Répondre à : virus raletissement 2016-09-08T13:24:39+00:00
pat
Nombre d'articles : 0

~ Rapport de ZHPDiag v2013.12.10.20 – Nicolas Coolman (10/12/2013)
~ Lancé par poe (11/12/2013 22:23:54)
~ Adresse du Site Web http://nicolascoolman.webs.com” onclick=”window.open(this.href);return false;
~ Forums gratuits d’Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/” onclick=”window.open(this.href);return false;
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Désactivée par l’utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program

—\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16428
GCIE: Google Chrome v31.0.1650.63 (Defaut)

—\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 3Q6C9
Windows License : OK
~ Windows Remaining Initializations Number : 0
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

—\ Logiciels de protection du système
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7

—\ Logiciels d’optimisation du système

—\ Logiciels de partage PeerToPeer

—\ Surveillance de Logiciels
Adobe Flash Player 11 ActiveX
Adobe Reader X MUI
Java 7 Update 7

—\ Informations sur le système
~ Processor: x86 Family 20 Model 2 Stepping 0, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3578 MB (56% free)
System Restore: Activé (Enable)
System drive C: has 319 GB (71%) free of 445 GB

—\ Mode de connexion au système
~ Computer Name: POUPOUILLE
~ User Name: poe
~ All Users Names: poe, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator

—\ Variables d’environnement
~ System Unit : C:
~ %AppZHP% : C:UserspoeAppDataRoamingZHP
~ %AppData% : C:UserspoeAppDataRoaming
~ %Desktop% : C:UserspoeDesktop
~ %Favorites% : C:UserspoeFavorites
~ %LocalAppData% : C:UserspoeAppDataLocal
~ %StartMenu% : C:UserspoeAppDataRoamingMicrosoftWindowsStart Menu
~ %Windir% : C:Windows
~ %System% : C:WindowsSystem32

—\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 319 Go of 445 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 17 Go)
E: Hard drive, Flash drive, Thumb drive (Free 1 Go of 4 Go)
F: Floppy drive, Flash card reader, USB Key (Free 0 Go of 4 Go)
G: Floppy drive, Flash card reader, USB Key (Free 7 Go of 7 Go)
Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)

—\ Etat du Centre de Sécurité Windows
[HKLMSOFTWAREMicrosoftSecurity CenterSvc] AntiSpywareOverride: OK
[HKLMSOFTWAREMicrosoftSecurity CenterSvc] AntiVirusOverride: OK
[HKLMSOFTWAREMicrosoftSecurity CenterSvc] FirewallOverride: OK
[HKCUSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem] DisableTaskMgr: OK
[HKCUSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem] DisableRegistryTools: OK
[HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciessystem] EnableLUA: OK
[HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenNOHIDDEN] CheckedValue: OK
[HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenSHOWALL] CheckedValue: OK
[HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAssociations] Application: OK
[HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinlogon] Shell: OK
[HKCUSOFTWAREMicrosoftWindows NTCurrentVersionWindows] Load: OK
[HKLMSYSTEMCurrentControlSetServicesCOMSysApp] Type: OK
[HKLMSOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdateAuto UpdateResultsInstall] LastSuccessTime : OK
~ Security Center: 45 Scanned in 00mn 00s

—\ Recherche particulière de fichiers génériques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] – (.Microsoft Corporation – Explorateur Windows.) (.12/08/2011 – 09:40:47.) — C:WindowsExplorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] – (.Microsoft Corporation – Application de démarrage de Windows.) (.14/07/2009 – 02:14:45.) — C:WindowsSystem32Wininit.exe [96256]
[MD5.B5EB5BD3066959611E1F7A80FD6CC172] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.09/12/2013 – 03:02:53.) — C:WindowsSystem32wininet.dll [1818112]
[MD5.6D13E1406F50C66E2A95D97F22C47560] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.20/11/2010 – 22:29:06.) — C:WindowsSystem32Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] – (.Microsoft Corporation – Bibliothèque de licences.) (.20/11/2010 – 22:29:24.) — C:WindowsSystem32sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.14/09/2013 – 01:48:58.) — C:Windowssystem32DriversAFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.14/07/2009 – 02:26:15.) — C:Windowssystem32Driversatapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] – (.Microsoft Corporation – CD-ROM File System Driver.) (.14/07/2009 – 00:11:15.) — C:Windowssystem32DriversCdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.20/11/2010 – 22:29:03.) — C:Windowssystem32DriversCdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.20/11/2010 – 22:29:07.) — C:Windowssystem32DriversDfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.20/11/2010 – 22:29:03.) — C:Windowssystem32DriversHDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] – (.Microsoft Corporation – Pilote de port i8042.) (.14/07/2009 – 00:11:24.) — C:Windowssystem32Driversi8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] – (.Microsoft Corporation – IP Network Address Translator.) (.14/07/2009 – 00:54:29.) — C:Windowssystem32DriversIpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.12/08/2011 – 09:44:16.) — C:Windowssystem32DriversMRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] – (.Microsoft Corporation – MBT Transport driver.) (.20/11/2010 – 22:29:08.) — C:Windowssystem32DriversnetBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.12/04/2013 – 14:45:29.) — C:Windowssystem32Driversntfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] – (.Microsoft Corporation – Pilote de port parallèle.) (.14/07/2009 – 00:45:35.) — C:Windowssystem32DriversParport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.14/07/2009 – 00:54:34.) — C:Windowssystem32DriversRasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] – (.Microsoft Corporation – SMB Transport driver.) (.14/07/2009 – 00:53:41.) — C:Windowssystem32Driverssmb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] – (.Microsoft Corporation – TDI Translation Driver.) (.20/11/2010 – 22:29:07.) — C:Windowssystem32Driverstdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.20/11/2010 – 22:29:03.) — C:Windowssystem32Driversvolsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s

—\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/9868
~ Mes musiques (My Musics) : 1/1918
~ Mes Videos (My Videos) : 1/295
~ Mes Favoris (My Favorites) : 1/51
~ Mes Documents (My Documents) : 1/1798
~ Mon Bureau (My Desktop) : 1/20
~ Menu demarrer (Programs) : 1/37
~ Hidden Files: Scanned in 00mn 12s

—\ Processus lancés
[MD5.D1D5DAB39DCB4BE0359943738D87409B] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program FilesMalwarebytes’ Anti-Malwarembamgui.exe [532040] [PID.2512]
[MD5.D21D0FFF8D2BAE2822F860BCDECED294] – (.Synaptics Incorporated – Synaptics TouchPad Enhancements.) — C:Program FilesSynapticsSynTPSynTPEnh.exe [2333968] [PID.3324]
[MD5.DE0045B88E2A0E53457FC3D033F73D91] – (.IDT, Inc. – IDT PC Audio.) — C:Program FilesIDTWDMsttray.exe [1138780] [PID.3452]
[MD5.E58BA6B9B0829F08E279088087AE48B6] – (.Hewlett-Packard Company – HP QuickWeb Utilities.) — C:Program FilesHewlett-PackardHP QuickWebhpqwutils.exe [169528] [PID.3552]
[MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] – (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe [932288] [PID.3844]
[MD5.FE31F1C15D1AFF7A9557BD33406CC4D1] – (.Hewlett-Packard Development Company, L.P. – HP CoolSense.) — C:Program FilesHewlett-PackardHP CoolSenseCoolSense.exe [1342008] [PID.3968]
[MD5.12916E0642E92561C98B18A2A2D01B14] – (.Sun Microsystems, Inc. – Java(TM) Update Scheduler.) — C:Program FilesCommon FilesJavaJava Updatejusched.exe [252848] [PID.3476]
[MD5.E4401CF27225C1D6E664E86195978562] – (.Apple Inc. – iTunesHelper.) — C:Program FilesiTunesiTunesHelper.exe [152544] [PID.3596]
[MD5.8192B2E274607D1D530F5C191698C544] – (.Hewlett-Packard Development Company, L.P. – HP Message Service.) — C:Program FilesHewlett-PackardHP Quick LaunchHPMSGSVC.exe [578944] [PID.3788]
[MD5.8A3B69683E63808719D24E1C68C21CC7] – (.Hewlett-Packard Development Company, L.P. – HP On Screen Display.) — C:Program FilesHewlett-PackardHP On Screen DisplayHPOSD.exe [379960] [PID.3992]
[MD5.8B4CFEE322B7F3C92342BB6C8E10209D] – (.Pas de propriétaire – HP Taskbar Process HP.) — C:Program FilesHewlett-PackardHP LaunchBoxHPTaskBar1.exe [99896] [PID.4084]
[MD5.573FB8BBAD721AEBD7D7C457E52B25B4] – (.Hewlett-Packard Development Company, L.P. – HP Taskbar Process TP.) — C:Program FilesHewlett-PackardHP LaunchBoxHPTaskBar2.exe [702008] [PID.3240]
[MD5.00A66351606CD94EDA4417C07A027DE5] – (…) — C:Program FilesMobogenieDaemonProcess.exe [747712] [PID.3608]
[MD5.B7F55E2AE978D3D34F7876EE5D689AAE] – (.CyberLink – YouCam Mirage.) — C:Program FilesCyberLinkYouCamYCMMirage.exe [136488] [PID.3956]
[MD5.FB1A303207C1124C2B61A50E5A32AC21] – (.Pas de propriétaire – DivX Update.) — C:Program FilesDivXDivX UpdateDivXUpdate.exe [1861968] [PID.3780]
[MD5.6411B4ECFFFD47D6872506CF8E2258C6] – (…) — C:UserspoeAppDataRoamingSpotifyDataSpotifyWebHelper.exe [1193176] [PID.4140]
[MD5.F7128E5772F9312F0D111A5FA5D41773] – (.Skype Technologies S.A. – Skype.) — C:Program FilesSkypePhoneSkype.exe [20684656] [PID.4744]
[MD5.D1AB72DB2BEDD2F255D35DA3DA0D4B16] – (.Microsoft Corporation – Microsoft ® Windows Based Script Host.) — C:WindowsSystem32wscript.exe [141824] [PID.4836]
[MD5.7E68EC81576FCE3582A566B87E41B926] – (.Broadcom Corporation. – Bluetooth Tray Application.) — C:Program FilesWIDCOMMBluetooth SoftwareBTTray.exe [1008928] [PID.4984]
[MD5.A6B0C674D7ED96EB7C783E8CE2D7CA79] – (.Synaptics Incorporated – Synaptics Pointing Device Helper.) — C:PROGRAM FILESSYNAPTICSSYNTPSYNTPHELPER.exe [109840] [PID.5648]
[MD5.376A9B411BF8B77D5BF84B24D0C7DACD] – (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe [863184] [PID.2484]
[MD5.7C3B185D1B2C5B9050AA4F522ACA946E] – (.Broadcom Corporation. – Bluetooth Stack COM Server.) — C:Program FilesWIDCOMMBluetooth SoftwareBtStackServer.exe [3544352] [PID.5684]
[MD5.C861851A0BBD9903E324487011AA3705] – (.Advanced Micro Devices Inc. – Catalyst Control Center: Monitoring program.) — C:Program FilesATI TechnologiesATI.ACECore-StaticMOM.exe [299008] [PID.4380]
[MD5.D28C5A1411BB0B47E05E0D6AAF896690] – (.ATI Technologies Inc. – Catalyst Control Center: Host application.) — C:Program FilesATI TechnologiesATI.ACECore-StaticCCC.exe [299008] [PID.5032]
[MD5.075657021D14F61B6B1C57D621A99A86] – (.Broadcom Corporation. – Bluetooth Headset Helper.) — C:Program FilesWIDCOMMBluetooth SoftwareBluetooth Headset Helper.exe [148768] [PID.984]
[MD5.2E0B0A051FFAA86E358465BB0880D453] – (.Microsoft Corporation – Windows Update.) — C:Windowssystem32wuauclt.exe [53784] [PID.3944]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] – (…) — ystem32rundll32.exe [0] [PID.636]
[MD5.CBCC1D0C253EC31D94F5CDBE60866F7B] – (.Nicolas Coolman – ZHPDiag.) — C:Program FilesZHPDiagZHPDiag.exe [8291840] [PID.3952]
[MD5.D53024C1355615B82DD1526B63623E61] – (…) — C:Program FilesMobogeniemgusb.exe [88256] [PID.3664]
[MD5.5DAF7081A4BB112FA3F1915819330A3E] – (…) — C:Program FilesZHPDiagpv.exe [61440] [PID.0]
~ Processes Running: Scanned in 00mn 02s

—\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:UserspoeAppDataLocalGoogleChromeUser DataDefaultPreferences
G1 – GCS: Preference [User DataDefault] None
G0 – GCSP: Preference [User DataDefault][HomePage] http://www.google.com” onclick=”window.open(this.href);return false;
G0 – GCSP: Preference [User DataDefault] http://www.google.com” onclick=”window.open(this.href);return false;
G2 – GCE: Preference [User DataDefault] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activé)
G2 – GCE: Preference [User DataDefault] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé)
G2 – GCE: Preference [User DataDefault] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activé)
G2 – GCE: Preference [User DataDefault] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 – GCE: Preference [User DataDefault] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 – GCE: Preference [User DataDefault] [flpcjncodpafbgdpnkljologafpionhb] Managera v.0.1 (Activé)
G2 – GCE: Preference [User DataDefault] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
G2 – GCE: Preference [User DataDefault] [gmookaamlkjilnemkglmedgieblahbcn] Pricora 2.0 v.1.25.85, (Activé) =>Adware.Pricora
G2 – GCE: Preference [User DataDefault] [gnbbmjlpkhenbefmmdjodjfmcamegmpd] LyricsViewer-2 v.1.25.27, (Activé) =>Adware.AddLyrics
G2 – GCE: Preference [User DataDefault] [licjnkifamhpbaefhdpacpmihicfbomb] PricePeep v.2.2.0.6 (Activé) =>Adware.PricePeep
G2 – GCE: Preference [User DataDefault] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Skype Click to Call v.6.3.0.11079 (Désactivé)
G2 – GCE: Preference [User DataDefault] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 – GCE: Preference [User DataDefault] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 – GCE: Preference [User DataDefault] [mphpbdjcljebbcnfopfngmfdackbbdgf] DealPly Shopping v.3.5.0.0 (Activé) =>PUP.DealPly
G2 – GCE: Preference [User DataDefault] [nmmhkkegccagdldgiimedpiccmgmieda] Google?Wallet v.0.0.5.0 (Activé)
G2 – GCE: Preference [User DataDefault] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activé)
~ Google Browser: 19 Scanned in 00mn 09s

—\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 – FPN: [HKLM] [@adobe.com/ShockwavePlayer] – (.Adobe Systems, Inc. – Adobe Shockwave for Director Netscape plug-in, version 11.5.9.620.) — C:Windowssystem32AdobeDirectornp32dsw.dll
P2 – FPN: [HKLM] [@Apple.com/iTunes,version=1.0] – (…) — C:Program FilesiTunesMozilla Pluginsnpitunes.dll
P2 – FPN: [HKLM] [@divx.com/DivX VOD Helper,version=1.0.0] – (.DivX, LLC. – DivX VOD Helper Plug-in.) — C:Program FilesDivXDivX OVS Helpernpovshelper.dll
P2 – FPN: [HKLM] [@divx.com/DivX Web Player Plug-In,version=1.0.0] – (.DivX, LLC – DivX Web Player version 3.0.1.5.) — C:Program FilesDivXDivX Web Playernpdivx32.dll
P2 – FPN: [HKLM] [@java.com/DTPlugin,version=10.7.2] – (.Oracle Corporation – NPRuntime Script Plug-in Library for Java(TM) Deploy.) — C:Windowssystem32npDeployJava1.dll
P2 – FPN: [HKLM] [@java.com/JavaPlugin,version=10.7.2] – (.Oracle Corporation – Next Generation Java Plug-in 10.7.2 for Mozilla browsers.) — C:Program FilesJavajre7binplugin2npjp2.dll
P2 – FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] – (. Microsoft Corporation – 5.1.20913.0.) — c:Program FilesMicrosoft Silverlight5.1.20913.0npctrl.dll
P2 – FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] – (.Microsoft Corporation – The plug-in allows you to open and edit files using Microsoft Office a.) — C:Program FilesMicrosoft OfficeOffice14NPSPWRAP.dll
P2 – FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] – (.Microsoft Corporation – NPWLPG.) — C:Program FilesWindows LivePhoto GalleryNPWLPG.dll
P2 – FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] – (.Microsoft Corporation – NPWLPG.) — C:Program FilesWindows LivePhoto GalleryNPWLPG.dll
P2 – FPN: [HKLM] [@tools.google.com/Google Update;version=3] – (.Google Inc. – Google Update.) — C:Program FilesGoogleUpdate1.3.22.3npGoogleUpdate3.dll
P2 – FPN: [HKLM] [@tools.google.com/Google Update;version=9] – (.Google Inc. – Google Update.) — C:Program FilesGoogleUpdate1.3.22.3npGoogleUpdate3.dll
P2 – FPN: [HKLM] [@WildTangent.com/GamesAppPresenceDetector,Version=1.0] – (…) — C:Program FilesWildTangent GamesAppBrowserIntegrationRegisteredNP_wtapp.dll
~ Firefox Browser: 13 Scanned in 00mn 00s

—\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.google.com” onclick=”window.open(this.href);return false;
R0 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com” onclick=”window.open(this.href);return false;
R1 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com” onclick=”window.open(this.href);return false;
R1 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://g.uk.msn.com” onclick=”window.open(this.href);return false;
R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com” onclick=”window.open(this.href);return false;
R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com” onclick=”window.open(this.href);return false;
R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Extensions Off Page = about:noadd-ons
R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Security Risk Page = about:securityrisk
R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com” onclick=”window.open(this.href);return false;
R3 – URLSearchHook: Microsoft Url Search Hook – {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (…) (No version) — (.not file.)
R4 – HKLMSOFTWAREMicrosoftInternet ExplorerPhishingFilter,EnabledV8 = 1
~ IE Browser: 11 Scanned in 00mn 00s

—\ Internet Explorer, Proxy Management (R5)
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

—\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
F2 – REG:system.ini: USERINIT=C:Windowssystem32Userinit.exe,
F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

—\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21

—\ Browser Helper Objects de navigateur (O2)
O2 – BHO: AcroIEHelperStub – {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated – Adobe PDF Helper for Internet Explorer.) — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 – BHO: Java(tm) Plug-In SSV Helper – {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation – Java(TM) Platform SE binary.) — C:Program FilesJavajre7binssv.dll
O2 – BHO: PassWidget – {7f17d90c-aaaa-4e56-91d3-2433e23a62f6} . (…) — C:Program FilesPass-Widget135.dll (.not file.) =>PUP.PassWidget
O2 – BHO: Windows Live ID Sign-in Helper – {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. – Microsoft® Windows Live ID Login Helper.) — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 – BHO: Google Toolbar Helper – {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. – Google Toolbar.) — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll =>Toolbar.Google
O2 – BHO: Bing Bar Helper – {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (.Microsoft Corporation. – Extensions du client Bing.) — C:Program FilesMicrosoftBingBar7.2.241.0BingExt.dll =>Toolbar.Bing
O2 – BHO: Java(tm) Plug-In 2 SSV Helper – {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation – Java(TM) Platform SE binary.) — C:Program FilesJavajre7binjp2ssv.dll
O2 – BHO: HP Network Check Helper – {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} . (.Hewlett-Packard – HP Network Check IE Plug-in.) — C:Program FilesHewlett-PackardHP Support FrameworkResourcesHPNetworkCheckHPNetworkCheckPlugin.dll
~ BHO: 16 Scanned in 00mn 00s

—\ Internet Explorer Toolbars (O3)
O3 – Toolbar: Bing Bar – [HKLM]{8dcb7100-df86-4384-8842-8fa844297b3f} . (.Microsoft Corporation. – Extensions du client Bing.) — C:Program FilesMicrosoftBingBar7.2.241.0BingExt.dll =>Toolbar.Bing
O3 – Toolbar: Google Toolbar – [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. – Google Toolbar.) — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll =>Toolbar.Google
O3 – ToolbarWebBrowser: (no name) – [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline
~ Toolbar: Scanned in 00mn 00s

—\ Autres liens utilisateurs (O4)
O4 – GSDesktop [Public]: Choix de navigateur .lnk . (.Microsoft Corporation – Choix de navigateur .) — C:WindowsSystem32browserchoice.exe
O4 – GSDesktop [Public]: DivX Converter.lnk . (.DivX, Inc. – DivX Converter.) — C:Program FilesDivXDivX ConverterDivXConverterLauncher.exe
O4 – GSDesktop [Public]: DivX Player.lnk . (…) — C:Program FilesDivXDivX PlayerDivX Player.exe
O4 – GSDesktop [Public]: Découvrez HP webOS.lnk . (…) — C:Program FilesHewlett-PackardSharedWizLink.exe
O4 – GSDesktop [Public]: Fast Media Converter.lnk . (…) — C:Program FilesFastMediaConverterFastMedia Converter.exe
O4 – GSDesktop [Public]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
O4 – GSDesktop [Public]: HP Support Assistant.lnk . (.Hewlett-Packard Company – HP Support Assistant.) — C:Program FilesHewlett-PackardHP Support FrameworkHPSF.exe =>.Hewlett-Packard Co
O4 – GSDesktop [Public]: iTunes.lnk . (.Apple Inc. – iTunes.) — C:Program FilesiTunesiTunes.exe
O4 – GSDesktop [Public]: Magic Desktop.lnk . (.EasyBits Software AS – EasyBits Security Shield.) — C:Program FilesEasyBits For KidsezSecShield.exe =>.EasyBits Software AS
O4 – GSDesktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program FilesMalwarebytes’ Anti-Malwarembam.exe
O4 – GSDesktop [Public]: Microsoft Office 2010.lnk . (.Hewlett-Packard Company – OfficeDesktopIconThread.) — C:SYSTEM.SAVutilOfficeDesktopIconThread.exe
O4 – GSDesktop [Public]: Photos Snapfish.lnk . (…) — C:Program FilesHewlett-PackardSharedWizLink.exe
O4 – GSDesktop [Public]: WildTangent Games App – hp.lnk . (…) — C:Program FilesHP Gamesonplayonplay.exe
O4 – GSProgram [Public]: Adobe Reader X.lnk . (…) — C:WindowsInstaller{AC76BA86-7AD7-FFFF-7B44-AA0000000001}SC_Reader.ico
O4 – GSProgram [Public]: Apple Software Update.lnk . (…) — C:WindowsInstaller{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}AppleSoftwareUpdateIco.exe =>.Apple Inc
O4 – GSProgram [Public]: Audacity 1.3 Beta (Unicode).lnk . (.The Audacity Team – Audacity®, the Free, Cross-Platform Sound E.) — C:Program FilesAudacity 1.3 Beta (Unicode)audacity.exe =>.The Audacity Team
O4 – GSProgram [Public]: Media Center.lnk . (.Microsoft Corporation – Windows Media Center.) — C:Windowsehomeehshell.exe =>.Microsoft Corporation
O4 – GSProgram [Public]: Microsoft Office 2010.lnk . (…) — C:WindowsInstaller{95140000-0070-0000-0000-0000000FF1CE}oobeicon.exe
O4 – GSProgram [Public]: Microsoft Office Word Viewer 2003.lnk . (…) — C:WindowsInstaller{9085040C-6000-11D3-8CFE-0150048383C9}wrdvicon.exe
O4 – GSProgram [Public]: MusicStation.lnk . (.Omnifone Ltd – MusicStation.) — C:Program FilesOnline ServicesOmnifoneMusicStation.exe
O4 – GSProgram [Public]: Sidebar.lnk . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program FilesWindows Sidebarsidebar.exe =>.Microsoft Corporation
O4 – GSProgram [Public]: Visionneuse Microsoft PowerPoint .lnk . (…) — C:WindowsInstaller{95140000-00AF-040C-0000-0000000FF1CE}ppvwicon.exe
O4 – GSProgram [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation – Interface utilisateur de Mise à niveau expr.) — C:Windowssystem32WindowsAnytimeUpgradeUI.exe
O4 – GSProgram [Public]: Windows DVD Maker.lnk . (.Microsoft Corporation – Création de DVD Windows.) — C:Program FilesDVD MakerDVDMaker.exe =>.Microsoft Corporation
O4 – GSProgram [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation – Microsoft Windows Fax and Scan.) — C:Windowssystem32WFS.exe =>.Microsoft Corporation
O4 – GSProgram [Public]: Windows Live Mail.lnk . (.Microsoft Corporation – Windows Live Mail.) — C:Program FilesWindows LiveMailwlmail.exe =>.Microsoft Corporation
O4 – GSProgram [Public]: Windows Live Messenger.lnk . (.Microsoft Corporation – Windows Live Messenger.) — C:Program FilesWindows LiveMessengermsnmsgr.exe
O4 – GSProgram [Public]: Windows Live Movie Maker.lnk . (.Microsoft Corporation – Windows Live Movie Maker.) — C:Program FilesWindows LivePhoto GalleryMovieMaker.exe =>.Microsoft Corporation
O4 – GSProgram [Public]: Windows Live Photo Gallery.lnk . (.Microsoft Corporation – Windows Live Photo Gallery.) — C:Program FilesWindows LivePhoto GalleryWLXPhotoGallery.exe =>.Microsoft Corporation
O4 – GSProgram [Public]: Windows Media Player.lnk . (.Microsoft Corporation – Lecteur Windows Media.) — C:Program FilesWindows Media Playerwmplayer.exe =>.Microsoft Corporation
O4 – GSProgram [Public]: XPS Viewer.lnk . (.Microsoft Corporation – Visionneuse XPS.) — C:Windowssystem32xpsrchvw.exe =>.Microsoft Corporation
O4 – GSAccessories [Public]: Calculator.lnk . (.Microsoft Corporation – Calculatrice de Windows.) — C:Windowssystem32calc.exe =>.Microsoft Corporation
O4 – GSAccessories [Public]: displayswitch.lnk . (.Microsoft Corporation – Afficher le commutateur.) — C:Windowssystem32displayswitch.exe =>.Microsoft Corporation
O4 – GSAccessories [Public]: Mobility Center.lnk . (.Microsoft Corporation – Centre de mobilité Windows.) — C:Windowssystem32mblctr.exe =>.Microsoft Corporation
O4 – GSAccessories [Public]: Paint.lnk . (.Microsoft Corporation – Paint.) — C:Windowssystem32mspaint.exe =>.Microsoft Corporation
O4 – GSAccessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation – Connexion Bureau à distance.) — C:Windowssystem32mstsc.exe =>.Microsoft Corporation
O4 – GSAccessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation – Outil Capture.) — C:Windowssystem32SnippingTool.exe =>.Microsoft Corporation
O4 – GSAccessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation – Magnétophone Windows.) — C:Windowssystem32SoundRecorder.exe =>.Microsoft Corporation
O4 – GSAccessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation – Pense-bête.) — C:Windowssystem32StikyNot.exe =>.Microsoft Corporation
O4 – GSAccessories [Public]: Sync Center.lnk . (.Microsoft Corporation – Microsoft Sync Center.) — C:WindowsSystem32mobsync.exe =>.Microsoft Corporation
O4 – GSAccessories [Public]: Welcome Center.lnk . (.Microsoft Corporation – Mise en route.) — C:Windowssystem32OobeFldr.dll =>.Microsoft Corporation
O4 – GSAccessories [Public]: Wordpad.lnk . (.Microsoft Corporation – Application Windows Wordpad.) — C:Program FilesWindows NTAccessorieswordpad.exe =>.Microsoft Corporation
O4 – GSSystemTools [Public]: Character Map.lnk . (.Microsoft Corporation – Table des caractères.) — C:Windowssystem32charmap.exe =>.Microsoft Corporation
O4 – GSSystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation – Défragmenteur de disque Microsoft®.) — C:Windowssystem32dfrgui.exe =>.Microsoft Corporation
O4 – GSSystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation – Gestionnaire de nettoyage de disque pour Wi.) — C:Windowssystem32cleanmgr.exe =>.Microsoft Corporation
O4 – GSSystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation – Moniteur de ressources et de performances.) — C:Windowssystem32perfmon.exe =>.Microsoft Corporation
O4 – GSSystemTools [Public]: System Information.lnk . (.Microsoft Corporation – Informations système.) — C:Windowssystem32msinfo32.exe =>.Microsoft Corporation
O4 – GSSystemTools [Public]: System Restore.lnk . (.Microsoft Corporation – Restauration du système de Microsoft® Windo.) — C:Windowssystem32rstrui.exe =>.Microsoft Corporation
O4 – GSSystemTools [Public]: Task Scheduler.lnk . (…) — C:Windowssystem32taskschd.msc
O4 – GSSystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation – Application post-migration de transfert de.) — C:Windowssystem32migwizpostmig.exe =>.Microsoft Corporation
O4 – GSSystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation – Application Transfert de fichiers et paramè.) — C:Windowssystem32migwizmigwiz.exe =>.Microsoft Corporation
O4 – GSQuickLaunch [poe]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
O4 – GSQuickLaunch [poe]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
O4 – GSTaskBar [poe]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
O4 – GSTaskBar [poe]: HP Recommended.LNK . (…) — C:Program FilesHewlett-PackardHP LaunchBoxHPTaskBar1.exe
O4 – GSTaskBar [poe]: Internet Explorer.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
O4 – GSTaskBar [poe]: MusicStation.lnk . (.Omnifone Ltd – MusicStation.) — C:Program FilesOnline ServicesOmnifoneMusicStation.exe
O4 – GSTaskBar [poe]: Windows Explorer.lnk . (.Microsoft Corporation – Explorateur Windows.) — C:Windowsexplorer.exe =>.Microsoft Corporation
O4 – GSTaskBar [poe]: Windows Live.LNK . (.Hewlett-Packard Development Company, L.P. – HP Taskbar Process TP.) — C:Program FilesHewlett-PackardHP LaunchBoxHPTaskBar2.exe
O4 – GSTaskBar [poe]: Windows Media Player.lnk . (.Microsoft Corporation – Lecteur Windows Media.) — C:Program FilesWindows Media Playerwmplayer.exe =>.Microsoft Corporation
O4 – GSProgram [poe]: Internet Explorer.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
O4 – GSProgram [poe]: Spotify.lnk . (.Spotify Ltd – Spotify.) — C:UserspoeAppDataRoamingSpotifyspotify.exe
O4 – GSAccessories [poe]: Command Prompt.lnk . (.Microsoft Corporation – Interpréteur de commandes Windows.) — C:Windowssystem32cmd.exe =>.Microsoft Corporation
O4 – GSAccessories [poe]: Notepad.lnk . (.Microsoft Corporation – Bloc-notes.) — C:Windowssystem32notepad.exe =>.Microsoft Corporation
O4 – GSAccessories [poe]: Run.lnk – Clé orpheline
O4 – GSAccessories [poe]: Windows Explorer.lnk . (.Microsoft Corporation – Explorateur Windows.) — C:Windowsexplorer.exe =>.Microsoft Corporation
O4 – GSSystemTools [poe]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
O4 – GSSystemTools [poe]: Private Character Editor.lnk . (.Microsoft Corporation – Éditeur de caractères privés.) — C:Windowssystem32eudcedit.exe =>.Microsoft Corporation
O4 – GSSendTo [poe]: Evernote.lnk . (.Evernote Corp., 333 W Evelyn Ave. Mountain – Evernote.) — C:Program FilesEvernoteEvernoteEvernote.exe
O4 – GSSendTo [poe]: Skype.lnk . (.Skype Technologies S.A. – Skype.) — C:Program FilesSkypePhoneSkype.exe =>.Skype Technologies S.A.
O4 – GSDesktop [poe]: Audacity 1.3 Beta (Unicode).lnk . (.The Audacity Team – Audacity®, the Free, Cross-Platform Sound E.) — C:Program FilesAudacity 1.3 Beta (Unicode)audacity.exe =>.The Audacity Team
O4 – GSDesktop [poe]: DivX Movies.lnk . (…) — C:UserspoeVideosDivX Movies
O4 – GSDesktop [poe]: FoxTab Video Converter.lnk . (…) — C:Program FilesFoxTabVideoConverterVideoConverter.exe
O4 – GSDesktop [poe]: Mobogenie.lnk . (…) — C:Program FilesMobogenieMobogenie.exe
O4 – GSDesktop [poe]: SosVirus Forum Gratuit.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe https://www.sosvirus.net” onclick=”window.open(this.href);return false;
O4 – GSDesktop [poe]: SosVirus sur Facebook.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe http://www.facebook.com” onclick=”window.open(this.href);return false;
O4 – GSDesktop [poe]: Spotify.lnk . (.Spotify Ltd – Spotify.) — C:UserspoeAppDataRoamingSpotifyspotify.exe
O4 – GSDesktop [poe]: UsbFix Faire un Don.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe http://www.usbfix.net” onclick=”window.open(this.href);return false;
O4 – GSDesktop [poe]: VirtualDJ Home FREE.lnk . (.Atomix Productions – VirtualDJ.) — C:Program FilesVirtualDJvirtualdj_home.exe
O4 – GSDesktop [poe]: ZHPDiag.lnk . (.Nicolas Coolman – ZHPDiag Setup.) — C:Program FilesZHPDiagZHPhep.exe =>.Nicolas Coolman
O4 – GSDesktop [poe]: ZHPFix.lnk . (.Nicolas Coolman – ZHPDiag Setup.) — C:Program FilesZHPDiagZHPFixZHPhep.exe =>.Nicolas Coolman
~ Global Startup: 83 Scanned in 00mn 02s

—\ Applications lancées au démarrage du sytème (O4)
O4 – GSStartup [Public]: Bluetooth.lnk . (.Broadcom Corporation. – Bluetooth Tray Application.) — C:Program FilesWIDCOMMBluetooth SoftwareBTTray.exe
O4 – GSStartup [Public]: FastMediaConverter.lnk . (…) — C:Program FilesFastMediaConverterFastMediaConverterApp.exe
O4 – HKLM..Run: [StartCCC] . (.Advanced Micro Devices, Inc. – Catalyst® Control Center Launcher.) — C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe =>.Advanced Micro Devices, Inc
O4 – HKLM..Run: [SynTPEnh] . (.Synaptics Incorporated – Synaptics TouchPad Enhancements.) — C:Program FilesSynapticsSynTPSynTPEnh.exe
O4 – HKLM..Run: [SysTrayApp] . (.IDT, Inc. – IDT PC Audio.) — C:Program FilesIDTWDMsttray.exe
O4 – HKLM..Run: [HPQuickWebProxy] . (.Hewlett-Packard Company – HP QuickWeb Utilities.) — C:Program FilesHewlett-PackardHP QuickWebhpqwutils.exe
O4 – HKLM..Run: [SetDefault] . (.Hewlett-Packard Development Company, L.P. – SetDefault.) — C:Program FilesHewlett-PackardHP LaunchBoxSetDefault.exe
O4 – HKLM..Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated – Adobe Acrobat SpeedLauncher.) — C:Program FilesAdobeReader 10.0ReaderReader_sl.exe
O4 – HKLM..Run: [Adobe ARM] . (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe =>.Adobe Systems Incorporated
O4 – HKLM..Run: [HP CoolSense] . (.Hewlett-Packard Development Company, L.P. – HP CoolSense.) — C:Program FilesHewlett-PackardHP CoolSenseCoolSense.exe
O4 – HKLM..Run: [Easybits Recovery] . (.EasyBits Software AS – Pas de description.) — C:Program FilesEasyBits For KidsezRecover.exe =>.EasyBits Software AS
O4 – HKLM..Run: [APSDaemon] . (.Apple Inc. – Apple Push.) — C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe
O4 – HKLM..Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. – Java(TM) Update Scheduler.) — C:Program FilesCommon FilesJavaJava Updatejusched.exe =>.Oracle Corporation
O4 – HKLM..Run: [iTunesHelper] . (.Apple Inc. – iTunesHelper.) — C:Program FilesiTunesiTunesHelper.exe
O4 – HKLM..Run: [HP Quick Launch] . (.Hewlett-Packard Development Company, L.P. – HP Message Service.) — C:Program FilesHewlett-PackardHP Quick LaunchHPMSGSVC.exe
O4 – HKLM..Run: [HPOSD] . (.Hewlett-Packard Development Company, L.P. – HP On Screen Display.) — C:Program FilesHewlett-PackardHP On Screen DisplayHPOSD.exe
O4 – HKLM..Run: [mobilegeni daemon] . (…) — C:Program FilesMobogenieDaemonProcess.exe
O4 – HKLM..Run: [DivXMediaServer] . (.DivX, LLC – DivX DLNA Media Server.) — C:Program FilesDivXDivX Media ServerDivXMediaServer.exe
O4 – HKLM..Run: [DivXUpdate] . (.Pas de propriétaire – DivX Update.) — C:Program FilesDivXDivX UpdateDivXUpdate.exe
O4 – HKLM..RunOnce: [NCPluginUpdater] . (.Hewlett-Packard – NCPluginUpdater.) — C:Program FilesHewlett-PackardHP Health CheckActiveCheckproduct_lineNCPluginUpdater.exe
O4 – HKCU..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program FilesWindows Sidebarsidebar.exe =>.Microsoft Corporation
O4 – HKCU..Run: [Spotify] . (.Spotify Ltd – Spotify.) — C:UserspoeAppDataRoamingSpotifySpotify.exe
O4 – HKCU..Run: [Spotify Web Helper] . (…) — C:UserspoeAppDataRoamingSpotifyDataSpotifyWebHelper.exe
O4 – HKCU..Run: [Skype] . (.Skype Technologies S.A. – Skype.) — C:Program FilesSkypePhoneSkype.exe =>.Skype Technologies S.A.
O4 – HKCU..Run: [Activator] . (.Microsoft Corporation – Microsoft ® Windows Based Script Host.) — C:WindowsSystem32wscript.exe
O4 – HKUSS-1-5-19..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program FilesWindows SidebarSidebar.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-20..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program FilesWindows SidebarSidebar.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-19..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-20..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-21-1393359087-3183399950-3005852446-1001..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program FilesWindows Sidebarsidebar.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-21-1393359087-3183399950-3005852446-1001..Run: [Spotify] . (.Spotify Ltd – Spotify.) — C:UserspoeAppDataRoamingSpotifySpotify.exe
O4 – HKUSS-1-5-21-1393359087-3183399950-3005852446-1001..Run: [Spotify Web Helper] . (…) — C:UserspoeAppDataRoamingSpotifyDataSpotifyWebHelper.exe
O4 – HKUSS-1-5-21-1393359087-3183399950-3005852446-1001..Run: [Skype] . (.Skype Technologies S.A. – Skype.) — C:Program FilesSkypePhoneSkype.exe =>.Skype Technologies S.A.
O4 – HKUSS-1-5-21-1393359087-3183399950-3005852446-1001..Run: [Activator] . (.Microsoft Corporation – Microsoft ® Windows Based Script Host.) — C:WindowsSystem32wscript.exe
~ Application: Scanned in 00mn 00s

—\ Invisibilité de l’icône d’options IE dans le panneau de Configuration (O5)
O5 – control.ini: [HKLM..Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s

—\ Boutons situés sur la barre d’outils principale d’Internet Explorer (O9)
O9 – Extra button: @C:Program FilesWindows LiveWriterWindowsLiveWriterShortcuts.dll,-1003 – {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation – Windows Live Writer Blog This Extension.) — C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
O9 – Extra button: @C:Program FilesHewlett-PackardHP Support FrameworkResourcesHPNetworkCheckHPNetworkCheckPlugin.dll,-102 – {25510184-5A38-4A99-B273-DCA8EEF6CD08} . (…) — C:Program FilesHewlett-PackardHP Support FrameworkResourcesHPNetworkCheckResourcesIconsHP.ico
O9 – Extra button: Skype Click to Call – {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (…) — C:Program FilesSkypeToolbarsInternet Explorericon.ico
O9 – Extra button: @C:Program FilesEvernoteEvernoteResource.dll,-101 – {A95fe080-8f5d-11d2-a20b-00aa003c157a} . (.Evernote Corp., 333 W Evelyn Ave. Mountain – Evernote Clipper for Microsoft Internet Explorer.) — C:Program FilesEvernoteEvernoteEvernoteIE.dll
O9 – Extra button: @C:Program FilesWIDCOMMBluetooth Softwarebtrez.dll,-12650 – {CCA281CA-C863-46ef-9331-5C8D4460577F} . (…) — C:Program FilesWIDCOMMBluetooth Softwarebt_hot_icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s

—\ Winsock hijacker (Layered Service Provider) (O10)
O10 – WLSP:00000000001Winsock LSP File . (.Microsoft Corporation – Network Location Awareness 2.) — C:Windowssystem32NLAapi.dll
O10 – WLSP:00000000002Winsock LSP File . (.Microsoft Corporation – Fournisseur Shim d’affectation de noms de messagerie.) — C:Windowssystem32napinsp.dll
O10 – WLSP:00000000003Winsock LSP File . (.Microsoft Corporation – Fournisseur d’espace de noms PNRP.) — C:Windowssystem32pnrpnsp.dll
O10 – WLSP:00000000004Winsock LSP File . (.Microsoft Corporation – Fournisseur d’espace de noms PNRP.) — C:Windowssystem32pnrpnsp.dll
O10 – WLSP:00000000005Winsock LSP File . (.Microsoft Corporation – Fournisseur de service Sockets 2.0 de Microsoft Windows.) — C:Windowssystem32mswsock.dll =>.Microsoft Corporation
O10 – WLSP:00000000006Winsock LSP File . (.Microsoft Corporation – LDAP RnR Provider DLL.) — C:Windowssystem32winrnr.dll
O10 – WLSP:00000000007Winsock LSP File . (.Microsoft Corp. – Microsoft® Windows Live ID Namespace Provider.) — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDNSP.dll =>.Microsoft Corporation
O10 – WLSP:00000000008Winsock LSP File . (.Microsoft Corp. – Microsoft® Windows Live ID Namespace Provider.) — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDNSP.dll =>.Microsoft Corporation
O10 – WLSP:00000000009Winsock LSP File . (.Microsoft Corporation – Windows Sockets Helper DLL.) — C:Windowssystem32wshbth.dll
O10 – WLSP:00000000010Winsock LSP File . (.Apple Inc. – Bonjour Namespace Provider.) — C:Program FilesBonjourmdnsNSP.dll
~ Winsock: 10 Scanned in 00mn 00s