Sujet Précédent Sujet Suivant

Lenteur accablante de mon ordinateur

Fermé
flavie_le Messages postés 54 Date d'inscription lundi 7 février 2011 Statut Membre Dernière intervention 15 novembre 2014 - 14 nov. 2014 à 23:21
 Utilisateur anonyme - 15 nov. 2014 à 20:43
Bonsoir tout le monde,

Ma demande n'aura sûrement pas beaucoup de fantaisie par rapport à tout ce que vous pouvez lire, mais mon ordinateur est hyper lent, de plus des publicités intempestives apparaissent sans arrêt. Quand j'essaye de faire une recherche sur Google Chrome j'ai un message qui me dit que j'ai un problème de Proxy, mais quand dans la barre de recherche je tape Yahoo, la page de Yahoo s'affiche.

Je suppose que mon ordinateur est bourré de virus ?

Qui aurait la gentillesse de m'aider à m'en débarrasser et m'aider à mieux le protéger ?

Merci à vous tous.
A voir également:

19 réponses

Réponse 1 / 19
Utilisateur anonyme
14 nov. 2014 à 23:22
Bonsoir

Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.
Si ce lien est injoignable utilise celui-ci: http://www.bleepingcomputer.com/download/adwcleaner/dl/125/

Lance le, clique sur [Scanner] puis patiente le temps du scan.
Une fois le scan terminé clique sur le bouton [Nettoyer]
Patiente durant le nettoyage. Lis le message qui apparaît, puis clique sur Ok . Le PC va être redémarré automatiquement et le rapport s'ouvrira à la fin du redémarrage.
Poste le rapport

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt

A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/

@+
0
Réponse 2 / 19
flavie_le Messages postés 54 Date d'inscription lundi 7 février 2011 Statut Membre Dernière intervention 15 novembre 2014
14 nov. 2014 à 23:25
D'accord, je lance ça maintenant.

Merci beaucoup.
0
Réponse 3 / 19
flavie_le Messages postés 54 Date d'inscription lundi 7 février 2011 Statut Membre Dernière intervention 15 novembre 2014
14 nov. 2014 à 23:53
Voilà le rapport.

# AdwCleaner v4.101 - Rapport créé le 14/11/2014 à 23:40:25
# Mis à jour le 09/11/2014 par Xplode
# Database : 2014-11-13.1 [Live]
# Système d'exploitation : Windows 8 (64 bits)
# Nom d'utilisateur : Flavie - FLAVIE
# Exécuté depuis : C:\Users\Flavie\Downloads\adwcleaner_4.101.exe
# Option : Nettoyer

***** [ Services ] *****

Service Supprimé : MaintainerSvc1.20.7247763
[#] Service Supprimé : Update AdvanceElite
[#] Service Supprimé : Util AdvanceElite
Service Supprimé : {00aec75d-051f-41a9-9837-e94ac4f56303}w64
Service Supprimé : {32c6b9d7-6b2c-4b03-9178-01abbf9c7194}w64
Service Supprimé : {3fa44d1f-c300-4673-a8c1-5ba05468b4bd}w64
Service Supprimé : {51b9c91c-8e38-40ae-80de-58a590512b6b}w64
Service Supprimé : {5d78e0ee-ca60-46a4-9492-4f24429cc925}w64
Service Supprimé : {bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gw64
Service Supprimé : {fce396ae-d8d1-4789-946e-2106fbe4292b}w64

***** [ Fichiers / Dossiers ] *****

Dossier Supprimé : C:\ProgramData\d2446020-ddff-402b-b064-199d2ce66b2b
[!] Dossier Supprimé : C:\Program Files (x86)\AdvanceElite
[!] Dossier Supprimé : C:\Program Files (x86)\AdvanceElite
Dossier Supprimé : C:\Users\Flavie\AppData\Local\Temp\AdvanceElite
Dossier Supprimé : C:\Users\Flavie\AppData\Roaming\cacaoweb
Dossier Supprimé : C:\Users\Flavie\AppData\Roaming\Systweak
Dossier Supprimé : C:\Users\Flavie\AppData\Roaming\wp_update
Dossier Supprimé : C:\Users\Flavie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbadcnkcgcfgpbmcdleckpejgopimf
Dossier Supprimé : C:\Users\Flavie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkbbmldjcnhopjhpifcocnmkooiadpbb
Fichier Supprimé : C:\Windows\System32\roboot64.exe
Fichier Supprimé : C:\Windows\System32\\drivers\{00aec75d-051f-41a9-9837-e94ac4f56303}w64.sys
Fichier Supprimé : C:\Windows\System32\\drivers\{32c6b9d7-6b2c-4b03-9178-01abbf9c7194}w64.sys
Fichier Supprimé : C:\Windows\System32\\drivers\{3fa44d1f-c300-4673-a8c1-5ba05468b4bd}w64.sys
Fichier Supprimé : C:\Windows\System32\\drivers\{51b9c91c-8e38-40ae-80de-58a590512b6b}w64.sys
Fichier Supprimé : C:\Windows\System32\\drivers\{5d78e0ee-ca60-46a4-9492-4f24429cc925}w64.sys
Fichier Supprimé : C:\Windows\System32\\drivers\{bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gw64.sys
Fichier Supprimé : C:\Windows\System32\\drivers\{fce396ae-d8d1-4789-946e-2106fbe4292b}w64.sys
Fichier Supprimé : C:\Users\Flavie\AppData\Roaming\Bubble Dock.installation.log
Fichier Supprimé : C:\Users\Flavie\AppData\Roaming\~smtmjop.exe
Fichier Supprimé : C:\Users\Flavie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Fichier Supprimé : C:\Users\Flavie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Fichier Supprimé : C:\Users\Flavie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jpmbfleldcgkldadpdinhjjopdfpjfjp_0.localstorage-journal
Fichier Supprimé : C:\Users\Flavie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jpmbfleldcgkldadpdinhjjopdfpjfjp_0.localstorage

***** [ Tâches planifiées ] *****

Tâche Supprimée : ASP
Tâche Supprimée : EPUpdater
Tâche Supprimée : SoftwareUpdateTaskMachineCore
Tâche Supprimée : SoftwareUpdateTaskMachineUA
Tâche Supprimée : wp_update

***** [ Raccourcis ] *****


***** [ Registre ] *****

Valeur Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [cacaoweb]
Clé Supprimée : HKLM\SOFTWARE\Classes\Software.OneClickCtrl.9
Clé Supprimée : HKLM\SOFTWARE\Classes\Software.OneClickProcessLauncherMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\Software.OneClickProcessLauncherMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\Software.Update3WebControl.3
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoCreateAsync
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoCreateAsync.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreMachineClass
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreMachineClass.1
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CredentialDialogMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CredentialDialogMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachineFallback
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachineFallback.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.ProcessLauncher
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.ProcessLauncher.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3WebMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3WebMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3WebMachineFallback
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3WebMachineFallback.1.0
Clé Supprimée : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update AdvanceElite
Clé Supprimée : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util AdvanceElite
Clé Supprimée : HKEY_USERS\.DEFAULT\Software\Microsoft\.NETFramework\SQM\Apps\updateAdvanceElite.exe
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{08230486-CBAF-4000-8036-447C3852D034}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{13809C03-DE3B-47E5-96A3-2D8F83693A50}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3B96B5D3-4A8D-42DC-9CDE-E9B94B3CFE5D}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3D976BD4-0B6A-4757-9D2B-65AA20F4B4EA}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{413002E0-930D-4EF9-9803-FC4B3EA4181E}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{76894207-241A-473B-B111-FAA75608F1D9}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{7A7C8DA9-8660-460D-849F-01619B91C03F}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{ACCC747B-2A59-4F30-BA7C-D26333DE65F5}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AE2506E3-0F75-44EE-B552-CFF3BFF4D50F}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{B6CD3C31-ABF4-4C7A-8CB7-29960BC7017C}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C24C3824-63D8-42CD-BB5A-77631072FDB2}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{EB41B92A-3A76-4237-9E6B-A5DDC2EAA771}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{F9A8326E-9C90-4BF2-ACC7-D0883D16AA82}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3B2CB4C8-72AB-4B25-8FA1-219B36A60BED}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{9303da31-7a21-45fd-bd61-03ea56853012}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3B2CB4C8-72AB-4B25-8FA1-219B36A60BED}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3B96B5D3-4A8D-42DC-9CDE-E9B94B3CFE5D}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ACCC747B-2A59-4F30-BA7C-D26333DE65F5}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3B96B5D3-4A8D-42DC-9CDE-E9B94B3CFE5D}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D976BD4-0B6A-4757-9D2B-65AA20F4B4EA}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ACCC747B-2A59-4F30-BA7C-D26333DE65F5}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Clé Supprimée : HKCU\Software\cacaoweb
Clé Supprimée : HKCU\Software\Conduit_Search_Protect
Clé Supprimée : HKCU\Software\InstallCore
Clé Supprimée : HKCU\Software\systweak
Clé Supprimée : HKCU\Software\advanceelite
Clé Supprimée : HKLM\SOFTWARE\SweetIM
Clé Supprimée : HKLM\SOFTWARE\systweak
Clé Supprimée : HKLM\SOFTWARE\advanceelite
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ac225167-00fc-452d-94c5-bb93600e7d9a}
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\advanceelite
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0124B064795BB484FA494FC7CF204C0C
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\01F8E7504D2D2644AB1185234D2AD5AC
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\04CDEDFDD6EF25443B78A49D1FE5B4F2
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\058911EBC07BAAE42B102E3F4B0D070D
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\05CE306CC244D284D8D8090E404CD7D3
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\089527E77AD22E345B0066D226E44F46
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0BD0B15D6F0C2BF428B339B2D2D732C9
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0C1AAA506D92B2D44BD6FEF6CDFB71E1
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CAEC9AFF1716FF4DBACEED82F88C702
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0DD4444CBC682774C8E573CC73C5BC46
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0F68250201451D64EA71E91BA19832DC
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\126FFC99A0F214F41AE2D6C7A0FC09BF
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12F72EF2521177A4BB467FF35A881382
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\14873772FE3926F4195C9280D52D3486
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\14CF11D787D40BF458A3B5CB123733CE
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\163A5460E4FB18343B4C0B781B27E813
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1705977FCB2F22F4D8A9AB847C3FB9CE
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\19F133B6A0BA9B14493CE47703DF4CF3
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1C735C7A54F53574CA5AEA93D0D1F01E
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1CE2260B068265A488410CA171D93778
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DF1DD2609A2135479C19D72E41B64AA
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1F72D9058D0863E4F8EB9FE6E980C385
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2217D47FAFB0AC547820199B3A026CFB
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22C5FD2815F5C7C4DB5F34F504BF9D96
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26CF57FC035624845B9005289DFA1448
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2719056FB4CDD294887140382819FFF7
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2956CB28F45AAF746998774B3C9FF012
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2AD5E582EBA9ED54989A134D9250922B
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BB672F8D2CA64146B6688371E75C986
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2EA450B923F9C4D4BBEB203648FBFFDC
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2ECA942EFDBD22B4EBB7FE3AB9EDDBDD
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F055C41FDCA50A43BE42A96D243AD47
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F4EE319A22490145BC4AEBC53B616CA
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\31E430E345D85D54CA33BC88AEFDB9D8
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\358096DA35E67B5479C2E880DF0C10C1
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\37345F678B330594E9E4AC16908F78CF
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38641BF101151094F86DD62B534BDEC4
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38762340C83E6764B87807B67154F5A4
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3984BAF27BDA0DC4D8AED19FCB64BD7D
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3D82200490995CE42AB754DCD90AC44D
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3E9F0E4315A35D741873885200C6A454
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3F261C3E5AD56E54598E24B106813C7E
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\40D753328E77EE842A82631EED62CEC5
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\40FDEFB25883CF140B9B5F89CB7E2871
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\412179CD2126BB34CAE51691856A3D68
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43218F63264345445A73071C174FEEE8
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\439E8A02B7736CA488EECE28D7EE961A
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\456D8CED0106E1649AE5CBD8082AC705
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\459277E8A0EE8894F9D7F807DF90506A
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\463372A470C576443AE8802B1AC61D89
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\48F13E425ECD5F243A8A82AA2B65336D
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B6F3AD0EE690D2478C7D0528AADF8C4
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4BB9D431259E08A499469636383B9935
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4D3B0714BC82B2340AB18C031262573D
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4D5809867D6C1D14180511D3AAD03F79
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4DB13DED48DC4494C90DE800D31B086C
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\52C608FC2A61CCE479768A9719CABF7B
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\56861F0CE995D0E45835F5D31E105D54
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\58E44D082625757499995F9516313A9C
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5A52F724764B00747A637F14FBBBB830
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5B19839CB98BB914BA43E863BBE11B4E
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\613DCE6E373581A40B6C88D4F7C09096
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6292C097F9759424BAFA3E32CD3DD562
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\62C171206461ED34885A4AE095F4A7AC
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\63E9F48D88AA940498502E29E3747471
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\64747EAAAE2BA5141AEBCF4F6651A144
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6494B0B34076D6248B6E5F42E3252AD0
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6495111F730311440BBC3AAAF3B8C7AC
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\65273BD75ADFA9146A0950469941299A
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6543EA2E8E729CF4789BCD7361D58C03
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\658DABBCADB609E429A6769C46FAADD0
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\67A614CC45D7C5845BE2184211CC8F9C
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B6581D2CF6BB444D8ACBF79E3AF425B
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C0DB201BFD71284CB8CA279446863E8
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6EA4E994723ECC940AE01A2507673199
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F2331E07AF9B414DB15E2E7BAB7F880
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F3E6739E6CECC64D9B7E5D24CF60746
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\73268B3F6C2206C4BAF14E3C5B4BC494
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\73D229597C7281E409FDEB3079E30E5A
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75A49DF39158638428A0F7797D4CD1E6
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D223AE12684124794DD7D3FB067886
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76937F723CDCAB547A9791D60867A5B5
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\78AD011E92C0B7D4A86E41451EC7A0F0
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\79080E81959ECB54E9E7B3C67AE5781A
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7A8B37070412F4D47895AA40EFC2E39A
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7F84DAA817EC0AB409DFE802184D5B09
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\82F14F44AA63A5945A2E960EF018794E
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\831071FAC16E2DA4682F55E0B0DE6979
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\83D0F8F1641145A42B26F71D534E9A34
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\84072C174C7F25148BFB33ADE8C704E1
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\872C7B3D2887D4E4EBF645D7AB9374D1
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8C00987A23C36B145AB60EE274936EB3
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D736B12592E2E94094267BC5B7AA7EB
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8F3E0221A8351144BB04AEF5266143CB
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\90E77522D1656DA4DABC673942243B44
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\920219BD6C542544893D7ECFCB5E2B6B
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\939840D09446FFF459FA6CB4F03C38BE
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9459BDD3A7C686345A9B7A1AD1CC6BE4
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\95AC1A94BAFFE3D41B23B2097BA8B190
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\983EBB458AA802846BBC74D26C3209C8
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98A0180804723E24AAA941C0B046363D
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\990A25796B2949842BACA56514B7316A
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\999D63C685BF046489CA3126029FE837
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9AC4C1465926D52478BEC6D3DB946DD7
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9CF7625ADC5FCFE43AD003DCC16B49CB
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A2D54AC8D24E8F94ABBB993A69EF13EC
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A357C02D064283D41978AFEEE1A48E0F
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A4022CA9531268145AD6F8FD7F4F01DC
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5CDCC279604D6746A7DA9ED701BF41F
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6F4FE9AC6F165A4EAA8F90CE891C0DA
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A960AC53CA238044A820A3B63D4536CA
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AA3077BB9E4617440AF467D91146A8C4
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AAC05EAA51DC78A41A1DCE3B31038584
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AD7957C966A13904EA466152B29EA9AF
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B13C910C1D6376A4BB2BDB9585253923
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B1B5689BAD89AFD448923B5051E5BB50
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B2CE0F97DFABDE446811F33E7273BFE2
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B445461D74829AF4C8EF6C00B2861EF0
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4D011D14FD2DB74A9090EA633C0B98E
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B551BEBCA0334AA40978C2137FD21AB2
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B877893A942DC524580C7B45547FCBC8
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC651C0803618C44DA6F1DDD51AF35BF
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BDE5B9F2A520B674BBB1BEAE5F5D51B8
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEE85C3D8F4816D4A9E5F4EAA4D80A2A
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BFD48F71CCCEC97489147D4E852D3F6F
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C05694CDCD2DD724F90F13A20E67EC7C
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C42065D3060DD4648A38882BEA92941E
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C5F606FB1152E344981B09071C472211
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C77B53875F388AA4AA076F6F9D099011
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C85EA06E73FF0A240B4C287EE0D9521D
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA30DE5A0DE293D4AA3BF5E13322823A
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA9ADF25A98C8074FA4CBBA3ED29FEFA
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCE886225BDEB6C43868B0AEDB036B02
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CDD11BF4B1CAA584695EFBC611438213
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE1CCF5CABA1395409D54586592B319E
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE7392F9B9A81FA4EA952625BD5534FE
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D12B7976E5CA7C34D932C1A8A1BF61C8
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D91D500D43BD91A44B02BDBE41E0523F
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DA2710A9158C6584C9677EB954F3AC97
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DCF07B57C9DC38E419CF122EA180585E
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD2E1A561C7F1294BB3996EE77F6BBEE
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF14E9E130504B745A2AC47EF6145D24
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF7A4CDE9ED9CD7479FF74F35FA4149E
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE39849AF921D045B613CD5852C76A6
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E03EC5B80A22A7D4C92AB528A3D323E8
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1B9E95AA2730744AB926911484F8AD5
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E3436415FB2833843B9EE970079A87C0
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E3BBB86ACE9686A4281227D5F7EE95AE
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E6B40E8EBBC3CD445BD2FC7D8FDCCFEC
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E77C3F952C1F0354FAFADB6B080ACCF7
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E84382A588F214C4C89C3DB758EA6AD6
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E89B10C102BBEF941A920EE2269747C0
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E9D73D5153C19FD48B6E10CB7E8572CE
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EBAFF392ACA75ED4CA30BF821C1AE267
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ECFC746582988774684DB5D8D95F674D
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EECC799BFA63E6146A81EAAA53540EDE
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F1547261AA1C98C48B0ECDBC767C76CE
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F1BDB464DE2D33547BB31C1B35D9C337
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F29CFDBF9B20AB8448A1BD73A3FE863F
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F5F8D8368E8CAE84188DE44DAF8C10F9
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FAB510A06C6F4B24AAD055CE6EEA27CD
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\ADF563E0F909939438A862D14D868D26
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SoftwareUpdate.exe

***** [ Navigateurs ] *****

-\\ Internet Explorer v10.0.9200.17116


-\\ Google Chrome v37.0.2062.124


*************************

AdwCleaner[R0].txt - [17725 octets] - [20/05/2014 18:37:55]
AdwCleaner[R1].txt - [33514 octets] - [14/11/2014 23:33:18]
AdwCleaner[S0].txt - [16699 octets] - [20/05/2014 18:39:50]
AdwCleaner[S1].txt - [32018 octets] - [14/11/2014 23:40:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [32079 octets] ##########
0
Réponse 4 / 19
Utilisateur anonyme
14 nov. 2014 à 23:56
Re

Pour de plus amples informations, fait ceci stp

Ouvre ce lien et télécharge ZHPDiag de Nicolas Coolman :

https://nicolascoolman.eu

Ou

https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/



Une fois le téléchargement achevé,

Double-clique sur l'icône pour lancer le programme. Sous Vista ; Seven ou Windows 8 clic droit « exécuter en tant que administrateur »


Dans la fenêtre ZHPDiag qui vient de s'ouvrir, clique sur "Complet"


Laisse l'outil travailler, il peut être assez long.

Un rapport s'ouvre. Ce rapport se trouve également sur ton bureau

Pour transmettre le rapport clique sur ce lien:
http://pjjoint.malekal.com/

Si problème utilise un des suivants

https://forums-fec.be/upload
https://www.cjoint.com/


Regarde sur le bureau

Sélectionne le fichier ZHPDiag.txt.

Clique sur "Cliquez ici pour déposer le fichier".

Un lien de cette forme :

http://www.cijoint.com/cjlink.php?file=cj200905/cijSKAP5fU.txt

est ajouté dans la page.

Copie ce lien dans ta réponse.

Merci

@+
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 19
flavie_le Messages postés 54 Date d'inscription lundi 7 février 2011 Statut Membre Dernière intervention 15 novembre 2014
15 nov. 2014 à 00:23
Voilà le 2ème rapport

~ ZHPCleaner v2014.11.14.224 by Nicolas Coolman (14/11/2014)
~ Run by Flavie (Administrator) (15/11/2014 00:06:52)
~ Forum : https://nicolascoolman.eu
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Scanner
~ Report : C:\Users\Flavie\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Flavie\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Windows 8, 64-bit (Build 9200)


---\\ Service. (0)
~ Aucun élément malicieux trouvé.


---\\ Navigateur internet. (2)
TROUVÉ Desktop: C:\Users\Public\Desktop\Photos Snapfish.lnk (http://www.snapfish.com/hp_notebook_desktopicon_20[...])
TROUVÉ IE Params: Start Page ( hxxp://rts.dsrlte.com?affID=na )


---\\ Fichier hôte. (1)
~ Le fichier hôte est légitime. (21)


---\\ Tâche planifiée. (2)
TROUVÉ: [Yahoo! Search] (PUP.PaybyAds)
TROUVÉ: [Yahoo! Search Updater] (PUP.PaybyAds)


---\\ Explorateur ( Dossiers, Fichiers ). (50)
TROUVÉ: C:\Users\Flavie\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.15.4\dsrlte.exe [Pay By Ads LTD - ] (PUP.PaybyAds)
TROUVÉ: [Yahoo! Search] [Pay By Ads LTD - ] C:\Users\Flavie\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.15.4\dsrlte.exe (PUP.PaybyAds)
TROUVÉ: [Yahoo! Search Updater] [Pay By Ads LTD - ] C:\Users\Flavie\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.15.4\dsrsetup.exe (PUP.PaybyAds)
TROUVÉ: C:\Program Files (x86)\AdvanceElite (PUP.AdvanceElite)
TROUVÉ: C:\Program Files (x86)\AdvanceElite\bin [ - ] (PUP.AdvanceElite)
TROUVÉ: C:\Program Files (x86)\Savevid (Adware.Bandoo)
TROUVÉ: C:\Program Files (x86)\Savevid\Helper.dll [ - ] (Adware.Bandoo)
TROUVÉ: C:\Program Files (x86)\Savevid\log.log [ - ] (Adware.Bandoo)
TROUVÉ: C:\Program Files (x86)\Savevid\SavevidActiveX.dll [Bandoo Media Inc. - Savevid IE Plugin] (Adware.Bandoo)
TROUVÉ: C:\Program Files (x86)\Savevid\SavevidChrome.crx [ - ] (Adware.Bandoo)
TROUVÉ: C:\Program Files (x86)\Savevid\SavevidPluginCore.exe [Bandoo Media Inc. - Savevid Plugin Core] (Adware.Bandoo)
TROUVÉ: C:\Program Files (x86)\Savevid\Uninstall.exe [Bandoo Media Inc - Savevid - Uninstall] (Adware.Bandoo)
TROUVÉ: C:\Users\Flavie\AppData\Local\Pay-By-Ads (PUP.PaybyAds)
TROUVÉ: C:\Users\Flavie\AppData\Local\Pay-By-Ads\Yahoo! Search [ - ] (PUP.PaybyAds)
TROUVÉ: C:\Windows\Prefetch\ADVANCEELITE.BOAS.EXE-785B61BD.pf (PUP.AdvanceElite)
TROUVÉ: C:\Windows\Prefetch\ADVANCEELITE.BOASHELPER.EXE-5E38F425.pf (PUP.AdvanceElite)
TROUVÉ: C:\Windows\Prefetch\ADVANCEELITE.BOASPRT.EXE-E35B05A3.pf (PUP.AdvanceElite)
TROUVÉ: C:\Windows\Prefetch\ADVANCEELITE.BROWSERADAPTER.E-D453165D.pf (PUP.AdvanceElite)
TROUVÉ: C:\Windows\Prefetch\ADVANCEELITE.BROWSERADAPTER64-38D2F66F.pf (PUP.AdvanceElite)
TROUVÉ: C:\Windows\Prefetch\ADVANCEELITE.BRT.HELPER.EXE-AD171DA2.pf (PUP.AdvanceElite)
TROUVÉ: C:\Windows\Prefetch\ADVANCEELITE.OFSVC.EXE-30572B41.pf (PUP.AdvanceElite)
TROUVÉ: C:\Windows\Prefetch\ADVANCEELITE.PURBROWSE64.EXE-6E3A7713.pf (PUP.AdvanceElite)
TROUVÉ: C:\Windows\Prefetch\BUBBLE DOCK BSETUP.EXE-4F021151.pf (PUP.BubbleDock)
TROUVÉ: C:\Windows\Prefetch\CACAOWEB.EXE-9A1ABB9C.pf (PUP.CacaoWeb)
TROUVÉ: C:\Windows\Prefetch\ILIVIDSETUP-R362-N-BC.EXE-172A5606.pf (Adware.Bandoo)
TROUVÉ: C:\Windows\Prefetch\SAVEVIDSETUP-R0-N-BC.EXE-20F4317C.pf (Adware.Bandoo)
TROUVÉ: C:\Windows\Prefetch\UNINSTALL BUBBLE DOCK.EXE-47292DB7.pf (PUP.BubbleDock)
TROUVÉ: C:\Windows\Prefetch\UNINSTALL BUBBLE DOCK.EXE-5D1F0583.pf (PUP.BubbleDock)
TROUVÉ: C:\Windows\Prefetch\UPDATEADVANCEELITE.EXE-38225E14.pf (PUP.AdvanceElite)
TROUVÉ: C:\Windows\Prefetch\UTILADVANCEELITE.EXE-C1A78ACC.pf (PUP.AdvanceElite)
TROUVÉ: C:\Windows\Prefetch\WAJAM_DOWNLOAD.EXE-46EBE08E.pf (PUP.Wajam)
TROUVÉ: C:\Windows\Prefetch\WAJAM_INSTALL.EXE-D8D6774A.pf (PUP.Wajam)
TROUVÉ: C:\Users\Flavie\Downloads\alloplayer (1).exe (PUP.Alloplayer)
TROUVÉ: C:\Users\Flavie\Downloads\alloplayer (2).exe (PUP.Alloplayer)
TROUVÉ: C:\Users\Flavie\Downloads\alloplayer (3).exe (PUP.Alloplayer)
TROUVÉ: C:\Users\Flavie\Downloads\alloplayer.exe (PUP.Alloplayer)
TROUVÉ: C:\Users\Flavie\Downloads\cacaoweb (2).exe (PUP.CacaoWeb)
TROUVÉ: C:\Users\Flavie\Downloads\iLividSetup-r362-n-bc.exe (Adware.Bandoo)
TROUVÉ: C:\Users\Flavie\Downloads\SavevidSetup-r0-n-bc.exe (Adware.Bandoo)
TROUVÉ: C:\Users\Flavie\Downloads\SoftonicDownloader_pour_myspeed.exe (PUP.Softonic)
TROUVÉ: C:\Users\Flavie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_api.advanceelite.com_0.localstorage (PUP.AdvanceElite)
TROUVÉ: C:\Users\Flavie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_api.advanceelite.com_0.localstorage-journal (PUP.AdvanceElite)
TROUVÉ: C:\Users\Flavie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage (PUP.AkamaiHD)
TROUVÉ: C:\Users\Flavie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage-journal (PUP.AkamaiHD)
TROUVÉ: C:\Users\Flavie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage (PUP.SpecialSavings)
TROUVÉ: C:\Users\Flavie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal (PUP.SpecialSavings)
TROUVÉ: C:\Users\Flavie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_forum.telecharger.01net.com_0.localstorage (Toolbar.Conduit)
TROUVÉ: C:\Users\Flavie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_forum.telecharger.01net.com_0.localstorage-journal (Toolbar.Conduit)
TROUVÉ: C:\Users\Flavie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.01net.com_0.localstorage (Toolbar.Conduit)
TROUVÉ: C:\Users\Flavie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.01net.com_0.localstorage-journal (Toolbar.Conduit)


---\\ Base de Registres ( Clés, Valeurs, Données ). (14)
TROUVÉ RUN: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Yahoo! Search [C:\Users\Flavie\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.15.4\dsrlte.exe] (PUP.PaybyAds)
TROUVÉ: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465} [ShopperReports.dll] (Adware.ShopperReports)
TROUVÉ: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754} [ShoppingReport.dll] (Adware.ShoppingReport)
TROUVÉ: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B} [BabylonToolbar.dll] (PUP.Babylon)
TROUVÉ: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} [BabylonToolbar.dll] (PUP.Babylon)
TROUVÉ: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC} [BabylonToolbarTlbr.dll] (PUP.Babylon)
TROUVÉ: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} [ShoppingReport.dll] (Adware.ShoppingReport)
TROUVÉ: HKCR\TypeLib\{587604F0-C55C-4F3F-8339-D634E878828E} [Savevid Plugin Core 1.0 Type Library] (Adware.Bandoo)
TROUVÉ: HKCR\SoftwareUpdate.OnDemandCOMClassSvc (Adware.Boxore)
TROUVÉ: HKCR\SoftwareUpdate.OnDemandCOMClassSvc.1.0 (Adware.Boxore)
TROUVÉ: HKCR\SoftwareUpdate.Update3COMClassService (Adware.Boxore)
TROUVÉ: HKCR\SoftwareUpdate.Update3COMClassService.1.0 (Adware.Boxore)
TROUVÉ: HKCR\SoftwareUpdate.Update3WebSvc (Adware.Boxore)
TROUVÉ: HKCR\SoftwareUpdate.Update3WebSvc.1.0 (Adware.Boxore)



---\\ Bilan de la réparation
~ Aucune réparation effectuée.
~ Ce navigateur est absent (Mozilla Firefox)
~ Ce navigateur est absent (Opera Software)


End of clean at 00:19:29
0
Réponse 6 / 19
flavie_le Messages postés 54 Date d'inscription lundi 7 février 2011 Statut Membre Dernière intervention 15 novembre 2014
15 nov. 2014 à 00:37
Et voila le rapport après la réparation

~ ZHPCleaner v2014.11.14.224 by Nicolas Coolman (14/11/2014)
~ Run by Flavie (Administrator) (15/11/2014 00:20:15)
~ Forum : https://nicolascoolman.eu
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Réparer
~ Report : C:\Users\Flavie\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Flavie\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Windows 8, 64-bit (Build 9200)


---\\ Service. (0)
~ Aucun élément malicieux trouvé.


---\\ Navigateur internet. (2)
REMPLACÉ Desktop: C:\Users\Public\Desktop\Photos Snapfish.lnk (http://www.snapfish.com/hp_notebook_desktopicon_20[...])
REMPLACÉ IE Params: Start Page ( hxxp://rts.dsrlte.com?affID=na )


---\\ Fichier hôte. (1)
~ Le fichier hôte est légitime. (21)


---\\ Tâche planifiée. (4)
TROUVÉ: [Yahoo! Search] (PUP.PaybyAds)
TROUVÉ: [Yahoo! Search Updater] (PUP.PaybyAds)
SUPPRIMÉ: [Yahoo! Search] [Orphean] (PUP.PaybyAds)
SUPPRIMÉ: [Yahoo! Search Updater] (PUP.PaybyAds)


---\\ Explorateur ( Dossiers, Fichiers ). (47)
DEPLACÉ: C:\Users\Flavie\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.15.4\dsrlte.exe [ - ] (PUP.PaybyAds)
SUPPRIMÉ: [Yahoo! Search Updater] [ - ] C:\Users\Flavie\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.15.4\dsrsetup.exe (PUP.PaybyAds)
DEPLACÉ: C:\Program Files (x86)\AdvanceElite (PUP.AdvanceElite)
DEPLACÉ: C:\Program Files (x86)\AdvanceElite\bin [ - ] (PUP.AdvanceElite)
DEPLACÉ: C:\Program Files (x86)\Savevid (Adware.Bandoo)
DEPLACÉ: C:\Program Files (x86)\Savevid\Helper.dll [ - ] (Adware.Bandoo)
DEPLACÉ: C:\Program Files (x86)\Savevid\log.log [ - ] (Adware.Bandoo)
DEPLACÉ: C:\Program Files (x86)\Savevid\SavevidActiveX.dll [ - ] (Adware.Bandoo)
DEPLACÉ: C:\Program Files (x86)\Savevid\SavevidChrome.crx [ - ] (Adware.Bandoo)
DEPLACÉ: C:\Program Files (x86)\Savevid\SavevidPluginCore.exe [ - ] (Adware.Bandoo)
DEPLACÉ: C:\Program Files (x86)\Savevid\Uninstall.exe [ - ] (Adware.Bandoo)
DEPLACÉ: C:\Windows\Prefetch\ADVANCEELITE.BOAS.EXE-785B61BD.pf[] (PUP.AdvanceElite)
DEPLACÉ: C:\Windows\Prefetch\ADVANCEELITE.BOASHELPER.EXE-5E38F425.pf[] (PUP.AdvanceElite)
DEPLACÉ: C:\Windows\Prefetch\ADVANCEELITE.BOASPRT.EXE-E35B05A3.pf[] (PUP.AdvanceElite)
DEPLACÉ: C:\Windows\Prefetch\ADVANCEELITE.BROWSERADAPTER.E-D453165D.pf[] (PUP.AdvanceElite)
DEPLACÉ: C:\Windows\Prefetch\ADVANCEELITE.BROWSERADAPTER64-38D2F66F.pf[] (PUP.AdvanceElite)
DEPLACÉ: C:\Windows\Prefetch\ADVANCEELITE.BRT.HELPER.EXE-AD171DA2.pf[] (PUP.AdvanceElite)
DEPLACÉ: C:\Windows\Prefetch\ADVANCEELITE.OFSVC.EXE-30572B41.pf[] (PUP.AdvanceElite)
DEPLACÉ: C:\Windows\Prefetch\ADVANCEELITE.PURBROWSE64.EXE-6E3A7713.pf[] (PUP.AdvanceElite)
DEPLACÉ: C:\Windows\Prefetch\BUBBLE DOCK BSETUP.EXE-4F021151.pf[] (PUP.BubbleDock)
DEPLACÉ: C:\Windows\Prefetch\CACAOWEB.EXE-9A1ABB9C.pf[] (PUP.CacaoWeb)
DEPLACÉ: C:\Windows\Prefetch\ILIVIDSETUP-R362-N-BC.EXE-172A5606.pf[] (Adware.Bandoo)
DEPLACÉ: C:\Windows\Prefetch\SAVEVIDSETUP-R0-N-BC.EXE-20F4317C.pf[] (Adware.Bandoo)
DEPLACÉ: C:\Windows\Prefetch\UNINSTALL BUBBLE DOCK.EXE-47292DB7.pf[] (PUP.BubbleDock)
DEPLACÉ: C:\Windows\Prefetch\UNINSTALL BUBBLE DOCK.EXE-5D1F0583.pf[] (PUP.BubbleDock)
DEPLACÉ: C:\Windows\Prefetch\UPDATEADVANCEELITE.EXE-38225E14.pf[] (PUP.AdvanceElite)
DEPLACÉ: C:\Windows\Prefetch\UTILADVANCEELITE.EXE-C1A78ACC.pf[] (PUP.AdvanceElite)
DEPLACÉ: C:\Windows\Prefetch\WAJAM_DOWNLOAD.EXE-46EBE08E.pf[] (PUP.Wajam)
DEPLACÉ: C:\Windows\Prefetch\WAJAM_INSTALL.EXE-D8D6774A.pf[] (PUP.Wajam)
DEPLACÉ: C:\Users\Flavie\Downloads\alloplayer (1).exe[©1999-2013 Jonathan Bennett & AutoIt Team] (PUP.Alloplayer)
DEPLACÉ: C:\Users\Flavie\Downloads\alloplayer (2).exe[©1999-2013 Jonathan Bennett & AutoIt Team] (PUP.Alloplayer)
DEPLACÉ: C:\Users\Flavie\Downloads\alloplayer (3).exe[©1999-2013 Jonathan Bennett & AutoIt Team] (PUP.Alloplayer)
DEPLACÉ: C:\Users\Flavie\Downloads\alloplayer.exe[©1999-2013 Jonathan Bennett & AutoIt Team] (PUP.Alloplayer)
DEPLACÉ: C:\Users\Flavie\Downloads\cacaoweb (2).exe[] (PUP.CacaoWeb)
DEPLACÉ: C:\Users\Flavie\Downloads\iLividSetup-r362-n-bc.exe[Bandoo Media Inc] (Adware.Bandoo)
DEPLACÉ: C:\Users\Flavie\Downloads\SavevidSetup-r0-n-bc.exe[Bandoo Media Inc] (Adware.Bandoo)
DEPLACÉ: C:\Users\Flavie\Downloads\SoftonicDownloader_pour_myspeed.exe[Softonic ] (PUP.Softonic)
DEPLACÉ: C:\Users\Flavie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_api.advanceelite.com_0.localstorage[] (PUP.AdvanceElite)
DEPLACÉ: C:\Users\Flavie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_api.advanceelite.com_0.localstorage-journal[] (PUP.AdvanceElite)
DEPLACÉ: C:\Users\Flavie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage[] (PUP.AkamaiHD)
DEPLACÉ: C:\Users\Flavie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage-journal[] (PUP.AkamaiHD)
DEPLACÉ: C:\Users\Flavie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage[] (PUP.SpecialSavings)
DEPLACÉ: C:\Users\Flavie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal[] (PUP.SpecialSavings)
DEPLACÉ: C:\Users\Flavie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_forum.telecharger.01net.com_0.localstorage[] (Toolbar.Conduit)
DEPLACÉ: C:\Users\Flavie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_forum.telecharger.01net.com_0.localstorage-journal[] (Toolbar.Conduit)
DEPLACÉ: C:\Users\Flavie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.01net.com_0.localstorage[] (Toolbar.Conduit)
DEPLACÉ: C:\Users\Flavie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.01net.com_0.localstorage-journal[] (Toolbar.Conduit)


---\\ Base de Registres ( Clés, Valeurs, Données ). (14)
SUPPRIMÉ: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Yahoo! Search [C:\Users\Flavie\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.15.4\dsrlte.exe] (PUP.PaybyAds)
SUPPRIMÉ: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465} [ShopperReports.dll] (Adware.ShopperReports)
SUPPRIMÉ: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754} [ShoppingReport.dll] (Adware.ShoppingReport)
SUPPRIMÉ: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B} [BabylonToolbar.dll] (PUP.Babylon)
SUPPRIMÉ: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} [BabylonToolbar.dll] (PUP.Babylon)
SUPPRIMÉ: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC} [BabylonToolbarTlbr.dll] (PUP.Babylon)
SUPPRIMÉ: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} [ShoppingReport.dll] (Adware.ShoppingReport)
SUPPRIMÉ: HKCR\TypeLib\{587604F0-C55C-4F3F-8339-D634E878828E} [Savevid Plugin Core 1.0 Type Library] (Adware.Bandoo)
SUPPRIMÉ: HKCR\SoftwareUpdate.OnDemandCOMClassSvc (Adware.Boxore)
SUPPRIMÉ: HKCR\SoftwareUpdate.OnDemandCOMClassSvc.1.0 (Adware.Boxore)
SUPPRIMÉ: HKCR\SoftwareUpdate.Update3COMClassService (Adware.Boxore)
SUPPRIMÉ: HKCR\SoftwareUpdate.Update3COMClassService.1.0 (Adware.Boxore)
SUPPRIMÉ: HKCR\SoftwareUpdate.Update3WebSvc (Adware.Boxore)
SUPPRIMÉ: HKCR\SoftwareUpdate.Update3WebSvc.1.0 (Adware.Boxore)



---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
~ Ce navigateur est absent (Mozilla Firefox)
~ Ce navigateur est absent (Opera Software)


End of clean at 00:33:46
0
Réponse 7 / 19
flavie_le Messages postés 54 Date d'inscription lundi 7 février 2011 Statut Membre Dernière intervention 15 novembre 2014
15 nov. 2014 à 00:40
Est-ce si catastrophique ? :-)

Merci de ton aide et à bientôt pour la prochaine étape.

Bonne nuit.
0
Réponse 8 / 19
Utilisateur anonyme
15 nov. 2014 à 08:18
Bonjour

J'attendais un rapport de ZHPDiag et non ZHPcleaner.

Merci de faire le nécessaire

@+
0
Réponse 9 / 19
flavie_le Messages postés 54 Date d'inscription lundi 7 février 2011 Statut Membre Dernière intervention 15 novembre 2014
15 nov. 2014 à 13:19
Ah mince désolée, je recommence.
0
Réponse 10 / 19
flavie_le Messages postés 54 Date d'inscription lundi 7 février 2011 Statut Membre Dernière intervention 15 novembre 2014
15 nov. 2014 à 13:44
Bon alors je ne peux pas le télécharger, ça me met échec-erreur réseau !
0
Réponse 11 / 19
Utilisateur anonyme
15 nov. 2014 à 14:22
Re

Tu as essayé avec un autre navigateur que Chrome?
0
Réponse 12 / 19
flavie_le Messages postés 54 Date d'inscription lundi 7 février 2011 Statut Membre Dernière intervention 15 novembre 2014
15 nov. 2014 à 15:12
J'ai enfin réussi. Voici le rapport.

~ Rapport de ZHPDiag v2014.11.13.163 - Nicolas Coolman (13/11/2014)
~ Lancé par Flavie (15/11/2014 14:06:02)
~ Adresse du Site Web https://nicolascoolman.eu
~ Adresse du Forum https://nicolascoolman.eu
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program


---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.17116 (Defaut)
GCIE: Google Chrome v37.0.2062.124

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 8, 64-bit (Build 9200)
Windows Server License Manager Script : OK
~ Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : TMQHT
Windows License : OK
~ Windows Remaining Initializations Number : 998
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
Windows Defender W8 (Deactivate)

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels

---\\ Informations sur le système
~ Processor: AMD64 Family 20 Model 2 Stepping 0, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3682 MB (61% free)
System Restore: Activé (Enable)
System drive C: has 350 GB (78%) free of 446 GB

---\\ Mode de connexion au système
~ Computer Name: FLAVIE
~ User Name: Flavie
~ All Users Names: HomeGroupUser$, Flavie_2, Flavie, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Flavie\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Flavie\AppData\Roaming\
~ %Desktop% : C:\Users\Flavie\Desktop\
~ %Favorites% : C:\Users\Flavie\Favorites\
~ %LocalAppData% : C:\Users\Flavie\AppData\Local\
~ %StartMenu% : C:\Users\Flavie\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 350 Go of 446 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 19 Go)
E: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 41 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Explorateur Windows.) (.01/06/2013 - 12:34:21.) -- C:\Windows\Explorer.exe [2391280]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.949C61BEF8501BD244C50A7F182CEC74] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.20/09/2014 - 06:17:42.) -- C:\Windows\System32\wininet.dll [2236928]
[MD5.75DD70A14145499C9F7D903CF9A8C91B] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.12/04/2014 - 10:10:31.) -- C:\Windows\System32\Winlogon.exe [578048]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.FE7FB9612D354EB41DF4F0FF5D6FB259] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.29/05/2014 - 23:24:46.) -- C:\Windows\system32\Drivers\AFD.sys [576512]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.431141C6859990824D17F71C30A78728] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.16/01/2014 - 00:42:58.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.58CC013EFA9893057160EDA018D8ADCE] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.15/07/2014 - 23:51:05.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.14EE56050E1637926F5CFA65B1F4209B] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.12/07/2014 - 05:34:34.) -- C:\Windows\system32\Drivers\MRxSmb.sys [404480]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.7BE3EDFFA3216F989A6BDCB14795DD08] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.27/01/2014 - 04:39:40.) -- C:\Windows\system32\Drivers\ntfs.sys [1939288]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.AA37946941ED3805AB3A924965907147] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.04/07/2014 - 11:52:10.) -- C:\Windows\system32\Drivers\volsnap.sys [328000]
~ Generic Processes: Scanned in 00mn 01s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/1115
~ Mes musiques (My Musics) : 1/231
~ Mes Favoris (My Favorites) : 1/7
~ Mes Documents (My Documents) : 3/2266
~ Mon Bureau (My Desktop) : 3/895
~ Menu demarrer (Programs) : 1/30
~ Hidden Files: Scanned in 00mn 17s



---\\ Processus lancés
[MD5.B7F55E2AE978D3D34F7876EE5D689AAE] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488] [PID.3412]
[MD5.724CB7A116F7E1A67009D751BCF86586] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120] [PID.3420]
[MD5.5AB8DB8F9CADBFBB3C132E8316FE337E] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808] [PID.3480]
[MD5.656DFDB81019B8A11EFB05D974701AFD] - (.IVT Corporation - Bluetooth Application.) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [371976] [PID.3956]
[MD5.6198A9BC15ED77F318D5DDD1918CF1D1] - (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024] [PID.1372]
[MD5.B7995C675014EEBE77A0BEB7AFCCFC08] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432] [PID.336]
[MD5.FFF449A268368A0E474D2D0419BC34E7] - (.Advanced Micro Devices, Inc. - Load MMdriver application.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe [49664] [PID.3476]
[MD5.A0DA0ED7F15F4E3259C8FF3ADAE1B495] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8126464] [PID.5080]
~ Processes Running: Scanned in 00mn 01s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Flavie\AppData\Local\Google\Chrome\User Data\Default\Preferences

---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 0 Legitimates Filtered in 00mn 13s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
~ IE Browser: 16 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Program [Flavie]: Savevid.lnk - Clé orpheline =>Adware.Bandoo
~ Global Startup: 1 Legitimates Filtered in 00mn 04s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\RunOnce: [NCPluginUpdater] . (.Hewlett-Packard - NCPluginUpdater.) -- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [BtTray] . (.IVT Corporation - Bluetooth Application.) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
O4 - HKLM\..\Wow6432Node\Run: [CLVirtualDrive] . (.CyberLink Corp. - CyberLink Virtual Drive.) -- C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Quick Launch] . (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 [64Bits] - {25510184-5A38-4A99-B273-DCA8EEF6CD08} . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\Resources\Icons\HP.ico
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\lync.exe (.not file.)
O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{3F44B590-8C01-4561-A5B2-5A44F2D43714}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{C897503C-0A95-4736-AE2C-EDB5A21B63FA}: DhcpNameServer = 193.49.184.5 8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{3F44B590-8C01-4561-A5B2-5A44F2D43714}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{C897503C-0A95-4736-AE2C-EDB5A21B63FA}: DhcpNameServer = 193.49.184.5 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1086]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1090]
~ Scheduled Task: 13 Legitimates Filtered in 00mn 16s



---\\ Logiciels installés (O42)
O42 - Logiciel: Savevid - (.Bandoo Media Inc.) [HKCU][64Bits] -- Savevid =>Adware.Bandoo
O42 - Logiciel: Yahoo! Search - (.Pay-By-Ads.) [HKCU][64Bits] -- Yahoo! Search =>PUP.PaybyAds
~ Logic: 46 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Enounce]
[HKCU\Software\Reg]
[HKLM\Software\Wow6432Node\Reg]
[HKLM\Software\Wow6432Node\Savevid] =>Adware.Bandoo
~ Key Software: 245 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 21/02/2014 - 20:24:53 - [] ----D C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
O43 - CFD: 08/07/2013 - 00:13:36 - [0] ----D C:\Users\Flavie\AppData\Local\Enounce
O43 - CFD: 14/11/2014 - 23:40:35 - [] ----D C:\Users\Flavie\AppData\Local\Pay-By-Ads =>PUP.PaybyAds
~ Program Folder: 128 Legitimates Filtered in 00mn 00s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.B4A6F4F3D4EBC6B09C945A4761BA0B7A] - 14/11/2014 - 23:41:27 ---A- . (...) -- C:\Windows\win.ini [194]
~ Files: 10 Legitimates Filtered in 00mn 11s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:28/10/2013 - 01:12:10 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [107288]
O58 - SDL:28/10/2013 - 01:12:12 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [204568]
O58 - SDL:26/07/2012 - 06:00:55 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [30960]
~ Drivers: 57 Legitimates Filtered in 00mn 09s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {28546ED0-664C-4278-AB6C-812ED99B279A} - (Propositions de recherche Amazon.fr) - https://www.amazon.fr/
O69 - SBI: SearchScopes [HKCU] {D944BB61-2E34-4DBF-A683-47E505C587DC} - (eBay) - http://rover.ebay.com =>Toolbar.eBay
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.0EE91D03959578488E52B015B3D4F661] [SPRF][08/07/2013] (.Enounce Incorporated - Setup Launcher.) -- C:\Users\Flavie\Desktop\EnounceMySpeed.exe [2414664]
~ Files: 1 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.79BBAAC753ABDA50DF19030265F7D1A6] [WIS][09/04/2014] (.Boxore OU - Boxore Client Installer.) -- C:\Windows\Installer\31a40d55.msi [2473984] =>Adware.Boxore
~ WIS: 1 Legitimates Filtered in 00mn 03s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SS - | Auto 08/06/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 08/06/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 13/05/2013 1129760 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
SS - | Demand 20/10/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 18/11/2009 98208 | (AERTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
SR - | Auto 13/09/2012 239616 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 12/09/2012 361984 | (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
SR - | Auto 26/09/2012 1612552 | (BlueSoleilCS) . (.IVT Corporation.) - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Demand 19/09/2012 146184 | (BsHelpCS) . (.IVT Corporation.) - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
SR - | Auto 04/11/2013 92160 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe =>.Hewlett-Packard Co
SR - | Auto 12/10/2012 35744 | (HPConnectedRemote) . (.Hewlett-Packard.) - C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
SR - | Auto 07/09/2012 35232 | (HPWMISVC) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
SR - | Auto 13/09/2012 2466448 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
~ Services: Scanned in 00mn 28s



---\\ Scan Additionnel (O88)
Database Version : 13026 - (13/11/2014)
Clés trouvées (Keys found) : 3
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 12

[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Savevid] =>Adware.Bandoo^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Search] =>PUP.PaybyAds^
[HKCU\Software\Classes\keepmysearch] =>Adware.MyWebSearch
C:\Users\Flavie\AppData\Local\Pay-By-Ads =>PUP.PaybyAds^
[HKLM\Software\Wow6432Node\Savevid] =>Adware.Bandoo^
C:\Windows\Installer\31a40d55.msi =>Adware.Boxore^
C:\Users\Flavie\AppData\Local\Temp\nse7AEB.exe =>Toolbar.Conduit
C:\Users\Flavie\AppData\Local\Temp\nseD963.exe =>Toolbar.Conduit
C:\Users\Flavie\AppData\Local\Temp\nso72A0.exe =>Toolbar.Conduit
C:\Users\Flavie\AppData\Local\Temp\nsuCFB2.exe =>Toolbar.Conduit
C:\Users\Flavie\AppData\Local\Temp\sp-downloader.exe =>Toolbar.Conduit
~ Additionnel Scan: 259557 Items scanned in 01mn 40s



---\\ Informations complémentaires sur les modules
~ https://nicolascoolman.eu =>.Internet Explorer, Proxy Management (R5)
~ https://nicolascoolman.eu =>.Internet Explorer Toolbars (O3)
~ https://nicolascoolman.eu =>.Applications lancées au démarrage du système (O4)
~ AMI: 3 Legitimates Filtered in 00mn 00s



---\\ Récapitulatif des détections trouvées sur votre station
https://nicolascoolman.eu =>Adware.Bandoo
https://nicolascoolman.eu =>PUP.PaybyAds
https://nicolascoolman.eu =>Adware.Boxore
https://nicolascoolman.eu =>Adware.MyWebSearch
https://nicolascoolman.eu =>Toolbar.Conduit
~ MSI: 5 link(s) detected in 00mn 00s



~ 544 Legitimates filtered by white list
End of the scan (371 lines in 05mn 28s)(0)
0
Réponse 13 / 19
flavie_le Messages postés 54 Date d'inscription lundi 7 février 2011 Statut Membre Dernière intervention 15 novembre 2014
15 nov. 2014 à 15:12
C'est avast qui m'empêchait de le télécharger.
0
Réponse 14 / 19
Utilisateur anonyme
15 nov. 2014 à 15:13
Re

Ton rapport est incomplet et de plus ne correspond pas à ce qui est demandé.
Tu relis tranquillement le mode opératoire et tu l'appliques

Merci
0
Réponse 15 / 19
flavie_le Messages postés 54 Date d'inscription lundi 7 février 2011 Statut Membre Dernière intervention 15 novembre 2014
15 nov. 2014 à 18:53
:-( désolée

Est-ce mieux comme ça ?

~ Rapport de ZHPDiag v2014.11.13.163 - Nicolas Coolman (13/11/2014)
~ Lancé par Flavie (15/11/2014 18:47:48)
~ Adresse du Site Web https://nicolascoolman.eu
~ Adresse du Forum https://nicolascoolman.eu
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.17116 (Defaut)
GCIE: Google Chrome v37.0.2062.124

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 8, 64-bit (Build 9200)
Windows Server License Manager Script : OK
System - Enable Open file C:\Users\Flavie\AppData\Roaming\ZHP\Licence.txt =>.Nicolas Coolman

---\\ Logiciels de protection du système
Windows Defender W8 (Deactivate)

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels

---\\ Informations sur le système
~ Processor: AMD64 Family 20 Model 2 Stepping 0, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3682 MB (49% free)
System Restore: Activé (Enable)
System drive C: has 349 GB (78%) free of 446 GB

---\\ Mode de connexion au système
~ Computer Name: FLAVIE
~ User Name: Flavie
~ All Users Names: HomeGroupUser$, Flavie_2, Flavie, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Flavie\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Flavie\AppData\Roaming\
~ %Desktop% : C:\Users\Flavie\Desktop\
~ %Favorites% : C:\Users\Flavie\Favorites\
~ %LocalAppData% : C:\Users\Flavie\AppData\Local\
~ %StartMenu% : C:\Users\Flavie\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 349 Go of 446 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 19 Go)
E: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 41 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Explorateur Windows.) (.01/06/2013 - 12:34:21.) -- C:\Windows\Explorer.exe [2391280]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.949C61BEF8501BD244C50A7F182CEC74] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.20/09/2014 - 06:17:42.) -- C:\Windows\System32\wininet.dll [2236928]
[MD5.75DD70A14145499C9F7D903CF9A8C91B] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.12/04/2014 - 10:10:31.) -- C:\Windows\System32\Winlogon.exe [578048]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.FE7FB9612D354EB41DF4F0FF5D6FB259] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.29/05/2014 - 23:24:46.) -- C:\Windows\system32\Drivers\AFD.sys [576512]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.431141C6859990824D17F71C30A78728] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.16/01/2014 - 00:42:58.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.58CC013EFA9893057160EDA018D8ADCE] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.15/07/2014 - 23:51:05.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.14EE56050E1637926F5CFA65B1F4209B] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.12/07/2014 - 05:34:34.) -- C:\Windows\system32\Drivers\MRxSmb.sys [404480]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.7BE3EDFFA3216F989A6BDCB14795DD08] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.27/01/2014 - 04:39:40.) -- C:\Windows\system32\Drivers\ntfs.sys [1939288]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.AA37946941ED3805AB3A924965907147] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.04/07/2014 - 11:52:10.) -- C:\Windows\system32\Drivers\volsnap.sys [328000]
~ Generic Processes: Scanned in 00mn 02s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/1115
~ Mes musiques (My Musics) : 1/231
~ Mes Favoris (My Favorites) : 1/7
~ Mes Documents (My Documents) : 3/2266
~ Mon Bureau (My Desktop) : 3/895
~ Menu demarrer (Programs) : 1/30
~ Hidden Files: Scanned in 00mn 16s



---\\ Processus lancés
[MD5.B7F55E2AE978D3D34F7876EE5D689AAE] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488] [PID.3412]
[MD5.724CB7A116F7E1A67009D751BCF86586] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120] [PID.3420]
[MD5.5AB8DB8F9CADBFBB3C132E8316FE337E] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808] [PID.3480]
[MD5.656DFDB81019B8A11EFB05D974701AFD] - (.IVT Corporation - Bluetooth Application.) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [371976] [PID.3956]
[MD5.6198A9BC15ED77F318D5DDD1918CF1D1] - (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024] [PID.1372]
[MD5.B7995C675014EEBE77A0BEB7AFCCFC08] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432] [PID.336]
[MD5.FFF449A268368A0E474D2D0419BC34E7] - (.Advanced Micro Devices, Inc. - Load MMdriver application.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe [49664] [PID.3476]
[MD5.A0DA0ED7F15F4E3259C8FF3ADAE1B495] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8126464] [PID.3756]
~ Processes Running: Scanned in 00mn 01s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Flavie\AppData\Local\Google\Chrome\User Data\Default\Preferences

---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 0 Legitimates Filtered in 00mn 12s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
~ IE Browser: 16 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Program [Flavie]: Savevid.lnk - Clé orpheline =>Adware.Bandoo
~ Global Startup: 1 Legitimates Filtered in 00mn 09s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\RunOnce: [NCPluginUpdater] . (.Hewlett-Packard - NCPluginUpdater.) -- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [BtTray] . (.IVT Corporation - Bluetooth Application.) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
O4 - HKLM\..\Wow6432Node\Run: [CLVirtualDrive] . (.CyberLink Corp. - CyberLink Virtual Drive.) -- C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Quick Launch] . (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 [64Bits] - {25510184-5A38-4A99-B273-DCA8EEF6CD08} . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\Resources\Icons\HP.ico
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\lync.exe (.not file.)
O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{3F44B590-8C01-4561-A5B2-5A44F2D43714}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{C897503C-0A95-4736-AE2C-EDB5A21B63FA}: DhcpNameServer = 193.49.184.5 8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{3F44B590-8C01-4561-A5B2-5A44F2D43714}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{C897503C-0A95-4736-AE2C-EDB5A21B63FA}: DhcpNameServer = 193.49.184.5 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1086]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1090]
~ Scheduled Task: 13 Legitimates Filtered in 00mn 13s



---\\ Logiciels installés (O42)
O42 - Logiciel: Savevid - (.Bandoo Media Inc.) [HKCU][64Bits] -- Savevid =>Adware.Bandoo
O42 - Logiciel: Yahoo! Search - (.Pay-By-Ads.) [HKCU][64Bits] -- Yahoo! Search =>PUP.PaybyAds
~ Logic: 46 Legitimates Filtered in 00mn 02s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Enounce]
[HKCU\Software\Reg]
[HKLM\Software\Wow6432Node\Reg]
[HKLM\Software\Wow6432Node\Savevid] =>Adware.Bandoo
~ Key Software: 245 Legitimates Filtered in 00mn 02s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 21/02/2014 - 20:24:53 - [] ----D C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
O43 - CFD: 08/07/2013 - 00:13:36 - [0] ----D C:\Users\Flavie\AppData\Local\Enounce
O43 - CFD: 14/11/2014 - 23:40:35 - [] ----D C:\Users\Flavie\AppData\Local\Pay-By-Ads =>PUP.PaybyAds
~ Program Folder: 128 Legitimates Filtered in 00mn 01s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.B4A6F4F3D4EBC6B09C945A4761BA0B7A] - 14/11/2014 - 23:41:27 ---A- . (...) -- C:\Windows\win.ini [194]
~ Files: 10 Legitimates Filtered in 00mn 10s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:28/10/2013 - 01:12:10 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [107288]
O58 - SDL:28/10/2013 - 01:12:12 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [204568]
O58 - SDL:26/07/2012 - 06:00:55 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [30960]
~ Drivers: 57 Legitimates Filtered in 00mn 09s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {28546ED0-664C-4278-AB6C-812ED99B279A} - (Propositions de recherche Amazon.fr) - https://www.amazon.fr/
O69 - SBI: SearchScopes [HKCU] {D944BB61-2E34-4DBF-A683-47E505C587DC} - (eBay) - http://rover.ebay.com =>Toolbar.eBay
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.0EE91D03959578488E52B015B3D4F661] [SPRF][08/07/2013] (.Enounce Incorporated - Setup Launcher.) -- C:\Users\Flavie\Desktop\EnounceMySpeed.exe [2414664]
~ Files: 1 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.79BBAAC753ABDA50DF19030265F7D1A6] [WIS][09/04/2014] (.Boxore OU - Boxore Client Installer.) -- C:\Windows\Installer\31a40d55.msi [2473984] =>Adware.Boxore
~ WIS: 1 Legitimates Filtered in 00mn 02s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SS - | Auto 08/06/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 08/06/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 13/05/2013 1129760 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
SR - | Auto 18/11/2009 98208 | (AERTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
SR - | Auto 13/09/2012 239616 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 12/09/2012 361984 | (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
SR - | Auto 26/09/2012 1612552 | (BlueSoleilCS) . (.IVT Corporation.) - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Demand 19/09/2012 146184 | (BsHelpCS) . (.IVT Corporation.) - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
SR - | Auto 04/11/2013 92160 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe =>.Hewlett-Packard Co
SR - | Auto 12/10/2012 35744 | (HPConnectedRemote) . (.Hewlett-Packard.) - C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
SR - | Auto 07/09/2012 35232 | (HPWMISVC) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
SR - | Auto 13/09/2012 2466448 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Demand 20/10/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 29s



---\\ Scan Additionnel (O88)
Database Version : 13026 - (13/11/2014)
Clés trouvées (Keys found) : 3
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 12

[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Savevid] =>Adware.Bandoo^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Search] =>PUP.PaybyAds^
[HKCU\Software\Classes\keepmysearch] =>Adware.MyWebSearch
C:\Users\Flavie\AppData\Local\Pay-By-Ads =>PUP.PaybyAds^
[HKLM\Software\Wow6432Node\Savevid] =>Adware.Bandoo^
C:\Windows\Installer\31a40d55.msi =>Adware.Boxore^
C:\Users\Flavie\AppData\Local\Temp\nse7AEB.exe =>Toolbar.Conduit
C:\Users\Flavie\AppData\Local\Temp\nseD963.exe =>Toolbar.Conduit
C:\Users\Flavie\AppData\Local\Temp\nso72A0.exe =>Toolbar.Conduit
C:\Users\Flavie\AppData\Local\Temp\nsuCFB2.exe =>Toolbar.Conduit
C:\Users\Flavie\AppData\Local\Temp\sp-downloader.exe =>Toolbar.Conduit
~ Additionnel Scan: 259557 Items scanned in 01mn 37s



---\\ Informations complémentaires sur les modules
~ https://nicolascoolman.eu =>.Internet Explorer, Proxy Management (R5)
~ https://nicolascoolman.eu =>.Internet Explorer Toolbars (O3)
~ https://nicolascoolman.eu =>.Applications lancées au démarrage du système (O4)
~ AMI: 3 Legitimates Filtered in 00mn 00s



---\\ Récapitulatif des détections trouvées sur votre station
https://nicolascoolman.eu =>Adware.Bandoo
https://nicolascoolman.eu =>PUP.PaybyAds
https://nicolascoolman.eu =>Adware.Boxore
https://nicolascoolman.eu =>Adware.MyWebSearch
https://nicolascoolman.eu =>Toolbar.Conduit
~ MSI: 5 link(s) detected in 00mn 00s



~ 544 Legitimates filtered by white list
End of the scan (364 lines in 04mn 38s)(0)
0
Réponse 16 / 19
Utilisateur anonyme
15 nov. 2014 à 19:04
Re

J'ai demandé un rapport complet
et je vois que tu as décoché des lignes
Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89

de plus je te demande d'héberger le rapport ,ce que tu ne fais pas.

Donc tu reprends;merci

@+
0
Réponse 17 / 19
flavie_le Messages postés 54 Date d'inscription lundi 7 février 2011 Statut Membre Dernière intervention 15 novembre 2014
15 nov. 2014 à 19:04
~ Rapport de ZHPDiag v2014.11.13.163 - Nicolas Coolman (13/11/2014)
~ Lancé par Flavie (15/11/2014 18:56:43)
~ Adresse du Site Web https://nicolascoolman.eu
~ Adresse du Forum https://nicolascoolman.eu
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.17116 (Defaut)
GCIE: Google Chrome v37.0.2062.124

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 8, 64-bit (Build 9200)
Windows Server License Manager Script : OK
~ Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : TMQHT
Windows License : OK
~ Windows Remaining Initializations Number : 998
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
Windows Defender W8 (Deactivate)

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels

---\\ Informations sur le système
~ Processor: AMD64 Family 20 Model 2 Stepping 0, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3682 MB (59% free)
System Restore: Activé (Enable)
System drive C: has 349 GB (78%) free of 446 GB

---\\ Mode de connexion au système
~ Computer Name: FLAVIE
~ User Name: Flavie
~ All Users Names: HomeGroupUser$, Flavie_2, Flavie, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Flavie\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Flavie\AppData\Roaming\
~ %Desktop% : C:\Users\Flavie\Desktop\
~ %Favorites% : C:\Users\Flavie\Favorites\
~ %LocalAppData% : C:\Users\Flavie\AppData\Local\
~ %StartMenu% : C:\Users\Flavie\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 349 Go of 446 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 19 Go)
E: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 41 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Explorateur Windows.) (.01/06/2013 - 12:34:21.) -- C:\Windows\Explorer.exe [2391280]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.949C61BEF8501BD244C50A7F182CEC74] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.20/09/2014 - 06:17:42.) -- C:\Windows\System32\wininet.dll [2236928]
[MD5.75DD70A14145499C9F7D903CF9A8C91B] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.12/04/2014 - 10:10:31.) -- C:\Windows\System32\Winlogon.exe [578048]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.FE7FB9612D354EB41DF4F0FF5D6FB259] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.29/05/2014 - 23:24:46.) -- C:\Windows\system32\Drivers\AFD.sys [576512]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.431141C6859990824D17F71C30A78728] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.16/01/2014 - 00:42:58.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.58CC013EFA9893057160EDA018D8ADCE] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.15/07/2014 - 23:51:05.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.14EE56050E1637926F5CFA65B1F4209B] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.12/07/2014 - 05:34:34.) -- C:\Windows\system32\Drivers\MRxSmb.sys [404480]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.7BE3EDFFA3216F989A6BDCB14795DD08] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.27/01/2014 - 04:39:40.) -- C:\Windows\system32\Drivers\ntfs.sys [1939288]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.AA37946941ED3805AB3A924965907147] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.04/07/2014 - 11:52:10.) -- C:\Windows\system32\Drivers\volsnap.sys [328000]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/1115
~ Mes musiques (My Musics) : 1/231
~ Mes Videos (My Videos) : 1/3
~ Mes Favoris (My Favorites) : 1/21
~ Mes Documents (My Documents) : 3/6798
~ Mon Bureau (My Desktop) : 3/2686
~ Menu demarrer (Programs) : 1/90
~ Hidden Files: Scanned in 00mn 03s



---\\ Processus lancés
[MD5.B7F55E2AE978D3D34F7876EE5D689AAE] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488] [PID.3412]
[MD5.724CB7A116F7E1A67009D751BCF86586] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120] [PID.3420]
[MD5.5AB8DB8F9CADBFBB3C132E8316FE337E] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808] [PID.3480]
[MD5.656DFDB81019B8A11EFB05D974701AFD] - (.IVT Corporation - Bluetooth Application.) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [371976] [PID.3956]
[MD5.6198A9BC15ED77F318D5DDD1918CF1D1] - (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024] [PID.1372]
[MD5.B7995C675014EEBE77A0BEB7AFCCFC08] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432] [PID.336]
[MD5.FFF449A268368A0E474D2D0419BC34E7] - (.Advanced Micro Devices, Inc. - Load MMdriver application.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe [49664] [PID.3476]
[MD5.A0DA0ED7F15F4E3259C8FF3ADAE1B495] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8126464] [PID.3756]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Flavie\AppData\Local\Google\Chrome\User Data\Default\Preferences

---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 0 Scanned in 00mn 13s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30514.0.) -- c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
~ Firefox Browser: 1 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (10.00.9200.16384 (win8_rtm.120725-1247)) -- C:\Windows\SysWOW64\ieframe.dll
~ IE Browser: 16 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: HP Network Check Helper [64Bits] - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} . (.Hewlett-Packard - HP Network Check IE Plug-in.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} Clé orpheline
O2 - BHO: (no name) [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} Clé orpheline
~ BHO: 12 Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Program [Flavie]: Savevid.lnk - Clé orpheline =>Adware.Bandoo
~ Global Startup: 1 Scanned in 00mn 02s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\RunOnce: [NCPluginUpdater] . (.Hewlett-Packard - NCPluginUpdater.) -- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [BtTray] . (.IVT Corporation - Bluetooth Application.) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
O4 - HKLM\..\Wow6432Node\Run: [CLVirtualDrive] . (.CyberLink Corp. - CyberLink Virtual Drive.) -- C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Quick Launch] . (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
~ Application: Scanned in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 [64Bits] - {25510184-5A38-4A99-B273-DCA8EEF6CD08} . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\Resources\Icons\HP.ico
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\lync.exe (.not file.)
O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
~ Winsock: 8 Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{3F44B590-8C01-4561-A5B2-5A44F2D43714}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{C897503C-0A95-4736-AE2C-EDB5A21B63FA}: DhcpNameServer = 193.49.184.5 8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{3F44B590-8C01-4561-A5B2-5A44F2D43714}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{C897503C-0A95-4736-AE2C-EDB5A21B63FA}: DhcpNameServer = 193.49.184.5 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Andrea RT Filters Service (AERTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe
O23 - Service: AMD FUEL Service (AMD FUEL Service) . (.Advanced Micro Devices, Inc. - Service Fusion Utility.) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: BlueSoleilCS (BlueSoleilCS) . (.IVT Corporation - Bluetooth Application.) - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: HP Support Assistant Service (HP Support Assistant Service) . (.Hewlett-Packard Company - HP Support Assistant Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe =>.Hewlett-Packard Co
O23 - Service: HP Connected Remote Service (HPConnectedRemote) . (.Hewlett-Packard - HPConnectedRemoteService.) - C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
O23 - Service: HPWMISVC (HPWMISVC) . (.Hewlett-Packard Development Company, L.P. - HP Quick Launch WMI Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: IconMan_R (IconMan_R) . (.Realsil Microelectronics Inc. - Realtek Card Reader Patch Tool..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
~ Services: 10 Scanned in 00mn 23s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.724CB7A116F7E1A67009D751BCF86586] [APT] [CLMLSvc_P2G8] (.CyberLink.) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.B7F55E2AE978D3D34F7876EE5D689AAE] [APT] [MirageAgent] (.CyberLink.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488]
[MD5.3E53CC4591B043C8D42FB3D771D55FCE] [APT] [HP Support Assistant Quick Start] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [542008]
[MD5.3E53CC4591B043C8D42FB3D771D55FCE] [APT] [PC Health Analysis] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [542008]
[MD5.16F1F09240540D9409DA192839C9D786] [APT] [Update Check] (.Hewlett-Packard Company.) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [630584]
[MD5.A5607C658E1EF9F04657B068BA826EC0] [APT] [WarrantyChecker] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1595096]
[MD5.A5607C658E1EF9F04657B068BA826EC0] [APT] [WarrantyChecker_DeviceScan] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1595096]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1086]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1086]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1090]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1090]
O39 - APT: - (..) -- C:\Windows\Tasks\HPCeeScheduleForFlavie.job [350]
~ Scheduled Task: 39 Scanned in 00mn 13s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll
~ Active Setup: 9 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys
O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys
O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: (CLVirtualDrive) . (.CyberLink - It is a virtual device driver which could c.) - C:\Windows\system32\DRIVERS\CLVirtualDrive.sys
O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
~ Drivers: 36 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM][64Bits] -- {503F672D-6C84-448A-8F8F-4BC35AC83441}
O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {039B859F-360B-58D8-F86F-C277BA6ED7D8}
O42 - Logiciel: Adobe Shockwave Player 11.6 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Shockwave Player
O42 - Logiciel: Aloha TriPeaks - (.WildTangent.) [HKLM][64Bits] -- WTA-8b64ce2b-5a1e-48f1-bb10-c56e4b89d595
O42 - Logiciel: Bejeweled 3 - (.WildTangent.) [HKLM][64Bits] -- WTA-35a0134f-e400-40b0-b60d-4cecbc7cf498
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
O42 - Logiciel: Build-a-lot 4 - Power Source - (.WildTangent.) [HKLM][64Bits] -- WTA-4cdfd825-0df4-43d0-a0fc-7e373c5fd2ea
O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {0DCCD5F4-29E7-4AA0-8C1D-F8E1503B91F4}
O42 - Logiciel: Connected Music powered by Universal Music Group version 1.0 - (.Snowite.) [HKLM][64Bits] -- {46037DC7-F927-46DF-935F-D6F122BDD34B}_is1
O42 - Logiciel: Cradle of Rome 2 - (.WildTangent.) [HKLM][64Bits] -- WTA-6d935244-a18b-4406-9af4-7350e7311ad0
O42 - Logiciel: Crazy Chicken Soccer - (.WildTangent.) [HKLM][64Bits] -- WTA-2200e4b0-7451-4ef0-bdb9-a711adeee71c
O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: CyberLink Media Suite 10 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: CyberLink Media Suite 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: CyberLink Power2Go 8 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
O42 - Logiciel: CyberLink Power2Go 8 - (.CyberLink Corp..) [HKLM][64Bits] -- {2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
O42 - Logiciel: CyberLink PowerDVD - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: CyberLink PowerDVD - (.CyberLink Corp..) [HKLM][64Bits] -- {DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU][64Bits] -- Dropbox
O42 - Logiciel: Energy Star - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}
O42 - Logiciel: Farm Frenzy - (.WildTangent.) [HKLM][64Bits] -- WTA-89646500-2a32-4df9-9661-7158e298b1ae
O42 - Logiciel: Final Drive Fury - (.WildTangent.) [HKLM][64Bits] -- WTA-f3ebc9e1-d9a9-41f4-8bbf-638a40d6adce
O42 - Logiciel: Galerie de photos - (.Microsoft Corporation.) [HKLM][64Bits] -- {FE8DFDD0-A543-4A83-B7A9-C411138194D5}
O42 - Logiciel: Gardenscapes: Mansion Makeover - (.WildTangent.) [HKLM][64Bits] -- WTA-2f108510-ece8-4d5c-a6c1-97b12deb34a9
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Governor of Poker 2 Premium Edition - (.WildTangent.) [HKLM][64Bits] -- WTA-56f793b5-ae83-4c3b-8bc6-398ea7e7bef6
O42 - Logiciel: HP Connected Remote - (.Hewlett-Packard.) [HKLM][64Bits] -- {F243A34B-AB7F-4065-B770-B85B767C247C}
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {07FA4960-B038-49EB-891B-9F95930AA544}
O42 - Logiciel: HP Documentation - (.Hewlett-Packard.) [HKLM][64Bits] -- {8C3E36C3-7615-46B9-B043-6053810E591B}
O42 - Logiciel: HP Games - (.WildTangent.) [HKLM][64Bits] -- WildTangent hp Master Uninstall
O42 - Logiciel: HP Postscript Converter - (.Hewlett-Packard.) [HKLM][64Bits] -- {6E14E6D6-3175-4E1A-B934-CAB5A86367CD}
O42 - Logiciel: HP Quick Launch - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {E5823036-6F09-4D0A-B05C-E2BAA129288A}
O42 - Logiciel: HP Recovery Manager - (.Hewlett-Packard.) [HKLM][64Bits] -- {528AB81B-D65A-4AB0-A2B6-82B51A087D01}
O42 - Logiciel: HP Registration Service - (.Hewlett-Packard.) [HKLM][64Bits] -- {C2E428EB-116E-41C0-9E84-B22DE9CCA42F}
O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} =>.Hewlett-Packard Co
O42 - Logiciel: HP Utility Center - (.Hewlett-Packard.) [HKLM][64Bits] -- {0C57987A-A03A-4B95-A309-D23F78F406CA}
O42 - Logiciel: HP Wireless Button Driver - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {30B2D1D8-0A07-4B71-9553-0710C5D31E35}
O42 - Logiciel: Hewlett-Packard ACLM.NET v1.2.2.3 - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {6F340107-F9AA-47C6-B54C-C3A19F11553F}
O42 - Logiciel: Jeux WildTangent - (.WildTangent.) [HKLM][64Bits] -- WildTangent wildgames Master Uninstall
O42 - Logiciel: Jewel Match 3 - (.WildTangent.) [HKLM][64Bits] -- WTA-14a5e01c-4f4b-4133-93b2-46b1e938da56
O42 - Logiciel: Jewel Quest II - (.WildTangent.) [HKLM][64Bits] -- WTA-d85ac421-2de3-48a0-b2d6-5898484564ee
O42 - Logiciel: LibreOffice 4.1.6.2 - (.The Document Foundation.) [HKLM][64Bits] -- {146232A9-AB53-48A7-A102-56624D92C80D}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {F842F8B0-6942-4930-821F-543E976B2C66}
O42 - Logiciel: Mahjongg Artifacts - (.WildTangent.) [HKLM][64Bits] -- WTA-deb661af-3e54-4018-ab22-c031a205dd68
O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- OneDriveSetup.exe
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Mystery of Mortlake Mansion - (.WildTangent.) [HKLM][64Bits] -- WTA-82d2ab97-115f-477b-b3c4-961e6d8a0e7f
O42 - Logiciel: Office 15 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-0000-0000-0000000FF1CE}
O42 - Logiciel: Office 15 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008F-0000-1000-0000000FF1CE}
O42 - Logiciel: Office 15 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-040C-0000-0000000FF1CE}
O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM][64Bits] -- WTA-ef90a722-9808-4783-a021-24621980b232
O42 - Logiciel: Ralink Bluetooth Stack64 - (.Ralink Corporation.) [HKLM][64Bits] -- {95DF815D-BE2D-9118-F549-39794C5869CF}
O42 - Logiciel: Ralink RT3290 802.11bgn Wi-Fi Adapter - (.Ralink.) [HKLM][64Bits] -- {8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}
O42 - Logiciel: Ranch Rush 2 - Premium Edition - (.WildTangent.) [HKLM][64Bits] -- WTA-4ae0786a-2300-4780-b2eb-ff86c89735d2
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Realtek PCIE Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {C1594429-8296-4652-BF54-9DBE4932A44C}
O42 - Logiciel: Revo Uninstaller 1.95 - (.VS Revo Group.) [HKLM][64Bits] -- Revo Uninstaller
O42 - Logiciel: Royal Envoy 2 Collector's Edition - (.WildTangent.) [HKLM][64Bits] -- WTA-6f092bf6-135a-4d23-b334-7c7a7092be8d
O42 - Logiciel: Savevid - (.Bandoo Media Inc.) [HKCU][64Bits] -- Savevid =>Adware.Bandoo
O42 - Logiciel: Sweet Home 3D version 4.0 - (.eTeks.) [HKLM][64Bits] -- Sweet Home 3D_is1
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: Trinklit Supreme - (.WildTangent.) [HKLM][64Bits] -- WTA-dc22adcb-970b-44e3-af8b-f8980dfaf922
O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
O42 - Logiciel: VLC media player 2.0.7 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: Wedding Dash - (.WildTangent.) [HKLM][64Bits] -- WTA-4044470a-9de1-4963-a593-7c3062d07349
O42 - Logiciel: WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp
O42 - Logiciel: Yahoo! Search - (.Pay-By-Ads.) [HKCU][64Bits] -- Yahoo! Search =>PUP.PaybyAds
O42 - Logiciel: Youda Jewel Shop - (.WildTangent.) [HKLM][64Bits] -- WTA-a003fb85-9df1-4eaf-8229-795a1a834258
O42 - Logiciel: Zuma's Revenge - (.WildTangent.) [HKLM][64Bits] -- WTA-7bc247ad-1d5e-46b6-a707-0699395f48b0
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}
~ Logic: 69 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\ATI]
[HKCU\Software\AppDataLow]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\Enounce]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lake]
[HKCU\Software\Licenses]
[HKCU\Software\Macromedia]
[HKCU\Software\Mine]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Netscape]
[HKCU\Software\Norton]
[HKCU\Software\ODBC]
[HKCU\Software\PLANETE PERMIS]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\Reg]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\Software]
[HKCU\Software\Symantec]
[HKCU\Software\Synaptics]
[HKCU\Software\TeleCharger_v2]
[HKCU\Software\The Document Foundation]
[HKCU\Software\VSRevoGroup]
[HKCU\Software\WebApp]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\malavida]
[HKCU\Software\mozilla]
[HKLM\Software\AMD]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\Google]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Norton]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Synaptics]
[HKLM\Software\Wow6432Node\ATI Technologies]
[HKLM\Software\Wow6432Node\ATI]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\AppDataLow]
[HKLM\Software\Wow6432Node\Apple Inc.]
[HKLM\Software\Wow6432Node\BSPACode]
[HKLM\Software\Wow6432Node\Caphyon]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Hewlett-Packard]
[HKLM\Software\Wow6432Node\IVT Corporation]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Lake]
[HKLM\Software\Wow6432Node\LibreOffice]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\LogMeInRescueCallingCard]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Ralink Corporation]
[HKLM\Software\Wow6432Node\Ralink]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\Reg]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Savevid] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Software]
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\The Document Foundation]
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\Wow6432Node]
[HKLM\Software\Wow6432Node]
~ Key Software: 245 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 26/12/2012 - 05:31:38 - [] ----D C:\Program Files (x86)\AMD APP
O43 - CFD: 26/12/2012 - 05:31:27 - [] ----D C:\Program Files (x86)\ATI Technologies
O43 - CFD: 26/12/2012 - 05:28:47 - [] ----D C:\Program Files (x86)\Bonjour
O43 - CFD: 18/10/2014 - 11:56:30 - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 19/10/2012 - 19:13:15 - [] ----D C:\Program Files (x86)\Connected Music powered by Universal Music Group
O43 - CFD: 24/06/2013 - 16:14:57 - [] ----D C:\Program Files (x86)\CyberLink
O43 - CFD: 08/06/2013 - 11:43:05 - [] ----D C:\Program Files (x86)\Google
O43 - CFD: 21/02/2014 - 20:27:24 - [] ----D C:\Program Files (x86)\Hewlett-Packard
O43 - CFD: 19/10/2012 - 19:33:01 - [] ----D C:\Program Files (x86)\HP Games
O43 - CFD: 21/02/2014 - 20:29:00 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 20/10/2014 - 19:13:00 - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 20/05/2014 - 19:13:41 - [] ----D C:\Program Files (x86)\LibreOffice 4
O43 - CFD: 18/10/2014 - 11:59:35 - [] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 17/08/2014 - 14:44:27 - [] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 19/10/2012 - 19:07:58 - [] ----D C:\Program Files (x86)\Microsoft SkyDrive =>.Microsoft Corporation
O43 - CFD: 19/10/2012 - 19:09:11 - [] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 18/10/2014 - 11:56:20 - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 23/08/2013 - 21:27:03 - [] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 03/08/2012 - 23:37:58 - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 02/06/2013 - 15:48:11 - [] R---D C:\Program Files (x86)\Online Services
O43 - CFD: 26/12/2012 - 05:35:03 - [] ----D C:\Program Files (x86)\Ralink Corporation
O43 - CFD: 26/12/2012 - 05:36:40 - [] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 03/08/2012 - 23:37:58 - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 10/04/2014 - 19:03:24 - [] ----D C:\Program Files (x86)\Sweet Home 3D
O43 - CFD: 26/12/2012 - 06:07:08 - [] ----D C:\Program Files (x86)\SymSilent
O43 - CFD: 26/12/2012 - 05:27:17 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 08/07/2013 - 00:51:51 - [] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 20/05/2014 - 18:50:45 - [] ----D C:\Program Files (x86)\VS Revo Group
O43 - CFD: 19/10/2012 - 19:31:31 - [] ----D C:\Program Files (x86)\WildGames
O43 - CFD: 19/10/2012 - 19:32:58 - [] ----D C:\Program Files (x86)\WildTangent Games
O43 - CFD: 20/06/2014 - 17:41:04 - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 19/10/2012 - 19:09:08 - [] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 02/06/2013 - 20:49:32 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 02/06/2013 - 20:49:31 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 26/07/2012 - 09:13:01 - [] ----D C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 26/07/2012 - 09:12:59 - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 17/06/2013 - 20:01:00 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 26/07/2012 - 09:13:01 - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 26/07/2012 - 09:12:59 - [] -SH-D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 15/11/2014 - 18:47:02 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 26/12/2012 - 05:57:48 - [] ----D C:\Program Files (x86)\Common Files\CyberLink
O43 - CFD: 18/10/2014 - 11:56:30 - [] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 26/12/2012 - 05:26:33 - [] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 18/10/2014 - 11:56:33 - [] ----D C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 26/07/2012 - 09:13:01 - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 21/09/2013 - 18:04:37 - [0] ----D C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 02/06/2013 - 20:49:29 - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 19/10/2012 - 19:07:17 - [] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 26/12/2012 - 05:30:53 - [] ----D C:\ProgramData\AMD
O43 - CFD: 26/12/2012 - 05:28:45 - [] ----D C:\ProgramData\Apple
O43 - CFD: 26/07/2012 - 08:22:08 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 26/12/2012 - 06:19:47 - [] ----D C:\ProgramData\ATI
O43 - CFD: 01/12/2013 - 16:05:43 - [] ----D C:\ProgramData\AVAST Software
O43 - CFD: 01/06/2013 - 20:45:05 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 24/06/2013 - 16:18:37 - [] ----D C:\ProgramData\CyberLink
O43 - CFD: 26/07/2012 - 08:22:08 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 26/07/2012 - 08:22:08 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 21/02/2014 - 20:22:06 - [] ----D C:\ProgramData\Hewlett-Packard
O43 - CFD: 26/12/2012 - 05:56:27 - [] ----D C:\ProgramData\install_clap
O43 - CFD: 03/10/2014 - 21:55:25 - [] ----D C:\ProgramData\McAfee
O43 - CFD: 01/06/2013 - 20:45:06 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 18/10/2014 - 11:59:41 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 26/03/2014 - 17:38:25 - [] ----D C:\ProgramData\Microsoft OneDrive
O43 - CFD: 19/10/2012 - 19:07:30 - [] ----D C:\ProgramData\Microsoft SkyDrive =>.Microsoft Corporation
O43 - CFD: 01/06/2013 - 20:45:06 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 21/09/2013 - 18:07:53 - [] ----D C:\ProgramData\Norton
O43 - CFD: 26/12/2012 - 06:04:42 - [] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 07/06/2013 - 22:09:05 - [] ----D C:\ProgramData\PRICache
O43 - CFD: 26/12/2012 - 05:35:04 - [] ----D C:\ProgramData\Ralink Bluetooth Stack
O43 - CFD: 26/12/2012 - 05:33:00 - [] ----D C:\ProgramData\Ralink Driver
O43 - CFD: 15/11/2014 - 13:54:47 - [] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 26/07/2012 - 08:22:08 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 26/12/2012 - 05:40:42 - [] ----D C:\ProgramData\Synaptics
O43 - CFD: 26/12/2012 - 06:00:40 - [] ----D C:\ProgramData\Temp
O43 - CFD: 26/07/2012 - 08:22:08 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 02/06/2013 - 16:39:03 - [] ----D C:\ProgramData\WildTangent
O43 - CFD: 21/02/2014 - 20:24:53 - [] ----D C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
O43 - CFD: 02/06/2013 - 15:48:23 - [] ----D C:\Users\Flavie\AppData\Roaming\Adobe
O43 - CFD: 02/06/2013 - 15:50:20 - [] ----D C:\Users\Flavie\AppData\Roaming\ATI
O43 - CFD: 02/12/2013 - 16:56:36 - [] ----D C:\Users\Flavie\AppData\Roaming\AVAST Software
O43 - CFD: 25/06/2014 - 20:24:02 - [] ----D C:\Users\Flavie\AppData\Roaming\CyberLink
O43 - CFD: 17/08/2014 - 19:49:00 - [] ----D C:\Users\Flavie\AppData\Roaming\Dropbox
O43 - CFD: 17/08/2014 - 19:48:59 - [] ----D C:\Users\Flavie\AppData\Roaming\DropboxMaster
O43 - CFD: 10/04/2014 - 19:14:09 - [] ----D C:\Users\Flavie\AppData\Roaming\eTeks
O43 - CFD: 17/06/2013 - 19:40:11 - [] ----D C:\Users\Flavie\AppData\Roaming\Hewlett-Packard
O43 - CFD: 21/02/2014 - 20:21:43 - [] ----D C:\Users\Flavie\AppData\Roaming\hpqlog
O43 - CFD: 20/05/2014 - 19:16:49 - [] ----D C:\Users\Flavie\AppData\Roaming\LibreOffice
O43 - CFD: 02/06/2013 - 17:29:53 - [] ----D C:\Users\Flavie\AppData\Roaming\Macromedia
O43 - CFD: 18/10/2014 - 12:28:59 - [] -S--D C:\Users\Flavie\AppData\Roaming\Microsoft
O43 - CFD: 02/06/2013 - 15:43:56 - [] ----D C:\Users\Flavie\AppData\Roaming\Synaptics
O43 - CFD: 29/09/2014 - 19:36:03 - [] ----D C:\Users\Flavie\AppData\Roaming\vlc
O43 - CFD: 25/06/2014 - 20:28:32 - [] ----D C:\Users\Flavie\AppData\Roaming\WebApp
O43 - CFD: 02/06/2013 - 16:39:03 - [] ----D C:\Users\Flavie\AppData\Roaming\WildTangent
O43 - CFD: 15/11/2014 - 18:57:51 - [] ----D C:\Users\Flavie\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 02/06/2013 - 15:51:47 - [] ----D C:\Users\Flavie\AppData\Local\AMD
O43 - CFD: 02/06/2013 - 15:42:32 - [] -SH-D C:\Users\Flavie\AppData\Local\Application Data
O43 - CFD: 08/06/2013 - 11:39:12 - [] ----D C:\Users\Flavie\AppData\Local\Apps
O43 - CFD: 02/06/2013 - 15:44:35 - [] ----D C:\Users\Flavie\AppData\Local\assembly
O43 - CFD: 02/06/2013 - 15:50:20 - [] ----D C:\Users\Flavie\AppData\Local\ATI
O43 - CFD: 23/08/2013 - 21:27:16 - [] ----D C:\Users\Flavie\AppData\Local\avgchrome
O43 - CFD: 02/06/2013 - 15:49:18 - [] ----D C:\Users\Flavie\AppData\Local\bluesoleil
O43 - CFD: 04/06/2013 - 21:05:29 - [] ----D C:\Users\Flavie\AppData\Local\CyberLink
O43 - CFD: 08/06/2013 - 11:41:32 - [0] ----D C:\Users\Flavie\AppData\Local\Deployment
O43 - CFD: 14/11/2014 - 22:35:52 - [] ----D C:\Users\Flavie\AppData\Local\Diagnostics
O43 - CFD: 08/07/2013 - 00:10:29 - [] ----D C:\Users\Flavie\AppData\Local\Downloaded Installations
O43 - CFD: 04/07/2013 - 19:00:32 - [0] ----D C:\Users\Flavie\AppData\Local\ElevatedDiagnostics
O43 - CFD: 08/07/2013 - 00:13:36 - [0] ----D C:\Users\Flavie\AppData\Local\Enounce
O43 - CFD: 08/06/2013 - 11:43:27 - [] ----D C:\Users\Flavie\AppData\Local\Google
O43 - CFD: 10/06/2013 - 17:06:57 - [] ----D C:\Users\Flavie\AppData\Local\Hewlett-Packard
O43 - CFD: 02/06/2013 - 15:42:32 - [] -SH-D C:\Users\Flavie\AppData\Local\Historique
O43 - CFD: 18/10/2014 - 11:35:30 - [] ----D C:\Users\Flavie\AppData\Local\Microsoft
O43 - CFD: 18/10/2014 - 12:32:07 - [] ----D C:\Users\Flavie\AppData\Local\Microsoft Help
O43 - CFD: 22/10/2013 - 20:24:48 - [] ----D C:\Users\Flavie\AppData\Local\Packages
O43 - CFD: 14/11/2014 - 23:40:35 - [] ----D C:\Users\Flavie\AppData\Local\Pay-By-Ads =>PUP.PaybyAds
O43 - CFD: 02/06/2013 - 15:45:09 - [] ----D C:\Users\Flavie\AppData\Local\Power2Go8
O43 - CFD: 18/05/2014 - 22:23:05 - [] ----D C:\Users\Flavie\AppData\Local\Programs
O43 - CFD: 15/11/2014 - 18:53:10 - [] ----D C:\Users\Flavie\AppData\Local\Temp
O43 - CFD: 02/06/2013 - 15:42:32 - [] -SH-D C:\Users\Flavie\AppData\Local\Temporary Internet Files
O43 - CFD: 18/10/2014 - 11:35:46 - [] ----D C:\Users\Flavie\AppData\Local\VirtualStore
O43 - CFD: 29/04/2014 - 14:46:00 - [] ----D C:\Users\Flavie\AppData\Local\Windows Live
O43 - CFD: 26/07/2012 - 09:13:00 - [] R---D C:\Users\Flavie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 26/07/2012 - 09:13:00 - [] R---D C:\Users\Flavie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 23/06/2014 - 18:01:07 - [] R---D C:\Users\Flavie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 17/08/2014 - 19:47:56 - [] ----D C:\Users\Flavie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
O43 - CFD: 26/07/2012 - 09:13:00 - [] ----D C:\Users\Flavie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 20/05/2014 - 18:50:49 - [] ----D C:\Users\Flavie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
O43 - CFD: 23/06/2014 - 18:01:07 - [] R---D C:\Users\Flavie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 26/07/2012 - 09:13:00 - [] R---D C:\Users\Flavie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
~ Program Folder: 128 Scanned in 00mn 00s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.B4A6F4F3D4EBC6B09C945A4761BA0B7A] - 14/11/2014 - 23:41:27 ---A- . (...) -- C:\Windows\win.ini [194]
O44 - LFC:[MD5.3648775086511D5EB906012BD5762533] - 14/11/2014 - 23:44:21 ---A- . (...) -- C:\Windows\PFRO.log [850210]
O44 - LFC:[MD5.4DC7E6511C1161F3AD4E97DDCB8E5107] - 14/11/2014 - 23:45:04 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [489208]
O44 - LFC:[MD5.EEBE51A654DEC13FD40401344034B4B4] - 15/11/2014 - 13:41:04 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1994362]
O44 - LFC:[MD5.39D945D76A1EEB23F1D86E5DB2349EF7] - 15/11/2014 - 13:41:04 ---A- . (...) -- C:\Windows\System32\perfc009.dat [158234]
O44 - LFC:[MD5.75E08AD02A7F6A8FAB82B7FBF86F8E61] - 15/11/2014 - 13:41:04 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [188148]
O44 - LFC:[MD5.5833AB229C304074E7A6B55089346797] - 15/11/2014 - 13:41:04 ---A- . (...) -- C:\Windows\System32\perfh009.dat [774720]
O44 - LFC:[MD5.D376A3DA5CA6A999D87A629F5AFE2BFE] - 15/11/2014 - 13:41:04 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [874848]
O44 - LFC:[MD5.7D90525B0E6D1AD781F2C4324363A346] - 15/11/2014 - 18:38:20 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.1004C4566CF1FA0F31945DEB019B48A8] - 15/11/2014 - 18:49:26 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1727373]
~ Files: 10 Scanned in 00mn 10s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Fournisseur de sécurité TLS/SSL.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Live Security Package.) -- C:\Windows\System32\livessp.dll
~ LSA: 9 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d'extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d'extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 17 Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
~ MWPE Keys: 9 Sca
0
Réponse 18 / 19
Utilisateur anonyme
15 nov. 2014 à 19:05
Re

Pour transmettre le rapport clique sur ce lien :


http://pjjoint.malekal.com/

Si problème utilise un des suivants

https://forums-fec.be/upload
https://www.cjoint.com/


Clique sur Parcourir et cherche le fichier : Nom_complet_du_fichier (Fichier demandé )
Clique sur Ouvrir.

Clique sur "Envoyer le fichier".

Un lien de cette forme :

http://pjjoint.malekal.com/cjlink.php?file=cj200905/cijSKAP5fU.txt

est ajouté dans la page.

Copie ce lien dans ta réponse.

0
Réponse 19 / 19
flavie_le Messages postés 54 Date d'inscription lundi 7 février 2011 Statut Membre Dernière intervention 15 novembre 2014
15 nov. 2014 à 20:22
Alors je ne sais pas où est le problème car je ne décoche absolument rien.

J'ai téléchargé ZHPDiag, puis j'ai cliqué sur Rechercher, et comme ça ne paraissait pas suffisant j'ai cliqué sur Complet.
A chaque fois j'ai copié les rapports reçus, pour les poster ici, sans jamais rien modifié.

Et que veut dire héberger le rapport ?

Merci.
0

Discussions similaires

j'ai renversé de l'eau sur mon pc portable
sardine -
moudubulbe -

14 réponses
Où est la touche SHIFT sur mon clavier d'ordi ?
joe! -
fernando-_ytb -

18 réponses