Aller au contenu

lyndouche

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    5

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par lyndouche

  1. lyndouche
    j'ai lancé ZHPFix et voilà le rapport Rapport de ZHPFix 2014.8.3.6 par Nicolas Coolman, Update du 03/08/2014 Fichier d'export Registre : Run by Aouatef at 30/10/2014 15:06:14 High Elevated Privileges : OK Windows 7 Ultimate Edition, 32-bit Service Pack 1 (Build 7601) Corbeille vidée (04mn 36s) ========== Dossiers/Fichiers cachés restaurés ========== Mes images (My Pictures) : 71 restaurés avec succès Ma musique (My Music) : 138 restaurés avec succès Ma Video (My Video) : 1 restaurés avec succès Mes Favoris (My Favorites) : 2 restaurés avec succès Mes Documents (My Documents) : 79 restaurés avec succès Mon Bureau (My Desktop) : 21 restaurés avec succès Menu demarrer (Programs) : 8 restaurés avec succès Dossier utilisateur (AppData) : 39 restaurés avec succès Programmes (Program Files) : 14 restaurés avec succès ========== Récapitulatif ========== 373 : Dossiers/Fichiers cachés restaurés End of clean in 05mn 16s ========== Chemin de fichier rapport ========== C:\Users\Aouatef\AppData\Roaming\ZHP\ZHPFix[R1].txt - 30/10/2014 15:10:50 [978]
  2. lyndouche
    JE NE SAIS PAS SI CA VOUS SUFFIT POUR M'AIDER CAR JE NE COMPRENDS ABSOLUMENT RIEN
  3. lyndouche
    J'ai effectué le complet. voici le rapport : http://cjoint.com/?DJEpjZHtjtc Edit de Notpa : stocké le rapport ZHP (1161 lignes) sur Cjoint afin d'alléger la lecture du sujet.
  4. lyndouche
    voilà le rapport: ~ Rapport de ZHPDiag v2014.8.28.125 - Nicolas Coolman (28/08/2014) ~ Lancé par Aouatef (28/10/2014 18:11:35) ~ Adresse du Site Web http://nicolascoolman.fr ~ Adresse du Forum http://forum.nicolascoolman.fr ~ Traduit par Nicolas Coolman ~ Etat de la version : Nouvelle version disponible ~ Liste blanche : Activée par le programme ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Activate by user ---\\ Navigateurs Internet MSIE: Internet Explorer v11.0.9600.17358 MFIE: Mozilla Firefox 7.0.1 GCIE: Google Chrome v38.0.2125.111 (Defaut) ---\\ Informations sur les produits Windows ~ Langage: Français Windows 7 Ultimate, 32-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows Operating System - Windows® 7, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : HYRR2 Windows License : OK ~ Windows Remaining Initializations Number : 3 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ Logiciels de protection du système avast! Free Antivirus v9.0.2021 Windows Defender W7 (Activate) ---\\ Logiciels d'optimisation du système CCleaner v4.00 ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels Adobe Flash Player 11 Plugin ---\\ Informations sur le système ~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 2046 MB (32% free) System Restore: Activé (Enable) System drive C: has 38 GB (33%) free of 112 GB ---\\ Mode de connexion au système ~ Computer Name: AOUATEF-PC ~ User Name: Aouatef ~ All Users Names: UpdatusUser, HomeGroupUser$, Guest, Aouatef, Administrator, ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89 Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Users\Aouatef\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\Aouatef\AppData\Roaming\ ~ %Desktop% : C:\Users\Aouatef\Desktop\ ~ %Favorites% : C:\Users\Aouatef\Favorites\ ~ %LocalAppData% : C:\Users\Aouatef\AppData\Local\ ~ %StartMenu% : C:\Users\Aouatef\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 38 Go of 112 Go) D: Hard drive, Flash drive, Thumb drive (Free 96 Go of 111 Go) E: CD-ROM drive (Free 0 Go of 7 Go) ---\\ Etat du Centre de Sécurité Windows ~ Security Center: 38 Legitimates Filtered in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320] [MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256] [MD5.7AE80F921027CF88CB9D0433088A3E55] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.19/09/2014 - 00:59:11.) -- C:\Windows\System32\wininet.dll [1810944] [MD5.52449FD429D6053B78AE564DEF303870] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.17/07/2014 - 02:39:27.) -- C:\Windows\System32\Winlogon.exe [304128] [MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 22:29:24.) -- C:\Windows\System32\sppcomapi.dll [193536] [MD5.D0B388DA1D111A34366E04EB4A5DD156] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:36:07.) -- C:\Windows\system32\Drivers\AFD.sys [338944] [MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584] [MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656] [MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 22:29:03.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544] [MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 22:29:07.) -- C:\Windows\system32\Drivers\DfsC.sys [78336] [MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 22:29:03.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544] [MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896] [MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888] [MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904] [MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 22:29:08.) -- C:\Windows\system32\Drivers\netBT.sys [187904] [MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:18:22.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352] [MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360] [MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848] [MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 22:29:49.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632] [MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168] [MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 22:29:07.) -- C:\Windows\system32\Drivers\tdx.sys [74752] [MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 22:29:03.) -- C:\Windows\system32\Drivers\volsnap.sys [245632] ~ Generic Processes: Scanned in 00mn 02s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/8395 ~ Mes musiques (My Musics) : 1/459 ~ Mes Videos (My Videos) : 1/31 ~ Mes Favoris (My Favorites) : 1/120 ~ Mes Documents (My Documents) : 2/6170 ~ Mon Bureau (My Desktop) : 3/2928 ~ Menu demarrer (Programs) : 1/27 ~ Hidden Files: Scanned in 00mn 41s ---\\ Processus lancés [MD5.BABEE2904E100BF5A8F7A55A708744A1] - (.Pas de propriétaire - Torpedo.) -- C:\Program Files\winservice86\590391e2-c286-4990-af54-e28b05e87850.exe [32152] [PID.1736] [MD5.0DA5B99D6966D22C1D5D9A619CA42F58] - (.Pas de propriétaire - AgentMon Application.) -- C:\VTech\DownloadManager\System\AgentMonitor.exe [391040] [PID.2652] [MD5.26B558B2D31C7425B455B00E562EAD93] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe [4085896] [PID.2664] [MD5.615E58F9963734185756AEE4959BA964] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [20728480] [PID.2728] [MD5.2F0EAAF91FC7A5C70D1F4BE9B18A1CF5] - (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe [354304] [PID.2748] [MD5.23EA0C490C06C4FF707E299334845C87] - (.MyPCBackup.com - MyPC Backup.) -- C:\Program Files\MyPC Backup\MyPC Backup.exe [3144288] [PID.2804] =>PUP.MyPCBackup [MD5.979D74799EA6C8B8167869A68DF5204A] - (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\system32\wscript.exe [141824] [PID.3300] [MD5.072678E0D68E9C3A7960328671134C7B] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [54240] [PID.3120] [MD5.5AB8DB8F9CADBFBB3C132E8316FE337E] - (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Aouatef\Local Settings\Applic~1\Google\Chrome\Application\chrome.exe [852808] [PID.4172] [MD5.53616D5E962DFD6B749EB9BCF21DDDD6] - (...) -- C:\Program Files\ClearThink\bin\ClearThink.BrowserAdapter.exe [98544] [PID.6644] [MD5.33BF80A2291C54DC7D7601CDEF63138E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8099328] [PID.6408] [MD5.2E6E7AC820C1853004F6B43AE1B874B9] - (.Nicolas Coolman - ZHPFix.) -- C:\Program Files\ZHPDiag\ZHPFix\ZHPFix.exe [3060224] [PID.7868] ~ Processes Running: Scanned in 00mn 03s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\Aouatef\AppData\Local\Google\Chrome\User Data\Default\Preferences ---\\ Liste des dossiers d'extension Google Chrome ~ Google Lines Browser: 0 Legitimates Filtered in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\Aouatef\AppData\Roaming\Mozilla\Firefox\Profiles\06hn9a4l.default\prefs.js C:\Users\Aouatef\AppData\Roaming\Mozilla\Firefox\Profiles\06hn9a4l.default\user.js M3 - MFPP: Plugins - [Aouatef] -- C:\Users\Aouatef\AppData\Roaming\Mozilla\Firefox\Profiles\06hn9a4l.default\searchplugins\askcom.xml ~ Firefox Browser: 19 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.trovi.com =>Hijacker.TroviCom ~ IE Browser: 10 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hôte est sain (The hosts file is clean) (21) ~ Hosts File: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\Desktop [Public]: PC Scan & Repair by Reimage.lnk . (.Reimage® - Reimage Downloader.) -- C:\Program Files\Reimage\Reimage Repair\ReimageRepair.exe =>Rogue.ReimageRepair O4 - GS\QuickLaunch [Aouatef]: Chrome.LNK . (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Aouatef\Local Settings\Applic~1\Google\Chrome\Application\chrome.exe http://www.bahaty.com =>PUP.Bahaty O4 - GS\QuickLaunch [Aouatef]: Internet Explorer.LNK . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.bahaty.com =>PUP.Bahaty O4 - GS\QuickLaunch [Aouatef]: Mozilla Firefox.LNK . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe http://www.bahaty.com =>PUP.Bahaty O4 - GS\Desktop [Aouatef]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\Aouatef\AppData\Local\Google\Chrome\Application\chrome.exe http://www.bahaty.com =>PUP.Bahaty O4 - GS\Desktop [Aouatef]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.bahaty.com =>PUP.Bahaty O4 - GS\Desktop [Aouatef]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe http://www.bahaty.com =>PUP.Bahaty O4 - GS\Desktop [Aouatef]: Sync Folder.lnk . (.MyPCBackup.com - MyPC Backup.) -- C:\Program Files\MyPC Backup\MyPC Backup.exe =>PUP.MyPCBackup ~ Global Startup: 10 Legitimates Filtered in 00mn 05s ---\\ Applications lancées au démarrage du système (O4) O4 - GS\Startup [Aouatef]: MyPC Backup.lnk . (.MyPCBackup.com - MyPC Backup.) -- C:\Program Files\MyPC Backup\MyPC Backup.exe =>PUP.MyPCBackup O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll =>.NVIDIA Corporation O4 - HKLM\..\Run: [AgentMonitor] . (.Pas de propriétaire - AgentMon Application.) -- C:\VTech\DownloadManager\System\AgentMonitor.exe O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Aouatef\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc O4 - HKCU\..\Run: [skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A. O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-3244173583-1839312301-3274683852-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Aouatef\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc O4 - HKUS\S-1-5-21-3244173583-1839312301-3274683852-1000\..\Run: [skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A. O4 - HKUS\S-1-5-21-3244173583-1839312301-3274683852-1000\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe =>.Microsoft Corporation ~ Application: Scanned in 00mn 01s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{C39B2941-CE4A-457D-8073-BE5DF3143C15}: DhcpNameServer = 212.27.40.241 212.27.40.240 O17 - HKLM\System\CS1\Services\Tcpip\..\{C39B2941-CE4A-457D-8073-BE5DF3143C15}: DhcpNameServer = 212.27.40.241 212.27.40.240 O17 - HKLM\System\CS2\Services\Tcpip\..\{C39B2941-CE4A-457D-8073-BE5DF3143C15}: DhcpNameServer = 212.27.40.241 212.27.40.240 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - AppInit_DLLs: . (.Client Connect LTD - Search Protect.) - C:\Program Files\SearchProtect\SearchProtect\bin\SPVC32Loader.dll =>PUP.SearchProtect ~ AppInit DLL: Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Computer Backup (MyPC Backup) (BackupStack) . (.Just Develop It - Backup Stack.) - C:\Program Files\MyPC Backup\BackupStack.exe =>PUP.MyPCBackup O23 - Service: Search Protect Service (CltMngSvc) . (.Client Connect LTD - Search Protect.) - C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe =>PUP.SearchProtect O23 - Service: Reimage Real Time Protector (ReimageRealTimeProtector) . (.Reimage® - Reimage Real Time Protection.) - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe =>Rogue.ReimageRepair O23 - Service: Update ClearThink (Update ClearThink) . (...) - C:\Program Files\ClearThink\updateClearThink.exe O23 - Service: Util ClearThink (Util ClearThink) . (...) - C:\Program Files\ClearThink\bin\utilClearThink.exe ~ Services: 10 Legitimates Filtered in 00mn 11s ---\\ Tâches planifiées en automatique (O39) [MD5.BABEE2904E100BF5A8F7A55A708744A1] [APT] [590391e2-c286-4990-af54-e28b05e87850] (...) -- C:\Program Files\winservice86\590391e2-c286-4990-af54-e28b05e87850.exe [32152] [MD5.096501642F497FCE0655BB69E9E7457F] [APT] [9c54e1ee-bd71-444b-b478-e51df9664991] (.Corporate Inc.) -- C:\Program Files\winservice86\9c54e1ee-bd71-444b-b478-e51df9664991.exe [369560] [MD5.00000000000000000000000000000000] [APT] [d83072f9-e6b3-4978-a191-6374e73cae75-1] (...) -- C:\Program Files\winservice86\winservice86-codedownloader.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [d83072f9-e6b3-4978-a191-6374e73cae75-11] (...) -- C:\Program Files\winservice86\d83072f9-e6b3-4978-a191-6374e73cae75-11.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [d83072f9-e6b3-4978-a191-6374e73cae75-2] (...) -- C:\Program Files\winservice86\d83072f9-e6b3-4978-a191-6374e73cae75-2.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [d83072f9-e6b3-4978-a191-6374e73cae75-4] (...) -- C:\Program Files\winservice86\d83072f9-e6b3-4978-a191-6374e73cae75-4.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [d83072f9-e6b3-4978-a191-6374e73cae75-5] (...) -- C:\Program Files\winservice86\d83072f9-e6b3-4978-a191-6374e73cae75-5.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [d83072f9-e6b3-4978-a191-6374e73cae75-5_user] (...) -- C:\Program Files\winservice86\d83072f9-e6b3-4978-a191-6374e73cae75-5.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [d83072f9-e6b3-4978-a191-6374e73cae75-6] (...) -- C:\Program Files\winservice86\d83072f9-e6b3-4978-a191-6374e73cae75-6.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [d83072f9-e6b3-4978-a191-6374e73cae75-7] (...) -- C:\Program Files\winservice86\d83072f9-e6b3-4978-a191-6374e73cae75-7.exe (.not file.) [0] [MD5.747FBBA2D1645D9A582994531577D370] [APT] [LaunchSignup] (.MyPC Backup.) -- C:\Program Files\MyPC Backup\Signup Wizard.exe [1199728] =>PUP.JDIBackup [MD5.00000000000000000000000000000000] [APT] [Optimizer Pro Schedule] (...) -- C:\Program Files\Optimizer Pro\OptProLauncher.exe (.not file.) [0] =>PUP.OptimizerPro [MD5.828F83AE08C78721D993EA3C9B49113F] [APT] [Reimage Reminder] (...) -- C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe [3467104] =>Rogue.ReimageRepair [MD5.578C8A7D178871F6688EB8AD29D9F812] [APT] [ReimageUpdater] (.Reimage®.) -- C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [5857128] =>Rogue.ReimageRepair O39 - APT: 590391e2-c286-4990-af54-e28b05e87850 - (...) -- C:\Windows\Tasks\590391e2-c286-4990-af54-e28b05e87850.job [604] O39 - APT: 590391e2-c286-4990-af54-e28b05e87850 - (...) -- C:\Windows\System32\Tasks\590391e2-c286-4990-af54-e28b05e87850 [604] O39 - APT: 9c54e1ee-bd71-444b-b478-e51df9664991 - (.Corporate Inc.) -- C:\Windows\Tasks\9c54e1ee-bd71-444b-b478-e51df9664991.job [1414] O39 - APT: 9c54e1ee-bd71-444b-b478-e51df9664991 - (.Corporate Inc.) -- C:\Windows\System32\Tasks\9c54e1ee-bd71-444b-b478-e51df9664991 [1414] O39 - APT: d83072f9-e6b3-4978-a191-6374e73cae75-1 - (...) -- C:\Windows\Tasks\d83072f9-e6b3-4978-a191-6374e73cae75-1.job [2742] =>PUP.CrossRider O39 - APT: d83072f9-e6b3-4978-a191-6374e73cae75-1 - (...) -- C:\Windows\System32\Tasks\d83072f9-e6b3-4978-a191-6374e73cae75-1 [2742] =>PUP.CrossRider O39 - APT: d83072f9-e6b3-4978-a191-6374e73cae75-11 - (...) -- C:\Windows\Tasks\d83072f9-e6b3-4978-a191-6374e73cae75-11.job [4134] O39 - APT: d83072f9-e6b3-4978-a191-6374e73cae75-11 - (...) -- C:\Windows\System32\Tasks\d83072f9-e6b3-4978-a191-6374e73cae75-11 [4134] O39 - APT: d83072f9-e6b3-4978-a191-6374e73cae75-2 - (...) -- C:\Windows\Tasks\d83072f9-e6b3-4978-a191-6374e73cae75-2.job [2084] =>PUP.CrossRider O39 - APT: d83072f9-e6b3-4978-a191-6374e73cae75-2 - (...) -- C:\Windows\System32\Tasks\d83072f9-e6b3-4978-a191-6374e73cae75-2 [2084] =>PUP.CrossRider O39 - APT: d83072f9-e6b3-4978-a191-6374e73cae75-4 - (...) -- C:\Windows\Tasks\d83072f9-e6b3-4978-a191-6374e73cae75-4.job [3444] =>PUP.CrossRider O39 - APT: d83072f9-e6b3-4978-a191-6374e73cae75-4 - (...) -- C:\Windows\System32\Tasks\d83072f9-e6b3-4978-a191-6374e73cae75-4 [3444] =>PUP.CrossRider O39 - APT: d83072f9-e6b3-4978-a191-6374e73cae75-5 - (...) -- C:\Windows\Tasks\d83072f9-e6b3-4978-a191-6374e73cae75-5.job [2420] =>PUP.CrossRider O39 - APT: d83072f9-e6b3-4978-a191-6374e73cae75-5 - (...) -- C:\Windows\System32\Tasks\d83072f9-e6b3-4978-a191-6374e73cae75-5 [2420] =>PUP.CrossRider O39 - APT: d83072f9-e6b3-4978-a191-6374e73cae75-5_user - (...) -- C:\Windows\Tasks\d83072f9-e6b3-4978-a191-6374e73cae75-5_user.job [2420] O39 - APT: d83072f9-e6b3-4978-a191-6374e73cae75-5_user - (...) -- C:\Windows\System32\Tasks\d83072f9-e6b3-4978-a191-6374e73cae75-5_user [2420] O39 - APT: d83072f9-e6b3-4978-a191-6374e73cae75-6 - (...) -- C:\Windows\Tasks\d83072f9-e6b3-4978-a191-6374e73cae75-6.job [3444] =>PUP.CrossRider O39 - APT: d83072f9-e6b3-4978-a191-6374e73cae75-6 - (...) -- C:\Windows\System32\Tasks\d83072f9-e6b3-4978-a191-6374e73cae75-6 [3444] =>PUP.CrossRider O39 - APT: d83072f9-e6b3-4978-a191-6374e73cae75-7 - (...) -- C:\Windows\Tasks\d83072f9-e6b3-4978-a191-6374e73cae75-7.job [3108] =>PUP.CrossRider O39 - APT: d83072f9-e6b3-4978-a191-6374e73cae75-7 - (...) -- C:\Windows\System32\Tasks\d83072f9-e6b3-4978-a191-6374e73cae75-7 [3108] =>PUP.CrossRider O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3244173583-1839312301-3274683852-1000Core [1034] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3244173583-1839312301-3274683852-1000UA [1086] ~ Scheduled Task: 43 Legitimates Filtered in 00mn 09s ---\\ Pilotes lancés au démarrage du système (O41) O41 - Driver: ({2429c312-24d3-4127-94ed-c247fe9e02fc}w) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{2429c312-24d3-4127-94ed-c247fe9e02fc}w.sys =>PUP.LinkiDoo O41 - Driver: ({6cfec6a5-9d93-4492-985a-470a68eff4e9}w) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{6cfec6a5-9d93-4492-985a-470a68eff4e9}w.sys =>PUP.LinkiDoo O41 - Driver: ({c5e48979-bd7f-4cf7-9b73-2482a67a4f37}w) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}w.sys =>PUP.LinkiDoo ~ Drivers: 78 Legitimates Filtered in 00mn 01s ---\\ Logiciels installés (O42) O42 - Logiciel: Image Resizer - (.Image Resizer.) [HKLM] -- Image Resizer O42 - Logiciel: MyPC Backup - (.JDi Backup Ltd.) [HKLM] -- MyPC Backup =>PUP.MyPCBackup O42 - Logiciel: Reimage Repair - (.Reimage.) [HKLM] -- Reimage Repair =>Rogue.ReimageRepair O42 - Logiciel: Search Protect - (.Client Connect LTD.) [HKLM] -- SearchProtect =>PUP.SearchProtect ~ Logic: 19 Legitimates Filtered in 00mn 01s ---\\ HKCU & HKLM Software Keys [HKCU\Software\ClearThink] [HKCU\Software\InstallCore] =>Adware.InstallCore [HKCU\Software\Reimage] =>Rogue.ReimageRepair [HKLM\Software\6f92d69c-7a9e-408e-957f-dec6f7993108] [HKLM\Software\ClearThink] [HKLM\Software\Reimage] =>Rogue.ReimageRepair [HKLM\Software\SPPDCOM] [HKLM\Software\WinU] ~ Key Software: 134 Legitimates Filtered in 00mn 01s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 28/10/2014 - 17:58:09 - [] ----D C:\Program Files\ClearThink O43 - CFD: 27/10/2014 - 20:06:34 - [] ----D C:\Program Files\Image Resizer O43 - CFD: 28/10/2014 - 16:55:30 - [] ----D C:\Program Files\MyPC Backup =>PUP.MyPCBackup O43 - CFD: 27/10/2014 - 20:21:10 - [] ----D C:\Program Files\Reimage =>Rogue.ReimageRepair O43 - CFD: 05/10/2014 - 18:48:03 - [] ----D C:\Program Files\winservice86 O43 - CFD: 14/08/2014 - 18:12:19 - [] ----D C:\Program Files\YouTubeMusicDownloader O43 - CFD: 21/08/2014 - 21:05:11 - [] ----D C:\ProgramData\2308189059 O43 - CFD: 27/10/2014 - 20:21:41 - [] ----D C:\ProgramData\Reimage Protector =>Rogue.ReimageRepair O43 - CFD: 02/11/2011 - 22:31:46 - [] ----D C:\Users\Aouatef\AppData\Local\APN O43 - CFD: 21/10/2014 - 04:45:06 - [] ----D C:\Users\Aouatef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup =>PUP.MyPCBackup ~ 38 Dossier CLSID vide (CLSID Empty Folder) ~ Program Folder: 149 Legitimates Filtered in 00mn 02s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.33A9B07D3FAEA9491832E4AC95C6E468] - 22/10/2014 - 00:29:16 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{2429c312-24d3-4127-94ed-c247fe9e02fc}w.sys [43152] =>PUP.LinkiDoo O44 - LFC:[MD5.6D30B721826E800829B01D3E188D74D3] - 27/10/2014 - 07:32:56 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{6cfec6a5-9d93-4492-985a-470a68eff4e9}w.sys [43152] =>PUP.LinkiDoo O44 - LFC:[MD5.84AE4B10EBFC01EDE1F0CB61D6F5079A] - 27/10/2014 - 20:22:48 ---A- . (...) -- C:\Windows\Reimage.ini [158] =>Rogue.ReimageRepair O44 - LFC:[MD5.5FBE691ECF1D54EBB7B1CFC95B42019D] - 28/10/2014 - 18:00:14 ---A- . (...) -- C:\Windows\win.ini [580] ~ Files: 73 Legitimates Filtered in 01mn 26s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ MWPS: 16 Legitimates Filtered in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:27/06/2014 - 19:35:02 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [24184] =>.ALWIL Software O58 - SDL:27/06/2014 - 19:35:02 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [49944] =>.ALWIL Software O58 - SDL:27/06/2014 - 19:35:03 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [192352] =>.ALWIL Software O58 - SDL:14/07/2009 - 02:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712] O58 - SDL:02/11/2009 - 11:19:00 ---A- . (.ENE TECHNOLOGY INC. - ENE CIR Driver for eHome.) -- C:\Windows\System32\Drivers\enecir.sys [59904] O58 - SDL:13/07/2009 - 23:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624] O58 - SDL:16/04/2009 - 11:28:22 ---A- . (.REDC - RICOH SD/MMC Driver.) -- C:\Windows\System32\Drivers\rimmptsk.sys [48128] O58 - SDL:05/03/2009 - 11:44:22 ---A- . (.REDC - RICOH MS Driver.) -- C:\Windows\System32\Drivers\rimsptsk.sys [44544] O58 - SDL:05/03/2009 - 11:20:06 ---A- . (.REDC - RICOH XD SM Driver.) -- C:\Windows\System32\Drivers\rixdptsk.sys [38400] O58 - SDL:14/07/2009 - 02:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072] O58 - SDL:22/10/2014 - 00:29:16 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{2429c312-24d3-4127-94ed-c247fe9e02fc}w.sys [43152] =>PUP.LinkiDoo O58 - SDL:27/10/2014 - 07:32:56 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{6cfec6a5-9d93-4492-985a-470a68eff4e9}w.sys [43152] =>PUP.LinkiDoo O58 - SDL:23/09/2014 - 01:30:48 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}w.sys [43152] =>PUP.LinkiDoo O58 - SDL:13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029] O58 - SDL:13/07/2009 - 22:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097] O58 - SDL:13/07/2009 - 22:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768] O58 - SDL:13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809] O58 - SDL:13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537] O58 - SDL:13/07/2009 - 22:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866] O58 - SDL:13/07/2009 - 22:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146] O58 - SDL:13/07/2009 - 22:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370] O58 - SDL:13/07/2009 - 22:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274] O58 - SDL:13/07/2009 - 22:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146] O58 - SDL:13/07/2009 - 22:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952] O58 - SDL:13/07/2009 - 22:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672] O58 - SDL:13/07/2009 - 22:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776] O58 - SDL:13/07/2009 - 22:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536] O58 - SDL:13/07/2009 - 22:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672] ~ Drivers: 79 Legitimates Filtered in 00mn 08s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Liste les services legacy du registre (LALS) (O64) O64 - Services: CurCS - 27/06/2014 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID O64 - Services: CurCS - 20/09/1744 - C:\Windows\system32\drivers\SPPD.sys (SPPD) .(...) - LEGACY_SPPD =>Rogue.PCSpeedUp O64 - Services: CurCS - 22/10/2014 - C:\Windows\System32\drivers\{2429c312-24d3-4127-94ed-c247fe9e02fc}w.sys ({2429c312-24d3-4127-94ed-c247fe9e02fc}w) .(.StdLib - StdLib.) - LEGACY_{2429C312-24D3-4127-94ED-C247FE9E02FC}W =>PUP.LinkiDoo O64 - Services: CurCS - 27/10/2014 - C:\Windows\System32\drivers\{6cfec6a5-9d93-4492-985a-470a68eff4e9}w.sys ({6cfec6a5-9d93-4492-985a-470a68eff4e9}w) .(.StdLib - StdLib.) - LEGACY_{6CFEC6A5-9D93-4492-985A-470A68EFF4E9}W =>PUP.LinkiDoo O64 - Services: CurCS - 23/09/2014 - C:\Windows\System32\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}w.sys ({c5e48979-bd7f-4cf7-9b73-2482a67a4f37}w) .(.StdLib - StdLib.) - LEGACY_{C5E48979-BD7F-4CF7-9B73-2482A67A4F37}W =>PUP.LinkiDoo ~ Legacy: 79 Legitimates Filtered in 00mn 02s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Aouatef\AppData\Local\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: C:\Users\Aouatef\AppData\Roaming\Mozilla\Firefox\Profiles\06hn9a4l.default\searchplugins\askcom.xml O69 - SBI: SearchScopes [HKCU] {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} [DefaultScope] - (Trovi search) - http://www.trovi.com =>Hijacker.TroviCom O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {77AAC883-18D6-433E-9A7D-6C4EDE92E2F0} - (Ask Search) - http://websearch.ask.com =>Toolbar.Ask ~ Keys: Scanned in 00mn 00s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.8E491AF7D60FD0FE67CC365D5F9D4506] [sPRF][04/08/2014] (...) -- C:\Users\Aouatef\AppData\Roaming\soundymd.dll [701] [MD5.39E896E23BCEC079F5497870DEAF0C91] [sPRF][27/10/2014] (...) -- C:\Users\Aouatef\Desktop\ImageResizerSetup.exe [811296] [MD5.C9388A66810DD7D4B6939D6B394ADD0A] [sPRF][27/10/2014] (.Reimage® - Reimage Downloader.) -- C:\Users\Aouatef\Desktop\ReimageRepair.exe [756712] =>Rogue.ReimageRepair ~ Files: 5 Legitimates Filtered in 00mn 01s ---\\ Recherche de clés de registre Tracing (O100) HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.MyPCBackup HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.MyPCBackup ~ BTK: 103 Legitimates Filtered in 00mn 00s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe SR - | Auto 27/06/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe SR - | Auto 13/10/2014 36936 | (BackupStack) . (.Just Develop It.) - C:\Program Files\MyPC Backup\BackupStack.exe =>PUP.MyPCBackup SR - | Auto 02/10/2014 3015128 | (CltMngSvc) . (.Client Connect LTD.) - C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe =>PUP.SearchProtect SR - | Auto 22/02/2010 219752 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SR - | Auto 22/02/2010 1923688 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe SR - | Auto 05/10/2014 522480 | (Update ClearThink) . (...) - C:\Program Files\ClearThink\updateClearThink.exe SR - | Auto 05/10/2014 522480 | (Util ClearThink) . (...) - C:\Program Files\ClearThink\bin\utilClearThink.exe SR - | Auto 29/03/2013 82824 | (VTechUSBSocketService) . (.VTech.) - C:\VTech\DownloadManager\Applications\AppAccessory\12051\VTechUSBSocketService\VTechServiceInstaller.exe SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 43s ---\\ Scan Additionnel (O88) Database Version : 13026 - (28/08/2014) Clés trouvées (Keys found) : 17 Valeurs trouvées (Values found) : 9 Dossiers trouvés (Folders found) : 7 Fichiers trouvés (Files found) : 18 [HKLM\SYSTEM\CurrentControlSet\Services\MyPC Backup) (BackupStack] =>PUP.MyPCBackup^ [HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc] =>PUP.SearchProtect^ [HKLM\SYSTEM\CurrentControlSet\Services\ReimageRealTimeProtector] =>Rogue.ReimageRepair^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup] =>PUP.MyPCBackup^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Repair] =>Rogue.ReimageRepair^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>PUP.SearchProtect^ [HKLM\Software\Microsoft\Tracing\askpartnercobrandingtool_rasmancs] =>Toolbar.Ask [HKCU\Software\InstallCore] =>Adware.InstallCore [HKLM\Software\Microsoft\Tracing\askpartnercobrandingtool_rasapi32] =>Toolbar.Ask [HKLM\Software\Microsoft\Tracing\apnstub_RASMANCS] =>Toolbar.Ask [HKLM\Software\Microsoft\Tracing\apnstub_RASAPI32] =>Toolbar.Ask [HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider [HKCU\Software\Reimage] =>Rogue.ReimageRepair [HKLM\Software\Reimage] =>Rogue.ReimageRepair [HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro [HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro [HKLM\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}] =>Adware.BrowseFox C:\Program Files\MyPC Backup =>PUP.MyPCBackup^ C:\Program Files\Reimage =>Rogue.ReimageRepair^ C:\ProgramData\Reimage Protector =>Rogue.ReimageRepair^ C:\Users\Aouatef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup =>PUP.MyPCBackup^ C:\Program Files\SearchProtect =>Toolbar.Conduit C:\Users\Aouatef\AppData\Local\SearchProtect =>Toolbar.Conduit C:\Users\Aouatef\AppData\LocalLow\AskToolbar =>Toolbar.AskTBar C:\Program Files\MyPC Backup\MyPC Backup.exe =>PUP.MyPCBackup^ C:\Program Files\MyPC Backup\Signup Wizard.exe =>PUP.JDIBackup^ C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe =>Rogue.ReimageRepair^ C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe =>Rogue.ReimageRepair^ C:\Windows\Tasks\d83072f9-e6b3-4978-a191-6374e73cae75-1.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\d83072f9-e6b3-4978-a191-6374e73cae75-1 =>PUP.CrossRider^ C:\Windows\Tasks\d83072f9-e6b3-4978-a191-6374e73cae75-2.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\d83072f9-e6b3-4978-a191-6374e73cae75-2 =>PUP.CrossRider^ C:\Windows\Tasks\d83072f9-e6b3-4978-a191-6374e73cae75-4.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\d83072f9-e6b3-4978-a191-6374e73cae75-4 =>PUP.CrossRider^ C:\Windows\Tasks\d83072f9-e6b3-4978-a191-6374e73cae75-5.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\d83072f9-e6b3-4978-a191-6374e73cae75-5 =>PUP.CrossRider^ C:\Windows\Tasks\d83072f9-e6b3-4978-a191-6374e73cae75-6.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\d83072f9-e6b3-4978-a191-6374e73cae75-6 =>PUP.CrossRider^ C:\Windows\Tasks\d83072f9-e6b3-4978-a191-6374e73cae75-7.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\d83072f9-e6b3-4978-a191-6374e73cae75-7 =>PUP.CrossRider^ C:\Users\Aouatef\Desktop\ReimageRepair.exe =>Rogue.ReimageRepair^ C:\Windows\Reimage.ini =>Rogue.ReimageRepair ~ Additionnel Scan: 211502 Items scanned in 01mn 38s ---\\ Informations complémentaires sur les modules ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5) ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4) ~ AMI: 2 Legitimates Filtered in 00mn 00s ---\\ Récapitulatif des détections trouvées sur votre station http://nicolascoolman.fr/pup-mypcbackup =>PUP.MyPCBackup http://nicolascoolman.fr/hijacker-trovicom =>Hijacker.TroviCom http://nicolascoolman.fr/rogue-reimagerepair =>Rogue.ReimageRepair http://nicolascoolman.fr/pup-bahaty =>PUP.Bahaty http://nicolascoolman.fr/pup-searchprotect =>PUP.SearchProtect http://nicolascoolman.fr/pup-optimizerpro =>PUP.OptimizerPro http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider http://nicolascoolman.fr/pup-linkidoo =>PUP.LinkiDoo http://nicolascoolman.fr/adware-installcore =>Adware.InstallCore http://nicolascoolman.fr/rogue-pcspeedup =>Rogue.PCSpeedUp http://nicolascoolman.fr/toolbar-ask =>Toolbar.Ask http://nicolascoolman.fr/adware-browsefox =>Adware.BrowseFox http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit ~ MSI: 13 link(s) detected in 00mn 00s ~ 729 Legitimates filtered by white list End of the scan (533 lines in 06mn 11s)(0) QUE FAIRE MAINTENANT??? SVP
  5. lyndouche
    J'ai téléchargé ZHp et j'ai lancé ZHD fix et ZHD diag en même temps ai je bien fait?
×
×
  • Créer...