Sujet Précédent Sujet Suivant

Rapport ZHPFIX et ensuite ??

Fermé
DOMID45 Messages postés 8 Date d'inscription vendredi 11 octobre 2013 Statut Membre Dernière intervention 4 mai 2019 - 9 avril 2014 à 12:09
 Utilisateur anonyme - 9 avril 2014 à 21:56
Bonjour,





J'ai copié collé le rapport de ZHPDIAG dans ZHPFIX, j'ai cliqué sur GO mais il ne se passe rien

que faut il faire

4 réponses

Réponse 1 / 4
Utilisateur anonyme
Modifié par California50 le 9/04/2014 à 14:48
Bonjour 
J'ai copié collé le rapport de ZHPDIAG dans ZHPFIX, j'ai cliqué sur GO
Vous vous rendez compte de ce que vous venez de faire ?
Faut pas utiliser ZHPFix sans l'avis d'un contributeur sécurité.
Si vous avez mis tous le rapport de ZHPDiag dans ZHPFix, bonjour les dégâts.
Il ne s'est rien passé, et heureusement, car vous n'avez pas mis la commande ScriptZHPFix au début, car sinon, vous auriez fait d'énormes dégâts, attendez qu'un contributeur sécurité vienne vous aider.
Cordialement
1
Réponse 2 / 4
lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 18 septembre 2023 3 805
9 avril 2014 à 16:36
Hello vous 2

+1 california

Peux tu poster le rapport zhpdiag?
0
Réponse 3 / 4
DOMID45 Messages postés 8 Date d'inscription vendredi 11 octobre 2013 Statut Membre Dernière intervention 4 mai 2019
9 avril 2014 à 18:13
Bonjour

je suis vraiment confuse d'avoir fait le copier coller en suivant, je m'étais fiée aux forums et n'avait pas eu l'ombre d'un doute. visiblement j'ai eu de la chance

ci dessous le rapport :

~ Rapport de ZHPDiag v2014.4.8.12 - Nicolas Coolman (09/04/2014)
~ Lancé par Utilisateur (09/04/2014 11:47:09)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Not Found


---\\ Navigateurs Internet
MSIE: Internet Explorer v8.0.6001.18702
GCIE: Google Chrome v33.0.1750.154 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Microsoft Windows XP, 32-bit Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK

---\\ Logiciels de protection du système
avast! Free Antivirus v9.0.2011
Microsoft Security Client v4.5.0216.0

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 12 Plugin
Adobe Reader XI

---\\ Informations sur le système
~ Processor: x86 Family 15 Model 6 Stepping 2, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2046 MB (46% free)
System Restore: Activé (Enable)
System drive C: has 363 GB (78%) free of 464 GB

---\\ Mode de connexion au système
~ Computer Name: DELL
~ User Name: Utilisateur
~ All Users Names: Utilisateur, SUPPORT_388945a0, HelpAssistant, ASPNET, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Documents and Settings\Utilisateur\Application Data\ZHP\
~ %AppData% : C:\Documents and Settings\Utilisateur\Application Data\
~ %Desktop% : C:\Documents and Settings\Utilisateur\Bureau\
~ %Favorites% : C:\Documents and Settings\Utilisateur\Favoris\
~ %LocalAppData% : C:\Documents and Settings\Utilisateur\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\Utilisateur\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 363 Go of 464 Go)
D: CD-ROM drive (Not Inserted)
E: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
~ Security Center: 41 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.13/04/2008 - 18:34:04.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.1643EF58F167E8EDA0566EA4402ECB8D] - (.Microsoft Corporation - Internet Extensions for Win32.) (.24/02/2014 - 12:45:24.) -- C:\WINDOWS\system32\wininet.dll [920064]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.13/04/2008 - 18:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 10:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/04/2008 - 11:14:22.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/04/2008 - 10:40:48.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.13/04/2008 - 17:57:40.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 08:36:06.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.13/04/2008 - 18:00:54.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/04/2008 - 10:41:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/04/2008 - 10:57:16.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/04/2008 - 11:19:44.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/04/2008 - 11:21:02.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 - 11:15:54.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.13/04/2008 - 18:09:42.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/04/2008 - 11:19:44.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 10:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/04/2008 - 17:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.13/04/2008 - 17:56:06.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/7895
~ Mes musiques (My Musics) : 2/1742
~ Mes Videos (My Videos) : 2/7200
~ Mes Favoris (My Favorites) : 1/34
~ Mes Documents (My Documents) : 2/17761
~ Mon Bureau (My Desktop) : 2/1024
~ Menu demarrer (Programs) : 1/23
~ Hidden Files: Scanned in 00mn 04s



---\\ Processus lancés
[MD5.471087B5E1E01CC82604E81EA14781D8] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [602112] [PID.932]
[MD5.1EE3643D1AA747222427F63353611AD7] - (.Microsoft Corporation - Antimalware Service Executable.) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216] [PID.1136]
[MD5.D74884939D53612FD84AC82C59CCFE27] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1552]
[MD5.F518545E5B7623AD49ABE7F8776EFA46] - (.Apple Inc. - YSLoader.exe.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336] [PID.1632]
[MD5.6D3EA768AF4587289B2934B891C77920] - (.Broadcom Corporation. - Bluetooth Support Server.) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [266295] [PID.1864]
[MD5.2BED61559F792974713EADEFC4977381] - (.Iminent - Iminent Protection.) -- C:\Program Files\Fichiers communs\Umbrella\Umbrella.exe [2922304] [PID.584] =>Adware.IMBooster
[MD5.775A7C4B689C0F112A12AD62064E57D1] - (.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [5093216] [PID.840]
[MD5.8B485AC47C446C9FBEA8641DA36D35DC] - (.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files\TeamViewer\Version8\TeamViewer.exe [12641632] [PID.2564]
[MD5.DD43BC3F03A11FBC48E11C62A4579916] - (.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files\TeamViewer\Version8\tv_w32.exe [195936] [PID.2932]
[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.3268]
[MD5.0F869E88FA4489FBE231A42646488CE8] - (.SigmaTel, Inc. - Sigmatel Audio system tray application.) -- C:\WINDOWS\stsystra.exe [339968] [PID.2100]
[MD5.6B87742F27B087AF7FD4ADC2DB685DE0] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [49152] [PID.2296]
[MD5.0711524E77BE0747927D18385468D36E] - (.Macrovision Corporation - Macrovision Update Service Scheduler.) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [81920] [PID.2312]
[MD5.21293443961A4E2597453EE7A9347F22] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54840] [PID.2480]
[MD5.FF473648E7B1B37C7F3249A6549FAC72] - (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150016] [PID.2596]
[MD5.AFEBF9E0B223FF04709F747C172D3540] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024] [PID.2740]
[MD5.085BE68B52CE5A5FA4621507AD518CF3] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [152392] [PID.2760]
[MD5.F576CA88DC79EE6369302182B2BD1E9F] - (...) -- C:\Documents and Settings\Utilisateur\Local Settings\Application Data\fst_fr_134\upfst_fr_134.exe [3234256] [PID.2832] =>PUA.FSTfr9
[MD5.9AE882A67F019CF30E8C9D7D60B05DDA] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [553288] [PID.1896]
[MD5.9C827CCA70A5588821F29A6124652200] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [20551840] [PID.3172]
[MD5.4C08FB7ACB28689B586D986D3F5826CF] - (.ATI Technologies Inc. - Catalyst Control Centre: Host application.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe [49152] [PID.3600]
[MD5.7790196AED5771815F7DF3FAF7D4B3B4] - (.Broadcom Corporation. - Bluetooth Tray Application.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [618557] [PID.3648]
[MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53784] [PID.2784]
[MD5.358A9CCA612C68EB2F07DDAD4CE1D8D7] - (.Microsoft Corporation - Microsoft Office Software Protection Platfo.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.exe [4640000] [PID.2876]
[MD5.6A0A7C1142AB0D34C49FD9C073B21C41] - (.Nicolas Coolman - ZHPFix.) -- C:\Program Files\ZHPDiag\ZHPFix\ZHPFix.exe [3052032] [PID.2468]
[MD5.3A924B200D86590D2C83214CEBFA9742] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [859976] [PID.2344]
[MD5.EC15A606D68A99B6911ABB644ACF6654] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8193536] [PID.900]
~ Processes Running: Scanned in 00mn 02s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)

---\\ Liste des dossiers d'extension Google Chrome

~ Google Lines Browser: 11 Legitimates Filtered in 00mn 06s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.iminent.com =>Adware.IMBooster
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://istart.webssearches.com =>Hijacker.WebsSearches
~ IE Browser: 14 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:56847 =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: RightSurf - {88be1aa9-6740-461c-9e3e-f35eb8fa741c} . (.RightSurf - RightSurf.) -- C:\Program Files\RightSurf\RightSurfBHO.dll =>PUP.RightSurf
~ BHO: 14 Legitimates Filtered in 00mn 01s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! Online Security - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Program [AllUsers]: Favoris Bluetooth.lnk - Clé orpheline
O4 - GS\Program [AllUsers]: Windows Search.lnk . (.Microsoft Corporation - Windows Search System Tray.) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O4 - GS\Program [Utilisateur]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com =>Hijacker.WebsSearches
~ Global Startup: 12 Legitimates Filtered in 00mn 00s



---\\ Applications lancées au démarrage du système (O4)
O4 - GS\Program [AllUsers]: BTTray.lnk . (.Broadcom Corporation. - Bluetooth Tray Application.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
O4 - GS\Program [AllUsers]: Windows Search.lnk . (.Microsoft Corporation - Windows Search System Tray.) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] . (.SigmaTel, Inc. - Sigmatel Audio system tray application.) -- C:\WINDOWS\stsystra.exe
O4 - HKLM\..\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [ISUSPM Startup] . (.Macrovision Corporation - Macrovision Update Service Update Manager.) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
O4 - HKLM\..\Run: [ISUSScheduler] . (.Macrovision Corporation - Macrovision Update Service Scheduler.) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Run: [hpqSRMon] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe (.not file.) =>PUP.Mobogenie
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [IminentMessenger] C:\Program Files\Iminent\Iminent.Messengers.exe (.not file.) =>Adware.IMBooster
O4 - HKLM\..\Run: [fst_fr_134] Clé orpheline =>PUA.FSTfr9
O4 - HKLM\..\Run: [upfst_fr_134.exe] . (...) -- C:\Documents and Settings\Utilisateur\Local Settings\Application Data\fst_fr_134\upfst_fr_134.exe =>PUA.FSTfr9
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] . (...) -- C:\Program Files\Fichiers communs\logishrd\WUApp32.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] . (...) -- C:\Program Files\Fichiers communs\logishrd\WUApp32.exe
O4 - HKUS\S-1-5-21-1220945662-1708537768-725345543-1004\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1220945662-1708537768-725345543-1004\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-1220945662-1708537768-725345543-1004\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBTTN~1.dll =>.Microsoft Corporation
O9 - Extra button: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: Garmin Communicator Plug-In (Garmin Communicator Plug-In) - https://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} ((no name)) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1136307278906
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{BCFDB3EE-9780-4EC9-8C92-E486ADEAA725}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS1\Services\Tcpip\..\{BCFDB3EE-9780-4EC9-8C92-E486ADEAA725}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS3\Services\Tcpip\..\{BCFDB3EE-9780-4EC9-8C92-E486ADEAA725}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\system32\Ati2evxx.dll
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: SProtection (SProtection) . (.Iminent - Iminent Protection.) - C:\Program Files\Fichiers communs\Umbrella\Umbrella.exe =>Adware.IMBooster
O23 - Service: WinkHandler (WinkHandler) . (...) - C:\Program Files\Iminent\WinkHandler.exe (.not file.) =>Adware.IMBooster
~ Services: 9 Legitimates Filtered in 00mn 06s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - C:\WINDOWS\web\wallpaper\Colline verdoyante.bmp
O24 - Desktop General: WallPaper - .(...) - C:\WINDOWS\web\wallpaper\Colline verdoyante.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job [234]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP -mensuellement.job [228]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\ProgramRefresh-ATFST.job [462]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\ProgramUpdateCheck.job [406]
~ Scheduled Task: 11 Legitimates Filtered in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (tStLib) . (.StdLib - StdLib.) - C:\WINDOWS\system32\drivers\tStLib.sys =>PUP.LinkiDoo
~ Drivers: 71 Legitimates Filtered in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: Boxore Client - (.Boxore OU.) [HKLM] -- {0F36B254-FB44-4859-8917-83778F120A7C} =>Adware.Boxore
O42 - Logiciel: Lyrics Plus - (.Plus Add-on Software.) [HKLM] -- lyrics@lyricsplus.net =>Adware.AddLyrics
O42 - Logiciel: Savings Bull - (.Savings Bull.) [HKLM] -- Level Quality Watcher =>PUP.SavingsBull
O42 - Logiciel: SavingsBull - (.SavingsBull.) [HKLM] -- {6DDE8071-E4BA-461B-8A96-990DFAA0EBD1} =>PUP.SavingsBull
O42 - Logiciel: Speed Test (4354) - (.Speed Analysis.) [HKLM] -- Speed Test (4354) =>PUP.SpeedAnalysis
~ Logic: 48 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\RightSurf] =>PUP.RightSurf
[HKCU\Software\SavingsBull] =>PUP.SavingsBull
[HKCU\Software\TutoTag] =>Spyware.AgenceExclusive
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKLM\Software\LevelQualityWatcher] =>PUP.LevelQualityWatcher
[HKLM\Software\RightSurf] =>PUP.RightSurf
[HKLM\Software\Savings Bull] =>PUP.SavingsBull
[HKLM\Software\Tutorials] =>Spyware.AgenceExclusive
[HKLM\Software\Umbrella]
[HKLM\Software\free_soft_to_day] =>Adware.FreeSoftToday
~ Key Software: 283 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 30/03/2014 - 21:20:17 - [3,800] ----D C:\Program Files\fst_fr_134 =>PUA.FSTfr9
O43 - CFD: 30/03/2014 - 21:57:05 - [0] ----D C:\Program Files\IminentToolbar =>Adware.IMBooster
O43 - CFD: 01/03/2014 - 00:42:17 - [0] ----D C:\Program Files\Level Quality Watcher =>Adware.LevelQualityWatcher
O43 - CFD: 30/03/2014 - 22:31:40 - [0] ----D C:\Program Files\melondrea =>PUP.Melondrea
O43 - CFD: 10/03/2014 - 10:23:49 - [2,161] ----D C:\Program Files\RightSurf =>PUP.RightSurf
O43 - CFD: 10/03/2014 - 10:24:22 - [2,790] ----D C:\Program Files\SavingsBull =>PUP.SavingsBull
O43 - CFD: 23/12/2013 - 09:42:43 - [2,990] ----D C:\Program Files\Speed Test (4354) =>Adware.ScriptHost
O43 - CFD: 09/04/2014 - 08:07:09 - [8,369] ----D C:\Program Files\Fichiers communs\Umbrella
O43 - CFD: 27/03/2014 - 17:49:58 - [0,259] ----D C:\Documents and Settings\Utilisateur\Application Data\IminentToolbar =>Adware.IMBooster
O43 - CFD: 21/02/2014 - 20:45:02 - [0,004] ----D C:\Documents and Settings\Utilisateur\Application Data\newnext.me =>PUP.NextLive
O43 - CFD: 07/12/2013 - 16:59:46 - [0,996] ----D C:\Documents and Settings\Utilisateur\Application Data\speedtest4354
O43 - CFD: 09/04/2014 - 11:09:21 - [9,399] ----D C:\Documents and Settings\Utilisateur\Local Settings\Application Data\fst_fr_134 =>PUA.FSTfr9
O43 - CFD: 10/03/2014 - 09:39:45 - [0] ----D C:\Documents and Settings\Utilisateur\Local Settings\Application Data\genienext =>PUP.NextLive
~ Program Folder: 185 Legitimates Filtered in 00mn 03s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.EC6E4AEA2B914AD09A56689C8C819659] - 08/04/2014 - 21:50:21 ---A- . (...) -- C:\WINDOWS\win.ini [815]
O44 - LFC:[MD5.8AC7D0D703104C863A6EC9CB63DA2414] - 09/04/2014 - 07:05:00 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.5D82044C981EE61FEE21F7CA817939CD] - 09/04/2014 - 07:05:07 ---A- . (...) -- C:\WINDOWS\wiadebug.log [157]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 09/04/2014 - 07:10:19 ---A- . (...) -- C:\END [0]
O44 - LFC:[MD5.D8113A19DBB03FFFC9336CCC20506328] - 28/03/2014 - 17:56:18 ---A- . (...) -- C:\WINDOWS\wmsetup.log [68274]
~ Files: 22 Legitimates Filtered in 00mn 19s



---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
O46 - SEH:ShellExecuteHooks - Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.F385467DF95D0A73775CB3B076B8B969] - 20/01/2014 - 07:50:37 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944]
O58 - SDL:[MD5.1B0662514A68C3A42E60D240C5ABEF28] - 20/01/2014 - 07:50:37 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswVmm.sys [180248]
O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 05/08/2004 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\Drivers\cinemst2.sys [262528]
O58 - SDL:[MD5.6216FD7FD227DE454238A702B218CEC7] - 23/01/2014 - 18:31:06 ---A- . (.Devguru Co., Ltd - Device Error Recovery SDK(x86).) -- C:\WINDOWS\system32\Drivers\dgderdrv.sys [20032]
O58 - SDL:[MD5.573C7D0A32852B48F3058CFD8026F511] - 13/04/2008 - 08:36:06 ----- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\hdaudbus.sys [144384]
O58 - SDL:[MD5.9131EDE087AF04A7D80F7EBADC164254] - 12/08/2004 - 17:45:52 ----- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Function Driver v1.0.) -- C:\WINDOWS\system32\Drivers\Hdaudio.sys [113664]
O58 - SDL:[MD5.566C5FD480FDBCE3BA5CF9FBCFFAEA9A] - 09/10/2008 - 14:42:42 ---A- . (.Windows (R) Codename Longhorn DDK provider - KMWDFilter Driver from UASSOFT.COM.) -- C:\WINDOWS\system32\Drivers\KMWDFILTER.sys [17408]
O58 - SDL:[MD5.C53775780148884AC87C455489A0C070] - 13/04/2008 - 10:23:42 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\mtlmnt5.sys [126686]
O58 - SDL:[MD5.54886A652BF5685192141DF304E923FD] - 13/04/2008 - 10:23:40 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\mtlstrm.sys [1309184]
O58 - SDL:[MD5.6DDA78A0BE692B61B668FAB860F276CF] - 13/04/2008 - 08:34:28 ----- . (.Matrox Graphics Inc. - Matrox Parhelia Miniport Driver.) -- C:\WINDOWS\system32\Drivers\mtxparhm.sys [452736]
O58 - SDL:[MD5.576B34CEAE5B7E5D9FD2775E93B3DB53] - 13/04/2008 - 10:23:42 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\ntmtlfax.sys [180360]
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 05/08/2004 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\Drivers\ptilink.sys [17792]
O58 - SDL:[MD5.E9AAA0092D74A9D371659C4C38882E12] - 13/04/2008 - 10:23:44 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\recagent.sys [13776]
O58 - SDL:[MD5.D9673011648A71ED1E1F77B831BC85E6] - 13/04/2008 - 10:23:44 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\slnt7554.sys [129535]
O58 - SDL:[MD5.2C1779C0FEB1F4A6033600305EBA623A] - 13/04/2008 - 10:23:46 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\slntamr.sys [404990]
O58 - SDL:[MD5.F9B8E30E82EE95CF3E1D3E495599B99C] - 13/04/2008 - 10:23:48 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\slnthal.sys [95424]
O58 - SDL:[MD5.DB56BB2C55723815CF549D7FC50CFCEB] - 13/04/2008 - 10:23:48 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\slwdmsup.sys [13240]
O58 - SDL:[MD5.7914906F2592A6E772227A54D85BAE45] - 22/03/2014 - 10:07:24 ---A- . (.StdLib - StdLib.) -- C:\WINDOWS\system32\Drivers\tStLib.sys [55224] =>PUP.LinkiDoo
O58 - SDL:[MD5.6E421CCC57059B0186C6259CA3B6DFC9] - 13/12/2012 - 13:50:38 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\WINDOWS\system32\Drivers\usbaapl.sys [45056]
O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 05/08/2004 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\Drivers\vdmindvd.sys [58112]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912]
O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000]
O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
~ Drivers: 5 Legitimates Filtered in 00mn 04s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 25/02/2014 - C:\Program Files\Fichiers communs\Umbrella\Umbrella.exe (SProtection) .(.Iminent - Iminent Protection.) - LEGACY_SPROTECTION =>Adware.IMBooster
O64 - Services: CurCS - 22/03/2014 - C:\WINDOWS\system32\drivers\tStLib.sys (tStLib) .(.StdLib - StdLib.) - LEGACY_TSTLIB =>PUP.LinkiDoo
~ Legacy: 148 Legitimates Filtered in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 10 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <chrome.exe> <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com =>Hijacker.WebsSearches
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (StartWeb) - http://start.iminent.com =>Adware.IMBooster
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (webssearches) - http://istart.webssearches.com =>Hijacker.WebsSearches
O69 - SBI: SearchScopes [HKCU] {460C3D19-B3D4-4964-A550-77D263B0CCCB} - (@ieframe.dll,-12512) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {65A02D1F-F8C9-8AAA-DEFB-47C6576DAEC8} - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {66525096-63CA-40D6-A04D-41F7862C10E2} - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {7ED410B3-E5C2-4317-8C4B-5F2FD0E91875} - (appbarioFR Customized Web Search) - http://search.conduit.com =>PUP.AppBario
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - () - https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {66525096-63CA-40D6-A04D-41F7862C10E2} - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - () - https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {66525096-63CA-40D6-A04D-41F7862C10E2} - (Google) - https://www.google.com/?gws_rd=ssl
~ Keys: Scanned in 00mn 00s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "1708EDD6AB4EB164A86999D0AF0ABE1D" . (.SavingsBull.) -- c:\WINDOWS\Installer\{6DDE8071-E4BA-461B-8A96-990DFAA0EBD1}\icon64.ico =>PUP.SavingsBull
O90 - PUC: "452B63F044BF958498713877F821A0C7" . (.Boxore Client.) -- C:\WINDOWS\Installer\{0F36B254-FB44-4859-8917-83778F120A7C}\boxore.ico =>Adware.Boxore
~ Update Products: 103 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.41C6C386D8F36B96A1A891F4ACBE6C71] [WIS][11/05/2013] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\1c7048.msi [24576] =>Adware.Boxore
[MD5.31D78A09BC2CFAC26041F7F9616700A3] [WIS][09/12/2012] (.HP - HP.) -- C:\Windows\Installer\1f9817.msi [2113536]
[MD5.D8D4BBC5C972CA624080516D75F2CA03] [WIS][09/12/2012] (.Builds the Destinations MSI - Builds the Destinations MSI.) -- C:\Windows\Installer\1f9834.msi [459264]
[MD5.452C4D2F4CADC236CC54FC0D4433216E] [WIS][26/07/2013] (.Boxore OU - Boxore Client Installer.) -- C:\Windows\Installer\2676f.msi [474624] =>Adware.Boxore
[MD5.091A0E57B03C42D6F61F5CCD34ACA506] [WIS][16/10/2013] (.Iminent - Iminent.) -- C:\Windows\Installer\2d17fb4.msi [1821696] =>Adware.IMBooster
[MD5.EA8F7C238A1702F8A4B7AA6E8A57E9A4] [WIS][01/03/2014] (.SavingsBull - SavingsBull.) -- C:\Windows\Installer\2f1108f.msi [1853952] =>PUP.SavingsBull
~ WIS: 106 Legitimates Filtered in 00mn 01s



---\\ Recherche de clés de registre CLSID (O101)
[HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] (Google Toolbar) =>Toolbar.Google
[HKCR\CLSID\{6F8C19A0-97A1-435D-9532-857EFF3AD43E}] (Lyrics Plus) =>Adware.AddLyrics
[HKCR\CLSID\{88be1aa9-6740-461c-9e3e-f35eb8fa741c}] (RightSurf) =>PUP.RightSurf
[HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Google Toolbar Helper) =>Toolbar.Google
[HKCR\CLSID\{AF0C0AA7-AFBA-46a0-A394-B1E1345FD936}] (OfferBoxUI.TheBoxDeskBand) =>PUP.OfferBox
[HKCR\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] (Google Toolbar Notifier BHO) =>Toolbar.Google
~ BCK: 4283 Legitimates Filtered in 00mn 08s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 11/03/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 10/02/2010 593920 | (ATI Smart) . (...) - C:\WINDOWS\system32\ati2sgag.exe
SS - | Demand 13/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SS - | Auto 27/09/2012 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 27/09/2012 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 29/09/2012 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 13/04/2008 14336 | C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\WINDOWS\system32\svchost.exe
SS - | Demand 22/10/2004 73728 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
SS - | Auto 10/07/1658 0 | (RoxLiveShare9) . (...) - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
SS - | Demand 11/06/2012 724376 | (ServiceLayer) . (.Nokia.) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
SS - | Auto 05/09/2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Auto 10/07/1658 0 | (WinkHandler) . (...) - C:\Program Files\Iminent\WinkHandler.exe =>Adware.IMBooster

SR - | Auto 07/01/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 11/02/2010 602112 | (Ati HotKey Poller) . (.ATI Technologies Inc..) - C:\WINDOWS\system32\Ati2evxx.exe
SR - | Auto 20/01/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 02/12/2005 266295 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
SR - | Demand 20/01/2014 553288 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 11/03/2014 22216 | (MsMpSvc) . (.Microsoft Corporation.) - c:\Program Files\Microsoft Security Client\MsMpEng.exe
SR - | Auto 25/02/2014 2922304 | (SProtection) . (.Iminent.) - C:\Program Files\Fichiers communs\Umbrella\Umbrella.exe =>Adware.IMBooster
SR - | Auto 07/02/2014 5093216 | (TeamViewer8) . (.TeamViewer GmbH.) - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

~ Services: Scanned in 00mn 09s



---\\ Scan Additionnel (O88)
Database Version : 13044 - (09/04/2014)
Clés trouvées (Keys found) : 20
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 17
Fichiers trouvés (Files found) : 19

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88BE1AA9-6740-461C-9E3E-F35EB8FA741C}] =>PUP.RightSurf^
[HKLM\SYSTEM\CurrentControlSet\Services\SProtection] =>Adware.IMBooster^
[HKLM\SYSTEM\CurrentControlSet\Services\WinkHandler] =>Adware.IMBooster^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0F36B254-FB44-4859-8917-83778F120A7C}] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\lyrics@lyricsplus.net] =>Adware.AddLyrics^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Level Quality Watcher] =>PUP.SavingsBull^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6DDE8071-E4BA-461B-8A96-990DFAA0EBD1}] =>PUP.SavingsBull^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Speed Test (4354)] =>PUP.SpeedAnalysis^
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\IMBoosterARP] =>Adware.IMBooster
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKLM\Software\Tutorials] =>Spyware.AgenceExclusive
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\VAFPlayer] =>PUP.VAFPlayer
[HKLM\Software\Google\Chrome\Extensions\hlddcjcfgdjclmkhhddocoendieiooag] =>Adware.AddLyrics
[HKLM\Software\TelevisionFanaticEI] =>PUP.TelevisionFanatic
[HKLM\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}] =>Adware.BrowseFox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AAC05EAA51DC78A41A1DCE3B31038584] =>Adware.Boxore^
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:mobilegeni daemon =>PUP.Mobogenie^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:swg =>Toolbar.Google^
C:\Program Files\fst_fr_134 =>PUA.FSTfr9^
C:\Program Files\IminentToolbar =>Adware.IMBooster^
C:\Program Files\Level Quality Watcher =>Adware.LevelQualityWatcher^
C:\Program Files\melondrea =>PUP.Melondrea^
C:\Program Files\RightSurf =>PUP.RightSurf^
C:\Program Files\SavingsBull =>PUP.SavingsBull^
C:\Program Files\Speed Test (4354) =>Adware.ScriptHost^
C:\Documents and Settings\Utilisateur\Application Data\IminentToolbar =>Adware.IMBooster^
C:\Documents and Settings\Utilisateur\Application Data\newnext.me =>PUP.NextLive^
C:\Documents and Settings\Utilisateur\Local Settings\Application Data\fst_fr_134 =>PUA.FSTfr9^
C:\Documents and Settings\Utilisateur\Local Settings\Application Data\genienext =>PUP.NextLive^
C:\Program Files\SearchProtect =>Toolbar.Conduit
C:\Program Files\Fichiers communs\Umbrella =>Adware.IMBooster
C:\Documents and Settings\All Users\Application Data\Software =>Adware.Boxore
C:\Documents and Settings\Utilisateur\Local Settings\Application Data\SearchProtect =>Toolbar.Conduit
C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Software =>Adware.Boxore
C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Temp\Iminent =>Adware.IMBooster
C:\Program Files\Fichiers communs\Umbrella\Umbrella.exe =>Adware.IMBooster^
C:\Documents and Settings\Utilisateur\Local Settings\Application Data\fst_fr_134\upfst_fr_134.exe =>PUA.FSTfr9^
[HKCU\Software\RightSurf] =>PUP.RightSurf^
[HKCU\Software\SavingsBull] =>PUP.SavingsBull^
[HKCU\Software\TutoTag] =>Spyware.AgenceExclusive^
[HKLM\Software\LevelQualityWatcher] =>PUP.LevelQualityWatcher^
[HKLM\Software\RightSurf] =>PUP.RightSurf^
[HKLM\Software\Savings Bull] =>PUP.SavingsBull^
[HKLM\Software\free_soft_to_day] =>Adware.FreeSoftToday^
C:\Windows\Installer\1c7048.msi =>Adware.Boxore^
C:\Windows\Installer\2676f.msi =>Adware.Boxore^
C:\Windows\Installer\2d17fb4.msi =>Adware.IMBooster^
C:\Windows\Installer\2f1108f.msi =>PUP.SavingsBull^
[HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] (Google Toolbar) =>Toolbar.Google^
[HKCR\CLSID\{6F8C19A0-97A1-435D-9532-857EFF3AD43E}] (Lyrics Plus) =>Adware.AddLyrics^
[HKCR\CLSID\{88be1aa9-6740-461c-9e3e-f35eb8fa741c}] (RightSurf) =>PUP.RightSurf^
[HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Google Toolbar Helper) =>Toolbar.Google^
[HKCR\CLSID\{AF0C0AA7-AFBA-46a0-A394-B1E1345FD936}] (OfferBoxUI.TheBoxDeskBand) =>PUP.OfferBox^
[HKCR\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] (Google Toolbar Notifier BHO) =>Toolbar.Google^
~ Additionnel Scan: 267256 Items scanned in 00mn 41s



---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
http://nicolascoolman.webs.com/apps/blog/show/34014358-pua-fstfr9 =>PUA.FSTfr9
http://nicolascoolman.webs.com/apps/blog/show/41962428-hijacker-webssearches =>Hijacker.WebsSearches
http://nicolascoolman.webs.com/apps/blog/show/27232411-hijacker-proxy =>Hijacker.Proxy
http://nicolascoolman.webs.com/apps/blog/show/41196115-pup-rightsurf =>PUP.RightSurf
http://nicolascoolman.webs.com/apps/blog/show/41034005-pup-mobogenie =>PUP.Mobogenie
http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
http://nicolascoolman.webs.com/apps/blog/show/26601058-adware-addlyrics =>Adware.AddLyrics
http://nicolascoolman.webs.com/apps/blog/show/41823682-pup-savingsbull =>PUP.SavingsBull
http://nicolascoolman.webs.com/apps/blog/show/28153012-pup-speedanalysis =>PUP.SpeedAnalysis
http://nicolascoolman.webs.com/apps/blog/show/26627641-spyware-agenceexclusive =>Spyware.AgenceExclusive
http://nicolascoolman.webs.com/apps/blog/show/33340107-adware-freesofttoday =>Adware.FreeSoftToday
http://nicolascoolman.webs.com/apps/blog/show/41783674-pup-melondrea =>PUP.Melondrea
http://nicolascoolman.webs.com/apps/blog/show/34778910-adware-scripthost =>Adware.ScriptHost
http://nicolascoolman.webs.com/apps/blog/show/40528410-pup-nextlive =>PUP.NextLive
http://nicolascoolman.webs.com/apps/blog/show/31042964-pup-appbario =>PUP.AppBario
http://nicolascoolman.webs.com/apps/blog/show/28606910-pup-offerbox =>PUP.OfferBox
http://nicolascoolman.webs.com/apps/blog/show/27672211-pup-v9software =>PUP.V9Software
http://nicolascoolman.webs.com/apps/blog/show/30392620-pup-vafplayer =>PUP.VAFPlayer
http://nicolascoolman.webs.com/apps/blog/show/30167532-pup-televisionfanatic =>PUP.TelevisionFanatic
http://nicolascoolman.webs.com/apps/blog/show/32363262-adware-browsefox =>Adware.BrowseFox
http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ MSI: 22 link(s) detected in 00mn 00s



~ 1009 Legitimates filtered by white list
End of the scan (636 lines in 02mn 01s)(0)
0
Utilisateur anonyme
9 avril 2014 à 21:56 
je suis vraiment confuse d'avoir fait le copier coller en suivant, je m'étais fiée aux forums et n'avait pas eu l'ombre d'un doute. visiblement j'ai eu de la chance
Oh que oui t'as eu de la chance, c'est pour montrer qu'il faut pas utiliser un outil dont on ne connait pas les actions qu'il fait sur le système.
Bonne continuation.
0
Réponse 4 / 4
lilidurhone Messages postés 43343 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 18 septembre 2023 3 805
9 avril 2014 à 20:57
Tu as dû installer des logiciels potentiellement indésirables


Pour éviter ce genre de problème :

- Ne télécharge aucun programme proposé dans des publicités ou sur des sites suspects. A noter que certains sites connus comme O1net, Softronic, Tuto4PC, etc modifient parfois les programmes proposés au téléchargement pour y ajouter des logiciels publicitaires ==> Préfère toujours le téléchargement directement sur le site de l'éditeur.


- Au cours de l'installation d'un programme gratuit, lis bien attentivement et décoche tous les programmes additionnels qui sont proposés, en particulier les barres d'outils.

Pour ton information lis ces dossier sur les Programmes Potentiellement Indésirables et Les Barres d'Outils ce n'est pas obligatoires

* Télécharge cet outil simple d'utilisation

http://general-changelog-team.fr/fr/downloads/viewdownload/20-outils-de-xplode/2-adwcleaner (de Xplode) sur ton bureau.


* Si problème avec le 1er lien prends le ici https://www.commentcamarche.net/telecharger/securite/2759-adwcleaner/

* Lance le (Sous vista/seven/8 clic droit dessus,et sur exécuter en tant qu'administrateur)si tu es sous xp double cliques dessus

* Cliques sur scanner
* Poste le rapport de recherche C:\Adwcleaner[R]

* Note le rapport de recherche est également sauvegardé sous C:\Adwcleaner[R1]

0

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses
impossible d'afficher le tableau dynamique sur un rapport existant
Pierre -
Adrien71 -

3 réponses
1fichier.com et bloqueur de pub
anthea1309 -
Patoche12 -

60 réponses
Nettoyer une base de données avec une liste
TOT127 -
TOT127 -

11 réponses