.SupTab
O43 - CFD: 21/10/2013 - 11:58:39 - [0] ----D C:\Users\EUREKA\AppData\Local\BonanzaDealsLive =>Adware.BonanzaDeals
O43 - CFD: 27/10/2013 - 14:24:09 - [0] ----D C:\Users\EUREKA\AppData\Local\Duuqu =>PUP.Duuqu
O43 - CFD: 25/03/2014 - 08:09:58 - [9,225] ----D C:\Users\EUREKA\AppData\Local\fst_fr_125 =>PUA.FSTfr9
O43 - CFD: 27/10/2013 - 14:24:04 - [0,278] ----D C:\Users\EUREKA\AppData\Local\SwvUpdater =>PUP.Software.Updater
O43 - CFD: 22/12/2011 - 01:19:12 - [1,635] ----D C:\Users\EUREKA\AppData\Local\vghd
~ 237 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 515 Legitimates Filtered in 00mn 41s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.48B32FC7C6754341EE41DE380CCF0BCD] - 14/03/2014 - 10:19:20 ---A- . (...) -- C:\Windows\wininit.ini [14553]
~ Files: 36 Legitimates Filtered in 00mn 04s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "RunLogonScriptSync"=1
O55 - MWPS:[HKLM\...\Policies\System] - "SynchronousMachineGroupPolicy"=0
O55 - MWPS:[HKLM\...\Policies\System] - "SynchronousUserGroupPolicy"=0
~ MWPS: 20 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "LinkResolveIgnoreLinkInfo"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoResolveSearch"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoResolveTrack"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 14/07/2009 - 02:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 13/07/2009 - 23:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 24/07/2006 - 15:05:00 ---A- . (...) -- C:\Windows\System32\Drivers\StarOpen.sys [5632]
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 14/07/2009 - 02:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 22:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.77EBF3E9386DAA51551AF429052D88D0] - 03/04/1996 - 20:33:26 ---A- . (...) -- C:\Windows\System32\giveio.sys [5248]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 22:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 22:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 22:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 22:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 22:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 22:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 22:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 22:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 22:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 22:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 22:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 20 Legitimates Filtered in 00mn 03s
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 22/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\bookmarkbackups\bookmarks-2014-03-22.json [3173]
O61 - LFC: 23/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\bookmarkbackups\bookmarks-2014-03-23.json [3173]
O61 - LFC: 23/03/2014 - 08:36:44 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\CustomsData [2198] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:44 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\bank [1] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:44 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\categoryNav [890] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:44 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\game [1] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:44 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\hot [1] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:44 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\job [1] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:44 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\mostvisitData [747] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:44 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\music [1] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:44 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\news [1] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:44 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\set_country [3] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:44 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\shopping [1] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:45 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\__addurl_default_tab [1] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:45 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\__ajax_cache [1] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:45 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\__import_data [82] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:45 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\__tips_manager [19] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:45 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\_ver [6] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:45 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\sliders [436] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:45 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\social [1] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:45 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\video [1] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:45 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\wallpaper_all [1275] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:45 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\wallpaper_data [1] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:45 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\wallpaper_option [2] =>PUP.SupTab
O61 - LFC: 23/03/2014 - 08:36:45 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\SupTab\wallpaper_options [31] =>PUP.SupTab
O61 - LFC: 24/03/2014 - 08:35:46 ---A- . (...) -- C:\Users\EUREKA\AppData\Local\fst_fr_125\fst_fr_125\1.10\eorezo.cyl [69] =>PUA.FSTfr9
O61 - LFC: 24/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\blockedpopups.dat [0]
O61 - LFC: 24/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\conf\conf.dat [1380]
O61 - LFC: 24/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\conf\conf.dat.bak [1380]
O61 - LFC: 24/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\conf\conf.dat.vdt [44]
O61 - LFC: 24/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\favicons.dat [634880]
O61 - LFC: 24/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\formdata\forms.dat [23364]
O61 - LFC: 24/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\formdata\forms.dat.bak [23364]
O61 - LFC: 24/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\formdata\forms.dat.vdt [44]
O61 - LFC: 24/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\blocklist.xml [115007]
O61 - LFC: 24/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\bookmarkbackups\bookmarks-2014-03-24.json [3173]
O61 - LFC: 24/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\cert8.db [196608]
O61 - LFC: 24/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\key3.db [16384]
O61 - LFC: 24/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\permissions.sqlite [65536]
O61 - LFC: 24/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\webappsstore.sqlite [1802240]
O61 - LFC: 24/03/2014 - 08:36:45 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Vidalia\vidalia.pid [4]
O61 - LFC: 25/03/2014 - 08:35:46 ---A- . (...) -- C:\Users\EUREKA\AppData\Local\fst_fr_125\fst_fr_125\1.10\cnf.cyl [139] =>PUA.FSTfr9
O61 - LFC: 25/03/2014 - 08:35:46 ---A- . (...) -- C:\Users\EUREKA\AppData\Local\fst_fr_125\upfst_fr_125.cyp [652] =>PUA.FSTfr9
O61 - LFC: 25/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\.atmp [292]
O61 - LFC: 25/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\.index [68]
O61 - LFC: 25/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\459700.opg [4159]
O61 - LFC: 25/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\blockedads.dat [53514]
O61 - LFC: 25/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\bookmarks\bookmarks.dat [11940]
O61 - LFC: 25/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\bookmarks\bookmarks.dat.bak [11940]
O61 - LFC: 25/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\bookmarks\bookmarks.dat.vdt [44]
O61 - LFC: 25/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\closedtabs.dat [76]
O61 - LFC: 25/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\conf.dat [3108]
O61 - LFC: 25/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\conf.dat.bak [3108]
O61 - LFC: 25/03/2014 - 08:36:13 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\conf.dat.vdt [44]
O61 - LFC: 25/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\_CACHE_CLEAN_ [1]
O61 - LFC: 25/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\cookies.sqlite [1572864]
O61 - LFC: 25/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\cookies.sqlite-shm [32768]
O61 - LFC: 25/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\cookies.sqlite-wal [262368]
O61 - LFC: 25/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\downloads.sqlite [98304]
O61 - LFC: 25/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\formhistory.sqlite [196608]
O61 - LFC: 25/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\localstore.rdf [4478]
O61 - LFC: 25/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\places.sqlite [10485760]
O61 - LFC: 25/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\places.sqlite-shm [32768]
O61 - LFC: 25/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\places.sqlite-wal [32824]
O61 - LFC: 25/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\prefs.js [4400]
O61 - LFC: 25/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\startupCache\startupCache.4.little [1151815]
O61 - LFC: 25/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\urlclassifierkey3.txt [154]
O61 - LFC: 25/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\webapps\webapps.json [2]
O61 - LFC: 25/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\webappsstore.sqlite-shm [32768]
O61 - LFC: 25/03/2014 - 08:36:14 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\gecko\Mozilla\Avant\Profiles\c0br5j0h.default\webappsstore.sqlite-wal [0]
O61 - LFC: 25/03/2014 - 08:36:16 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\recenttabs.dat [15679]
O61 - LFC: 25/03/2014 - 08:36:16 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\sites.dat [290816]
O61 - LFC: 25/03/2014 - 08:36:16 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\Avant Profiles\aquanox17@hotmail.com\temp.dat [2255]
O61 - LFC: 25/03/2014 - 08:36:46 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\ZHP\Log.txt [37237] =>.Nicolas Coolman
O61 - LFC: 25/03/2014 - 08:36:46 ---A- . (...) -- C:\Users\EUREKA\AppData\Roaming\ZHP\TestsZHPDiag.txt [2759] =>.Nicolas Coolman
~ 2 Fichiers temporaires (Temporary files)
~ Files: 133 Legitimates Filtered in 06mn 18s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 0
A voir également:
- Mon pc es envahie de pub,help
- Bloqueur de pub youtube - Guide
- Benchmark pc - Guide
- Netflix standard avec pub - Guide
- Mon pc rame que faire - Guide
- Mon pc s'allume mais ne démarre pas windows 10 - Guide
3 réponses
EUREKA fr
Messages postés
19
Date d'inscription
mardi 1 avril 2008
Statut
Membre
Dernière intervention
26 mars 2014
1
26 mars 2014 à 09:34
26 mars 2014 à 09:34
bonjour, mon probleme es resolut. un ami informaticien est passer et a tout nettoyer,y'avait bien un mechant virus qui etait passer a travers. et oui et non mon win es legal. il l'es parce que il etait dans l'ordi quand je l'es acheter mais j'ai dut réinstallé et l'etiquette avec la clée s'est effacer alors je l'es craquer.rien de bien mechant merci a vous d'avoir pris le temps.
Husman60
Messages postés
2940
Date d'inscription
samedi 13 juillet 2013
Statut
Membre
Dernière intervention
11 janvier 2019
724
25 mars 2014 à 09:18
25 mars 2014 à 09:18
Salut,
On va passer un logiciel qui détecte et supprime les Adwares (publicités) :
=> Télécharger AdwCleaner (de Xplode) :
https://www.commentcamarche.net/telecharger/securite/2759-adwcleaner/#q=adwcleaner&cur=1&url=%2F
=> Une fois le téléchargement terminé, Démarrer le Programme (icône en forme
d'Insecte dans le dossier "téléchargements") avec Clic-droit >
"Exécuter en tant qu'administrateur" si il ne se lance avec un double-clic.
Dans le Programme :
=> Cliquer sur "scanner" puis sur "Nettoyer".
=> L'analyse est lancée, il est conseillé de ne rien faire pendant ce temps.
Il est possible que la fenêtre se grise avec le message "le programme
ne répond pas" s'affiche. Ne Toucher à Rien, l'analyse continue malgré tout.
=> A la fin de l'analyse, si le rapport ne s'affiche pas tout seul,
il se trouve à la racine du disque dur avec pour nom "ADWCleaner[Sx].txt"
(x correspond à un numéro, les fichiers les plus récents ont le numéro le plus grand).
Mettre en ligne le rapport :
=> Se rendre sur https://www.cjoint.com/
=> Avec le bouton "Parcourir", trouver le fichier créé précédemment.
=> Choisir diffusion "Publique" pour une durée "Illimitée"
car on ne sait pas combien de temps prendra la désinfection du PC.
=> (FACULTATIF) Renseigner une adresse mail valide sur laquelle
seront envoyés le lien du fichier analysé ainsi que le lien d'une page permettant
de supprimer la mise en ligne de ce fichier (à faire après le dépannage).
=> Cliquer sur "Créer le lien Cjoint". Une nouvelle page s'ouvre
contenant le lien du fichier. Faire un Clic-droit > "Copier l'adresse du lien".
=> Créer une nouvelle réponse ICI, coller le lien et attendre ;-)
En cas de soucis avec Cjoint, aide détaillée avec photos :
https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers#q=cjoint&cur=1&url=%2F
Désinstaller AdwCleaner :
=> Ce programme est mis à jour régulièrement, il est donc conseillé de le
désinstaller après un scan/nettoyage. Relancer le programme et cliquer sur "Désinstaller".
A+
On va passer un logiciel qui détecte et supprime les Adwares (publicités) :
=> Télécharger AdwCleaner (de Xplode) :
https://www.commentcamarche.net/telecharger/securite/2759-adwcleaner/#q=adwcleaner&cur=1&url=%2F
=> Une fois le téléchargement terminé, Démarrer le Programme (icône en forme
d'Insecte dans le dossier "téléchargements") avec Clic-droit >
"Exécuter en tant qu'administrateur" si il ne se lance avec un double-clic.
Dans le Programme :
=> Cliquer sur "scanner" puis sur "Nettoyer".
=> L'analyse est lancée, il est conseillé de ne rien faire pendant ce temps.
Il est possible que la fenêtre se grise avec le message "le programme
ne répond pas" s'affiche. Ne Toucher à Rien, l'analyse continue malgré tout.
=> A la fin de l'analyse, si le rapport ne s'affiche pas tout seul,
il se trouve à la racine du disque dur avec pour nom "ADWCleaner[Sx].txt"
(x correspond à un numéro, les fichiers les plus récents ont le numéro le plus grand).
Mettre en ligne le rapport :
=> Se rendre sur https://www.cjoint.com/
=> Avec le bouton "Parcourir", trouver le fichier créé précédemment.
=> Choisir diffusion "Publique" pour une durée "Illimitée"
car on ne sait pas combien de temps prendra la désinfection du PC.
=> (FACULTATIF) Renseigner une adresse mail valide sur laquelle
seront envoyés le lien du fichier analysé ainsi que le lien d'une page permettant
de supprimer la mise en ligne de ce fichier (à faire après le dépannage).
=> Cliquer sur "Créer le lien Cjoint". Une nouvelle page s'ouvre
contenant le lien du fichier. Faire un Clic-droit > "Copier l'adresse du lien".
=> Créer une nouvelle réponse ICI, coller le lien et attendre ;-)
En cas de soucis avec Cjoint, aide détaillée avec photos :
https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers#q=cjoint&cur=1&url=%2F
Désinstaller AdwCleaner :
=> Ce programme est mis à jour régulièrement, il est donc conseillé de le
désinstaller après un scan/nettoyage. Relancer le programme et cliquer sur "Désinstaller".
A+
lilidurhone
Messages postés
43343
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
18 septembre 2023
3 804
25 mars 2014 à 09:23
25 mars 2014 à 09:23
Hello
Son Windows est pas légal
Son Windows est pas légal
lilidurhone
Messages postés
43343
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
18 septembre 2023
3 804
25 mars 2014 à 09:19
25 mars 2014 à 09:19
Hello
Ton Windows est t-il légal?
Ton Windows est t-il légal?
Husman60
Messages postés
2940
Date d'inscription
samedi 13 juillet 2013
Statut
Membre
Dernière intervention
11 janvier 2019
724
25 mars 2014 à 10:06
25 mars 2014 à 10:06
Bien vu lilidurhone, j'ai pas pris le temps de lire le rapport en copier/coller, puisqu'il était incomplet :/
