Qu'est-ce "yontoo 2.04"?
Fermé
Naëlimi
Messages postés
2
Date d'inscription
dimanche 24 février 2013
Statut
Membre
Dernière intervention
24 février 2013
-
24 févr. 2013 à 20:46
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 - 22 mai 2013 à 13:17
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 - 22 mai 2013 à 13:17
A voir également:
- Qu'est-ce "yontoo 2.04"?
- Gnu grub version 2.04 au demarrage ✓ - Forum Linux / Unix
- Yontoo ✓ - Forum Virus
- Yontoo 1.10.02 ✓ - Forum Virus
- Yontoo llc ✓ - Forum Virus
- Yontoo LLC ✓ - Forum Virus
24 réponses
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
24 févr. 2013 à 20:51
24 févr. 2013 à 20:51
Bonjour,
--> Télécharge et lance AdwCleaner (d'Xplode), choisis l'option "Suppression" et poste le rapport.
--> Télécharge et lance AdwCleaner (d'Xplode), choisis l'option "Suppression" et poste le rapport.
code-lyoko16
Messages postés
19
Date d'inscription
dimanche 12 mai 2013
Statut
Membre
Dernière intervention
22 mai 2013
1
12 mai 2013 à 18:12
12 mai 2013 à 18:12
Bonjour, yontoo c'étais installé sur mon pc, j'ai utiliser adwcleaner et voici mon raport :
# AdwCleaner v2.300 - Rapport créé le 12/05/2013 à 18:01:35
# Mis à jour le 28/04/2013 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : kevin - KEVIN-PC
# Mode de démarrage : Normal
# Exécuté depuis : C:\Users\kevin\Downloads\AdwCleaner.exe
# Option [Suppression]
***** [Services] *****
Arrêté & Supprimé : Yontoo Desktop Updater
***** [Fichiers / Dossiers] *****
Dossier Supprimé : C:\Program Files (x86)\DealPly
Dossier Supprimé : C:\Program Files (x86)\Yontoo
Dossier Supprimé : C:\ProgramData\Babylon
Dossier Supprimé : C:\ProgramData\Tarma Installer
Dossier Supprimé : C:\Users\kevin\AppData\Local\EoRezo
Dossier Supprimé : C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dffhljlmcohcioeilbnpmbchdcbhifdh
Dossier Supprimé : C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc
Dossier Supprimé : C:\Users\kevin\AppData\Local\tuto4pc_fr_33
Dossier Supprimé : C:\Users\kevin\AppData\LocalLow\Conduit
Dossier Supprimé : C:\Users\kevin\AppData\Roaming\Babylon
Dossier Supprimé : C:\Users\kevin\AppData\Roaming\DealPly
Dossier Supprimé : C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Dossier Supprimé : C:\Users\kevin\AppData\Roaming\Yontoo
Fichier Supprimé : C:\Users\kevin\eBay.lnk
Fichier Supprimé : C:\Users\Public\Desktop\eBay.lnk
Supprimé au redémarrage : C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dffhljlmcohcioeilbnpmbchdcbhifdh
***** [Registre] *****
Clé Supprimée : HKCU\Software\AppDataLow\Software\Conduit
Clé Supprimée : HKCU\Software\AppDataLow\Software\SmartBar
Clé Supprimée : HKCU\Software\BabylonToolbar
Clé Supprimée : HKCU\Software\Conduit
Clé Supprimée : HKCU\Software\DataMngr
Clé Supprimée : HKCU\Software\DealPly
Clé Supprimée : HKCU\Software\Google\Chrome\Extensions\dffhljlmcohcioeilbnpmbchdcbhifdh
Clé Supprimée : HKCU\Software\InstallCore
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Clé Supprimée : HKCU\Software\Tutorials
Clé Supprimée : HKCU\Software\TutoTag
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clé Supprimée : HKLM\Software\Babylon
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\Prod.cap
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Clé Supprimée : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Clé Supprimée : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Clé Supprimée : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Clé Supprimée : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Clé Supprimée : HKLM\Software\DataMngr
Clé Supprimée : HKLM\Software\DealPly
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dffhljlmcohcioeilbnpmbchdcbhifdh
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Clé Supprimée : HKLM\SOFTWARE\Tarma Installer
Valeur Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Yontoo Desktop]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [tuto4pc_fr_33]
***** [Navigateurs] *****
-\\ Internet Explorer v9.0.8112.16476
[OK] Le registre ne contient aucune entrée illégitime.
-\\ Google Chrome v26.0.1410.64
Fichier : C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Supprimée [l.2437] : homepage = "hxxp://www1.delta-search.com/?affID=121240&babsrc=HP_ss&mntrId=044D78929C090A3D",
*************************
AdwCleaner[R1].txt - [6031 octets] - [12/05/2013 18:01:07]
AdwCleaner[S1].txt - [5711 octets] - [12/05/2013 18:01:35]
########## EOF - C:\AdwCleaner[S1].txt - [5771 octets] ##########
# AdwCleaner v2.300 - Rapport créé le 12/05/2013 à 18:01:35
# Mis à jour le 28/04/2013 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : kevin - KEVIN-PC
# Mode de démarrage : Normal
# Exécuté depuis : C:\Users\kevin\Downloads\AdwCleaner.exe
# Option [Suppression]
***** [Services] *****
Arrêté & Supprimé : Yontoo Desktop Updater
***** [Fichiers / Dossiers] *****
Dossier Supprimé : C:\Program Files (x86)\DealPly
Dossier Supprimé : C:\Program Files (x86)\Yontoo
Dossier Supprimé : C:\ProgramData\Babylon
Dossier Supprimé : C:\ProgramData\Tarma Installer
Dossier Supprimé : C:\Users\kevin\AppData\Local\EoRezo
Dossier Supprimé : C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dffhljlmcohcioeilbnpmbchdcbhifdh
Dossier Supprimé : C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc
Dossier Supprimé : C:\Users\kevin\AppData\Local\tuto4pc_fr_33
Dossier Supprimé : C:\Users\kevin\AppData\LocalLow\Conduit
Dossier Supprimé : C:\Users\kevin\AppData\Roaming\Babylon
Dossier Supprimé : C:\Users\kevin\AppData\Roaming\DealPly
Dossier Supprimé : C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Dossier Supprimé : C:\Users\kevin\AppData\Roaming\Yontoo
Fichier Supprimé : C:\Users\kevin\eBay.lnk
Fichier Supprimé : C:\Users\Public\Desktop\eBay.lnk
Supprimé au redémarrage : C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dffhljlmcohcioeilbnpmbchdcbhifdh
***** [Registre] *****
Clé Supprimée : HKCU\Software\AppDataLow\Software\Conduit
Clé Supprimée : HKCU\Software\AppDataLow\Software\SmartBar
Clé Supprimée : HKCU\Software\BabylonToolbar
Clé Supprimée : HKCU\Software\Conduit
Clé Supprimée : HKCU\Software\DataMngr
Clé Supprimée : HKCU\Software\DealPly
Clé Supprimée : HKCU\Software\Google\Chrome\Extensions\dffhljlmcohcioeilbnpmbchdcbhifdh
Clé Supprimée : HKCU\Software\InstallCore
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Clé Supprimée : HKCU\Software\Tutorials
Clé Supprimée : HKCU\Software\TutoTag
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clé Supprimée : HKLM\Software\Babylon
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\Prod.cap
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Clé Supprimée : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Clé Supprimée : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Clé Supprimée : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Clé Supprimée : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Clé Supprimée : HKLM\Software\DataMngr
Clé Supprimée : HKLM\Software\DealPly
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dffhljlmcohcioeilbnpmbchdcbhifdh
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Clé Supprimée : HKLM\SOFTWARE\Tarma Installer
Valeur Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Yontoo Desktop]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [tuto4pc_fr_33]
***** [Navigateurs] *****
-\\ Internet Explorer v9.0.8112.16476
[OK] Le registre ne contient aucune entrée illégitime.
-\\ Google Chrome v26.0.1410.64
Fichier : C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Supprimée [l.2437] : homepage = "hxxp://www1.delta-search.com/?affID=121240&babsrc=HP_ss&mntrId=044D78929C090A3D",
*************************
AdwCleaner[R1].txt - [6031 octets] - [12/05/2013 18:01:07]
AdwCleaner[S1].txt - [5711 octets] - [12/05/2013 18:01:35]
########## EOF - C:\AdwCleaner[S1].txt - [5771 octets] ##########
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
12 mai 2013 à 18:17
12 mai 2013 à 18:17
Bonjour code-lyoko16,
--> Relance AdwCleaner et choisis "Désinstaller".
--> Télécharge ZHPDiag (de Nicolas Coolman).
--> Double-clique sur le fichier d'installation. Installe ZHPDiag avec les paramètres par défaut (laisse "Créer une icône sur le Bureau" coché).
--> Lance ZHPDiag en double-cliquant sur le raccourci présent sur ton Bureau.
--> Clique sur la loupe (Lancer le diagnostic) puis laisse l'outil scanner.
--> Une fois le scan terminé, un rapport est créé sur le Bureau.
--> Utilise le site http://pjjoint.malekal.com/ pour me transmettre le rapport ZHPDiag car il est plutôt long. Copie-colle le lien donné par le site dans ton prochain message.
--> Relance AdwCleaner et choisis "Désinstaller".
--> Télécharge ZHPDiag (de Nicolas Coolman).
--> Double-clique sur le fichier d'installation. Installe ZHPDiag avec les paramètres par défaut (laisse "Créer une icône sur le Bureau" coché).
--> Lance ZHPDiag en double-cliquant sur le raccourci présent sur ton Bureau.
--> Clique sur la loupe (Lancer le diagnostic) puis laisse l'outil scanner.
--> Une fois le scan terminé, un rapport est créé sur le Bureau.
--> Utilise le site http://pjjoint.malekal.com/ pour me transmettre le rapport ZHPDiag car il est plutôt long. Copie-colle le lien donné par le site dans ton prochain message.
code-lyoko16
Messages postés
19
Date d'inscription
dimanche 12 mai 2013
Statut
Membre
Dernière intervention
22 mai 2013
1
12 mai 2013 à 18:33
12 mai 2013 à 18:33
Bonjour Destrio5,
J'ai déjà désinstaller adwcleaner,
Mais pour installer ZHPDiag je ne trouve pas ou cliquer car il y a de la publiciter partout ....
J'ai déjà désinstaller adwcleaner,
Mais pour installer ZHPDiag je ne trouve pas ou cliquer car il y a de la publiciter partout ....
code-lyoko16
Messages postés
19
Date d'inscription
dimanche 12 mai 2013
Statut
Membre
Dernière intervention
22 mai 2013
1
12 mai 2013 à 18:37
12 mai 2013 à 18:37
non c'est bon ^^ j'ai trouver fallé juste allais en bas. Je vous enverrais le rapport demain je pense car le scan est long ..... merci :)
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
code-lyoko16
Messages postés
19
Date d'inscription
dimanche 12 mai 2013
Statut
Membre
Dernière intervention
22 mai 2013
1
12 mai 2013 à 18:45
12 mai 2013 à 18:45
Bonjour,
https://pjjoint.malekal.com/files.php?id=ZHPDiag_20130512_r10t12p15t7v7
Que dois je faire après ?
https://pjjoint.malekal.com/files.php?id=ZHPDiag_20130512_r10t12p15t7v7
Que dois je faire après ?
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
12 mai 2013 à 19:01
12 mai 2013 à 19:01
--> Désinstalle McAfee Security Scan Plus.
--> Copie tout le texte présent en gras ci-dessous (Sélectionne-le, clique droit dessus et choisis "Copier").
SysRestore
G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.3 (Désactivé)
G2 - GCE: Preference [User Data\Default] [fmfnfnpmhcllokmkepffndflpnadjmma] DealPly Shopping v.3.5.0.0 (Activé)
G2 - GCE: Preference [User Data\Default] [jmhhdaimhfblnamlcdijbaakkifakade] FindLyrics v.1.111 (Activé)
O2 - BHO: FindLyrics [64Bits] - {44C9CC91-6A4A-4579-B4B5-899ECDC18DC6} . (.FindLyrics - FindLyrics.) -- C:\Program Files (x86)\FindLyrics\FindLyrics.dll
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FindLyrics Update.job [378]
[MD5.00000000000000000000000000000000] [APT] [DealPly] (...) -- C:\Users\kevin\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [DealPlyUpdate] (...) -- C:\Program Files (x86)\DealPly\DealPlyUpdate.exe (.not file.) [0]
[MD5.8047D435CD7DDD44FC4C2F505320F9B3] [APT] [FindLyrics Update] (.FindLyrics.) -- C:\Program Files (x86)\FindLyrics\flcsur.exe [117760]
O42 - Logiciel: FindLyrics - (.FindLyrics.) [HKLM][64Bits] -- findlyrics@findlyrics.co
[HKCU\Software\AppDataLow\Software\findlyrics]
O43 - CFD: 12/05/2013 - 17:19:44 - [0,382] ----D C:\Program Files (x86)\FindLyrics
O64 - Services: CurCS - ??\??\???? - Pas de propriétaire (esgiguard) .(...) - LEGACY_ESGIGUARD
O90 - PUC: "25BD30E1BC5D83343A835E62DDD4D41B" . (.Bing Bar.) -- C:\Windows\Installer\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}\icon_installer_ico
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}]
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32]
[HKLM\Software\Classes\Installer\Features\25BD30E1BC5D83343A835E62DDD4D41B]
[HKLM\Software\Classes\Installer\Products\25BD30E1BC5D83343A835E62DDD4D41B]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\25BD30E1BC5D83343A835E62DDD4D41B]
[HKLM\Software\Wow6432Node\Classes\Installer\Features\25BD30E1BC5D83343A835E62DDD4D41B]
[HKLM\Software\Wow6432Node\Classes\Installer\Products\25BD30E1BC5D83343A835E62DDD4D41B]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\findlyrics@findlyrics.co]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{44C9CC91-6A4A-4579-B4B5-899ECDC18DC6}]
C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfnfnpmhcllokmkepffndflpnadjmma
EmptyCLSID
EmptyFlash
EmptyTemp
--> Puis lance ZHPFix depuis le raccourci situé sur ton Bureau.
--> Clique sur le bouton "Coller le presse-papier".
--> Dans l'encadré principal, tu verras donc les lignes que tu as copié précédemment apparaître. Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.
--> Clique sur "GO" pour lancer le nettoyage. Laisse l'outil travailler et ne touche à rien.
--> Accepte la désinstallation des programmes si proposé, mais refuse le redémarrage de ton PC si également proposé, car cela stopperait ZHPFix.
--> Une fois terminé, copie-colle le rapport dans ton prochain message.
--> Copie tout le texte présent en gras ci-dessous (Sélectionne-le, clique droit dessus et choisis "Copier").
SysRestore
G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.3 (Désactivé)
G2 - GCE: Preference [User Data\Default] [fmfnfnpmhcllokmkepffndflpnadjmma] DealPly Shopping v.3.5.0.0 (Activé)
G2 - GCE: Preference [User Data\Default] [jmhhdaimhfblnamlcdijbaakkifakade] FindLyrics v.1.111 (Activé)
O2 - BHO: FindLyrics [64Bits] - {44C9CC91-6A4A-4579-B4B5-899ECDC18DC6} . (.FindLyrics - FindLyrics.) -- C:\Program Files (x86)\FindLyrics\FindLyrics.dll
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FindLyrics Update.job [378]
[MD5.00000000000000000000000000000000] [APT] [DealPly] (...) -- C:\Users\kevin\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [DealPlyUpdate] (...) -- C:\Program Files (x86)\DealPly\DealPlyUpdate.exe (.not file.) [0]
[MD5.8047D435CD7DDD44FC4C2F505320F9B3] [APT] [FindLyrics Update] (.FindLyrics.) -- C:\Program Files (x86)\FindLyrics\flcsur.exe [117760]
O42 - Logiciel: FindLyrics - (.FindLyrics.) [HKLM][64Bits] -- findlyrics@findlyrics.co
[HKCU\Software\AppDataLow\Software\findlyrics]
O43 - CFD: 12/05/2013 - 17:19:44 - [0,382] ----D C:\Program Files (x86)\FindLyrics
O64 - Services: CurCS - ??\??\???? - Pas de propriétaire (esgiguard) .(...) - LEGACY_ESGIGUARD
O90 - PUC: "25BD30E1BC5D83343A835E62DDD4D41B" . (.Bing Bar.) -- C:\Windows\Installer\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}\icon_installer_ico
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}]
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32]
[HKLM\Software\Classes\Installer\Features\25BD30E1BC5D83343A835E62DDD4D41B]
[HKLM\Software\Classes\Installer\Products\25BD30E1BC5D83343A835E62DDD4D41B]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\25BD30E1BC5D83343A835E62DDD4D41B]
[HKLM\Software\Wow6432Node\Classes\Installer\Features\25BD30E1BC5D83343A835E62DDD4D41B]
[HKLM\Software\Wow6432Node\Classes\Installer\Products\25BD30E1BC5D83343A835E62DDD4D41B]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\findlyrics@findlyrics.co]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{44C9CC91-6A4A-4579-B4B5-899ECDC18DC6}]
C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfnfnpmhcllokmkepffndflpnadjmma
EmptyCLSID
EmptyFlash
EmptyTemp
--> Puis lance ZHPFix depuis le raccourci situé sur ton Bureau.
--> Clique sur le bouton "Coller le presse-papier".
--> Dans l'encadré principal, tu verras donc les lignes que tu as copié précédemment apparaître. Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.
--> Clique sur "GO" pour lancer le nettoyage. Laisse l'outil travailler et ne touche à rien.
--> Accepte la désinstallation des programmes si proposé, mais refuse le redémarrage de ton PC si également proposé, car cela stopperait ZHPFix.
--> Une fois terminé, copie-colle le rapport dans ton prochain message.
code-lyoko16
Messages postés
19
Date d'inscription
dimanche 12 mai 2013
Statut
Membre
Dernière intervention
22 mai 2013
1
12 mai 2013 à 19:32
12 mai 2013 à 19:32
Bonjour, excuse moi mais :
j'ai copier :
SysRestore
G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.3 (Désactivé)
G2 - GCE: Preference [User Data\Default] [fmfnfnpmhcllokmkepffndflpnadjmma] DealPly Shopping v.3.5.0.0 (Activé)
G2 - GCE: Preference [User Data\Default] [jmhhdaimhfblnamlcdijbaakkifakade] FindLyrics v.1.111 (Activé)
O2 - BHO: FindLyrics [64Bits] - {44C9CC91-6A4A-4579-B4B5-899ECDC18DC6} . (.FindLyrics - FindLyrics.) -- C:\Program Files (x86)\FindLyrics\FindLyrics.dll
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FindLyrics Update.job [378]
[MD5.00000000000000000000000000000000] [APT] [DealPly] (...) -- C:\Users\kevin\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [DealPlyUpdate] (...) -- C:\Program Files (x86)\DealPly\DealPlyUpdate.exe (.not file.) [0]
[MD5.8047D435CD7DDD44FC4C2F505320F9B3] [APT] [FindLyrics Update] (.FindLyrics.) -- C:\Program Files (x86)\FindLyrics\flcsur.exe [117760]
O42 - Logiciel: FindLyrics - (.FindLyrics.) [HKLM][64Bits] -- findlyrics@findlyrics.co
[HKCU\Software\AppDataLow\Software\findlyrics]
O43 - CFD: 12/05/2013 - 17:19:44 - [0,382] ----D C:\Program Files (x86)\FindLyrics
O64 - Services: CurCS - ??\??\???? - Pas de propriétaire (esgiguard) .(...) - LEGACY_ESGIGUARD
O90 - PUC: "25BD30E1BC5D83343A835E62DDD4D41B" . (.Bing Bar.) -- C:\Windows\Installer\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}\icon_installer_ico
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}]
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32]
[HKLM\Software\Classes\Installer\Features\25BD30E1BC5D83343A835E62DDD4D41B]
[HKLM\Software\Classes\Installer\Products\25BD30E1BC5D83343A835E62DDD4D41B]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\25BD30E1BC5D83343A835E62DDD4D41B]
[HKLM\Software\Wow6432Node\Classes\Installer\Features\25BD30E1BC5D83343A835E62DDD4D41B]
[HKLM\Software\Wow6432Node\Classes\Installer\Products\25BD30E1BC5D83343A835E62DDD4D41B]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\findlyrics@findlyrics.co]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{44C9CC91-6A4A-4579-B4B5-899ECDC18DC6}]
C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfnfnpmhcllokmkepffndflpnadjmma
EmptyCLSID
EmptyFlash
EmptyTemp
Dans le cadre blanc puis j'ai cliker sur coller dans le presse papier mais rien ne se passe
j'ai copier :
SysRestore
G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.3 (Désactivé)
G2 - GCE: Preference [User Data\Default] [fmfnfnpmhcllokmkepffndflpnadjmma] DealPly Shopping v.3.5.0.0 (Activé)
G2 - GCE: Preference [User Data\Default] [jmhhdaimhfblnamlcdijbaakkifakade] FindLyrics v.1.111 (Activé)
O2 - BHO: FindLyrics [64Bits] - {44C9CC91-6A4A-4579-B4B5-899ECDC18DC6} . (.FindLyrics - FindLyrics.) -- C:\Program Files (x86)\FindLyrics\FindLyrics.dll
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FindLyrics Update.job [378]
[MD5.00000000000000000000000000000000] [APT] [DealPly] (...) -- C:\Users\kevin\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [DealPlyUpdate] (...) -- C:\Program Files (x86)\DealPly\DealPlyUpdate.exe (.not file.) [0]
[MD5.8047D435CD7DDD44FC4C2F505320F9B3] [APT] [FindLyrics Update] (.FindLyrics.) -- C:\Program Files (x86)\FindLyrics\flcsur.exe [117760]
O42 - Logiciel: FindLyrics - (.FindLyrics.) [HKLM][64Bits] -- findlyrics@findlyrics.co
[HKCU\Software\AppDataLow\Software\findlyrics]
O43 - CFD: 12/05/2013 - 17:19:44 - [0,382] ----D C:\Program Files (x86)\FindLyrics
O64 - Services: CurCS - ??\??\???? - Pas de propriétaire (esgiguard) .(...) - LEGACY_ESGIGUARD
O90 - PUC: "25BD30E1BC5D83343A835E62DDD4D41B" . (.Bing Bar.) -- C:\Windows\Installer\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}\icon_installer_ico
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}]
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32]
[HKLM\Software\Classes\Installer\Features\25BD30E1BC5D83343A835E62DDD4D41B]
[HKLM\Software\Classes\Installer\Products\25BD30E1BC5D83343A835E62DDD4D41B]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\25BD30E1BC5D83343A835E62DDD4D41B]
[HKLM\Software\Wow6432Node\Classes\Installer\Features\25BD30E1BC5D83343A835E62DDD4D41B]
[HKLM\Software\Wow6432Node\Classes\Installer\Products\25BD30E1BC5D83343A835E62DDD4D41B]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\findlyrics@findlyrics.co]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{44C9CC91-6A4A-4579-B4B5-899ECDC18DC6}]
C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfnfnpmhcllokmkepffndflpnadjmma
EmptyCLSID
EmptyFlash
EmptyTemp
Dans le cadre blanc puis j'ai cliker sur coller dans le presse papier mais rien ne se passe
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
12 mai 2013 à 20:42
12 mai 2013 à 20:42
Clique sur "GO".
code-lyoko16
Messages postés
19
Date d'inscription
dimanche 12 mai 2013
Statut
Membre
Dernière intervention
22 mai 2013
1
13 mai 2013 à 17:58
13 mai 2013 à 17:58
go je trouve pas mais je trouve : lancer le diagnostic
code-lyoko16
Messages postés
19
Date d'inscription
dimanche 12 mai 2013
Statut
Membre
Dernière intervention
22 mai 2013
1
13 mai 2013 à 18:00
13 mai 2013 à 18:00
quel icone je dois cliker dessus ?
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
13 mai 2013 à 18:05
13 mai 2013 à 18:05
Lance ZHPFix et non ZHPDiag.
code-lyoko16
Messages postés
19
Date d'inscription
dimanche 12 mai 2013
Statut
Membre
Dernière intervention
22 mai 2013
1
13 mai 2013 à 18:09
13 mai 2013 à 18:09
Rapport de ZHPFix 2013.5.11.1 par Nicolas Coolman, Update du 11/05/2013
Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-13-05-2013-18-07-56.txt
Run by kevin at 13/05/2013 18:07:56
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Corbeille vidée
========== Logiciel(s) ==========
ABSENT Uninstall Process: c:\program files (x86)\findlyrics\uninstall.exe
========== Clé(s) du Registre ==========
SUPPRIME [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\findlyrics@findlyrics.co]
ABSENT Key: CLSID BHO: {44C9CC91-6A4A-4579-B4B5-899ECDC18DC6}
SUPPRIME Key: HKCU\Software\AppDataLow\Software\findlyrics
ERREUR Key: Service Legacy: LEGACY_ESGIGUARD
SUPPRIME Key: \Software\Classes\Installer\Products\\25BD30E1BC5D83343A835E62DDD4D41B
SUPPRIME Key: \Software\Classes\Installer\Features\25BD30E1BC5D83343A835E62DDD4D41B
SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS
SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}
SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32
ABSENT Key: HKLM\Software\Classes\Installer\Features\25BD30E1BC5D83343A835E62DDD4D41B
ABSENT Key: HKLM\Software\Classes\Installer\Products\25BD30E1BC5D83343A835E62DDD4D41B
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\25BD30E1BC5D83343A835E62DDD4D41B
ABSENT Key: HKLM\Software\Wow6432Node\Classes\Installer\Features\25BD30E1BC5D83343A835E62DDD4D41B
ABSENT Key: HKLM\Software\Wow6432Node\Classes\Installer\Products\25BD30E1BC5D83343A835E62DDD4D41B
ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\findlyrics@findlyrics.co
ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{44C9CC91-6A4A-4579-B4B5-899ECDC18DC6}
========== Préférences navigateur ==========
ABSENT Folder Chrome: eooncjejnppfjjklapaamhcdmjbilmde
ABSENT Folder Chrome: fmfnfnpmhcllokmkepffndflpnadjmma
ABSENT Folder Chrome: jmhhdaimhfblnamlcdijbaakkifakade
========== Dossier(s) ==========
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{009AA38B-4298-4EA8-9243-FFA665668B4E}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{027A7180-0839-40F6-9AFD-B6FB4B191A5C}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{0BD4042E-FEBA-4750-AA56-D76EBF01AEE8}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{0DEBB1B5-9D05-4514-B9DE-713A4C1DF27D}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{0E84CE51-E0D1-41D1-A6C3-A1EFB2BC84A3}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{10978BA9-D2F5-47A9-8A32-9DF91965B78E}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{13BC57DC-F629-4879-AE70-090D7DDCC1C9}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{144A4BD4-B358-4040-855C-7BCD28A997ED}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{1550F363-C94F-448A-82AA-A5730231527F}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{19498F27-57B1-4541-AE2C-1CF0C29D4E78}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{1B0D2E7F-0AFF-4985-AF16-6525907340BA}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{1D387B22-D36F-41D9-9C12-F0A56506D726}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{1E7AA941-3BB5-4AB9-BDAD-12949CA1D8B8}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{22B74556-06C4-4473-B76B-86F684D8AFAB}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{25F5F821-286F-49F1-844C-858CEAD2E511}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{3F837A2B-2412-41BD-A18F-B7F312A09A59}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{43B78203-C548-40DF-944D-A061EED8E9F8}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{47E2C509-4D0B-4595-97E5-1AAAB4726A02}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{49A7E418-63A4-4F0E-8BBD-3770A2F46240}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{4C773629-E898-4302-B569-C8EE26AE06AC}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{5B654572-805F-48FC-9E7B-F0F2B6F4C9B4}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{5CADDD43-92D8-4515-BF85-964FA5D56BA9}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{5CC7C107-9A6D-4FD5-9D7A-D5168D4138EE}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{5F540CC8-B56A-46CE-B72D-C7286B80EFA9}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{6825681E-D350-4D9B-8C32-AA52D3C7E60E}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{710A7558-3F2A-4074-BDAC-7C078BED27D1}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{734796CB-CE8D-4233-8BB8-D27E9D988CAD}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{73AFD4A0-EF32-48AA-8775-C6E191B01353}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{781EBCB5-5638-4A8B-A693-26D83ECCFFD5}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{7A4AD1ED-EB4D-40C8-833E-CDC1F0DA7239}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{7AFFB21A-E3AC-4366-97AB-E68DEA1B296F}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{8EB2AF3C-83D9-47CC-9D98-DF110F207BC5}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{93032E82-1C2A-47D8-B8BD-839E853C0FA2}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{931C4F5F-A384-427A-91FC-56308024FEE7}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{9AC983AF-2029-47FB-A67E-E93B7C06F2BE}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{A02DCB2B-B740-421B-A1DC-C873B1AA4DC5}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{A3F2FB71-9E0D-4013-AB19-369413215F9A}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{A7166F34-BF2D-4900-8591-7DEDA42CE692}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{AE16A690-51AD-4995-8207-5B562057A337}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{B205F302-39C7-4028-B637-223BDA62E8C4}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{B88CAA9C-BDA7-4C31-A208-6B54CBE89CED}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{BBC7185C-CC70-4CB7-812E-A1E51D02FBA4}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{BD01939B-19BA-48D1-A7EB-D0988D0C7ACE}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{C4E33019-80B3-40B1-88F6-02CF5E305D18}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{C4FC3C09-55DA-4189-8E35-197C1BB9CB92}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{C6F58171-A3BA-4CFD-B633-58E2EA5E6D4E}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{CB77E0FD-D86D-407E-9131-0F3D8E9C2F6A}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{CD85D9C2-729F-4329-8847-4AD6E0BE4508}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{CFA8EFF5-92C6-4CC8-8786-E856FBC4E999}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{D2C4AACA-BAB5-46D4-99E1-61D660E78B7D}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{E0A7C140-3F3B-45FF-BEE9-786D5B0B6202}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{E13F981F-4A79-4BC7-AC98-DB69575D3B5F}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{E2B83E3A-D28C-416E-AC09-2BE22A27D498}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{E3FE8781-4479-4049-ADB2-D94F1F145195}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{FF5A4F44-9A08-4E76-B5BF-CBC931BA1667}
SUPPRIME Flash Cookies
SUPPRIME Temporaires Windows
========== Fichier(s) ==========
ABSENT File: c:\program files (x86)\findlyrics\findlyrics.dll
ABSENT File: c:\windows\tasks\findlyrics update.job
ABSENT Folder/File: c:\program files (x86)\findlyrics\flcsur.exe
SUPPRIME Flash Cookies
SUPPRIME Temporaires Windows
========== Tache planifiée ==========
SUPPRIME Task: DealPly
SUPPRIME Task: DealPlyUpdate
SUPPRIME Task: FindLyrics Update
========== Restauration Système ==========
Point de restauration du système créé avec succès
========== Récapitulatif ==========
16 : Clé(s) du Registre
57 : Dossier(s)
5 : Fichier(s)
1 : Logiciel(s)
3 : Préférences navigateur
3 : Tache planifiée
1 : Restauration Système
End of clean in 00mn 33s
========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 13/05/2013 18:07:56 [7696]
Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-13-05-2013-18-07-56.txt
Run by kevin at 13/05/2013 18:07:56
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Corbeille vidée
========== Logiciel(s) ==========
ABSENT Uninstall Process: c:\program files (x86)\findlyrics\uninstall.exe
========== Clé(s) du Registre ==========
SUPPRIME [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\findlyrics@findlyrics.co]
ABSENT Key: CLSID BHO: {44C9CC91-6A4A-4579-B4B5-899ECDC18DC6}
SUPPRIME Key: HKCU\Software\AppDataLow\Software\findlyrics
ERREUR Key: Service Legacy: LEGACY_ESGIGUARD
SUPPRIME Key: \Software\Classes\Installer\Products\\25BD30E1BC5D83343A835E62DDD4D41B
SUPPRIME Key: \Software\Classes\Installer\Features\25BD30E1BC5D83343A835E62DDD4D41B
SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS
SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}
SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32
ABSENT Key: HKLM\Software\Classes\Installer\Features\25BD30E1BC5D83343A835E62DDD4D41B
ABSENT Key: HKLM\Software\Classes\Installer\Products\25BD30E1BC5D83343A835E62DDD4D41B
SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\25BD30E1BC5D83343A835E62DDD4D41B
ABSENT Key: HKLM\Software\Wow6432Node\Classes\Installer\Features\25BD30E1BC5D83343A835E62DDD4D41B
ABSENT Key: HKLM\Software\Wow6432Node\Classes\Installer\Products\25BD30E1BC5D83343A835E62DDD4D41B
ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\findlyrics@findlyrics.co
ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{44C9CC91-6A4A-4579-B4B5-899ECDC18DC6}
========== Préférences navigateur ==========
ABSENT Folder Chrome: eooncjejnppfjjklapaamhcdmjbilmde
ABSENT Folder Chrome: fmfnfnpmhcllokmkepffndflpnadjmma
ABSENT Folder Chrome: jmhhdaimhfblnamlcdijbaakkifakade
========== Dossier(s) ==========
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{009AA38B-4298-4EA8-9243-FFA665668B4E}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{027A7180-0839-40F6-9AFD-B6FB4B191A5C}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{0BD4042E-FEBA-4750-AA56-D76EBF01AEE8}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{0DEBB1B5-9D05-4514-B9DE-713A4C1DF27D}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{0E84CE51-E0D1-41D1-A6C3-A1EFB2BC84A3}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{10978BA9-D2F5-47A9-8A32-9DF91965B78E}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{13BC57DC-F629-4879-AE70-090D7DDCC1C9}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{144A4BD4-B358-4040-855C-7BCD28A997ED}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{1550F363-C94F-448A-82AA-A5730231527F}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{19498F27-57B1-4541-AE2C-1CF0C29D4E78}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{1B0D2E7F-0AFF-4985-AF16-6525907340BA}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{1D387B22-D36F-41D9-9C12-F0A56506D726}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{1E7AA941-3BB5-4AB9-BDAD-12949CA1D8B8}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{22B74556-06C4-4473-B76B-86F684D8AFAB}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{25F5F821-286F-49F1-844C-858CEAD2E511}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{3F837A2B-2412-41BD-A18F-B7F312A09A59}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{43B78203-C548-40DF-944D-A061EED8E9F8}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{47E2C509-4D0B-4595-97E5-1AAAB4726A02}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{49A7E418-63A4-4F0E-8BBD-3770A2F46240}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{4C773629-E898-4302-B569-C8EE26AE06AC}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{5B654572-805F-48FC-9E7B-F0F2B6F4C9B4}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{5CADDD43-92D8-4515-BF85-964FA5D56BA9}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{5CC7C107-9A6D-4FD5-9D7A-D5168D4138EE}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{5F540CC8-B56A-46CE-B72D-C7286B80EFA9}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{6825681E-D350-4D9B-8C32-AA52D3C7E60E}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{710A7558-3F2A-4074-BDAC-7C078BED27D1}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{734796CB-CE8D-4233-8BB8-D27E9D988CAD}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{73AFD4A0-EF32-48AA-8775-C6E191B01353}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{781EBCB5-5638-4A8B-A693-26D83ECCFFD5}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{7A4AD1ED-EB4D-40C8-833E-CDC1F0DA7239}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{7AFFB21A-E3AC-4366-97AB-E68DEA1B296F}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{8EB2AF3C-83D9-47CC-9D98-DF110F207BC5}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{93032E82-1C2A-47D8-B8BD-839E853C0FA2}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{931C4F5F-A384-427A-91FC-56308024FEE7}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{9AC983AF-2029-47FB-A67E-E93B7C06F2BE}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{A02DCB2B-B740-421B-A1DC-C873B1AA4DC5}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{A3F2FB71-9E0D-4013-AB19-369413215F9A}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{A7166F34-BF2D-4900-8591-7DEDA42CE692}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{AE16A690-51AD-4995-8207-5B562057A337}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{B205F302-39C7-4028-B637-223BDA62E8C4}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{B88CAA9C-BDA7-4C31-A208-6B54CBE89CED}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{BBC7185C-CC70-4CB7-812E-A1E51D02FBA4}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{BD01939B-19BA-48D1-A7EB-D0988D0C7ACE}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{C4E33019-80B3-40B1-88F6-02CF5E305D18}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{C4FC3C09-55DA-4189-8E35-197C1BB9CB92}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{C6F58171-A3BA-4CFD-B633-58E2EA5E6D4E}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{CB77E0FD-D86D-407E-9131-0F3D8E9C2F6A}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{CD85D9C2-729F-4329-8847-4AD6E0BE4508}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{CFA8EFF5-92C6-4CC8-8786-E856FBC4E999}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{D2C4AACA-BAB5-46D4-99E1-61D660E78B7D}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{E0A7C140-3F3B-45FF-BEE9-786D5B0B6202}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{E13F981F-4A79-4BC7-AC98-DB69575D3B5F}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{E2B83E3A-D28C-416E-AC09-2BE22A27D498}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{E3FE8781-4479-4049-ADB2-D94F1F145195}
SUPPRIME Folder: C:\Users\kevin\AppData\Local\{FF5A4F44-9A08-4E76-B5BF-CBC931BA1667}
SUPPRIME Flash Cookies
SUPPRIME Temporaires Windows
========== Fichier(s) ==========
ABSENT File: c:\program files (x86)\findlyrics\findlyrics.dll
ABSENT File: c:\windows\tasks\findlyrics update.job
ABSENT Folder/File: c:\program files (x86)\findlyrics\flcsur.exe
SUPPRIME Flash Cookies
SUPPRIME Temporaires Windows
========== Tache planifiée ==========
SUPPRIME Task: DealPly
SUPPRIME Task: DealPlyUpdate
SUPPRIME Task: FindLyrics Update
========== Restauration Système ==========
Point de restauration du système créé avec succès
========== Récapitulatif ==========
16 : Clé(s) du Registre
57 : Dossier(s)
5 : Fichier(s)
1 : Logiciel(s)
3 : Préférences navigateur
3 : Tache planifiée
1 : Restauration Système
End of clean in 00mn 33s
========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 13/05/2013 18:07:56 [7696]
code-lyoko16
Messages postés
19
Date d'inscription
dimanche 12 mai 2013
Statut
Membre
Dernière intervention
22 mai 2013
1
13 mai 2013 à 18:10
13 mai 2013 à 18:10
aussi j'ai retelécharger camsutio
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
Modifié par Destrio5 le 13/05/2013 à 18:28
Modifié par Destrio5 le 13/05/2013 à 18:28
Je voudrais un nouveau rapport ZHPDiag.
code-lyoko16
Messages postés
19
Date d'inscription
dimanche 12 mai 2013
Statut
Membre
Dernière intervention
22 mai 2013
1
13 mai 2013 à 18:45
13 mai 2013 à 18:45
Rapport de ZHPDiag v2013.5.11.97 par Nicolas Coolman, Update du 11/05/2013
Run by kevin at 13/05/2013 18:41:44
State : Nouvelle version disponible
WhiteList : Enable
High Elevated Privileges : OK
UAC : Activate by user
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
GCIE: Google Chrome v26.0.1410.64 (Defaut)
---\\ Windows Product Information
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7QJB7
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System Protection
avast! Free Antivirus v8.0.1483.0
Windows Defender W7
---\\ System Optimizer
CCleaner v4.01 =>Piriform Ltd
---\\ Peer To Peer (P2P)
---\\ Software Update
Adobe Flash Player 11 ActiveX
Adobe Reader 9.5.4 MUI
---\\ System Information
~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3764 MB (40% free)
System Restore: Activé (Enable)
System drive C: has 531 GB (91%) free of 581 GB
---\\ Logged in mode
~ Computer Name: KEVIN-PC
~ User Name: kevin
~ All Users Names: UpdatusUser, kevin, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\kevin\AppData\Roaming\
~ %Desktop% : C:\Users\kevin\Desktop\
~ %Favorites% : C:\Users\kevin\Favorites\
~ %LocalAppData% : C:\Users\kevin\AppData\Local\
~ %StartMenu% : C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 531 Go of 581 Go)
D:\ CD-ROM drive (Not Inserted)
Q:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 35 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 01:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.A4F6142CABA82FB7293ECE5FF864B440] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/02/2013 - 06:20:51.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.21/11/2010 - 03:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 03:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 03:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 01:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 23:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 03:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 03:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 03:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.13/07/2009 - 23:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 02:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 03:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 14:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 03:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 03:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 03:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/3
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 2/3
~ Mes Favoris (My Favorites) : 1/21
~ Mes Documents (My Documents) : 2/10
~ Mon Bureau (My Desktop) : 1/28
~ Menu demarrer (Programs) : 1/28
~ Hidden Files: Scanned in 00mn 00s
---\\ Processus lancés
[MD5.C058352639E9749EDE92CD9760CACE5F] - (.Dritek System Inc. - Launch Manager Worker.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe [334416] [PID.2324]
[MD5.7E4AD8220AF0B281274F9785DD53E25C] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [18642024] [PID.3328]
[MD5.148C545849C1379A3D4448F5DE768E86] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4767304] [PID.3396]
[MD5.75AD45ED633B866D90AEAA296C21F7E8] - (.Egis Technology Inc. - SuiteTray.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340336] [PID.3412]
[MD5.F0A99E3E103375FF23815C3E87C0FB57] - (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe [1092688] [PID.3448]
[MD5.E7EA57B35951D093A9647D8D5CE3340D] - (.Egis Technology Inc. - PMM Update Application.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920] [PID.3544]
[MD5.76561AF4D33CFA51710A1FB8C7B3E91A] - (.CANON INC. - Canon Solution Menu EX.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.exe [1611160] [PID.3600]
[MD5.EC124B84101FEC0A7D6745ED5DD91AD6] - (.NTI Corporation - Acer Backup Manager.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280] [PID.3608]
[MD5.790138769D9B8AFC2E4722E63DD6575A] - (.CyberLink Corp. - clear.fi Resident Program.) -- C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [120104] [PID.3616]
[MD5.F710D61C5F1067B5189667D58392DABC] - (.CyberLink Corp. - clear.fi Movie Resident Program.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448] [PID.3664]
[MD5.70A020EC3EDED7061A92569964FC6201] - (.CyberLink - DMREngine.) -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [169352] [PID.3632]
[MD5.DC1AA3868108B8FF57F6C8045FCD4603] - (.Egis Technology Inc. - EgisUpdate Release Application.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584] [PID.3316]
[MD5.4E9592BB2C100E571F82640E59E9ECD5] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1312720] [PID.1392]
[MD5.44B23B3FA81CD7E0197D5F1AA3611A8E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7307264] [PID.6500]
[MD5.41735B82DB57E4EBE9504EC400FD120E] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248] [PID.1676]
[MD5.32C2CD16DC801AEF9EDAAFEA0DBD769E] - (.Dritek System Inc. - Dritek WMI Service.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe [352848] [PID.2140]
[MD5.F74285FC99CC90594619D6C85CCF37B7] - (.Dritek System Inc. - Launch Manager utility process.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe [416848] [PID.2332]
[MD5.0191DEE9B9EB7902AF2CF4F67301095D] - (.Acer Incorporated - Global Registration Service.) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [23584] [PID.2364]
[MD5.CE1EE31FFF730CA975A5535D8A71AF61] - (.Pas de propriétaire - Inkjet Printer/Scanner/Fax Extended Survey.) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.exe [138192] [PID.2400]
[MD5.6BCEE9C766815BFFF89DE7D81AF34CE1] - (.Acer Incorporated - Updater Service.) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe [244624] [PID.2436]
[MD5.6CC09D2F0BA4A09BABC3C41B8FD888F7] - (.NTI Corporation - Backup Manager Module.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [257344] [PID.2476]
[MD5.C3CDDD18F43D44AB713CF8C4916F7696] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [219496] [PID.3636]
[MD5.13693B6354DD6E72DC5131DA7D764B90] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [508776] [PID.3516]
[MD5.72794D112CBAFF3BC0C29BF7350D4741] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822624] [PID.4636]
[MD5.9D8B95C0EAE145C46BC4A727B23DA395] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [325656] [PID.1896]
[MD5.A072423C3812472D326BC774610055CF] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2009704] [PID.4960]
[MD5.0B0B9F55B12767A755932C26B5FED715] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2538520] [PID.5808]
~ Processes Running: Scanned in 00mn 01s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.3 (Désactivé)
G2 - GCE: Preference [User Data\Default] [fmfnfnpmhcllokmkepffndflpnadjmma] DealPly Shopping v.3.5.0.0 (Activé) =>PUP.DealPly
G2 - GCE: Preference [User Data\Default] [hggpkhijoeadmdfmlbdepfbngmhaldci] DealPly Shopping v.3.5.0.0 (Activé) =>PUP.DealPly
~ Google Browser: 16 Legitimates Filtered in 00mn 14s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: DealPly Shopping [64Bits] - {a6c63b7f-2171-47fa-ab34-e64c4737169d} . (.DealPly - DealPly Shopping for Internet Explorer.) -- C:\Program Files (x86)\DealPly\DealPlyIE.dll =>PUP.DealPly
~ BHO: 6 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [Power Management] . (.Acer Incorporated - ePowerTray.) -- C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IntelPROSet] . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Framework.) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
O4 - HKLM\..\Run: [IntelPAN] . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Framework.) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [CanonMyPrinter] . (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKCU\..\RunOnce: [Del536877] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [SuiteTray] . (.Egis Technology Inc. - SuiteTray.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
O4 - HKLM\..\Wow6432Node\Run: [LManager] . (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Wow6432Node\Run: [EgisUpdate] . (.Egis Technology Inc. - EgisUpdate Release Application.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [EgisTecPMMUpdate] . (.Egis Technology Inc. - PMM Update Application.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [CanonSolutionMenuEx] . (.CANON INC. - Canon Solution Menu EX.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.exe
O4 - HKLM\..\Wow6432Node\Run: [BackupManagerTray] . (.NTI Corporation - Acer Backup Manager.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
O4 - HKLM\..\Wow6432Node\Run: [ArcadeMovieService] . (.CyberLink Corp. - clear.fi Movie Resident Program.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Wow6432Node\Run: [tuto4pc_fr_33] Clé orpheline =>PUP.Eorezo
O4 - HKLM\..\Wow6432Node\RunOnce: [Del536877] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-21-3067961033-3289522375-3821857640-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-21-3067961033-3289522375-3821857640-1001\..\RunOnce: [Del536877] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe
~ Application: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\Windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
O4 - GS\TaskBar: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Welcome Center.lnk . (.Acer Incorporated - Welcome Center.) -- C:\Program Files (x86)\Acer\Welcome Center\OEMWelcomeCenter.exe
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O4 - GS\Programs: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - GS\Desktop: Atout Pique sur Internet - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop: Backgammon sur Internet - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop: Chess.lnk - Clé orpheline
O4 - GS\Desktop: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop: Jeu de dames sur Internet - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop: Jeux - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop: Ordinateur - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop: Webcam.lnk . (.CyberLink Corp. - WebCam.) -- C:\Program Files (x86)\Acer\Acer Crystal Eye Webcam\WebCam.exe
O4 - GS\Desktop: Windows Live Messenger.lnk . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - GS\Desktop: Windows Live Movie Maker.lnk . (.Microsoft Corporation - Windows Live Movie Maker.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe
O4 - GS\Desktop: Wordpad (traitement de texte).lnk . (.Microsoft Corporation - Application Windows Wordpad.) -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
~ Global Startup: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{76DBA6FF-671C-4EA1-ABDC-A3A1A53EB92C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{76DBA6FF-671C-4EA1-ABDC-A3A1A53EB92C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{76DBA6FF-671C-4EA1-ABDC-A3A1A53EB92C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.NVIDIA Corporation - NVIDIA Compatible NVIDIA shim initializatio.) - C:\Windows\system32\nvinitx.dll
~ AppInit DLL: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Intel(R) PROSet/Wireless ZeroConfig Serv (ZcfgSvc7) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Zero Config Servic.) - C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
~ Services: 16 Legitimates Filtered in 00mn 05s
---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [{6B300EDC-F6A1-4491-987A-75DC531D66D6}] (...) -- D:\Autorun.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{8ACC39C5-C689-4A77-BDFC-C1265E90D9FD}] (...) -- C:\Program Files (x86)\InstallShield Installation Information\{95C65DA9-D0AE-11D8-B730-00C04F4351FF}\Setup.exe (.not file.) [0]
~ Scheduled Task: 22 Legitimates Filtered in 00mn 02s
---\\ Logiciels installés (O42)
O42 - Logiciel: DealPly (remove only) - (.DealPly Technologies Ltd..) [HKLM][64Bits] -- DealPly =>PUP.DealPly
O42 - Logiciel: Dealply - (...) [HKCU][64Bits] -- Dealply =>PUP.DealPly
~ Logic: 99 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\DealPly] =>PUP.DealPly
[HKCU\Software\Edusoft-TLC]
[HKCU\Software\InstallCore] =>PUP.InstallCore
[HKCU\Software\TutoTag] =>Spyware.AgenceExcusive
[HKCU\Software\Tutorials] =>Spyware.AgenceExcusive
[HKLM\Software\Wow6432Node\TUTO4PC] =>PUP.Eorezo
~ Key Software: 185 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 13/05/2013 - 18:02:16 - [1,236] ----D C:\Program Files (x86)\DealPly =>PUP.DealPly
O43 - CFD: 26/12/2011 - 16:02:11 - [0,010] ----D C:\Users\kevin\AppData\Roaming\BeachPartyCraze
O43 - CFD: 13/05/2013 - 18:02:30 - [0,097] ----D C:\Users\kevin\AppData\Roaming\Dealply =>PUP.DealPly
O43 - CFD: 13/05/2013 - 18:02:15 - [0,000] ----D C:\Users\kevin\AppData\Local\eorezo =>PUP.Eorezo
O43 - CFD: 13/05/2013 - 18:02:16 - [0,001] ----D C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly =>PUP.DealPly
~ Program Folder: 169 Legitimates Filtered in 00mn 02s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 01:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
~ Drivers: Scanned in 00mn 00s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - ??\??\???? - Pas de propriétaire (esgiguard) .(...) - LEGACY_ESGIGUARD
~ Legacy: 135 Legitimates Filtered in 00mn 00s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 19 Legitimates Filtered in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.0D3B680986310AE5540578C0E481C6A0] [SPRF][02/03/2010] (...) -- C:\ProgramData\FullRemove.exe [131984]
~ Files: Scanned in 00mn 00s
---\\ Scan Additionnel (O88)
Database Version : v2.12078 - (11/05/2013)
Clés trouvées (Keys found) : 7
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 3
Fichiers trouvés (Files found) : 0
[HKLM\Software\Wow6432Node\Tuto4pc] =>PUP.Eorezo
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKCU\Software\DealPly] =>PUP.DealPly
[HKLM\Software\Wow6432Node\DealPly] =>PUP.DealPly
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly] =>PUP.DealPly
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DealPly] =>PUP.DealPly
[HKCU\Software\InstallCore] =>Adware.InstallCore
C:\Program Files (x86)\DealPly =>PUP.DealPly
C:\Users\kevin\AppData\Roaming\DealPly =>PUP.DealPly
C:\Users\kevin\AppData\Local\EoRezo =>PUP.Eorezo
~ Additionnel Scan: 199925 Items scanned in 00mn 27s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 12/04/2013 256904 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 06/03/2013 45248 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SS - | Demand 01/03/2011 183560 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.exe
SR - | Auto 31/03/2011 352848 | (DsiWMIService) . (.Dritek System Inc..) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
SS - | Demand 28/09/2010 172912 | (EgisTec Ticket Service) . (.Egis Technology Inc..) - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
SR - | Auto 22/02/2011 873064 | (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
SR - | Auto 18/01/2011 1515792 | (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SS - | Demand 04/06/2011 655624 | (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SR - | Auto 08/01/2010 23584 | (GREGService) . (.Acer Incorporated.) - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
SS - | Auto 17/12/2012 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 17/12/2012 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SR - | Auto 138192 | (IJPLMSVC) . (...) - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.exe
SR - | Auto 31/01/2011 244624 | (Live Updater Service) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
SR - | Auto 16/09/2010 325656 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SS - | Demand 340240 | (MyWiFiDHCPDNS) . (...) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
SR - | Auto 09/03/2011 257344 | (NTI IScheduleSvc) . (.NTI Corporation.) - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
SR - | Auto 31/03/2011 993896 | (NVSvc) . (.NVIDIA Corporation.) - C:\Windows\System32\nvvsvc.exe
SR - | Auto 30/03/2011 2009704 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
SR - | Auto 18/01/2011 845584 | (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
SR - | Auto 25/02/2011 249648 | (SeaPort) . (.Microsoft Corporation.) - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.exe
SS - | Auto 28/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 16/09/2010 2538520 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 18/01/2011 992256 | (ZcfgSvc7) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
~ Services: Scanned in 00mn 00s
~ 1401 Legitimates filtered by white list
End of the scan (431 lines in 01mn 09s)(0)
Run by kevin at 13/05/2013 18:41:44
State : Nouvelle version disponible
WhiteList : Enable
High Elevated Privileges : OK
UAC : Activate by user
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
GCIE: Google Chrome v26.0.1410.64 (Defaut)
---\\ Windows Product Information
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7QJB7
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System Protection
avast! Free Antivirus v8.0.1483.0
Windows Defender W7
---\\ System Optimizer
CCleaner v4.01 =>Piriform Ltd
---\\ Peer To Peer (P2P)
---\\ Software Update
Adobe Flash Player 11 ActiveX
Adobe Reader 9.5.4 MUI
---\\ System Information
~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3764 MB (40% free)
System Restore: Activé (Enable)
System drive C: has 531 GB (91%) free of 581 GB
---\\ Logged in mode
~ Computer Name: KEVIN-PC
~ User Name: kevin
~ All Users Names: UpdatusUser, kevin, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\kevin\AppData\Roaming\
~ %Desktop% : C:\Users\kevin\Desktop\
~ %Favorites% : C:\Users\kevin\Favorites\
~ %LocalAppData% : C:\Users\kevin\AppData\Local\
~ %StartMenu% : C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 531 Go of 581 Go)
D:\ CD-ROM drive (Not Inserted)
Q:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 35 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 01:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.A4F6142CABA82FB7293ECE5FF864B440] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/02/2013 - 06:20:51.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.21/11/2010 - 03:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 03:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 03:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 01:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 23:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 03:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 03:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 03:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.13/07/2009 - 23:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 02:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 03:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 14:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 03:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 03:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 03:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/3
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 2/3
~ Mes Favoris (My Favorites) : 1/21
~ Mes Documents (My Documents) : 2/10
~ Mon Bureau (My Desktop) : 1/28
~ Menu demarrer (Programs) : 1/28
~ Hidden Files: Scanned in 00mn 00s
---\\ Processus lancés
[MD5.C058352639E9749EDE92CD9760CACE5F] - (.Dritek System Inc. - Launch Manager Worker.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe [334416] [PID.2324]
[MD5.7E4AD8220AF0B281274F9785DD53E25C] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [18642024] [PID.3328]
[MD5.148C545849C1379A3D4448F5DE768E86] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4767304] [PID.3396]
[MD5.75AD45ED633B866D90AEAA296C21F7E8] - (.Egis Technology Inc. - SuiteTray.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340336] [PID.3412]
[MD5.F0A99E3E103375FF23815C3E87C0FB57] - (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe [1092688] [PID.3448]
[MD5.E7EA57B35951D093A9647D8D5CE3340D] - (.Egis Technology Inc. - PMM Update Application.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920] [PID.3544]
[MD5.76561AF4D33CFA51710A1FB8C7B3E91A] - (.CANON INC. - Canon Solution Menu EX.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.exe [1611160] [PID.3600]
[MD5.EC124B84101FEC0A7D6745ED5DD91AD6] - (.NTI Corporation - Acer Backup Manager.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280] [PID.3608]
[MD5.790138769D9B8AFC2E4722E63DD6575A] - (.CyberLink Corp. - clear.fi Resident Program.) -- C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [120104] [PID.3616]
[MD5.F710D61C5F1067B5189667D58392DABC] - (.CyberLink Corp. - clear.fi Movie Resident Program.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448] [PID.3664]
[MD5.70A020EC3EDED7061A92569964FC6201] - (.CyberLink - DMREngine.) -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [169352] [PID.3632]
[MD5.DC1AA3868108B8FF57F6C8045FCD4603] - (.Egis Technology Inc. - EgisUpdate Release Application.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584] [PID.3316]
[MD5.4E9592BB2C100E571F82640E59E9ECD5] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1312720] [PID.1392]
[MD5.44B23B3FA81CD7E0197D5F1AA3611A8E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7307264] [PID.6500]
[MD5.41735B82DB57E4EBE9504EC400FD120E] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248] [PID.1676]
[MD5.32C2CD16DC801AEF9EDAAFEA0DBD769E] - (.Dritek System Inc. - Dritek WMI Service.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe [352848] [PID.2140]
[MD5.F74285FC99CC90594619D6C85CCF37B7] - (.Dritek System Inc. - Launch Manager utility process.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe [416848] [PID.2332]
[MD5.0191DEE9B9EB7902AF2CF4F67301095D] - (.Acer Incorporated - Global Registration Service.) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [23584] [PID.2364]
[MD5.CE1EE31FFF730CA975A5535D8A71AF61] - (.Pas de propriétaire - Inkjet Printer/Scanner/Fax Extended Survey.) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.exe [138192] [PID.2400]
[MD5.6BCEE9C766815BFFF89DE7D81AF34CE1] - (.Acer Incorporated - Updater Service.) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe [244624] [PID.2436]
[MD5.6CC09D2F0BA4A09BABC3C41B8FD888F7] - (.NTI Corporation - Backup Manager Module.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [257344] [PID.2476]
[MD5.C3CDDD18F43D44AB713CF8C4916F7696] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [219496] [PID.3636]
[MD5.13693B6354DD6E72DC5131DA7D764B90] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [508776] [PID.3516]
[MD5.72794D112CBAFF3BC0C29BF7350D4741] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822624] [PID.4636]
[MD5.9D8B95C0EAE145C46BC4A727B23DA395] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [325656] [PID.1896]
[MD5.A072423C3812472D326BC774610055CF] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2009704] [PID.4960]
[MD5.0B0B9F55B12767A755932C26B5FED715] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2538520] [PID.5808]
~ Processes Running: Scanned in 00mn 01s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.3 (Désactivé)
G2 - GCE: Preference [User Data\Default] [fmfnfnpmhcllokmkepffndflpnadjmma] DealPly Shopping v.3.5.0.0 (Activé) =>PUP.DealPly
G2 - GCE: Preference [User Data\Default] [hggpkhijoeadmdfmlbdepfbngmhaldci] DealPly Shopping v.3.5.0.0 (Activé) =>PUP.DealPly
~ Google Browser: 16 Legitimates Filtered in 00mn 14s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: DealPly Shopping [64Bits] - {a6c63b7f-2171-47fa-ab34-e64c4737169d} . (.DealPly - DealPly Shopping for Internet Explorer.) -- C:\Program Files (x86)\DealPly\DealPlyIE.dll =>PUP.DealPly
~ BHO: 6 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [Power Management] . (.Acer Incorporated - ePowerTray.) -- C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IntelPROSet] . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Framework.) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
O4 - HKLM\..\Run: [IntelPAN] . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Framework.) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [CanonMyPrinter] . (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKCU\..\RunOnce: [Del536877] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [SuiteTray] . (.Egis Technology Inc. - SuiteTray.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
O4 - HKLM\..\Wow6432Node\Run: [LManager] . (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Wow6432Node\Run: [EgisUpdate] . (.Egis Technology Inc. - EgisUpdate Release Application.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [EgisTecPMMUpdate] . (.Egis Technology Inc. - PMM Update Application.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [CanonSolutionMenuEx] . (.CANON INC. - Canon Solution Menu EX.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.exe
O4 - HKLM\..\Wow6432Node\Run: [BackupManagerTray] . (.NTI Corporation - Acer Backup Manager.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
O4 - HKLM\..\Wow6432Node\Run: [ArcadeMovieService] . (.CyberLink Corp. - clear.fi Movie Resident Program.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Wow6432Node\Run: [tuto4pc_fr_33] Clé orpheline =>PUP.Eorezo
O4 - HKLM\..\Wow6432Node\RunOnce: [Del536877] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-21-3067961033-3289522375-3821857640-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-21-3067961033-3289522375-3821857640-1001\..\RunOnce: [Del536877] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe
~ Application: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\Windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
O4 - GS\TaskBar: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Welcome Center.lnk . (.Acer Incorporated - Welcome Center.) -- C:\Program Files (x86)\Acer\Welcome Center\OEMWelcomeCenter.exe
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O4 - GS\Programs: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - GS\Desktop: Atout Pique sur Internet - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop: Backgammon sur Internet - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop: Chess.lnk - Clé orpheline
O4 - GS\Desktop: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop: Jeu de dames sur Internet - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop: Jeux - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop: Ordinateur - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop: Webcam.lnk . (.CyberLink Corp. - WebCam.) -- C:\Program Files (x86)\Acer\Acer Crystal Eye Webcam\WebCam.exe
O4 - GS\Desktop: Windows Live Messenger.lnk . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - GS\Desktop: Windows Live Movie Maker.lnk . (.Microsoft Corporation - Windows Live Movie Maker.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe
O4 - GS\Desktop: Wordpad (traitement de texte).lnk . (.Microsoft Corporation - Application Windows Wordpad.) -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
~ Global Startup: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{76DBA6FF-671C-4EA1-ABDC-A3A1A53EB92C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{76DBA6FF-671C-4EA1-ABDC-A3A1A53EB92C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{76DBA6FF-671C-4EA1-ABDC-A3A1A53EB92C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.NVIDIA Corporation - NVIDIA Compatible NVIDIA shim initializatio.) - C:\Windows\system32\nvinitx.dll
~ AppInit DLL: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Intel(R) PROSet/Wireless ZeroConfig Serv (ZcfgSvc7) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Zero Config Servic.) - C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
~ Services: 16 Legitimates Filtered in 00mn 05s
---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [{6B300EDC-F6A1-4491-987A-75DC531D66D6}] (...) -- D:\Autorun.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{8ACC39C5-C689-4A77-BDFC-C1265E90D9FD}] (...) -- C:\Program Files (x86)\InstallShield Installation Information\{95C65DA9-D0AE-11D8-B730-00C04F4351FF}\Setup.exe (.not file.) [0]
~ Scheduled Task: 22 Legitimates Filtered in 00mn 02s
---\\ Logiciels installés (O42)
O42 - Logiciel: DealPly (remove only) - (.DealPly Technologies Ltd..) [HKLM][64Bits] -- DealPly =>PUP.DealPly
O42 - Logiciel: Dealply - (...) [HKCU][64Bits] -- Dealply =>PUP.DealPly
~ Logic: 99 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\DealPly] =>PUP.DealPly
[HKCU\Software\Edusoft-TLC]
[HKCU\Software\InstallCore] =>PUP.InstallCore
[HKCU\Software\TutoTag] =>Spyware.AgenceExcusive
[HKCU\Software\Tutorials] =>Spyware.AgenceExcusive
[HKLM\Software\Wow6432Node\TUTO4PC] =>PUP.Eorezo
~ Key Software: 185 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 13/05/2013 - 18:02:16 - [1,236] ----D C:\Program Files (x86)\DealPly =>PUP.DealPly
O43 - CFD: 26/12/2011 - 16:02:11 - [0,010] ----D C:\Users\kevin\AppData\Roaming\BeachPartyCraze
O43 - CFD: 13/05/2013 - 18:02:30 - [0,097] ----D C:\Users\kevin\AppData\Roaming\Dealply =>PUP.DealPly
O43 - CFD: 13/05/2013 - 18:02:15 - [0,000] ----D C:\Users\kevin\AppData\Local\eorezo =>PUP.Eorezo
O43 - CFD: 13/05/2013 - 18:02:16 - [0,001] ----D C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly =>PUP.DealPly
~ Program Folder: 169 Legitimates Filtered in 00mn 02s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 01:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
~ Drivers: Scanned in 00mn 00s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - ??\??\???? - Pas de propriétaire (esgiguard) .(...) - LEGACY_ESGIGUARD
~ Legacy: 135 Legitimates Filtered in 00mn 00s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 19 Legitimates Filtered in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.0D3B680986310AE5540578C0E481C6A0] [SPRF][02/03/2010] (...) -- C:\ProgramData\FullRemove.exe [131984]
~ Files: Scanned in 00mn 00s
---\\ Scan Additionnel (O88)
Database Version : v2.12078 - (11/05/2013)
Clés trouvées (Keys found) : 7
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 3
Fichiers trouvés (Files found) : 0
[HKLM\Software\Wow6432Node\Tuto4pc] =>PUP.Eorezo
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKCU\Software\DealPly] =>PUP.DealPly
[HKLM\Software\Wow6432Node\DealPly] =>PUP.DealPly
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly] =>PUP.DealPly
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DealPly] =>PUP.DealPly
[HKCU\Software\InstallCore] =>Adware.InstallCore
C:\Program Files (x86)\DealPly =>PUP.DealPly
C:\Users\kevin\AppData\Roaming\DealPly =>PUP.DealPly
C:\Users\kevin\AppData\Local\EoRezo =>PUP.Eorezo
~ Additionnel Scan: 199925 Items scanned in 00mn 27s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 12/04/2013 256904 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 06/03/2013 45248 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SS - | Demand 01/03/2011 183560 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.exe
SR - | Auto 31/03/2011 352848 | (DsiWMIService) . (.Dritek System Inc..) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
SS - | Demand 28/09/2010 172912 | (EgisTec Ticket Service) . (.Egis Technology Inc..) - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
SR - | Auto 22/02/2011 873064 | (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
SR - | Auto 18/01/2011 1515792 | (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SS - | Demand 04/06/2011 655624 | (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SR - | Auto 08/01/2010 23584 | (GREGService) . (.Acer Incorporated.) - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
SS - | Auto 17/12/2012 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 17/12/2012 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SR - | Auto 138192 | (IJPLMSVC) . (...) - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.exe
SR - | Auto 31/01/2011 244624 | (Live Updater Service) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
SR - | Auto 16/09/2010 325656 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SS - | Demand 340240 | (MyWiFiDHCPDNS) . (...) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
SR - | Auto 09/03/2011 257344 | (NTI IScheduleSvc) . (.NTI Corporation.) - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
SR - | Auto 31/03/2011 993896 | (NVSvc) . (.NVIDIA Corporation.) - C:\Windows\System32\nvvsvc.exe
SR - | Auto 30/03/2011 2009704 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
SR - | Auto 18/01/2011 845584 | (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
SR - | Auto 25/02/2011 249648 | (SeaPort) . (.Microsoft Corporation.) - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.exe
SS - | Auto 28/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 16/09/2010 2538520 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 18/01/2011 992256 | (ZcfgSvc7) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
~ Services: Scanned in 00mn 00s
~ 1401 Legitimates filtered by white list
End of the scan (431 lines in 01mn 09s)(0)
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
13 mai 2013 à 18:47
13 mai 2013 à 18:47
Recommence avec la nouvelle version :
ftp://zebulon.fr/ZHPDiag2.exe
ftp://zebulon.fr/ZHPDiag2.exe
code-lyoko16
Messages postés
19
Date d'inscription
dimanche 12 mai 2013
Statut
Membre
Dernière intervention
22 mai 2013
1
13 mai 2013 à 19:23
13 mai 2013 à 19:23
Rapport de ZHPDiag v2013.5.12.105 par Nicolas Coolman, Update du 12/05/2013
Run by kevin at 13/05/2013 19:16:47
State : Version à jour.
WhiteList : Enable
High Elevated Privileges : OK
UAC : Deactivate by program
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
GCIE: Google Chrome v26.0.1410.64 (Defaut)
---\\ Windows Product Information
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7QJB7
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System Protection
avast! Free Antivirus v8.0.1483.0
Windows Defender W7
---\\ System Optimizer
CCleaner v4.01 =>Piriform Ltd
---\\ Peer To Peer (P2P)
---\\ Software Update
Adobe Flash Player 11 ActiveX
Adobe Reader 9.5.4 MUI
---\\ System Information
~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3764 MB (27% free)
System Restore: Activé (Enable)
System drive C: has 531 GB (91%) free of 581 GB
---\\ Logged in mode
~ Computer Name: KEVIN-PC
~ User Name: kevin
~ All Users Names: UpdatusUser, kevin, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\kevin\AppData\Roaming\
~ %Desktop% : C:\Users\kevin\Desktop\
~ %Favorites% : C:\Users\kevin\Favorites\
~ %LocalAppData% : C:\Users\kevin\AppData\Local\
~ %StartMenu% : C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 531 Go of 581 Go)
D:\ CD-ROM drive (Not Inserted)
Q:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 35 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 01:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.A4F6142CABA82FB7293ECE5FF864B440] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/02/2013 - 06:20:51.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.21/11/2010 - 03:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 03:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 03:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 01:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 23:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 03:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 03:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 03:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.13/07/2009 - 23:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 02:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 03:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 14:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 03:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 03:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 03:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/3
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 2/3
~ Mes Favoris (My Favorites) : 1/21
~ Mes Documents (My Documents) : 2/10
~ Mon Bureau (My Desktop) : 1/28
~ Menu demarrer (Programs) : 1/28
~ Hidden Files: Scanned in 00mn 00s
---\\ Processus lancés
[MD5.C058352639E9749EDE92CD9760CACE5F] - (.Dritek System Inc. - Launch Manager Worker.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe [334416] [PID.2324]
[MD5.7E4AD8220AF0B281274F9785DD53E25C] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [18642024] [PID.3328]
[MD5.148C545849C1379A3D4448F5DE768E86] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4767304] [PID.3396]
[MD5.75AD45ED633B866D90AEAA296C21F7E8] - (.Egis Technology Inc. - SuiteTray.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340336] [PID.3412]
[MD5.F0A99E3E103375FF23815C3E87C0FB57] - (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe [1092688] [PID.3448]
[MD5.E7EA57B35951D093A9647D8D5CE3340D] - (.Egis Technology Inc. - PMM Update Application.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920] [PID.3544]
[MD5.76561AF4D33CFA51710A1FB8C7B3E91A] - (.CANON INC. - Canon Solution Menu EX.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.exe [1611160] [PID.3600]
[MD5.EC124B84101FEC0A7D6745ED5DD91AD6] - (.NTI Corporation - Acer Backup Manager.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280] [PID.3608]
[MD5.790138769D9B8AFC2E4722E63DD6575A] - (.CyberLink Corp. - clear.fi Resident Program.) -- C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [120104] [PID.3616]
[MD5.F710D61C5F1067B5189667D58392DABC] - (.CyberLink Corp. - clear.fi Movie Resident Program.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448] [PID.3664]
[MD5.70A020EC3EDED7061A92569964FC6201] - (.CyberLink - DMREngine.) -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [169352] [PID.3632]
[MD5.DC1AA3868108B8FF57F6C8045FCD4603] - (.Egis Technology Inc. - EgisUpdate Release Application.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584] [PID.3316]
[MD5.4E9592BB2C100E571F82640E59E9ECD5] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1312720] [PID.1392]
[MD5.FE30E4DC9D03AF450FE9E944BCA6DFEB] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7326208] [PID.6412]
[MD5.41735B82DB57E4EBE9504EC400FD120E] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248] [PID.1676]
[MD5.32C2CD16DC801AEF9EDAAFEA0DBD769E] - (.Dritek System Inc. - Dritek WMI Service.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe [352848] [PID.2140]
[MD5.F74285FC99CC90594619D6C85CCF37B7] - (.Dritek System Inc. - Launch Manager utility process.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe [416848] [PID.2332]
[MD5.0191DEE9B9EB7902AF2CF4F67301095D] - (.Acer Incorporated - Global Registration Service.) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [23584] [PID.2364]
[MD5.CE1EE31FFF730CA975A5535D8A71AF61] - (.Pas de propriétaire - Inkjet Printer/Scanner/Fax Extended Survey.) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.exe [138192] [PID.2400]
[MD5.6BCEE9C766815BFFF89DE7D81AF34CE1] - (.Acer Incorporated - Updater Service.) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe [244624] [PID.2436]
[MD5.6CC09D2F0BA4A09BABC3C41B8FD888F7] - (.NTI Corporation - Backup Manager Module.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [257344] [PID.2476]
[MD5.C3CDDD18F43D44AB713CF8C4916F7696] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [219496] [PID.3636]
[MD5.13693B6354DD6E72DC5131DA7D764B90] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [508776] [PID.3516]
[MD5.72794D112CBAFF3BC0C29BF7350D4741] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822624] [PID.4636]
[MD5.9D8B95C0EAE145C46BC4A727B23DA395] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [325656] [PID.1896]
[MD5.A072423C3812472D326BC774610055CF] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2009704] [PID.4960]
[MD5.0B0B9F55B12767A755932C26B5FED715] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2538520] [PID.5808]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.3 (Désactivé)
G2 - GCE: Preference [User Data\Default] [fmfnfnpmhcllokmkepffndflpnadjmma] DealPly Shopping v.3.5.0.0 (Activé) =>PUP.DealPly
G2 - GCE: Preference [User Data\Default] [hggpkhijoeadmdfmlbdepfbngmhaldci] DealPly Shopping v.3.5.0.0 (Activé) =>PUP.DealPly
~ Google Browser: 16 Legitimates Filtered in 00mn 10s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: DealPly Shopping [64Bits] - {a6c63b7f-2171-47fa-ab34-e64c4737169d} . (.DealPly - DealPly Shopping for Internet Explorer.) -- C:\Program Files (x86)\DealPly\DealPlyIE.dll =>PUP.DealPly
~ BHO: 6 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [Power Management] . (.Acer Incorporated - ePowerTray.) -- C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IntelPROSet] . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Framework.) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
O4 - HKLM\..\Run: [IntelPAN] . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Framework.) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [CanonMyPrinter] . (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKCU\..\RunOnce: [Del536877] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [SuiteTray] . (.Egis Technology Inc. - SuiteTray.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
O4 - HKLM\..\Wow6432Node\Run: [LManager] . (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Wow6432Node\Run: [EgisUpdate] . (.Egis Technology Inc. - EgisUpdate Release Application.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [EgisTecPMMUpdate] . (.Egis Technology Inc. - PMM Update Application.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [CanonSolutionMenuEx] . (.CANON INC. - Canon Solution Menu EX.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.exe
O4 - HKLM\..\Wow6432Node\Run: [BackupManagerTray] . (.NTI Corporation - Acer Backup Manager.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
O4 - HKLM\..\Wow6432Node\Run: [ArcadeMovieService] . (.CyberLink Corp. - clear.fi Movie Resident Program.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Wow6432Node\Run: [tuto4pc_fr_33] Clé orpheline =>PUP.Eorezo
O4 - HKLM\..\Wow6432Node\RunOnce: [Del536877] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-21-3067961033-3289522375-3821857640-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-21-3067961033-3289522375-3821857640-1001\..\RunOnce: [Del536877] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe
~ Application: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\Windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
O4 - GS\TaskBar: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Welcome Center.lnk . (.Acer Incorporated - Welcome Center.) -- C:\Program Files (x86)\Acer\Welcome Center\OEMWelcomeCenter.exe
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O4 - GS\Programs: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - GS\Desktop: Atout Pique sur Internet - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop: Backgammon sur Internet - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop: Chess.lnk - Clé orpheline
O4 - GS\Desktop: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop: Jeu de dames sur Internet - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop: Jeux - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop: Ordinateur - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop: Webcam.lnk . (.CyberLink Corp. - WebCam.) -- C:\Program Files (x86)\Acer\Acer Crystal Eye Webcam\WebCam.exe
O4 - GS\Desktop: Windows Live Messenger.lnk . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - GS\Desktop: Windows Live Movie Maker.lnk . (.Microsoft Corporation - Windows Live Movie Maker.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe
O4 - GS\Desktop: Wordpad (traitement de texte).lnk . (.Microsoft Corporation - Application Windows Wordpad.) -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
~ Global Startup: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{76DBA6FF-671C-4EA1-ABDC-A3A1A53EB92C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{76DBA6FF-671C-4EA1-ABDC-A3A1A53EB92C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{76DBA6FF-671C-4EA1-ABDC-A3A1A53EB92C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.NVIDIA Corporation - NVIDIA Compatible NVIDIA shim initializatio.) - C:\Windows\system32\nvinitx.dll
~ AppInit DLL: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Intel(R) PROSet/Wireless ZeroConfig Serv (ZcfgSvc7) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Zero Config Servic.) - C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
~ Services: 16 Legitimates Filtered in 00mn 04s
---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [{6B300EDC-F6A1-4491-987A-75DC531D66D6}] (...) -- D:\Autorun.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{8ACC39C5-C689-4A77-BDFC-C1265E90D9FD}] (...) -- C:\Program Files (x86)\InstallShield Installation Information\{95C65DA9-D0AE-11D8-B730-00C04F4351FF}\Setup.exe (.not file.) [0]
~ Scheduled Task: 22 Legitimates Filtered in 00mn 01s
---\\ Logiciels installés (O42)
O42 - Logiciel: DealPly (remove only) - (.DealPly Technologies Ltd..) [HKLM][64Bits] -- DealPly =>PUP.DealPly
O42 - Logiciel: Dealply - (...) [HKCU][64Bits] -- Dealply =>PUP.DealPly
~ Logic: 99 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\DealPly] =>PUP.DealPly
[HKCU\Software\Edusoft-TLC]
[HKCU\Software\InstallCore] =>PUP.InstallCore
[HKCU\Software\TutoTag] =>Spyware.AgenceExcusive
[HKCU\Software\Tutorials] =>Spyware.AgenceExcusive
[HKLM\Software\Wow6432Node\TUTO4PC] =>PUP.Eorezo
~ Key Software: 185 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 13/05/2013 - 18:02:16 - [1,236] ----D C:\Program Files (x86)\DealPly =>PUP.DealPly
O43 - CFD: 26/12/2011 - 16:02:11 - [0,010] ----D C:\Users\kevin\AppData\Roaming\BeachPartyCraze
O43 - CFD: 13/05/2013 - 18:02:30 - [0,097] ----D C:\Users\kevin\AppData\Roaming\Dealply =>PUP.DealPly
O43 - CFD: 13/05/2013 - 18:02:15 - [0,000] ----D C:\Users\kevin\AppData\Local\eorezo =>PUP.Eorezo
O43 - CFD: 13/05/2013 - 18:02:16 - [0,001] ----D C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly =>PUP.DealPly
~ Program Folder: 169 Legitimates Filtered in 00mn 01s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 01:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
~ Drivers: Scanned in 00mn 00s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - ??\??\???? - Pas de propriétaire (esgiguard) .(...) - LEGACY_ESGIGUARD
~ Legacy: 135 Legitimates Filtered in 00mn 00s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 19 Legitimates Filtered in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.0D3B680986310AE5540578C0E481C6A0] [SPRF][02/03/2010] (...) -- C:\ProgramData\FullRemove.exe [131984]
~ Files: Scanned in 00mn 00s
---\\ Scan Additionnel (O88)
Database Version : v2.12078 - (12/05/2013)
Clés trouvées (Keys found) : 7
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 3
Fichiers trouvés (Files found) : 0
[HKLM\Software\Wow6432Node\Tuto4pc] =>PUP.Eorezo
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKCU\Software\DealPly] =>PUP.DealPly
[HKLM\Software\Wow6432Node\DealPly] =>PUP.DealPly
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly] =>PUP.DealPly
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DealPly] =>PUP.DealPly
[HKCU\Software\InstallCore] =>Adware.InstallCore
C:\Program Files (x86)\DealPly =>PUP.DealPly
C:\Users\kevin\AppData\Roaming\DealPly =>PUP.DealPly
C:\Users\kevin\AppData\Local\EoRezo =>PUP.Eorezo
~ Additionnel Scan: 200037 Items scanned in 00mn 19s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 12/04/2013 256904 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 06/03/2013 45248 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SS - | Demand 01/03/2011 183560 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.exe
SR - | Auto 31/03/2011 352848 | (DsiWMIService) . (.Dritek System Inc..) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
SS - | Demand 28/09/2010 172912 | (EgisTec Ticket Service) . (.Egis Technology Inc..) - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
SR - | Auto 22/02/2011 873064 | (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
SR - | Auto 18/01/2011 1515792 | (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SS - | Demand 04/06/2011 655624 | (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SR - | Auto 08/01/2010 23584 | (GREGService) . (.Acer Incorporated.) - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
SS - | Auto 17/12/2012 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 17/12/2012 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SR - | Auto 138192 | (IJPLMSVC) . (...) - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.exe
SR - | Auto 31/01/2011 244624 | (Live Updater Service) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
SR - | Auto 16/09/2010 325656 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SS - | Demand 340240 | (MyWiFiDHCPDNS) . (...) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
SR - | Auto 09/03/2011 257344 | (NTI IScheduleSvc) . (.NTI Corporation.) - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
SR - | Auto 31/03/2011 993896 | (NVSvc) . (.NVIDIA Corporation.) - C:\Windows\System32\nvvsvc.exe
SR - | Auto 30/03/2011 2009704 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
SR - | Auto 18/01/2011 845584 | (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
SR - | Auto 25/02/2011 249648 | (SeaPort) . (.Microsoft Corporation.) - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.exe
SS - | Auto 28/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 16/09/2010 2538520 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 18/01/2011 992256 | (ZcfgSvc7) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
~ Services: Scanned in 00mn 00s
~ 1401 Legitimates filtered by white list
End of the scan (431 lines in 00mn 54s)(0)
Run by kevin at 13/05/2013 19:16:47
State : Version à jour.
WhiteList : Enable
High Elevated Privileges : OK
UAC : Deactivate by program
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
GCIE: Google Chrome v26.0.1410.64 (Defaut)
---\\ Windows Product Information
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7QJB7
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System Protection
avast! Free Antivirus v8.0.1483.0
Windows Defender W7
---\\ System Optimizer
CCleaner v4.01 =>Piriform Ltd
---\\ Peer To Peer (P2P)
---\\ Software Update
Adobe Flash Player 11 ActiveX
Adobe Reader 9.5.4 MUI
---\\ System Information
~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3764 MB (27% free)
System Restore: Activé (Enable)
System drive C: has 531 GB (91%) free of 581 GB
---\\ Logged in mode
~ Computer Name: KEVIN-PC
~ User Name: kevin
~ All Users Names: UpdatusUser, kevin, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\kevin\AppData\Roaming\
~ %Desktop% : C:\Users\kevin\Desktop\
~ %Favorites% : C:\Users\kevin\Favorites\
~ %LocalAppData% : C:\Users\kevin\AppData\Local\
~ %StartMenu% : C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 531 Go of 581 Go)
D:\ CD-ROM drive (Not Inserted)
Q:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 35 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 01:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.A4F6142CABA82FB7293ECE5FF864B440] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/02/2013 - 06:20:51.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.21/11/2010 - 03:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 03:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 03:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 01:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 23:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 03:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 03:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 03:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.13/07/2009 - 23:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 02:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 03:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 14:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 03:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 03:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 03:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/3
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 2/3
~ Mes Favoris (My Favorites) : 1/21
~ Mes Documents (My Documents) : 2/10
~ Mon Bureau (My Desktop) : 1/28
~ Menu demarrer (Programs) : 1/28
~ Hidden Files: Scanned in 00mn 00s
---\\ Processus lancés
[MD5.C058352639E9749EDE92CD9760CACE5F] - (.Dritek System Inc. - Launch Manager Worker.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe [334416] [PID.2324]
[MD5.7E4AD8220AF0B281274F9785DD53E25C] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [18642024] [PID.3328]
[MD5.148C545849C1379A3D4448F5DE768E86] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4767304] [PID.3396]
[MD5.75AD45ED633B866D90AEAA296C21F7E8] - (.Egis Technology Inc. - SuiteTray.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340336] [PID.3412]
[MD5.F0A99E3E103375FF23815C3E87C0FB57] - (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe [1092688] [PID.3448]
[MD5.E7EA57B35951D093A9647D8D5CE3340D] - (.Egis Technology Inc. - PMM Update Application.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920] [PID.3544]
[MD5.76561AF4D33CFA51710A1FB8C7B3E91A] - (.CANON INC. - Canon Solution Menu EX.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.exe [1611160] [PID.3600]
[MD5.EC124B84101FEC0A7D6745ED5DD91AD6] - (.NTI Corporation - Acer Backup Manager.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280] [PID.3608]
[MD5.790138769D9B8AFC2E4722E63DD6575A] - (.CyberLink Corp. - clear.fi Resident Program.) -- C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [120104] [PID.3616]
[MD5.F710D61C5F1067B5189667D58392DABC] - (.CyberLink Corp. - clear.fi Movie Resident Program.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448] [PID.3664]
[MD5.70A020EC3EDED7061A92569964FC6201] - (.CyberLink - DMREngine.) -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [169352] [PID.3632]
[MD5.DC1AA3868108B8FF57F6C8045FCD4603] - (.Egis Technology Inc. - EgisUpdate Release Application.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584] [PID.3316]
[MD5.4E9592BB2C100E571F82640E59E9ECD5] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1312720] [PID.1392]
[MD5.FE30E4DC9D03AF450FE9E944BCA6DFEB] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7326208] [PID.6412]
[MD5.41735B82DB57E4EBE9504EC400FD120E] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248] [PID.1676]
[MD5.32C2CD16DC801AEF9EDAAFEA0DBD769E] - (.Dritek System Inc. - Dritek WMI Service.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe [352848] [PID.2140]
[MD5.F74285FC99CC90594619D6C85CCF37B7] - (.Dritek System Inc. - Launch Manager utility process.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe [416848] [PID.2332]
[MD5.0191DEE9B9EB7902AF2CF4F67301095D] - (.Acer Incorporated - Global Registration Service.) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [23584] [PID.2364]
[MD5.CE1EE31FFF730CA975A5535D8A71AF61] - (.Pas de propriétaire - Inkjet Printer/Scanner/Fax Extended Survey.) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.exe [138192] [PID.2400]
[MD5.6BCEE9C766815BFFF89DE7D81AF34CE1] - (.Acer Incorporated - Updater Service.) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe [244624] [PID.2436]
[MD5.6CC09D2F0BA4A09BABC3C41B8FD888F7] - (.NTI Corporation - Backup Manager Module.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [257344] [PID.2476]
[MD5.C3CDDD18F43D44AB713CF8C4916F7696] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [219496] [PID.3636]
[MD5.13693B6354DD6E72DC5131DA7D764B90] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [508776] [PID.3516]
[MD5.72794D112CBAFF3BC0C29BF7350D4741] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822624] [PID.4636]
[MD5.9D8B95C0EAE145C46BC4A727B23DA395] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [325656] [PID.1896]
[MD5.A072423C3812472D326BC774610055CF] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2009704] [PID.4960]
[MD5.0B0B9F55B12767A755932C26B5FED715] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2538520] [PID.5808]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\kevin\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.3 (Désactivé)
G2 - GCE: Preference [User Data\Default] [fmfnfnpmhcllokmkepffndflpnadjmma] DealPly Shopping v.3.5.0.0 (Activé) =>PUP.DealPly
G2 - GCE: Preference [User Data\Default] [hggpkhijoeadmdfmlbdepfbngmhaldci] DealPly Shopping v.3.5.0.0 (Activé) =>PUP.DealPly
~ Google Browser: 16 Legitimates Filtered in 00mn 10s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: DealPly Shopping [64Bits] - {a6c63b7f-2171-47fa-ab34-e64c4737169d} . (.DealPly - DealPly Shopping for Internet Explorer.) -- C:\Program Files (x86)\DealPly\DealPlyIE.dll =>PUP.DealPly
~ BHO: 6 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [Power Management] . (.Acer Incorporated - ePowerTray.) -- C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IntelPROSet] . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Framework.) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
O4 - HKLM\..\Run: [IntelPAN] . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Framework.) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [CanonMyPrinter] . (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKCU\..\RunOnce: [Del536877] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [SuiteTray] . (.Egis Technology Inc. - SuiteTray.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
O4 - HKLM\..\Wow6432Node\Run: [LManager] . (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Wow6432Node\Run: [EgisUpdate] . (.Egis Technology Inc. - EgisUpdate Release Application.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [EgisTecPMMUpdate] . (.Egis Technology Inc. - PMM Update Application.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [CanonSolutionMenuEx] . (.CANON INC. - Canon Solution Menu EX.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.exe
O4 - HKLM\..\Wow6432Node\Run: [BackupManagerTray] . (.NTI Corporation - Acer Backup Manager.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
O4 - HKLM\..\Wow6432Node\Run: [ArcadeMovieService] . (.CyberLink Corp. - clear.fi Movie Resident Program.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Wow6432Node\Run: [tuto4pc_fr_33] Clé orpheline =>PUP.Eorezo
O4 - HKLM\..\Wow6432Node\RunOnce: [Del536877] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-21-3067961033-3289522375-3821857640-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-21-3067961033-3289522375-3821857640-1001\..\RunOnce: [Del536877] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe
~ Application: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\Windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
O4 - GS\TaskBar: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Welcome Center.lnk . (.Acer Incorporated - Welcome Center.) -- C:\Program Files (x86)\Acer\Welcome Center\OEMWelcomeCenter.exe
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O4 - GS\Programs: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - GS\Desktop: Atout Pique sur Internet - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop: Backgammon sur Internet - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop: Chess.lnk - Clé orpheline
O4 - GS\Desktop: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop: Jeu de dames sur Internet - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop: Jeux - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop: Ordinateur - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop: Webcam.lnk . (.CyberLink Corp. - WebCam.) -- C:\Program Files (x86)\Acer\Acer Crystal Eye Webcam\WebCam.exe
O4 - GS\Desktop: Windows Live Messenger.lnk . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - GS\Desktop: Windows Live Movie Maker.lnk . (.Microsoft Corporation - Windows Live Movie Maker.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe
O4 - GS\Desktop: Wordpad (traitement de texte).lnk . (.Microsoft Corporation - Application Windows Wordpad.) -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
~ Global Startup: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{76DBA6FF-671C-4EA1-ABDC-A3A1A53EB92C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{76DBA6FF-671C-4EA1-ABDC-A3A1A53EB92C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{76DBA6FF-671C-4EA1-ABDC-A3A1A53EB92C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.NVIDIA Corporation - NVIDIA Compatible NVIDIA shim initializatio.) - C:\Windows\system32\nvinitx.dll
~ AppInit DLL: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Intel(R) PROSet/Wireless ZeroConfig Serv (ZcfgSvc7) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Zero Config Servic.) - C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
~ Services: 16 Legitimates Filtered in 00mn 04s
---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [{6B300EDC-F6A1-4491-987A-75DC531D66D6}] (...) -- D:\Autorun.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{8ACC39C5-C689-4A77-BDFC-C1265E90D9FD}] (...) -- C:\Program Files (x86)\InstallShield Installation Information\{95C65DA9-D0AE-11D8-B730-00C04F4351FF}\Setup.exe (.not file.) [0]
~ Scheduled Task: 22 Legitimates Filtered in 00mn 01s
---\\ Logiciels installés (O42)
O42 - Logiciel: DealPly (remove only) - (.DealPly Technologies Ltd..) [HKLM][64Bits] -- DealPly =>PUP.DealPly
O42 - Logiciel: Dealply - (...) [HKCU][64Bits] -- Dealply =>PUP.DealPly
~ Logic: 99 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\DealPly] =>PUP.DealPly
[HKCU\Software\Edusoft-TLC]
[HKCU\Software\InstallCore] =>PUP.InstallCore
[HKCU\Software\TutoTag] =>Spyware.AgenceExcusive
[HKCU\Software\Tutorials] =>Spyware.AgenceExcusive
[HKLM\Software\Wow6432Node\TUTO4PC] =>PUP.Eorezo
~ Key Software: 185 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 13/05/2013 - 18:02:16 - [1,236] ----D C:\Program Files (x86)\DealPly =>PUP.DealPly
O43 - CFD: 26/12/2011 - 16:02:11 - [0,010] ----D C:\Users\kevin\AppData\Roaming\BeachPartyCraze
O43 - CFD: 13/05/2013 - 18:02:30 - [0,097] ----D C:\Users\kevin\AppData\Roaming\Dealply =>PUP.DealPly
O43 - CFD: 13/05/2013 - 18:02:15 - [0,000] ----D C:\Users\kevin\AppData\Local\eorezo =>PUP.Eorezo
O43 - CFD: 13/05/2013 - 18:02:16 - [0,001] ----D C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly =>PUP.DealPly
~ Program Folder: 169 Legitimates Filtered in 00mn 01s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 01:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
~ Drivers: Scanned in 00mn 00s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - ??\??\???? - Pas de propriétaire (esgiguard) .(...) - LEGACY_ESGIGUARD
~ Legacy: 135 Legitimates Filtered in 00mn 00s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 19 Legitimates Filtered in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.0D3B680986310AE5540578C0E481C6A0] [SPRF][02/03/2010] (...) -- C:\ProgramData\FullRemove.exe [131984]
~ Files: Scanned in 00mn 00s
---\\ Scan Additionnel (O88)
Database Version : v2.12078 - (12/05/2013)
Clés trouvées (Keys found) : 7
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 3
Fichiers trouvés (Files found) : 0
[HKLM\Software\Wow6432Node\Tuto4pc] =>PUP.Eorezo
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKCU\Software\DealPly] =>PUP.DealPly
[HKLM\Software\Wow6432Node\DealPly] =>PUP.DealPly
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly] =>PUP.DealPly
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DealPly] =>PUP.DealPly
[HKCU\Software\InstallCore] =>Adware.InstallCore
C:\Program Files (x86)\DealPly =>PUP.DealPly
C:\Users\kevin\AppData\Roaming\DealPly =>PUP.DealPly
C:\Users\kevin\AppData\Local\EoRezo =>PUP.Eorezo
~ Additionnel Scan: 200037 Items scanned in 00mn 19s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 12/04/2013 256904 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 06/03/2013 45248 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SS - | Demand 01/03/2011 183560 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.exe
SR - | Auto 31/03/2011 352848 | (DsiWMIService) . (.Dritek System Inc..) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
SS - | Demand 28/09/2010 172912 | (EgisTec Ticket Service) . (.Egis Technology Inc..) - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
SR - | Auto 22/02/2011 873064 | (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
SR - | Auto 18/01/2011 1515792 | (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SS - | Demand 04/06/2011 655624 | (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SR - | Auto 08/01/2010 23584 | (GREGService) . (.Acer Incorporated.) - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
SS - | Auto 17/12/2012 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 17/12/2012 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SR - | Auto 138192 | (IJPLMSVC) . (...) - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.exe
SR - | Auto 31/01/2011 244624 | (Live Updater Service) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
SR - | Auto 16/09/2010 325656 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SS - | Demand 340240 | (MyWiFiDHCPDNS) . (...) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
SR - | Auto 09/03/2011 257344 | (NTI IScheduleSvc) . (.NTI Corporation.) - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
SR - | Auto 31/03/2011 993896 | (NVSvc) . (.NVIDIA Corporation.) - C:\Windows\System32\nvvsvc.exe
SR - | Auto 30/03/2011 2009704 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
SR - | Auto 18/01/2011 845584 | (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
SR - | Auto 25/02/2011 249648 | (SeaPort) . (.Microsoft Corporation.) - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.exe
SS - | Auto 28/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 16/09/2010 2538520 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 18/01/2011 992256 | (ZcfgSvc7) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
~ Services: Scanned in 00mn 00s
~ 1401 Legitimates filtered by white list
End of the scan (431 lines in 00mn 54s)(0)
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
13 mai 2013 à 20:14
13 mai 2013 à 20:14
--> Réutilise ZHPFix avec le texte suivant en gras en mode sans échec et poste le rapport.
https://www.commentcamarche.net/informatique/windows/113-demarrer-windows-10-en-mode-sans-echec/#demarrer-en-mode-sans-echec-avec-windows-7-vista-et-xp
SysRestore
G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.3 (Désactivé)
G2 - GCE: Preference [User Data\Default] [fmfnfnpmhcllokmkepffndflpnadjmma] DealPly Shopping v.3.5.0.0 (Activé)
G2 - GCE: Preference [User Data\Default] [hggpkhijoeadmdfmlbdepfbngmhaldci] DealPly Shopping v.3.5.0.0 (Activé)
O2 - BHO: DealPly Shopping [64Bits] - {a6c63b7f-2171-47fa-ab34-e64c4737169d} . (.DealPly - DealPly Shopping for Internet Explorer.) -- C:\Program Files (x86)\DealPly\DealPlyIE.dll
O4 - HKLM\..\Wow6432Node\Run: [tuto4pc_fr_33] Clé orpheline
[MD5.00000000000000000000000000000000] [APT] [{6B300EDC-F6A1-4491-987A-75DC531D66D6}] (...) -- D:\Autorun.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{8ACC39C5-C689-4A77-BDFC-C1265E90D9FD}] (...) -- C:\Program Files (x86)\InstallShield Installation Information\{95C65DA9-D0AE-11D8-B730-00C04F4351FF}\Setup.exe (.not file.) [0]
O42 - Logiciel: DealPly (remove only) - (.DealPly Technologies Ltd..) [HKLM][64Bits] -- DealPly
O42 - Logiciel: Dealply - (...) [HKCU][64Bits] -- Dealply
[HKCU\Software\DealPly]
[HKCU\Software\InstallCore]
[HKCU\Software\TutoTag]
[HKCU\Software\Tutorials]
[HKLM\Software\Wow6432Node\TUTO4PC]
O43 - CFD: 13/05/2013 - 18:02:16 - [1,236] ----D C:\Program Files (x86)\DealPly
O43 - CFD: 13/05/2013 - 18:02:30 - [0,097] ----D C:\Users\kevin\AppData\Roaming\Dealply
O43 - CFD: 13/05/2013 - 18:02:15 - [0,000] ----D C:\Users\kevin\AppData\Local\eorezo
O43 - CFD: 13/05/2013 - 18:02:16 - [0,001] ----D C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
O64 - Services: CurCS - ??\??\???? - Pas de propriétaire (esgiguard) .(...) - LEGACY_ESGIGUARD
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DealPly]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly]
[HKLM\Software\Wow6432Node\DealPly]
EmptyCLSID
EmptyFlash
EmptyTemp
https://www.commentcamarche.net/informatique/windows/113-demarrer-windows-10-en-mode-sans-echec/#demarrer-en-mode-sans-echec-avec-windows-7-vista-et-xp
SysRestore
G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.3 (Désactivé)
G2 - GCE: Preference [User Data\Default] [fmfnfnpmhcllokmkepffndflpnadjmma] DealPly Shopping v.3.5.0.0 (Activé)
G2 - GCE: Preference [User Data\Default] [hggpkhijoeadmdfmlbdepfbngmhaldci] DealPly Shopping v.3.5.0.0 (Activé)
O2 - BHO: DealPly Shopping [64Bits] - {a6c63b7f-2171-47fa-ab34-e64c4737169d} . (.DealPly - DealPly Shopping for Internet Explorer.) -- C:\Program Files (x86)\DealPly\DealPlyIE.dll
O4 - HKLM\..\Wow6432Node\Run: [tuto4pc_fr_33] Clé orpheline
[MD5.00000000000000000000000000000000] [APT] [{6B300EDC-F6A1-4491-987A-75DC531D66D6}] (...) -- D:\Autorun.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{8ACC39C5-C689-4A77-BDFC-C1265E90D9FD}] (...) -- C:\Program Files (x86)\InstallShield Installation Information\{95C65DA9-D0AE-11D8-B730-00C04F4351FF}\Setup.exe (.not file.) [0]
O42 - Logiciel: DealPly (remove only) - (.DealPly Technologies Ltd..) [HKLM][64Bits] -- DealPly
O42 - Logiciel: Dealply - (...) [HKCU][64Bits] -- Dealply
[HKCU\Software\DealPly]
[HKCU\Software\InstallCore]
[HKCU\Software\TutoTag]
[HKCU\Software\Tutorials]
[HKLM\Software\Wow6432Node\TUTO4PC]
O43 - CFD: 13/05/2013 - 18:02:16 - [1,236] ----D C:\Program Files (x86)\DealPly
O43 - CFD: 13/05/2013 - 18:02:30 - [0,097] ----D C:\Users\kevin\AppData\Roaming\Dealply
O43 - CFD: 13/05/2013 - 18:02:15 - [0,000] ----D C:\Users\kevin\AppData\Local\eorezo
O43 - CFD: 13/05/2013 - 18:02:16 - [0,001] ----D C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
O64 - Services: CurCS - ??\??\???? - Pas de propriétaire (esgiguard) .(...) - LEGACY_ESGIGUARD
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DealPly]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly]
[HKLM\Software\Wow6432Node\DealPly]
EmptyCLSID
EmptyFlash
EmptyTemp
code-lyoko16
Messages postés
19
Date d'inscription
dimanche 12 mai 2013
Statut
Membre
Dernière intervention
22 mai 2013
1
20 mai 2013 à 11:16
20 mai 2013 à 11:16
Bonjour,
Dois je tapoter la touche F8 quand il y a marqué "Démarrage de Windows" ou quand iil y a marqué "Bienvenu" ?
Merci
Dois je tapoter la touche F8 quand il y a marqué "Démarrage de Windows" ou quand iil y a marqué "Bienvenu" ?
Merci
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
20 mai 2013 à 11:39
20 mai 2013 à 11:39
Juste avant "Démarrage de Windows".
24 févr. 2013 à 23:18
Poster le rapport ? a qui? Comment?
Merci
D'autre part: il m'était conseillé de cliquer su ? et Hosts anti-PUP/Adware. Je n'ai pas réussi
Naëlimi
24 févr. 2013 à 23:22
http://www.malekal.com/2012/01/10/hosts-anti-pupsadware/