Comment virer snap.do et istartstuf
Fermé
Keymac
Messages postés
64
Date d'inscription
jeudi 18 septembre 2014
Statut
Membre
Dernière intervention
30 mars 2018
-
18 sept. 2014 à 19:34
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 18 sept. 2014 à 19:36
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 18 sept. 2014 à 19:36
Bonsoir, je viens de me choper les virus snap.do et istartstuf, pas moyen de les virer
résultat, plus l'icône google, qui a été remplacée par une grosse loupe
ce que j'ai déjà fait:
1 essayer en passant par le panneaux de conf' mais après avoir cliqué sur 'uninstall', pour l'un on me demande si je suis certaine de vouloir effacer tel ou tel truc (du style facebook) et l'autre me demande de recopier un code lettré avant de commencer...donc méfiance
2 fait programme un programme CC Cleaner = aucun résultat
3 dans google, tripatouillé dans 'outils/paramètres/paramètres avancés'....
mais toujours dans le panneau de configuration...helpp!
j'ai téléchargé votre programme et voici le pronostic: (mais je beuge pour vous le faire parvenir par le site 'ci-joint'....
merciiiiii
~ Rapport de ZHPDiag v2014.9.18.135 - Nicolas Coolman (18/09/2014)
~ Lancé par Kelly (18/09/2014 19:01:41)
~ Adresse du Site Web https://nicolascoolman.eu
~ Adresse du Forum https://nicolascoolman.eu
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17280
GCIE: Google Chrome v35.0.1916.153 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Professional, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, VOLUME_MAK channel
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
Microsoft Security Client v4.6.0305.0
Windows Defender W7 (Deactivate)
---\\ Logiciels d'optimisation du système
CCleaner v4.14
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 15 ActiveX
Java 7 Update 65
---\\ Informations sur le système
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3535 MB (40% free)
System Restore: Activé (Enable)
System drive C: has 27 GB (57%) free of 48 GB
---\\ Mode de connexion au système
~ Computer Name: HOMPC
~ User Name: Kelly
~ All Users Names: Kelly, HomeGroupUser$, Guest, Administrator,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Kelly\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Kelly\AppData\Roaming\
~ %Desktop% : C:\Users\Kelly\Desktop\
~ %Favorites% : C:\Users\Kelly\Favorites\
~ %LocalAppData% : C:\Users\Kelly\AppData\Local\
~ %StartMenu% : C:\Users\Kelly\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 27 Go of 48 Go)
D: Hard drive, Flash drive, Thumb drive (Free 101 Go of 101 Go)
E: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 38 Scanned in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Windows Start-Up Application.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.D58988722C72D265B51A54103DFC2C6F] - (.Microsoft Corporation - Internet Extensions for Win32.) (.18/08/2014 - 21:46:48.) -- C:\Windows\System32\wininet.dll [1812992]
[MD5.998507B046BA314CE8245364C686FA67] - (.Microsoft Corporation - Windows Logon Application.) (.4/03/2014 - 10:17:02.) -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Software Licensing Library.) (.20/11/2010 - 22:29:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.D0B388DA1D111A34366E04EB4A5DD156] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:36:07.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 22:29:03.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 22:29:07.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 22:29:03.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - i8042 Port Driver.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 22:29:08.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - NT File System Driver.) (.24/01/2014 - 03:18:22.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Parallel Port Driver.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 22:29:49.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 22:29:07.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Volume Shadow Copy Driver.) (.20/11/2010 - 22:29:03.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes Favoris (My Favorites) : 1/19
~ Mes Documents (My Documents) : 1/2
~ Mon Bureau (My Desktop) : 1/331
~ Menu demarrer (Programs) : 1/24
~ Hidden Files: Scanned in 00mn 00s
---\\ Processus lancés
[MD5.3CD5BBDA19A1AB4EBA359E0A14FDF0F0] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [171032] [PID.1424]
[MD5.3142195521FEE436088EE8A5748DE1B1] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [170520] [PID.1540]
[MD5.113604A1D5FAF83C859839458E1C703A] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe [495708] [PID.1644]
[MD5.1DE859B82E381A645C44284A5044BC33] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896] [PID.2372]
[MD5.078614F4D145AC09AE9DD27A87E032A7] - (.Smartbar - Smartbar.) -- C:\Users\Kelly\AppData\Local\Smartbar\Application\SnapDo.exe [28192] [PID.2668] =>Hijacker.SmartBar
[MD5.3A19B2D2B5659D375FFFBA9EB71987B8] - (.OpenOffice.org - OpenOffice.org 3.1.) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe [7424000] [PID.2696]
[MD5.EEBD0B763F32A26421A35CC2C735E8E3] - (.OpenOffice.org - OpenOffice.org 3.1.) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin [7418368] [PID.2712]
[MD5.112854FD524F472159E8F32548A7F62D] - (...) -- C:\Program Files\SupTab\HpUI.exe [733576] [PID.3560] =>PUP.SupTab
[MD5.D46415CD75DDA09F0A17D2FDA2235CB0] - (...) -- C:\Program Files\SupTab\Loader32.exe [64000] [PID.3580] =>PUP.SupTab
[MD5.A5FCD42334CCC682DA1882A54338686C] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [860488] [PID.2852]
[MD5.6C609E7FA1FB51FABDDEE130AB8DACB5] - (.Pas de propriétaire - Lrcnta.) -- C:\Users\Kelly\AppData\Local\Smartbar\Application\Lrcnta.exe [23584] [PID.3268] =>Hijacker.SmartBar
[MD5.A346FB12BDBF1E0B68E92E48D81FB061] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8105984] [PID.632]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][StartupURLs] https://www.google.com/?gws_rd=ssl
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Google Store v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Google+ Hangouts v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)
---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 11 Scanned in 00mn 01s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.65.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.65.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.65.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30514.0.) -- C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll
~ Firefox Browser: 5 Scanned in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com =>PUP.IsStart
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com =>PUP.IsStart
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://search.safefinder.com/?q= =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com =>PUP.IsStart
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://search.safefinder.com/?q= =>Hijacker.SmartBar
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com =>PUP.IsStart
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com =>PUP.IsStart
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com =>PUP.IsStart
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = https://search.safefinder.com/?q= =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://search.safefinder.com/?q= =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = https://search.safefinder.com/?q= =>Hijacker.SmartBar
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = https://search.us.com/ =>PUP.StartSearch
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 17 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Snap.DoEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} . (...) -- mscoree.dll (.not file.) =>Hijacker.SmartBar
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
~ BHO: 6 Scanned in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Snap.Do - [HKLM]{ae07101b-46d4-4a98-af68-0333ea26e113} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe http://www.istartsurf.com =>PUP.IsStart
O4 - GS\QuickLaunch [Kelly]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com =>PUP.IsStart
O4 - GS\TaskBar [Kelly]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com =>PUP.IsStart
O4 - GS\Program [Kelly]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com =>PUP.IsStart
O4 - GS\SystemTools [Kelly]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com =>PUP.IsStart
~ Global Startup: 5 Scanned in 00mn 01s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKCU\..\Run: [Browser Infrastructure Helper] . (.Smartbar - Smartbar.) -- C:\Users\Kelly\AppData\Local\Smartbar\Application\SnapDo.exe =>Hijacker.SmartBar
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1611285490-2287283299-2428920054-1000\..\Run: [Browser Infrastructure Helper] . (.Smartbar - Smartbar.) -- C:\Users\Kelly\AppData\Local\Smartbar\Application\SnapDo.exe =>Hijacker.SmartBar
~ Application: Scanned in 00mn 00s
---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - E-mail Naming Shim Provider.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Microsoft Windows Sockets 2.0 Service Provider.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 6 Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{C51255A0-65B3-40C8-91EC-F98274E2ACE6}: DhcpNameServer = 195.130.130.1 195.130.131.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{C51255A0-65B3-40C8-91EC-F98274E2ACE6}: DhcpNameServer = 195.130.130.1 195.130.131.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{C51255A0-65B3-40C8-91EC-F98274E2ACE6}: DhcpNameServer = 195.130.130.1 195.130.131.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.130.130.1 195.130.131.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Andrea ST Filters Service (AESTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\aestsrv.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: IePlugin Services (IePluginServices) . (.Cherished Technololgy LIMITED - IePlugin Service.) - C:\ProgramData\IePluginServices\PluginService.exe =>PUP.IePluginService
O23 - Service: Audio Service (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\STacSV.exe
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) . (.Fuyu LIMITED - WindowsProtectManger Service.) - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Fuyu
~ Services: 5 Scanned in 00mn 02s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
[MD5.FBB312C9DA3863673EC18F4AE4101778] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [267440]
[MD5.13ECAC1C51CC00147BD06B5ABF142956] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [4529944]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648]
[MD5.29702C25639B549AC5221E546545D56B] [APT] [{6F71B83A-7547-4032-A715-7ED926A06A10}] (.Enigma Software Group USA, LLC..) -- C:\Users\Kelly\Downloads\SpyHunter-Installer (1).exe [728960] =>Crapware.SpyHunter
[MD5.C155A13687144076286989EF078112C2] [APT] [{889B14A2-96C1-491D-984D-CDC006DD2E57}] (.Nicolas Coolman.) -- C:\Program Files\ZHPDiag\ZHPhep.exe [1917440]
[MD5.1608D54DC69EA7E763CDAB78F71CAFD6] [APT] [{EF678CC5-2537-4619-B916-4466F8B5369A}] (.Skytech Co., Ltd..) -- C:\Users\Kelly\AppData\Roaming\istartsurf\UninstallManager.exe [1856512] =>PUP.IsStart
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [830]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [830]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1050]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1050]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1054]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1054]
~ Scheduled Task: 11 Scanned in 00mn 03s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Resources.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - Windows Theme API.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Microsoft Internet Explorer FTP Folder Shell Extension.) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Windows Media Player Resources.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
~ Active Setup: 10 Scanned in 00mn 00s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - QoS Packet Scheduler.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
O41 - Driver: ({890a8319-7c6f-45e4-a506-152b8d2d9310}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{890a8319-7c6f-45e4-a506-152b8d2d9310}Gw.sys =>PUP.LinkiDoo
~ Drivers: 63 Scanned in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 15 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Fast And Safe - (.GTgroup.) [HKLM] -- {5F189DF5-2D05-472B-9091-84D9848AE48B}{64af91bf} =>PUP.FastAndSafe
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: IDT Audio - (.IDT.) [HKLM] -- {E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}
O42 - Logiciel: Integrated Webcam Driver (1.03.02.0919) - (...) [HKLM] -- Creative OA001
O42 - Logiciel: Intel(R) Network Connections Drivers - (.Intel.) [HKLM] -- PROSet
O42 - Logiciel: Java 7 Update 65 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217055FF}
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {107F27B7-8EE4-4B3A-9CE5-497B120369DC}
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: OpenOffice.org 3.1 - (.OpenOffice.org.) [HKLM] -- {E6B87DC4-2B3D-4483-ADFF-E483BF718991}
O42 - Logiciel: PhotoFiltre 7 - (...) [HKCU] -- PhotoFiltre 7
O42 - Logiciel: Snap.Do - (.ReSoft Ltd..) [HKLM] -- {4130EAB4-F6D3-4981-A6DC-82CBCC308208} =>Hijacker.SmartBar
O42 - Logiciel: istartsurf uninstall - (.istartsurf.) [HKLM] -- istartsurf uninstall =>PUP.IsStart
~ Logic: 22 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}]
[HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}]
[HKCU\Software\AppDataLow]
[HKCU\Software\Bitdefender]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Google]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Macromedia]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\SmartbarBackup] =>Hijacker.SmartBar
[HKCU\Software\SmartbarLog] =>Hijacker.SmartBar
[HKCU\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\TNT2]
[HKCU\Software\WeDlMngr] =>PUP.weDownloadManager
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\globalUpdate]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\CBSTEST]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Creative Tech]
[HKLM\Software\Dell]
[HKLM\Software\GlobalUpdate]
[HKLM\Software\Google]
[HKLM\Software\IDT]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Licenses]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Sonic]
[HKLM\Software\SupDp] =>PUP.SupTab
[HKLM\Software\Volatile]
[HKLM\Software\WOW6432Node]
[HKLM\Software\istartsurfSoftware] =>PUP.IsStart
[HKLM\Software\supWPM] =>PUP.WpManager
[HKLM\Software\supWindowsMangerProtect] =>PUP.Fuyu
~ Key Software: 92 Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 25/05/2014 - 17:45:08 - [] ----D C:\Program Files\CCleaner
O43 - CFD: 18/09/2014 - 18:35:18 - [] ----D C:\Program Files\Common Files
O43 - CFD: 12/04/2011 - 04:21:16 - [] ----D C:\Program Files\DVD Maker
O43 - CFD: 25/05/2014 - 21:54:07 - [] ----D C:\Program Files\globalUpdate
O43 - CFD: 21/05/2014 - 21:22:28 - [] ----D C:\Program Files\Google
O43 - CFD: 11/05/2014 - 12:02:04 - [] ----D C:\Program Files\IDT
O43 - CFD: 11/05/2014 - 12:01:12 - [] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 11/05/2014 - 12:04:01 - [] ----D C:\Program Files\Intel
O43 - CFD: 11/09/2014 - 07:22:03 - [] ----D C:\Program Files\Internet Explorer
O43 - CFD: 28/07/2014 - 20:42:38 - [] ----D C:\Program Files\Java
O43 - CFD: 21/05/2014 - 19:04:43 - [] ----D C:\Program Files\JRE
O43 - CFD: 10/09/2014 - 22:56:05 - [] ----D C:\Program Files\Microsoft Security Client
O43 - CFD: 23/07/2014 - 21:05:15 - [] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 12/05/2014 - 08:51:45 - [] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 14/07/2009 - 06:52:30 - [] ----D C:\Program Files\MSBuild
O43 - CFD: 21/05/2014 - 19:04:42 - [] ----D C:\Program Files\OpenOffice.org 3
O43 - CFD: 12/08/2014 - 22:19:27 - [] ----D C:\Program Files\PhotoFiltre 7
O43 - CFD: 13/06/2014 - 21:27:08 - [0] ----D C:\Program Files\PrieceuDoWnloadder =>PUP.PriceDownloader
O43 - CFD: 14/07/2009 - 06:52:30 - [] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 2/08/2014 - 08:44:25 - [0] ----D C:\Program Files\saveitkEep =>PUP.SaveItKeep
O43 - CFD: 18/09/2014 - 18:01:47 - [] ----D C:\Program Files\SupTab =>PUP.SupTab
O43 - CFD: 29/06/2014 - 22:23:08 - [0] ----D C:\Program Files\Toepobuyer =>PUP.TopBuyer
O43 - CFD: 14/07/2009 - 06:53:23 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 12/05/2014 - 17:45:30 - [] ----D C:\Program Files\Windows Defender
O43 - CFD: 9/07/2014 - 20:41:33 - [] ----D C:\Program Files\Windows Journal
O43 - CFD: 12/04/2011 - 04:16:11 - [] ----D C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 12/05/2014 - 17:45:32 - [] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - 06:52:30 - [] ----D C:\Program Files\Windows NT
O43 - CFD: 12/04/2011 - 04:16:11 - [] ----D C:\Program Files\Windows Photo Viewer
O43 - CFD: 20/11/2010 - 23:33:48 - [] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 12/04/2011 - 04:16:11 - [] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 22/05/2014 - 13:45:38 - [0] ----D C:\Program Files\Yula
O43 - CFD: 18/09/2014 - 18:58:37 - [] ----D C:\Program Files\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 28/07/2014 - 20:42:46 - [] ----D C:\Program Files\Common Files\Java
O43 - CFD: 12/04/2011 - 04:16:11 - [] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 14/07/2009 - 04:37:05 - [] ----D C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 04:37:05 - [] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 12/05/2014 - 17:45:45 - [] ----D C:\Program Files\Common Files\System
O43 - CFD: 18/09/2014 - 18:35:18 - [] ----D C:\Program Files\Common Files\Wise Installation Wizard
O43 - CFD: 11/06/2014 - 07:21:38 - [0] ----D C:\ProgramData\2308189059
O43 - CFD: 2/08/2014 - 08:44:25 - [] ----D C:\ProgramData\48a03333df42576b
O43 - CFD: 16/05/2014 - 21:33:32 - [] ----D C:\ProgramData\APN
O43 - CFD: 14/07/2009 - 06:53:55 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 16/09/2014 - 21:48:28 - [] ----D C:\ProgramData\ClubSanDisk
O43 - CFD: 14/07/2009 - 06:53:55 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 06:53:55 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 16/07/2014 - 18:46:31 - [0] ----D C:\ProgramData\Fast And Safe =>PUP.FastAndSafe
O43 - CFD: 14/07/2009 - 06:53:55 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 21/05/2014 - 18:59:08 - [] ----D C:\ProgramData\Google
O43 - CFD: 18/09/2014 - 18:01:47 - [] ----D C:\ProgramData\IePluginServices =>PUP.IePluginService
O43 - CFD: 19/05/2014 - 09:50:45 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 28/07/2014 - 22:35:36 - [0] ----D C:\ProgramData\Oracle
O43 - CFD: 14/06/2014 - 08:40:34 - [0] ----D C:\ProgramData\PrieceuDoWnloadder =>PUP.PriceDownloader
O43 - CFD: 2/08/2014 - 10:36:01 - [0] ----D C:\ProgramData\saveitkEep =>PUP.SaveItKeep
O43 - CFD: 14/07/2009 - 06:53:55 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 16/05/2014 - 21:31:30 - [] ----D C:\ProgramData\Sun
O43 - CFD: 21/05/2014 - 19:07:46 - [0] ----D C:\ProgramData\TEMP
O43 - CFD: 14/07/2009 - 06:53:55 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 30/06/2014 - 09:31:18 - [0] ----D C:\ProgramData\Toepobuyer =>PUP.TopBuyer
O43 - CFD: 18/09/2014 - 18:01:37 - [] ----D C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu
O43 - CFD: 11/05/2014 - 18:28:34 - [] ----D C:\Users\Kelly\AppData\Roaming\Adobe
O43 - CFD: 11/05/2014 - 11:10:08 - [] ----D C:\Users\Kelly\AppData\Roaming\Identities
O43 - CFD: 18/09/2014 - 18:09:55 - [] ----D C:\Users\Kelly\AppData\Roaming\istartsurf =>PUP.IsStart
O43 - CFD: 11/05/2014 - 18:28:35 - [] ----D C:\Users\Kelly\AppData\Roaming\Macromedia
O43 - CFD: 12/04/2011 - 04:21:11 - [0] ----D C:\Users\Kelly\AppData\Roaming\Media Center Programs
O43 - CFD: 18/09/2014 - 18:00:07 - [] -S--D C:\Users\Kelly\AppData\Roaming\Microsoft
O43 - CFD: 21/05/2014 - 19:54:00 - [] ----D C:\Users\Kelly\AppData\Roaming\OpenOffice.org
O43 - CFD: 28/07/2014 - 22:35:59 - [] ----D C:\Users\Kelly\AppData\Roaming\Oracle
O43 - CFD: 13/08/2014 - 19:13:48 - [] ----D C:\Users\Kelly\AppData\Roaming\PhotoFiltre 7
O43 - CFD: 19/05/2014 - 09:52:16 - [] ----D C:\Users\Kelly\AppData\Roaming\QuickScan
O43 - CFD: 18/09/2014 - 19:01:59 - [] ----D C:\Users\Kelly\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 11/05/2014 - 18:28:33 - [0] ----D C:\Users\Kelly\AppData\Local\Adobe
O43 - CFD: 11/05/2014 - 11:09:53 - [] -SH-D C:\Users\Kelly\AppData\Local\Application Data
O43 - CFD: 16/05/2014 - 21:52:49 - [] -SH-D C:\Users\Kelly\AppData\Local\EmieSiteList
O43 - CFD: 16/05/2014 - 21:52:49 - [] -SH-D C:\Users\Kelly\AppData\Local\EmieUserList
O43 - CFD: 19/05/2014 - 09:48:59 - [] ----D C:\Users\Kelly\AppData\Local\globalUpdate
O43 - CFD: 21/05/2014 - 18:59:08 - [] ----D C:\Users\Kelly\AppData\Local\Google
O43 - CFD: 11/05/2014 - 11:09:53 - [] -SH-D C:\Users\Kelly\AppData\Local\History
O43 - CFD: 18/09/2014 - 18:00:07 - [] ----D C:\Users\Kelly\AppData\Local\LPT =>Adware.Incredibar
O43 - CFD: 26/05/2014 - 19:32:05 - [] ----D C:\Users\Kelly\AppData\Local\Microsoft
O43 - CFD: 21/05/2014 - 19:02:27 - [] ----D C:\Users\Kelly\AppData\Local\Programs
O43 - CFD: 21/05/2014 - 19:02:06 - [] ----D C:\Users\Kelly\AppData\Local\SearchProtect =>PUP.SearchProtect
O43 - CFD: 18/09/2014 - 18:00:02 - [] ----D C:\Users\Kelly\AppData\Local\Smartbar =>Hijacker.SmartBar
O43 - CFD: 18/09/2014 - 19:01:51 - [] ----D C:\Users\Kelly\AppData\Local\Temp
O43 - CFD: 11/05/2014 - 11:09:53 - [] -SH-D C:\Users\Kelly\AppData\Local\Temporary Internet Files
O43 - CFD: 11/05/2014 - 11:09:54 - [0] ----D C:\Users\Kelly\AppData\Local\VirtualStore
O43 - CFD: 18/09/2014 - 18:05:21 - [] ----D C:\Users\Kelly\AppData\Local\WebPlayer
O43 - CFD: 14/07/2009 - 06:42:04 - [] R---D C:\Users\Kelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 13/08/2014 - 18:53:37 - [] R---D C:\Users\Kelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 14/07/2009 - 06:37:42 - [] R---D C:\Users\Kelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 12/08/2014 - 22:19:27 - [0] ----D C:\Users\Kelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
O43 - CFD: 13/08/2014 - 18:53:37 - [] R---D C:\Users\Kelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
~ Program Folder: 92 Scanned in 00mn 00s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.A1563AAE57D81CF27B9BEC2587452B6C] - 10/09/2014 - 17:51:16 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerApp.exe [701104]
O44 - LFC:[MD5.261DBD3E1F37FFF94BEE334AF84CA77E] - 10/09/2014 - 17:51:16 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [71344]
O44 - LFC:[MD5.79896A78039C9A63C56197843CFBAD0B] - 10/09/2014 - 20:58:25 ---A- . (.Microsoft Corporation - Direct3D 10 Rasterizer.) -- C:\Windows\System32\d3d10warp.dll [1987584]
O44 - LFC:[MD5.DCA0AC63EF309E17BEEDE8D90622285F] - 10/09/2014 - 20:58:27 ---A- . (.Microsoft Corporation - LSA Server DLL.) -- C:\Windows\System32\lsasrv.dll [1059840]
O44 - LFC:[MD5.1B85FA0D0A93C011B76678733F39DB6C] - 10/09/2014 - 20:58:28 ---A- . (.Microsoft Corporation - Kerberos Security Package.) -- C:\Windows\System32\kerberos.dll [550912]
O44 - LFC:[MD5.A8DDB7ACB122FC36FF0D7C9B3099A380] - 10/09/2014 - 20:58:38 ---A- . (.Microsoft Corporation - RemoteApp and Desktop Connection Component.) -- C:\Windows\System32\TSWorkspace.dll [793600]
O44 - LFC:[MD5.2A66E81AE941E54A237490FC35D387C8] - 10/09/2014 - 21:56:23 ---A- . (...) -- C:\Windows\epplauncher.mif [1945]
O44 - LFC:[MD5.2C0A9EF6FC654087748406F6D45AF620] - 10/09/2014 - 21:56:43 ---A- . (.Microsoft Corporation - Microsoft Windows Malicious Software Remova.) -- C:\Windows\System32\MRT.exe [98758480]
O44 - LFC:[MD5.2413D2216D08FAF7D7178D9E0B481AEB] - 10/09/2014 - 22:02:04 ---A- . (.Microsoft Corporation - Microsoft DTV-DVD Video Decoder.) -- C:\Windows\System32\msmpeg2vdec.dll [2285056]
O44 - LFC:[MD5.A3560FAFC1686D5EE9830B33B5C74B66] - 10/09/2014 - 22:02:34 ---A- . (.Microsoft Corporation - Internet Browser.) -- C:\Windows\System32\ieframe.dll [11769856]
O44 - LFC:[MD5.7BF1CE9240CB9DD27C3E30733176EB8E] - 10/09/2014 - 22:02:35 ---A- . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll [17455104]
O44 - LFC:[MD5.6A3A809CA7A8F40C89E6F1D301898A66] - 10/09/2014 - 22:02:36 ---A- . (.Microsoft Corporation - Internet Control Panel.) -- C:\Windows\System32\inetcpl.cpl [2014208]
O44 - LFC:[MD5.77B7DDF91F3ED2CDB6CF60224EE13433] - 10/09/2014 - 22:02:36 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\System32\jscript9.dll [4232704]
O44 - LFC:[MD5.41010A88B70A2168F801DC19EBD4CB4F] - 10/09/2014 - 22:02:36 ---A- . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll [1190400]
O44 - LFC:[MD5.D58988722C72D265B51A54103DFC2C6F] - 10/09/2014 - 22:02:37 ---A- . (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\Windows\System32\wininet.dll [1812992]
O44 - LFC:[MD5.FD96C05DE700F5FD26273D6DDB6495A7] - 10/09/2014 - 22:02:37 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\System32\iertutil.dll [2185728]
O44 - LFC:[MD5.E16EA38E5E98E485BE566738367AF16F] - 10/09/2014 - 22:02:39 ---A- . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe [673792]
O44 - LFC:[MD5.8D4FCAB2643DFEF68040B70F1EDCCBC5] - 10/09/2014 - 22:02:39 ---A- . (.Microsoft Corporation - IEAK branding.) -- C:\Windows\System32\iedkcs32.dll [327872]
O44 - LFC:[MD5.074646C5A979DE79133DE4A8530A9C5D] - 10/09/2014 - 22:02:39 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [603136]
O44 - LFC:[MD5.24225D0B94B800F4A78A0AC08E7FA4AE] - 10/09/2014 - 22:02:39 ---A- . (.Microsoft Corporation - Microsoft Spell Checking Facility.) -- C:\Windows\System32\MsSpellCheckingFacility.exe [646144]
O44 - LFC:[MD5.AA595171932ACC79DA9851067DCBDABF] - 10/09/2014 - 22:02:40 ---A- . (.Microsoft Corporation - Extended RunOnce processing with UI.) -- C:\Windows\System32\iernonce.dll [32768]
O44 - LFC:[MD5.5074835337862817DB3726558D0908DE] - 10/09/2014 - 22:02:40 ---A- . (.Microsoft Corporation - IE ETW Collector Proxy Stub Resources.) -- C:\Windows\System32\ieetwproxystub.dll [51200]
O44 - LFC:[MD5.95D7609E05218407071E353800581BF2] - 10/09/2014 - 22:02:40 ---A- . (.Microsoft Corporation - IE ETW Collector Service.) -- C:\Windows\System32\ieetwcollector.exe [108032]
O44 - LFC:[MD5.77F79126444896B5867E6761490735B8] - 10/09/2014 - 22:02:40 ---A- . (.Microsoft Corporation - JavaScript Performance Collection Agent.) -- C:\Windows\System32\JavaScriptCollectionAgent.dll [60416]
O44 - LFC:[MD5.88EBB8526981D03C5777AB0A4AEBA8B4] - 10/09/2014 - 22:02:40 ---A- . (.Microsoft Corporation - Microsoft (R) HTML Media DLL.) -- C:\Windows\System32\mshtmlmedia.dll [1068032]
O44 - LFC:[MD5.4F2EDC301EC63F803C0FDB6CC87EDA24] - 10/09/2014 - 22:02:40 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\System32\vbscript.dll [454656]
O44 - LFC:[MD5.42F6F28D4885505F687CAF0459FF9F90] - 10/09/2014 - 22:02:41 ---A- . (.Microsoft Corporation - IE 7.0 Unattended Install Utility.) -- C:\Windows\System32\ieUnatt.exe [112128]
O44 - LFC:[MD5.D603AC77E17E5B9583E382F2EE0381A7] - 10/09/2014 - 22:02:41 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll [43008]
O44 - LFC:[MD5.1D8C086A39B9794D7131384586811B25] - 10/09/2014 - 22:02:41 ---A- . (.Microsoft Corporation - Microsoft SmartScreen Filter.) -- C:\Windows\System32\ieapfltr.dll [678400]
O44 - LFC:[MD5.13C2C87C35E52AAB1B439FB2E26DF2DE] - 10/09/2014 - 22:02:41 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll [69632]
O44 - LFC:[MD5.AE7BCEA48C8AE4C1A26A2A26C94DD29D] - 10/09/2014 - 22:02:42 ---A- . (.Microsoft Corporation - IE ETW Collector Service Resources.) -- C:\Windows\System32\ieetwcollectorres.dll [4096]
O44 - LFC:[MD5.CC8F34B345DA638D77BB48C035DA628D] - 10/09/2014 - 22:02:42 ---A- . (.Microsoft Corporation - Internet Ratings and Local User Management.) -- C:\Windows\System32\msrating.dll [164864]
O44 - LFC:[MD5.2E2E40E5D92EEA979548E307C5781038] - 10/09/2014 - 22:02:42 ---A- . (.Microsoft Corporation - Microsoft ® JScript Diagnostics.) -- C:\Windows\System32\jscript9diag.dll [597504]
O44 - LFC:[MD5.6DD476318F524D2DCB73AFEB2EE27B4A] - 10/09/2014 - 22:02:43 ---A- . (.Microsoft Corporation - DAC for Trident DOM.) -- C:\Windows\System32\MshtmlDac.dll [61952]
O44 - LFC:[MD5.297EF1AB73B8FCE76BCA1365C2E49AFC] - 10/09/2014 - 22:02:43 ---A- . (.Microsoft Corporation - Internet Explorer UI Engine.) -- C:\Windows\System32\ieui.dll [440320]
O44 - LFC:[MD5.E3D7B3F64C30994409BDF8E48048A854] - 10/09/2014 - 22:02:43 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb [2724864]
O44 - LFC:[MD5.7C3D593AB1E2F5E5687D97772EF99AC7] - 10/09/2014 - 22:02:44 ---A- . (.Microsoft Corporation - IOD Version Map.) -- C:\Windows\System32\iesetup.dll [61952]
O44 - LFC:[MD5.084839DFAA67C3D5E7D41E1F57B6F299] - 18/09/2014 - 17:27:49 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.D74E3C688AA4F552EB9F55CB8EA67170] - 18/09/2014 - 17:27:53 ---A- . (...) -- C:\Windows\setupact.log [56]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 18/09/2014 - 17:27:53 ---A- . (...) -- C:\Windows\setuperr.log [0]
O44 - LFC:[MD5.E8D658C2DB612B60ACCF53FA509937C8] - 18/09/2014 - 17:30:50 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1122538]
O44 - LFC:[MD5.D54CCA2EC8A73DA405073C667F9143BA] - 18/09/2014 - 17:32:13 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [781298]
O44 - LFC:[MD5.71D197B7AB3EF824BC3FAE75F5037EC2] - 18/09/2014 - 17:32:13 ---A- . (...) -- C:\Windows\System32\perfc009.dat [121596]
O44 - LFC:[MD5.730C718C11EAFB83F13F32D0FDE0F3C4] - 18/09/2014 - 17:32:13 ---A- . (...) -- C:\Windows\System32\perfh009.dat [653724]
O44 - LFC:[MD5.11423EFD825011A0F5EC76D89D0C89A1] - 5/09/2014 - 02:47:39 ---A- . (.Microsoft Corporation - Application Experience Program Inventory Co.) -- C:\Windows\System32\aeinv.dll [302592]
O44 - LFC:[MD5.7D11D2B186C369E39D3B3759AE2775CE] - 5/09/2014 - 02:52:10 ---A- . (.Microsoft Corporation - Program Compatibility Data Updater.) -- C:\Windows\System32\aepdu.dll [445952]
~ Files: 48 Scanned in 00mn 20s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.752158011342D6572539AEBFC3376061] - 18/09/2014 - 17:01:46 ---A- - C:\Windows\Prefetch\PODOWEB.MG.EXE-000191E4.pf =>PUP.PodoWeb
O45 - LFCP:[MD5.A3F8B1E01B9C5BB772E1471C054E3A72] - 18/09/2014 - 17:35:23 ---A- - C:\Windows\Prefetch\SHSETUP.EXE-4266F042.pf =>Crapware.SpyHunter
O45 - LFCP:[MD5.D2F2CF10EEEA029C97114391B2252192] - 18/09/2014 - 17:01:00 ---A- - C:\Windows\Prefetch\SMT_ISTARTSURF.EXE-862B1F40.pf =>PUP.IsStart
O45 - LFCP:[MD5.3AD36E68500EF0522B0716B5C5749A5A] - 18/09/2014 - 17:07:09 ---A- - C:\Windows\Prefetch\SNAPDO.EXE-72A3A99D.pf =>Hijacker.SmartBar
O45 - LFCP:[MD5.C5049257E6DDB834837AB4772965A8E5] - 18/09/2014 - 17:34:55 ---A- - C:\Windows\Prefetch\SPYHUNTER-INSTALLER (1).EXE-3DF4661C.pf =>Crapware.SpyHunter
O45 - LFCP:[MD5.D6B67336091E3289DC5E7E5BD95CBCD8] - 18/09/2014 - 17:01:46 ---A- - C:\Windows\Prefetch\SUPIEPLUGINSERVICEUPDATE.EXE-82CE61E6.pf =>PUP.IePluginService
O45 - LFCP:[MD5.D4D4C2C5BB47EE538C5F6A68A11B88EE] - 18/09/2014 - 17:01:43 ---A- - C:\Windows\Prefetch\SUPTAB_V5.8.8.777_NOBLANK.EXE-134EFAD6.pf =>PUP.SupTab
O45 - LFCP:[MD5.335C1ACC44204C6D17B086EE0D346828] - 18/09/2014 - 17:05:21 ---A- - C:\Windows\Prefetch\WEBPLAYER.EXE-FDB9C5BB.pf =>Adware.SocialSkinz
O45 - LFCP:[MD5.E007C94C0346E61830A7A8CDE7600C1F] - 18/09/2014 - 17:01:37 ---A- - C:\Windows\Prefetch\WPM_V20.0.0.722.EXE-867E6EC2.pf =>PUP.WpManager
~ Prefetcher: 9 Scanned in 00mn 00s
---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Windows Security Configuration Editor Client Engine.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Kerberos Security Package.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
~ LSA: 8 Scanned in 00mn 00s
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Serial Mouse Filter Driver.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Serial Mouse Filter Driver.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s
---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 3 Scanned in 00mn 00s
---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Scanned in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422976]
O58 - SDL:14/07/2009 - 02:26:17 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [297552]
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\Drivers\adpu320.sys [146512]
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [14400]
O58 - SDL:11/03/2011 - 06:38:37 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [80256]
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows fa.) -- C:\Windows\System32\Drivers\amdsbs.sys [159312]
O58 - SDL:11/03/2011 - 06:38:37 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [22400]
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [76368]
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [86608]
O58 - SDL:13/07/2009 - 23:02:49 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\Drivers\b57nd60x.sys [229888]
O58 - SDL:13/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [13568]
O58 - SDL:13/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [5248]
O58 - SDL:14/07/2009 - 01:57:25 ---A- . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [272128]
O58 - SDL:13/07/2009 - 23:53:32 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.
résultat, plus l'icône google, qui a été remplacée par une grosse loupe
ce que j'ai déjà fait:
1 essayer en passant par le panneaux de conf' mais après avoir cliqué sur 'uninstall', pour l'un on me demande si je suis certaine de vouloir effacer tel ou tel truc (du style facebook) et l'autre me demande de recopier un code lettré avant de commencer...donc méfiance
2 fait programme un programme CC Cleaner = aucun résultat
3 dans google, tripatouillé dans 'outils/paramètres/paramètres avancés'....
mais toujours dans le panneau de configuration...helpp!
j'ai téléchargé votre programme et voici le pronostic: (mais je beuge pour vous le faire parvenir par le site 'ci-joint'....
merciiiiii
~ Rapport de ZHPDiag v2014.9.18.135 - Nicolas Coolman (18/09/2014)
~ Lancé par Kelly (18/09/2014 19:01:41)
~ Adresse du Site Web https://nicolascoolman.eu
~ Adresse du Forum https://nicolascoolman.eu
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17280
GCIE: Google Chrome v35.0.1916.153 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Professional, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, VOLUME_MAK channel
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
Microsoft Security Client v4.6.0305.0
Windows Defender W7 (Deactivate)
---\\ Logiciels d'optimisation du système
CCleaner v4.14
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 15 ActiveX
Java 7 Update 65
---\\ Informations sur le système
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3535 MB (40% free)
System Restore: Activé (Enable)
System drive C: has 27 GB (57%) free of 48 GB
---\\ Mode de connexion au système
~ Computer Name: HOMPC
~ User Name: Kelly
~ All Users Names: Kelly, HomeGroupUser$, Guest, Administrator,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Kelly\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Kelly\AppData\Roaming\
~ %Desktop% : C:\Users\Kelly\Desktop\
~ %Favorites% : C:\Users\Kelly\Favorites\
~ %LocalAppData% : C:\Users\Kelly\AppData\Local\
~ %StartMenu% : C:\Users\Kelly\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 27 Go of 48 Go)
D: Hard drive, Flash drive, Thumb drive (Free 101 Go of 101 Go)
E: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 38 Scanned in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Windows Start-Up Application.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.D58988722C72D265B51A54103DFC2C6F] - (.Microsoft Corporation - Internet Extensions for Win32.) (.18/08/2014 - 21:46:48.) -- C:\Windows\System32\wininet.dll [1812992]
[MD5.998507B046BA314CE8245364C686FA67] - (.Microsoft Corporation - Windows Logon Application.) (.4/03/2014 - 10:17:02.) -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Software Licensing Library.) (.20/11/2010 - 22:29:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.D0B388DA1D111A34366E04EB4A5DD156] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:36:07.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 22:29:03.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 22:29:07.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 22:29:03.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - i8042 Port Driver.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 22:29:08.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - NT File System Driver.) (.24/01/2014 - 03:18:22.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Parallel Port Driver.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 22:29:49.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 22:29:07.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Volume Shadow Copy Driver.) (.20/11/2010 - 22:29:03.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes Favoris (My Favorites) : 1/19
~ Mes Documents (My Documents) : 1/2
~ Mon Bureau (My Desktop) : 1/331
~ Menu demarrer (Programs) : 1/24
~ Hidden Files: Scanned in 00mn 00s
---\\ Processus lancés
[MD5.3CD5BBDA19A1AB4EBA359E0A14FDF0F0] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [171032] [PID.1424]
[MD5.3142195521FEE436088EE8A5748DE1B1] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [170520] [PID.1540]
[MD5.113604A1D5FAF83C859839458E1C703A] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe [495708] [PID.1644]
[MD5.1DE859B82E381A645C44284A5044BC33] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896] [PID.2372]
[MD5.078614F4D145AC09AE9DD27A87E032A7] - (.Smartbar - Smartbar.) -- C:\Users\Kelly\AppData\Local\Smartbar\Application\SnapDo.exe [28192] [PID.2668] =>Hijacker.SmartBar
[MD5.3A19B2D2B5659D375FFFBA9EB71987B8] - (.OpenOffice.org - OpenOffice.org 3.1.) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe [7424000] [PID.2696]
[MD5.EEBD0B763F32A26421A35CC2C735E8E3] - (.OpenOffice.org - OpenOffice.org 3.1.) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin [7418368] [PID.2712]
[MD5.112854FD524F472159E8F32548A7F62D] - (...) -- C:\Program Files\SupTab\HpUI.exe [733576] [PID.3560] =>PUP.SupTab
[MD5.D46415CD75DDA09F0A17D2FDA2235CB0] - (...) -- C:\Program Files\SupTab\Loader32.exe [64000] [PID.3580] =>PUP.SupTab
[MD5.A5FCD42334CCC682DA1882A54338686C] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [860488] [PID.2852]
[MD5.6C609E7FA1FB51FABDDEE130AB8DACB5] - (.Pas de propriétaire - Lrcnta.) -- C:\Users\Kelly\AppData\Local\Smartbar\Application\Lrcnta.exe [23584] [PID.3268] =>Hijacker.SmartBar
[MD5.A346FB12BDBF1E0B68E92E48D81FB061] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8105984] [PID.632]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][StartupURLs] https://www.google.com/?gws_rd=ssl
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Google Store v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Google+ Hangouts v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)
---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 11 Scanned in 00mn 01s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.65.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.65.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.65.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30514.0.) -- C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll
~ Firefox Browser: 5 Scanned in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com =>PUP.IsStart
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com =>PUP.IsStart
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://search.safefinder.com/?q= =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com =>PUP.IsStart
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://search.safefinder.com/?q= =>Hijacker.SmartBar
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com =>PUP.IsStart
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com =>PUP.IsStart
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com =>PUP.IsStart
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = https://search.safefinder.com/?q= =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://search.safefinder.com/?q= =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = https://search.safefinder.com/?q= =>Hijacker.SmartBar
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = https://search.us.com/ =>PUP.StartSearch
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 17 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Snap.DoEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} . (...) -- mscoree.dll (.not file.) =>Hijacker.SmartBar
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
~ BHO: 6 Scanned in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Snap.Do - [HKLM]{ae07101b-46d4-4a98-af68-0333ea26e113} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe http://www.istartsurf.com =>PUP.IsStart
O4 - GS\QuickLaunch [Kelly]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com =>PUP.IsStart
O4 - GS\TaskBar [Kelly]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com =>PUP.IsStart
O4 - GS\Program [Kelly]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com =>PUP.IsStart
O4 - GS\SystemTools [Kelly]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com =>PUP.IsStart
~ Global Startup: 5 Scanned in 00mn 01s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKCU\..\Run: [Browser Infrastructure Helper] . (.Smartbar - Smartbar.) -- C:\Users\Kelly\AppData\Local\Smartbar\Application\SnapDo.exe =>Hijacker.SmartBar
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1611285490-2287283299-2428920054-1000\..\Run: [Browser Infrastructure Helper] . (.Smartbar - Smartbar.) -- C:\Users\Kelly\AppData\Local\Smartbar\Application\SnapDo.exe =>Hijacker.SmartBar
~ Application: Scanned in 00mn 00s
---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - E-mail Naming Shim Provider.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Microsoft Windows Sockets 2.0 Service Provider.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 6 Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{C51255A0-65B3-40C8-91EC-F98274E2ACE6}: DhcpNameServer = 195.130.130.1 195.130.131.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{C51255A0-65B3-40C8-91EC-F98274E2ACE6}: DhcpNameServer = 195.130.130.1 195.130.131.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{C51255A0-65B3-40C8-91EC-F98274E2ACE6}: DhcpNameServer = 195.130.130.1 195.130.131.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.130.130.1 195.130.131.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Andrea ST Filters Service (AESTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\aestsrv.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: IePlugin Services (IePluginServices) . (.Cherished Technololgy LIMITED - IePlugin Service.) - C:\ProgramData\IePluginServices\PluginService.exe =>PUP.IePluginService
O23 - Service: Audio Service (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\STacSV.exe
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) . (.Fuyu LIMITED - WindowsProtectManger Service.) - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Fuyu
~ Services: 5 Scanned in 00mn 02s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
[MD5.FBB312C9DA3863673EC18F4AE4101778] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [267440]
[MD5.13ECAC1C51CC00147BD06B5ABF142956] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [4529944]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648]
[MD5.29702C25639B549AC5221E546545D56B] [APT] [{6F71B83A-7547-4032-A715-7ED926A06A10}] (.Enigma Software Group USA, LLC..) -- C:\Users\Kelly\Downloads\SpyHunter-Installer (1).exe [728960] =>Crapware.SpyHunter
[MD5.C155A13687144076286989EF078112C2] [APT] [{889B14A2-96C1-491D-984D-CDC006DD2E57}] (.Nicolas Coolman.) -- C:\Program Files\ZHPDiag\ZHPhep.exe [1917440]
[MD5.1608D54DC69EA7E763CDAB78F71CAFD6] [APT] [{EF678CC5-2537-4619-B916-4466F8B5369A}] (.Skytech Co., Ltd..) -- C:\Users\Kelly\AppData\Roaming\istartsurf\UninstallManager.exe [1856512] =>PUP.IsStart
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [830]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [830]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1050]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1050]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1054]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1054]
~ Scheduled Task: 11 Scanned in 00mn 03s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Resources.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - Windows Theme API.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Microsoft Internet Explorer FTP Folder Shell Extension.) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Windows Media Player Resources.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
~ Active Setup: 10 Scanned in 00mn 00s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - QoS Packet Scheduler.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
O41 - Driver: ({890a8319-7c6f-45e4-a506-152b8d2d9310}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{890a8319-7c6f-45e4-a506-152b8d2d9310}Gw.sys =>PUP.LinkiDoo
~ Drivers: 63 Scanned in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 15 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Fast And Safe - (.GTgroup.) [HKLM] -- {5F189DF5-2D05-472B-9091-84D9848AE48B}{64af91bf} =>PUP.FastAndSafe
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: IDT Audio - (.IDT.) [HKLM] -- {E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}
O42 - Logiciel: Integrated Webcam Driver (1.03.02.0919) - (...) [HKLM] -- Creative OA001
O42 - Logiciel: Intel(R) Network Connections Drivers - (.Intel.) [HKLM] -- PROSet
O42 - Logiciel: Java 7 Update 65 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217055FF}
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {107F27B7-8EE4-4B3A-9CE5-497B120369DC}
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: OpenOffice.org 3.1 - (.OpenOffice.org.) [HKLM] -- {E6B87DC4-2B3D-4483-ADFF-E483BF718991}
O42 - Logiciel: PhotoFiltre 7 - (...) [HKCU] -- PhotoFiltre 7
O42 - Logiciel: Snap.Do - (.ReSoft Ltd..) [HKLM] -- {4130EAB4-F6D3-4981-A6DC-82CBCC308208} =>Hijacker.SmartBar
O42 - Logiciel: istartsurf uninstall - (.istartsurf.) [HKLM] -- istartsurf uninstall =>PUP.IsStart
~ Logic: 22 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}]
[HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}]
[HKCU\Software\AppDataLow]
[HKCU\Software\Bitdefender]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Google]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Macromedia]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\SmartbarBackup] =>Hijacker.SmartBar
[HKCU\Software\SmartbarLog] =>Hijacker.SmartBar
[HKCU\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\TNT2]
[HKCU\Software\WeDlMngr] =>PUP.weDownloadManager
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\globalUpdate]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\CBSTEST]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Creative Tech]
[HKLM\Software\Dell]
[HKLM\Software\GlobalUpdate]
[HKLM\Software\Google]
[HKLM\Software\IDT]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Licenses]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Sonic]
[HKLM\Software\SupDp] =>PUP.SupTab
[HKLM\Software\Volatile]
[HKLM\Software\WOW6432Node]
[HKLM\Software\istartsurfSoftware] =>PUP.IsStart
[HKLM\Software\supWPM] =>PUP.WpManager
[HKLM\Software\supWindowsMangerProtect] =>PUP.Fuyu
~ Key Software: 92 Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 25/05/2014 - 17:45:08 - [] ----D C:\Program Files\CCleaner
O43 - CFD: 18/09/2014 - 18:35:18 - [] ----D C:\Program Files\Common Files
O43 - CFD: 12/04/2011 - 04:21:16 - [] ----D C:\Program Files\DVD Maker
O43 - CFD: 25/05/2014 - 21:54:07 - [] ----D C:\Program Files\globalUpdate
O43 - CFD: 21/05/2014 - 21:22:28 - [] ----D C:\Program Files\Google
O43 - CFD: 11/05/2014 - 12:02:04 - [] ----D C:\Program Files\IDT
O43 - CFD: 11/05/2014 - 12:01:12 - [] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 11/05/2014 - 12:04:01 - [] ----D C:\Program Files\Intel
O43 - CFD: 11/09/2014 - 07:22:03 - [] ----D C:\Program Files\Internet Explorer
O43 - CFD: 28/07/2014 - 20:42:38 - [] ----D C:\Program Files\Java
O43 - CFD: 21/05/2014 - 19:04:43 - [] ----D C:\Program Files\JRE
O43 - CFD: 10/09/2014 - 22:56:05 - [] ----D C:\Program Files\Microsoft Security Client
O43 - CFD: 23/07/2014 - 21:05:15 - [] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 12/05/2014 - 08:51:45 - [] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 14/07/2009 - 06:52:30 - [] ----D C:\Program Files\MSBuild
O43 - CFD: 21/05/2014 - 19:04:42 - [] ----D C:\Program Files\OpenOffice.org 3
O43 - CFD: 12/08/2014 - 22:19:27 - [] ----D C:\Program Files\PhotoFiltre 7
O43 - CFD: 13/06/2014 - 21:27:08 - [0] ----D C:\Program Files\PrieceuDoWnloadder =>PUP.PriceDownloader
O43 - CFD: 14/07/2009 - 06:52:30 - [] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 2/08/2014 - 08:44:25 - [0] ----D C:\Program Files\saveitkEep =>PUP.SaveItKeep
O43 - CFD: 18/09/2014 - 18:01:47 - [] ----D C:\Program Files\SupTab =>PUP.SupTab
O43 - CFD: 29/06/2014 - 22:23:08 - [0] ----D C:\Program Files\Toepobuyer =>PUP.TopBuyer
O43 - CFD: 14/07/2009 - 06:53:23 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 12/05/2014 - 17:45:30 - [] ----D C:\Program Files\Windows Defender
O43 - CFD: 9/07/2014 - 20:41:33 - [] ----D C:\Program Files\Windows Journal
O43 - CFD: 12/04/2011 - 04:16:11 - [] ----D C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 12/05/2014 - 17:45:32 - [] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - 06:52:30 - [] ----D C:\Program Files\Windows NT
O43 - CFD: 12/04/2011 - 04:16:11 - [] ----D C:\Program Files\Windows Photo Viewer
O43 - CFD: 20/11/2010 - 23:33:48 - [] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 12/04/2011 - 04:16:11 - [] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 22/05/2014 - 13:45:38 - [0] ----D C:\Program Files\Yula
O43 - CFD: 18/09/2014 - 18:58:37 - [] ----D C:\Program Files\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 28/07/2014 - 20:42:46 - [] ----D C:\Program Files\Common Files\Java
O43 - CFD: 12/04/2011 - 04:16:11 - [] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 14/07/2009 - 04:37:05 - [] ----D C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 04:37:05 - [] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 12/05/2014 - 17:45:45 - [] ----D C:\Program Files\Common Files\System
O43 - CFD: 18/09/2014 - 18:35:18 - [] ----D C:\Program Files\Common Files\Wise Installation Wizard
O43 - CFD: 11/06/2014 - 07:21:38 - [0] ----D C:\ProgramData\2308189059
O43 - CFD: 2/08/2014 - 08:44:25 - [] ----D C:\ProgramData\48a03333df42576b
O43 - CFD: 16/05/2014 - 21:33:32 - [] ----D C:\ProgramData\APN
O43 - CFD: 14/07/2009 - 06:53:55 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 16/09/2014 - 21:48:28 - [] ----D C:\ProgramData\ClubSanDisk
O43 - CFD: 14/07/2009 - 06:53:55 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 06:53:55 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 16/07/2014 - 18:46:31 - [0] ----D C:\ProgramData\Fast And Safe =>PUP.FastAndSafe
O43 - CFD: 14/07/2009 - 06:53:55 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 21/05/2014 - 18:59:08 - [] ----D C:\ProgramData\Google
O43 - CFD: 18/09/2014 - 18:01:47 - [] ----D C:\ProgramData\IePluginServices =>PUP.IePluginService
O43 - CFD: 19/05/2014 - 09:50:45 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 28/07/2014 - 22:35:36 - [0] ----D C:\ProgramData\Oracle
O43 - CFD: 14/06/2014 - 08:40:34 - [0] ----D C:\ProgramData\PrieceuDoWnloadder =>PUP.PriceDownloader
O43 - CFD: 2/08/2014 - 10:36:01 - [0] ----D C:\ProgramData\saveitkEep =>PUP.SaveItKeep
O43 - CFD: 14/07/2009 - 06:53:55 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 16/05/2014 - 21:31:30 - [] ----D C:\ProgramData\Sun
O43 - CFD: 21/05/2014 - 19:07:46 - [0] ----D C:\ProgramData\TEMP
O43 - CFD: 14/07/2009 - 06:53:55 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 30/06/2014 - 09:31:18 - [0] ----D C:\ProgramData\Toepobuyer =>PUP.TopBuyer
O43 - CFD: 18/09/2014 - 18:01:37 - [] ----D C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu
O43 - CFD: 11/05/2014 - 18:28:34 - [] ----D C:\Users\Kelly\AppData\Roaming\Adobe
O43 - CFD: 11/05/2014 - 11:10:08 - [] ----D C:\Users\Kelly\AppData\Roaming\Identities
O43 - CFD: 18/09/2014 - 18:09:55 - [] ----D C:\Users\Kelly\AppData\Roaming\istartsurf =>PUP.IsStart
O43 - CFD: 11/05/2014 - 18:28:35 - [] ----D C:\Users\Kelly\AppData\Roaming\Macromedia
O43 - CFD: 12/04/2011 - 04:21:11 - [0] ----D C:\Users\Kelly\AppData\Roaming\Media Center Programs
O43 - CFD: 18/09/2014 - 18:00:07 - [] -S--D C:\Users\Kelly\AppData\Roaming\Microsoft
O43 - CFD: 21/05/2014 - 19:54:00 - [] ----D C:\Users\Kelly\AppData\Roaming\OpenOffice.org
O43 - CFD: 28/07/2014 - 22:35:59 - [] ----D C:\Users\Kelly\AppData\Roaming\Oracle
O43 - CFD: 13/08/2014 - 19:13:48 - [] ----D C:\Users\Kelly\AppData\Roaming\PhotoFiltre 7
O43 - CFD: 19/05/2014 - 09:52:16 - [] ----D C:\Users\Kelly\AppData\Roaming\QuickScan
O43 - CFD: 18/09/2014 - 19:01:59 - [] ----D C:\Users\Kelly\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 11/05/2014 - 18:28:33 - [0] ----D C:\Users\Kelly\AppData\Local\Adobe
O43 - CFD: 11/05/2014 - 11:09:53 - [] -SH-D C:\Users\Kelly\AppData\Local\Application Data
O43 - CFD: 16/05/2014 - 21:52:49 - [] -SH-D C:\Users\Kelly\AppData\Local\EmieSiteList
O43 - CFD: 16/05/2014 - 21:52:49 - [] -SH-D C:\Users\Kelly\AppData\Local\EmieUserList
O43 - CFD: 19/05/2014 - 09:48:59 - [] ----D C:\Users\Kelly\AppData\Local\globalUpdate
O43 - CFD: 21/05/2014 - 18:59:08 - [] ----D C:\Users\Kelly\AppData\Local\Google
O43 - CFD: 11/05/2014 - 11:09:53 - [] -SH-D C:\Users\Kelly\AppData\Local\History
O43 - CFD: 18/09/2014 - 18:00:07 - [] ----D C:\Users\Kelly\AppData\Local\LPT =>Adware.Incredibar
O43 - CFD: 26/05/2014 - 19:32:05 - [] ----D C:\Users\Kelly\AppData\Local\Microsoft
O43 - CFD: 21/05/2014 - 19:02:27 - [] ----D C:\Users\Kelly\AppData\Local\Programs
O43 - CFD: 21/05/2014 - 19:02:06 - [] ----D C:\Users\Kelly\AppData\Local\SearchProtect =>PUP.SearchProtect
O43 - CFD: 18/09/2014 - 18:00:02 - [] ----D C:\Users\Kelly\AppData\Local\Smartbar =>Hijacker.SmartBar
O43 - CFD: 18/09/2014 - 19:01:51 - [] ----D C:\Users\Kelly\AppData\Local\Temp
O43 - CFD: 11/05/2014 - 11:09:53 - [] -SH-D C:\Users\Kelly\AppData\Local\Temporary Internet Files
O43 - CFD: 11/05/2014 - 11:09:54 - [0] ----D C:\Users\Kelly\AppData\Local\VirtualStore
O43 - CFD: 18/09/2014 - 18:05:21 - [] ----D C:\Users\Kelly\AppData\Local\WebPlayer
O43 - CFD: 14/07/2009 - 06:42:04 - [] R---D C:\Users\Kelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 13/08/2014 - 18:53:37 - [] R---D C:\Users\Kelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 14/07/2009 - 06:37:42 - [] R---D C:\Users\Kelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 12/08/2014 - 22:19:27 - [0] ----D C:\Users\Kelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
O43 - CFD: 13/08/2014 - 18:53:37 - [] R---D C:\Users\Kelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
~ Program Folder: 92 Scanned in 00mn 00s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.A1563AAE57D81CF27B9BEC2587452B6C] - 10/09/2014 - 17:51:16 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerApp.exe [701104]
O44 - LFC:[MD5.261DBD3E1F37FFF94BEE334AF84CA77E] - 10/09/2014 - 17:51:16 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [71344]
O44 - LFC:[MD5.79896A78039C9A63C56197843CFBAD0B] - 10/09/2014 - 20:58:25 ---A- . (.Microsoft Corporation - Direct3D 10 Rasterizer.) -- C:\Windows\System32\d3d10warp.dll [1987584]
O44 - LFC:[MD5.DCA0AC63EF309E17BEEDE8D90622285F] - 10/09/2014 - 20:58:27 ---A- . (.Microsoft Corporation - LSA Server DLL.) -- C:\Windows\System32\lsasrv.dll [1059840]
O44 - LFC:[MD5.1B85FA0D0A93C011B76678733F39DB6C] - 10/09/2014 - 20:58:28 ---A- . (.Microsoft Corporation - Kerberos Security Package.) -- C:\Windows\System32\kerberos.dll [550912]
O44 - LFC:[MD5.A8DDB7ACB122FC36FF0D7C9B3099A380] - 10/09/2014 - 20:58:38 ---A- . (.Microsoft Corporation - RemoteApp and Desktop Connection Component.) -- C:\Windows\System32\TSWorkspace.dll [793600]
O44 - LFC:[MD5.2A66E81AE941E54A237490FC35D387C8] - 10/09/2014 - 21:56:23 ---A- . (...) -- C:\Windows\epplauncher.mif [1945]
O44 - LFC:[MD5.2C0A9EF6FC654087748406F6D45AF620] - 10/09/2014 - 21:56:43 ---A- . (.Microsoft Corporation - Microsoft Windows Malicious Software Remova.) -- C:\Windows\System32\MRT.exe [98758480]
O44 - LFC:[MD5.2413D2216D08FAF7D7178D9E0B481AEB] - 10/09/2014 - 22:02:04 ---A- . (.Microsoft Corporation - Microsoft DTV-DVD Video Decoder.) -- C:\Windows\System32\msmpeg2vdec.dll [2285056]
O44 - LFC:[MD5.A3560FAFC1686D5EE9830B33B5C74B66] - 10/09/2014 - 22:02:34 ---A- . (.Microsoft Corporation - Internet Browser.) -- C:\Windows\System32\ieframe.dll [11769856]
O44 - LFC:[MD5.7BF1CE9240CB9DD27C3E30733176EB8E] - 10/09/2014 - 22:02:35 ---A- . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll [17455104]
O44 - LFC:[MD5.6A3A809CA7A8F40C89E6F1D301898A66] - 10/09/2014 - 22:02:36 ---A- . (.Microsoft Corporation - Internet Control Panel.) -- C:\Windows\System32\inetcpl.cpl [2014208]
O44 - LFC:[MD5.77B7DDF91F3ED2CDB6CF60224EE13433] - 10/09/2014 - 22:02:36 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\System32\jscript9.dll [4232704]
O44 - LFC:[MD5.41010A88B70A2168F801DC19EBD4CB4F] - 10/09/2014 - 22:02:36 ---A- . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll [1190400]
O44 - LFC:[MD5.D58988722C72D265B51A54103DFC2C6F] - 10/09/2014 - 22:02:37 ---A- . (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\Windows\System32\wininet.dll [1812992]
O44 - LFC:[MD5.FD96C05DE700F5FD26273D6DDB6495A7] - 10/09/2014 - 22:02:37 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\System32\iertutil.dll [2185728]
O44 - LFC:[MD5.E16EA38E5E98E485BE566738367AF16F] - 10/09/2014 - 22:02:39 ---A- . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe [673792]
O44 - LFC:[MD5.8D4FCAB2643DFEF68040B70F1EDCCBC5] - 10/09/2014 - 22:02:39 ---A- . (.Microsoft Corporation - IEAK branding.) -- C:\Windows\System32\iedkcs32.dll [327872]
O44 - LFC:[MD5.074646C5A979DE79133DE4A8530A9C5D] - 10/09/2014 - 22:02:39 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [603136]
O44 - LFC:[MD5.24225D0B94B800F4A78A0AC08E7FA4AE] - 10/09/2014 - 22:02:39 ---A- . (.Microsoft Corporation - Microsoft Spell Checking Facility.) -- C:\Windows\System32\MsSpellCheckingFacility.exe [646144]
O44 - LFC:[MD5.AA595171932ACC79DA9851067DCBDABF] - 10/09/2014 - 22:02:40 ---A- . (.Microsoft Corporation - Extended RunOnce processing with UI.) -- C:\Windows\System32\iernonce.dll [32768]
O44 - LFC:[MD5.5074835337862817DB3726558D0908DE] - 10/09/2014 - 22:02:40 ---A- . (.Microsoft Corporation - IE ETW Collector Proxy Stub Resources.) -- C:\Windows\System32\ieetwproxystub.dll [51200]
O44 - LFC:[MD5.95D7609E05218407071E353800581BF2] - 10/09/2014 - 22:02:40 ---A- . (.Microsoft Corporation - IE ETW Collector Service.) -- C:\Windows\System32\ieetwcollector.exe [108032]
O44 - LFC:[MD5.77F79126444896B5867E6761490735B8] - 10/09/2014 - 22:02:40 ---A- . (.Microsoft Corporation - JavaScript Performance Collection Agent.) -- C:\Windows\System32\JavaScriptCollectionAgent.dll [60416]
O44 - LFC:[MD5.88EBB8526981D03C5777AB0A4AEBA8B4] - 10/09/2014 - 22:02:40 ---A- . (.Microsoft Corporation - Microsoft (R) HTML Media DLL.) -- C:\Windows\System32\mshtmlmedia.dll [1068032]
O44 - LFC:[MD5.4F2EDC301EC63F803C0FDB6CC87EDA24] - 10/09/2014 - 22:02:40 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\System32\vbscript.dll [454656]
O44 - LFC:[MD5.42F6F28D4885505F687CAF0459FF9F90] - 10/09/2014 - 22:02:41 ---A- . (.Microsoft Corporation - IE 7.0 Unattended Install Utility.) -- C:\Windows\System32\ieUnatt.exe [112128]
O44 - LFC:[MD5.D603AC77E17E5B9583E382F2EE0381A7] - 10/09/2014 - 22:02:41 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll [43008]
O44 - LFC:[MD5.1D8C086A39B9794D7131384586811B25] - 10/09/2014 - 22:02:41 ---A- . (.Microsoft Corporation - Microsoft SmartScreen Filter.) -- C:\Windows\System32\ieapfltr.dll [678400]
O44 - LFC:[MD5.13C2C87C35E52AAB1B439FB2E26DF2DE] - 10/09/2014 - 22:02:41 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll [69632]
O44 - LFC:[MD5.AE7BCEA48C8AE4C1A26A2A26C94DD29D] - 10/09/2014 - 22:02:42 ---A- . (.Microsoft Corporation - IE ETW Collector Service Resources.) -- C:\Windows\System32\ieetwcollectorres.dll [4096]
O44 - LFC:[MD5.CC8F34B345DA638D77BB48C035DA628D] - 10/09/2014 - 22:02:42 ---A- . (.Microsoft Corporation - Internet Ratings and Local User Management.) -- C:\Windows\System32\msrating.dll [164864]
O44 - LFC:[MD5.2E2E40E5D92EEA979548E307C5781038] - 10/09/2014 - 22:02:42 ---A- . (.Microsoft Corporation - Microsoft ® JScript Diagnostics.) -- C:\Windows\System32\jscript9diag.dll [597504]
O44 - LFC:[MD5.6DD476318F524D2DCB73AFEB2EE27B4A] - 10/09/2014 - 22:02:43 ---A- . (.Microsoft Corporation - DAC for Trident DOM.) -- C:\Windows\System32\MshtmlDac.dll [61952]
O44 - LFC:[MD5.297EF1AB73B8FCE76BCA1365C2E49AFC] - 10/09/2014 - 22:02:43 ---A- . (.Microsoft Corporation - Internet Explorer UI Engine.) -- C:\Windows\System32\ieui.dll [440320]
O44 - LFC:[MD5.E3D7B3F64C30994409BDF8E48048A854] - 10/09/2014 - 22:02:43 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb [2724864]
O44 - LFC:[MD5.7C3D593AB1E2F5E5687D97772EF99AC7] - 10/09/2014 - 22:02:44 ---A- . (.Microsoft Corporation - IOD Version Map.) -- C:\Windows\System32\iesetup.dll [61952]
O44 - LFC:[MD5.084839DFAA67C3D5E7D41E1F57B6F299] - 18/09/2014 - 17:27:49 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.D74E3C688AA4F552EB9F55CB8EA67170] - 18/09/2014 - 17:27:53 ---A- . (...) -- C:\Windows\setupact.log [56]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 18/09/2014 - 17:27:53 ---A- . (...) -- C:\Windows\setuperr.log [0]
O44 - LFC:[MD5.E8D658C2DB612B60ACCF53FA509937C8] - 18/09/2014 - 17:30:50 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1122538]
O44 - LFC:[MD5.D54CCA2EC8A73DA405073C667F9143BA] - 18/09/2014 - 17:32:13 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [781298]
O44 - LFC:[MD5.71D197B7AB3EF824BC3FAE75F5037EC2] - 18/09/2014 - 17:32:13 ---A- . (...) -- C:\Windows\System32\perfc009.dat [121596]
O44 - LFC:[MD5.730C718C11EAFB83F13F32D0FDE0F3C4] - 18/09/2014 - 17:32:13 ---A- . (...) -- C:\Windows\System32\perfh009.dat [653724]
O44 - LFC:[MD5.11423EFD825011A0F5EC76D89D0C89A1] - 5/09/2014 - 02:47:39 ---A- . (.Microsoft Corporation - Application Experience Program Inventory Co.) -- C:\Windows\System32\aeinv.dll [302592]
O44 - LFC:[MD5.7D11D2B186C369E39D3B3759AE2775CE] - 5/09/2014 - 02:52:10 ---A- . (.Microsoft Corporation - Program Compatibility Data Updater.) -- C:\Windows\System32\aepdu.dll [445952]
~ Files: 48 Scanned in 00mn 20s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.752158011342D6572539AEBFC3376061] - 18/09/2014 - 17:01:46 ---A- - C:\Windows\Prefetch\PODOWEB.MG.EXE-000191E4.pf =>PUP.PodoWeb
O45 - LFCP:[MD5.A3F8B1E01B9C5BB772E1471C054E3A72] - 18/09/2014 - 17:35:23 ---A- - C:\Windows\Prefetch\SHSETUP.EXE-4266F042.pf =>Crapware.SpyHunter
O45 - LFCP:[MD5.D2F2CF10EEEA029C97114391B2252192] - 18/09/2014 - 17:01:00 ---A- - C:\Windows\Prefetch\SMT_ISTARTSURF.EXE-862B1F40.pf =>PUP.IsStart
O45 - LFCP:[MD5.3AD36E68500EF0522B0716B5C5749A5A] - 18/09/2014 - 17:07:09 ---A- - C:\Windows\Prefetch\SNAPDO.EXE-72A3A99D.pf =>Hijacker.SmartBar
O45 - LFCP:[MD5.C5049257E6DDB834837AB4772965A8E5] - 18/09/2014 - 17:34:55 ---A- - C:\Windows\Prefetch\SPYHUNTER-INSTALLER (1).EXE-3DF4661C.pf =>Crapware.SpyHunter
O45 - LFCP:[MD5.D6B67336091E3289DC5E7E5BD95CBCD8] - 18/09/2014 - 17:01:46 ---A- - C:\Windows\Prefetch\SUPIEPLUGINSERVICEUPDATE.EXE-82CE61E6.pf =>PUP.IePluginService
O45 - LFCP:[MD5.D4D4C2C5BB47EE538C5F6A68A11B88EE] - 18/09/2014 - 17:01:43 ---A- - C:\Windows\Prefetch\SUPTAB_V5.8.8.777_NOBLANK.EXE-134EFAD6.pf =>PUP.SupTab
O45 - LFCP:[MD5.335C1ACC44204C6D17B086EE0D346828] - 18/09/2014 - 17:05:21 ---A- - C:\Windows\Prefetch\WEBPLAYER.EXE-FDB9C5BB.pf =>Adware.SocialSkinz
O45 - LFCP:[MD5.E007C94C0346E61830A7A8CDE7600C1F] - 18/09/2014 - 17:01:37 ---A- - C:\Windows\Prefetch\WPM_V20.0.0.722.EXE-867E6EC2.pf =>PUP.WpManager
~ Prefetcher: 9 Scanned in 00mn 00s
---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Windows Security Configuration Editor Client Engine.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Kerberos Security Package.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
~ LSA: 8 Scanned in 00mn 00s
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Serial Mouse Filter Driver.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Serial Mouse Filter Driver.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s
---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 3 Scanned in 00mn 00s
---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Scanned in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422976]
O58 - SDL:14/07/2009 - 02:26:17 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [297552]
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\Drivers\adpu320.sys [146512]
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [14400]
O58 - SDL:11/03/2011 - 06:38:37 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [80256]
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows fa.) -- C:\Windows\System32\Drivers\amdsbs.sys [159312]
O58 - SDL:11/03/2011 - 06:38:37 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [22400]
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [76368]
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [86608]
O58 - SDL:13/07/2009 - 23:02:49 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\Drivers\b57nd60x.sys [229888]
O58 - SDL:13/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [13568]
O58 - SDL:13/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [5248]
O58 - SDL:14/07/2009 - 01:57:25 ---A- . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [272128]
O58 - SDL:13/07/2009 - 23:53:32 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.
A voir également:
- Comment virer snap.do et istartstuf
- Comment faire un virement paypal - Guide
- Comment virer ecran ordinateur - Guide
- Comment virer quelqu'un d'un groupe snap ✓ - Forum Snapchat
- Comment faire un virement anonyme ✓ - Forum Consommation & Internet
- Retirer quelqu'un d'une conversation ✓ - Forum Skype
1 réponse
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 634
18 sept. 2014 à 19:36
18 sept. 2014 à 19:36
Salut,
Tu as installé des adwares et programmes parasites sur ton PC qui ouvrent des publicités et ralentissent l'ordinateur et les navigateurs WEB.
Voici la procédure à suivre pour les supprimer :
Télécharge https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start= AdwCleaner ( d'Xplode ) sur ton bureau.
Sur la page d'AdwCleaner, à droite, clic sur la disquette grise avec la flèche verte pour lancer le téléchargement.
Lance AdwCleaner, clique sur [Scanner].
Le scan peux durer plusieurs minutes, patienter.
Une fois le scan terminé, clique sur [Nettoyer]
Une fois le nettoyage terminé, un rapport s'ouvrira. Copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller.
Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
* Internet Explorer et modules complémentaires / moteurs de recherche : https://forum.malekal.com/viewtopic.php?t=41399&start=
* Firefox : https://www.malekal.com/reparer-firefox/?t=36057&start=
* Google Chrome : https://www.malekal.com/reparer-google-chrome/?t=35837&start=
Tu as installé des adwares et programmes parasites sur ton PC qui ouvrent des publicités et ralentissent l'ordinateur et les navigateurs WEB.
Voici la procédure à suivre pour les supprimer :
Télécharge https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start= AdwCleaner ( d'Xplode ) sur ton bureau.
Sur la page d'AdwCleaner, à droite, clic sur la disquette grise avec la flèche verte pour lancer le téléchargement.
Lance AdwCleaner, clique sur [Scanner].
Le scan peux durer plusieurs minutes, patienter.
Une fois le scan terminé, clique sur [Nettoyer]
Une fois le nettoyage terminé, un rapport s'ouvrira. Copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller.
Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
* Internet Explorer et modules complémentaires / moteurs de recherche : https://forum.malekal.com/viewtopic.php?t=41399&start=
* Firefox : https://www.malekal.com/reparer-firefox/?t=36057&start=
* Google Chrome : https://www.malekal.com/reparer-google-chrome/?t=35837&start=
