Vous pensez être infecté, des pubs s'affichent quand vous naviguez sur internet ?
Perte de données, ralentissement système, virus USB ?
Désinfectez votre ordinateur gratuitement !
Avatar du membre
par lilidurhone
#25155
C'est bientôt fini j'imagine?
Oui ;)

Mais on continue ;)
  • Télécharge Junkware Removal Tool (de thisisu) sur ton bureau.
  • Lance Junkware Removal Tool, exécuter en tant qu'administrateur sous Windows : 7/8 et Vista
  • Appuie sur n'importe quelle touche.

    Image
  • Une fois le scan terminé rends toi sur le bureau, le fichier JRT.txt à  été créé.
  • Héberge le rapport JRT.txt surSosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum
Avatar du membre
par Telma
#27349
Bonjour,
Bonne année 2014 !!! J'espère que vos fêtes de fin d'année se sont bien passées!

Je n'avais pas vu la suite... (elle était passé en page 3!)

Voici le rapport suivant :
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Marie-Estelle on 11/01/2014 at 11:21:13,10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\offerbox
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\features\5b4758c25396ecf468e04f8e063287ff
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\5b4758c25396ecf468e04f8e063287ff
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{6D540A73-45F2-42EA-9A77-5480E8862382}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{A863C3BD-F069-4CAC-9E4B-700F62C643D2}



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Marie-Estelle\appdata\local\{15D4D0A1-49A8-4851-9907-10BACB6F1303}
Successfully deleted: [Empty Folder] C:\Users\Marie-Estelle\appdata\local\{453CE504-5D28-429C-866C-8AD7825CB139}
Successfully deleted: [Empty Folder] C:\Users\Marie-Estelle\appdata\local\{6D955F4C-D154-42C3-B7F8-30FE03D3DAE3}
Successfully deleted: [Empty Folder] C:\Users\Marie-Estelle\appdata\local\{7A0ECB45-5A94-4213-B567-8BBB2830D81D}



~~~ FireFox

Emptied folder: C:\Users\Marie-Estelle\AppData\Roaming\mozilla\firefox\profiles\3dhaobu0.default\minidumps [96 files]



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Marie-Estelle\appdata\local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11/01/2014 at 11:28:25,18
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


sinon j''ai une autre question par rapport à  mmon nouvel ordi que j'ai eu à  Noà«l... c'est un acer aspire, avec la mise à  jour de windows 8.1 le pc ne sort plus de veille, l'écran reste noir... j'ai vu sur un forum que c'était un pb de mise à  jour de carte graphique mais je n'ai pas trouvé ce qu'il fallait faire exactement -_-
si vous pouviez encore m'aider ce serait merveilleux

:merci2:
Avatar du membre
par Telma
#27546
voici le nouveau rapport ZHPDiag

~ Rapport de ZHPDiag v2013.12.26.23 - Nicolas Coolman (26/12/2013)
~ Lancé par Marie-Estelle (12/01/2014 12:44:49)
~ Adresse du Site Web http://nicolascoolman.webs.com" onclick="window.open(this.href);return false;
~ Forums gratuits d'Assistance à  la désinfection : http://nicolascoolman.webs.com/apps/links/" onclick="window.open(this.href);return false;
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC):


---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 26.0 (Defaut)
GCIE: Google Chrome v31.0.1650.63
OBIE: Safari v5.31.22.7

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Vista (TM) Home Premium, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : WQD8Q
Windows License : OK
Windows Automatic Updates : OK

---\\ Logiciels de protection du système
Avira Free Antivirus v14.0.2.286

---\\ Logiciels d'optimisation du système
CCleaner v3.17 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 21

---\\ Informations sur le système
~ Processor: x86 Family 17 Model 3 Stepping 1, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3069 MB (54% free)
System Restore: Activé (Enable)
System drive C: has 58 GB (25%) free of 224 GB

---\\ Mode de connexion au système
~ Computer Name: PC-MARIE-ESTELL
~ User Name: Marie-Estelle
~ All Users Names: Marie-Estelle, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Marie-Estelle\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Marie-Estelle\AppData\Roaming\
~ %Desktop% : C:\Users\Marie-Estelle\Desktop\
~ %Favorites% : C:\Users\Marie-Estelle\Favorites\
~ %LocalAppData% : C:\Users\Marie-Estelle\AppData\Local\
~ %StartMenu% : C:\Users\Marie-Estelle\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 58 Go of 224 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 9 Go)
E: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
~ Security Center: 45 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:23:42.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.4CC9DF09C3D915BA0A101A11DB684F26] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.14/11/2013 - 23:42:41.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:23:20.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:24:25.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:24:55.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:23:01.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/1055
~ Mes musiques (My Musics) : 123/2452
~ Mes Videos (My Videos) : 1/38
~ Mes Favoris (My Favorites) : 49/120
~ Mes Documents (My Documents) : 4/9525
~ Mon Bureau (My Desktop) : 1/1383
~ Menu demarrer (Programs) : 1/36
~ Hidden Files: Scanned in 00mn 12s



---\\ Processus lancés
[MD5.94444693EA13A72F6820DFF844A1122E] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176] [PID.3676]
[MD5.CF9DB56F71BC9738DE7F2A808EAAD124] - (.CyberLink Corp. - HP QuickPlay Resident Program.) -- C:\Program Files\HP\QuickPlay\QPService.exe [468264] [PID.3708]
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.3716]
[MD5.6FC398F279D5F5E53E61683B5450195D] - (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe [202032] [PID.3728]
[MD5.544C1EF07AEC178A83538A251A72CE13] - (. Hewlett-Packard Development Company, L.P. - HP QuickTouch On Screen Display.) -- C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [554288] [PID.3736]
[MD5.8CB896C573FD15AE8B13180DA53E93D2] - (.Hewlett-Packard Development Company, L.P. - HPWAMain Module.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752] [PID.3752]
[MD5.95D0EA1BECAD6D781C3D09AEC1295E8F] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208] [PID.3776]
[MD5.52D28AE9E168BA60F2DFA00EDD101B14] - (.Research In Motion Limited - Launch Agent Service.) -- C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [79192] [PID.3784]
[MD5.F4A92F112DF5A27C542EC0C0B41ABAEF] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [309688] [PID.3840]
[MD5.DD231039B13EC2ABDE315D76E658EF0E] - (.Avira Operations GmbH & Co. KG - Antivirus System Tray Tool (Desktop).) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [684600] [PID.3848]
[MD5.BF9C0C31202259D2BE2B7072499504CE] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe [458844] [PID.3868]
[MD5.6CF023F0A798C56599B8EA9FF9F083A0] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2289664] [PID.3900]
[MD5.ABB1700E36617799F044FB3437AB6A91] - (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\Kies.exe [968120] [PID.4024]
[MD5.D24B30B55A3E3BB9040957D79D78EB46] - (.Samsung - KiesPDLR.) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1104824] [PID.4064]
[MD5.8D07F0687318214A3CEF62EA1048D101] - (.Hewlett-Packard Development Company, L.P. - Module to process WiFi messages..) -- C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.exe [316720] [PID.4948]
[MD5.1EDC4865C8003A0251956835273904B1] - (.Pas de propriétaire - HpqToaster Module.) -- C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe [685360] [PID.5020]
[MD5.3E802CE450D0E7A234978E9A2EA4772A] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.exe [107816] [PID.5196]
[MD5.E433210DD9F9EF43D4D170E52FFFF116] - (.Microsoft Corporation - Microsoft Word.) -- C:\Program Files\Microsoft Office\Office14\WINWORD.exe [1423008] [PID.3556]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.5300]
[MD5.1EEA6C1B35191DC177EA83672B9C3FC0] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [275568] [PID.5688]
[MD5.870DF389D7676EDBB635141336A867C6] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8302080] [PID.2084]
[MD5.0DD74786D22EDFF0CE5B8E1B1E398618] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [18544] [PID.5332]
[MD5.5D60EE718D0C708D69DFF4B3336B68BF] - (.Adobe Systems, Inc. - Adobe Flash Player 11.9 r900.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe [1862536] [PID.2792]
[MD5.05AE358CD777BF8857F512A18E1DE7AA] - (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe [221266] [PID.1168]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1360]
[MD5.C0BEB56ED79B59B7B33D0AA6C38A0BA6] - (.Hewlett-Packard Company - HpService.) -- C:\Windows\system32\Hpservice.exe [26168] [PID.1472]
[MD5.FE79366FECD444A16CCA9979134DBEA8] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376] [PID.1840]
[MD5.23C3A0680042C0D1DE1F360F8B62BC57] - (.Microsoft Corporation - Infrastructure d'extensibilité pour les ser.) -- C:\Windows\system32\WLANExt.exe [74240] [PID.1852]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.356]
[MD5.827DBC22C96EECF6D36A13162FABAFD3] - (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\aestsrv.exe [81920] [PID.476]
[MD5.FDE9C7030FB1E9E2715E113EE6A10F90] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376] [PID.468]
[MD5.F401929EE0CC92BFE7F15161CA535383] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184] [PID.560]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.848]
[MD5.984ECB68ED2A2B2E6A544E87E24FBA2D] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728] [PID.1288]
[MD5.026D1FA4033B82F18B99E44351D7E82E] - (.Pas de propriétaire - CLCapSvc Module.) -- C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [292248] [PID.2104]
[MD5.B9570481A1BABCC4A9E941C553596077] - (.Pas de propriétaire - Application MFC STServices.) -- C:\Windows\SMINST\BLService.exe [341328] [PID.2164]
[MD5.17E0BEF5CA5C9CE52CC8082AC6EBC449] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024] [PID.2224]
[MD5.6F1E9AB820B3DD8BD38C0190A206205D] - (.Avira Operations GmbH & Co. KG - AntiVir shadow copy service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [431672] [PID.3880]
[MD5.A1545B731579895D8CC44FC0481C1192] - (.Microsoft Corporation - Service de la passerelle de la couche Appli.) -- C:\Windows\System32\alg.exe [59392] [PID.2832]
[MD5.D50FDAD1E57AA60F1973CFC77D905F0E] - (.Hewlett-Packard Development Company, L.P. - hpqwmiex Module.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [148832] [PID.4848]
[MD5.7795F8CEBC284A426B53F541E538695F] - (.Hewlett-Packard Development Company, L.P. - Com for QLB application.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [193840] [PID.4976]
[MD5.A19B0BB5A7EB6DF2DD4A0711D36955EE] - (.Hewlett-Packard - HP Health Check Service.) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208] [PID.5880]
[MD5.358A9CCA612C68EB2F07DDAD4CE1D8D7] - (.Microsoft Corporation - Microsoft Office Software Protection Platfo.) -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.exe [4640000] [PID.5840]
~ Processes Running: Scanned in 00mn 02s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Marie-Estelle\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://www.google.com" onclick="window.open(this.href);return false;
G2 - GCE: Preference [User Data\Default] [ndibdjnfmopecpmkdieinmbadjfpblof] AVG Secure Search v.15.5.0.2 (Désactivé) =>Toolbar.AVGSearch
G2 - GCE: Preference [User Data\Default] [pflphaooapbgpeakohlggbpidpppgdff] MySearchDial Nouvel onglet v.9.4.4 (Désactivé) =>Adware.MyWebSearch
~ Google Browser: 15 Legitimates Filtered in 00mn 03s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Marie-Estelle\AppData\Roaming\Mozilla\Firefox\Profiles\3dhaobu0.default\prefs.js
M2 - MFEP: prefs.js [Marie-Estelle - 3dhaobu0.default\@FissaPlugin] [] Fissa v1.0 (..) =>PUP.OfferBox
M2 - MFEP: prefs.js [Marie-Estelle - 3dhaobu0.default\zigboom.designs@gmail.com] [] BlackFox V2-Blue v2.1.6 (..)
~ Firefox Browser: 38 Legitimates Filtered in 00mn 01s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1
~ IE Browser: 12 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{A057A204-BACC-4D26-9E83-2DB586E27190} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{472734EA-242A-422B-ADF8-83D1E48CC825} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Aide et Support d'HP.lnk . (.Hewlett-Packard - HPHS Launcher.) -- C:\Windows\Help\OEM\scripts\HPHS_Launcher.exe
O4 - GS\Desktop [Public]: HP Total Care Advisor.lnk . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - GS\Desktop [Public]: Octave.lnk . (...) -- C:\Program Files\Octave\3.0.5_gcc-4.3.0\bin\octave-3.0.5.exe
O4 - GS\Program [Public]: cellule_3D.lnk . (...) -- C:\Program Files\planetes3D\planet3D.exe
O4 - GS\Program [Public]: HP Total Care Advisor.lnk . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Pour les enfants.lnk . (.EasyBits Software AS - For Kids.) -- C:\Program Files\EasyBits For Kids\Promo\ezKidsReady.exe =>.EasyBits Software AS
O4 - GS\Program [Public]: QuickPlay Manager.lnk . (.CyberLink Corp. - HP QuickPlay Manage Program.) -- C:\Program Files\HP\QuickPlay\QPManager.exe
O4 - GS\Program [Public]: QuickPlay.lnk . (.CyberLink Corp. - HP QuickPlay.) -- C:\Program Files\HP\QuickPlay\QP.exe
O4 - GS\Program [Public]: Starzik Download Manager.lnk . (...) -- C:\Program Files\Starzik Download Manager\Starzik Download Manager.exe
O4 - GS\QuickLaunch [Marie-Estelle]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [Marie-Estelle]: Mozilla Firefox (2).lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [Marie-Estelle]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [Marie-Estelle]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Marie-Estelle]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Marie-Estelle]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Marie-Estelle]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Marie-Estelle]: planete3D.lnk . (...) -- C:\Program Files\planetes3D\planet3D.exe
~ Global Startup: 72 Legitimates Filtered in 00mn 01s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] . (.CyberLink Corp. - HP QuickPlay Resident Program.) -- C:\Program Files\HP\QuickPlay\QPService.exe
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] . (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
O4 - HKLM\..\Run: [OnScreenDisplay] . (. Hewlett-Packard Development Company, L.P. - HP QuickTouch On Screen Display.) -- C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] . (.Hewlett-Packard Development Company, L.P. - HPWAMain Module.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] . (.Hewlett-Packard - HP Health Check Scheduler.) -- c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] . (.Research In Motion Limited - Launch Agent Service.) -- C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics Co
O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Antivirus System Tray Tool (Desktop).) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\Kies.exe
O4 - HKCU\..\Run: [KiesAirMessage] . (.Samsung Electronics - Pas de description.) -- C:\Program Files\Samsung\Kies\KiesAirMessage.exe
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-21-1917961054-784476770-3265431197-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1917961054-784476770-3265431197-1000\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
O4 - HKUS\S-1-5-21-1917961054-784476770-3265431197-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-1917961054-784476770-3265431197-1000\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\Kies.exe
O4 - HKUS\S-1-5-21-1917961054-784476770-3265431197-1000\..\Run: [KiesAirMessage] . (.Samsung Electronics - Pas de description.) -- C:\Program Files\Samsung\Kies\KiesAirMessage.exe
O4 - HKUS\S-1-5-21-1917961054-784476770-3265431197-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1917961054-784476770-3265431197-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à  OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{212736AF-65FB-4B36-80D0-E3E27259B6CB}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\..\{3434B8B3-FC47-4D27-9E78-6631641D3D74}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{212736AF-65FB-4B36-80D0-E3E27259B6CB}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CS1\Services\Tcpip\..\{3434B8B3-FC47-4D27-9E78-6631641D3D74}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{212736AF-65FB-4B36-80D0-E3E27259B6CB}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CS3\Services\Tcpip\..\{3434B8B3-FC47-4D27-9E78-6631641D3D74}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s



---\\ Tà¢ches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job [350]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job [350]
[MD5.00000000000000000000000000000000] [APT] [AVG-Secure-Search-Update_JUNE2013_HP_rmv] (...) -- C:\Windows\TEMP\{42442D61-6FB2-4A99-80CC-3EC4D9DAA021}.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [AVG-Secure-Search-Update_JUNE2013_TB_rmv] (...) -- C:\Windows\TEMP\{26E15C44-6DA3-4EC0-8164-B7DB49238A7F}.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{035CB9B0-6A3E-4FE4-ACA5-FD5D6152ED3F}] (...) -- E:\.\Autorun.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{04D6F92F-F963-48C0-9F4B-4511D0CE659E}] (...) -- C:\Program Files\AIM6\uninst.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{4B671E64-3D31-445D-9676-FDA18A328F2A}] (...) -- C:\Program Files\QuickTime\QTSystem\QuickTime.cpl" -c QuickTime (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{7AF94D5F-8C16-4F20-A002-9E0F874B8576}] (...) -- E:\.\Autorun.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{85943581-0889-40CE-AB2D-C77F3FA636B7}] (...) -- C:\Users\Marie-Estelle\Downloads\601_b021_multilanguage.exe (.not file.) [0]
~ Scheduled Task: 25 Legitimates Filtered in 00mn 05s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 18/11/2010 - 21:33:05 - [1,658] ----D C:\Program Files\planetes3D
O43 - CFD: 24/02/2010 - 10:33:36 - [1,760] ----D C:\Program Files\Spyware Doctor
O43 - CFD: 05/04/2011 - 10:38:07 - [0] --H-D C:\ProgramData\cJb31001dNaIa31001
~ Program Folder: 216 Legitimates Filtered in 01mn 01s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.6361D50FE0AD8ECC249D6A7CB37B514B] - 29/12/2013 - 20:20:07 ----- . (...) -- C:\UsbFix [Scan 1] PC-MARIE-ESTELL.txt [12880]
O44 - LFC:[MD5.5F8BDF657FD65DE8803D7C494611679C] - 29/12/2013 - 20:43:49 ----- . (...) -- C:\UsbFix [Scan 2] PC-MARIE-ESTELL.txt [13094]
O44 - LFC:[MD5.36A47F2E5C9049A2464D134386FFBF23] - 29/12/2013 - 21:15:53 ---A- . (...) -- C:\UsbFix [Clean 1] PC-MARIE-ESTELL.txt [17272]
O44 - LFC:[MD5.26B0F12F9A4C267AF5B2DA35F87A6EFA] - 30/12/2013 - 20:34:38 ---A- . (...) -- C:\Windows\System32\DOErrors.log [52]
~ Files: 12 Legitimates Filtered in 00mn 04s



---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\AppleSyncNotifier [Key] . (...) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Veoh [Key] . (...) -- C:\Program Files\Veoh Networks\Veoh\VeohClient.exe (.not file.)
~ SMSR Keys: 8 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ MWPS: 17 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "AllowLegacyWebView"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "AllowUnhashedWebView"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.6216FD7FD227DE454238A702B218CEC7] - 29/10/2012 - 12:09:26 ---A- . (.Devguru Co., Ltd - Device Error Recovery SDK(x86).) -- C:\Windows\System32\Drivers\dgderdrv.sys [20032]
O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 21/01/2008 - 03:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [342584]
O58 - SDL:[MD5.4CD6B056C5FD9E97C06FE74C81479517] - 24/01/2008 - 14:23:12 ---A- . (.ENE TECHNOLOGY INC. - ENE CIR Driver for eHome.) -- C:\Windows\System32\Drivers\enecir.sys [52736]
O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\System32\Drivers\iteatapi.sys [35944]
O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\System32\Drivers\iteraid.sys [35944]
O58 - SDL:[MD5.1FC8A7E5C3AED31F00940C6AB2FD9B49] - 31/07/2006 - 06:44:00 ---A- . (.Omnivision Technologies, Inc. - Stream Class Mini Driver.) -- C:\Windows\System32\Drivers\ov550i.sys [580992]
O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 27/07/2013 - 08:41:54 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\System32\Drivers\ssmdrv.sys [28520]
O58 - SDL:[MD5.6CC6C4B9D7B906A151AA094CA087B9F0] - 20/09/2012 - 05:35:36 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [83168]
O58 - SDL:[MD5.359FEE084F1173FFFFD7F9CCBD43D47F] - 20/09/2012 - 05:35:36 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [181344]
O58 - SDL:[MD5.E69A606872650B46DE54EC15DCC93529] - 21/07/2009 - 22:33:32 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\Drivers\stwrt.sys [409088]
O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 21/01/2008 - 03:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\System32\Drivers\uliahci.sys [238648]
O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\System32\Drivers\ulsata.sys [98408]
O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 21/01/2008 - 03:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\System32\Drivers\ulsata2.sys [115816]
O58 - SDL:[MD5.EAFE1E00739AFE6C51487A050E772E17] - 15/02/2012 - 10:01:50 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl.sys [43520]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 17 Legitimates Filtered in 00mn 05s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: UsbFix - (.El Desaparecido - http://www.usbfix.net" onclick="window.open(this.href);return false; - http://www.sosvirus.net.)" onclick="window.open(this.href);return false; [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files\Safari\Safari.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {114C8D1F-DE4F-4720-933A-00D3637B24BA} - (Google) - http://www.google.fr" onclick="window.open(this.href);return false;
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com" onclick="window.open(this.href);return false;
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à  la racine du système (SPRF) (O84)
[MD5.EFB2EE170955A1DC38485D66EB480174] [SPRF][29/11/2009] (...) -- C:\ProgramData\ezsid.dat [32]
[MD5.62309BE7E101E990C51687656571B41B] [SPRF][30/12/2013] (...) -- C:\Users\Marie-Estelle\AppData\Local\d3d9caps.dat [7620]
[MD5.F0A5B44B9B8A23E2F2950B346B5C7718] [SPRF][23/12/2013] (...) -- C:\Users\Marie-Estelle\AppData\Local\Temp\Quarantine.exe [360051]
[MD5.C5650C059185D351AEF801D90A93B0D7] [SPRF][27/04/2011] (...) -- C:\Users\Marie-Estelle\AppData\Roaming\wklnhst.dat [1166]
[MD5.1027DF7F909776789D9D1C2C30410166] [SPRF][28/01/2013] (...) -- C:\Users\Marie-Estelle\Desktop\OOo_3.3.0_Win_x86_install-wJRE_fr.exe [152474936]
[MD5.6F678556A6FCE04FC94F3435F6313705] [SPRF][25/12/2008] (...) -- C:\Windows\Downloaded Program Files\unagiuninst.exe [38428]
~ Files: 7 Legitimates Filtered in 00mn 05s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{8D1EEC39-0DB9-4591-97A8-8B8481061181}C:\program files\winamp\winamp.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\winamp\winamp.exe (.not file.)
O87 - FAEL: "UDP Query User{39F01690-A65D-4079-8BFD-DF83BBCDAC78}C:\program files\winamp\winamp.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\winamp\winamp.exe (.not file.)
O87 - FAEL: "TCP Query User{A7D07372-ADC0-4D00-8CB8-0A91F8EC5267}C:\program files\winamp\winamp.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\winamp\winamp.exe (.not file.)
O87 - FAEL: "UDP Query User{26BB64F8-EF4A-43A7-AD52-BAFC1227F783}C:\program files\winamp\winamp.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\winamp\winamp.exe (.not file.)
~ Firewall: 208 Legitimates Filtered in 00mn 02s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "EFE665B6D1CDF17439DD483862361F04" . (.OVT Scanner X86.) -- C:\Windows\Installer\{6B566EFE-DC1D-471F-93DD-84832663F140}\ARPPRODUCTICON.exe
~ Update Products: 118 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.899D66C970CC0581A87DD871DAEA812A] [WIS][06/03/2013] (.STARZIK INVEST - Starzik Download Manager.) -- C:\Windows\Installer\1533872.msi [48128]
[MD5.AA5F8DEF4C6C587D88EE5A7791B8D1D6] [WIS][06/06/2010] (.Secure Digital Services - OfferBox.) -- C:\Windows\Installer\4b06e9.msi [3062272] =>Adware.SPointer
~ WIS: 122 Legitimates Filtered in 00mn 14s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 12/12/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 21/12/2008 242424 | (GameConsoleService) . (.WildTangent, Inc..) - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
SS - | Auto 11/12/2009 133104 | (gupdate1ca7aad806c04f5) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 11/12/2009 133104 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Auto 31/10/2012 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 22/10/2004 73728 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
SS - | Demand 07/06/2012 821648 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Demand 22/12/2013 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 14/05/2008 116112 | (QPSched) . (...) - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
SS - | Auto 03/06/2013 162408 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe

SR - | Auto 10/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 02/03/2009 81920 | (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\aestsrv.exe
SR - | Auto 19/12/2013 440376 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 27/11/2013 440376 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 24/05/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Demand 03/04/2008 193840 | (Com4QLBEx) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
SR - | Auto 21/01/2008 21504 | C:\Windows\System32\ezsvc7.dll (ezSharedSvc) . (.EasyBits Sofware AS.) - C:\Windows\System32\svchost.exe
SR - | Auto 09/10/2008 94208 | (HP Health Check Service) . (.Hewlett-Packard.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
SR - | Demand 25/01/2008 148832 | (hpqwmiex) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
SR - | Auto 13/05/2011 26168 | (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe
SR - | Auto 26/02/2008 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 14/05/2008 292248 | (QPCapSvc) . (...) - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
SR - | Auto 26/03/2008 341328 | (Recovery Service for Windows) . (...) - C:\Windows\SMINST\BLService.exe
SR - | Auto 09/01/2007 272024 | (RichVideo) . (...) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
SR - | Auto 21/07/2009 221266 | (STacSV) . (.IDT, Inc..) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe
SR - | Auto 21/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 21/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 15s



---\\ Scan Additionnel (O88)
Database Version : 13013 - (26/12/2013)
Clés trouvées (Keys found) : 25
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 3
Fichiers trouvés (Files found) : 1

[HKLM\Software\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof] =>Toolbar.AVGSearch^
[HKLM\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff] =>Adware.MyWebSearch^
[HKCU\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}] =>Adware.DoubleD
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5B4758C25396ECF468E04F8E063287FF] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5B4758C25396ECF468E04F8E063287FF] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\48A0552292E14244E8F3980FD3D01541] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\503398D5204CBDD48A5EE476D0CFCFEC] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5BDF578D2C71DDC4997692F83B0A5C75] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\67909B00FA069BE4E80548738FE558FB] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\698B1BCDAEA97B945AE4001A96F1E755] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7E6611210321F8640B41F98B10A8BD0A] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ADFBDCA3E069A47B07ECC2CED1E2B2] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9ED6CAB2F119182EB7D8CE7156DC0915] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A3D6A80A87E22324A91C14AEBDF78525] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B2F30BE10C5A9DD43A593262265CA298] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1322A677E76161CFC67C36E4B6D42B49] =>PUP.Offerbox^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\281E074C2C4344E4A8BB2BAE65BE729B] =>PUP.Offerbox^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\51C83A2C2B5C63748ACD3028A6DD53A5] =>PUP.Offerbox^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8385B8BE0F211B245956C67BB4BAC17E] =>PUP.Offerbox^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9CC2018422A9EAF40A57249F42102B13] =>PUP.Offerbox^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AA606EFD77B9CB34BB2DA2F45B67425E] =>PUP.Offerbox^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B767C33B25DCECA4FAD0D3B7D84B0A8E] =>PUP.Offerbox^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA177F87B6B147649BD37D43B50863E5] =>PUP.Offerbox^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEF27165872C9BEAACED23660032D2F2] =>PUP.Offerbox^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFAEE3E72CC44004C998EBEE081CA40A] =>PUP.Offerbox^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:swg =>Toolbar.Google^
C:\Users\Marie-Estelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof =>Toolbar.AVGSearch^
C:\Users\Marie-Estelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff =>Adware.MyWebSearch^
C:\Users\Marie-Estelle\AppData\Roaming\Mozilla\Firefox\Profiles\3dhaobu0.default\extensions\@FissaPlugin =>PUP.OfferBox^
C:\Windows\Installer\4b06e9.msi =>Adware.SPointer^
~ Additionnel Scan: 431595 Items scanned in 00mn 38s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blo ... ywebsearch" onclick="window.open(this.href);return false; =>Adware.MyWebSearch
~ http://nicolascoolman.webs.com/apps/blo ... p-offerbox" onclick="window.open(this.href);return false; =>PUP.OfferBox
~ http://nicolascoolman.webs.com/apps/blo ... e-spointer" onclick="window.open(this.href);return false; =>Adware.SPointer
~ http://nicolascoolman.webs.com/apps/blo ... re-doubled" onclick="window.open(this.href);return false; =>Adware.DoubleD
~ MSI: 4 link(s) detected in 00mn 38s



~ 1240 Legitimates filtered by white list
End of the scan (546 lines in 03mn 19s)(0)
Avatar du membre
par lilidurhone
#27584
  • Télécharge MalwareBytes Anti-Malware
  • Installe le. Décoche "Activer l'essai gratuit de Malwarebytes Anti-Malware PRO"
  • Lance Malwarebytes' Anti-Malware.
  • Clic sur l'onglet "Mises à  jours" puis sur "Rechercher des mises à  jours"
  • Clic sur l'onglet "Recherche", coche "éxécuter un examen complet" puis clic sur Rechercher

    Image
  • A la fin de l'analyse, si MBAM n'a rien trouvé :
    • Clic sur OK, le rapport s'ouvre spontanément
  • Si des menaces ont été détectées :
    • Clic sur OK puis "Afficher les résultats"
    • Choisis l'option "Supprimer la sélection"
    • Si MBAM demande le redémarrage de Windows : Clic sur "Oui"
    • Une fois le PC redémarré, le rapport se trouve dans l'onglet "Rapports/Logs"
    • Sinon le rapport s'ouvre automatiquement après la suppression
    • Poste le rapport dans ta prochaine réponse
    Image
Avatar du membre
par Telma
#27733
Voici le rapport :

Malwarebytes Anti-Malware 1.75.0.1300
http://www.malwarebytes.org" onclick="window.open(this.href);return false;

Version de la base de données: v2014.01.12.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Marie-Estelle :: PC-MARIE-ESTELL [administrateur]

12/01/2014 15:28:43
mbam-log-2014-01-12 (15-28-43).txt

Type d'examen: Examen complet (C:\|D:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 549888
Temps écoulé: 4 heure(s), 29 minute(s), 41 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 1
HKCU\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Mis en quarantaine et supprimé avec succès.

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 2
C:\Users\Marie-Estelle\Downloads\Nouveau dossier\SoftonicDownloader_pour_core-temp.exe (PUP.OfferBundler.ST) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Marie-Estelle\Downloads\Nouveau dossier\mirc717.exe (PUP.Optional.OpenCandy) -> Mis en quarantaine et supprimé avec succès.

(fin)
Avatar du membre
par lilidurhone
#27758
  • Copies uniquement les lignes indiquées en gras ci-dessous dans le presse papier soit le bloc note(tu surlignes avec la souris puis clic droit copier de Script ZHPFix jusqu'à  la fin soit sysrestore)

    Script ZHPFix
    G2 - GCE: Preference [User Data\Default] [ndibdjnfmopecpmkdieinmbadjfpblof] AVG Secure Search v.15.5.0.2 (Désactivé) =>Toolbar.AVGSearch
    G2 - GCE: Preference [User Data\Default] [pflphaooapbgpeakohlggbpidpppgdff] MySearchDial Nouvel onglet v.9.4.4 (Désactivé) =>Adware.MyWebSearch
    M2 - MFEP: prefs.js [Marie-Estelle - 3dhaobu0.default\@FissaPlugin] [] Fissa v1.0 (..) =>PUP.OfferBox
    O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job [350]
    O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job [350]
    [MD5.00000000000000000000000000000000] [APT] [AVG-Secure-Search-Update_JUNE2013_HP_rmv] (...) -- C:\Windows\TEMP\{42442D61-6FB2-4A99-80CC-3EC4D9DAA021}.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [AVG-Secure-Search-Update_JUNE2013_TB_rmv] (...) -- C:\Windows\TEMP\{26E15C44-6DA3-4EC0-8164-B7DB49238A7F}.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{035CB9B0-6A3E-4FE4-ACA5-FD5D6152ED3F}] (...) -- E:\.\Autorun.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{04D6F92F-F963-48C0-9F4B-4511D0CE659E}] (...) -- C:\Program Files\AIM6\uninst.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{4B671E64-3D31-445D-9676-FDA18A328F2A}] (...) -- C:\Program Files\QuickTime\QTSystem\QuickTime.cpl" -c QuickTime (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{7AF94D5F-8C16-4F20-A002-9E0F874B8576}] (...) -- E:\.\Autorun.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{85943581-0889-40CE-AB2D-C77F3FA636B7}] (...) -- C:\Users\Marie-Estelle\Downloads\601_b021_multilanguage.exe (.not file.) [0]
    O43 - CFD: 24/02/2010 - 10:33:36 - [1,760] ----D C:\Program Files\Spyware Doctor
    O53 - SMSR:HKLM\...\startupreg\AppleSyncNotifier [Key] . (...) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (.not file.)
    O53 - SMSR:HKLM\...\startupreg\Veoh [Key] . (...) -- C:\Program Files\Veoh Networks\Veoh\VeohClient.exe (.not file.)
    O87 - FAEL: "TCP Query User{8D1EEC39-0DB9-4591-97A8-8B8481061181}C:\program files\winamp\winamp.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\winamp\winamp.exe (.not file.)
    O87 - FAEL: "UDP Query User{39F01690-A65D-4079-8BFD-DF83BBCDAC78}C:\program files\winamp\winamp.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\winamp\winamp.exe (.not file.)
    O87 - FAEL: "TCP Query User{A7D07372-ADC0-4D00-8CB8-0A91F8EC5267}C:\program files\winamp\winamp.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\winamp\winamp.exe (.not file.)
    O87 - FAEL: "UDP Query User{26BB64F8-EF4A-43A7-AD52-BAFC1227F783}C:\program files\winamp\winamp.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\winamp\winamp.exe (.not file.)
    [MD5.AA5F8DEF4C6C587D88EE5A7791B8D1D6] [WIS][06/06/2010] (.Secure Digital Services - OfferBox.) -- C:\Windows\Installer\4b06e9.msi [3062272] =>Adware.SPointer

    [HKLM\Software\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof] =>Toolbar.AVGSearch^
    [HKLM\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff] =>Adware.MyWebSearch^
    [HKCU\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}] =>Adware.DoubleD
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5B4758C25396ECF468E04F8E063287FF] =>PUP.OfferBox
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5B4758C25396ECF468E04F8E063287FF] =>PUP.OfferBox
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\48A0552292E14244E8F3980FD3D01541] =>PUP.OfferBox
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\503398D5204CBDD48A5EE476D0CFCFEC] =>PUP.OfferBox
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5BDF578D2C71DDC4997692F83B0A5C75] =>PUP.OfferBox
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\67909B00FA069BE4E80548738FE558FB] =>PUP.OfferBox
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\698B1BCDAEA97B945AE4001A96F1E755] =>PUP.OfferBox
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7E6611210321F8640B41F98B10A8BD0A] =>PUP.OfferBox
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ADFBDCA3E069A47B07ECC2CED1E2B2] =>PUP.OfferBox
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9ED6CAB2F119182EB7D8CE7156DC0915] =>PUP.OfferBox
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A3D6A80A87E22324A91C14AEBDF78525] =>PUP.OfferBox
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B2F30BE10C5A9DD43A593262265CA298] =>PUP.OfferBox
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1322A677E76161CFC67C36E4B6D42B49] =>PUP.Offerbox^
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\281E074C2C4344E4A8BB2BAE65BE729B] =>PUP.Offerbox^
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\51C83A2C2B5C63748ACD3028A6DD53A5] =>PUP.Offerbox^
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8385B8BE0F211B245956C67BB4BAC17E] =>PUP.Offerbox^
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9CC2018422A9EAF40A57249F42102B13] =>PUP.Offerbox^
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AA606EFD77B9CB34BB2DA2F45B67425E] =>PUP.Offerbox^
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B767C33B25DCECA4FAD0D3B7D84B0A8E] =>PUP.Offerbox^
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA177F87B6B147649BD37D43B50863E5] =>PUP.Offerbox^
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEF27165872C9BEAACED23660032D2F2] =>PUP.Offerbox^
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFAEE3E72CC44004C998EBEE081CA40A] =>PUP.Offerbox^
    [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:swg =>Toolbar.Google^
    C:\Users\Marie-Estelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof =>Toolbar.AVGSearch^
    C:\Users\Marie-Estelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff =>Adware.MyWebSearch^
    C:\Users\Marie-Estelle\AppData\Roaming\Mozilla\Firefox\Profiles\3dhaobu0.default\extensions\@FissaPlugin =>PUP.OfferBox^
    C:\Windows\Installer\4b06e9.msi =>Adware.SPointer^
    Sysrestore
  • Lances ZHPFix, exécuter en tant qu'administrateur sous Windows : 7/8 et Vista
    1. Clique sur Importer
    2. Puis Clic sur "GO"

    Image

    Image
  • Confirmes les nettoyages des données en cliquant sur "Oui"
  • Une fois le scan terminé rends toi sur le bureau, le fichier ZHPFixReport à  été crée.
  • Héberge le rapport ZHPFixReport sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse.
Avatar du membre
par Telma
#27776
Rapport de ZHPFix 2013.12.14.5 par Nicolas Coolman, Update du 06/12/2013
Fichier d'export Registre :
Run by Marie-Estelle at 12/01/2014 22:00:16
High Elevated Privileges : OK
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)

Corbeille vidée (07mn 57s)

========== Clés du Registre ==========
SUPPRIMà‰: StartupReg: AppleSyncNotifier
SUPPRIMà‰: StartupReg: Veoh
SUPPRIMà‰: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5B4758C25396ECF468E04F8E063287FF
SUPPRIMà‰: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5B4758C25396ECF468E04F8E063287FF
SUPPRIMà‰: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\48A0552292E14244E8F3980FD3D01541
SUPPRIMà‰: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\503398D5204CBDD48A5EE476D0CFCFEC
SUPPRIMà‰: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5BDF578D2C71DDC4997692F83B0A5C75
SUPPRIMà‰: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\67909B00FA069BE4E80548738FE558FB
SUPPRIMà‰: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\698B1BCDAEA97B945AE4001A96F1E755
SUPPRIMà‰: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7E6611210321F8640B41F98B10A8BD0A
SUPPRIMà‰: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ADFBDCA3E069A47B07ECC2CED1E2B2
SUPPRIMà‰: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9ED6CAB2F119182EB7D8CE7156DC0915
SUPPRIMà‰: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A3D6A80A87E22324A91C14AEBDF78525
SUPPRIMà‰: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B2F30BE10C5A9DD43A593262265CA298
SUPPRIMà‰: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1322A677E76161CFC67C36E4B6D42B49
SUPPRIMà‰: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\281E074C2C4344E4A8BB2BAE65BE729B
SUPPRIMà‰: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\51C83A2C2B5C63748ACD3028A6DD53A5
SUPPRIMà‰: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8385B8BE0F211B245956C67BB4BAC17E
SUPPRIMà‰: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9CC2018422A9EAF40A57249F42102B13
SUPPRIMà‰: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AA606EFD77B9CB34BB2DA2F45B67425E
SUPPRIMà‰: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B767C33B25DCECA4FAD0D3B7D84B0A8E
SUPPRIMà‰: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA177F87B6B147649BD37D43B50863E5
SUPPRIMà‰: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEF27165872C9BEAACED23660032D2F2
SUPPRIMà‰: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFAEE3E72CC44004C998EBEE081CA40A

========== Valeurs du Registre ==========
SUPPRIMà‰: TCP Query User{8D1EEC39-0DB9-4591-97A8-8B8481061181}C:\program files\winamp\winamp.exe
SUPPRIMà‰: UDP Query User{39F01690-A65D-4079-8BFD-DF83BBCDAC78}C:\program files\winamp\winamp.exe
SUPPRIMà‰: TCP Query User{A7D07372-ADC0-4D00-8CB8-0A91F8EC5267}C:\program files\winamp\winamp.exe
SUPPRIMà‰: UDP Query User{26BB64F8-EF4A-43A7-AD52-BAFC1227F783}C:\program files\winamp\winamp.exe
SUPPRIMà‰ [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:swg

========== Préférences navigateur ==========
SUPPRIMà‰ Folder Chrome: C:\Users\Marie-Estelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

========== Dossiers ==========
SUPPRIMà‰: C:\Users\Marie-Estelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
SUPPRIMà‰: C:\Users\Marie-Estelle\AppData\Roaming\Mozilla\Firefox\Profiles\3dhaobu0.default\extensions\@FissaPlugin
SUPPRIMà‰: C:\Program Files\Spyware Doctor

========== Fichiers ==========
SUPPRIMà‰: c:\users\marie-estelle\appdata\local\google\chrome\user data\default\preferences
SUPPRIMà‰: c:\windows\tasks\avg-secure-search-update_june2013_hp_rmv.job
SUPPRIMà‰: c:\windows\tasks\avg-secure-search-update_june2013_tb_rmv.job
SUPPRIMà‰: C:\Windows\Installer\4b06e9.msi

========== Tache planifiée ==========
SUPPRIMà‰: AVG-Secure-Search-Update_JUNE2013_HP_rmv
SUPPRIMà‰: AVG-Secure-Search-Update_JUNE2013_HP_rmv
SUPPRIMà‰: AVG-Secure-Search-Update_JUNE2013_TB_rmv
SUPPRIMà‰: AVG-Secure-Search-Update_JUNE2013_TB_rmv
SUPPRIMà‰: {035CB9B0-6A3E-4FE4-ACA5-FD5D6152ED3F}
SUPPRIMà‰: {04D6F92F-F963-48C0-9F4B-4511D0CE659E}
SUPPRIMà‰: {4B671E64-3D31-445D-9676-FDA18A328F2A}
SUPPRIMà‰: {7AF94D5F-8C16-4F20-A002-9E0F874B8576}
SUPPRIMà‰: {85943581-0889-40CE-AB2D-C77F3FA636B7}

========== Restauration Système ==========
Point de restauration du système créé avec succès


========== Récapitulatif ==========
24 : Clés du Registre
5 : Valeurs du Registre
3 : Dossiers
4 : Fichiers
1 : Préférences navigateur
9 : Tache planifiée
1 : Restauration Système


End of clean in 08mn 57s

========== Chemin de fichier rapport ==========
C:\Users\Marie-Estelle\AppData\Roaming\ZHP\ZHPFix[R1].txt - 12/01/2014 22:08:14 [5428]

encore merci pour votre aide
Avatar du membre
par lilidurhone
#27813
On approche de la fin ;)

Mets java à  jour(pense bien à  décocher Ask ;) )
Mets adobe reader à  jour

Si tu n'as plus de souci je te donne le final

bonsoir oki pour la fermeture je m'en charge car[…]

how to clean junk files

Hello don't use this program , it's a bullshit :)

Bonjour https://www.aht.li/3213847/AdsFix.exe b[…]

De rien Bon WE :)