Exploreur windows
Fermé
angelique52230
-
26 janv. 2014 à 19:44
Cesel45 Messages postés 13152 Date d'inscription mardi 24 avril 2007 Statut Contributeur Dernière intervention 29 novembre 2023 - 28 janv. 2014 à 13:56
Cesel45 Messages postés 13152 Date d'inscription mardi 24 avril 2007 Statut Contributeur Dernière intervention 29 novembre 2023 - 28 janv. 2014 à 13:56
A voir également:
- Exploreur windows
- Clé windows 10 gratuit - Guide
- Windows 10 gratuit - Guide
- Windows 12 - Guide
- Internet exploreur - Télécharger - Navigateurs
- Windows ne démarre pas - Guide
9 réponses
Cesel45
Messages postés
13152
Date d'inscription
mardi 24 avril 2007
Statut
Contributeur
Dernière intervention
29 novembre 2023
2 809
26 janv. 2014 à 20:12
26 janv. 2014 à 20:12
Bonjour
Ton PC semble être infecter...
Tu vas être pris en charge par des Helpers du forum.
Dans un premier temps..mets ton antivirus à jour si c'est pas le cas.
Bonne continuation.
Ton PC semble être infecter...
Tu vas être pris en charge par des Helpers du forum.
Dans un premier temps..mets ton antivirus à jour si c'est pas le cas.
Bonne continuation.
Cesel45
Messages postés
13152
Date d'inscription
mardi 24 avril 2007
Statut
Contributeur
Dernière intervention
29 novembre 2023
2 809
Modifié par Cesel45 le 26/01/2014 à 22:58
Modifié par Cesel45 le 26/01/2014 à 22:58
Bon alors je m'y colle...
(Ces deux logiciels scannent jamais ensemble)
? Télécharge AdwCleaner (de Xplode) sur ton Bureau.
? Lance le, clique sur Nettoyer puis patiente le temps du scan.
? Ensuite, le rapport s'ouvrira : poste le dans ta prochaine réponse.
Ensuite ce logiciel
? Télécharge et installe Malwarebytes' Anti-Malware
? A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée. Par contre, il n'est pas nécessaire d'activer l'essai gratuit pour la protection.
? Lance MBAM et laisse les Mises à jour se télécharger (sinon fais les manuellement au lancement du programme)
? Puis va dans l'onglet "Recherche", coche "Exécuter un examen rapide" puis "Rechercher"
? A la fin de l'analyse, clique sur Afficher les résultats
? Coche tous les éléments détectés puis clique sur Supprimer la sélection
? S'il t'est demandé de redémarrer l'ordinateur, accepte.
? Poste dans ta prochaine réponse le rapport apparaissant après la suppression.
(Ces deux logiciels scannent jamais ensemble)
? Télécharge AdwCleaner (de Xplode) sur ton Bureau.
? Lance le, clique sur Nettoyer puis patiente le temps du scan.
? Ensuite, le rapport s'ouvrira : poste le dans ta prochaine réponse.
Ensuite ce logiciel
? Télécharge et installe Malwarebytes' Anti-Malware
? A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée. Par contre, il n'est pas nécessaire d'activer l'essai gratuit pour la protection.
? Lance MBAM et laisse les Mises à jour se télécharger (sinon fais les manuellement au lancement du programme)
? Puis va dans l'onglet "Recherche", coche "Exécuter un examen rapide" puis "Rechercher"
? A la fin de l'analyse, clique sur Afficher les résultats
? Coche tous les éléments détectés puis clique sur Supprimer la sélection
? S'il t'est demandé de redémarrer l'ordinateur, accepte.
? Poste dans ta prochaine réponse le rapport apparaissant après la suppression.
# AdwCleaner v3.017 - Rapport créé le 26/01/2014 à 23:02:56
# Mis à jour le 12/01/2014 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : teddy - TEDDY-PC
# Exécuté depuis : C:\Users\teddy\Downloads\adwcleaner.exe
# Option : Nettoyer
***** [ Services ] *****
***** [ Fichiers / Dossiers ] *****
Fichier Supprimé : C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
Fichier Supprimé : C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
Fichier Supprimé : C:\Users\teddy\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage
Fichier Supprimé : C:\Users\teddy\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage-journal
Fichier Supprimé : C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage
Fichier Supprimé : C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage-journal
***** [ Raccourcis ] *****
***** [ Registre ] *****
***** [ Navigateurs ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Google Chrome v27.0.1453.110
[ Fichier : C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Supprimée : urls_to_restore_on_startup
*************************
AdwCleaner[R0].txt - [39265 octets] - [26/01/2014 21:40:58]
AdwCleaner[R1].txt - [2221 octets] - [26/01/2014 23:01:11]
AdwCleaner[S0].txt - [31980 octets] - [26/01/2014 21:43:21]
AdwCleaner[S1].txt - [1732 octets] - [26/01/2014 23:02:56]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1792 octets] ##########
# Mis à jour le 12/01/2014 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : teddy - TEDDY-PC
# Exécuté depuis : C:\Users\teddy\Downloads\adwcleaner.exe
# Option : Nettoyer
***** [ Services ] *****
***** [ Fichiers / Dossiers ] *****
Fichier Supprimé : C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
Fichier Supprimé : C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
Fichier Supprimé : C:\Users\teddy\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage
Fichier Supprimé : C:\Users\teddy\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage-journal
Fichier Supprimé : C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage
Fichier Supprimé : C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage-journal
***** [ Raccourcis ] *****
***** [ Registre ] *****
***** [ Navigateurs ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Google Chrome v27.0.1453.110
[ Fichier : C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Supprimée : urls_to_restore_on_startup
*************************
AdwCleaner[R0].txt - [39265 octets] - [26/01/2014 21:40:58]
AdwCleaner[R1].txt - [2221 octets] - [26/01/2014 23:01:11]
AdwCleaner[S0].txt - [31980 octets] - [26/01/2014 21:43:21]
AdwCleaner[S1].txt - [1732 octets] - [26/01/2014 23:02:56]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1792 octets] ##########
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Cesel45
Messages postés
13152
Date d'inscription
mardi 24 avril 2007
Statut
Contributeur
Dernière intervention
29 novembre 2023
2 809
26 janv. 2014 à 23:10
26 janv. 2014 à 23:10
Merci...
Malwerbytes se scanne en mode sans échec.
Plus efficace pour les programmes malveillants qui se lancent au démarrage.
Malwerbytes se scanne en mode sans échec.
Plus efficace pour les programmes malveillants qui se lancent au démarrage.
je viens de lancer la recherche de Malwerbytes comment le scanne ton en mode sans échec?
Cesel45
Messages postés
13152
Date d'inscription
mardi 24 avril 2007
Statut
Contributeur
Dernière intervention
29 novembre 2023
2 809
26 janv. 2014 à 23:19
26 janv. 2014 à 23:19
Redémarre ton PC en tapotant F8 dès l'allumage du PC.
voici le rapport de Malwerbytes
Malwarebytes Anti-Malware (Essai) 1.75.0.1300
www.malwarebytes.org
Version de la base de données: v2014.01.26.06
Windows 7 Service Pack 1 x64 NTFS (Mode sans échec)
Internet Explorer 11.0.9600.16476
teddy :: TEDDY-PC [administrateur]
Protection: Désactivé
26/01/2014 23:25:37
MBAM-log-2014-01-26 (23-38-15).txt
Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 208570
Temps écoulé: 8 minute(s), 32 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 2
HKCU\Software\ilividmoviestoolbarha (PUP.Optional.MoviesToolBar.A) -> Aucune action effectuée.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Aucune action effectuée.
Valeur(s) du Registre détectée(s): 1
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Données: {2D140E4C-67B2-11E2-AC3C-5404A6727D87} -> Aucune action effectuée.
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 28
C:\ProgramData\Websteroids (PUP.Optional.Websteroids.A) -> Aucune action effectuée.
C:\ProgramData\Websteroids\Chrome (PUP.Optional.Websteroids.A) -> Aucune action effectuée.
C:\ProgramData\Websteroids\Chrome\unzip (PUP.Optional.Websteroids.A) -> Aucune action effectuée.
C:\ProgramData\Websteroids\Firefox (PUP.Optional.Websteroids.A) -> Aucune action effectuée.
C:\ProgramData\Websteroids\Firefox\chrome (PUP.Optional.Websteroids.A) -> Aucune action effectuée.
C:\ProgramData\Websteroids\Firefox\chrome\content (PUP.Optional.Websteroids.A) -> Aucune action effectuée.
C:\ProgramData\Datamngr (PUP.Optional.Datamngr.A) -> Aucune action effectuée.
C:\Program Files (x86)\Feven 1.7 (PUP.Optional.Feven.A) -> Aucune action effectuée.
C:\Program Files (x86)\AmiExt\flashEnhancer (PUP.Optional.Amonetize.A) -> Aucune action effectuée.
C:\Program Files (x86)\AmiExt\flashEnhancer\ch (PUP.Optional.Amonetize.A) -> Aucune action effectuée.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff (PUP.Optional.Amonetize.A) -> Aucune action effectuée.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome (PUP.Optional.Amonetize.A) -> Aucune action effectuée.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content (PUP.Optional.Amonetize.A) -> Aucune action effectuée.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\icons (PUP.Optional.Amonetize.A) -> Aucune action effectuée.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\icons\default (PUP.Optional.Amonetize.A) -> Aucune action effectuée.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\locale (PUP.Optional.Amonetize.A) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk (PUP.Optional.SaveSense.A) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk\5.0.2.9_0 (PUP.Optional.SaveSense.A) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk\5.0.2.9_0\images (PUP.Optional.SaveSense.A) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdppnagkklahjmblgdojadgbiffhejd (PUP.Optional.DeealFR) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0 (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\images (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\js (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\js\js (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\mam (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\mam\scripts (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\mam\scripts\contentScripts (PUP.Optional.ValueApps) -> Aucune action effectuée.
Fichier(s) détecté(s): 54
C:\Users\teddy\Documents\Downloads\flvmplayer.exe (PUP.BundleInstaller.SOL) -> Aucune action effectuée.
C:\Users\teddy\Documents\Downloads\UltimateCodec.exe (PUP.Optional.InstallCore) -> Aucune action effectuée.
C:\Users\teddy\Documents\Downloads\VLCVideoConverterSetup.exe (PUP.Optional.Somoto) -> Aucune action effectuée.
C:\Users\teddy\Documents\Downloads\WiseConvert_1.5.exe (PUP.Optional.Conduit.A) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Temp\is357113909\32141580_stp\RightSurfSetup.exe (PUP.Optional.RightSurf.A) -> Aucune action effectuée.
C:\Users\teddy\Downloads\Setup.exe (PUP.Optional.OptimumInstaller.A) -> Aucune action effectuée.
C:\Users\teddy\Local Settings\Temporary Internet Files\Content.IE5\SPL6PNV3\Setup[1].exe (PUP.Optional.RightSurf.A) -> Aucune action effectuée.
C:\Windows\Installer\6e129.msi (PUP.Optional.SweetIM) -> Aucune action effectuée.
C:\Users\teddy\AppData\Roaming\Bubble Dock.boostrap.log (PUP.Optional.Bubbledock.A) -> Aucune action effectuée.
C:\Windows\Tasks\bench-Updater removing.job (PUP.Optional.BenchUpdater.A) -> Aucune action effectuée.
C:\ProgramData\Websteroids\app.dat (PUP.Optional.Websteroids.A) -> Aucune action effectuée.
C:\ProgramData\Websteroids\Chrome\common.crx (PUP.Optional.Websteroids.A) -> Aucune action effectuée.
C:\ProgramData\Websteroids\Chrome\unzip\background.html (PUP.Optional.Websteroids.A) -> Aucune action effectuée.
C:\ProgramData\Websteroids\Chrome\unzip\icon.png (PUP.Optional.Websteroids.A) -> Aucune action effectuée.
C:\ProgramData\Websteroids\Chrome\unzip\icon128.png (PUP.Optional.Websteroids.A) -> Aucune action effectuée.
C:\ProgramData\Websteroids\Chrome\unzip\icon16.png (PUP.Optional.Websteroids.A) -> Aucune action effectuée.
C:\ProgramData\Websteroids\Chrome\unzip\icon48.png (PUP.Optional.Websteroids.A) -> Aucune action effectuée.
C:\ProgramData\Websteroids\Chrome\unzip\manifest.json (PUP.Optional.Websteroids.A) -> Aucune action effectuée.
C:\ProgramData\Websteroids\Firefox\install.rdf (PUP.Optional.Websteroids.A) -> Aucune action effectuée.
C:\ProgramData\Websteroids\Firefox\chrome\content\overlay.xul (PUP.Optional.Websteroids.A) -> Aucune action effectuée.
C:\ProgramData\Datamngr\coordinator.cfg (PUP.Optional.Datamngr.A) -> Aucune action effectuée.
C:\ProgramData\Datamngr\general.cfg (PUP.Optional.Datamngr.A) -> Aucune action effectuée.
C:\ProgramData\Datamngr\S-1-5-21-674071800-3960743130-813459307-1001.cfg (PUP.Optional.Datamngr.A) -> Aucune action effectuée.
C:\ProgramData\Datamngr\S-1-5-21-674071800-3960743130-813459307-1001.cfg.bak (PUP.Optional.Datamngr.A) -> Aucune action effectuée.
C:\Program Files (x86)\Feven 1.7\Feven 1.7-chromeinstaller.exe (PUP.Optional.Feven.A) -> Aucune action effectuée.
C:\Program Files (x86)\AmiExt\flashEnhancer\ch\flashEnhancer.crx (PUP.Optional.Amonetize.A) -> Aucune action effectuée.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\install.rdf (PUP.Optional.Amonetize.A) -> Aucune action effectuée.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\preferencesWindow.xul (PUP.Optional.Amonetize.A) -> Aucune action effectuée.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\myext.xul (PUP.Optional.Amonetize.A) -> Aucune action effectuée.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\icons\Thumbs.db (PUP.Optional.Amonetize.A) -> Aucune action effectuée.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\icons\default\star1_32.png (PUP.Optional.Amonetize.A) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk\5.0.2.9_0\background.js (PUP.Optional.SaveSense.A) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk\5.0.2.9_0\manifest.json (PUP.Optional.SaveSense.A) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk\5.0.2.9_0\images\icon128.png (PUP.Optional.SaveSense.A) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk\5.0.2.9_0\images\icon16.png (PUP.Optional.SaveSense.A) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk\5.0.2.9_0\images\icon48.png (PUP.Optional.SaveSense.A) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\background.html (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\icon.png (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\icon128.png (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\icon16.png (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\icon48.png (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\manifest.json (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\options.html (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\popup.html (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\Thumbs.db (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\js\background.js (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\js\options.js (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\mam\background.html (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\mam\settings.json (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\mam\scripts\background.js (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\mam\scripts\iframeHost.html (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\mam\scripts\iframeHost.js (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\mam\scripts\popup.js (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\mam\scripts\contentScripts\contentScript.js (PUP.Optional.ValueApps) -> Aucune action effectuée.
(fin)
Malwarebytes Anti-Malware (Essai) 1.75.0.1300
www.malwarebytes.org
Version de la base de données: v2014.01.26.06
Windows 7 Service Pack 1 x64 NTFS (Mode sans échec)
Internet Explorer 11.0.9600.16476
teddy :: TEDDY-PC [administrateur]
Protection: Désactivé
26/01/2014 23:25:37
MBAM-log-2014-01-26 (23-38-15).txt
Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 208570
Temps écoulé: 8 minute(s), 32 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 2
HKCU\Software\ilividmoviestoolbarha (PUP.Optional.MoviesToolBar.A) -> Aucune action effectuée.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Aucune action effectuée.
Valeur(s) du Registre détectée(s): 1
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Données: {2D140E4C-67B2-11E2-AC3C-5404A6727D87} -> Aucune action effectuée.
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 28
C:\ProgramData\Websteroids (PUP.Optional.Websteroids.A) -> Aucune action effectuée.
C:\ProgramData\Websteroids\Chrome (PUP.Optional.Websteroids.A) -> Aucune action effectuée.
C:\ProgramData\Websteroids\Chrome\unzip (PUP.Optional.Websteroids.A) -> Aucune action effectuée.
C:\ProgramData\Websteroids\Firefox (PUP.Optional.Websteroids.A) -> Aucune action effectuée.
C:\ProgramData\Websteroids\Firefox\chrome (PUP.Optional.Websteroids.A) -> Aucune action effectuée.
C:\ProgramData\Websteroids\Firefox\chrome\content (PUP.Optional.Websteroids.A) -> Aucune action effectuée.
C:\ProgramData\Datamngr (PUP.Optional.Datamngr.A) -> Aucune action effectuée.
C:\Program Files (x86)\Feven 1.7 (PUP.Optional.Feven.A) -> Aucune action effectuée.
C:\Program Files (x86)\AmiExt\flashEnhancer (PUP.Optional.Amonetize.A) -> Aucune action effectuée.
C:\Program Files (x86)\AmiExt\flashEnhancer\ch (PUP.Optional.Amonetize.A) -> Aucune action effectuée.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff (PUP.Optional.Amonetize.A) -> Aucune action effectuée.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome (PUP.Optional.Amonetize.A) -> Aucune action effectuée.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content (PUP.Optional.Amonetize.A) -> Aucune action effectuée.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\icons (PUP.Optional.Amonetize.A) -> Aucune action effectuée.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\icons\default (PUP.Optional.Amonetize.A) -> Aucune action effectuée.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\locale (PUP.Optional.Amonetize.A) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk (PUP.Optional.SaveSense.A) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk\5.0.2.9_0 (PUP.Optional.SaveSense.A) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk\5.0.2.9_0\images (PUP.Optional.SaveSense.A) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdppnagkklahjmblgdojadgbiffhejd (PUP.Optional.DeealFR) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0 (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\images (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\js (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\js\js (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\mam (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\mam\scripts (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\mam\scripts\contentScripts (PUP.Optional.ValueApps) -> Aucune action effectuée.
Fichier(s) détecté(s): 54
C:\Users\teddy\Documents\Downloads\flvmplayer.exe (PUP.BundleInstaller.SOL) -> Aucune action effectuée.
C:\Users\teddy\Documents\Downloads\UltimateCodec.exe (PUP.Optional.InstallCore) -> Aucune action effectuée.
C:\Users\teddy\Documents\Downloads\VLCVideoConverterSetup.exe (PUP.Optional.Somoto) -> Aucune action effectuée.
C:\Users\teddy\Documents\Downloads\WiseConvert_1.5.exe (PUP.Optional.Conduit.A) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Temp\is357113909\32141580_stp\RightSurfSetup.exe (PUP.Optional.RightSurf.A) -> Aucune action effectuée.
C:\Users\teddy\Downloads\Setup.exe (PUP.Optional.OptimumInstaller.A) -> Aucune action effectuée.
C:\Users\teddy\Local Settings\Temporary Internet Files\Content.IE5\SPL6PNV3\Setup[1].exe (PUP.Optional.RightSurf.A) -> Aucune action effectuée.
C:\Windows\Installer\6e129.msi (PUP.Optional.SweetIM) -> Aucune action effectuée.
C:\Users\teddy\AppData\Roaming\Bubble Dock.boostrap.log (PUP.Optional.Bubbledock.A) -> Aucune action effectuée.
C:\Windows\Tasks\bench-Updater removing.job (PUP.Optional.BenchUpdater.A) -> Aucune action effectuée.
C:\ProgramData\Websteroids\app.dat (PUP.Optional.Websteroids.A) -> Aucune action effectuée.
C:\ProgramData\Websteroids\Chrome\common.crx (PUP.Optional.Websteroids.A) -> Aucune action effectuée.
C:\ProgramData\Websteroids\Chrome\unzip\background.html (PUP.Optional.Websteroids.A) -> Aucune action effectuée.
C:\ProgramData\Websteroids\Chrome\unzip\icon.png (PUP.Optional.Websteroids.A) -> Aucune action effectuée.
C:\ProgramData\Websteroids\Chrome\unzip\icon128.png (PUP.Optional.Websteroids.A) -> Aucune action effectuée.
C:\ProgramData\Websteroids\Chrome\unzip\icon16.png (PUP.Optional.Websteroids.A) -> Aucune action effectuée.
C:\ProgramData\Websteroids\Chrome\unzip\icon48.png (PUP.Optional.Websteroids.A) -> Aucune action effectuée.
C:\ProgramData\Websteroids\Chrome\unzip\manifest.json (PUP.Optional.Websteroids.A) -> Aucune action effectuée.
C:\ProgramData\Websteroids\Firefox\install.rdf (PUP.Optional.Websteroids.A) -> Aucune action effectuée.
C:\ProgramData\Websteroids\Firefox\chrome\content\overlay.xul (PUP.Optional.Websteroids.A) -> Aucune action effectuée.
C:\ProgramData\Datamngr\coordinator.cfg (PUP.Optional.Datamngr.A) -> Aucune action effectuée.
C:\ProgramData\Datamngr\general.cfg (PUP.Optional.Datamngr.A) -> Aucune action effectuée.
C:\ProgramData\Datamngr\S-1-5-21-674071800-3960743130-813459307-1001.cfg (PUP.Optional.Datamngr.A) -> Aucune action effectuée.
C:\ProgramData\Datamngr\S-1-5-21-674071800-3960743130-813459307-1001.cfg.bak (PUP.Optional.Datamngr.A) -> Aucune action effectuée.
C:\Program Files (x86)\Feven 1.7\Feven 1.7-chromeinstaller.exe (PUP.Optional.Feven.A) -> Aucune action effectuée.
C:\Program Files (x86)\AmiExt\flashEnhancer\ch\flashEnhancer.crx (PUP.Optional.Amonetize.A) -> Aucune action effectuée.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\install.rdf (PUP.Optional.Amonetize.A) -> Aucune action effectuée.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\preferencesWindow.xul (PUP.Optional.Amonetize.A) -> Aucune action effectuée.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\myext.xul (PUP.Optional.Amonetize.A) -> Aucune action effectuée.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\icons\Thumbs.db (PUP.Optional.Amonetize.A) -> Aucune action effectuée.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\icons\default\star1_32.png (PUP.Optional.Amonetize.A) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk\5.0.2.9_0\background.js (PUP.Optional.SaveSense.A) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk\5.0.2.9_0\manifest.json (PUP.Optional.SaveSense.A) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk\5.0.2.9_0\images\icon128.png (PUP.Optional.SaveSense.A) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk\5.0.2.9_0\images\icon16.png (PUP.Optional.SaveSense.A) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk\5.0.2.9_0\images\icon48.png (PUP.Optional.SaveSense.A) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\background.html (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\icon.png (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\icon128.png (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\icon16.png (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\icon48.png (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\manifest.json (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\options.html (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\popup.html (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\Thumbs.db (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\js\background.js (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\js\options.js (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\mam\background.html (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\mam\settings.json (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\mam\scripts\background.js (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\mam\scripts\iframeHost.html (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\mam\scripts\iframeHost.js (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\mam\scripts\popup.js (PUP.Optional.ValueApps) -> Aucune action effectuée.
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\mam\scripts\contentScripts\contentScript.js (PUP.Optional.ValueApps) -> Aucune action effectuée.
(fin)
Cesel45
Messages postés
13152
Date d'inscription
mardi 24 avril 2007
Statut
Contributeur
Dernière intervention
29 novembre 2023
2 809
27 janv. 2014 à 00:00
27 janv. 2014 à 00:00
Peux-tu ouvrir tes photos maintenant..?
Cesel45
Messages postés
13152
Date d'inscription
mardi 24 avril 2007
Statut
Contributeur
Dernière intervention
29 novembre 2023
2 809
27 janv. 2014 à 00:12
27 janv. 2014 à 00:12
Cesel45
Messages postés
13152
Date d'inscription
mardi 24 avril 2007
Statut
Contributeur
Dernière intervention
29 novembre 2023
2 809
27 janv. 2014 à 00:30
27 janv. 2014 à 00:30
Sur rechercher..
voici le rapport:
~ Rapport de ZHPDiag v2014.1.25.26 - Nicolas Coolman (25/01/2014)
~ Lancé par teddy (27/01/2014 00:39:49)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16476
GCIE: Google Chrome v27.0.1453.110 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 9YQTR
Windows License : OK
~ Windows Remaining Initializations Number : 1
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft Security Client v4.4.0304.0
Windows Defender W7
---\\ Logiciels d'optimisation du système
CCleaner v3.27 =>Piriform Ltd
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 10 Plugin
Adobe Reader X
Java 7 Update 51
---\\ Informations sur le système
~ Processor: AMD64 Family 20 Model 2 Stepping 0, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4075 MB (52% free)
System Restore: Activé (Enable)
System drive C: has 109 GB (54%) free of 200 GB
---\\ Mode de connexion au système
~ Computer Name: TEDDY-PC
~ User Name: teddy
~ All Users Names: teddy, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\teddy\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\teddy\AppData\Roaming\
~ %Desktop% : C:\Users\teddy\Desktop\
~ %Favorites% : C:\Users\teddy\Favorites\
~ %LocalAppData% : C:\Users\teddy\AppData\Local\
~ %StartMenu% : C:\Users\teddy\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 109 Go of 200 Go)
D: Hard drive, Flash drive, Thumb drive (Free 43 Go of 240 Go)
E: CD-ROM drive (Not Inserted)
F: Hard drive, Flash drive, Thumb drive (Free 175 Go of 233 Go)
G: Hard drive, Flash drive, Thumb drive (Free 160 Go of 233 Go)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 46 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.9B6678DB9C6A232C5A84D2FDFFF8B0E1] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.26/11/2013 - 08:07:57.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:32.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:28.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:22.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:34.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:22.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:36.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:58.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:04.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/2705
~ Mes musiques (My Musics) : 1/376
~ Mes Videos (My Videos) : 2/22
~ Mes Favoris (My Favorites) : 1/8
~ Mes Documents (My Documents) : 2/201
~ Mon Bureau (My Desktop) : 0/43
~ Menu demarrer (Programs) : 1/43
~ Hidden Files: Scanned in 00mn 07s
---\\ Processus lancés
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.2448]
[MD5.C98EF7E083579C0D588D0E909F48A90A] - (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [247728] [PID.2808]
[MD5.58920E6A409046BA06548D9D139CE0F0] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608] [PID.2896]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.2980]
[MD5.BAF535F843A3E790E04A7613811B55BC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.2992]
[MD5.04FA35F93C1F3A7D949F545BD0981B5D] - (...) -- C:\Program Files (x86)\tuto4pc_fr_86\tuto4pc_fr_86.exe [11670992] [PID.1216] =>PUP.Eorezo
[MD5.710346F1C319257A754A7C0ACC99A480] - (.ASUSTeK Computer Inc. - ASUS Live Update.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [1548448] [PID.3260]
[MD5.5BB1F77C8AF725A15EC9366498D275BB] - (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992] [PID.3452]
[MD5.2F3390C8E3620B3991D7D82014E26AA7] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [825808] [PID.4472]
[MD5.CA25CAEEBDBE25D85565877219F684F8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8339968] [PID.2892]
[MD5.18E5C2F937F9DEB8C282DF66A3761925] - (.ASUS - ASLDR Service.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [84536] [PID.1276]
[MD5.B33CF4DE909A5B30F526D82053A63C8E] - (.ABBYY - ABBYY network license server.) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048] [PID.1480]
[MD5.D19C4EE2AC7C47B8F5F84FFF1A789D8A] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [63960] [PID.1524]
[MD5.30E3850F303EAE5C364782EA78579CC9] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624] [PID.1592]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.1780]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.1808]
[MD5.3199A477F0F06EEDE41BD55179F8EB05] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [92592] [PID.1960]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648] [PID.1712]
[MD5.76B35CB0F3A4E69D6DFF27F542B9F856] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe [216968] [PID.3744]
~ Processes Running: Scanned in 00mn 02s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://www.google.com
G0 - GCSP: Preference [User Data\Default] ^http://.*\\.babylon\\.comId=F82D72DE2BB571CA", "http://www1.delta-search.com/?affID=120695&tt=gc_&babsrc=HP_ss&mntrId=F82D74DE2BB571CA", "http://mixidj.delta-search.com/?affID=121128&babsrc=HP_ss&mntrId=F82D72DE2BB571CA", "http://search.babylon.com/?babsrc=HP_ss&mntrId=F82D72DE2BB571CA&affID=121828&tsp=5011", "http://start.qone8.com/?type=hp&ts=1382872713&from=tugs&uid=ST9500325AS_S2W6FNQCXXXXS2W6FNQC", "http://search.conduit.com/?ctid=CT3317933&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP0912B68D-1D00-4D06-9222-BD28358D7B28&SSPV=", "http://www.msn.com/?pc=UP97&ocid=U =>PUP.Babylon
G2 - GCE: Preference [User Data\Default] [dhdppnagkklahjmblgdojadgbiffhejd] Blog Share v.0.1 (Désactivé)
G2 - GCE: Preference [User Data\Default] [dpjidjdlmiicecdacdaphakooinemdkf] Guns N' Roses v.1 (Activé)
G2 - GCE: Preference [User Data\Default] [jjflmfkjppbmejlfbhlpgjnomdoefkfa] Share With Care v.0.1 (Désactivé)
G2 - GCE: Preference [User Data\Default] [khcceooakamlehbimaepcldnnlnkcmfk] SaveSense v.5.0.2.9 (Désactivé) =>PUP.SaveSense
G2 - GCE: Preference [User Data\Default] [lcnnhcneegeeojhgpfijnlnocjdmlaon] Value apps v.1.7.0.2, (Désactivé) =>Toolbar.Conduit
~ Google Browser: 12 Legitimates Filtered in 00mn 31s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 34
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Easy Photo Print - [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION - Epson Easy Photo Print (TBL x64).) -- C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: eManual.Lnk . (.ASUSTek Computer Inc. - EManual Application.) -- C:\eSupport\Manual\eManual.exe
O4 - GS\Desktop [Public]: Epson Easy Photo Print.lnk . (.SEIKO EPSON CORPORATION - Pas de description.) -- C:\Program Files (x86)\EPSON Software\Easy Photo Print\EPQuicker.exe
O4 - GS\Desktop [Public]: SKCC.lnk . (.SpeedoFlash - SK08 Control Center - Light.) -- C:\Program Files (x86)\SKCC\skcc.exe
O4 - GS\QuickLaunch [teddy]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [teddy]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [teddy]: Free launcher for Minecraft Alpha.lnk . (.AnjoCaido - Free launcher for Minecraft Alpha.) -- C:\Users\teddy\Desktop\minecraft.exe
O4 - GS\TaskBar [teddy]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Program [teddy]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [teddy]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [teddy]: Budget facile.lnk . (...) -- D:\Program Files (x86)\Anuman Interactive\Budget facile\Budget facile.exe
O4 - GS\Desktop [teddy]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [teddy]: Microsoft Office Outlook 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe =>.Microsoft Corporation
~ Global Startup: 73 Legitimates Filtered in 00mn 02s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\teddy\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKLM\..\Wow6432Node\Run: [FaxCenterServer] . (.Pas de propriétaire - Fax Man Server.) -- C:\Program Files (x86)\Lexmark Fax Solutions\fm3032.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [tuto4pc_fr_86] . (...) -- C:\Program Files (x86)\tuto4pc_fr_86\tuto4pc_fr_86.exe =>PUP.Eorezo
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-674071800-3960743130-813459307-1001\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKUS\S-1-5-21-674071800-3960743130-813459307-1001\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\teddy\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-674071800-3960743130-813459307-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
~ Application: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{12F266BE-C0A8-462E-A47D-07C1D0F7FB28}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{2B31ADD2-FF26-4EFB-B28E-253F5B0187D1}: DhcpNameServer = 100.100.3.17
O17 - HKLM\System\CS1\Services\Tcpip\..\{12F266BE-C0A8-462E-A47D-07C1D0F7FB28}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{2B31ADD2-FF26-4EFB-B28E-253F5B0187D1}: DhcpNameServer = 100.100.3.17
O17 - HKLM\System\CS2\Services\Tcpip\..\{12F266BE-C0A8-462E-A47D-07C1D0F7FB28}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{2B31ADD2-FF26-4EFB-B28E-253F5B0187D1}: DhcpNameServer = 100.100.3.17
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\bench-Updater removing.job [288] =>PUP.GiganticSavings
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Digital Sites.job [292]
[MD5.00000000000000000000000000000000] [APT] [Digital Sites] (...) -- C:\Users\teddy\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Test TimeTrigger] (...) -- C:\Users\teddy\AppData\Local\Temp\Runner.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{5DC942C3-16A3-4E04-B0EF-F433D82D3E07}] (...) -- C:\Users\teddy\AppData\Local\Temp\ICReinstall_Minecraft.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{BD16AF43-2339-4AA6-BBF5-EA4206C0077A}] (...) -- C:\Users\teddy\Downloads\epson324711eu.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F3C68322-A934-4E05-A012-CC86F9D27C91}] (...) -- C:\Program Files (x86)\Claro LTD\claro\1.8.8.5\GUninstaller.exe (.not file.) [0] =>PUP.ClaroSearch
~ Scheduled Task: 28 Legitimates Filtered in 00mn 08s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (ATKWMIACPIIO) . (. - .) - C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (.not file.)
~ Drivers: 63 Legitimates Filtered in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: Paint XP version 1.2 - (.MSPAINTXP.COM.) [HKLM][64Bits] -- {2367FAB6-055A-4923-835F-F57F7BBBA363}_is1
O42 - Logiciel: SKCC 1.4 Legal - (.SpeedoFlash.) [HKLM][64Bits] -- {5E82DC42-9132-4861-81FE-4259A631A9BD}_is1
O42 - Logiciel: Tuto4pc Maj 1.2 - (.Tuto4_pc.) [HKLM][64Bits] -- Tuto4pc Maj 1.2_is1 =>PUP.Eorezo
O42 - Logiciel: Zoo Empire Demo - (...) [HKLM][64Bits] -- {E372A742-CCCF-46DE-B1D6-5AEC10F77CF0}
O42 - Logiciel: tuto4pc_fr_86 - (.TUTO4PC.) [HKLM][64Bits] -- tuto4pc_fr_86_is1 =>PUP.Eorezo
~ Logic: 25 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\40594InstEnd]
[HKCU\Software\44162InstEnd]
[HKCU\Software\ForumerIT] =>Toolbar.Forumer
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Tuto4_pc]
[HKLM\Software\Wow6432Node\VBMZ] =>PUP.Duuqu
[HKLM\Software\mamverifier]
~ Key Software: 279 Legitimates Filtered in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 04/01/2014 - 23:23:00 - [0,106] ----D C:\Program Files (x86)\AmiExt =>Adware.FlashEnhancer
O43 - CFD: 07/01/2014 - 20:15:41 - [0,884] ----D C:\Program Files (x86)\Feven 1.7 =>PUP.CrossRider
O43 - CFD: 29/07/2013 - 15:47:17 - [0] ----D C:\Program Files (x86)\majtuto4pc_fr_a1 =>PUP.Eorezo
O43 - CFD: 09/06/2013 - 09:33:04 - [1,347] ----D C:\Program Files (x86)\Paint XP
O43 - CFD: 05/02/2012 - 13:17:31 - [1,315] ----D C:\Program Files (x86)\SKCC
O43 - CFD: 16/11/2012 - 20:27:49 - [0,710] ----D C:\Program Files (x86)\Tuto4pc Maj 1.2 =>PUP.Eorezo
O43 - CFD: 10/01/2014 - 23:26:12 - [12,208] ----D C:\Program Files (x86)\tuto4pc_fr_86 =>PUP.Eorezo
O43 - CFD: 26/01/2014 - 21:43:24 - [0,026] ----D C:\ProgramData\Datamngr =>PUP.Datamngr
O43 - CFD: 03/02/2013 - 19:04:42 - [2,126] ----D C:\Users\teddy\AppData\Roaming\0T1P1I1P0C1M1T1C1N1P1C
O43 - CFD: 01/02/2013 - 17:42:02 - [2,666] ----D C:\Users\teddy\AppData\Roaming\PL23
O43 - CFD: 04/01/2014 - 23:30:04 - [0] ----D C:\Users\teddy\AppData\Roaming\wp_update =>PUP.WpManager
O43 - CFD: 21/05/2013 - 16:26:06 - [0] ----D C:\Users\teddy\AppData\Local\supt4pc_fr_37 =>PUP.Eorezo
O43 - CFD: 10/01/2014 - 23:26:27 - [0] ----D C:\Users\teddy\AppData\Local\tut_fr_86
O43 - CFD: 16/11/2012 - 20:27:49 - [0] ----D C:\Users\teddy\AppData\Local\uptt4pcin4
O43 - CFD: 09/01/2014 - 22:57:09 - [0,003] ----D C:\Users\teddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
~ 70 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 271 Legitimates Filtered in 00mn 30s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.9FCEA364596947E438A0204DA1E009BE] - 26/01/2014 - 11:36:17 ---A- . (...) -- C:\Windows\System32\ASOROSet.bin [1652]
O44 - LFC:[MD5.24BC375FB531CE9B079AFB11957E4AE8] - 26/01/2014 - 23:44:18 ---A- . (...) -- C:\Windows\ntbtlog.txt [213340]
~ Files: 25 Legitimates Filtered in 00mn 09s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - bpsvc.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - browsersafeguard.exe - tasklist.exe =>PUP.BrowserSafeguard
O50 - IFEO:Image File Execution Options - protectedsearch.exe - tasklist.exe =>Spyware.ProtectedSearch
O50 - IFEO:Image File Execution Options - snapdo.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - stinst32.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - stinst64.exe - tasklist.exe
~ IFEO: Scanned in 00mn 00s
---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\DataMgr [Key] . (...) -- C:\Users\teddy\AppData\Roaming\DataMgr\DataMgr.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Intermediate [Key] . (...) -- C:\Users\teddy\AppData\Roaming\Intermediate\Intermediate.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\SCheck [Key] . (...) -- C:\Users\teddy\AppData\Roaming\SCheck\SCheck.exe (.not file.) =>PUP.LuaRT
O53 - SMSR:HKLM\...\startupreg\SSync [Key] . (...) -- C:\Users\teddy\AppData\Roaming\SSync\SSync.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\tuto4pc_fr_25 [Key] . (...) -- C:\Program Files (x86)\MediaVideoDev\tuto4pc_fr_25.exe (.not file.) =>PUP.Eorezo
O53 - SMSR:HKLM\...\startupreg\tuto4pc_fr_50 [Key] . (...) -- C:\Program Files (x86)\tuto4pc_fr_50\tuto4pc_fr_50.exe (.not file.) =>PUP.Eorezo
O53 - SMSR:HKLM\...\startupreg\Tutorials [Key] . (...) -- C:\Program Files (x86)\TUTO4PC\tuto4pc_fr_7.exe (.not file.) =>PUP.Eorezo
~ SMSR Keys: 34 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.4C120D2B2EA269EAE7A5744794EB6DB1] - 31/12/2010 - 11:30:10 ---A- . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\Drivers\ETD.sys [138024]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.E63EF8C3271D014F14E2469CE75FECB4] - 20/07/2009 - 10:29:40 ---A- . (.Pas de propriétaire - Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\kbfiltr.sys [15416]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
~ Drivers: 16 Legitimates Filtered in 00mn 02s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] 154962FE86FC455F9321AC598896B0BA - (Conduit Search) - http://search.conduit.com
O69 - SBI: SearchScopes [HKCU] {4227D56D-D39D-4E2C-8653-54F88D7623F1} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Goo) - http://www.google.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.90E1D86D979B92738A47D7072CB22DA8] [SPRF][07/07/2010] (...) -- C:\ProgramData\FullRemove.exe [131472]
[MD5.55DBA9F8D394DC3B628BB27D46A1B2BE] [SPRF][26/01/2014] (.Setup © - Setup.) -- C:\Users\teddy\AppData\Local\Temp\62358uninstall.exe [647680]
[MD5.AE811BEE491A687748519F12AF08E822] [SPRF][26/01/2014] (.Ask Partner Network - Stub Installer.) -- C:\Users\teddy\AppData\Local\Temp\APNSetup.exe [510928]
[MD5.858D895AD40DE9779E78C39A116F9553] [SPRF][26/01/2014] (...) -- C:\Users\teddy\AppData\Local\Temp\BackupSetup.exe [10355400]
[MD5.24F6D923EF6956ABD0449C879F36D7C7] [SPRF][26/01/2014] (...) -- C:\Users\teddy\AppData\Local\Temp\i4jdel0.exe [27411]
[MD5.3DF9C822FFD4245403113A555A27357F] [SPRF][12/01/2014] (...) -- C:\Users\teddy\AppData\Local\Temp\Quarantine.exe [360073]
[MD5.5405413FFF79B8D9C747AA900F60F082] [SPRF][26/01/2014] (...) -- C:\Users\teddy\AppData\Local\Temp\Sqlite3.dll [599419]
[MD5.605A171C61A0607BDCF6BE80ED07CF95] [SPRF][25/02/2011] (.AnjoCaido - Free launcher for Minecraft Alpha.) -- C:\Users\teddy\Desktop\minecraft.exe [695296]
~ Files: 9 Legitimates Filtered in 00mn 13s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{2D846582-BAD9-4528-A3ED-A064F46676F4}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe (.not file.) =>PUP.Datamngr
O87 - FAEL: "{A97764C5-049B-4D1D-B439-4CB65647615C}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe (.not file.) =>PUP.Datamngr
~ Firewall: 192 Legitimates Filtered in 00mn 05s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "A81E737A17150D040843D72D34240018" . (.Software Updater.) -- C:\Windows\Installer\{A737E18A-5171-40D0-8034-7DD243420081}\icon.ico =>PUP.Eorezo
~ Update Products: 317 Legitimates Filtered in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.39988793C0BE26963F7C8228E7F04E23] [WIS][06/01/2014] (.Google - Google+ Auto Backup.) -- C:\Windows\Installer\21d50a1.msi [3088384]
[MD5.EDD21B7C504C7E3F36DE766B31BD3178] [WIS][26/01/2013] (.SweetIM Technologies Ltd. - SweetPacks Toolbar for Internet Explorer 4.0.) -- C:\Windows\Installer\6e129.msi [3304960] =>PUP.SweetIM
~ WIS: 322 Legitimates Filtered in 00mn 42s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 15/12/2009 96896 | (ATKGFNEXSrv) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
SS - | Auto 04/02/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 04/02/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 09/05/2011 136120 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/05/2009 759048 | (ABBYY.Licensing.FineReader.Sprint.9.0) . (.ABBYY.) - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
SR - | Auto 27/07/2012 63960 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 25/01/2011 379520 | (AFBAgent) . (.ASUSTeK Computer Inc..) - C:\Windows\system32\FBAgent.exe
SR - | Auto 13/07/2011 204288 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 14/07/2011 361984 | (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
SR - | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 16/06/2009 84536 | (ASLDRService) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 11/12/2011 135824 | (EpsonScanSvc) . (.Seiko Epson Corporation.) - C:\Windows\system32\EscSvc64.exe
SR - | Auto 21/02/2012 151648 | (EPSON_PM_RPCV4_04) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.exe
SR - | Demand 02/11/2013 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 23/10/2013 23808 | (MsMpSvc) . (.Microsoft Corporation.) - C:\Program Files\Microsoft Security Client\MsMpEng.exe
SR - | Auto 23/01/2012 92592 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 44s
---\\ Scan Additionnel (O88)
Database Version : 13030 - (25/01/2014)
Clés trouvées (Keys found) : 53
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 10
Fichiers trouvés (Files found) : 4
[HKLM\Software\Google\Chrome\Extensions\khcceooakamlehbimaepcldnnlnkcmfk] =>PUP.SaveSense^
[HKLM\Software\Google\Chrome\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Tuto4pc Maj 1.2_is1] =>PUP.Eorezo^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\tuto4pc_fr_86_is1] =>PUP.Eorezo^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SCheck] =>PUP.LuaRT^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\tuto4pc_fr_25] =>PUP.Eorezo^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\tuto4pc_fr_50] =>PUP.Eorezo^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Tutorials] =>PUP.Eorezo^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Tuto4_pc] =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211181110}] =>Adware.VidSaver
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Wow6432Node\VBMZ] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111991162}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211181110}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111991162}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211181110}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110111991162}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:tuto4pc_fr_86 =>PUP.Eorezo^
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk =>PUP.SaveSense^
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon =>Toolbar.Conduit^
C:\Program Files (x86)\AmiExt =>Adware.FlashEnhancer^
C:\Program Files (x86)\Feven 1.7 =>PUP.CrossRider^
C:\Program Files (x86)\majtuto4pc_fr_a1 =>PUP.Eorezo^
C:\Program Files (x86)\Tuto4pc Maj 1.2 =>PUP.Eorezo^
C:\Program Files (x86)\tuto4pc_fr_86 =>PUP.Eorezo^
C:\ProgramData\Datamngr =>PUP.Datamngr^
C:\Users\teddy\AppData\Roaming\wp_update =>PUP.WpManager^
C:\Users\teddy\AppData\Local\supt4pc_fr_37 =>PUP.Eorezo^
C:\Program Files (x86)\tuto4pc_fr_86\tuto4pc_fr_86.exe =>PUP.Eorezo^
C:\Windows\Tasks\bench-Updater removing.job =>PUP.GiganticSavings^
[HKCU\Software\ForumerIT] =>Toolbar.Forumer^
C:\Windows\Installer\6e129.msi =>PUP.SweetIM^
~ Additionnel Scan: 330503 Items scanned in 00mn 43s
---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/27469224-pup-eorezo =>PUP.EoRezo
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/36853930-pup-savesense =>PUP.SaveSense
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/37514218-pup-giganticsavings =>PUP.GiganticSavings
~ http://nicolascoolman.webs.com/apps/blog/show/27563212-pup-clarosearch =>PUP.ClaroSearch
~ http://nicolascoolman.webs.com/apps/blog/show/32729139-toolbar-forumer =>Toolbar.Forumer
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/37752731-pup-duuqu =>PUP.Duuqu
~ http://nicolascoolman.webs.com/apps/blog/show/40653881-adware-flashenhancer =>Adware.FlashEnhancer
~ http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider =>PUP.CrossRider
~ http://nicolascoolman.webs.com/apps/blog/show/27583992-pup-datamngr =>PUP.Datamngr
~ http://nicolascoolman.webs.com/apps/blog/show/38737316-pup-wpmanager =>PUP.WpManager
~ http://nicolascoolman.webs.com/apps/blog/show/32799788-pup-browsersafeguard =>PUP.BrowserSafeguard
~ http://nicolascoolman.webs.com/apps/blog/show/33367156-spyware-protectedsearch =>Spyware.ProtectedSearch
~ http://nicolascoolman.webs.com/apps/blog/show/35337893-pup-luart =>PUP.LuaRT
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/26627641-spyware-agenceexclusive =>Spyware.AgenceExclusive
~ http://nicolascoolman.webs.com/apps/blog/show/27557062-adware-vidsaver =>Adware.VidSaver
~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma
~ MSI: 20 link(s) detected in 00mn 43s
~ 1406 Legitimates filtered by white list
End of the scan (559 lines in 04mn 45s)(0)
~ Rapport de ZHPDiag v2014.1.25.26 - Nicolas Coolman (25/01/2014)
~ Lancé par teddy (27/01/2014 00:39:49)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16476
GCIE: Google Chrome v27.0.1453.110 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 9YQTR
Windows License : OK
~ Windows Remaining Initializations Number : 1
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft Security Client v4.4.0304.0
Windows Defender W7
---\\ Logiciels d'optimisation du système
CCleaner v3.27 =>Piriform Ltd
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 10 Plugin
Adobe Reader X
Java 7 Update 51
---\\ Informations sur le système
~ Processor: AMD64 Family 20 Model 2 Stepping 0, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4075 MB (52% free)
System Restore: Activé (Enable)
System drive C: has 109 GB (54%) free of 200 GB
---\\ Mode de connexion au système
~ Computer Name: TEDDY-PC
~ User Name: teddy
~ All Users Names: teddy, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\teddy\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\teddy\AppData\Roaming\
~ %Desktop% : C:\Users\teddy\Desktop\
~ %Favorites% : C:\Users\teddy\Favorites\
~ %LocalAppData% : C:\Users\teddy\AppData\Local\
~ %StartMenu% : C:\Users\teddy\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 109 Go of 200 Go)
D: Hard drive, Flash drive, Thumb drive (Free 43 Go of 240 Go)
E: CD-ROM drive (Not Inserted)
F: Hard drive, Flash drive, Thumb drive (Free 175 Go of 233 Go)
G: Hard drive, Flash drive, Thumb drive (Free 160 Go of 233 Go)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 46 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.9B6678DB9C6A232C5A84D2FDFFF8B0E1] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.26/11/2013 - 08:07:57.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:32.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:28.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:22.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:34.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:22.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:36.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:58.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:04.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/2705
~ Mes musiques (My Musics) : 1/376
~ Mes Videos (My Videos) : 2/22
~ Mes Favoris (My Favorites) : 1/8
~ Mes Documents (My Documents) : 2/201
~ Mon Bureau (My Desktop) : 0/43
~ Menu demarrer (Programs) : 1/43
~ Hidden Files: Scanned in 00mn 07s
---\\ Processus lancés
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.2448]
[MD5.C98EF7E083579C0D588D0E909F48A90A] - (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [247728] [PID.2808]
[MD5.58920E6A409046BA06548D9D139CE0F0] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608] [PID.2896]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.2980]
[MD5.BAF535F843A3E790E04A7613811B55BC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.2992]
[MD5.04FA35F93C1F3A7D949F545BD0981B5D] - (...) -- C:\Program Files (x86)\tuto4pc_fr_86\tuto4pc_fr_86.exe [11670992] [PID.1216] =>PUP.Eorezo
[MD5.710346F1C319257A754A7C0ACC99A480] - (.ASUSTeK Computer Inc. - ASUS Live Update.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [1548448] [PID.3260]
[MD5.5BB1F77C8AF725A15EC9366498D275BB] - (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992] [PID.3452]
[MD5.2F3390C8E3620B3991D7D82014E26AA7] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [825808] [PID.4472]
[MD5.CA25CAEEBDBE25D85565877219F684F8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8339968] [PID.2892]
[MD5.18E5C2F937F9DEB8C282DF66A3761925] - (.ASUS - ASLDR Service.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [84536] [PID.1276]
[MD5.B33CF4DE909A5B30F526D82053A63C8E] - (.ABBYY - ABBYY network license server.) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048] [PID.1480]
[MD5.D19C4EE2AC7C47B8F5F84FFF1A789D8A] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [63960] [PID.1524]
[MD5.30E3850F303EAE5C364782EA78579CC9] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624] [PID.1592]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.1780]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.1808]
[MD5.3199A477F0F06EEDE41BD55179F8EB05] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [92592] [PID.1960]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648] [PID.1712]
[MD5.76B35CB0F3A4E69D6DFF27F542B9F856] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe [216968] [PID.3744]
~ Processes Running: Scanned in 00mn 02s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://www.google.com
G0 - GCSP: Preference [User Data\Default] ^http://.*\\.babylon\\.comId=F82D72DE2BB571CA", "http://www1.delta-search.com/?affID=120695&tt=gc_&babsrc=HP_ss&mntrId=F82D74DE2BB571CA", "http://mixidj.delta-search.com/?affID=121128&babsrc=HP_ss&mntrId=F82D72DE2BB571CA", "http://search.babylon.com/?babsrc=HP_ss&mntrId=F82D72DE2BB571CA&affID=121828&tsp=5011", "http://start.qone8.com/?type=hp&ts=1382872713&from=tugs&uid=ST9500325AS_S2W6FNQCXXXXS2W6FNQC", "http://search.conduit.com/?ctid=CT3317933&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP0912B68D-1D00-4D06-9222-BD28358D7B28&SSPV=", "http://www.msn.com/?pc=UP97&ocid=U =>PUP.Babylon
G2 - GCE: Preference [User Data\Default] [dhdppnagkklahjmblgdojadgbiffhejd] Blog Share v.0.1 (Désactivé)
G2 - GCE: Preference [User Data\Default] [dpjidjdlmiicecdacdaphakooinemdkf] Guns N' Roses v.1 (Activé)
G2 - GCE: Preference [User Data\Default] [jjflmfkjppbmejlfbhlpgjnomdoefkfa] Share With Care v.0.1 (Désactivé)
G2 - GCE: Preference [User Data\Default] [khcceooakamlehbimaepcldnnlnkcmfk] SaveSense v.5.0.2.9 (Désactivé) =>PUP.SaveSense
G2 - GCE: Preference [User Data\Default] [lcnnhcneegeeojhgpfijnlnocjdmlaon] Value apps v.1.7.0.2, (Désactivé) =>Toolbar.Conduit
~ Google Browser: 12 Legitimates Filtered in 00mn 31s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 34
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Easy Photo Print - [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION - Epson Easy Photo Print (TBL x64).) -- C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: eManual.Lnk . (.ASUSTek Computer Inc. - EManual Application.) -- C:\eSupport\Manual\eManual.exe
O4 - GS\Desktop [Public]: Epson Easy Photo Print.lnk . (.SEIKO EPSON CORPORATION - Pas de description.) -- C:\Program Files (x86)\EPSON Software\Easy Photo Print\EPQuicker.exe
O4 - GS\Desktop [Public]: SKCC.lnk . (.SpeedoFlash - SK08 Control Center - Light.) -- C:\Program Files (x86)\SKCC\skcc.exe
O4 - GS\QuickLaunch [teddy]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [teddy]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [teddy]: Free launcher for Minecraft Alpha.lnk . (.AnjoCaido - Free launcher for Minecraft Alpha.) -- C:\Users\teddy\Desktop\minecraft.exe
O4 - GS\TaskBar [teddy]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Program [teddy]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [teddy]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [teddy]: Budget facile.lnk . (...) -- D:\Program Files (x86)\Anuman Interactive\Budget facile\Budget facile.exe
O4 - GS\Desktop [teddy]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [teddy]: Microsoft Office Outlook 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe =>.Microsoft Corporation
~ Global Startup: 73 Legitimates Filtered in 00mn 02s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\teddy\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKLM\..\Wow6432Node\Run: [FaxCenterServer] . (.Pas de propriétaire - Fax Man Server.) -- C:\Program Files (x86)\Lexmark Fax Solutions\fm3032.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [tuto4pc_fr_86] . (...) -- C:\Program Files (x86)\tuto4pc_fr_86\tuto4pc_fr_86.exe =>PUP.Eorezo
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-674071800-3960743130-813459307-1001\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKUS\S-1-5-21-674071800-3960743130-813459307-1001\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\teddy\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-674071800-3960743130-813459307-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
~ Application: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{12F266BE-C0A8-462E-A47D-07C1D0F7FB28}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{2B31ADD2-FF26-4EFB-B28E-253F5B0187D1}: DhcpNameServer = 100.100.3.17
O17 - HKLM\System\CS1\Services\Tcpip\..\{12F266BE-C0A8-462E-A47D-07C1D0F7FB28}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{2B31ADD2-FF26-4EFB-B28E-253F5B0187D1}: DhcpNameServer = 100.100.3.17
O17 - HKLM\System\CS2\Services\Tcpip\..\{12F266BE-C0A8-462E-A47D-07C1D0F7FB28}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{2B31ADD2-FF26-4EFB-B28E-253F5B0187D1}: DhcpNameServer = 100.100.3.17
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\bench-Updater removing.job [288] =>PUP.GiganticSavings
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Digital Sites.job [292]
[MD5.00000000000000000000000000000000] [APT] [Digital Sites] (...) -- C:\Users\teddy\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Test TimeTrigger] (...) -- C:\Users\teddy\AppData\Local\Temp\Runner.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{5DC942C3-16A3-4E04-B0EF-F433D82D3E07}] (...) -- C:\Users\teddy\AppData\Local\Temp\ICReinstall_Minecraft.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{BD16AF43-2339-4AA6-BBF5-EA4206C0077A}] (...) -- C:\Users\teddy\Downloads\epson324711eu.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F3C68322-A934-4E05-A012-CC86F9D27C91}] (...) -- C:\Program Files (x86)\Claro LTD\claro\1.8.8.5\GUninstaller.exe (.not file.) [0] =>PUP.ClaroSearch
~ Scheduled Task: 28 Legitimates Filtered in 00mn 08s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (ATKWMIACPIIO) . (. - .) - C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (.not file.)
~ Drivers: 63 Legitimates Filtered in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: Paint XP version 1.2 - (.MSPAINTXP.COM.) [HKLM][64Bits] -- {2367FAB6-055A-4923-835F-F57F7BBBA363}_is1
O42 - Logiciel: SKCC 1.4 Legal - (.SpeedoFlash.) [HKLM][64Bits] -- {5E82DC42-9132-4861-81FE-4259A631A9BD}_is1
O42 - Logiciel: Tuto4pc Maj 1.2 - (.Tuto4_pc.) [HKLM][64Bits] -- Tuto4pc Maj 1.2_is1 =>PUP.Eorezo
O42 - Logiciel: Zoo Empire Demo - (...) [HKLM][64Bits] -- {E372A742-CCCF-46DE-B1D6-5AEC10F77CF0}
O42 - Logiciel: tuto4pc_fr_86 - (.TUTO4PC.) [HKLM][64Bits] -- tuto4pc_fr_86_is1 =>PUP.Eorezo
~ Logic: 25 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\40594InstEnd]
[HKCU\Software\44162InstEnd]
[HKCU\Software\ForumerIT] =>Toolbar.Forumer
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Tuto4_pc]
[HKLM\Software\Wow6432Node\VBMZ] =>PUP.Duuqu
[HKLM\Software\mamverifier]
~ Key Software: 279 Legitimates Filtered in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 04/01/2014 - 23:23:00 - [0,106] ----D C:\Program Files (x86)\AmiExt =>Adware.FlashEnhancer
O43 - CFD: 07/01/2014 - 20:15:41 - [0,884] ----D C:\Program Files (x86)\Feven 1.7 =>PUP.CrossRider
O43 - CFD: 29/07/2013 - 15:47:17 - [0] ----D C:\Program Files (x86)\majtuto4pc_fr_a1 =>PUP.Eorezo
O43 - CFD: 09/06/2013 - 09:33:04 - [1,347] ----D C:\Program Files (x86)\Paint XP
O43 - CFD: 05/02/2012 - 13:17:31 - [1,315] ----D C:\Program Files (x86)\SKCC
O43 - CFD: 16/11/2012 - 20:27:49 - [0,710] ----D C:\Program Files (x86)\Tuto4pc Maj 1.2 =>PUP.Eorezo
O43 - CFD: 10/01/2014 - 23:26:12 - [12,208] ----D C:\Program Files (x86)\tuto4pc_fr_86 =>PUP.Eorezo
O43 - CFD: 26/01/2014 - 21:43:24 - [0,026] ----D C:\ProgramData\Datamngr =>PUP.Datamngr
O43 - CFD: 03/02/2013 - 19:04:42 - [2,126] ----D C:\Users\teddy\AppData\Roaming\0T1P1I1P0C1M1T1C1N1P1C
O43 - CFD: 01/02/2013 - 17:42:02 - [2,666] ----D C:\Users\teddy\AppData\Roaming\PL23
O43 - CFD: 04/01/2014 - 23:30:04 - [0] ----D C:\Users\teddy\AppData\Roaming\wp_update =>PUP.WpManager
O43 - CFD: 21/05/2013 - 16:26:06 - [0] ----D C:\Users\teddy\AppData\Local\supt4pc_fr_37 =>PUP.Eorezo
O43 - CFD: 10/01/2014 - 23:26:27 - [0] ----D C:\Users\teddy\AppData\Local\tut_fr_86
O43 - CFD: 16/11/2012 - 20:27:49 - [0] ----D C:\Users\teddy\AppData\Local\uptt4pcin4
O43 - CFD: 09/01/2014 - 22:57:09 - [0,003] ----D C:\Users\teddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
~ 70 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 271 Legitimates Filtered in 00mn 30s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.9FCEA364596947E438A0204DA1E009BE] - 26/01/2014 - 11:36:17 ---A- . (...) -- C:\Windows\System32\ASOROSet.bin [1652]
O44 - LFC:[MD5.24BC375FB531CE9B079AFB11957E4AE8] - 26/01/2014 - 23:44:18 ---A- . (...) -- C:\Windows\ntbtlog.txt [213340]
~ Files: 25 Legitimates Filtered in 00mn 09s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - bpsvc.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - browsersafeguard.exe - tasklist.exe =>PUP.BrowserSafeguard
O50 - IFEO:Image File Execution Options - protectedsearch.exe - tasklist.exe =>Spyware.ProtectedSearch
O50 - IFEO:Image File Execution Options - snapdo.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - stinst32.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - stinst64.exe - tasklist.exe
~ IFEO: Scanned in 00mn 00s
---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\DataMgr [Key] . (...) -- C:\Users\teddy\AppData\Roaming\DataMgr\DataMgr.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Intermediate [Key] . (...) -- C:\Users\teddy\AppData\Roaming\Intermediate\Intermediate.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\SCheck [Key] . (...) -- C:\Users\teddy\AppData\Roaming\SCheck\SCheck.exe (.not file.) =>PUP.LuaRT
O53 - SMSR:HKLM\...\startupreg\SSync [Key] . (...) -- C:\Users\teddy\AppData\Roaming\SSync\SSync.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\tuto4pc_fr_25 [Key] . (...) -- C:\Program Files (x86)\MediaVideoDev\tuto4pc_fr_25.exe (.not file.) =>PUP.Eorezo
O53 - SMSR:HKLM\...\startupreg\tuto4pc_fr_50 [Key] . (...) -- C:\Program Files (x86)\tuto4pc_fr_50\tuto4pc_fr_50.exe (.not file.) =>PUP.Eorezo
O53 - SMSR:HKLM\...\startupreg\Tutorials [Key] . (...) -- C:\Program Files (x86)\TUTO4PC\tuto4pc_fr_7.exe (.not file.) =>PUP.Eorezo
~ SMSR Keys: 34 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.4C120D2B2EA269EAE7A5744794EB6DB1] - 31/12/2010 - 11:30:10 ---A- . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\Drivers\ETD.sys [138024]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.E63EF8C3271D014F14E2469CE75FECB4] - 20/07/2009 - 10:29:40 ---A- . (.Pas de propriétaire - Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\kbfiltr.sys [15416]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
~ Drivers: 16 Legitimates Filtered in 00mn 02s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] 154962FE86FC455F9321AC598896B0BA - (Conduit Search) - http://search.conduit.com
O69 - SBI: SearchScopes [HKCU] {4227D56D-D39D-4E2C-8653-54F88D7623F1} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Goo) - http://www.google.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.90E1D86D979B92738A47D7072CB22DA8] [SPRF][07/07/2010] (...) -- C:\ProgramData\FullRemove.exe [131472]
[MD5.55DBA9F8D394DC3B628BB27D46A1B2BE] [SPRF][26/01/2014] (.Setup © - Setup.) -- C:\Users\teddy\AppData\Local\Temp\62358uninstall.exe [647680]
[MD5.AE811BEE491A687748519F12AF08E822] [SPRF][26/01/2014] (.Ask Partner Network - Stub Installer.) -- C:\Users\teddy\AppData\Local\Temp\APNSetup.exe [510928]
[MD5.858D895AD40DE9779E78C39A116F9553] [SPRF][26/01/2014] (...) -- C:\Users\teddy\AppData\Local\Temp\BackupSetup.exe [10355400]
[MD5.24F6D923EF6956ABD0449C879F36D7C7] [SPRF][26/01/2014] (...) -- C:\Users\teddy\AppData\Local\Temp\i4jdel0.exe [27411]
[MD5.3DF9C822FFD4245403113A555A27357F] [SPRF][12/01/2014] (...) -- C:\Users\teddy\AppData\Local\Temp\Quarantine.exe [360073]
[MD5.5405413FFF79B8D9C747AA900F60F082] [SPRF][26/01/2014] (...) -- C:\Users\teddy\AppData\Local\Temp\Sqlite3.dll [599419]
[MD5.605A171C61A0607BDCF6BE80ED07CF95] [SPRF][25/02/2011] (.AnjoCaido - Free launcher for Minecraft Alpha.) -- C:\Users\teddy\Desktop\minecraft.exe [695296]
~ Files: 9 Legitimates Filtered in 00mn 13s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{2D846582-BAD9-4528-A3ED-A064F46676F4}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe (.not file.) =>PUP.Datamngr
O87 - FAEL: "{A97764C5-049B-4D1D-B439-4CB65647615C}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe (.not file.) =>PUP.Datamngr
~ Firewall: 192 Legitimates Filtered in 00mn 05s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "A81E737A17150D040843D72D34240018" . (.Software Updater.) -- C:\Windows\Installer\{A737E18A-5171-40D0-8034-7DD243420081}\icon.ico =>PUP.Eorezo
~ Update Products: 317 Legitimates Filtered in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.39988793C0BE26963F7C8228E7F04E23] [WIS][06/01/2014] (.Google - Google+ Auto Backup.) -- C:\Windows\Installer\21d50a1.msi [3088384]
[MD5.EDD21B7C504C7E3F36DE766B31BD3178] [WIS][26/01/2013] (.SweetIM Technologies Ltd. - SweetPacks Toolbar for Internet Explorer 4.0.) -- C:\Windows\Installer\6e129.msi [3304960] =>PUP.SweetIM
~ WIS: 322 Legitimates Filtered in 00mn 42s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 15/12/2009 96896 | (ATKGFNEXSrv) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
SS - | Auto 04/02/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 04/02/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 09/05/2011 136120 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/05/2009 759048 | (ABBYY.Licensing.FineReader.Sprint.9.0) . (.ABBYY.) - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
SR - | Auto 27/07/2012 63960 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 25/01/2011 379520 | (AFBAgent) . (.ASUSTeK Computer Inc..) - C:\Windows\system32\FBAgent.exe
SR - | Auto 13/07/2011 204288 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 14/07/2011 361984 | (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
SR - | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 16/06/2009 84536 | (ASLDRService) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 11/12/2011 135824 | (EpsonScanSvc) . (.Seiko Epson Corporation.) - C:\Windows\system32\EscSvc64.exe
SR - | Auto 21/02/2012 151648 | (EPSON_PM_RPCV4_04) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.exe
SR - | Demand 02/11/2013 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 23/10/2013 23808 | (MsMpSvc) . (.Microsoft Corporation.) - C:\Program Files\Microsoft Security Client\MsMpEng.exe
SR - | Auto 23/01/2012 92592 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 44s
---\\ Scan Additionnel (O88)
Database Version : 13030 - (25/01/2014)
Clés trouvées (Keys found) : 53
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 10
Fichiers trouvés (Files found) : 4
[HKLM\Software\Google\Chrome\Extensions\khcceooakamlehbimaepcldnnlnkcmfk] =>PUP.SaveSense^
[HKLM\Software\Google\Chrome\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Tuto4pc Maj 1.2_is1] =>PUP.Eorezo^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\tuto4pc_fr_86_is1] =>PUP.Eorezo^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SCheck] =>PUP.LuaRT^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\tuto4pc_fr_25] =>PUP.Eorezo^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\tuto4pc_fr_50] =>PUP.Eorezo^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Tutorials] =>PUP.Eorezo^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Tuto4_pc] =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211181110}] =>Adware.VidSaver
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Wow6432Node\VBMZ] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111991162}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211181110}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111991162}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211181110}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110111991162}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:tuto4pc_fr_86 =>PUP.Eorezo^
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk =>PUP.SaveSense^
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon =>Toolbar.Conduit^
C:\Program Files (x86)\AmiExt =>Adware.FlashEnhancer^
C:\Program Files (x86)\Feven 1.7 =>PUP.CrossRider^
C:\Program Files (x86)\majtuto4pc_fr_a1 =>PUP.Eorezo^
C:\Program Files (x86)\Tuto4pc Maj 1.2 =>PUP.Eorezo^
C:\Program Files (x86)\tuto4pc_fr_86 =>PUP.Eorezo^
C:\ProgramData\Datamngr =>PUP.Datamngr^
C:\Users\teddy\AppData\Roaming\wp_update =>PUP.WpManager^
C:\Users\teddy\AppData\Local\supt4pc_fr_37 =>PUP.Eorezo^
C:\Program Files (x86)\tuto4pc_fr_86\tuto4pc_fr_86.exe =>PUP.Eorezo^
C:\Windows\Tasks\bench-Updater removing.job =>PUP.GiganticSavings^
[HKCU\Software\ForumerIT] =>Toolbar.Forumer^
C:\Windows\Installer\6e129.msi =>PUP.SweetIM^
~ Additionnel Scan: 330503 Items scanned in 00mn 43s
---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/27469224-pup-eorezo =>PUP.EoRezo
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/36853930-pup-savesense =>PUP.SaveSense
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/37514218-pup-giganticsavings =>PUP.GiganticSavings
~ http://nicolascoolman.webs.com/apps/blog/show/27563212-pup-clarosearch =>PUP.ClaroSearch
~ http://nicolascoolman.webs.com/apps/blog/show/32729139-toolbar-forumer =>Toolbar.Forumer
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/37752731-pup-duuqu =>PUP.Duuqu
~ http://nicolascoolman.webs.com/apps/blog/show/40653881-adware-flashenhancer =>Adware.FlashEnhancer
~ http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider =>PUP.CrossRider
~ http://nicolascoolman.webs.com/apps/blog/show/27583992-pup-datamngr =>PUP.Datamngr
~ http://nicolascoolman.webs.com/apps/blog/show/38737316-pup-wpmanager =>PUP.WpManager
~ http://nicolascoolman.webs.com/apps/blog/show/32799788-pup-browsersafeguard =>PUP.BrowserSafeguard
~ http://nicolascoolman.webs.com/apps/blog/show/33367156-spyware-protectedsearch =>Spyware.ProtectedSearch
~ http://nicolascoolman.webs.com/apps/blog/show/35337893-pup-luart =>PUP.LuaRT
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/26627641-spyware-agenceexclusive =>Spyware.AgenceExclusive
~ http://nicolascoolman.webs.com/apps/blog/show/27557062-adware-vidsaver =>Adware.VidSaver
~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma
~ MSI: 20 link(s) detected in 00mn 43s
~ 1406 Legitimates filtered by white list
End of the scan (559 lines in 04mn 45s)(0)
Cesel45
Messages postés
13152
Date d'inscription
mardi 24 avril 2007
Statut
Contributeur
Dernière intervention
29 novembre 2023
2 809
27 janv. 2014 à 15:27
27 janv. 2014 à 15:27
Copie le script (en gras)dans le presse papier puis ouvre ZPHfix clic sur "importer"
Lance le nettoyage.
************************************************************************
A l'attention de ceux qui parcourent le sujet:
/!\ Ce script est exclusivement réservé à l'utilisateur actuel du sujet, vous ne devez en aucun cas l'utiliser de votre propre chef sur un autre pc, sous risque d'endommager le système /!\
Script ZHPFix
ProxyFix
[MD5.04FA35F93C1F3A7D949F545BD0981B5D] - (...) -- C:\Program Files (x86)\tuto4pc_fr_86\tuto4pc_fr_86.exe [11670992] [PID.1216] =>PUP.Eorezo
G0 - GCSP: Preference [User Data\Default] ^http://.*\\.babylon\\.comId=F82D72DE2BB571CA", "http://www1.delta-search.com/?affID=120695&tt=gc_&babsrc=HP_ss&mntrId=F82D74DE2BB571CA", "http://www.delta-search.com?affID=121128&babsrc=HP_ss&mntrId=F82D72DE2BB571CA", "http://search.babylon.com/?babsrc=HP_ss&mntrId=F82D72DE2BB571CA&affID=121828&tsp=5011", "http://start.qone8.com/?type=hp&ts=1382872713&from=tugs&uid=ST9500325AS_S2W6FNQCXXXXS2W6FNQC", "http://search.conduit.com/?ctid=CT3317933&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP0912B68D-1D00-4D06-9222-BD28358D7B28&SSPV=", "https://www.msn.com/fr-fr/?pc=UP97&ocid=U =>PUP.Babylon
G2 - GCE: Preference [User Data\Default] [dhdppnagkklahjmblgdojadgbiffhejd] Blog Share v.0.1 (Désactivé)
G2 - GCE: Preference [User Data\Default] [jjflmfkjppbmejlfbhlpgjnomdoefkfa] Share With Care v.0.1 (Désactivé)
G2 - GCE: Preference [User Data\Default] [khcceooakamlehbimaepcldnnlnkcmfk] SaveSense v.5.0.2.9 (Désactivé) =>PUP.SaveSense
O4 - HKLM\..\Wow6432Node\Run: [tuto4pc_fr_86] . (...) -- C:\Program Files (x86)\tuto4pc_fr_86\tuto4pc_fr_86.exe =>PUP.Eorezo
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\bench-Updater removing.job [288] =>PUP.GiganticSavings
[MD5.00000000000000000000000000000000] [APT] [{F3C68322-A934-4E05-A012-CC86F9D27C91}] (...) -- C:\Program Files (x86)\Claro LTD\claro\1.8.8.5\GUninstaller.exe (.not file.) [0] =>PUP.ClaroSearch
O42 - Logiciel: Tuto4pc Maj 1.2 - (.Tuto4_pc.) [HKLM][64Bits] -- Tuto4pc Maj 1.2_is1 =>PUP.Eorezo
O42 - Logiciel: tuto4pc_fr_86 - (.TUTO4PC.) [HKLM][64Bits] -- tuto4pc_fr_86_is1 =>PUP.Eorezo
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Tuto4_pc]
[HKLM\Software\Wow6432Node\VBMZ] =>PUP.Duuqu
O43 - CFD: 04/01/2014 - 23:23:00 - [0,106] ----D C:\Program Files (x86)\AmiExt =>Adware.FlashEnhancer
O43 - CFD: 07/01/2014 - 20:15:41 - [0,884] ----D C:\Program Files (x86)\Feven 1.7 =>PUP.CrossRider
O43 - CFD: 29/07/2013 - 15:47:17 - [0] ----D C:\Program Files (x86)\majtuto4pc_fr_a1 =>PUP.Eorezo
O43 - CFD: 16/11/2012 - 20:27:49 - [0,710] ----D C:\Program Files (x86)\Tuto4pc Maj 1.2 =>PUP.Eorezo
O43 - CFD: 10/01/2014 - 23:26:12 - [12,208] ----D C:\Program Files (x86)\tuto4pc_fr_86 =>PUP.Eorezo
O43 - CFD: 26/01/2014 - 21:43:24 - [0,026] ----D C:\ProgramData\Datamngr =>PUP.Datamngr
O43 - CFD: 04/01/2014 - 23:30:04 - [0] ----D C:\Users\teddy\AppData\Roaming\wp_update =>PUP.WpManager
O43 - CFD: 21/05/2013 - 16:26:06 - [0] ----D C:\Users\teddy\AppData\Local\supt4pc_fr_37 =>PUP.Eorezo
O43 - CFD: 16/11/2012 - 20:27:49 - [0] ----D C:\Users\teddy\AppData\Local\uptt4pcin4
O50 - IFEO:Image File Execution Options - browsersafeguard.exe - tasklist.exe =>PUP.BrowserSafeguard
O50 - IFEO:Image File Execution Options - protectedsearch.exe - tasklist.exe =>Spyware.ProtectedSearch
O53 - SMSR:HKLM\...\startupreg\DataMgr [Key] . (...) -- C:\Users\teddy\AppData\Roaming\DataMgr\DataMgr.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\SCheck [Key] . (...) -- C:\Users\teddy\AppData\Roaming\SCheck\SCheck.exe (.not file.) =>PUP.LuaRT
O53 - SMSR:HKLM\...\startupreg\tuto4pc_fr_25 [Key] . (...) -- C:\Program Files (x86)\MediaVideoDev\tuto4pc_fr_25.exe (.not file.) =>PUP.Eorezo
O53 - SMSR:HKLM\...\startupreg\tuto4pc_fr_50 [Key] . (...) -- C:\Program Files (x86)\tuto4pc_fr_50\tuto4pc_fr_50.exe (.not file.) =>PUP.Eorezo
O53 - SMSR:HKLM\...\startupreg\Tutorials [Key] . (...) -- C:\Program Files (x86)\TUTO4PC\tuto4pc_fr_7.exe (.not file.) =>PUP.Eorezo
O87 - FAEL: "{2D846582-BAD9-4528-A3ED-A064F46676F4}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe (.not file.) =>PUP.Datamngr
O87 - FAEL: "{A97764C5-049B-4D1D-B439-4CB65647615C}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe (.not file.) =>PUP.Datamngr
O90 - PUC: "A81E737A17150D040843D72D34240018" . (.Software Updater.) -- C:\Windows\Installer\{A737E18A-5171-40D0-8034-7DD243420081}\icon.ico =>PUP.Eorezo
[MD5.EDD21B7C504C7E3F36DE766B31BD3178] [WIS][26/01/2013] (.SweetIM Technologies Ltd. - SweetPacks Toolbar for Internet Explorer 4.0.) -- C:\Windows\Installer\6e129.msi [3304960] =>PUP.SweetIM
[HKLM\Software\Google\Chrome\Extensions\khcceooakamlehbimaepcldnnlnkcmfk] =>PUP.SaveSense^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Tuto4pc Maj 1.2_is1] =>PUP.Eorezo^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\tuto4pc_fr_86_is1] =>PUP.Eorezo^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SCheck] =>PUP.LuaRT^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\tuto4pc_fr_25] =>PUP.Eorezo^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\tuto4pc_fr_50] =>PUP.Eorezo^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Tutorials] =>PUP.Eorezo^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Tuto4_pc] =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211181110}] =>Adware.VidSaver
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111991162}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211181110}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111991162}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211181110}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110111991162}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:tuto4pc_fr_86 =>PUP.Eorezo^
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk =>PUP.SaveSense^
C:\Program Files (x86)\AmiExt =>Adware.FlashEnhancer^
C:\Program Files (x86)\Feven 1.7 =>PUP.CrossRider^
C:\Program Files (x86)\majtuto4pc_fr_a1 =>PUP.Eorezo^
C:\Program Files (x86)\Tuto4pc Maj 1.2 =>PUP.Eorezo^
C:\Program Files (x86)\tuto4pc_fr_86 =>PUP.Eorezo^
C:\ProgramData\Datamngr =>PUP.Datamngr^
C:\Users\teddy\AppData\Roaming\wp_update =>PUP.WpManager^
C:\Users\teddy\AppData\Local\supt4pc_fr_37 =>PUP.Eorezo^
C:\Program Files (x86)\tuto4pc_fr_86\tuto4pc_fr_86.exe =>PUP.Eorezo^
C:\Windows\Tasks\bench-Updater removing.job =>PUP.GiganticSavings^
C:\Windows\Installer\6e129.msi =>PUP.SweetIM^
SysRestore
EmptyFlash
EmptyTemp
Lance le nettoyage.
************************************************************************
A l'attention de ceux qui parcourent le sujet:
/!\ Ce script est exclusivement réservé à l'utilisateur actuel du sujet, vous ne devez en aucun cas l'utiliser de votre propre chef sur un autre pc, sous risque d'endommager le système /!\
Script ZHPFix
ProxyFix
[MD5.04FA35F93C1F3A7D949F545BD0981B5D] - (...) -- C:\Program Files (x86)\tuto4pc_fr_86\tuto4pc_fr_86.exe [11670992] [PID.1216] =>PUP.Eorezo
G0 - GCSP: Preference [User Data\Default] ^http://.*\\.babylon\\.comId=F82D72DE2BB571CA", "http://www1.delta-search.com/?affID=120695&tt=gc_&babsrc=HP_ss&mntrId=F82D74DE2BB571CA", "http://www.delta-search.com?affID=121128&babsrc=HP_ss&mntrId=F82D72DE2BB571CA", "http://search.babylon.com/?babsrc=HP_ss&mntrId=F82D72DE2BB571CA&affID=121828&tsp=5011", "http://start.qone8.com/?type=hp&ts=1382872713&from=tugs&uid=ST9500325AS_S2W6FNQCXXXXS2W6FNQC", "http://search.conduit.com/?ctid=CT3317933&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP0912B68D-1D00-4D06-9222-BD28358D7B28&SSPV=", "https://www.msn.com/fr-fr/?pc=UP97&ocid=U =>PUP.Babylon
G2 - GCE: Preference [User Data\Default] [dhdppnagkklahjmblgdojadgbiffhejd] Blog Share v.0.1 (Désactivé)
G2 - GCE: Preference [User Data\Default] [jjflmfkjppbmejlfbhlpgjnomdoefkfa] Share With Care v.0.1 (Désactivé)
G2 - GCE: Preference [User Data\Default] [khcceooakamlehbimaepcldnnlnkcmfk] SaveSense v.5.0.2.9 (Désactivé) =>PUP.SaveSense
O4 - HKLM\..\Wow6432Node\Run: [tuto4pc_fr_86] . (...) -- C:\Program Files (x86)\tuto4pc_fr_86\tuto4pc_fr_86.exe =>PUP.Eorezo
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\bench-Updater removing.job [288] =>PUP.GiganticSavings
[MD5.00000000000000000000000000000000] [APT] [{F3C68322-A934-4E05-A012-CC86F9D27C91}] (...) -- C:\Program Files (x86)\Claro LTD\claro\1.8.8.5\GUninstaller.exe (.not file.) [0] =>PUP.ClaroSearch
O42 - Logiciel: Tuto4pc Maj 1.2 - (.Tuto4_pc.) [HKLM][64Bits] -- Tuto4pc Maj 1.2_is1 =>PUP.Eorezo
O42 - Logiciel: tuto4pc_fr_86 - (.TUTO4PC.) [HKLM][64Bits] -- tuto4pc_fr_86_is1 =>PUP.Eorezo
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Tuto4_pc]
[HKLM\Software\Wow6432Node\VBMZ] =>PUP.Duuqu
O43 - CFD: 04/01/2014 - 23:23:00 - [0,106] ----D C:\Program Files (x86)\AmiExt =>Adware.FlashEnhancer
O43 - CFD: 07/01/2014 - 20:15:41 - [0,884] ----D C:\Program Files (x86)\Feven 1.7 =>PUP.CrossRider
O43 - CFD: 29/07/2013 - 15:47:17 - [0] ----D C:\Program Files (x86)\majtuto4pc_fr_a1 =>PUP.Eorezo
O43 - CFD: 16/11/2012 - 20:27:49 - [0,710] ----D C:\Program Files (x86)\Tuto4pc Maj 1.2 =>PUP.Eorezo
O43 - CFD: 10/01/2014 - 23:26:12 - [12,208] ----D C:\Program Files (x86)\tuto4pc_fr_86 =>PUP.Eorezo
O43 - CFD: 26/01/2014 - 21:43:24 - [0,026] ----D C:\ProgramData\Datamngr =>PUP.Datamngr
O43 - CFD: 04/01/2014 - 23:30:04 - [0] ----D C:\Users\teddy\AppData\Roaming\wp_update =>PUP.WpManager
O43 - CFD: 21/05/2013 - 16:26:06 - [0] ----D C:\Users\teddy\AppData\Local\supt4pc_fr_37 =>PUP.Eorezo
O43 - CFD: 16/11/2012 - 20:27:49 - [0] ----D C:\Users\teddy\AppData\Local\uptt4pcin4
O50 - IFEO:Image File Execution Options - browsersafeguard.exe - tasklist.exe =>PUP.BrowserSafeguard
O50 - IFEO:Image File Execution Options - protectedsearch.exe - tasklist.exe =>Spyware.ProtectedSearch
O53 - SMSR:HKLM\...\startupreg\DataMgr [Key] . (...) -- C:\Users\teddy\AppData\Roaming\DataMgr\DataMgr.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\SCheck [Key] . (...) -- C:\Users\teddy\AppData\Roaming\SCheck\SCheck.exe (.not file.) =>PUP.LuaRT
O53 - SMSR:HKLM\...\startupreg\tuto4pc_fr_25 [Key] . (...) -- C:\Program Files (x86)\MediaVideoDev\tuto4pc_fr_25.exe (.not file.) =>PUP.Eorezo
O53 - SMSR:HKLM\...\startupreg\tuto4pc_fr_50 [Key] . (...) -- C:\Program Files (x86)\tuto4pc_fr_50\tuto4pc_fr_50.exe (.not file.) =>PUP.Eorezo
O53 - SMSR:HKLM\...\startupreg\Tutorials [Key] . (...) -- C:\Program Files (x86)\TUTO4PC\tuto4pc_fr_7.exe (.not file.) =>PUP.Eorezo
O87 - FAEL: "{2D846582-BAD9-4528-A3ED-A064F46676F4}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe (.not file.) =>PUP.Datamngr
O87 - FAEL: "{A97764C5-049B-4D1D-B439-4CB65647615C}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe (.not file.) =>PUP.Datamngr
O90 - PUC: "A81E737A17150D040843D72D34240018" . (.Software Updater.) -- C:\Windows\Installer\{A737E18A-5171-40D0-8034-7DD243420081}\icon.ico =>PUP.Eorezo
[MD5.EDD21B7C504C7E3F36DE766B31BD3178] [WIS][26/01/2013] (.SweetIM Technologies Ltd. - SweetPacks Toolbar for Internet Explorer 4.0.) -- C:\Windows\Installer\6e129.msi [3304960] =>PUP.SweetIM
[HKLM\Software\Google\Chrome\Extensions\khcceooakamlehbimaepcldnnlnkcmfk] =>PUP.SaveSense^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Tuto4pc Maj 1.2_is1] =>PUP.Eorezo^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\tuto4pc_fr_86_is1] =>PUP.Eorezo^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SCheck] =>PUP.LuaRT^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\tuto4pc_fr_25] =>PUP.Eorezo^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\tuto4pc_fr_50] =>PUP.Eorezo^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Tutorials] =>PUP.Eorezo^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Tuto4_pc] =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211181110}] =>Adware.VidSaver
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111991162}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211181110}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111991162}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211181110}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110111991162}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:tuto4pc_fr_86 =>PUP.Eorezo^
C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk =>PUP.SaveSense^
C:\Program Files (x86)\AmiExt =>Adware.FlashEnhancer^
C:\Program Files (x86)\Feven 1.7 =>PUP.CrossRider^
C:\Program Files (x86)\majtuto4pc_fr_a1 =>PUP.Eorezo^
C:\Program Files (x86)\Tuto4pc Maj 1.2 =>PUP.Eorezo^
C:\Program Files (x86)\tuto4pc_fr_86 =>PUP.Eorezo^
C:\ProgramData\Datamngr =>PUP.Datamngr^
C:\Users\teddy\AppData\Roaming\wp_update =>PUP.WpManager^
C:\Users\teddy\AppData\Local\supt4pc_fr_37 =>PUP.Eorezo^
C:\Program Files (x86)\tuto4pc_fr_86\tuto4pc_fr_86.exe =>PUP.Eorezo^
C:\Windows\Tasks\bench-Updater removing.job =>PUP.GiganticSavings^
C:\Windows\Installer\6e129.msi =>PUP.SweetIM^
SysRestore
EmptyFlash
EmptyTemp
Rapport de ZHPFix 2014.1.17.2 par Nicolas Coolman, Update du 17/01/2014
Fichier d'export Registre :
Run by teddy at 27/01/2014 21:35:12
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Corbeille vidée (00mn 21s)
========== Logiciels ==========
SUPPRIMÉ: Tuto4pc Maj 1.2
SUPPRIMÉ: tuto4pc_fr_86
========== Clés du Registre ==========
SUPPRIMÉ: HKLM\Software\Wow6432Node\SweetIM
SUPPRIMÉ: HKLM\Software\Wow6432Node\Tuto4_pc
SUPPRIMÉ: HKLM\Software\Wow6432Node\VBMZ
SUPPRIMÉ: O50 - IFEO:Image File Execution Options - browsersafeguard.exe - tasklist.exe
SUPPRIMÉ: O50 - IFEO:Image File Execution Options - protectedsearch.exe - tasklist.exe
SUPPRIMÉ:* StartupReg: DataMgr
SUPPRIMÉ:* StartupReg: SCheck
SUPPRIMÉ:* StartupReg: tuto4pc_fr_25
SUPPRIMÉ:* StartupReg: tuto4pc_fr_50
SUPPRIMÉ:* StartupReg: Tutorials
SUPPRIMÉ: [HKLM\Software\Classes\Installer\Products\\A81E737A17150D040843D72D34240018]
SUPPRIMÉ: [HKLM\Software\Classes\Installer\Features\A81E737A17150D040843D72D34240018]
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
SUPPRIMÉ: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211181110}
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
SUPPRIMÉ: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111991162}
SUPPRIMÉ: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211181110}
SUPPRIMÉ: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111991162}
SUPPRIMÉ: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211181110}
SUPPRIMÉ: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110111991162}
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
========== Valeurs du Registre ==========
ProxyFix : Configuration proxy supprimée avec succès
SUPPRIMÉ ProxyServer Value
SUPPRIMÉ ProxyEnable Value
SUPPRIMÉ EnableHttp1_1 Value
SUPPRIMÉ ProxyHttp1.1 Value
SUPPRIMÉ ProxyOverride Value
SUPPRIMÉ RunValue: tuto4pc_fr_86
SUPPRIMÉ: {2D846582-BAD9-4528-A3ED-A064F46676F4}
SUPPRIMÉ: {A97764C5-049B-4D1D-B439-4CB65647615C}
========== Préférences navigateur ==========
PRESENT Chrome File: C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Preferences
ABSENT Chrome Site: ^http://.*\\.babylon\\.comId=F82D72DE2BB571CA", "http://www1.delta-search.com/?affID=120695&tt=gc_&babsrc=HP_ss&mntrId=F82D74DE2BB571CA", "http://mixidj.delta-search.com/?affID=121128&babsrc=HP_ss&mntrId=F82D72DE2BB571CA", "http://search.babylon.com/?babsrc=HP_ss&mntrId=F82D72DE2BB571CA&affID=121828&tsp=5011", "http://start.qone8.com/?type=hp&ts=1382872713&from=tugs&uid=ST9500325AS_S2W6FNQCXXXXS2W6FNQC", "http://search.conduit.com/?ctid=CT3317933&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP0912B68D-1D00-4D06-9222-BD28358D7B28&SSPV=", "http://www.msn.com/?pc=UP97&ocid=U
SUPPRIMÉ Folder Chrome: C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdppnagkklahjmblgdojadgbiffhejd
SUPPRIMÉ Folder Chrome: C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjflmfkjppbmejlfbhlpgjnomdoefkfa
SUPPRIMÉ Folder Chrome: C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk
========== Dossiers ==========
SUPPRIMÉ: C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdppnagkklahjmblgdojadgbiffhejd
SUPPRIMÉ: C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjflmfkjppbmejlfbhlpgjnomdoefkfa
SUPPRIMÉ: C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk
SUPPRIMÉ: C:\Program Files (x86)\AmiExt
SUPPRIMÉ: C:\Program Files (x86)\Feven 1.7
SUPPRIMÉ: C:\Program Files (x86)\majtuto4pc_fr_a1
SUPPRIMÉ: C:\ProgramData\Datamngr
SUPPRIMÉ: C:\Users\teddy\AppData\Roaming\wp_update
SUPPRIMÉ: C:\Users\teddy\AppData\Local\supt4pc_fr_37
SUPPRIMÉ: C:\Users\teddy\AppData\Local\uptt4pcin4
SUPPRIMÉS Flash Cookies (0)
SUPPRIMÉS Temporaires Windows (22)
========== Fichiers ==========
SUPPRIMÉ: c:\users\teddy\appdata\local\google\chrome\user data\default\preferences
SUPPRIMÉ: c:\windows\tasks\bench-updater removing.job
SUPPRIMÉ: C:\Windows\Installer\6e129.msi
SUPPRIMÉS Flash Cookies (0) (0 octets)
SUPPRIMÉS Temporaires Windows (370) (250 620 774 octets)
========== Tache planifiée ==========
SUPPRIMÉ: {F3C68322-A934-4E05-A012-CC86F9D27C91}
========== Restauration Système ==========
Point de restauration du système créé avec succès
========== Récapitulatif ==========
41 : Clés du Registre
9 : Valeurs du Registre
12 : Dossiers
5 : Fichiers
2 : Logiciels
5 : Préférences navigateur
1 : Tache planifiée
1 : Restauration Système
End of clean in 04mn 22s
========== Chemin de fichier rapport ==========
C:\Users\teddy\AppData\Roaming\ZHP\ZHPFix[R1].txt - 27/01/2014 21:35:34 [7913]
Fichier d'export Registre :
Run by teddy at 27/01/2014 21:35:12
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Corbeille vidée (00mn 21s)
========== Logiciels ==========
SUPPRIMÉ: Tuto4pc Maj 1.2
SUPPRIMÉ: tuto4pc_fr_86
========== Clés du Registre ==========
SUPPRIMÉ: HKLM\Software\Wow6432Node\SweetIM
SUPPRIMÉ: HKLM\Software\Wow6432Node\Tuto4_pc
SUPPRIMÉ: HKLM\Software\Wow6432Node\VBMZ
SUPPRIMÉ: O50 - IFEO:Image File Execution Options - browsersafeguard.exe - tasklist.exe
SUPPRIMÉ: O50 - IFEO:Image File Execution Options - protectedsearch.exe - tasklist.exe
SUPPRIMÉ:* StartupReg: DataMgr
SUPPRIMÉ:* StartupReg: SCheck
SUPPRIMÉ:* StartupReg: tuto4pc_fr_25
SUPPRIMÉ:* StartupReg: tuto4pc_fr_50
SUPPRIMÉ:* StartupReg: Tutorials
SUPPRIMÉ: [HKLM\Software\Classes\Installer\Products\\A81E737A17150D040843D72D34240018]
SUPPRIMÉ: [HKLM\Software\Classes\Installer\Features\A81E737A17150D040843D72D34240018]
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
SUPPRIMÉ: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211181110}
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
SUPPRIMÉ: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111991162}
SUPPRIMÉ: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211181110}
SUPPRIMÉ: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111991162}
SUPPRIMÉ: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211181110}
SUPPRIMÉ: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110111991162}
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
========== Valeurs du Registre ==========
ProxyFix : Configuration proxy supprimée avec succès
SUPPRIMÉ ProxyServer Value
SUPPRIMÉ ProxyEnable Value
SUPPRIMÉ EnableHttp1_1 Value
SUPPRIMÉ ProxyHttp1.1 Value
SUPPRIMÉ ProxyOverride Value
SUPPRIMÉ RunValue: tuto4pc_fr_86
SUPPRIMÉ: {2D846582-BAD9-4528-A3ED-A064F46676F4}
SUPPRIMÉ: {A97764C5-049B-4D1D-B439-4CB65647615C}
========== Préférences navigateur ==========
PRESENT Chrome File: C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Preferences
ABSENT Chrome Site: ^http://.*\\.babylon\\.comId=F82D72DE2BB571CA", "http://www1.delta-search.com/?affID=120695&tt=gc_&babsrc=HP_ss&mntrId=F82D74DE2BB571CA", "http://mixidj.delta-search.com/?affID=121128&babsrc=HP_ss&mntrId=F82D72DE2BB571CA", "http://search.babylon.com/?babsrc=HP_ss&mntrId=F82D72DE2BB571CA&affID=121828&tsp=5011", "http://start.qone8.com/?type=hp&ts=1382872713&from=tugs&uid=ST9500325AS_S2W6FNQCXXXXS2W6FNQC", "http://search.conduit.com/?ctid=CT3317933&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP0912B68D-1D00-4D06-9222-BD28358D7B28&SSPV=", "http://www.msn.com/?pc=UP97&ocid=U
SUPPRIMÉ Folder Chrome: C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdppnagkklahjmblgdojadgbiffhejd
SUPPRIMÉ Folder Chrome: C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjflmfkjppbmejlfbhlpgjnomdoefkfa
SUPPRIMÉ Folder Chrome: C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk
========== Dossiers ==========
SUPPRIMÉ: C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdppnagkklahjmblgdojadgbiffhejd
SUPPRIMÉ: C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjflmfkjppbmejlfbhlpgjnomdoefkfa
SUPPRIMÉ: C:\Users\teddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk
SUPPRIMÉ: C:\Program Files (x86)\AmiExt
SUPPRIMÉ: C:\Program Files (x86)\Feven 1.7
SUPPRIMÉ: C:\Program Files (x86)\majtuto4pc_fr_a1
SUPPRIMÉ: C:\ProgramData\Datamngr
SUPPRIMÉ: C:\Users\teddy\AppData\Roaming\wp_update
SUPPRIMÉ: C:\Users\teddy\AppData\Local\supt4pc_fr_37
SUPPRIMÉ: C:\Users\teddy\AppData\Local\uptt4pcin4
SUPPRIMÉS Flash Cookies (0)
SUPPRIMÉS Temporaires Windows (22)
========== Fichiers ==========
SUPPRIMÉ: c:\users\teddy\appdata\local\google\chrome\user data\default\preferences
SUPPRIMÉ: c:\windows\tasks\bench-updater removing.job
SUPPRIMÉ: C:\Windows\Installer\6e129.msi
SUPPRIMÉS Flash Cookies (0) (0 octets)
SUPPRIMÉS Temporaires Windows (370) (250 620 774 octets)
========== Tache planifiée ==========
SUPPRIMÉ: {F3C68322-A934-4E05-A012-CC86F9D27C91}
========== Restauration Système ==========
Point de restauration du système créé avec succès
========== Récapitulatif ==========
41 : Clés du Registre
9 : Valeurs du Registre
12 : Dossiers
5 : Fichiers
2 : Logiciels
5 : Préférences navigateur
1 : Tache planifiée
1 : Restauration Système
End of clean in 04mn 22s
========== Chemin de fichier rapport ==========
C:\Users\teddy\AppData\Roaming\ZHP\ZHPFix[R1].txt - 27/01/2014 21:35:34 [7913]
Cesel45
Messages postés
13152
Date d'inscription
mardi 24 avril 2007
Statut
Contributeur
Dernière intervention
29 novembre 2023
2 809
27 janv. 2014 à 23:26
27 janv. 2014 à 23:26
Tu peux reconfigurer ta messagerie...tu as Microsoft Outlook..?
https://assistance.orange.fr/ordinateurs-peripheriques/installer-et-utiliser/l-utilisation-du-mail-et-du-cloud/messagerie-mail-pro
https://assistance.orange.fr/ordinateurs-peripheriques/installer-et-utiliser/l-utilisation-du-mail-et-du-cloud/messagerie-mail-pro
Cesel45
Messages postés
13152
Date d'inscription
mardi 24 avril 2007
Statut
Contributeur
Dernière intervention
29 novembre 2023
2 809
27 janv. 2014 à 23:50
27 janv. 2014 à 23:50
La je ne peux pas t'aider ...
Si tu dois réinstallé avec un CD comme la première fois.
Ou avec un lien ou tu mets tes identifiants...?
En tout cas un point positif c'est que toutes tes infections sont éradiquées.
Tu peux refaire un ZHPdiag .
et regarde sous cette ligne : Le résultat.
---\\ Récapitulatif des détections trouvées sur votre station //..
Si tu dois réinstallé avec un CD comme la première fois.
Ou avec un lien ou tu mets tes identifiants...?
En tout cas un point positif c'est que toutes tes infections sont éradiquées.
Tu peux refaire un ZHPdiag .
et regarde sous cette ligne : Le résultat.
---\\ Récapitulatif des détections trouvées sur votre station //..
