Hello! Ordi ramolli, merci, merci. 2014-08-14T21:56:31+00:00
  • Auteur
    Messages
  • grom2
    Nombre d'articles : 0

    Bonjour à tous, ravi de découvrir l’existence de ce forum et surtout du dévouement de ses membres, impressionnant..

    Passons tout de suite aux choses “sérieuses”
    Ma machine a bien ralenti suite a une visite sur un site proposant un décrypteur de clé wifi.
    Avast s’est mis en route, mais depuis ça rame tout de même.

    Le rapport ZHDIAG:

    [spoiler:2leii9et]~ Rapport de ZHPDiag v2014.8.13.118 – Nicolas Coolman (13/08/2014)
    ~ Lancé par Antoine (14/08/2014 23:29:51)
    ~ Adresse du Site Web http://nicolascoolman.fr” onclick=”window.open(this.href);return false;
    ~ Adresse du Forum http://forum.nicolascoolman.fr” onclick=”window.open(this.href);return false;
    ~ Traduit par Nicolas Coolman
    ~ Etat de la version : Version à jour.
    ~ Liste blanche : Activée par le programme
    ~ Elévation des Privilèges : OK
    ~ User Account Control (UAC): Deactivate by user

    —\ Navigateurs Internet
    MSIE: Internet Explorer v11.0.9600.17207
    MFIE: Mozilla Firefox 31.0 (Defaut)
    GCIE: Google Chrome v36.0.1985.125

    —\ Informations sur les produits Windows
    ~ Langage: Français
    Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
    Windows Server License Manager Script : OK
    ~ Windows Operating System – Windows(R) 7, OEM_SLP channel
    System Locked Preinstallation (OEM_SLP) : OK
    Windows ID Activation : OK
    ~ Windows Partial Key : 9YQTR
    Windows License : OK
    ~ Windows Remaining Initializations Number : 1
    Software Protection Service (Protection logicielle) : OK
    Windows Automatic Updates : OK
    Windows Activation Technologies : OK

    —\ Logiciels de protection du système
    avast! Free Antivirus v8.0.1497.0
    Malwarebytes Anti-Malware version 2.0.2.1012
    Spybot – Search & Destroy v2.1.21
    Windows Defender W7 (Activate)

    —\ Logiciels d'optimisation du système
    CCleaner v4.09

    —\ Logiciels de partage PeerToPeer

    —\ Surveillance de Logiciels
    Adobe Flash Player 14 Plugin
    Java 7 Update 55

    —\ Informations sur le système
    ~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
    ~ Operating System: 64 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 4072 MB (59% free)
    System Restore: Activé (Enable)
    System drive C: has 27 GB (8%) free of 302 GB

    —\ Mode de connexion au système
    ~ Computer Name: ANTOINE-PC
    ~ User Name: Antoine
    ~ All Users Names: HomeGroupUser$, Antoine, Administrateur,
    ~ Unselected Option: None
    Logged in as Administrator

    —\ Variables d'environnement
    ~ System Unit : C:
    ~ %AppZHP% : C:UsersAntoineAppDataRoamingZHP
    ~ %AppData% : C:UsersAntoineAppDataRoaming
    ~ %Desktop% : C:UsersAntoineDesktop
    ~ %Favorites% : C:UsersAntoineFavorites
    ~ %LocalAppData% : C:UsersAntoineAppDataLocal
    ~ %StartMenu% : C:UsersAntoineAppDataRoamingMicrosoftWindowsStart Menu
    ~ %Windir% : C:Windows
    ~ %System% : C:WindowsSystem32

    —\ Enumération des unités disques
    C: Hard drive, Flash drive, Thumb drive (Free 27 Go of 302 Go)
    D: Hard drive, Flash drive, Thumb drive (Free 371 Go of 372 Go)
    E: CD-ROM drive (Not Inserted)
    Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)

    —\ Etat du Centre de Sécurité Windows
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer] NoActiveDesktopChanges: Modified
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciessystem] EnableLUA: Modified
    ~ Security Center: 46 Legitimates Filtered in 00mn 00s

    —\ Recherche particulière de fichiers génériques
    [MD5.332FEAB1435662FC6C672E25BEB37BE3] – (.Microsoft Corporation – Explorateur Windows.) (.25/02/2011 – 07:19:30.) — C:WindowsExplorer.exe [2871808]
    [MD5.94355C28C1970635A31B3FE52EB7CEBA] – (.Microsoft Corporation – Application de démarrage de Windows.) (.14/07/2009 – 02:39:52.) — C:WindowsSystem32Wininit.exe [129024]
    [MD5.2EE102DF0EDD8A1EDD3D1E9B99A91BEC] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.18/06/2014 – 23:58:27.) — C:WindowsSystem32wininet.dll [2266112]
    [MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.04/03/2014 – 10:43:50.) — C:WindowsSystem32Winlogon.exe [455168]
    [MD5.067FA52BFB59A56110A12312EF9AF243] – (.Microsoft Corporation – Bibliothèque de licences.) (.20/11/2010 – 14:27:28.) — C:WindowsSystem32sppcomapi.dll [232448]
    [MD5.FA886682CFC5D36718D3E436AACF10B9] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.30/05/2014 – 07:45:52.) — C:Windowssystem32DriversAFD.sys [497152]
    [MD5.02062C0B390B7729EDC9E69C680A6F3C] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.14/07/2009 – 02:52:21.) — C:Windowssystem32Driversatapi.sys [24128]
    [MD5.B8BD2BB284668C84865658C77574381A] – (.Microsoft Corporation – CD-ROM File System Driver.) (.14/07/2009 – 00:19:47.) — C:Windowssystem32DriversCdfs.sys [92160]
    [MD5.F036CE71586E93D94DAB220D7BDF4416] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.20/11/2010 – 10:19:22.) — C:Windowssystem32DriversCdrom.sys [147456]
    [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.20/11/2010 – 10:26:34.) — C:Windowssystem32DriversDfsC.sys [102400]
    [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.20/11/2010 – 11:43:44.) — C:Windowssystem32DriversHDAudBus.sys [122368]
    [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] – (.Microsoft Corporation – Pilote de port i8042.) (.14/07/2009 – 00:19:57.) — C:Windowssystem32Driversi8042prt.sys [105472]
    [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] – (.Microsoft Corporation – IP Network Address Translator.) (.14/07/2009 – 01:10:03.) — C:Windowssystem32DriversIpNat.sys [116224]
    [MD5.A5D9106A73DC88564C825D317CAC68AC] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.27/04/2011 – 03:40:40.) — C:Windowssystem32DriversMRxSmb.sys [158208]
    [MD5.09594D1089C523423B32A4229263F068] – (.Microsoft Corporation – MBT Transport driver.) (.20/11/2010 – 10:23:22.) — C:Windowssystem32DriversnetBT.sys [261632]
    [MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.24/01/2014 – 03:37:55.) — C:Windowssystem32Driversntfs.sys [1684928]
    [MD5.0086431C29C35BE1DBC43F52CC273887] – (.Microsoft Corporation – Pilote de port parallèle.) (.14/07/2009 – 01:00:41.) — C:Windowssystem32DriversParport.sys [97280]
    [MD5.471815800AE33E6F1C32FB1B97C490CA] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.20/11/2010 – 11:52:36.) — C:Windowssystem32DriversRasl2tp.sys [129536]
    [MD5.548260A7B8654E024DC30BF8A7C5BAA4] – (.Microsoft Corporation – SMB Transport driver.) (.14/07/2009 – 01:09:09.) — C:Windowssystem32Driverssmb.sys [93184]
    [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] – (.Microsoft Corporation – TDI Translation Driver.) (.20/11/2010 – 10:21:58.) — C:Windowssystem32Driverstdx.sys [119296]
    [MD5.0D08D2F3B3FF84E433346669B5E0F639] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.20/11/2010 – 14:34:04.) — C:Windowssystem32Driversvolsnap.sys [295808]
    ~ Generic Processes: Scanned in 00mn 00s

    —\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 1/3428
    ~ Mes musiques (My Musics) : 20/6299
    ~ Mes Favoris (My Favorites) : 1/8
    ~ Mes Documents (My Documents) : 2/323
    ~ Mon Bureau (My Desktop) : 1/1952
    ~ Menu demarrer (Programs) : 1/40
    ~ Hidden Files: Scanned in 00mn 07s

    —\ Processus lancés
    [MD5.18E5C2F937F9DEB8C282DF66A3761925] – (.ASUS – ASLDR Service.) — C:Program Files (x86)ASUSATK PackageATK HotkeyASLDRSrv.exe [84536] [PID.1300]
    [MD5.7910158929571214A959D5A6D16DD9C0] – (.ASUS – GFNEXSrv.) — C:Program Files (x86)ASUSATK PackageATKGFNEXGFNEXSrv.exe [96896] [PID.1348]
    [MD5.563206BA66F0170735096AA74CA0F682] – (.ASUS – HControl.) — C:Program Files (x86)ASUSATK PackageATK HotkeyHControl.exe [166528] [PID.1104]
    [MD5.7D2C5F5A9DF7AE26B4E62E2D7032B96B] – (.ASUS – ACMON.) — C:Program Files (x86)ASUSSplendidACMON.exe [82944] [PID.2100]
    [MD5.5BB1F77C8AF725A15EC9366498D275BB] – (.ASUS – ATKOSD2.) — C:Program Files (x86)ASUSATK PackageATKOSD2ATKOSD2.exe [5732992] [PID.2112]
    [MD5.DE3B04D5AF8A1578F5430697546EB157] – (.ASUSTeK Computer Inc. – LiveUpdate.) — C:Program Files (x86)ASUSASUS Live UpdateLiveUpdate.exe [1545856] [PID.2136]
    [MD5.A391896CD406E6377F5CEF31FDC12019] – (.ASUSTeK – ACEngSvr Module.) — C:WindowsSysWOW64ACEngSvr.exe [155648] [PID.2640]
    [MD5.37DEB76A2CF005841C4E45DE2B94D84F] – (.ASUS – AsScrPro.) — C:WindowsAsScrPro.exe [3058304] [PID.2796]
    [MD5.149126216A694E6BA84E92ECA77AAE3B] – (.ASUS – ATKOSD.) — C:Program Files (x86)ASUSATK PackageATK HotkeyATKOSD.exe [2488888] [PID.2160]
    [MD5.CBC7D8E5416AD30CF16DC2FD4A6AA399] – (.AVAST Software – avast! Antivirus.) — C:Program FilesAVAST SoftwareAvastavastUI.exe [4858968] [PID.2880]
    [MD5.AA11E1368EEB237DD100BAC6AFFE1C57] – (.ASUS – KBFiltr.) — C:Program Files (x86)ASUSATK PackageATK HotkeyKBFiltr.exe [113208] [PID.2884]
    [MD5.4A7C441D99D86704D194E7678873B95D] – (.ASUS – WDC.) — C:Program Files (x86)ASUSATK PackageATK HotkeyWDC.exe [174648] [PID.2996]
    [MD5.57B4D34232852BFE4453BE571DF90D21] – (.CyberLink – CyberLink MediaLibray Service.) — C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe [103720] [PID.3084]
    [MD5.8292C93AA02A0451E243A3CF97878968] – (.syncables, LLC – Syncables.) — C:Program Files (x86)syncablessyncables desktopsyncables.exe [370480] [PID.3404]
    [MD5.7EE22E13DEC8A6D18F4643C1EA34B0F0] – (.Virage Logic Corporation / Sonic Focus – ASUS_MATray.exe.) — C:Program Files (x86)ASUSSonic FocusSonicFocusTray.exe [984400] [PID.4012]
    [MD5.79A3B950988F8D2B81906D0C0473158B] – (.ASUS – ATK Media.) — C:Program Files (x86)ASUSATK PackageATK MediaDMedia.exe [170624] [PID.1040]
    [MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] – (.ASUS – HControlUser.) — C:Program Files (x86)ASUSATK PackageATK HotkeyHControlUser.exe [105016] [PID.2028]
    [MD5.FD22B00049F775E952371E9C3DAC631B] – (.Pas de propriétaire – Wireless Console 3.) — C:Program Files (x86)ASUSWireless Console 3wcourier.exe [1601536] [PID.3708]
    [MD5.C252C2303FE79F201E64F269FEFF0DDB] – (.cyberlink – brs.) — C:Program Files (x86)CyberLinkShared filesbrs.exe [75048] [PID.3868]
    [MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] – (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [254336] [PID.3212]
    [MD5.39B1D0A636A400304565D4521FAD6D77] – (.Microsoft Corporation – Microsoft Application Virtualization Virtua.) — C:Program Files (x86)Microsoft Application Virtualization Clientsftvsa.exe [207528] [PID.4232]
    [MD5.479321C119B54D7F13A91E16CF7C2E9A] – (.NVIDIA Corporation – Stereo Vision Control Panel API Server.) — C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe [378472] [PID.4392]
    [MD5.77C5A741A7452812F278EF2C18478862] – (.Microsoft Corporation – Microsoft Application Virtualization Client.) — C:Program Files (x86)Microsoft Application Virtualization Clientsftlist.exe [523944] [PID.912]
    [MD5.FD557A50A65E44041CD2FCEF4BEB04DB] – (.Microsoft Corporation – Microsoft Office Client Virtualization Serv.) — C:Program Files (x86)Common FilesMicrosoft SharedVirtualization HandlerCVHSVC.exe [822504] [PID.3984]
    [MD5.45D9E6C134735854866608931269B43E] – (.Sun Microsystems, Inc. – Java(TM) Platform SE binary.) — C:Program Files (x86)syncablessyncables desktopjrebinjavaw.exe [145184] [PID.5600]
    [MD5.10F36FB8CD6218CD7F818268E0F3F9C6] – (.Mozilla Corporation – Firefox.) — C:Program Files (x86)Mozilla Firefoxfirefox.exe [275568] [PID.1424]
    [MD5.9330941C8F6DF417F6DBBE998DB6687E] – (.AVAST Software – avast! Service.) — C:Program FilesAVAST SoftwareAvastAvastSvc.exe [46808] [PID.6232]
    [MD5.8F0DE4FEF8201E306F9938B0905AC96A] – (.Google Inc. – Programme d'installation de Google.) — C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [135664] [PID.3576]
    [MD5.7DCE7A74764EB7C67D21A32BC579453D] – (.Oracle Corporation – Java(TM) Update Checker.) — C:Program Files (x86)Common FilesJavaJava Updatejucheck.exe [507264] [PID.6204]
    [MD5.6AE8E702D1027A9627DDE2B77BB9992B] – (.Safer-Networking Ltd. – Windows Security Center integration..) — C:Program Files (x86)Spybot – Search & Destroy 2SDWSCSvc.exe [171928] [PID.2020]
    [MD5.95AA9E165C7DE1B64A11E8B18E91E499] – (.Safer-Networking Ltd. – Spybot-S&D 2 Scanner Service.) — C:Program Files (x86)Spybot – Search & Destroy 2SDFSSvc.exe [1817560] [PID.4040]
    [MD5.D31398D4BB4907B517B6E784C2100C4A] – (.Safer-Networking Ltd. – Spybot-S&D 2 Background update service.) — C:Program Files (x86)Spybot – Search & Destroy 2SDUpdSvc.exe [1033688] [PID.7148]
    [MD5.DC2E338E63159454B71659D82515A04E] – (.Nicolas Coolman – ZHPDiag.) — C:Program Files (x86)ZHPDiagZHPDiag.exe [8091648] [PID.6780]
    ~ Processes Running: Scanned in 00mn 00s

    —\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
    C:UsersAntoineAppDataLocalGoogleChromeUser DataDefaultPreferences

    —\ Liste des dossiers d'extension Google Chrome
    ~ Google Lines Browser: 1 Legitimates Filtered in 00mn 20s

    —\ Internet Explorer, Proxy Management (R5)
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s

    —\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
    F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
    F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
    F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Hosts file redirection (O1)
    ~ Le fichier hôte est sain (The hosts file is clean).
    ~ Hosts File: Scanned in 00mn 00s

    —\ Internet Explorer Toolbars (O3)
    O3 – Toolbar: Google Toolbar – [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. – Google Toolbar.) — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_64.dll
    O3 – Toolbar: avast! WebRep – [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software – IE Webrep plugin.) — C:Program FilesAVAST SoftwareAvastaswWebRepIE64.dll
    ~ Toolbar: Scanned in 00mn 00s

    —\ Autres liens utilisateurs (O4)
    O4 – GSQuickLaunch [Antoine]: BitTorrent.lnk . (.BitTorrent Inc. – BitTorrent.) — C:UsersAntoineAppDataRoamingBitTorrentBitTorrent.exe =>P2P.BitTorrent
    O4 – GSTaskBar [Antoine]: BitTorrent.lnk . (.BitTorrent Inc. – BitTorrent.) — C:UsersAntoineAppDataRoamingBitTorrentBitTorrent.exe =>P2P.BitTorrent
    ~ Global Startup: 2 Legitimates Filtered in 00mn 01s

    —\ Applications lancées au démarrage du système (O4)
    O4 – HKLM..Run: [ETDCtrl] C:Program Files (x86)ElantechETDCtrl.exe (.not file.)
    O4 – HKLM..Run: [IntelPAN] . (.Intel(R) Corporation – Intel(R) PROSet/Wireless Framework.) — C:Program FilesCommon FilesIntelWirelessCommoniFrmewrk.exe
    O4 – HKLM..Run: [IntelTBRunOnce] . (.Microsoft Corporation – Microsoft ® Windows Based Script Host.) — C:WindowsSystem32wscript.exe
    O4 – HKCU..Run: [Syncables] . (.syncables, LLC – Syncables.) — C:Program Files (x86)syncablessyncables desktopSyncables.exe
    O4 – HKLM..Wow6432NodeRun: [ASUSPRP] . (.ASUSTek Computer Inc. – ASUS Product Register Program.) — C:Program Files (x86)ASUSAPRPAPRP.exe
    O4 – HKLM..Wow6432NodeRun: [SonicMasterTray] . (.Virage Logic Corporation / Sonic Focus – ASUS_MATray.exe.) — C:Program Files (x86)ASUSSonic FocusSonicFocusTray.exe
    O4 – HKLM..Wow6432NodeRun: [ATKOSD2] . (.ASUS – ATKOSD2.) — C:Program Files (x86)ASUSATK PackageATKOSD2ATKOSD2.exe
    O4 – HKLM..Wow6432NodeRun: [ATKMEDIA] . (.ASUS – ATK Media.) — C:Program Files (x86)ASUSATK PackageATK MediaDMedia.exe
    O4 – HKLM..Wow6432NodeRun: [HControlUser] . (.ASUS – HControlUser.) — C:Program Files (x86)ASUSATK PackageATK HotkeyHControlUser.exe
    O4 – HKLM..Wow6432NodeRun: [Wireless Console 3] . (.Pas de propriétaire – Wireless Console 3.) — C:Program Files (x86)ASUSWireless Console 3wcourier.exe
    O4 – HKLM..Wow6432NodeRun: [BDRegion] . (.cyberlink – brs.) — C:Program Files (x86)CyberlinkShared filesbrs.exe
    O4 – HKLM..Wow6432NodeRun: [avast] . (.AVAST Software – avast! Antivirus.) — C:Program FilesAVAST SoftwareAvastavastUI.exe
    O4 – HKLM..Wow6432NodeRun: [SunJavaUpdateSched] . (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program Files (x86)Common FilesJavaJava Updatejusched.exe =>.Oracle Corporation
    O4 – HKUSS-1-5-19..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-20..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-19..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-20..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-21-896355638-3571867695-197123161-1000..Run: [Syncables] . (.syncables, LLC – Syncables.) — C:Program Files (x86)syncablessyncables desktopSyncables.exe
    ~ Application: Scanned in 00mn 00s

    —\ Site dans la Zone de confiance d'Internet Explorer (O15)
    O15 – Trusted Zone: [HKCU…Domainswww] http.samsungsetup.com
    ~ IE Zone Confiance: Scanned in 00mn 00s

    —\ Modification Domaine/Adresses DNS (O17)
    O17 – HKLMSystemCCSServicesTcpip..{DC788CF8-93ED-4BFA-96C4-8513C9CACFEC}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 – HKLMSystemCS1ServicesTcpip..{DC788CF8-93ED-4BFA-96C4-8513C9CACFEC}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 – HKLMSystemCS2ServicesTcpip..{DC788CF8-93ED-4BFA-96C4-8513C9CACFEC}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.1 192.168.1.1
    ~ Domain: Scanned in 00mn 00s

    —\ Protocole additionnel (O18)
    O18 – Handler: wlpg [64Bits] – {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (…) —
    O18 – Filter: application/x-msdownload [64Bits] – {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation – Microsoft .NET Runtime Execution Engine.) — C:WindowsSystem32mscoree.dll =>.Microsoft Corporation
    ~ Protocole Additionnel: Scanned in 00mn 00s

    —\ Liste des services NT non Microsoft et non désactivés (O23)
    O23 – Service: Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd. – Windows Security Center integration..) – C:Program Files (x86)Spybot – Search & Destroy 2SDWSCSvc.exe
    ~ Services: 17 Legitimates Filtered in 00mn 03s

    —\ Tâches planifiées en automatique (O39)
    [MD5.00000000000000000000000000000000] [APT] [{829380DC-A78E-4F1B-BC6E-35BA26E5BAB5}] (…) — C:UsersAntoineDesktopFrenchDisk1Setup.exe (.not file.) [0]
    O39 – APT: – (..) — C:WindowsSystem32TasksAdobe Flash Player Updater [1002]
    O39 – APT: – (..) — C:WindowsSystem32TasksFacebookUpdateTaskUserS-1-5-21-896355638-3571867695-197123161-1000Core [1082]
    O39 – APT: – (..) — C:WindowsSystem32TasksFacebookUpdateTaskUserS-1-5-21-896355638-3571867695-197123161-1000UA [1104]
    O39 – APT: – (..) — C:WindowsSystem32TasksGoogleUpdateTaskMachineCore [1078]
    O39 – APT: – (..) — C:WindowsSystem32TasksGoogleUpdateTaskMachineUA [1082]
    O39 – APT: – (..) — C:WindowsSystem32TasksGoogleUpdateTaskUserS-1-5-21-896355638-3571867695-197123161-1000Core [1034]
    O39 – APT: – (..) — C:WindowsSystem32TasksGoogleUpdateTaskUserS-1-5-21-896355638-3571867695-197123161-1000UA [1086]
    ~ Scheduled Task: 30 Legitimates Filtered in 00mn 03s

    —\ HKCU & HKLM Software Keys
    [HKCUSoftwareAdsFix]
    [HKCUSoftwareConduit] =>Toolbar.Conduit
    [HKCUSoftwaremybestofferstoday] =>PUP.MyBestOffersToday
    [HKLMSoftwareAdsFix]
    [HKLMSoftwareWow6432NodeAdsFix]
    ~ Key Software: 303 Legitimates Filtered in 00mn 00s

    —\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 – CFD: 22/05/2014 – 13:51:29 – [] —-D C:Program Files (x86)Torrent Privacy
    O43 – CFD: 23/12/2013 – 02:36:38 – [] —-D C:ProgramData81510444ceabb558
    O43 – CFD: 23/12/2013 – 02:34:35 – [] —-D C:ProgramDataInstallMate =>PUP.Tarma
    O43 – CFD: 22/05/2014 – 13:51:29 – [] —-D C:UsersAntoineAppDataRoamingTorrentPrivacy
    O43 – CFD: 14/08/2014 – 23:08:39 – [] —-D C:UsersAntoineAppDataLocal30499
    ~ 6 Dossier CLSID vide (CLSID Empty Folder)
    ~ Program Folder: 187 Legitimates Filtered in 00mn 00s

    —\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 – LFC:[MD5.CE86199026291A9CDB754AD4A1B5EE5D] – 05/08/2014 – 21:08:55 —A- . (…) — C:Windowswin.ini [505]
    O44 – LFC:[MD5.5E48EDB0CA8F5DF099C5758CB3F466F0] – 10/08/2014 – 13:37:14 —A- . (…) — C:Windowscomsetup.log [756]
    O44 – LFC:[MD5.2F895669CF96FAAC91EE9C3AC9879351] – 12/08/2014 – 22:40:10 —A- . (…) — C:AdsFix.txt [4460]
    O44 – LFC:[MD5.023DEBD4ADC959EBFF8BAD1EF98CB388] – 14/08/2014 – 22:10:29 —A- . (…) — C:WindowsSystem32ServiceFilter.ini [1730]
    ~ Files: 18 Legitimates Filtered in 00mn 01s

    —\ Clé de registre Shell MountPoints2 (MPKS) (O51)
    O51 – MPSK:{366df6b3-0b2b-11e3-91ca-14dae9ad54cc}AutoRuncommand. (…) — G:HPLauncher.exe (.not file.)
    ~ Keys: Scanned in 00mn 00s

    —\ Enumération des clés de registre StartupReg (SMSR) (O53)
    O53 – SMSR:HKLM…startupregcacaoweb [Key] . (…) — C:UsersAntoineAppDataRoamingcacaowebcacaoweb.exe (.not file.) =>PUP.CacaoWeb
    ~ SMSR Keys: 16 Legitimates Filtered in 00mn 00s

    —\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableLUA”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “PromptOnSecureDesktop”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
    ~ MWPS: 16 Legitimates Filtered in 00mn 00s

    —\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
    O56 – MWPE:[HKLM…policiesExplorer] – “NoActiveDesktopChanges”=1
    ~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s

    —\ Liste des pilotes du système (SDL) (O58)
    O58 – SDL:30/08/2013 – 08:48:10 —A- . (…) — C:WindowsSystem32DriversaswRvrt.sys [65336] =>.ALWIL Software
    O58 – SDL:30/08/2013 – 08:48:10 —A- . (…) — C:WindowsSystem32DriversaswVmm.sys [204880] =>.ALWIL Software
    O58 – SDL:08/07/2013 – 18:13:50 —A- . (.DT Soft Ltd – DAEMON Tools Virtual Bus Driver.) — C:WindowsSystem32Driversdtsoftbus01.sys [283200]
    O58 – SDL:14/07/2009 – 02:47:48 —A- . (.Emulex – Storport Miniport Driver for LightPulse HBAs.) — C:WindowsSystem32Driverselxstor.sys [530496]
    O58 – SDL:12/04/2011 – 22:18:08 —A- . (.ELAN Microelectronics Corp. – ETD Kernel Center.) — C:WindowsSystem32DriversETD.sys [142632]
    O58 – SDL:10/06/2009 – 21:31:59 —A- . (.Hauppauge Computer Works, Inc. – Hauppauge WinTV 885 Consumer IR Driver for eHome.) — C:WindowsSystem32Drivershcw85cir.sys [31232]
    O58 – SDL:01/11/2012 – 19:25:26 —A- . (.AnchorFree Inc. – Hotspot Shield Routing Driver.) — C:WindowsSystem32Drivershssdrv6.sys [42248]
    O58 – SDL:20/07/2009 – 10:29:40 —A- . (.Pas de propriétaire – Keyboard Filter Driver.) — C:WindowsSystem32Driverskbfiltr.sys [15416]
    O58 – SDL:14/07/2009 – 02:45:55 —A- . (.Promise Technology – Promise SuperTrak EX Series Driver for Windows.) — C:WindowsSystem32Driversstexstor.sys [24656]
    O58 – SDL:01/11/2012 – 19:31:08 —A- . (.Anchorfree Inc. – Anchorfree HSS VPN Adapter.) — C:WindowsSystem32Driverstaphss6.sys [40712]
    O58 – SDL:17/04/2010 – 00:07:28 —A- . (…) — C:WindowsSystem32DriversTurboB.sys [13832]
    ~ Drivers: 78 Legitimates Filtered in 00mn 03s

    —\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
    O61 – LFC: 12/08/2014 – 23:30:50 —A- . (…) — C:UsersAntoineDownloadsadwcleaner_3.304.exe [1366203]
    O61 – LFC: 14/08/2014 – 23:30:50 —A- . (…) — C:UsersAntoineDesktopAdsFix.exe [2894848]
    O61 – LFC: 14/08/2014 – 23:30:50 —A- . (…) — C:UsersAntoineDesktopadwcleaner_3.305.exe [1356107]
    ~ 94 Fichiers temporaires (Temporary files)
    ~ 30 Fichiers cookies (Cookies files)
    ~ Files: 6 Legitimates Filtered in 00mn 05s

    —\ Liste des outils de désinfection (LATC) (O63)
    O63 – Logiciel: ZHPDiag 2014 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
    ~ ADS: Scanned in 00mn 00s

    —\ Menu de démarrage Internet (SMI) (O68)
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Mozilla Corporation – Firefox.) — C:Program Files (x86)Mozilla Firefoxfirefox.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche particulière à la racine du système (SPRF) (O84)
    [MD5.90E1D86D979B92738A47D7072CB22DA8] [SPRF][07/07/2010] (…) — C:ProgramDataFullRemove.exe [131472]
    [MD5.B98BD79E6F5136E2AAF368855355E7F1] [SPRF][14/08/2014] (.Pas de propriétaire – Browser Ads Cleaner.) — C:UsersAntoineDesktopAdsFix.exe [2894848]
    [MD5.504721808E6196C52D15ECC1238180F0] [SPRF][14/08/2014] (…) — C:UsersAntoineDesktopadwcleaner_3.305.exe [1356107]
    [MD5.5E7AEB372B2A416450F0D5CB8CFE2C29] [SPRF][19/10/2012] (…) — C:UsersAntoineDesktopK.J_121019E.exe [25544236]
    ~ Files: 5 Legitimates Filtered in 00mn 01s

    —\ Liste des exceptions du parefeu (FirewallRules) (O87)
    O87 – FAEL: “{CC05D28D-F8E7-46E2-B1B1-3211AF2F9D72}” | In – None – P6 – TRUE | .(.BitTorrent Inc. – BitTorrent.) — C:UsersAntoineAppDataRoamingBitTorrentBitTorrent.exe =>P2P.BitTorrent
    O87 – FAEL: “{9DEB1A4E-B05E-4625-87AA-E71689FE69D9}” | In – None – P17 – TRUE | .(.BitTorrent Inc. – BitTorrent.) — C:UsersAntoineAppDataRoamingBitTorrentBitTorrent.exe =>P2P.BitTorrent
    ~ Firewall: 2 Legitimates Filtered in 00mn 00s

    —\ Recherche de clés de registre Tracing (O100)
    HKLMSOFTWAREWow6432NodeMicrosoftTracingBingBar_RASAPI32 =>Toolbar.Bing
    HKLMSOFTWAREWow6432NodeMicrosoftTracingBitTorrent-7_RASAPI32 =>P2P.BitTorrent
    HKLMSOFTWAREWow6432NodeMicrosoftTracingBitTorrent-7_RASMANCS =>P2P.BitTorrent
    HKLMSOFTWAREWow6432NodeMicrosoftTracingBitTorrent_RASAPI32 =>P2P.BitTorrent
    HKLMSOFTWAREWow6432NodeMicrosoftTracingBitTorrent_RASMANCS =>P2P.BitTorrent
    ~ BTK: 190 Legitimates Filtered in 00mn 00s

    —\ Recherche de clés de registre CLSID (O101)
    [HKCRCLSID{2E83568E-0640-4025-B60D-A4A6AE7C6076}] (uiMeshPrepCompPage_c Class) =>PUP.iMesh
    [HKCRCLSID{3366F6CE-2DDD-4F91-B80C-7960B169E02C}] (uiMeshDoctorPage_c Class) =>PUP.iMesh
    [HKCRCLSID{33F346BB-F43E-455A-A633-5F5FC689D4D0}] (uiMeshDecoWizardPage_c Class) =>PUP.iMesh
    [HKCRCLSID{AC1789A1-CEB9-479E-852B-6608F910033C}] (uiMeshManipulationPage Class) =>PUP.iMesh
    [HKCRCLSID{D2DDE660-A14E-4D3D-A0CB-0C9AE7736085}] (uiMeshRelaxPage_c Class) =>PUP.iMesh
    [HKCRCLSID{E3FCFE4B-1A8A-4D1D-85C6-F84B0E98B43B}] (uiMeshSplitPage_c Class) =>PUP.iMesh
    [HKCRCLSID{F3AE0F4E-C3C6-41FB-BE1D-39F7A7A6319D}] (uiMeshSmoothPage_c Class) =>PUP.iMesh
    ~ BCK: 5046 Legitimates Filtered in 00mn 05s

    —\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
    SS – | Demand 08/07/2014 262320 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) – C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe
    SS – | Auto 04/03/2011 379520 | (AFBAgent) . (.ASUSTeK Computer Inc..) – C:Windowssystem32FBAgent.exe
    SS – | Auto 12/11/2010 241648 | (CLKMSVC10_38F51D56) . (.CyberLink.) – C:Program Files (x86)CyberLinkPowerDVD10NavFilterkmsvc.exe
    SS – | Demand 15/10/2009 87336 | (CoordinatorServiceHost) . (.Dassault Systèmes SolidWorks Corp..) – C:Program FilesSolidWorks CorpSolidWorksswSchedulerDTSCoordinatorService.exe
    SS – | Demand 08/07/2013 867080 | (FLEXnet Licensing Service) . (.Acresso Software Inc..) – C:Program Files (x86)Common FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
    SS – | Demand 08/07/2013 1315592 | (FLEXnet Licensing Service 64) . (.Acresso Software Inc..) – C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService64.exe
    SS – | Auto 13/04/2011 135664 | (gupdate) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
    SS – | Demand 13/04/2011 135664 | (gupdatem) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
    SS – | Demand 13/04/2011 182768 | (gusvc) . (.Google.) – C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exe
    SS – | Auto 12/05/2014 1809720 | (MBAMScheduler) . (.Malwarebytes Corporation.) – C:Program Files (x86)Malwarebytes Anti-Malwarembamscheduler.exe
    SS – | Auto 12/05/2014 860472 | (MBAMService) . (.Malwarebytes Corporation.) – C:Program Files (x86)Malwarebytes Anti-Malwarembamservice.exe
    SS – | Demand 01/08/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) – C:Program Files (x86)Mozilla Maintenance Servicemaintenanceservice.exe
    SS – | Demand 02/05/2011 340240 | (MyWiFiDHCPDNS) . (…) – C:Program FilesIntelWiFibinPanDhcpDns.exe
    SS – | Auto 03/04/2014 315008 | (SkypeUpdate) . (.Skype Technologies.) – C:Program Files (x86)SkypeUpdaterUpdater.exe
    SS – | Demand 08/07/2013 79360 | (SolidWorks Licensing Service) . (.SolidWorks.) – C:Program Files (x86)Common FilesSolidWorks SharedServiceSolidWorksLicensing.exe
    SR – | Auto 16/06/2009 84536 | (ASLDRService) . (.ASUS.) – C:Program Files (x86)ASUSATK PackageATK HotkeyASLDRSrv.exe
    SR – | Auto 15/12/2009 96896 | (ATKGFNEXSrv) . (.ASUS.) – C:Program Files (x86)ASUSATK PackageATKGFNEXGFNEXSrv.exe
    SR – | Auto 30/08/2013 46808 | (avast! Antivirus) . (.AVAST Software.) – C:Program FilesAVAST SoftwareAvastAvastSvc.exe
    SR – | Auto 02/05/2011 1517328 | (EvtEng) . (.Intel(R) Corporation.) – C:Program FilesIntelWiFibinEvtEng.exe
    SR – | Auto 05/06/2011 993896 | (NVSvc) . (.NVIDIA Corporation.) – C:WindowsSystem32nvvsvc.exe
    SR – | Auto 02/05/2011 844560 | (RegSrvc) . (.Intel(R) Corporation.) – C:Program FilesCommon FilesIntelWirelessCommonRegSrvc.exe
    SR – | Auto 16/05/2013 1817560 | (SDScannerService) . (.Safer-Networking Ltd..) – C:Program Files (x86)Spybot – Search & Destroy 2SDFSSvc.exe
    SR – | Auto 16/05/2013 1033688 | (SDUpdateService) . (.Safer-Networking Ltd..) – C:Program Files (x86)Spybot – Search & Destroy 2SDUpdSvc.exe
    SR – | Auto 15/05/2013 171928 | (SDWSCService) . (.Safer-Networking Ltd..) – C:Program Files (x86)Spybot – Search & Destroy 2SDWSCSvc.exe
    SR – | Auto 05/06/2011 378472 | (Stereo Service) . (.NVIDIA Corporation.) – C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe
    SR – | Auto 17/04/2010 134928 | (TurboBoost) . (.Intel(R) Corporation.) – C:Program FilesIntelTurboBoostTurboBoost.exe
    SR – | Auto 14/07/2009 27136 | C:Program Files (x86)Windows Defendermpsvc.dll (WinDefend) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    SR – | Auto 10/07/1658 0 | (WMPNetworkSvc) . (…) – C:Program Files (x86)Windows Media Playerwmpnetwk.exe =>.Microsoft Corporation
    SR – | Auto 14/07/2009 27136 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    ~ Services: Scanned in 00mn 06s

    —\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
    Run by Antoine at 14/08/2014 23:31:41
    ~ OS 64 not supported by MBR tool
    ~ MBR: 0 Legitimates Filtered in 00mn 00s

    —\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
    Written by ad13, http://ad13.geekstog” onclick=”window.open(this.href);return false;
    Run by Antoine at 14/08/2014 23:31:43
    ********* Dump file Name *********
    C:PhysicalDisk0_MBR.bin
    ~ MBR: Scanned in 00mn 02s

    —\ Scan Additionnel (O88)
    Database Version : 13026 – (13/08/2014)
    Clés trouvées (Keys found) : 2
    Valeurs trouvées (Values found) : 2
    Dossiers trouvés (Folders found) : 1
    Fichiers trouvés (Files found) : 9

    [HKLMSoftwareMicrosoftShared ToolsMSConfigstartupregcacaoweb] =>PUP.CacaoWeb^
    [HKLMSoftwareWow6432NodeMicrosoftTracingBingBar_RASAPI32] =>Toolbar.Bing
    C:ProgramDataInstallMate =>PUP.Tarma^
    [HKCUSoftwareConduit] =>Toolbar.Conduit^
    [HKCUSoftwaremybestofferstoday] =>PUP.MyBestOffersToday^
    [HKCRCLSID{2E83568E-0640-4025-B60D-A4A6AE7C6076}] (uiMeshPrepCompPage_c Class) =>PUP.iMesh^
    [HKCRCLSID{3366F6CE-2DDD-4F91-B80C-7960B169E02C}] (uiMeshDoctorPage_c Class) =>PUP.iMesh^
    [HKCRCLSID{33F346BB-F43E-455A-A633-5F5FC689D4D0}] (uiMeshDecoWizardPage_c Class) =>PUP.iMesh^
    [HKCRCLSID{AC1789A1-CEB9-479E-852B-6608F910033C}] (uiMeshManipulationPage Class) =>PUP.iMesh^
    [HKCRCLSID{D2DDE660-A14E-4D3D-A0CB-0C9AE7736085}] (uiMeshRelaxPage_c Class) =>PUP.iMesh^
    [HKCRCLSID{E3FCFE4B-1A8A-4D1D-85C6-F84B0E98B43B}] (uiMeshSplitPage_c Class) =>PUP.iMesh^
    [HKCRCLSID{F3AE0F4E-C3C6-41FB-BE1D-39F7A7A6319D}] (uiMeshSmoothPage_c Class) =>PUP.iMesh^
    ~ Additionnel Scan: 312352 Items scanned in 00mn 18s

    —\ Informations complémentaires sur les modules
    ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/” onclick=”window.open(this.href);return false; =>.Internet Explorer, Proxy Management (R5)
    ~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/” onclick=”window.open(this.href);return false; =>.Internet Explorer Toolbars (O3)
    ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/” onclick=”window.open(this.href);return false; =>.Applications lancées au démarrage du système (O4)
    ~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/” onclick=”window.open(this.href);return false; =>.Clé de registre Shell MountPoints2 (MPKS) (O51)
    ~ AMI: 4 Legitimates Filtered in 00mn 00s

    —\ Récapitulatif des détections trouvées sur votre station
    http://nicolascoolman.fr/toolbar-conduit” onclick=”window.open(this.href);return false; =>Toolbar.Conduit
    http://nicolascoolman.fr/pup-tarma” onclick=”window.open(this.href);return false; =>PUP.Tarma
    http://nicolascoolman.fr/pup-cacaoweb” onclick=”window.open(this.href);return false; =>PUP.CacaoWeb
    http://nicolascoolman.fr/pup-imesh” onclick=”window.open(this.href);return false; =>PUP.iMesh
    ~ MSI: 4 link(s) detected in 00mn 00s

    ~ 853 Legitimates filtered by white list
    End of the scan (498 lines in 02mn 10s)(0)[/spoiler:2leii9et]

    Le rapport malwarebyte:

    [spoiler:2leii9et]Malwarebytes Anti-Malware
    http://www.malwarebytes.org” onclick=”window.open(this.href);return false;

    Scan Date: 14/08/2014
    Scan Time: 20:43:46
    Logfile: mw.txt
    Administrator: Yes

    Version: 2.00.2.1012
    Malware Database: v2014.08.14.09
    Rootkit Database: v2014.08.04.01
    License: Trial
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Self-protection: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: Antoine

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 306661
    Time Elapsed: 11 min, 24 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 7
    PUP.Optional.Amonetize, HKLMSOFTWARECLASSESTYPELIB{E20100D9-EE6D-4C68-B7BD-8F459845DD52}, Quarantined, [3e436c5af08b0135168de2c614ed3bc5],
    PUP.Optional.Amonetize, HKLMSOFTWARECLASSESINTERFACE{FA0B3812-154D-4226-97AE-34BD2E515764}, Quarantined, [3e436c5af08b0135168de2c614ed3bc5],
    PUP.Optional.Amonetize, HKLMSOFTWAREWOW6432NODECLASSESINTERFACE{FA0B3812-154D-4226-97AE-34BD2E515764}, Quarantined, [3e436c5af08b0135168de2c614ed3bc5],
    PUP.Optional.Amonetize, HKLMSOFTWAREWOW6432NODECLASSESTYPELIB{E20100D9-EE6D-4C68-B7BD-8F459845DD52}, Quarantined, [3e436c5af08b0135168de2c614ed3bc5],
    PUP.Optional.IStartSurf.A, HKLMSOFTWAREWOW6432NODEistartsurfSoftware, Quarantined, [1a6716b06219a98d3c5ca53714ee07f9],
    PUP.Optional.MBot.A, HKLMSOFTWAREWOW6432NODEMYBESTOFFERSTODAY, Quarantined, [3d44883e9cdfbb7b4bfc09d3bb4712ee],
    PUP.Optional.IStartSurf.A, HKLMSOFTWAREWOW6432NODEMICROSOFTWINDOWSCURRENTVERSIONUNINSTALListartsurf uninstall, Quarantined, [9ee3a0262c4f3204ddbc5582778b7987],

    Registry Values: 1
    PUP.Optional.FastStart.A, HKUS-1-5-21-896355638-3571867695-197123161-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWAREMOZILLAEXTENDS|appid, faststartff@gmail.com, Quarantined, [40414482b0cb53e3154428be3dc5dd23]

    Registry Data: 0
    (No malicious items detected)

    Folders: 3
    PUP.Optional.IStartSurf.A, C:UsersAntoineAppDataRoamingistartsurf, Quarantined, [9ee3a0262c4f3204ddbc5582778b7987],
    PUP.Optional.IStartSurf.A, C:UsersAntoineAppDataRoamingistartsurfimages, Quarantined, [9ee3a0262c4f3204ddbc5582778b7987],
    PUP.Optional.IStartSurf.A, C:UsersAntoineAppDataRoamingistartsurfimagescode, Quarantined, [9ee3a0262c4f3204ddbc5582778b7987],

    Files: 31
    PUP.Optional.Amonetize, C:UsersAntoineDownloadsWifi Password Hack 2013 V5 0 G Downloader__3687_i1106462724_il1301118.exe, Quarantined, [dea321a53d3eb383ccd71098a25f6898],
    PUP.Optional.Amonetize, C:UsersAntoineDownloadsWifi Password Hack__5160_i1106435715_il1069030.exe, Quarantined, [3e436c5af08b0135168de2c614ed3bc5],
    PUP.Optional.Amonetize, C:UsersAntoineAppDataLocal30499a13112.exe, Quarantined, [8af7c006f883e74fbc5fb7eb53ae21df],
    PUP.Optional.IStartSurf.A, C:Program Files (x86)Mozilla Firefoxbrowsersearchpluginsistartsurf.xml, Quarantined, [057c10b6512a1c1ab51888557b878a76],
    PUP.Optional.ContinueToSave.A, C:UsersAntoineAppDataLocalGoogleChromeUser DataDefaultLocal Storagehttp_continuetosave.info_0.localstorage, Quarantined, [e0a15e68a4d7142266af974930d2bf41],
    PUP.Optional.IStartSurf.A, C:UsersAntoineAppDataRoamingistartsurf247.json, Quarantined, [9ee3a0262c4f3204ddbc5582778b7987],
    PUP.Optional.IStartSurf.A, C:UsersAntoineAppDataRoamingistartsurfMessageBox.xml, Quarantined, [9ee3a0262c4f3204ddbc5582778b7987],
    PUP.Optional.IStartSurf.A, C:UsersAntoineAppDataRoamingistartsurfuninstallDlg2.xml, Quarantined, [9ee3a0262c4f3204ddbc5582778b7987],
    PUP.Optional.IStartSurf.A, C:UsersAntoineAppDataRoamingistartsurfUninstallManager.exe, Quarantined, [9ee3a0262c4f3204ddbc5582778b7987],
    PUP.Optional.IStartSurf.A, C:UsersAntoineAppDataRoamingistartsurfimagesbg.png, Quarantined, [9ee3a0262c4f3204ddbc5582778b7987],
    PUP.Optional.IStartSurf.A, C:UsersAntoineAppDataRoamingistartsurfimagesbg1.png, Quarantined, [9ee3a0262c4f3204ddbc5582778b7987],
    PUP.Optional.IStartSurf.A, C:UsersAntoineAppDataRoamingistartsurfimagesbk_shadow.png, Quarantined, [9ee3a0262c4f3204ddbc5582778b7987],
    PUP.Optional.IStartSurf.A, C:UsersAntoineAppDataRoamingistartsurfimagesbutton.png, Quarantined, [9ee3a0262c4f3204ddbc5582778b7987],
    PUP.Optional.IStartSurf.A, C:UsersAntoineAppDataRoamingistartsurfimagesbutton1.png, Quarantined, [9ee3a0262c4f3204ddbc5582778b7987],
    PUP.Optional.IStartSurf.A, C:UsersAntoineAppDataRoamingistartsurfimagescheckbox.png, Quarantined, [9ee3a0262c4f3204ddbc5582778b7987],
    PUP.Optional.IStartSurf.A, C:UsersAntoineAppDataRoamingistartsurfimagescheckbox_select.png, Quarantined, [9ee3a0262c4f3204ddbc5582778b7987],
    PUP.Optional.IStartSurf.A, C:UsersAntoineAppDataRoamingistartsurfimageschecked.png, Quarantined, [9ee3a0262c4f3204ddbc5582778b7987],
    PUP.Optional.IStartSurf.A, C:UsersAntoineAppDataRoamingistartsurfimagesclose.png, Quarantined, [9ee3a0262c4f3204ddbc5582778b7987],
    PUP.Optional.IStartSurf.A, C:UsersAntoineAppDataRoamingistartsurfimagesloading_bg.png, Quarantined, [9ee3a0262c4f3204ddbc5582778b7987],
    PUP.Optional.IStartSurf.A, C:UsersAntoineAppDataRoamingistartsurfimagesloading_light.png, Quarantined, [9ee3a0262c4f3204ddbc5582778b7987],
    PUP.Optional.IStartSurf.A, C:UsersAntoineAppDataRoamingistartsurfimagesmin.png, Quarantined, [9ee3a0262c4f3204ddbc5582778b7987],
    PUP.Optional.IStartSurf.A, C:UsersAntoineAppDataRoamingistartsurfimagesscrollbar.bmp, Quarantined, [9ee3a0262c4f3204ddbc5582778b7987],
    PUP.Optional.IStartSurf.A, C:UsersAntoineAppDataRoamingistartsurfimagesThumbs.db, Quarantined, [9ee3a0262c4f3204ddbc5582778b7987],
    PUP.Optional.IStartSurf.A, C:UsersAntoineAppDataRoamingistartsurfimagesunchecked.png, Quarantined, [9ee3a0262c4f3204ddbc5582778b7987],
    PUP.Optional.IStartSurf.A, C:UsersAntoineAppDataRoamingistartsurfimagescodecode1.jpg, Quarantined, [9ee3a0262c4f3204ddbc5582778b7987],
    PUP.Optional.IStartSurf.A, C:UsersAntoineAppDataRoamingistartsurfimagescodecode2.jpg, Quarantined, [9ee3a0262c4f3204ddbc5582778b7987],
    PUP.Optional.IStartSurf.A, C:UsersAntoineAppDataRoamingistartsurfimagescodecode3.jpg, Quarantined, [9ee3a0262c4f3204ddbc5582778b7987],
    PUP.Optional.IStartSurf.A, C:UsersAntoineAppDataRoamingistartsurfimagescodecode4.jpg, Quarantined, [9ee3a0262c4f3204ddbc5582778b7987],
    PUP.Optional.IStartSurf.A, C:UsersAntoineAppDataRoamingistartsurfimagescodecode5.jpg, Quarantined, [9ee3a0262c4f3204ddbc5582778b7987],
    PUP.Optional.IStartSurf.A, C:UsersAntoineAppDataRoamingistartsurfimagescodecode6.jpg, Quarantined, [9ee3a0262c4f3204ddbc5582778b7987],
    PUP.Optional.IStartSurf.A, C:UsersAntoineAppDataRoamingistartsurfimagescodeThumbs.db, Quarantined, [9ee3a0262c4f3204ddbc5582778b7987],

    Physical Sectors: 0
    (No malicious items detected)

    (end)[/spoiler:2leii9et]

    Le rapport adwcleaner:

    [spoiler:2leii9et]# AdwCleaner v3.305 – Rapport créé le 14/08/2014 à 23:52:30
    # Mis à jour le 14/08/2014 par Xplode
    # Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Nom d'utilisateur : Antoine – ANTOINE-PC
    # Exécuté depuis : C:UsersAntoineDesktopadwcleaner_3.305.exe
    # Option : Scanner

    ***** [ Services ] *****

    ***** [ Fichiers / Dossiers ] *****

    ***** [ Tâches planifiées ] *****

    ***** [ Raccourcis ] *****

    ***** [ Registre ] *****

    Clé Présente : HKCUSoftwareConduit
    Clé Présente : [x64] HKCUSoftwareConduit
    Clé Présente : HKLMSOFTWAREMicrosoftInternet ExplorerExtension Compatibility{74F475FA-6C75-43BD-AAB9-ECDA6184F600}

    ***** [ Navigateurs ] *****

    -\ Internet Explorer v11.0.9600.17207

    -\ Mozilla Firefox v31.0 (x86 fr)

    [ Fichier : C:UsersAntoineAppDataRoamingMozillaFirefoxProfilesexl4romb.default-1407269112085prefs.js ]

    -\ Google Chrome v36.0.1985.125

    [ Fichier : C:UsersAntoineAppDataLocalGoogleChromeUser DataDefaultpreferences ]

    *************************

    AdwCleaner[R0].txt – [13658 octets] – [05/08/2014 22:07:22]
    AdwCleaner[R1].txt – [2454 octets] – [12/08/2014 22:31:58]
    AdwCleaner[R2].txt – [1517 octets] – [14/08/2014 20:38:28]
    AdwCleaner[R3].txt – [1514 octets] – [14/08/2014 23:26:01]
    AdwCleaner[R4].txt – [1309 octets] – [14/08/2014 23:52:30]
    AdwCleaner[S0].txt – [10482 octets] – [05/08/2014 22:08:29]
    AdwCleaner[S1].txt – [2486 octets] – [12/08/2014 22:35:19]

    ########## EOF – C:AdwCleanerAdwCleaner[R4].txt – [1490 octets] ##########[/spoiler:2leii9et]

    Je n’arrive pas a faire fonctionner adsfix, il démarre, se mets a jour se relance et ça éternellement.(il me dit aussi que spybot est lancé, je ne sais pas le désactiver)

  • Photo du profil de g3n-h@ckm@ng3n-h@ckm@n
    Admin bbPress
    Nombre d'articles : 8320

    salut pour spybot désinstalle -le il sert à rien

    ===

    pour adsfix , tente en le prenant ici :

    http://www.aht.li/2159847/AdsFix.exe” onclick=”window.open(this.href);return false;

  • Photo du profil de djidaneletribaldjidaneletribal
    Participant
    Nombre d'articles : 4

    Excusez-moi, je n’étais pas connecté quand j’ai posté après m’être enregistré, je suis la même personne qu’au dessus donc, identification en sus.

  • Photo du profil de g3n-h@ckm@ng3n-h@ckm@n
    Admin bbPress
    Nombre d'articles : 8320

    ok ca se passe juste au dessus ^^

  • Photo du profil de djidaneletribaldjidaneletribal
    Participant
    Nombre d'articles : 4

    Alors j’ai finalement réussi à lancer adsfix grâce à ton lien, mais je ne sais ps comment récupérer le rapport d’erreur, il n’est pas apparu après le redémarrage.

  • Photo du profil de g3n-h@ckm@ng3n-h@ckm@n
    Admin bbPress
    Nombre d'articles : 8320

    salut il est sur le bureau dans tes icones

Le sujet ‘Hello! Ordi ramolli, merci, merci.’ est fermé à de nouvelles réponses.