Fichier usb transformés en raccourcis 2013-11-18T15:06:42+00:00
15 sujets de 1 à 15 (sur un total de 38)
  • Auteur
    Messages
  • Sofit
    Nombre d'articles : 0

    Bonjour ,
    J’ai lancé la recherche pour un scan usbfix car mes clés ont tous leurs fichiers transformés en raccourcis, voici le résultat :
    ############################## | UsbFix V 7.150 | [Recherche]

    Utilisateur: iforme (Administrateur) # IFORME-HP
    Mis à jour le 08/11/2013 par El Desaparecido – Team SosVirus
    Lancé à 15:52:33 | 18/11/2013

    Site Web : http://www.usbfix.net” onclick=”window.open(this.href);return false;
    Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
    Upload Malware : upload_malware.php
    Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

    PC: MSI (2A9C)
    CPU: Intel(R) Core(TM) i3 CPU 550 @ 3.20GHz
    RAM -> [Total : 6007 | Free : 4516]
    Bios: American Megatrends Inc.
    Boot: Normal boot

    OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
    WB: Windows Internet Explorer : 10.0.9200.16736
    WB: Google Chrome : 31.0.1650.57

    SC: Security Center Service [Enabled]
    WU: Windows Update Service [Enabled]
    AV: Anti-virus firewall 9.12 [Enabled | Updated]
    AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
    FW: Windows FireWall Service [Enabled]

    C: (%systemdrive%) -> Disque fixe # 918 Go (813 Go libre(s) – 89%) [OS] # NTFS
    D: -> Disque fixe # 14 Go (2 Go libre(s) – 12%) [HP_RECOVERY] # NTFS
    E: -> CD-ROM
    J: -> Disque amovible # 7 Go (733 Mo libre(s) – 10%) [] # FAT32
    K: -> Disque amovible # 976 Mo (871 Mo libre(s) – 89%) [USB FLASH] # FAT32

    ################## | Processus Actif |

    C:Windowssystem32csrss.exe (ID: 476 |ParentID: 468)
    C:Windowssystem32wininit.exe (ID: 524 |ParentID: 468)
    C:Windowssystem32csrss.exe (ID: 544 |ParentID: 536)
    C:Windowssystem32services.exe (ID: 592 |ParentID: 524)
    C:Windowssystem32lsass.exe (ID: 608 |ParentID: 524)
    C:Windowssystem32lsm.exe (ID: 616 |ParentID: 524)
    C:Windowssystem32winlogon.exe (ID: 652 |ParentID: 536)
    C:Windowssystem32svchost.exe (ID: 764 |ParentID: 592)
    C:Windowssystem32nvvsvc.exe (ID: 828 |ParentID: 592)
    C:Windowssystem32svchost.exe (ID: 868 |ParentID: 592)
    C:WindowsSystem32svchost.exe (ID: 952 |ParentID: 592)
    C:WindowsSystem32svchost.exe (ID: 1004 |ParentID: 592)
    C:Windowssystem32svchost.exe (ID: 340 |ParentID: 592)
    C:Windowssystem32svchost.exe (ID: 484 |ParentID: 592)
    C:Windowssystem32svchost.exe (ID: 1144 |ParentID: 592)
    C:WindowsSystem32spoolsv.exe (ID: 1304 |ParentID: 592)
    C:Windowssystem32svchost.exe (ID: 1344 |ParentID: 592)
    C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (ID: 1476 |ParentID: 592)
    C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe (ID: 1520 |ParentID: 592)
    C:Program FilesBonjourmDNSResponder.exe (ID: 1588 |ParentID: 592)
    C:Program Files (x86)OrangeAntivirus FirewallAnti-Virusfsgk32st.exe (ID: 1752 |ParentID: 592)
    C:Program Files (x86)FirebirdFirebird_2_5binfbguard.exe (ID: 1772 |ParentID: 592)
    C:Program Files (x86)OrangeAntivirus FirewallAnti-VirusFSGK32.EXE (ID: 1780 |ParentID: 1752)
    C:Program Files (x86)OrangeAntivirus FirewallCommonFSMA32.EXE (ID: 1808 |ParentID: 592)
    C:Program FilesHewlett-PackardHP Client ServicesHPClientServices.exe (ID: 1832 |ParentID: 592)
    C:Program Files (x86)OrangeAntivirus FirewallCommonFSHDLL32.EXE (ID: 1852 |ParentID: 1808)
    c:Program Files (x86)Common FilesLightScribeLSSrvc.exe (ID: 1936 |ParentID: 592)
    C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 1984 |ParentID: 592)
    C:Program Files (x86)SymantecNorton Online BackupNOBuAgent.exe (ID: 2032 |ParentID: 592)
    C:Program Files (x86)PDF Completepdfsvc.exe (ID: 1412 |ParentID: 592)
    C:Program Files (x86)OrangeAntivirus FirewallCommonFSHDLL64.EXE (ID: 2084 |ParentID: 1808)
    C:Program Files (x86)NuancePaperPortPDFProFiltSrvPP.exe (ID: 2192 |ParentID: 592)
    C:Program Files (x86)Common FilesSafeNet SentinelSentinel Keys Serversntlkeyssrvr.exe (ID: 2260 |ParentID: 592)
    C:Program Files (x86)Common FilesSafeNet SentinelSentinel Protection ServerWinNTspnsrvnt.exe (ID: 2288 |ParentID: 592)
    C:Program Files (x86)Common FilesSafeNet SentinelSentinel Security Runtimesntlsrtsrvr.exe (ID: 2416 |ParentID: 592)
    C:Windowssystem32svchost.exe (ID: 2528 |ParentID: 592)
    C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 2584 |ParentID: 592)
    C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID: 2836 |ParentID: 2584)
    C:Program Files (x86)OrangeAntivirus FirewallFWESProgramfsdfwd.exe (ID: 2500 |ParentID: 592)
    C:Program Files (x86)OrangeAntivirus FirewallORSP Clientfsorsp.exe (ID: 2604 |ParentID: 592)
    C:Program Files (x86)FirebirdFirebird_2_5binfbserver.exe (ID: 3224 |ParentID: 592)
    C:Program Files (x86)OrangeAntivirus FirewallAnti-Virusfssm32.exe (ID: 3284 |ParentID: 1780)
    C:Windowssystem32svchost.exe (ID: 3372 |ParentID: 592)
    C:Windowssystem32svchost.exe (ID: 3404 |ParentID: 592)
    C:Windowssystem32SearchIndexer.exe (ID: 3432 |ParentID: 592)
    C:WindowsSystem32WUDFHost.exe (ID: 3636 |ParentID: 1004)
    C:Program Files (x86)OrangeAntivirus FirewallAnti-Virusfsav32.exe (ID: 3848 |ParentID: 1780)
    C:Windowssystem32nvvsvc.exe (ID: 3320 |ParentID: 828)
    C:Windowssystem32taskhost.exe (ID: 2216 |ParentID: 592)
    C:Windowssystem32Dwm.exe (ID: 3632 |ParentID: 1004)
    C:WindowsExplorer.EXE (ID: 4004 |ParentID: 4028)
    C:Program Files (x86)Hewlett-PackardHP Odometerhpsysdrv.exe (ID: 4504 |ParentID: 4004)
    C:Program FilesHewlett-PackardHP MediaSmartSmartMenu.exe (ID: 4520 |ParentID: 4004)
    C:Program Files (x86)Heitz SystemProgramServiceV11.exe (ID: 4532 |ParentID: 4004)
    C:ProgramDataFLEXnetConnect11ISUSPM.exe (ID: 4552 |ParentID: 4004)
    C:Program Files (x86)Heitz SystemProgramMenuV11.exe (ID: 4600 |ParentID: 4004)
    C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe (ID: 4628 |ParentID: 4568)
    C:Program Files (x86)HpHP Software Updatehpwuschd2.exe (ID: 4692 |ParentID: 4568)
    C:Program Files (x86)OrangeAntivirus FirewallCommonFSM32.EXE (ID: 4904 |ParentID: 4568)
    C:Program Files (x86)Windows iLivid ToolbarDatamngrdatamngrUI.exe (ID: 5052 |ParentID: 4568)
    C:Program Files (x86)NuancePaperPortpptd40nt.exe (ID: 1464 |ParentID: 4568)
    C:Program Files (x86)NuancePDF Viewer PluspdfPro5Hook.exe (ID: 4276 |ParentID: 4568)
    C:Program Files (x86)Browny02BrotherBrStMonW.exe (ID: 4240 |ParentID: 4568)
    C:Program Files (x86)iTunesiTunesHelper.exe (ID: 664 |ParentID: 4568)
    C:Program Files (x86)Browny02BrYNSvc.exe (ID: 4912 |ParentID: 592)
    C:Program Files (x86)ControlCenter4BrCtrlCntr.exe (ID: 2748 |ParentID: 4304)
    C:Program Files (x86)ControlCenter4BrCcUxSys.exe (ID: 1156 |ParentID: 2748)
    C:Program FilesiPodbiniPodService.exe (ID: 2484 |ParentID: 592)
    C:Program Files (x86)Hewlett-PackardHP Support Frameworkhpsa_service.exe (ID: 5768 |ParentID: 592)
    C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorDataMgrSvc.exe (ID: 5876 |ParentID: 592)
    C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe (ID: 5936 |ParentID: 592)
    C:Program Files (x86)MicrosoftBingBar7.2.241.0SeaPort.exe (ID: 4444 |ParentID: 592)
    C:ProgramDataFLEXnetConnect11agent.exe (ID: 3068 |ParentID: 764)
    C:WindowsMicrosoft.NetFramework64v3.0WPFPresentationFontCache.exe (ID: 21336 |ParentID: 592)
    C:Program FilesInternet Exploreriexplore.exe (ID: 21304 |ParentID: 4004)
    C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 19028 |ParentID: 21304)
    C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbarUser_32.exe (ID: 22568 |ParentID: 19028)
    C:UsbFixGo.exe (ID: 14788 |ParentID: 20580)
    C:Windowssystem32SearchProtocolHost.exe (ID: 15556 |ParentID: 3432)
    C:Windowssystem32SearchFilterHost.exe (ID: 16196 |ParentID: 3432)
    C:Windowssystem32wbemwmiprvse.exe (ID: 18372 |ParentID: 764)

    ################## | Regedit Run |

    04 – HKLMSOFTWARE | Run : [IAStorIcon] – C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe
    04 – HKLMSOFTWARE | Run : [HP Software Update] – c:Program Files (x86)HPHP Software UpdateHPWuSchd2.exe
    04 – HKLMSOFTWARE | Run : [PDF Complete] – C:Program Files (x86)PDF Completepdfsty.exe
    04 – HKLMSOFTWARE | Run : [Norton Online Backup] – C:Program Files (x86)SymantecNorton Online BackupNOBuClient.exe
    04 – HKLMSOFTWARE | Run : [Easybits Recovery] – C:Program Files (x86)EasyBits For KidsezRecover.exe
    04 – HKLMSOFTWARE | Run : [ServiceV113] – C:Program Files (x86)Heitz SystemProgramServiceV11.exe
    04 – HKLMSOFTWARE | Run : [F-Secure Manager] – “C:Program Files (x86)OrangeAntivirus FirewallCommonFSM32.EXE” /splash
    04 – HKLMSOFTWARE | Run : [F-Secure TNB] – “C:Program Files (x86)OrangeAntivirus FirewallFSGUITNBUtil.exe” /CHECKALL /WAITFORSW
    04 – HKLMSOFTWARE | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
    04 – HKLMSOFTWARE | Run : [SweetIM] – C:Program Files (x86)SweetIMMessengerSweetIM.exe
    04 – HKLMSOFTWARE | Run : [DATAMNGR] – C:PROGRA~2WI3C8A~1DatamngrDATAMN~1.EXE
    04 – HKLMSOFTWARE | Run : [IndexSearch] – “C:Program Files (x86)NuancePaperPortIndexSearch.exe”
    04 – HKLMSOFTWARE | Run : [PaperPort PTD] – “C:Program Files (x86)NuancePaperPortpptd40nt.exe”
    04 – HKLMSOFTWARE | Run : [PPort12reminder] – “C:Program Files (x86)NuancePaperPortEregEreg.exe” -r “C:ProgramDataScanSoftPaperPort12ConfigEregEreg.ini”
    04 – HKLMSOFTWARE | Run : [PDFHook] – C:Program Files (x86)NuancePDF Viewer Pluspdfpro5hook.exe
    04 – HKLMSOFTWARE | Run : [PDF5 Registry Controller] – C:Program Files (x86)NuancePDF Viewer PlusRegistryController.exe
    04 – HKLMSOFTWARE | Run : [ControlCenter4] – C:Program Files (x86)ControlCenter4BrCcBoot.exe /autorun
    04 – HKLMSOFTWARE | Run : [BrStsMon00] – C:Program Files (x86)Browny02BrotherBrStMonW.exe /AUTORUN
    04 – HKLMSOFTWARE | Run : [ServiceV11] – C:Program Files (x86)Heitz SystemProgramServiceV11.exe
    04 – HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
    04 – HKLMSOFTWARE | Run : [iTunesHelper] – “C:Program Files (x86)iTunesiTunesHelper.exe”
    04 – HKLMSOFTWAREwow6432Node | Run : [IAStorIcon] – C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe
    04 – HKLMSOFTWAREwow6432Node | Run : [HP Software Update] – c:Program Files (x86)HPHP Software UpdateHPWuSchd2.exe
    04 – HKLMSOFTWAREwow6432Node | Run : [PDF Complete] – C:Program Files (x86)PDF Completepdfsty.exe
    04 – HKLMSOFTWAREwow6432Node | Run : [Norton Online Backup] – C:Program Files (x86)SymantecNorton Online BackupNOBuClient.exe
    04 – HKLMSOFTWAREwow6432Node | Run : [Easybits Recovery] – C:Program Files (x86)EasyBits For KidsezRecover.exe
    04 – HKLMSOFTWAREwow6432Node | Run : [ServiceV113] – C:Program Files (x86)Heitz SystemProgramServiceV11.exe
    04 – HKLMSOFTWAREwow6432Node | Run : [F-Secure Manager] – “C:Program Files (x86)OrangeAntivirus FirewallCommonFSM32.EXE” /splash
    04 – HKLMSOFTWAREwow6432Node | Run : [F-Secure TNB] – “C:Program Files (x86)OrangeAntivirus FirewallFSGUITNBUtil.exe” /CHECKALL /WAITFORSW
    04 – HKLMSOFTWAREwow6432Node | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
    04 – HKLMSOFTWAREwow6432Node | Run : [SweetIM] – C:Program Files (x86)SweetIMMessengerSweetIM.exe
    04 – HKLMSOFTWAREwow6432Node | Run : [DATAMNGR] – C:PROGRA~2WI3C8A~1DatamngrDATAMN~1.EXE
    04 – HKLMSOFTWAREwow6432Node | Run : [IndexSearch] – “C:Program Files (x86)NuancePaperPortIndexSearch.exe”
    04 – HKLMSOFTWAREwow6432Node | Run : [PaperPort PTD] – “C:Program Files (x86)NuancePaperPortpptd40nt.exe”
    04 – HKLMSOFTWAREwow6432Node | Run : [PPort12reminder] – “C:Program Files (x86)NuancePaperPortEregEreg.exe” -r “C:ProgramDataScanSoftPaperPort12ConfigEregEreg.ini”
    04 – HKLMSOFTWAREwow6432Node | Run : [PDFHook] – C:Program Files (x86)NuancePDF Viewer Pluspdfpro5hook.exe
    04 – HKLMSOFTWAREwow6432Node | Run : [PDF5 Registry Controller] – C:Program Files (x86)NuancePDF Viewer PlusRegistryController.exe
    04 – HKLMSOFTWAREwow6432Node | Run : [ControlCenter4] – C:Program Files (x86)ControlCenter4BrCcBoot.exe /autorun
    04 – HKLMSOFTWAREwow6432Node | Run : [BrStsMon00] – C:Program Files (x86)Browny02BrotherBrStMonW.exe /AUTORUN
    04 – HKLMSOFTWAREwow6432Node | Run : [ServiceV11] – C:Program Files (x86)Heitz SystemProgramServiceV11.exe
    04 – HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
    04 – HKLMSOFTWAREwow6432Node | Run : [iTunesHelper] – “C:Program Files (x86)iTunesiTunesHelper.exe”
    04 – HKLMSOFTWARE | RunOnce : [] –
    04 – HKLMSOFTWAREwow6432Node | RunOnce : [] –
    04 – HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-21-1902569843-3152803823-206538572-1000SOFTWARE | Run : [ISUSPM] – C:ProgramDataFLEXnetConnect11ISUSPM.exe -scheduler
    04 – HKUS-1-5-21-1902569843-3152803823-206538572-1000SOFTWARE | Run : [iTunesHelper] – wscript.exe //B “C:UsersiformeAppDataLocalTempiTunesHelper.vbe”
    04 – HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
    04 – HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

    ################## | Recherche générique |

    Présent! C:UsersiformeAppDataLocalTempiTunesHelper.vbe
    Présent! C:UsersiformeAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupiTunesHelper.vbe
    Présent! J:RunClubSanDisk.exe
    Présent! J:autorun.lnk
    Présent! J:_disk_id.lnk
    Présent! J:mpdf.lnk
    Présent! J:vrac.lnk
    Présent! J:Folder.lnk
    Présent! J:Classeur1.lnk
    Présent! J:will été.lnk
    Présent! J:été2013.lnk
    Présent! J:RunClubSanDisk.lnk
    Présent! J:RunSanDiskSecureAccess_Win.lnk
    Présent! J:PLANNING été.lnk
    Présent! J:Pass 1 semaine offerte.lnk
    Présent! J:Congratulations.lnk
    Présent! J:20130202_133642.lnk
    Présent! J:~$PLANNING été.lnk
    Présent! J:20130926_211014.lnk
    Présent! J:bis2 extrait 1.lnk
    Présent! J:playlist au propre.lnk
    Présent! J:20130926_214330.lnk
    Présent! J:bis extrait 2.lnk
    Présent! J:Présentation1.lnk
    Présent! J:Jump – RDX.lnk
    Présent! J:ben été.lnk
    Présent! J:9 MAKASSY – Femmes on vous aime (ft Ben J) (Le Chat Club_Soleil Remix – BPM 128).lnk
    Présent! J:~$Planning d’été équipe.lnk
    Présent! J:MAKASSY – Femmes on vous aime (DJ Promo Pack).lnk
    Présent! J:Planning d’été équipe 2012.lnk
    Présent! J:Elo été2013.lnk
    Présent! J:.lnk
    Présent! J:7 Dj Assad Ft Alain Ramanisum & Willy William – Li Tourner 2013 OFFICIAL VIDEO.lnk
    Présent! J:20130926_214758.lnk
    Présent! J:20130926_225933.lnk
    Présent! J:20130926_211902.lnk
    Présent! J:20130926_211912.lnk
    Présent! J:20130618_160838.lnk
    Présent! J:20130926_212353.lnk
    Présent! J:20130926_212358.lnk
    Présent! J:20130926_212404.lnk
    Présent! J:20130926_212810_1.lnk
    Présent! J:20130926_212810_2.lnk
    Présent! J:20130926_212810_3.lnk
    Présent! J:20130926_212810_4.lnk
    Présent! J:20130926_212814_1.lnk
    Présent! J:20130926_212814_2.lnk
    Présent! J:20130926_212814_3.lnk
    Présent! J:BON POUR UN STAGE DE ZUMBA GRATUIT AVEC MARINE ET SOPHIE.lnk
    Présent! J:20130926_212814_4.lnk
    Présent! J:20130926_212824.lnk
    Présent! J:20130926_214256.lnk
    Présent! J:20130926_215644.lnk
    Présent! J:20130926_215653.lnk
    Présent! J:8 Gâter Le Koin Logobi GTSisi K La Puissance.lnk
    Présent! J:El Amor Que Perdimos – Prince Royce.lnk
    Présent! J:Arash [Feat.lnk
    Présent! J:Sir Lewis – Shaki Riddim (Club Extended).lnk
    Présent! J:Promise (ft.lnk
    Présent! J:contrat_coach-client.lnk
    Présent! J:club_application.lnk
    Présent! J:SanDiskSecureAccess.lnk
    Présent! J:zumba aout.lnk
    Présent! J:Dossier équipe.lnk
    Présent! J:Photos Vue sur rennes.lnk
    Présent! J:vidéos kiz.lnk
    Présent! J:mes documents transfert.lnk
    Présent! J:clé usb zumba.lnk
    Présent! J:Fiche d’élabo. des salaires.lnk
    Présent! J:Zumba Plérin.lnk
    Présent! J:Photo.lnk
    Présent! J:zumba sophie 12-10-13.lnk
    Présent! J:9Musiques 31 Mai.lnk
    Présent! J:photos icr.lnk
    Présent! J:Zumba avril Mai.lnk
    Présent! J:musiques pour le 26 septembre.lnk
    Présent! J:.Spotlight-V100.lnk
    Présent! J:zumba 16 nov 2013.lnk
    Présent! J:Flavel & Neto – Eu quero tchu, Eu quero tcha.lnk
    Présent! J:Daddy Yankee – BPM (Original) (Con Letra) Video Song PRESTIGE 2012.lnk
    Présent! J:AlbumArtSmall.lnk
    Présent! J:WMPInfo.lnk
    Présent! J:13 Piste 13.lnk
    Présent! J:Eu quero Tchu, eu quero Tcha Flavel & Neto (So um tempo)-[www_flvto_com].lnk
    Présent! J:.Trashes.lnk
    Présent! K:.lnk
    Présent! K:Apéro quizz.lnk
    Présent! K:.Trashes.lnk
    Présent! K:.fseventsd.lnk
    Présent! K:.Spotlight-V100.lnk
    Présent! K:Mix Sophie officiel.lnk
    Présent! K:mix sophie.lnk
    Présent! K:Mix Sophie officiel – Copie.lnk
    Présent! C:UsersiformeAppDataLocalTemp8B1AhAJC.vbs
    Présent! C:UsersiformeAppDataLocalTempGenial-Oz.hta
    Présent! J:autorun.inf

    ################## | Référence de comparaison MD5 |

    Md5 : 32BEF3BB4B558ADE6CF41113628FC86D -> C:UsersiformeAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupiTunesHelper.vbe
    Md5 : 32BEF3BB4B558ADE6CF41113628FC86D -> C:UsersiformeAppDataLocalTempiTunesHelper.vbe
    Md5 : B5E7BFBBAC3B4E9DB51960169132E9FD -> C:UsersiformeAppDataLocalTemp8B1AhAJC.vbs

    ################## | Comparaison MD5 |

    Présent! Md5 : B5E7BFBBAC3B4E9DB51960169132E9FD -> C:UsersiformeAppDataLocalTemp8B1AhAJC.vbs
    Présent! Md5 : 32BEF3BB4B558ADE6CF41113628FC86D -> C:UsersiformeAppDataLocalTempiTunesHelper.vbe
    Présent! Md5 : 32BEF3BB4B558ADE6CF41113628FC86D -> C:UsersiformeAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupiTunesHelper.vbe

    ################## | Registre |

    Présent! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem|EnableLUA -> 0
    Présent! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem|ConsentPromptBehaviorAdmin -> 0
    Présent! HKUS-1-5-21-1902569843-3152803823-206538572-1000SoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    Présent! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
    Présent! HKLMSoftwareWow6432NodeMicrosoftWindowsCurrentVersionRun|iTunesHelper
    Présent! HKLMSoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper

    ################## | Vaccin |

    (!) Cet ordinateur n’est pas vacciné!

    ################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |

    Merci de m’aider à résoudre mon problème svp ! ;)

    Anonyme
    Nombre d'articles : 0

    Hello :hello: ,

    Bienvenue sur SosVirus :welcome:

    • Exécute UsbFix
    • Choisi l’option Suppression

      Note : Si UsbFix bloque à 14%, éxécute UsbFix en mode sans échec. (Voir >> ICI <<)

    • Copie et Colle le contenu du rapport qui apparaît à la fin du scan dans ta réponse
    Sofit
    Nombre d'articles : 0

    Merci pour votre réponse relativement rapide !

    voici le 2ème scan après avoir appuyé sur suppression

    ############################## | UsbFix V 7.150 | [Suppression]

    Utilisateur: Sophie (Administrateur) # SOPHIE-PC
    Mis à jour le 08/11/2013 par El Desaparecido – Team SosVirus
    Lancé à 22:41:00 | 18/11/2013

    Site Web : http://www.usbfix.net” onclick=”window.open(this.href);return false;
    Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
    Upload Malware : upload_malware.php
    Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

    PC: SAMSUNG ELECTRONICS CO., LTD. (R530/R730/R540 )
    CPU: Intel(R) Pentium(R) CPU P6100 @ 2.00GHz
    RAM -> [Total : 3893 | Free : 2173]
    Bios: Phoenix Technologies Ltd.
    Boot: Normal boot

    OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7600 64-Bit)
    WB: Windows Internet Explorer : 9.0.8112.16421
    WB: Google Chrome : 31.0.1650.57

    SC: Security Center Service [Enabled]
    WU: Windows Update Service [Enabled]
    AV: AVG Internet Security 2014 [Enabled | Updated]
    AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
    FW: Windows FireWall Service [Enabled]

    C: (%systemdrive%) -> Disque fixe # 179 Go (30 Go libre(s) – 17%) [] # NTFS
    D: -> Disque fixe # 267 Go (253 Go libre(s) – 95%) [] # NTFS
    E: -> CD-ROM
    F: -> Disque amovible # 976 Mo (871 Mo libre(s) – 89%) [USB FLASH] # FAT32
    G: -> Disque amovible # 7 Go (733 Mo libre(s) – 10%) [] # FAT32

    ################## | Processus Stoppés |

    Stoppé! C:PROGRA~2AVGAVG2014avgrsa.exe (ID: 404 |ParentID: 392)
    Stoppé! C:Program Files (x86)AVGAVG2014avgcsrva.exe (ID: 448 |ParentID: 404)
    Stoppé! C:Program Files (x86)AVGAVG2014avgfws.exe (ID: 1808 |ParentID: 820)
    Stoppé! C:Program Files (x86)AVGAVG2014avgidsagent.exe (ID: 664 |ParentID: 820)
    Stoppé! C:Program Files (x86)AVGAVG2014avgwdsvc.exe (ID: 1196 |ParentID: 820)
    Stoppé! C:Program Files (x86)AVGAVG2014avgui.exe (ID: 3236 |ParentID: 2992)
    Stoppé! C:Program Files (x86)AVGAVG2014avgnsa.exe (ID: 3804 |ParentID: 1196)
    Stoppé! C:Program Files (x86)AVGAVG2014avgcsrva.exe (ID: 4548 |ParentID: 3804)
    Stoppé! C:windowsexplorer.exe (ID: 2152 |ParentID: 768)
    Stoppé! C:windowsSystem32rundll32.exe (ID: 1364 |ParentID: 952)
    Stoppé! C:windowsSystem32WUDFHost.exe (ID: 4240 |ParentID: 860)
    Stoppé! C:windowssystem32SearchIndexer.exe (ID: 2528 |ParentID: 820)
    Stoppé! C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 2792 |ParentID: 820)
    Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 3100 |ParentID: 820)
    Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID: 4676 |ParentID: 3100)
    Stoppé! C:windowssystem32wuauclt.exe (ID: 3040 |ParentID: 908)
    Stoppé! C:windowsSystem32spoolsv.exe (ID: 3272 |ParentID: 820)
    Stoppé! C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe (ID: 5268 |ParentID: 820)
    Stoppé! C:windowsservicingTrustedInstaller.exe (ID: 108 |ParentID: 820)
    Stoppé! C:Program Files (x86)Internet Exploreriexplore.exe (ID: 5760 |ParentID: 2152)
    Stoppé! C:Program Files (x86)Internet Exploreriexplore.exe (ID: 2184 |ParentID: 5760)
    Stoppé! C:windowsSysWOW64MacromedFlashFlashUtil32_11_9_900_117_ActiveX.exe (ID: 5380 |ParentID: 952)
    Stoppé! C:Program Files (x86)Internet Exploreriexplore.exe (ID: 3568 |ParentID: 5760)
    Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 1060 |ParentID: 5856)
    Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 4576 |ParentID: 1060)
    Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 3288 |ParentID: 1060)
    Stoppé! C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 2056 |ParentID: 1060)

    ################## | Regedit Run |

    04 – HKLMSOFTWARE | Run : [UpdateLBPShortCut] – “C:Program Files (x86)CyberLinkLabelPrintMUITransferMUIStartMenu.exe” “C:Program Files (x86)CyberLinkLabelPrint” UpdateWithCreateOnce “SoftwareCyberLinkLabelPrint2.5”
    04 – HKLMSOFTWARE | Run : [CLMLServer] – “C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe”
    04 – HKLMSOFTWARE | Run : [UpdateP2GoShortCut] – “C:Program Files (x86)CyberLinkPower2GoMUITransferMUIStartMenu.exe” “C:Program Files (x86)CyberLinkPower2Go” UpdateWithCreateOnce “SOFTWARECyberLinkPower2Go6.0”
    04 – HKLMSOFTWARE | Run : [UpdatePDRShortCut] – “C:Program Files (x86)CyberLinkPowerDirectorMUITransferMUIStartMenu.exe” “C:Program Files (x86)CyberLinkPowerDirector” UpdateWithCreateOnce “SoftwareCyberLinkPowerDirector7.0”
    04 – HKLMSOFTWARE | Run : [RemoteControl8] – “C:Program Files (x86)CyberLinkPowerDVD8PDVD8Serv.exe”
    04 – HKLMSOFTWARE | Run : [PDVD8LanguageShortcut] – “C:Program Files (x86)CyberLinkPowerDVD8LanguageLanguage.exe”
    04 – HKLMSOFTWARE | Run : [UpdatePPShortCut] – “C:Program Files (x86)CyberLinkPowerProducerMUITransferMUIStartMenu.exe” “C:Program Files (x86)CyberLinkPowerProducer” UpdateWithCreateOnce “SoftwareCyberLinkPowerProducer5.0”
    04 – HKLMSOFTWARE | Run : [UpdatePSTShortCut] – “C:Program Files (x86)CyberLinkDVD SuiteMUITransferMUIStartMenu.exe” “C:Program Files (x86)CyberLinkDVD Suite” UpdateWithCreateOnce “SoftwareCyberLinkPowerStarter”
    04 – HKLMSOFTWARE | Run : [Microsoft Default Manager] – “C:Program Files (x86)MicrosoftSearch Enhancement PackDefault ManagerDefMgr.exe” -resume
    04 – HKLMSOFTWARE | Run : [UCam_Menu] – “C:Program Files (x86)CyberLinkYouCamMUITransferMUIStartMenu.exe” “C:Program Files (x86)CyberLinkYouCam” UpdateWithCreateOnce “SoftwareCyberLinkYouCam2.0”
    04 – HKLMSOFTWARE | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
    04 – HKLMSOFTWARE | Run : [AVG_UI] – “C:Program Files (x86)AVGAVG2014avgui.exe” /TRAYONLY
    04 – HKLMSOFTWARE | Run : [KiesTrayAgent] – C:Program Files (x86)SamsungKiesKiesTrayAgent.exe
    04 – HKLMSOFTWARE | Run : [iTunesHelper] – “C:Program Files (x86)iTunesiTunesHelper.exe”
    04 – HKLMSOFTWAREwow6432Node | Run : [UpdateLBPShortCut] – “C:Program Files (x86)CyberLinkLabelPrintMUITransferMUIStartMenu.exe” “C:Program Files (x86)CyberLinkLabelPrint” UpdateWithCreateOnce “SoftwareCyberLinkLabelPrint2.5”
    04 – HKLMSOFTWAREwow6432Node | Run : [CLMLServer] – “C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe”
    04 – HKLMSOFTWAREwow6432Node | Run : [UpdateP2GoShortCut] – “C:Program Files (x86)CyberLinkPower2GoMUITransferMUIStartMenu.exe” “C:Program Files (x86)CyberLinkPower2Go” UpdateWithCreateOnce “SOFTWARECyberLinkPower2Go6.0”
    04 – HKLMSOFTWAREwow6432Node | Run : [UpdatePDRShortCut] – “C:Program Files (x86)CyberLinkPowerDirectorMUITransferMUIStartMenu.exe” “C:Program Files (x86)CyberLinkPowerDirector” UpdateWithCreateOnce “SoftwareCyberLinkPowerDirector7.0”
    04 – HKLMSOFTWAREwow6432Node | Run : [RemoteControl8] – “C:Program Files (x86)CyberLinkPowerDVD8PDVD8Serv.exe”
    04 – HKLMSOFTWAREwow6432Node | Run : [PDVD8LanguageShortcut] – “C:Program Files (x86)CyberLinkPowerDVD8LanguageLanguage.exe”
    04 – HKLMSOFTWAREwow6432Node | Run : [UpdatePPShortCut] – “C:Program Files (x86)CyberLinkPowerProducerMUITransferMUIStartMenu.exe” “C:Program Files (x86)CyberLinkPowerProducer” UpdateWithCreateOnce “SoftwareCyberLinkPowerProducer5.0”
    04 – HKLMSOFTWAREwow6432Node | Run : [UpdatePSTShortCut] – “C:Program Files (x86)CyberLinkDVD SuiteMUITransferMUIStartMenu.exe” “C:Program Files (x86)CyberLinkDVD Suite” UpdateWithCreateOnce “SoftwareCyberLinkPowerStarter”
    04 – HKLMSOFTWAREwow6432Node | Run : [Microsoft Default Manager] – “C:Program Files (x86)MicrosoftSearch Enhancement PackDefault ManagerDefMgr.exe” -resume
    04 – HKLMSOFTWAREwow6432Node | Run : [UCam_Menu] – “C:Program Files (x86)CyberLinkYouCamMUITransferMUIStartMenu.exe” “C:Program Files (x86)CyberLinkYouCam” UpdateWithCreateOnce “SoftwareCyberLinkYouCam2.0”
    04 – HKLMSOFTWAREwow6432Node | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
    04 – HKLMSOFTWAREwow6432Node | Run : [AVG_UI] – “C:Program Files (x86)AVGAVG2014avgui.exe” /TRAYONLY
    04 – HKLMSOFTWAREwow6432Node | Run : [KiesTrayAgent] – C:Program Files (x86)SamsungKiesKiesTrayAgent.exe
    04 – HKLMSOFTWAREwow6432Node | Run : [iTunesHelper] – “C:Program Files (x86)iTunesiTunesHelper.exe”
    04 – HKLMSOFTWARE | RunOnce : [] –
    04 – HKLMSOFTWAREwow6432Node | RunOnce : [] –
    04 – HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-21-1972273453-3807663751-171534141-1001SOFTWARE | Run : [Facebook Update] – “C:UsersSophieAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
    04 – HKUS-1-5-21-1972273453-3807663751-171534141-1001SOFTWARE | Run : [Spotify Web Helper] – “C:UsersSophieAppDataRoamingSpotifyDataSpotifyWebHelper.exe”
    04 – HKUS-1-5-21-1972273453-3807663751-171534141-1001SOFTWARE | Run : [Spotify] – “C:UsersSophieAppDataRoamingSpotifySpotify.exe” /uri spotify:autostart
    04 – HKUS-1-5-21-1972273453-3807663751-171534141-1001SOFTWARE | Run : [Skype] – “C:Program Files (x86)SkypePhoneSkype.exe” /minimized /regrun
    04 – HKUS-1-5-21-1972273453-3807663751-171534141-1001SOFTWARE | Run : [KiesPreload] – C:Program Files (x86)SamsungKiesKies.exe /preload
    04 – HKUS-1-5-21-1972273453-3807663751-171534141-1001SOFTWARE | Run : [KiesAirMessage] – C:Program Files (x86)SamsungKiesKiesAirMessage.exe -startup
    04 – HKUS-1-5-21-1972273453-3807663751-171534141-1001SOFTWARE | Run : [] – C:Program Files (x86)SamsungKiesExternalFirmwareUpdateKiesPDLR.exe
    04 – HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
    04 – HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

    ################## | Recherche générique |

    Supprimé! F:.lnk
    Supprimé! F:Apéro quizz.lnk
    Supprimé! F:.Trashes.lnk
    Supprimé! F:.fseventsd.lnk
    Supprimé! F:.Spotlight-V100.lnk
    Supprimé! F:Mix Sophie officiel.lnk
    Supprimé! F:mix sophie.lnk
    Supprimé! F:Mix Sophie officiel – Copie.lnk
    Supprimé! G:RunClubSanDisk.exe
    Supprimé! G:autorun.lnk
    Supprimé! G:_disk_id.lnk
    Supprimé! G:mpdf.lnk
    Supprimé! G:vrac.lnk
    Supprimé! G:Folder.lnk
    Supprimé! G:Classeur1.lnk
    Supprimé! G:will été.lnk
    Supprimé! G:été2013.lnk
    Supprimé! G:RunClubSanDisk.lnk
    Supprimé! G:RunSanDiskSecureAccess_Win.lnk
    Supprimé! G:PLANNING été.lnk
    Supprimé! G:Pass 1 semaine offerte.lnk
    Supprimé! G:Congratulations.lnk
    Supprimé! G:20130202_133642.lnk
    Supprimé! G:~$PLANNING été.lnk
    Supprimé! G:20130926_211014.lnk
    Supprimé! G:bis2 extrait 1.lnk
    Supprimé! G:playlist au propre.lnk
    Supprimé! G:20130926_214330.lnk
    Supprimé! G:bis extrait 2.lnk
    Supprimé! G:Présentation1.lnk
    Supprimé! G:Jump – RDX.lnk
    Supprimé! G:ben été.lnk
    Supprimé! G:9 MAKASSY – Femmes on vous aime (ft Ben J) (Le Chat Club_Soleil Remix – BPM 128).lnk
    Supprimé! G:~$Planning d’été équipe.lnk
    Supprimé! G:MAKASSY – Femmes on vous aime (DJ Promo Pack).lnk
    Supprimé! G:Planning d’été équipe 2012.lnk
    Supprimé! G:Elo été2013.lnk
    Supprimé! G:.lnk
    Supprimé! G:7 Dj Assad Ft Alain Ramanisum & Willy William – Li Tourner 2013 OFFICIAL VIDEO.lnk
    Supprimé! G:20130926_214758.lnk
    Supprimé! G:20130926_225933.lnk
    Supprimé! G:20130926_211902.lnk
    Supprimé! G:20130926_211912.lnk
    Supprimé! G:20130618_160838.lnk
    Supprimé! G:20130926_212353.lnk
    Supprimé! G:20130926_212358.lnk
    Supprimé! G:20130926_212404.lnk
    Supprimé! G:20130926_212810_1.lnk
    Supprimé! G:20130926_212810_2.lnk
    Supprimé! G:20130926_212810_3.lnk
    Supprimé! G:20130926_212810_4.lnk
    Supprimé! G:20130926_212814_1.lnk
    Supprimé! G:20130926_212814_2.lnk
    Supprimé! G:20130926_212814_3.lnk
    Supprimé! G:BON POUR UN STAGE DE ZUMBA GRATUIT AVEC MARINE ET SOPHIE.lnk
    Supprimé! G:20130926_212814_4.lnk
    Supprimé! G:20130926_212824.lnk
    Supprimé! G:20130926_214256.lnk
    Supprimé! G:20130926_215644.lnk
    Supprimé! G:20130926_215653.lnk
    Supprimé! G:8 Gâter Le Koin Logobi GTSisi K La Puissance.lnk
    Supprimé! G:El Amor Que Perdimos – Prince Royce.lnk
    Supprimé! G:Arash [Feat.lnk
    Supprimé! G:Sir Lewis – Shaki Riddim (Club Extended).lnk
    Supprimé! G:Promise (ft.lnk
    Supprimé! G:contrat_coach-client.lnk
    Supprimé! G:club_application.lnk
    Supprimé! G:SanDiskSecureAccess.lnk
    Supprimé! G:zumba aout.lnk
    Supprimé! G:Dossier équipe.lnk
    Supprimé! G:Photos Vue sur rennes.lnk
    Supprimé! G:vidéos kiz.lnk
    Supprimé! G:mes documents transfert.lnk
    Supprimé! G:clé usb zumba.lnk
    Supprimé! G:Fiche d’élabo. des salaires.lnk
    Supprimé! G:Zumba Plérin.lnk
    Supprimé! G:Photo.lnk
    Supprimé! G:zumba sophie 12-10-13.lnk
    Supprimé! G:9Musiques 31 Mai.lnk
    Supprimé! G:photos icr.lnk
    Supprimé! G:Zumba avril Mai.lnk
    Supprimé! G:musiques pour le 26 septembre.lnk
    Supprimé! G:.Spotlight-V100.lnk
    Supprimé! G:zumba 16 nov 2013.lnk
    Supprimé! G:Flavel & Neto – Eu quero tchu, Eu quero tcha.lnk
    Supprimé! G:Daddy Yankee – BPM (Original) (Con Letra) Video Song PRESTIGE 2012.lnk
    Supprimé! G:AlbumArtSmall.lnk
    Supprimé! G:WMPInfo.lnk
    Supprimé! G:13 Piste 13.lnk
    Supprimé! G:Eu quero Tchu, eu quero Tcha Flavel & Neto (So um tempo)-[www_flvto_com].lnk
    Supprimé! G:.Trashes.lnk
    Supprimé! G:autorun.inf

    (!) Fichiers temporaires supprimés.

    ################## | Registre |

    ################## | Listing |

    [18/11/2013 – 22:13:33 | D ] C:$AVG
    [02/11/2011 – 18:41:44 | SHD ] C:$Recycle.Bin
    [13/04/2013 – 09:52:00 | N | 33076] C:AdwCleaner[R1].txt
    [13/04/2013 – 10:12:34 | N | 33114] C:AdwCleaner[R2].txt
    [22/11/2012 – 21:47:13 | N | 22931] C:AdwCleaner[S1].txt
    [13/04/2013 – 10:14:06 | N | 32938] C:AdwCleaner[S2].txt
    [18/11/2013 – 22:16:01 | SHD ] C:Config.Msi
    [14/07/2009 – 06:08:56 | SHD ] C:Documents and Settings
    [18/11/2013 – 22:16:06 | ASH | 4081635328] C:hiberfil.sys
    [29/12/2010 – 02:07:25 | D ] C:Intel
    [31/10/2011 – 14:53:36 | RHD ] C:MSOCache
    [29/02/2004 – 16:44:34 | N | 52576] C:orange.bmp
    [18/11/2013 – 22:16:06 | ASH | 4081635328] C:pagefile.sys
    [14/07/2009 – 04:20:08 | D ] C:PerfLogs
    [12/11/2013 – 18:07:51 | D ] C:Program Files
    [12/11/2013 – 18:07:19 | D ] C:Program Files (x86)
    [18/11/2013 – 22:16:01 | HD ] C:ProgramData
    [27/10/2011 – 19:31:45 | SHD ] C:Recovery
    [08/11/2010 – 00:08:11 | N | 2162] C:RHDSetup.log
    [08/11/2010 – 00:22:24 | N | 191] C:Setup.log
    [18/11/2013 – 22:06:36 | SHD ] C:System Volume Information
    [18/11/2013 – 22:41:27 | D ] C:UsbFix
    [18/11/2013 – 22:41:32 | A | 14675] C:UsbFix [Clean 3] SOPHIE-PC.txt
    [18/11/2013 – 22:33:04 | N | 16862] C:UsbFix [Scan 1] SOPHIE-PC.txt
    [27/10/2011 – 19:33:07 | RD ] C:Users
    [18/11/2013 – 01:16:47 | D ] C:Windows
    [27/10/2011 – 19:45:23 | SHD ] D:$RECYCLE.BIN
    [07/11/2007 – 08:00:40 | N | 17734] D:eula.1028.txt
    [07/11/2007 – 08:00:40 | N | 17734] D:eula.1031.txt
    [07/11/2007 – 08:00:40 | N | 10134] D:eula.1033.txt
    [07/11/2007 – 08:00:40 | N | 17734] D:eula.1036.txt
    [07/11/2007 – 08:00:40 | N | 17734] D:eula.1040.txt
    [07/11/2007 – 08:00:40 | N | 118] D:eula.1041.txt
    [07/11/2007 – 08:00:40 | N | 17734] D:eula.1042.txt
    [07/11/2007 – 08:00:40 | N | 17734] D:eula.2052.txt
    [07/11/2007 – 08:00:40 | N | 17734] D:eula.3082.txt
    [07/11/2007 – 08:00:40 | N | 1110] D:globdata.ini
    [07/11/2007 – 08:03:18 | N | 562688] D:install.exe
    [07/11/2007 – 08:00:40 | N | 843] D:install.ini
    [07/11/2007 – 08:03:18 | N | 76304] D:install.res.1028.dll
    [07/11/2007 – 08:03:18 | N | 96272] D:install.res.1031.dll
    [07/11/2007 – 08:03:18 | N | 91152] D:install.res.1033.dll
    [07/11/2007 – 08:03:18 | N | 97296] D:install.res.1036.dll
    [07/11/2007 – 08:03:18 | N | 95248] D:install.res.1040.dll
    [07/11/2007 – 08:03:18 | N | 81424] D:install.res.1041.dll
    [07/11/2007 – 08:03:18 | N | 79888] D:install.res.1042.dll
    [07/11/2007 – 08:03:18 | N | 75792] D:install.res.2052.dll
    [07/11/2007 – 08:03:18 | N | 96272] D:install.res.3082.dll
    [31/10/2011 – 13:56:12 | D ] D:SamsungRecovery
    [28/10/2011 – 21:58:06 | SHD ] D:System Volume Information
    [07/11/2007 – 08:00:40 | N | 5686] D:vcredist.bmp
    [07/11/2007 – 08:09:22 | N | 1442522] D:VC_RED.cab
    [07/11/2007 – 08:12:28 | N | 232960] D:VC_RED.MSI
    [13/12/2012 – 22:49:58 | SH | 4096] F:._.Trashes
    [13/12/2012 – 22:49:58 | SHD ] F:.Trashes
    [13/12/2012 – 22:49:58 | D ] F:.fseventsd
    [13/12/2012 – 22:49:58 | SHD ] F:.Spotlight-V100
    [13/12/2012 – 22:50:22 | N | 4096] F:._Apéro quizz.pptx
    [15/11/2013 – 19:36:38 | N | 13126217] F:Mix Sophie officiel.mp3
    [15/11/2013 – 19:25:44 | N | 96130472] F:mix sophie.wav
    [10/11/2010 – 18:16:42 | N | 31095432] G:RunSanDiskSecureAccess_Win.exe
    [22/11/2010 – 17:10:00 | D ] G:club_application
    [22/11/2010 – 17:10:04 | D ] G:SanDiskSecureAccess
    [02/10/2012 – 17:01:46 | N | 4] G:_disk_id.pod
    [19/05/2013 – 23:28:32 | N | 435483] G:mpdf.pdf
    [13/06/2012 – 09:24:36 | N | 11324] G:AlbumArtSmall.jpg
    [13/06/2012 – 09:24:36 | N | 56555] G:Folder.jpg
    [24/05/2013 – 11:52:52 | N | 11862] G:PLANNING été.xlsx
    [26/09/2013 – 16:48:02 | D ] G:vrac
    [23/05/2013 – 15:30:10 | N | 11978] G:Classeur1.xlsx
    [04/08/2013 – 23:39:54 | D ] G:zumba aout
    [24/05/2012 – 17:04:36 | D ] G:Dossier équipe
    [01/10/2013 – 15:40:40 | D ] G:Photos Vue sur rennes
    [29/06/2012 – 16:46:26 | N | 397262] G:Pass 1 semaine offerte.pdf
    [26/10/2012 – 11:43:16 | N | 14964] G:Congratulations.docx
    [08/05/2013 – 14:48:48 | N | 103713] G:will été.pdf
    [26/07/2012 – 19:47:16 | D ] G:vidéos kiz
    [02/02/2013 – 14:39:46 | N | 328167962] G:20130202_133642.mp4
    [23/08/2011 – 12:24:44 | D ] G:mes documents transfert
    [19/06/2013 – 17:15:32 | N | 39309] G:été2013.xlsx
    [13/04/2013 – 10:18:52 | D ] G:clé usb zumba
    [26/08/2011 – 10:52:56 | N | 296] G:WMPInfo.xml
    [27/05/2013 – 11:21:30 | N | 165] G:~$PLANNING été.xlsx
    [26/09/2013 – 21:11:18 | N | 130844576] G:20130926_211014.mp4
    [05/10/2012 – 16:23:42 | N | 2230] G:bis2 extrait 1.wlmp
    [24/05/2012 – 11:42:52 | D ] G:Fiche d’élabo. des salaires
    [27/04/2013 – 00:30:56 | N | 103271] G:playlist au propre.pdf
    [26/09/2013 – 21:45:36 | N | 261757114] G:20130926_214330.mp4
    [17/03/2013 – 14:48:58 | D ] G:Zumba Plérin
    [05/10/2012 – 16:28:32 | N | 2241] G:bis extrait 2.wlmp
    [17/03/2013 – 14:50:08 | D ] G:Photo
    [26/08/2013 – 14:33:00 | N | 235843] G:Présentation1.pptx
    [15/10/2013 – 12:17:46 | D ] G:zumba sophie 12-10-13
    [27/04/2013 – 11:52:46 | D ] G:9Musiques 31 Mai
    [03/09/2013 – 15:46:34 | D ] G:photos icr
    [06/10/2013 – 23:23:44 | N | 4518713] G:Jump – RDX.mp3
    [08/05/2013 – 14:49:10 | N | 96933] G:ben été.pdf
    [03/04/2013 – 16:37:42 | D ] G:Zumba avril Mai
    [10/08/2013 – 11:18:00 | N | 10726839] G:9 MAKASSY – Femmes on vous aime (ft Ben J) (Le Chat Club_Soleil Remix – BPM 128).mp3
    [13/05/2013 – 12:16:36 | N | 165] G:~$Planning d’été équipe.xlsx
    [17/09/2013 – 23:30:54 | N | 41751663] G:MAKASSY – Femmes on vous aime (DJ Promo Pack).zip
    [25/09/2013 – 22:48:16 | D ] G:musiques pour le 26 septembre
    [17/05/2012 – 12:21:40 | N | 21990] G:Planning d’été équipe 2012.xlsx
    [17/05/2013 – 11:39:16 | N | 100346] G:Elo été2013.pdf
    [24/05/2013 – 11:57:18 | N | 95419] G:PLANNING été.pdf
    [04/01/2013 – 01:25:00 | SH | 4096] G:._.Trashes
    [04/01/2013 – 01:25:00 | SHD ] G:.Trashes
    [23/07/2013 – 16:27:06 | N | 3642410] G:7 Dj Assad Ft Alain Ramanisum & Willy William – Li Tourner 2013 OFFICIAL VIDEO.mp3
    [04/01/2013 – 01:25:00 | SHD ] G:.Spotlight-V100
    [26/09/2013 – 21:51:12 | N | 410480670] G:20130926_214758.mp4
    [26/09/2013 – 23:01:44 | N | 274634026] G:20130926_225933.mp4
    [26/09/2013 – 21:19:02 | N | 1451262] G:20130926_211902.jpg
    [26/09/2013 – 21:19:12 | N | 1226951] G:20130926_211912.jpg
    [04/10/2013 – 11:45:46 | D ] G:zumba 16 nov 2013
    [18/06/2013 – 16:12:48 | N | 527533575] G:20130618_160838.mp4
    [26/09/2013 – 21:23:54 | N | 1652523] G:20130926_212353.jpg
    [26/09/2013 – 21:23:58 | N | 1623559] G:20130926_212358.jpg
    [26/09/2013 – 21:24:04 | N | 1552844] G:20130926_212404.jpg
    [26/09/2013 – 21:28:10 | N | 921542] G:20130926_212810_1.jpg
    [26/09/2013 – 21:28:10 | N | 900679] G:20130926_212810_2.jpg
    [26/09/2013 – 21:28:10 | N | 904898] G:20130926_212810_3.jpg
    [26/09/2013 – 21:28:10 | N | 884486] G:20130926_212810_4.jpg
    [26/09/2013 – 21:28:14 | N | 911443] G:20130926_212814_1.jpg
    [26/09/2013 – 21:28:14 | N | 854495] G:20130926_212814_2.jpg
    [26/09/2013 – 21:28:14 | N | 894807] G:20130926_212814_3.jpg
    [10/12/2011 – 23:09:28 | N | 22514] G:BON POUR UN STAGE DE ZUMBA GRATUIT AVEC MARINE ET SOPHIE.docx
    [26/09/2013 – 21:28:14 | N | 904685] G:20130926_212814_4.jpg
    [26/09/2013 – 21:28:24 | N | 1164632] G:20130926_212824.jpg
    [26/09/2013 – 21:42:56 | N | 941992] G:20130926_214256.jpg
    [26/09/2013 – 21:56:44 | N | 891885] G:20130926_215644.jpg
    [26/09/2013 – 21:56:54 | N | 1306165] G:20130926_215653.jpg
    [25/09/2013 – 23:29:12 | N | 3704232] G:8 Gâter Le Koin Logobi GTSisi K La Puissance.mp3
    [14/10/2013 – 23:52:10 | N | 3516322] G:Eddy Lover – Te Dolio ? Exclusivo Enero 2011 ? by Fasther.mp3
    [16/10/2013 – 15:44:18 | N | 4012305] G:El Amor Que Perdimos – Prince Royce.mp3
    [16/10/2013 – 14:22:22 | N | 2833659] G:Arash [Feat. Sean Paul] – She Makes Me Go.mp3
    [16/10/2013 – 15:14:14 | N | 4353358] G:Sir Lewis – Shaki Riddim (Club Extended).mp3
    [16/10/2013 – 15:48:42 | N | 10155881] G:Promise (ft. Usher) – Romeo Santos.mp3
    [23/04/2012 – 13:36:24 | N | 1132032] G:contrat_coach-client.doc
    [11/11/2013 – 15:39:44 | N | 936540] G:Flavel & Neto – Eu quero tchu, Eu quero tcha.mp3
    [11/11/2013 – 16:34:10 | N | 3531651] G:Daddy Yankee – BPM (Original) (Con Letra) Video Song PRESTIGE 2012.mp3
    [12/11/2013 – 08:51:52 | N | 6808192] G:13 Piste 13.m4a
    [12/11/2013 – 11:10:30 | N | 4457793] G:Eu quero Tchu, eu quero Tcha Flavel & Neto (So um tempo)-[www_flvto_com].mp3

    ################## | Vaccin |

    F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    G:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

    ################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |

    Anonyme
    Nombre d'articles : 0

    Hello ,

    Comment vont les clé F & G ?

    • Télécharges Adwcleaner (de Xplode) sur ton Bureau !
    • Fais clic droit dessus, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
      1. Choisi l’option Scanner
      2. Choisi l’option Nettoyer
    • Accepte l’avertissement en cliquant sur OK

    • Acceptes les avertissements/informations en cliquant sur OK
    • Copie et Colle le contenu du rapport qui apparaît au redémarrage du PC

    [hr:2xos7y8l]

    • Télécharge Malwarebytes’ Anti-Malware et installe le.
    • Lance Malwarebytes’ Anti-Malware.
    • Clique sur l’onglet “Mises à jours” puis sur “Rechercher des mises à jours”.
    • Clique sur l’onglet “Recherche”, coche “éxécuter un examen rapide” puis clic sur Rechercher.

    A la fin de l’analyse, si MBAM n’a rien trouvé :

    • Clique sur OK, le rapport s’ouvre spontanément.

    Si des menaces ont été détectées :

    • Clique sur OK puis “Afficher les résultats”.
    • Coches toutes les cases.
    • Choisis l’option “Supprimer la sélection”.

    • Si MBAM demande le redémarrage de Windows : Clique sur “Oui”.
    • Une fois le PC redémarré, le rapport se trouve dans l’onglet “Rapports/Logs”.
    • Sinon le rapport s’ouvre automatiquement après la suppression.
    • Post le rapport dans ta prochaine réponse.
    Sofit
    Nombre d'articles : 0

    Bonjour,

    Je vais faire la suite de la démarche mais déjà les fichiers ne sont plus en raccourcis, merci beaucoup.
    Je vous tiens au courant de la suite

    Anonyme
    Nombre d'articles : 0

    Ok ça marche ;)

    Sofit
    Nombre d'articles : 0

    scan adwcleaner

    # AdwCleaner v3.012 – Rapport créé le 19/11/2013 à 10:11:00
    # Mis à jour le 11/11/2013 par Xplode
    # Système d’exploitation : Windows 7 Home Premium (64 bits)
    # Nom d’utilisateur : Sophie – SOPHIE-PC
    # Exécuté depuis : C:UsersSophieDesktopadwcleaner.exe
    # Option : Nettoyer

    ***** [ Services ] *****

    ***** [ Fichiers / Dossiers ] *****

    Dossier Supprimé : C:ProgramDatawincert
    Dossier Supprimé : C:ProgramDataMicrosoftWindowsStart MenuProgramsmyfree codec
    Dossier Supprimé : C:Program Files (x86)Moozy
    Dossier Supprimé : C:Program Files (x86)myfree codec
    Dossier Supprimé : C:Program Files (x86)Search Results Toolbar
    Dossier Supprimé : C:Program Files (x86)Common FilesAVG Secure Search
    Dossier Supprimé : C:Program Files (x86)Software
    Fichier Supprimé : C:windowsSystem32roboot64.exe
    Fichier Supprimé : C:UsersSophieAppDataLocalGoogleChromeUser DataDefaultLocal Storagechrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
    Fichier Supprimé : C:UsersSophieAppDataLocalGoogleChromeUser DataDefaultLocal Storagechrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage-journal
    Fichier Supprimé : C:UsersSophieAppDataLocalGoogleChromeUser DataDefaultLocal Storagehxxp_search.babylon.com_0.localstorage
    Fichier Supprimé : C:UsersSophieAppDataLocalGoogleChromeUser DataDefaultLocal Storagehxxp_search.babylon.com_0.localstorage-journal
    Fichier Supprimé : C:windowsSystem32TasksDealPlyUpdate

    ***** [ Raccourcis ] *****

    ***** [ Registre ] *****

    Clé Supprimée : HKLMSOFTWAREGoogleChromeExtensionsndibdjnfmopecpmkdieinmbadjfpblof
    Clé Supprimée : HKLMSOFTWAREClassesAppIDsecman.DLL
    Clé Supprimée : HKLMSOFTWAREClassesprotector_dll.protectorbho
    Clé Supprimée : HKLMSOFTWAREClassesprotector_dll.protectorbho.1
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingau__rasapi32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingau__rasmancs
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingboxore_RASAPI32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingboxore_RASMANCS
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingVideoPerformerSetup_RASAPI32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingVideoPerformerSetup_RASMANCS
    Clé Supprimée : HKLMSOFTWAREClassesAppID{0A18A436-2A7A-49F3-A488-30538A2F6323}
    Clé Supprimée : HKLMSOFTWAREClassesAppID{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{00000001-4FEF-40D3-B3FA-E0531B897F98}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{64697678-0000-0010-8000-00AA00389B71}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{826D7151-8D99-434B-8540-082B8C2AE556}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{94496571-6AC5-4836-82D5-D46260C44B17}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{AF175732-0D59-716D-F757-9F1492D808D9}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{BC9FD17D-30F6-4464-9E53-596A90AFF023}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{FD501041-8EBE-11CE-8183-00AA00577DA2}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
    Clé Supprimée : HKLMSOFTWAREClassesTypeLib{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
    Clé Supprimée : HKLMSOFTWAREClassesTypeLib{13ABD093-D46F-40DF-A608-47E162EC799D}
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesCLSID{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesCLSID{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
    Clé Supprimée : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Clé Supprimée : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Clé Supprimée : HKCUSoftwarefilescout
    Clé Supprimée : HKCUSoftwareMyfree Codec
    Clé Supprimée : HKCUSoftwareperformersoft llc
    Clé Supprimée : HKLMSoftwareMyfree Codec
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionUninstallMyFreeCodec
    Donnée Supprimée : HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWindows [AppInit_DLLs] – c:progra~3wincertwin32c~1.dll
    Donnée Supprimée : [x64] HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWindows [AppInit_DLLs] – c:progra~3wincertwin32c~1.dll
    Donnée Supprimée : [x64] HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWindows [AppInit_DLLs] – C:PROGRA~3WincertWIN64C~1.DLL
    Clé Supprimée : HKLMSoftwareClassesInstallerFeatures9EC6D81181F59F2459A84176A626F9ED
    Clé Supprimée : HKLMSoftwareClassesInstallerProducts9EC6D81181F59F2459A84176A626F9ED

    ***** [ Navigateurs ] *****

    -\ Internet Explorer v9.0.8112.16476

    -\ Google Chrome v31.0.1650.57

    [ Fichier : C:UsersSophieAppDataLocalGoogleChromeUser DataDefaultpreferences ]

    Supprimée : search_url
    Supprimée : keyword

    *************************

    AdwCleaner[R0].txt – [6565 octets] – [19/11/2013 10:09:06]
    AdwCleaner[S0].txt – [6387 octets] – [19/11/2013 10:11:00]

    ########## EOF – C:AdwCleanerAdwCleaner[S0].txt – [6447 octets] ##########

    Sofit
    Nombre d'articles : 0

    Dernier scan

    Malwarebytes Anti-Malware (Essai) 1.75.0.1300
    http://www.malwarebytes.org

    Version de la base de données: v2013.11.19.05

    Windows 7 x64 NTFS
    Internet Explorer 9.0.8112.16421
    Sophie :: SOPHIE-PC [administrateur]

    Protection: Activé

    19/11/2013 10:42:43
    mbam-log-2013-11-19 (10-42-43).txt

    Type d’examen: Examen rapide
    Options d’examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
    Options d’examen désactivées: P2P
    Elément(s) analysé(s): 216426
    Temps écoulé: 11 minute(s), 59 seconde(s)

    Processus mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Module(s) mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Clé(s) du Registre détectée(s): 0
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre détectée(s): 0
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre détecté(s): 0
    (Aucun élément nuisible détecté)

    Dossier(s) détecté(s): 0
    (Aucun élément nuisible détecté)

    Fichier(s) détecté(s): 3
    C:UsersSophieDownloadsWiseConvert_1.5.exe (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
    C:WindowsInstaller316bb6.msi (Adware.Boxore) -> Mis en quarantaine et supprimé avec succès.
    C:WindowsInstaller488eec.msi (PUP.Optional.Iminent.A) -> Mis en quarantaine et supprimé avec succès.

    (fin)

    Anonyme
    Nombre d'articles : 0

    Ok ,

    Nous allons éffectuer un diagnostic de ton ordinateur afin de voir si ton pc contient d’autres types d’infection ou pas.

    • Télécharge ZHPDiag (de Nicolas Coolman) sur ton bureau.
    • Installe le logiciel.
    • Lance ZHPDiag, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista

    • Clique sur Configurer
    • Clique sur l’icône représentant une loupe avec un + (« Lancer le diagnostic »)

      Note : Ne pas fermer le programme même si il est indiqué qu’il ne répond plus.

    • Une fois le scan terminé rends toi sur le bureau, le fichier ZHPDiag.txt à été créé.
    • Héberge le rapport ZHPDiag.txt sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum
    Sofit
    Nombre d'articles : 0

    Je n’ai pas le même affichage je n’ai pas la loupe en bas

    Sofit
    Nombre d'articles : 0

    C’est pourtant bien ZHPFix by Nicolas Coolman

    Sofit
    Nombre d'articles : 0

    Autant pour moi j’avais pas dû ouvrir le bon c’est lancé !!

    Sofit
    Nombre d'articles : 0

    Dernier scan avec ZHP

    ~ Rapport de ZHPDiag v2013.11.19.41 – Nicolas Coolman (19/11/2013)
    ~ Lancé par Sophie (19/11/2013 16:24:54)
    ~ Adresse du Site Web http://nicolascoolman.webs.com” onclick=”window.open(this.href);return false;
    ~ Forums gratuits d’Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/” onclick=”window.open(this.href);return false;
    ~ Traduit par Nicolas Coolman
    ~ Etat de la version :
    ~ Liste blanche : Activée par le programme
    ~ Elévation des Privilèges : OK
    ~ User Account Control (UAC): Activate by user

    —\ Navigateurs Internet
    MSIE: Internet Explorer v9.0.8112.16421
    GCIE: Google Chrome v31.0.1650.57 (Defaut)

    —\ Informations sur les produits Windows
    ~ Langage: Français
    Windows 7 Home Premium Edition, 64-bit (Build 7600)
    Windows Server License Manager Script : OK
    ~ Windows(R) 7, OEM_SLP channel
    System Locked Preinstallation (OEM_SLP) : OK
    Windows ID Activation : OK
    ~ Windows Partial Key : 2BT4J
    Windows License : OK
    ~ Windows Remaining Initializations Number : 3
    Software Protection Service (Protection logicielle) : OK
    Windows Automatic Updates : OK
    Windows Activation Technologies : OK

    —\ Logiciels de protection du système
    AVG 2014 v14.0.4158
    Malwarebytes Anti-Malware version 1.75.0.1300
    Windows Defender W7

    —\ Logiciels d’optimisation du système

    —\ Logiciels de partage PeerToPeer

    —\ Surveillance de Logiciels
    Adobe Flash Player 11 ActiveX
    Adobe Reader 9.1 – Français

    —\ Informations sur le système
    ~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
    ~ Operating System: 64 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 3892 MB (54% free)
    System Restore: Activé (Enable)
    System drive C: has 28 GB (15%) free of 179 GB

    —\ Mode de connexion au système
    ~ Computer Name: SOPHIE-PC
    ~ User Name: Sophie
    ~ All Users Names: Sophie, HomeGroupUser$, Administrateur,
    ~ Unselected Option: None
    Logged in as Administrator

    —\ Variables d’environnement
    ~ System Unit : C:
    ~ %AppZHP% : C:UsersSophieAppDataRoamingZHP
    ~ %AppData% : C:UsersSophieAppDataRoaming
    ~ %Desktop% : C:UsersSophieDesktop
    ~ %Favorites% : C:UsersSophieFavorites
    ~ %LocalAppData% : C:UsersSophieAppDataLocal
    ~ %StartMenu% : C:UsersSophieAppDataRoamingMicrosoftWindowsStart Menu
    ~ %Windir% : C:Windows
    ~ %System% : C:WindowsSystem32

    —\ Enumération des unités disques
    C: Hard drive, Flash drive, Thumb drive (Free 28 Go of 179 Go)
    D: Hard drive, Flash drive, Thumb drive (Free 253 Go of 267 Go)
    E: CD-ROM drive (Not Inserted)
    F: Floppy drive, Flash card reader, USB Key (Free 1 Go of 1 Go)
    G: Floppy drive, Flash card reader, USB Key (Free 1 Go of 7 Go)

    —\ Etat du Centre de Sécurité Windows
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer] NoActiveDesktopChanges: Modified
    ~ Security Center: 41 Legitimates Filtered in 00mn 00s

    —\ Recherche particulière de fichiers génériques
    [MD5.0862495E0C825893DB75EF44FAEA8E93] – (.Microsoft Corporation – Explorateur Windows.) (.26/02/2011 – 07:23:14.) — C:WindowsExplorer.exe [2870272]
    [MD5.94355C28C1970635A31B3FE52EB7CEBA] – (.Microsoft Corporation – Application de démarrage de Windows.) (.14/07/2009 – 02:39:52.) — C:WindowsSystem32Wininit.exe [129024]
    [MD5.A4F6142CABA82FB7293ECE5FF864B440] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.22/02/2013 – 07:20:51.) — C:WindowsSystem32wininet.dll [1392128]
    [MD5.DA3E2A6FA9660CC75B471530CE88453A] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.28/10/2009 – 07:24:40.) — C:WindowsSystem32Winlogon.exe [389632]
    [MD5.75341574F21E766748732BDF530C74BD] – (.Microsoft Corporation – Bibliothèque de licences.) (.14/07/2009 – 02:41:54.) — C:WindowsSystem32sppcomapi.dll [231936]
    [MD5.DB9D6C6B2CD95A9CA414D045B627422E] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.28/12/2011 – 04:59:11.) — C:Windowssystem32DriversAFD.sys [499200]
    [MD5.02062C0B390B7729EDC9E69C680A6F3C] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.14/07/2009 – 02:52:21.) — C:Windowssystem32Driversatapi.sys [24128]
    [MD5.B8BD2BB284668C84865658C77574381A] – (.Microsoft Corporation – CD-ROM File System Driver.) (.14/07/2009 – 00:19:47.) — C:Windowssystem32DriversCdfs.sys [92160]
    [MD5.83D2D75E1EFB81B3450C18131443F7DB] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.14/07/2009 – 00:19:54.) — C:Windowssystem32DriversCdrom.sys [147456]
    [MD5.9C253CE7311CA60FC11C774692A13208] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.27/04/2011 – 03:57:40.) — C:Windowssystem32DriversDfsC.sys [102400]
    [MD5.0A49913402747A0B67DE940FB42CBDBB] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.14/07/2009 – 01:06:13.) — C:Windowssystem32DriversHDAudBus.sys [122368]
    [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] – (.Microsoft Corporation – Pilote de port i8042.) (.14/07/2009 – 00:19:57.) — C:Windowssystem32Driversi8042prt.sys [105472]
    [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] – (.Microsoft Corporation – IP Network Address Translator.) (.14/07/2009 – 01:10:03.) — C:Windowssystem32DriversIpNat.sys [116224]
    [MD5.040D62A9D8AD28922632137ACDD984F2] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.04/05/2011 – 03:51:08.) — C:Windowssystem32DriversMRxSmb.sys [157696]
    [MD5.9162B273A44AB9DCE5B44362731D062A] – (.Microsoft Corporation – MBT Transport driver.) (.14/07/2009 – 00:21:29.) — C:Windowssystem32DriversnetBT.sys [259072]
    [MD5.9A6089B056EA1B83B36424FC9D0A300E] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.12/04/2013 – 15:36:37.) — C:Windowssystem32Driversntfs.sys [1653096]
    [MD5.0086431C29C35BE1DBC43F52CC273887] – (.Microsoft Corporation – Pilote de port parallèle.) (.14/07/2009 – 01:00:41.) — C:Windowssystem32DriversParport.sys [97280]
    [MD5.87A6E852A22991580D6D39ADC4790463] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.14/07/2009 – 01:10:12.) — C:Windowssystem32DriversRasl2tp.sys [130048]
    [MD5.548260A7B8654E024DC30BF8A7C5BAA4] – (.Microsoft Corporation – SMB Transport driver.) (.14/07/2009 – 01:09:09.) — C:Windowssystem32Driverssmb.sys [93184]
    [MD5.079125C4B17B01FCAEEBCE0BCB290C0F] – (.Microsoft Corporation – TDI Translation Driver.) (.14/07/2009 – 00:21:15.) — C:Windowssystem32Driverstdx.sys [99840]
    [MD5.9E425AC5C9A5A973273D169F43B4F5E1] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.06/09/2012 – 18:38:18.) — C:Windowssystem32Driversvolsnap.sys [295792]
    ~ Generic Processes: Scanned in 00mn 00s

    —\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 1/4913
    ~ Mes musiques (My Musics) : 5/1096
    ~ Mes Videos (My Videos) : 1/8
    ~ Mes Favoris (My Favorites) : 1/80
    ~ Mes Documents (My Documents) : 1/53
    ~ Mon Bureau (My Desktop) : 1/531
    ~ Menu demarrer (Programs) : 1/59
    ~ Hidden Files: Scanned in 00mn 08s

    —\ Processus lancés
    [MD5.D1D5DAB39DCB4BE0359943738D87409B] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program Files (x86)Malwarebytes’ Anti-Malwarembamgui.exe [532040] [PID.2928]
    [MD5.326691EA3A6B5576A9DEFEF47AA6C327] – (.Samsung Electronics Co., Ltd. – Easy Display Manager.) — C:Program Files (x86)SamsungEasy Display Managerdmhkcore.exe [847360] [PID.3816]
    [MD5.E3735DC796E5183D63F35921B058934C] – (.Samsung Electronics Co., Ltd. – EasySpeedUpManager.) — C:Program Files (x86)SAMSUNGEasySpeedUpManagerEasySpeedUpManager.exe [716800] [PID.4000]
    [MD5.10760383AA50CCFC7DB9B5AB0D326AAF] – (.SAMSUNG Electronics – SSCKbdHk.) — C:Program Files (x86)SamsungSamsung Support CenterSSCKbdHk.exe [1749504] [PID.4012]
    [MD5.167F9E5AF87B57763DAAA27D3144C2A0] – (.SEC – Samsung Recovery Solution 4.) — C:Program Files (x86)SamsungSamsung Recovery Solution 4WCScheduler.exe [2201192] [PID.4052]
    [MD5.97B1D0896F24C5ACAF0F0938C08AC462] – (.Spotify Ltd – SpotifyWebHelper.) — C:UsersSophieAppDataRoamingSpotifyDataSpotifyWebHelper.exe [1103768] [PID.4084]
    [MD5.3C3B37BD28CF8E7CC7C89C8C0D5F2B34] – (.Skype Technologies S.A. – Skype.) — C:Program Files (x86)SkypePhoneSkype.exe [18672232] [PID.3328]
    [MD5.7738C9F1318EA2E747330008C42B9473] – (.Samsung – Kies.) — C:Program Files (x86)SamsungKiesKies.exe [1561968] [PID.3536]
    [MD5.F7E1CCBAD109329203AACB1E87BE614C] – (.Dropbox, Inc. – Dropbox.) — C:UsersSophieAppDataRoamingDropboxbinDropbox.exe [27776968] [PID.3960]
    [MD5.54FA8528EDA1B6B34615F4EA3FCB35E6] – (.CyberLink – CyberLink MediaLibray Service.) — C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe [103720] [PID.3412]
    [MD5.28FD28A29C637C9AFEFE0A26E27C6DFE] – (.CyberLink Corp. – PowerDVD RC Service.) — C:Program Files (x86)CyberLinkPowerDVD8PDVD8Serv.exe [91432] [PID.4348]
    [MD5.38392CC7CDCA0C2C247B0B279EC2FCE3] – (.AVG Technologies CZ, s.r.o. – AVG User Interface.) — C:Program Files (x86)AVGAVG2014avgui.exe [4908592] [PID.4520]
    [MD5.F6B028380423B1C498984ED5CE873A47] – (.Samsung Electronics Co., Ltd. – Kies TrayAgent Application.) — C:Program Files (x86)SamsungKiesKiesTrayAgent.exe [311152] [PID.4664]
    [MD5.B2387FD351A3D4780A917E4C00A83310] – (.Apple Inc. – iTunesHelper.) — C:Program Files (x86)iTunesiTunesHelper.exe [152392] [PID.4876]
    [MD5.636D97B3BAF854511FF3F4093E895FED] – (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe [863184] [PID.2308]
    [MD5.5B201C6E792E3CBAA7AE8CAA680BA28F] – (.Nicolas Coolman – ZHPDiag.) — C:Program Files (x86)ZHPDiagZHPDiag.exe [8259072] [PID.5132]
    [MD5.30E3850F303EAE5C364782EA78579CC9] – (.Apple Inc. – MobileDeviceService.) — C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe [55624] [PID.1732]
    [MD5.55985B78AB0B3CC406C8BFDF772E05C2] – (.AVG Technologies CZ, s.r.o. – AVG Firewall Service.) — C:Program Files (x86)AVGAVG2014avgfws.exe [1358944] [PID.1768]
    [MD5.332AEB8F6F9595C8886A7AA7A62322DC] – (.AVG Technologies CZ, s.r.o. – AVG Identity Protection Service.) — C:Program Files (x86)AVGAVG2014avgidsagent.exe [3538480] [PID.1796]
    [MD5.07646F5F37F18F1F978CE3B0378EF1C9] – (.AVG Technologies CZ, s.r.o. – AVG Watchdog Service.) — C:Program Files (x86)AVGAVG2014avgwdsvc.exe [301152] [PID.1816]
    [MD5.65085456FD9A74D7F1A999520C299ECB] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program Files (x86)Malwarebytes’ Anti-Malwarembamscheduler.exe [418376] [PID.1968]
    [MD5.E0D7732F2D2E24B2DB3F67B6750295B8] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program Files (x86)Malwarebytes’ Anti-Malwarembamservice.exe [701512] [PID.2016]
    [MD5.7CCAEBCAB6FC1ED0206C07E083E79207] – (.Pas de propriétaire – RichVideo Module.) — C:Program Files (x86)CyberLinkShared filesRichVideo.exe [247152] [PID.1200]
    [MD5.388AE59FE75F1B959DFA0900923C61BB] – (.Skype Technologies S.A. – Skype C2C Service.) — C:ProgramDataSkypeToolbarsSkype C2C Servicec2c_service.exe [3064000] [PID.1680]
    ~ Processes Running: Scanned in 00mn 01s

    —\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
    C:UsersSophieAppDataLocalGoogleChromeUser DataDefaultPreferences
    G1 – GCS: Preference [User DataDefault] http://dts.search-results.com” onclick=”window.open(this.href);return false; =>PUP.SearchResults
    G2 – GCE: Preference [User DataDefault] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
    ~ Google Browser: 9 Legitimates Filtered in 00mn 05s

    —\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
    R1 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Search Bar = preserve
    ~ IE Browser: 16 Legitimates Filtered in 00mn 00s

    —\ Internet Explorer, Proxy Management (R5)
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyHttp1.1 = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s

    —\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
    F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
    F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
    F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Hosts file redirection (O1)
    ~ Le fichier hosts est sain (The hosts file is clean).
    ~ Hosts File: Scanned in 00mn 00s
    ~ Nombre de lignes (Lines number): 21

    —\ Internet Explorer Toolbars (O3)
    O3 – Toolbar: Google Toolbar [64Bits] – [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. – Google Toolbar.) — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll =>Toolbar.Google
    ~ Toolbar: Scanned in 00mn 00s

    —\ Autres liens utilisateurs (O4)
    O4 – GSDesktop [Public]: Easy Network Manager.lnk . (.Samsung Electronics Co. Ltd – Samsung Easy Network Manager.) — C:Program Files (x86)SamsungEasy Network ManagerENM.exe
    O4 – GSDesktop [Public]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
    O4 – GSDesktop [Public]: User Guide.lnk . (.Samsung Electronics – Runmanual.) — C:Program FilesSamsungSamsungManualRunManual.exe
    O4 – GSQuickLaunch [Sophie]: Free Video Converter.lnk . (.Koyote Soft – FreeVideoConverter.) — C:Program Files (x86)Free Video ConverterFreeVideoConverter.exe
    O4 – GSQuickLaunch [Sophie]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
    O4 – GSQuickLaunch [Sophie]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
    O4 – GSTaskBar [Sophie]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
    O4 – GSProgram [Sophie]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
    O4 – GSProgram [Sophie]: Internet Explorer.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
    O4 – GSSystemTools [Sophie]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
    O4 – GSDesktop [Sophie]: Mix Sophie officiel – Copie.lnk . (.Microsoft Corporation – Interpréteur de commandes Windows.) — C:windowssystem32cmd.exe =>.Microsoft Corporation
    O4 – GSDesktop [Sophie]: SosVirus Forum Gratuit.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe https://www.sosvirus.net” onclick=”window.open(this.href);return false;
    O4 – GSDesktop [Sophie]: Votre avis nous intéresse.lnk – Clé orpheline
    O4 – GSDesktop [Sophie]: zumba 16 nov 2013.lnk . (.Microsoft Corporation – Interpréteur de commandes Windows.) — C:Windowssystem32cmd.exe =>.Microsoft Corporation
    ~ Global Startup: 83 Legitimates Filtered in 00mn 02s

    —\ Applications lancées au démarrage du sytème (O4)
    O4 – GSStartup [Sophie]: Dropbox.lnk . (.Dropbox, Inc. – Dropbox.) — C:UsersSophieAppDataRoamingDropboxbinDropbox.exe
    O4 – HKLM..Run: [RtHDVCpl] . (.Realtek Semiconductor – Gestionnaire audio HD Realtek.) — C:Program FilesRealtekAudioHDARAVCpl64.exe =>.Realtek Semiconductor Corp
    O4 – HKLM..Run: [SynTPEnh] C:Program Files (x86)SynapticsSynTPSynTPEnh.exe (.not file.)
    O4 – HKLM..Run: [IgfxTray] . (.Intel Corporation – igfxTray Module.) — C:windowssystem32igfxtray.exe
    O4 – HKLM..Run: [HotKeysCmds] . (.Intel Corporation – hkcmd Module.) — C:windowssystem32hkcmd.exe
    O4 – HKLM..Run: [Persistence] . (.Intel Corporation – persistence Module.) — C:windowssystem32igfxpers.exe
    O4 – HKCU..Run: [Facebook Update] . (.Facebook Inc. – Programme d’installation de Facebook.) — C:UsersSophieAppDataLocalFacebookUpdateFacebookUpdate.exe
    O4 – HKCU..Run: [Spotify Web Helper] . (.Spotify Ltd – SpotifyWebHelper.) — C:UsersSophieAppDataRoamingSpotifyDataSpotifyWebHelper.exe
    O4 – HKCU..Run: [Spotify] . (.Spotify Ltd – Spotify.) — C:UsersSophieAppDataRoamingSpotifySpotify.exe
    O4 – HKCU..Run: [Skype] . (.Skype Technologies S.A. – Skype.) — C:Program Files (x86)SkypePhoneSkype.exe =>.Skype Technologies S.A.
    O4 – HKCU..Run: [KiesPreload] . (.Samsung – Kies.) — C:Program Files (x86)SamsungKiesKies.exe
    O4 – HKCU..Run: [KiesAirMessage] C:Program Files (x86)SamsungKiesKiesAirMessage.exe (.not file.)
    O4 – HKLM..Wow6432NodeRun: [UpdateLBPShortCut] . (.CyberLink Corp. – MUI StartMenu Application.) — C:Program Files (x86)CyberLinkLabelPrintMUITransferMUIStartMenu.exe
    O4 – HKLM..Wow6432NodeRun: [CLMLServer] . (.CyberLink – CyberLink MediaLibray Service.) — C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe
    O4 – HKLM..Wow6432NodeRun: [UpdateP2GoShortCut] . (.CyberLink Corp. – MUI StartMenu Application.) — C:Program Files (x86)CyberLinkPower2GoMUITransferMUIStartMenu.exe
    O4 – HKLM..Wow6432NodeRun: [UpdatePDRShortCut] . (.CyberLink Corp. – StartMen Application.) — C:Program Files (x86)CyberLinkPowerDirectorMUITransferMUIStartMenu.exe
    O4 – HKLM..Wow6432NodeRun: [RemoteControl8] . (.CyberLink Corp. – PowerDVD RC Service.) — C:Program Files (x86)CyberLinkPowerDVD8PDVD8Serv.exe
    O4 – HKLM..Wow6432NodeRun: [PDVD8LanguageShortcut] . (.CyberLink Corp. – PowerDVD Language Application.) — C:Program Files (x86)CyberLinkPowerDVD8LanguageLanguage.exe
    O4 – HKLM..Wow6432NodeRun: [UpdatePPShortCut] . (.CyberLink Corp. – MUI StartMenu Application.) — C:Program Files (x86)CyberLinkPowerProducerMUITransferMUIStartMenu.exe
    O4 – HKLM..Wow6432NodeRun: [UpdatePSTShortCut] . (.CyberLink Corp. – MUI StartMenu Application.) — C:Program Files (x86)CyberLinkDVD SuiteMUITransferMUIStartMenu.exe
    O4 – HKLM..Wow6432NodeRun: [Microsoft Default Manager] . (.Microsoft Corporation – Microsoft Default Manager.) — C:Program Files (x86)MicrosoftSearch Enhancement PackDefault ManagerDefMgr.exe =>.Microsoft Corporation
    O4 – HKLM..Wow6432NodeRun: [UCam_Menu] . (.CyberLink Corp. – MUI StartMenu Application.) — C:Program Files (x86)CyberLinkYouCamMUITransferMUIStartMenu.exe
    O4 – HKLM..Wow6432NodeRun: [APSDaemon] . (.Apple Inc. – Apple Push.) — C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe
    O4 – HKLM..Wow6432NodeRun: [AVG_UI] . (.AVG Technologies CZ, s.r.o. – AVG User Interface.) — C:Program Files (x86)AVGAVG2014avgui.exe
    O4 – HKLM..Wow6432NodeRun: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. – Kies TrayAgent Application.) — C:Program Files (x86)SamsungKiesKiesTrayAgent.exe =>.Samsung Electronics Co
    O4 – HKLM..Wow6432NodeRun: [iTunesHelper] . (.Apple Inc. – iTunesHelper.) — C:Program Files (x86)iTunesiTunesHelper.exe
    O4 – HKUSS-1-5-19..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-20..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-19..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-20..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-21-1972273453-3807663751-171534141-1001..Run: [Facebook Update] . (.Facebook Inc. – Programme d’installation de Facebook.) — C:UsersSophieAppDataLocalFacebookUpdateFacebookUpdate.exe
    O4 – HKUSS-1-5-21-1972273453-3807663751-171534141-1001..Run: [Spotify Web Helper] . (.Spotify Ltd – SpotifyWebHelper.) — C:UsersSophieAppDataRoamingSpotifyDataSpotifyWebHelper.exe
    O4 – HKUSS-1-5-21-1972273453-3807663751-171534141-1001..Run: [Spotify] . (.Spotify Ltd – Spotify.) — C:UsersSophieAppDataRoamingSpotifySpotify.exe
    O4 – HKUSS-1-5-21-1972273453-3807663751-171534141-1001..Run: [Skype] . (.Skype Technologies S.A. – Skype.) — C:Program Files (x86)SkypePhoneSkype.exe =>.Skype Technologies S.A.
    O4 – HKUSS-1-5-21-1972273453-3807663751-171534141-1001..Run: [KiesPreload] . (.Samsung – Kies.) — C:Program Files (x86)SamsungKiesKies.exe
    O4 – HKUSS-1-5-21-1972273453-3807663751-171534141-1001..Run: [KiesAirMessage] C:Program Files (x86)SamsungKiesKiesAirMessage.exe (.not file.)
    ~ Application: Scanned in 00mn 00s

    —\ Boutons situés sur la barre d’outils principale d’Internet Explorer (O9)
    O9 – Extra button: Skype Click to Call [64Bits] – {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (…) — c:program files (x86)skypetoolbarsinternet explorer x64icon.ico
    ~ IE Extra Buttons: Scanned in 00mn 00s

    —\ Modification Domaine/Adresses DNS (O17)
    O17 – HKLMSystemCCSServicesTcpip..{D555802D-1EEC-4BAA-B7B0-1B4DCF68F9D1}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCCSServicesTcpip..{DC679C78-2304-45F5-9BCF-B9C323371F23}: DhcpNameServer = 192.168.0.1
    O17 – HKLMSystemCS1ServicesTcpip..{D555802D-1EEC-4BAA-B7B0-1B4DCF68F9D1}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCS1ServicesTcpip..{DC679C78-2304-45F5-9BCF-B9C323371F23}: DhcpNameServer = 192.168.0.1
    O17 – HKLMSystemCS2ServicesTcpip..{D555802D-1EEC-4BAA-B7B0-1B4DCF68F9D1}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCS2ServicesTcpip..{DC679C78-2304-45F5-9BCF-B9C323371F23}: DhcpNameServer = 192.168.0.1
    O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.1
    ~ Domain: Scanned in 00mn 00s

    —\ Protocole additionnel (O18)
    O18 – Handler: wlpg [64Bits] – {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (…) —
    O18 – Filter: text/xml [64Bits] – {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesCommon FilesMicrosoft SharedOFFICE12MSOXMLMF.dll =>.Microsoft Corporation
    ~ Protocole Additionnel: Scanned in 00mn 00s

    —\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
    O20 – Winlogon Notify: igfxcui . (.Intel Corporation – igfxdev Module.) — C:WindowsSystem32igfxdev.dll
    ~ Winlogon: Scanned in 00mn 00s

    —\ Liste des services NT non Microsoft et non désactivés (O23)
    O23 – Service: (vToolbarUpdater13.2.0) . (…) – C:Program Files (x86)Common FilesAVG Secure SearchvToolbarUpdater13.2.0ToolbarUpdater.exe (.not file.) =>Toolbar.AVGSearch
    ~ Services: 12 Legitimates Filtered in 00mn 10s

    —\ Logiciels installés (O42)
    O42 – Logiciel: Search-Results Toolbar – (.APN LLC.) [HKLM][64Bits] — ilividtoolbargaw =>Adware.Bandoo
    ~ Logic: 108 Legitimates Filtered in 00mn 01s

    —\ HKCU & HKLM Software Keys
    [HKLMSoftwareASK]
    ~ Key Software: 122 Legitimates Filtered in 00mn 01s

    —\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    ~ 4 Dossiers CLSID vides (CLSID Empty Folders)
    ~ Program Folder: 135 Legitimates Filtered in 00mn 29s

    —\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 – LFC:[MD5.97BBBF99B3E117DA331C9EF080DBD21A] – 18/11/2013 – 22:33:04


    . (…) — C:UsbFix [Scan 1] SOPHIE-PC.txt [16862]
    O44 – LFC:[MD5.C11CB38803CF5B659194F6FF3953FCD8] – 18/11/2013 – 22:41:39 —A- . (…) — C:UsbFix [Clean 3] SOPHIE-PC.txt [22395]
    ~ Files: 21 Legitimates Filtered in 00mn 46s

    —\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
    ~ MWPS: 16 Legitimates Filtered in 00mn 00s

    —\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
    O56 – MWPE:[HKLM…policiesExplorer] – “NoActiveDesktopChanges”=1
    ~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s

    —\ Liste des pilotes du système (SDL) (O58)
    O58 – SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] – 14/07/2009 – 02:47:48 —A- . (.Emulex – Storport Miniport Driver for LightPulse HBAs.) — C:WindowsSystem32Driverselxstor.sys [530496]
    O58 – SDL:[MD5.4CA0DBA9E224473D664C25E411F5A3BD] – 30/03/2011 – 01:58:20 —A- . (.Windows (R) 2003 DDK 3790 provider – Generic Port I/O for Win64.) — C:WindowsSysWOW64driversrtport.sys [15144]
    ~ Drivers: 16 Legitimates Filtered in 00mn 01s

    —\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
    O61 – LFC: 17/11/2013 – 16:27:56 —A- . (…) — C:UsersSophieAppDataLocalMixxxmixxx.cfg [1680]
    O61 – LFC: 17/11/2013 – 16:27:56 —A- . (…) — C:UsersSophieAppDataLocalMixxxmixxxbpmscheme.xml [134]
    O61 – LFC: 17/11/2013 – 16:27:56 —A- . (…) — C:UsersSophieAppDataLocalMixxxmixxxdb.sqlite [27648]
    O61 – LFC: 17/11/2013 – 16:27:56 —A- . (…) — C:UsersSophieAppDataLocalMixxxsoundconfig.xml [250]
    O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logavgcfg.log.lock [0]
    O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logavgcore.log.lock [0]
    O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logavgdecider.log.lock [0]
    O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logavgmsgdisp.log.lock [0]
    O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logavgpostinst.log.lock [0]
    O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logavgual.log.lock [0]
    O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logavgui.log.lock [0]
    O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logavgupd.log.lock [0]
    O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logcommonpriv.log.lock [0]
    O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logfixcfg.log.lock [0]
    O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logkrnlapi.log.lock [0]
    O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014loglng.log.lock [0]
    O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014updatedownloadavg14infoavi.ctf [3359]
    O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014updatedownloadavg14infowin.ctf [25090]
    O61 – LFC: 18/11/2013 – 16:27:55 —A- . (…) — C:UsersSophieAppDataLocalMFADatalogsnds-20131118-210818.log.lock [0]
    O61 – LFC: 18/11/2013 – 16:28:06 —A- . (…) — C:UsersSophieDownloadsMon film.wlmp [2252]
    O61 – LFC: 19/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logavgidpagentmonitor.log.lock [0]
    O61 – LFC: 19/11/2013 – 16:27:43 —A- . (…) — C:UsersSophieAppDataLocalGoogleChromeUser DataCertificate Revocation Lists [263773]
    O61 – LFC: 19/11/2013 – 16:27:55 —A- . (…) — C:UsersSophieAppDataLocalGoogleChromeUser DataLocal State [46556]
    O61 – LFC: 19/11/2013 – 16:28:05 —A- . (…) — C:UsersSophieAppDataRoamingZHPLog.txt [17027] =>.Nicolas Coolman
    O61 – LFC: 19/11/2013 – 16:28:05 —A- . (…) — C:UsersSophieAppDataRoamingZHPTestsZHPDiag.txt [2873] =>.Nicolas Coolman
    O61 – LFC: 19/11/2013 – 16:28:06 —A- . (…) — C:UsersSophieDownloadsMixAlbum-18-11-13-15h46.zip [104509544]
    O61 – LFC: 19/11/2013 – 16:28:06 —A- . (…) — C:UsersSophieDownloadsMon film (1).wlmp [2252]
    ~ 11 Fichiers temporaires (Temporary files)
    ~ Files: 225 Legitimates Filtered in 01mn 30s

    —\ Liste des outils de désinfection (LATC) (O63)
    O63 – Logiciel: UsbFix By El Desaparecido – (.El Desaparecido – http://www.usbfix.net.) [HKLM] — Usbfix
    O63 – Logiciel: ZHPDiag 2013 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
    ~ ADS: Scanned in 00mn 00s

    —\ Associations Shell Spawning (O67)
    O67 – Shell Spawning: [HKCU..openCommand] (.Not Key.)
    ~ FASS Keys: 11 Legitimates Filtered in 00mn 00s

    —\ Menu de démarrage Internet (SMI) (O68)
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche particulière à la racine du système (SPRF) (O84)
    [MD5.378189889438568FEF3D98588283B3A5] [SPRF][11/11/2013] (…) — C:UsersSophieAppDataLocalTempQuarantine.exe [350377]
    [MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][17/11/2013] (…) — C:UsersSophieAppDataLocalLowprvlcl.dat [0]
    [MD5.9812917FE2FCDEA2FD800573D7842E5D] [SPRF][19/11/2013] (…) — C:UsersSophieDesktopadwcleaner.exe [1085542]
    ~ Files: 6 Legitimates Filtered in 00mn 04s

    —\ Liste des exceptions du parefeu (FirewallRules) (O87)
    O87 – FAEL: “{CB29C480-5A1A-42E6-B620-AFB5C2A45FB5}” |In – Private – P6 – TRUE | .(…) — C:Program Files (x86)Searchqu ToolbarDatamngrToolBardtUser.exe (.not file.) =>PUP.Datamngr
    O87 – FAEL: “{36047400-F2A1-4892-BDC5-72174BF4F29C}” |In – Private – P17 – TRUE | .(…) — C:Program Files (x86)Searchqu ToolbarDatamngrToolBardtUser.exe (.not file.) =>PUP.Datamngr
    O87 – FAEL: “{E26E000C-AF5B-49E4-B7C8-99257CA300A1}” |In – Private – P6 – TRUE | .(…) — C:Program Files (x86)Search Results ToolbarDatamngrSRTOOL~1dtUser.exe (.not file.) =>PUP.SearchResults
    O87 – FAEL: “{96415DA7-0820-4389-A239-9439A1E452CF}” |In – Private – P17 – TRUE | .(…) — C:Program Files (x86)Search Results ToolbarDatamngrSRTOOL~1dtUser.exe (.not file.) =>PUP.SearchResults
    O87 – FAEL: “{7A5759E5-F987-4273-8815-E6C5668A8033}” |In – None – P17 – TRUE | .(…) — C:Program Files (x86)IminentIminent.exe (.not file.) =>Adware.IMBooster
    O87 – FAEL: “{66FFFBFF-97CB-41F2-B2FA-255A929F2415}” |In – None – P17 – TRUE | .(…) — C:Program Files (x86)IminentIminent.Messengers.exe (.not file.) =>Adware.IMBooster
    ~ Firewall: 228 Legitimates Filtered in 00mn 01s

    —\ Enumère les codes produits des logiciels (PUC) (O90)
    O90 – PUC: “45ADD8F9B89E76040A8DBF736098468D” . (.Dj Mixer Studio.) — C:windowsInstaller{9F8DDA54-E98B-4067-A0D8-FB37068964D8}ARPPRODUCTICON.exe
    ~ Update Products: 503 Legitimates Filtered in 00mn 00s

    —\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
    [MD5.22C9E7805145D0A0C4C62DDB591D2DAE] [WIS][27/06/2012] (.Babylon Ltd – BabylonObjectInstaller.) — C:WindowsInstaller1056310.msi [353280] =>PUP.Babylon
    [MD5.B67811645C5A3B8E4E4B1A1DB1EE271C] [WIS][20/09/2012] (.Boxore OU. – Software Update Helper.) — C:WindowsInstaller382340.msi [45056] =>Adware.Boxore
    ~ WIS: 510 Legitimates Filtered in 00mn 43s

    —\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
    SS – | Demand 08/10/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) – C:windowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe
    SR – | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) – C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe
    SR – | Auto 25/09/2013 1358944 | (avgfws) . (.AVG Technologies CZ, s.r.o..) – C:Program Files (x86)AVGAVG2014avgfws.exe
    SR – | Auto 03/10/2013 3538480 | (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o..) – C:Program Files (x86)AVGAVG2014avgidsagent.exe
    SR – | Auto 25/09/2013 301152 | (avgwd) . (.AVG Technologies CZ, s.r.o..) – C:Program Files (x86)AVGAVG2014avgwdsvc.exe
    SR – | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) – C:Program FilesBonjourmDNSResponder.exe
    SS – | Auto 23/09/2012 136176 | (gupdate) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
    SS – | Demand 23/09/2012 136176 | (gupdatem) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
    SS – | Demand 04/10/2012 194032 | (gusvc) . (.Google.) – C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exe
    SR – | Demand 17/09/2013 641352 | (iPod Service) . (.Apple Inc..) – C:Program FilesiPodbiniPodService.exe
    SR – | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) – C:Program Files (x86)Malwarebytes’ Anti-Malwarembamscheduler.exe
    SR – | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) – C:Program Files (x86)Malwarebytes’ Anti-Malwarembamservice.exe
    SR – | Auto 07/07/2009 247152 | (RichVideo) . (…) – C:Program Files (x86)CyberLinkShared filesRichVideo.exe
    SR – | Auto 02/10/2012 3064000 | (Skype C2C Service) . (.Skype Technologies S.A..) – C:ProgramDataSkypeToolbarsSkype C2C Servicec2c_service.exe
    SS – | Auto 28/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) – C:Program Files (x86)SkypeUpdaterUpdater.exe
    SR – | Auto 13/12/2011 2028864 | (TuneUp.UtilitiesSvc) . (.TuneUp Software.) – C:Program Files (x86)TuneUp Utilities 2011TuneUpUtilitiesService64.exe
    SR – | Auto 14/07/2009 27136 | C:WindowsSystem32uxtuneup.dll (UxTuneUp) . (.TuneUp Software.) – C:WindowsSystem32svchost.exe
    SS – | Auto 10/07/1658 0 | (vToolbarUpdater13.2.0) . (…) – C:Program Files (x86)Common FilesAVG Secure SearchvToolbarUpdater13.2.0ToolbarUpdater.exe =>Toolbar.AVGSearch
    SS – | Demand 14/07/2009 27136 | C:Program Files (x86)Windows Defendermpsvc.dll (WinDefend) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    SR – | Auto 10/07/1658 0 | (WMPNetworkSvc) . (…) – C:Program Files (x86)Windows Media Playerwmpnetwk.exe =>.Microsoft Corporation
    SR – | Auto 14/07/2009 27136 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    ~ Services: Scanned in 00mn 45s

    —\ Recherche d’infection sur le Master Boot Record (MBR)(O80)
    Run by Sophie at 19/11/2013 16:30:21
    ~ OS 64 not supported by MBR tool
    ~ MBR: 0 Legitimates Filtered in 00mn 00s

    —\ Recherche d’infection sur le Master Boot Record (MBRCheck)(O80)
    Written by ad13, http://ad13.geekstog” onclick=”window.open(this.href);return false;
    Run by Sophie at 19/11/2013 16:30:23

    ********* Dump file Name *********
    C:PhysicalDisk0_MBR.bin
    ~ MBR: Scanned in 00mn 02s

    —\ Scan Additionnel (O88)
    Database Version : 12996 – (19/11/2013)
    Clés trouvées (Keys found) : 15
    Valeurs trouvées (Values found) : 1
    Dossiers trouvés (Folders found) : 0
    Fichiers trouvés (Files found) : 2

    [HKLMSYSTEMCurrentControlSetServicesvToolbarUpdater13.2.0] =>Toolbar.AVGSearch^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstallilividtoolbargaw] =>Adware.Bandoo^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ProductsAF2CF8FE20EBB4443855807CA5D6E7A3] =>Adware.Boxore
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ProductsBA172DB42E6685D4FA8808EFB370074C] =>PUP.OfferBox
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Products64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Products3192AA38321C641458DBDAF83979D193] =>PUP.Babylon
    [HKLMSoftwareClassesInterface{8DEC3C75-9A5D-446C-B7B5-E4AB4FDD6309}] =>Adware.Bandoo
    [HKLMSoftwareWow6432NodeClassesInterface{8DEC3C75-9A5D-446C-B7B5-E4AB4FDD6309}] =>Adware.Bandoo
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Products9EC6D81181F59F2459A84176A626F9ED] =>Adware.IMBooster
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUpgradeCodesF1057DD419AED0B468AD8888429E139A] =>Adware.IMBooster
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components38D5CDD0A851B3940A43CC50ABBA251C] =>Adware.Boxore^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsBA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsCA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
    [HKLMSoftwareMicrosoftInternet ExplorerToolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
    C:WindowsInstaller1056310.msi =>PUP.Babylon^
    C:WindowsInstaller382340.msi =>Adware.Boxore^
    ~ Additionnel Scan: 292697 Items scanned in 00mn 22s

    —\ Récapitulatif des détections trouvées sur votre station
    ~ http://nicolascoolman.webs.com/apps/blog/show/30319724-pup-searchresults” onclick=”window.open(this.href);return false; =>PUP.SearchResults
    ~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo” onclick=”window.open(this.href);return false; =>Adware.Bandoo
    ~ http://nicolascoolman.webs.com/apps/blog/show/27583992-pup-datamngr” onclick=”window.open(this.href);return false; =>PUP.Datamngr
    ~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster” onclick=”window.open(this.href);return false; =>Adware.IMBooster
    ~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon” onclick=”window.open(this.href);return false; =>PUP.Babylon
    ~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore” onclick=”window.open(this.href);return false; =>Adware.Boxore
    ~ http://nicolascoolman.webs.com/apps/blog/show/28606910-pup-offerbox” onclick=”window.open(this.href);return false; =>PUP.OfferBox
    ~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma” onclick=”window.open(this.href);return false; =>PUP.Tarma
    ~ MSI: 8 link(s) detected in 00mn 22s

    ~ 1745 Legitimates filtered by white list
    End of the scan (510 lines in 05mn 52s)(0)

    Sofit
    Nombre d'articles : 0

    Voici le rapport du dernier scan je l’ai bien hébergé sur sosupload même si je n’ai pas bien compris l’intérêt ;)

    ~ Rapport de ZHPDiag v2013.11.19.41 – Nicolas Coolman (19/11/2013)
    ~ Lancé par Sophie (19/11/2013 16:24:54)
    ~ Adresse du Site Web http://nicolascoolman.webs.com” onclick=”window.open(this.href);return false;
    ~ Forums gratuits d’Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/” onclick=”window.open(this.href);return false;
    ~ Traduit par Nicolas Coolman
    ~ Etat de la version :
    ~ Liste blanche : Activée par le programme
    ~ Elévation des Privilèges : OK
    ~ User Account Control (UAC): Activate by user

    —\ Navigateurs Internet
    MSIE: Internet Explorer v9.0.8112.16421
    GCIE: Google Chrome v31.0.1650.57 (Defaut)

    —\ Informations sur les produits Windows
    ~ Langage: Français
    Windows 7 Home Premium Edition, 64-bit (Build 7600)
    Windows Server License Manager Script : OK
    ~ Windows(R) 7, OEM_SLP channel
    System Locked Preinstallation (OEM_SLP) : OK
    Windows ID Activation : OK
    ~ Windows Partial Key : 2BT4J
    Windows License : OK
    ~ Windows Remaining Initializations Number : 3
    Software Protection Service (Protection logicielle) : OK
    Windows Automatic Updates : OK
    Windows Activation Technologies : OK

    —\ Logiciels de protection du système
    AVG 2014 v14.0.4158
    Malwarebytes Anti-Malware version 1.75.0.1300
    Windows Defender W7

    —\ Logiciels d’optimisation du système

    —\ Logiciels de partage PeerToPeer

    —\ Surveillance de Logiciels
    Adobe Flash Player 11 ActiveX
    Adobe Reader 9.1 – Français

    —\ Informations sur le système
    ~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
    ~ Operating System: 64 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 3892 MB (54% free)
    System Restore: Activé (Enable)
    System drive C: has 28 GB (15%) free of 179 GB

    —\ Mode de connexion au système
    ~ Computer Name: SOPHIE-PC
    ~ User Name: Sophie
    ~ All Users Names: Sophie, HomeGroupUser$, Administrateur,
    ~ Unselected Option: None
    Logged in as Administrator

    —\ Variables d’environnement
    ~ System Unit : C:
    ~ %AppZHP% : C:UsersSophieAppDataRoamingZHP
    ~ %AppData% : C:UsersSophieAppDataRoaming
    ~ %Desktop% : C:UsersSophieDesktop
    ~ %Favorites% : C:UsersSophieFavorites
    ~ %LocalAppData% : C:UsersSophieAppDataLocal
    ~ %StartMenu% : C:UsersSophieAppDataRoamingMicrosoftWindowsStart Menu
    ~ %Windir% : C:Windows
    ~ %System% : C:WindowsSystem32

    —\ Enumération des unités disques
    C: Hard drive, Flash drive, Thumb drive (Free 28 Go of 179 Go)
    D: Hard drive, Flash drive, Thumb drive (Free 253 Go of 267 Go)
    E: CD-ROM drive (Not Inserted)
    F: Floppy drive, Flash card reader, USB Key (Free 1 Go of 1 Go)
    G: Floppy drive, Flash card reader, USB Key (Free 1 Go of 7 Go)

    —\ Etat du Centre de Sécurité Windows
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer] NoActiveDesktopChanges: Modified
    ~ Security Center: 41 Legitimates Filtered in 00mn 00s

    —\ Recherche particulière de fichiers génériques
    [MD5.0862495E0C825893DB75EF44FAEA8E93] – (.Microsoft Corporation – Explorateur Windows.) (.26/02/2011 – 07:23:14.) — C:WindowsExplorer.exe [2870272]
    [MD5.94355C28C1970635A31B3FE52EB7CEBA] – (.Microsoft Corporation – Application de démarrage de Windows.) (.14/07/2009 – 02:39:52.) — C:WindowsSystem32Wininit.exe [129024]
    [MD5.A4F6142CABA82FB7293ECE5FF864B440] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.22/02/2013 – 07:20:51.) — C:WindowsSystem32wininet.dll [1392128]
    [MD5.DA3E2A6FA9660CC75B471530CE88453A] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.28/10/2009 – 07:24:40.) — C:WindowsSystem32Winlogon.exe [389632]
    [MD5.75341574F21E766748732BDF530C74BD] – (.Microsoft Corporation – Bibliothèque de licences.) (.14/07/2009 – 02:41:54.) — C:WindowsSystem32sppcomapi.dll [231936]
    [MD5.DB9D6C6B2CD95A9CA414D045B627422E] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.28/12/2011 – 04:59:11.) — C:Windowssystem32DriversAFD.sys [499200]
    [MD5.02062C0B390B7729EDC9E69C680A6F3C] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.14/07/2009 – 02:52:21.) — C:Windowssystem32Driversatapi.sys [24128]
    [MD5.B8BD2BB284668C84865658C77574381A] – (.Microsoft Corporation – CD-ROM File System Driver.) (.14/07/2009 – 00:19:47.) — C:Windowssystem32DriversCdfs.sys [92160]
    [MD5.83D2D75E1EFB81B3450C18131443F7DB] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.14/07/2009 – 00:19:54.) — C:Windowssystem32DriversCdrom.sys [147456]
    [MD5.9C253CE7311CA60FC11C774692A13208] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.27/04/2011 – 03:57:40.) — C:Windowssystem32DriversDfsC.sys [102400]
    [MD5.0A49913402747A0B67DE940FB42CBDBB] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.14/07/2009 – 01:06:13.) — C:Windowssystem32DriversHDAudBus.sys [122368]
    [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] – (.Microsoft Corporation – Pilote de port i8042.) (.14/07/2009 – 00:19:57.) — C:Windowssystem32Driversi8042prt.sys [105472]
    [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] – (.Microsoft Corporation – IP Network Address Translator.) (.14/07/2009 – 01:10:03.) — C:Windowssystem32DriversIpNat.sys [116224]
    [MD5.040D62A9D8AD28922632137ACDD984F2] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.04/05/2011 – 03:51:08.) — C:Windowssystem32DriversMRxSmb.sys [157696]
    [MD5.9162B273A44AB9DCE5B44362731D062A] – (.Microsoft Corporation – MBT Transport driver.) (.14/07/2009 – 00:21:29.) — C:Windowssystem32DriversnetBT.sys [259072]
    [MD5.9A6089B056EA1B83B36424FC9D0A300E] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.12/04/2013 – 15:36:37.) — C:Windowssystem32Driversntfs.sys [1653096]
    [MD5.0086431C29C35BE1DBC43F52CC273887] – (.Microsoft Corporation – Pilote de port parallèle.) (.14/07/2009 – 01:00:41.) — C:Windowssystem32DriversParport.sys [97280]
    [MD5.87A6E852A22991580D6D39ADC4790463] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.14/07/2009 – 01:10:12.) — C:Windowssystem32DriversRasl2tp.sys [130048]
    [MD5.548260A7B8654E024DC30BF8A7C5BAA4] – (.Microsoft Corporation – SMB Transport driver.) (.14/07/2009 – 01:09:09.) — C:Windowssystem32Driverssmb.sys [93184]
    [MD5.079125C4B17B01FCAEEBCE0BCB290C0F] – (.Microsoft Corporation – TDI Translation Driver.) (.14/07/2009 – 00:21:15.) — C:Windowssystem32Driverstdx.sys [99840]
    [MD5.9E425AC5C9A5A973273D169F43B4F5E1] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.06/09/2012 – 18:38:18.) — C:Windowssystem32Driversvolsnap.sys [295792]
    ~ Generic Processes: Scanned in 00mn 00s

    —\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 1/4913
    ~ Mes musiques (My Musics) : 5/1096
    ~ Mes Videos (My Videos) : 1/8
    ~ Mes Favoris (My Favorites) : 1/80
    ~ Mes Documents (My Documents) : 1/53
    ~ Mon Bureau (My Desktop) : 1/531
    ~ Menu demarrer (Programs) : 1/59
    ~ Hidden Files: Scanned in 00mn 08s

    —\ Processus lancés
    [MD5.D1D5DAB39DCB4BE0359943738D87409B] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program Files (x86)Malwarebytes’ Anti-Malwarembamgui.exe [532040] [PID.2928]
    [MD5.326691EA3A6B5576A9DEFEF47AA6C327] – (.Samsung Electronics Co., Ltd. – Easy Display Manager.) — C:Program Files (x86)SamsungEasy Display Managerdmhkcore.exe [847360] [PID.3816]
    [MD5.E3735DC796E5183D63F35921B058934C] – (.Samsung Electronics Co., Ltd. – EasySpeedUpManager.) — C:Program Files (x86)SAMSUNGEasySpeedUpManagerEasySpeedUpManager.exe [716800] [PID.4000]
    [MD5.10760383AA50CCFC7DB9B5AB0D326AAF] – (.SAMSUNG Electronics – SSCKbdHk.) — C:Program Files (x86)SamsungSamsung Support CenterSSCKbdHk.exe [1749504] [PID.4012]
    [MD5.167F9E5AF87B57763DAAA27D3144C2A0] – (.SEC – Samsung Recovery Solution 4.) — C:Program Files (x86)SamsungSamsung Recovery Solution 4WCScheduler.exe [2201192] [PID.4052]
    [MD5.97B1D0896F24C5ACAF0F0938C08AC462] – (.Spotify Ltd – SpotifyWebHelper.) — C:UsersSophieAppDataRoamingSpotifyDataSpotifyWebHelper.exe [1103768] [PID.4084]
    [MD5.3C3B37BD28CF8E7CC7C89C8C0D5F2B34] – (.Skype Technologies S.A. – Skype.) — C:Program Files (x86)SkypePhoneSkype.exe [18672232] [PID.3328]
    [MD5.7738C9F1318EA2E747330008C42B9473] – (.Samsung – Kies.) — C:Program Files (x86)SamsungKiesKies.exe [1561968] [PID.3536]
    [MD5.F7E1CCBAD109329203AACB1E87BE614C] – (.Dropbox, Inc. – Dropbox.) — C:UsersSophieAppDataRoamingDropboxbinDropbox.exe [27776968] [PID.3960]
    [MD5.54FA8528EDA1B6B34615F4EA3FCB35E6] – (.CyberLink – CyberLink MediaLibray Service.) — C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe [103720] [PID.3412]
    [MD5.28FD28A29C637C9AFEFE0A26E27C6DFE] – (.CyberLink Corp. – PowerDVD RC Service.) — C:Program Files (x86)CyberLinkPowerDVD8PDVD8Serv.exe [91432] [PID.4348]
    [MD5.38392CC7CDCA0C2C247B0B279EC2FCE3] – (.AVG Technologies CZ, s.r.o. – AVG User Interface.) — C:Program Files (x86)AVGAVG2014avgui.exe [4908592] [PID.4520]
    [MD5.F6B028380423B1C498984ED5CE873A47] – (.Samsung Electronics Co., Ltd. – Kies TrayAgent Application.) — C:Program Files (x86)SamsungKiesKiesTrayAgent.exe [311152] [PID.4664]
    [MD5.B2387FD351A3D4780A917E4C00A83310] – (.Apple Inc. – iTunesHelper.) — C:Program Files (x86)iTunesiTunesHelper.exe [152392] [PID.4876]
    [MD5.636D97B3BAF854511FF3F4093E895FED] – (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe [863184] [PID.2308]
    [MD5.5B201C6E792E3CBAA7AE8CAA680BA28F] – (.Nicolas Coolman – ZHPDiag.) — C:Program Files (x86)ZHPDiagZHPDiag.exe [8259072] [PID.5132]
    [MD5.30E3850F303EAE5C364782EA78579CC9] – (.Apple Inc. – MobileDeviceService.) — C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe [55624] [PID.1732]
    [MD5.55985B78AB0B3CC406C8BFDF772E05C2] – (.AVG Technologies CZ, s.r.o. – AVG Firewall Service.) — C:Program Files (x86)AVGAVG2014avgfws.exe [1358944] [PID.1768]
    [MD5.332AEB8F6F9595C8886A7AA7A62322DC] – (.AVG Technologies CZ, s.r.o. – AVG Identity Protection Service.) — C:Program Files (x86)AVGAVG2014avgidsagent.exe [3538480] [PID.1796]
    [MD5.07646F5F37F18F1F978CE3B0378EF1C9] – (.AVG Technologies CZ, s.r.o. – AVG Watchdog Service.) — C:Program Files (x86)AVGAVG2014avgwdsvc.exe [301152] [PID.1816]
    [MD5.65085456FD9A74D7F1A999520C299ECB] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program Files (x86)Malwarebytes’ Anti-Malwarembamscheduler.exe [418376] [PID.1968]
    [MD5.E0D7732F2D2E24B2DB3F67B6750295B8] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program Files (x86)Malwarebytes’ Anti-Malwarembamservice.exe [701512] [PID.2016]
    [MD5.7CCAEBCAB6FC1ED0206C07E083E79207] – (.Pas de propriétaire – RichVideo Module.) — C:Program Files (x86)CyberLinkShared filesRichVideo.exe [247152] [PID.1200]
    [MD5.388AE59FE75F1B959DFA0900923C61BB] – (.Skype Technologies S.A. – Skype C2C Service.) — C:ProgramDataSkypeToolbarsSkype C2C Servicec2c_service.exe [3064000] [PID.1680]
    ~ Processes Running: Scanned in 00mn 01s

    —\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
    C:UsersSophieAppDataLocalGoogleChromeUser DataDefaultPreferences
    G1 – GCS: Preference [User DataDefault] http://dts.search-results.com” onclick=”window.open(this.href);return false; =>PUP.SearchResults
    G2 – GCE: Preference [User DataDefault] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
    ~ Google Browser: 9 Legitimates Filtered in 00mn 05s

    —\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
    R1 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Search Bar = preserve
    ~ IE Browser: 16 Legitimates Filtered in 00mn 00s

    —\ Internet Explorer, Proxy Management (R5)
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyHttp1.1 = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s

    —\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
    F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
    F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
    F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Hosts file redirection (O1)
    ~ Le fichier hosts est sain (The hosts file is clean).
    ~ Hosts File: Scanned in 00mn 00s
    ~ Nombre de lignes (Lines number): 21

    —\ Internet Explorer Toolbars (O3)
    O3 – Toolbar: Google Toolbar [64Bits] – [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. – Google Toolbar.) — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll =>Toolbar.Google
    ~ Toolbar: Scanned in 00mn 00s

    —\ Autres liens utilisateurs (O4)
    O4 – GSDesktop [Public]: Easy Network Manager.lnk . (.Samsung Electronics Co. Ltd – Samsung Easy Network Manager.) — C:Program Files (x86)SamsungEasy Network ManagerENM.exe
    O4 – GSDesktop [Public]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
    O4 – GSDesktop [Public]: User Guide.lnk . (.Samsung Electronics – Runmanual.) — C:Program FilesSamsungSamsungManualRunManual.exe
    O4 – GSQuickLaunch [Sophie]: Free Video Converter.lnk . (.Koyote Soft – FreeVideoConverter.) — C:Program Files (x86)Free Video ConverterFreeVideoConverter.exe
    O4 – GSQuickLaunch [Sophie]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
    O4 – GSQuickLaunch [Sophie]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
    O4 – GSTaskBar [Sophie]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
    O4 – GSProgram [Sophie]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
    O4 – GSProgram [Sophie]: Internet Explorer.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
    O4 – GSSystemTools [Sophie]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
    O4 – GSDesktop [Sophie]: Mix Sophie officiel – Copie.lnk . (.Microsoft Corporation – Interpréteur de commandes Windows.) — C:windowssystem32cmd.exe =>.Microsoft Corporation
    O4 – GSDesktop [Sophie]: SosVirus Forum Gratuit.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe https://www.sosvirus.net” onclick=”window.open(this.href);return false;
    O4 – GSDesktop [Sophie]: Votre avis nous intéresse.lnk – Clé orpheline
    O4 – GSDesktop [Sophie]: zumba 16 nov 2013.lnk . (.Microsoft Corporation – Interpréteur de commandes Windows.) — C:Windowssystem32cmd.exe =>.Microsoft Corporation
    ~ Global Startup: 83 Legitimates Filtered in 00mn 02s

    —\ Applications lancées au démarrage du sytème (O4)
    O4 – GSStartup [Sophie]: Dropbox.lnk . (.Dropbox, Inc. – Dropbox.) — C:UsersSophieAppDataRoamingDropboxbinDropbox.exe
    O4 – HKLM..Run: [RtHDVCpl] . (.Realtek Semiconductor – Gestionnaire audio HD Realtek.) — C:Program FilesRealtekAudioHDARAVCpl64.exe =>.Realtek Semiconductor Corp
    O4 – HKLM..Run: [SynTPEnh] C:Program Files (x86)SynapticsSynTPSynTPEnh.exe (.not file.)
    O4 – HKLM..Run: [IgfxTray] . (.Intel Corporation – igfxTray Module.) — C:windowssystem32igfxtray.exe
    O4 – HKLM..Run: [HotKeysCmds] . (.Intel Corporation – hkcmd Module.) — C:windowssystem32hkcmd.exe
    O4 – HKLM..Run: [Persistence] . (.Intel Corporation – persistence Module.) — C:windowssystem32igfxpers.exe
    O4 – HKCU..Run: [Facebook Update] . (.Facebook Inc. – Programme d’installation de Facebook.) — C:UsersSophieAppDataLocalFacebookUpdateFacebookUpdate.exe
    O4 – HKCU..Run: [Spotify Web Helper] . (.Spotify Ltd – SpotifyWebHelper.) — C:UsersSophieAppDataRoamingSpotifyDataSpotifyWebHelper.exe
    O4 – HKCU..Run: [Spotify] . (.Spotify Ltd – Spotify.) — C:UsersSophieAppDataRoamingSpotifySpotify.exe
    O4 – HKCU..Run: [Skype] . (.Skype Technologies S.A. – Skype.) — C:Program Files (x86)SkypePhoneSkype.exe =>.Skype Technologies S.A.
    O4 – HKCU..Run: [KiesPreload] . (.Samsung – Kies.) — C:Program Files (x86)SamsungKiesKies.exe
    O4 – HKCU..Run: [KiesAirMessage] C:Program Files (x86)SamsungKiesKiesAirMessage.exe (.not file.)
    O4 – HKLM..Wow6432NodeRun: [UpdateLBPShortCut] . (.CyberLink Corp. – MUI StartMenu Application.) — C:Program Files (x86)CyberLinkLabelPrintMUITransferMUIStartMenu.exe
    O4 – HKLM..Wow6432NodeRun: [CLMLServer] . (.CyberLink – CyberLink MediaLibray Service.) — C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe
    O4 – HKLM..Wow6432NodeRun: [UpdateP2GoShortCut] . (.CyberLink Corp. – MUI StartMenu Application.) — C:Program Files (x86)CyberLinkPower2GoMUITransferMUIStartMenu.exe
    O4 – HKLM..Wow6432NodeRun: [UpdatePDRShortCut] . (.CyberLink Corp. – StartMen Application.) — C:Program Files (x86)CyberLinkPowerDirectorMUITransferMUIStartMenu.exe
    O4 – HKLM..Wow6432NodeRun: [RemoteControl8] . (.CyberLink Corp. – PowerDVD RC Service.) — C:Program Files (x86)CyberLinkPowerDVD8PDVD8Serv.exe
    O4 – HKLM..Wow6432NodeRun: [PDVD8LanguageShortcut] . (.CyberLink Corp. – PowerDVD Language Application.) — C:Program Files (x86)CyberLinkPowerDVD8LanguageLanguage.exe
    O4 – HKLM..Wow6432NodeRun: [UpdatePPShortCut] . (.CyberLink Corp. – MUI StartMenu Application.) — C:Program Files (x86)CyberLinkPowerProducerMUITransferMUIStartMenu.exe
    O4 – HKLM..Wow6432NodeRun: [UpdatePSTShortCut] . (.CyberLink Corp. – MUI StartMenu Application.) — C:Program Files (x86)CyberLinkDVD SuiteMUITransferMUIStartMenu.exe
    O4 – HKLM..Wow6432NodeRun: [Microsoft Default Manager] . (.Microsoft Corporation – Microsoft Default Manager.) — C:Program Files (x86)MicrosoftSearch Enhancement PackDefault ManagerDefMgr.exe =>.Microsoft Corporation
    O4 – HKLM..Wow6432NodeRun: [UCam_Menu] . (.CyberLink Corp. – MUI StartMenu Application.) — C:Program Files (x86)CyberLinkYouCamMUITransferMUIStartMenu.exe
    O4 – HKLM..Wow6432NodeRun: [APSDaemon] . (.Apple Inc. – Apple Push.) — C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe
    O4 – HKLM..Wow6432NodeRun: [AVG_UI] . (.AVG Technologies CZ, s.r.o. – AVG User Interface.) — C:Program Files (x86)AVGAVG2014avgui.exe
    O4 – HKLM..Wow6432NodeRun: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. – Kies TrayAgent Application.) — C:Program Files (x86)SamsungKiesKiesTrayAgent.exe =>.Samsung Electronics Co
    O4 – HKLM..Wow6432NodeRun: [iTunesHelper] . (.Apple Inc. – iTunesHelper.) — C:Program Files (x86)iTunesiTunesHelper.exe
    O4 – HKUSS-1-5-19..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-20..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-19..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-20..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-21-1972273453-3807663751-171534141-1001..Run: [Facebook Update] . (.Facebook Inc. – Programme d’installation de Facebook.) — C:UsersSophieAppDataLocalFacebookUpdateFacebookUpdate.exe
    O4 – HKUSS-1-5-21-1972273453-3807663751-171534141-1001..Run: [Spotify Web Helper] . (.Spotify Ltd – SpotifyWebHelper.) — C:UsersSophieAppDataRoamingSpotifyDataSpotifyWebHelper.exe
    O4 – HKUSS-1-5-21-1972273453-3807663751-171534141-1001..Run: [Spotify] . (.Spotify Ltd – Spotify.) — C:UsersSophieAppDataRoamingSpotifySpotify.exe
    O4 – HKUSS-1-5-21-1972273453-3807663751-171534141-1001..Run: [Skype] . (.Skype Technologies S.A. – Skype.) — C:Program Files (x86)SkypePhoneSkype.exe =>.Skype Technologies S.A.
    O4 – HKUSS-1-5-21-1972273453-3807663751-171534141-1001..Run: [KiesPreload] . (.Samsung – Kies.) — C:Program Files (x86)SamsungKiesKies.exe
    O4 – HKUSS-1-5-21-1972273453-3807663751-171534141-1001..Run: [KiesAirMessage] C:Program Files (x86)SamsungKiesKiesAirMessage.exe (.not file.)
    ~ Application: Scanned in 00mn 00s

    —\ Boutons situés sur la barre d’outils principale d’Internet Explorer (O9)
    O9 – Extra button: Skype Click to Call [64Bits] – {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (…) — c:program files (x86)skypetoolbarsinternet explorer x64icon.ico
    ~ IE Extra Buttons: Scanned in 00mn 00s

    —\ Modification Domaine/Adresses DNS (O17)
    O17 – HKLMSystemCCSServicesTcpip..{D555802D-1EEC-4BAA-B7B0-1B4DCF68F9D1}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCCSServicesTcpip..{DC679C78-2304-45F5-9BCF-B9C323371F23}: DhcpNameServer = 192.168.0.1
    O17 – HKLMSystemCS1ServicesTcpip..{D555802D-1EEC-4BAA-B7B0-1B4DCF68F9D1}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCS1ServicesTcpip..{DC679C78-2304-45F5-9BCF-B9C323371F23}: DhcpNameServer = 192.168.0.1
    O17 – HKLMSystemCS2ServicesTcpip..{D555802D-1EEC-4BAA-B7B0-1B4DCF68F9D1}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCS2ServicesTcpip..{DC679C78-2304-45F5-9BCF-B9C323371F23}: DhcpNameServer = 192.168.0.1
    O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.1
    ~ Domain: Scanned in 00mn 00s

    —\ Protocole additionnel (O18)
    O18 – Handler: wlpg [64Bits] – {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (…) —
    O18 – Filter: text/xml [64Bits] – {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesCommon FilesMicrosoft SharedOFFICE12MSOXMLMF.dll =>.Microsoft Corporation
    ~ Protocole Additionnel: Scanned in 00mn 00s

    —\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
    O20 – Winlogon Notify: igfxcui . (.Intel Corporation – igfxdev Module.) — C:WindowsSystem32igfxdev.dll
    ~ Winlogon: Scanned in 00mn 00s

    —\ Liste des services NT non Microsoft et non désactivés (O23)
    O23 – Service: (vToolbarUpdater13.2.0) . (…) – C:Program Files (x86)Common FilesAVG Secure SearchvToolbarUpdater13.2.0ToolbarUpdater.exe (.not file.) =>Toolbar.AVGSearch
    ~ Services: 12 Legitimates Filtered in 00mn 10s

    —\ Logiciels installés (O42)
    O42 – Logiciel: Search-Results Toolbar – (.APN LLC.) [HKLM][64Bits] — ilividtoolbargaw =>Adware.Bandoo
    ~ Logic: 108 Legitimates Filtered in 00mn 01s

    —\ HKCU & HKLM Software Keys
    [HKLMSoftwareASK]
    ~ Key Software: 122 Legitimates Filtered in 00mn 01s

    —\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    ~ 4 Dossiers CLSID vides (CLSID Empty Folders)
    ~ Program Folder: 135 Legitimates Filtered in 00mn 29s

    —\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 – LFC:[MD5.97BBBF99B3E117DA331C9EF080DBD21A] – 18/11/2013 – 22:33:04


    . (…) — C:UsbFix [Scan 1] SOPHIE-PC.txt [16862]
    O44 – LFC:[MD5.C11CB38803CF5B659194F6FF3953FCD8] – 18/11/2013 – 22:41:39 —A- . (…) — C:UsbFix [Clean 3] SOPHIE-PC.txt [22395]
    ~ Files: 21 Legitimates Filtered in 00mn 46s

    —\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
    ~ MWPS: 16 Legitimates Filtered in 00mn 00s

    —\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
    O56 – MWPE:[HKLM…policiesExplorer] – “NoActiveDesktopChanges”=1
    ~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s

    —\ Liste des pilotes du système (SDL) (O58)
    O58 – SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] – 14/07/2009 – 02:47:48 —A- . (.Emulex – Storport Miniport Driver for LightPulse HBAs.) — C:WindowsSystem32Driverselxstor.sys [530496]
    O58 – SDL:[MD5.4CA0DBA9E224473D664C25E411F5A3BD] – 30/03/2011 – 01:58:20 —A- . (.Windows (R) 2003 DDK 3790 provider – Generic Port I/O for Win64.) — C:WindowsSysWOW64driversrtport.sys [15144]
    ~ Drivers: 16 Legitimates Filtered in 00mn 01s

    —\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
    O61 – LFC: 17/11/2013 – 16:27:56 —A- . (…) — C:UsersSophieAppDataLocalMixxxmixxx.cfg [1680]
    O61 – LFC: 17/11/2013 – 16:27:56 —A- . (…) — C:UsersSophieAppDataLocalMixxxmixxxbpmscheme.xml [134]
    O61 – LFC: 17/11/2013 – 16:27:56 —A- . (…) — C:UsersSophieAppDataLocalMixxxmixxxdb.sqlite [27648]
    O61 – LFC: 17/11/2013 – 16:27:56 —A- . (…) — C:UsersSophieAppDataLocalMixxxsoundconfig.xml [250]
    O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logavgcfg.log.lock [0]
    O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logavgcore.log.lock [0]
    O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logavgdecider.log.lock [0]
    O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logavgmsgdisp.log.lock [0]
    O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logavgpostinst.log.lock [0]
    O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logavgual.log.lock [0]
    O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logavgui.log.lock [0]
    O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logavgupd.log.lock [0]
    O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logcommonpriv.log.lock [0]
    O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logfixcfg.log.lock [0]
    O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logkrnlapi.log.lock [0]
    O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014loglng.log.lock [0]
    O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014updatedownloadavg14infoavi.ctf [3359]
    O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014updatedownloadavg14infowin.ctf [25090]
    O61 – LFC: 18/11/2013 – 16:27:55 —A- . (…) — C:UsersSophieAppDataLocalMFADatalogsnds-20131118-210818.log.lock [0]
    O61 – LFC: 18/11/2013 – 16:28:06 —A- . (…) — C:UsersSophieDownloadsMon film.wlmp [2252]
    O61 – LFC: 19/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logavgidpagentmonitor.log.lock [0]
    O61 – LFC: 19/11/2013 – 16:27:43 —A- . (…) — C:UsersSophieAppDataLocalGoogleChromeUser DataCertificate Revocation Lists [263773]
    O61 – LFC: 19/11/2013 – 16:27:55 —A- . (…) — C:UsersSophieAppDataLocalGoogleChromeUser DataLocal State [46556]
    O61 – LFC: 19/11/2013 – 16:28:05 —A- . (…) — C:UsersSophieAppDataRoamingZHPLog.txt [17027] =>.Nicolas Coolman
    O61 – LFC: 19/11/2013 – 16:28:05 —A- . (…) — C:UsersSophieAppDataRoamingZHPTestsZHPDiag.txt [2873] =>.Nicolas Coolman
    O61 – LFC: 19/11/2013 – 16:28:06 —A- . (…) — C:UsersSophieDownloadsMixAlbum-18-11-13-15h46.zip [104509544]
    O61 – LFC: 19/11/2013 – 16:28:06 —A- . (…) — C:UsersSophieDownloadsMon film (1).wlmp [2252]
    ~ 11 Fichiers temporaires (Temporary files)
    ~ Files: 225 Legitimates Filtered in 01mn 30s

    —\ Liste des outils de désinfection (LATC) (O63)
    O63 – Logiciel: UsbFix By El Desaparecido – (.El Desaparecido – http://www.usbfix.net” onclick=”window.open(this.href);return false;.) [HKLM] — Usbfix
    O63 – Logiciel: ZHPDiag 2013 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
    ~ ADS: Scanned in 00mn 00s

    —\ Associations Shell Spawning (O67)
    O67 – Shell Spawning: [HKCU..openCommand] (.Not Key.)
    ~ FASS Keys: 11 Legitimates Filtered in 00mn 00s

    —\ Menu de démarrage Internet (SMI) (O68)
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche particulière à la racine du système (SPRF) (O84)
    [MD5.378189889438568FEF3D98588283B3A5] [SPRF][11/11/2013] (…) — C:UsersSophieAppDataLocalTempQuarantine.exe [350377]
    [MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][17/11/2013] (…) — C:UsersSophieAppDataLocalLowprvlcl.dat [0]
    [MD5.9812917FE2FCDEA2FD800573D7842E5D] [SPRF][19/11/2013] (…) — C:UsersSophieDesktopadwcleaner.exe [1085542]
    ~ Files: 6 Legitimates Filtered in 00mn 04s

    —\ Liste des exceptions du parefeu (FirewallRules) (O87)
    O87 – FAEL: “{CB29C480-5A1A-42E6-B620-AFB5C2A45FB5}” |In – Private – P6 – TRUE | .(…) — C:Program Files (x86)Searchqu ToolbarDatamngrToolBardtUser.exe (.not file.) =>PUP.Datamngr
    O87 – FAEL: “{36047400-F2A1-4892-BDC5-72174BF4F29C}” |In – Private – P17 – TRUE | .(…) — C:Program Files (x86)Searchqu ToolbarDatamngrToolBardtUser.exe (.not file.) =>PUP.Datamngr
    O87 – FAEL: “{E26E000C-AF5B-49E4-B7C8-99257CA300A1}” |In – Private – P6 – TRUE | .(…) — C:Program Files (x86)Search Results ToolbarDatamngrSRTOOL~1dtUser.exe (.not file.) =>PUP.SearchResults
    O87 – FAEL: “{96415DA7-0820-4389-A239-9439A1E452CF}” |In – Private – P17 – TRUE | .(…) — C:Program Files (x86)Search Results ToolbarDatamngrSRTOOL~1dtUser.exe (.not file.) =>PUP.SearchResults
    O87 – FAEL: “{7A5759E5-F987-4273-8815-E6C5668A8033}” |In – None – P17 – TRUE | .(…) — C:Program Files (x86)IminentIminent.exe (.not file.) =>Adware.IMBooster
    O87 – FAEL: “{66FFFBFF-97CB-41F2-B2FA-255A929F2415}” |In – None – P17 – TRUE | .(…) — C:Program Files (x86)IminentIminent.Messengers.exe (.not file.) =>Adware.IMBooster
    ~ Firewall: 228 Legitimates Filtered in 00mn 01s

    —\ Enumère les codes produits des logiciels (PUC) (O90)
    O90 – PUC: “45ADD8F9B89E76040A8DBF736098468D” . (.Dj Mixer Studio.) — C:windowsInstaller{9F8DDA54-E98B-4067-A0D8-FB37068964D8}ARPPRODUCTICON.exe
    ~ Update Products: 503 Legitimates Filtered in 00mn 00s

    —\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
    [MD5.22C9E7805145D0A0C4C62DDB591D2DAE] [WIS][27/06/2012] (.Babylon Ltd – BabylonObjectInstaller.) — C:WindowsInstaller1056310.msi [353280] =>PUP.Babylon
    [MD5.B67811645C5A3B8E4E4B1A1DB1EE271C] [WIS][20/09/2012] (.Boxore OU. – Software Update Helper.) — C:WindowsInstaller382340.msi [45056] =>Adware.Boxore
    ~ WIS: 510 Legitimates Filtered in 00mn 43s

    —\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
    SS – | Demand 08/10/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) – C:windowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe
    SR – | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) – C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe
    SR – | Auto 25/09/2013 1358944 | (avgfws) . (.AVG Technologies CZ, s.r.o..) – C:Program Files (x86)AVGAVG2014avgfws.exe
    SR – | Auto 03/10/2013 3538480 | (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o..) – C:Program Files (x86)AVGAVG2014avgidsagent.exe
    SR – | Auto 25/09/2013 301152 | (avgwd) . (.AVG Technologies CZ, s.r.o..) – C:Program Files (x86)AVGAVG2014avgwdsvc.exe
    SR – | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) – C:Program FilesBonjourmDNSResponder.exe
    SS – | Auto 23/09/2012 136176 | (gupdate) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
    SS – | Demand 23/09/2012 136176 | (gupdatem) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
    SS – | Demand 04/10/2012 194032 | (gusvc) . (.Google.) – C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exe
    SR – | Demand 17/09/2013 641352 | (iPod Service) . (.Apple Inc..) – C:Program FilesiPodbiniPodService.exe
    SR – | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) – C:Program Files (x86)Malwarebytes’ Anti-Malwarembamscheduler.exe
    SR – | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) – C:Program Files (x86)Malwarebytes’ Anti-Malwarembamservice.exe
    SR – | Auto 07/07/2009 247152 | (RichVideo) . (…) – C:Program Files (x86)CyberLinkShared filesRichVideo.exe
    SR – | Auto 02/10/2012 3064000 | (Skype C2C Service) . (.Skype Technologies S.A..) – C:ProgramDataSkypeToolbarsSkype C2C Servicec2c_service.exe
    SS – | Auto 28/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) – C:Program Files (x86)SkypeUpdaterUpdater.exe
    SR – | Auto 13/12/2011 2028864 | (TuneUp.UtilitiesSvc) . (.TuneUp Software.) – C:Program Files (x86)TuneUp Utilities 2011TuneUpUtilitiesService64.exe
    SR – | Auto 14/07/2009 27136 | C:WindowsSystem32uxtuneup.dll (UxTuneUp) . (.TuneUp Software.) – C:WindowsSystem32svchost.exe
    SS – | Auto 10/07/1658 0 | (vToolbarUpdater13.2.0) . (…) – C:Program Files (x86)Common FilesAVG Secure SearchvToolbarUpdater13.2.0ToolbarUpdater.exe =>Toolbar.AVGSearch
    SS – | Demand 14/07/2009 27136 | C:Program Files (x86)Windows Defendermpsvc.dll (WinDefend) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    SR – | Auto 10/07/1658 0 | (WMPNetworkSvc) . (…) – C:Program Files (x86)Windows Media Playerwmpnetwk.exe =>.Microsoft Corporation
    SR – | Auto 14/07/2009 27136 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    ~ Services: Scanned in 00mn 45s

    —\ Recherche d’infection sur le Master Boot Record (MBR)(O80)
    Run by Sophie at 19/11/2013 16:30:21
    ~ OS 64 not supported by MBR tool
    ~ MBR: 0 Legitimates Filtered in 00mn 00s

    —\ Recherche d’infection sur le Master Boot Record (MBRCheck)(O80)
    Written by ad13, http://ad13.geekstog” onclick=”window.open(this.href);return false;
    Run by Sophie at 19/11/2013 16:30:23

    ********* Dump file Name *********
    C:PhysicalDisk0_MBR.bin
    ~ MBR: Scanned in 00mn 02s

    —\ Scan Additionnel (O88)
    Database Version : 12996 – (19/11/2013)
    Clés trouvées (Keys found) : 15
    Valeurs trouvées (Values found) : 1
    Dossiers trouvés (Folders found) : 0
    Fichiers trouvés (Files found) : 2

    [HKLMSYSTEMCurrentControlSetServicesvToolbarUpdater13.2.0] =>Toolbar.AVGSearch^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstallilividtoolbargaw] =>Adware.Bandoo^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ProductsAF2CF8FE20EBB4443855807CA5D6E7A3] =>Adware.Boxore
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ProductsBA172DB42E6685D4FA8808EFB370074C] =>PUP.OfferBox
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Products64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Products3192AA38321C641458DBDAF83979D193] =>PUP.Babylon
    [HKLMSoftwareClassesInterface{8DEC3C75-9A5D-446C-B7B5-E4AB4FDD6309}] =>Adware.Bandoo
    [HKLMSoftwareWow6432NodeClassesInterface{8DEC3C75-9A5D-446C-B7B5-E4AB4FDD6309}] =>Adware.Bandoo
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Products9EC6D81181F59F2459A84176A626F9ED] =>Adware.IMBooster
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUpgradeCodesF1057DD419AED0B468AD8888429E139A] =>Adware.IMBooster
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components38D5CDD0A851B3940A43CC50ABBA251C] =>Adware.Boxore^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsBA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsCA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
    [HKLMSoftwareMicrosoftInternet ExplorerToolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
    C:WindowsInstaller1056310.msi =>PUP.Babylon^
    C:WindowsInstaller382340.msi =>Adware.Boxore^
    ~ Additionnel Scan: 292697 Items scanned in 00mn 22s

    —\ Récapitulatif des détections trouvées sur votre station
    ~ http://nicolascoolman.webs.com/apps/blog/show/30319724-pup-searchresults” onclick=”window.open(this.href);return false; =>PUP.SearchResults
    ~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo” onclick=”window.open(this.href);return false; =>Adware.Bandoo
    ~ http://nicolascoolman.webs.com/apps/blog/show/27583992-pup-datamngr” onclick=”window.open(this.href);return false; =>PUP.Datamngr
    ~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster” onclick=”window.open(this.href);return false; =>Adware.IMBooster
    ~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon” onclick=”window.open(this.href);return false; =>PUP.Babylon
    ~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore” onclick=”window.open(this.href);return false; =>Adware.Boxore
    ~ http://nicolascoolman.webs.com/apps/blog/show/28606910-pup-offerbox” onclick=”window.open(this.href);return false; =>PUP.OfferBox
    ~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma” onclick=”window.open(this.href);return false; =>PUP.Tarma
    ~ MSI: 8 link(s) detected in 00mn 22s

    ~ 1745 Legitimates filtered by white list
    End of the scan (510 lines in 05mn 52s)(0)

    Anonyme
    Nombre d'articles : 0
    • Séléctionne et copie le script suivant :

      Script ZHPFix
      G1 - GCS: Preference [User DataDefault] http://dts.search-results.com =>PUP.SearchResults
      O4 - GSDesktop [Sophie]: Votre avis nous intéresse.lnk - Clé orpheline
      O4 - HKCU..Run: [KiesAirMessage] C:Program Files (x86)SamsungKiesKiesAirMessage.exe (.not file.)
      O4 - HKLM..Run: [SynTPEnh] C:Program Files (x86)SynapticsSynTPSynTPEnh.exe (.not file.)
      O4 - HKUSS-1-5-21-1972273453-3807663751-171534141-1001..Run: [KiesAirMessage] C:Program Files (x86)SamsungKiesKiesAirMessage.exe (.not file.)
      O42 - Logiciel: Search-Results Toolbar - (.APN LLC.) [HKLM][64Bits] -- ilividtoolbargaw =>Adware.Bandoo
      O87 - FAEL: "{CB29C480-5A1A-42E6-B620-AFB5C2A45FB5}" |In - Private - P6 - TRUE | .(...) -- C:Program Files (x86)Searchqu ToolbarDatamngrToolBardtUser.exe (.not file.) =>PUP.Datamngr
      O87 - FAEL: "{36047400-F2A1-4892-BDC5-72174BF4F29C}" |In - Private - P17 - TRUE | .(...) -- C:Program Files (x86)Searchqu ToolbarDatamngrToolBardtUser.exe (.not file.) =>PUP.Datamngr
      O87 - FAEL: "{E26E000C-AF5B-49E4-B7C8-99257CA300A1}" |In - Private - P6 - TRUE | .(...) -- C:Program Files (x86)Search Results ToolbarDatamngrSRTOOL~1dtUser.exe (.not file.) =>PUP.SearchResults
      O87 - FAEL: "{96415DA7-0820-4389-A239-9439A1E452CF}" |In - Private - P17 - TRUE | .(...) -- C:Program Files (x86)Search Results ToolbarDatamngrSRTOOL~1dtUser.exe (.not file.) =>PUP.SearchResults
      O87 - FAEL: "{7A5759E5-F987-4273-8815-E6C5668A8033}" |In - None - P17 - TRUE | .(...) -- C:Program Files (x86)IminentIminent.exe (.not file.) =>Adware.IMBooster
      O87 - FAEL: "{66FFFBFF-97CB-41F2-B2FA-255A929F2415}" |In - None - P17 - TRUE | .(...) -- C:Program Files (x86)IminentIminent.Messengers.exe (.not file.) =>Adware.IMBooster
      [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstallilividtoolbargaw] =>Adware.Bandoo^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ProductsAF2CF8FE20EBB4443855807CA5D6E7A3] =>Adware.Boxore
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ProductsBA172DB42E6685D4FA8808EFB370074C] =>PUP.OfferBox
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Products64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Products3192AA38321C641458DBDAF83979D193] =>PUP.Babylon
      [HKLMSoftwareClassesInterface{8DEC3C75-9A5D-446C-B7B5-E4AB4FDD6309}] =>Adware.Bandoo
      [HKLMSoftwareWow6432NodeClassesInterface{8DEC3C75-9A5D-446C-B7B5-E4AB4FDD6309}] =>Adware.Bandoo
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Products9EC6D81181F59F2459A84176A626F9ED] =>Adware.IMBooster
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUpgradeCodesF1057DD419AED0B468AD8888429E139A] =>Adware.IMBooster
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components38D5CDD0A851B3940A43CC50ABBA251C] =>Adware.Boxore^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsBA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsCA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
      C:WindowsInstaller1056310.msi =>PUP.Babylon^
      C:WindowsInstaller382340.msi =>Adware.Boxore^
      EmptyCLSID
      Emptytemp
      EmptyFlash
      ShortcutFix
    • Lances ZHPFix, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista

      1. Clique sur Importer
      2. Les lignes précedemment copiées doivent être collées dans le cadre
      3. Si c’est le cas, Clic sur “GO

    • Confirmes les nettoyages des données en cliquant sur “Oui
    • Une fois le scan terminé rends toi sur le bureau, le fichier ZHPFixReport à été crée.
    • Héberge le rapport ZHPFixReport sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse.
15 sujets de 1 à 15 (sur un total de 38)
  • Vous devez être connecté pour répondre à ce sujet.