Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Rapport ZHPDiag

Elbereth

Par Elbereth
dans Analyses et éradication malwares

 Partager

Messages recommandés

Elbereth Junior Member

Elbereth

Posté(e)
Posté(e)

Bonjour à tous !

 

Voilà, mon PC ( Asus 7, X72J Series / Intel core i3 ) , rame grave depuis quelques temps, et cela est de pire en pire .

J'en ai parler a mon informaticien qui ma dit que c'était parce que mon ventilateur était rempli de poussière . Il me la donc décrassé.

Seulement voilà, mon pc rame toujours autant, si ce n’est pire ! Et plus les jours passent, plus mon pc LAG !

J'ai fait ce dont j'étais capable a mon faible niveau :

* analyse antivirus = négative

* Ccleaner

et en parcourant divers forum, j'ai vu ZHPDiag.

J'ai donc réaliser une analyse de mon ordinateur grâce a cet outil. Sauf que problème, je ne sais pas la déchiffrée ( le début ça va, la suite, ça se complique :s ) ! J'aimerais si possible que vous m'aidiez à analyser le rapport , cela m'aiderait fortement.

Alors si vous pouviez me dire s'il y a un souci, je vous en remercie par avance .

 

Voici donc le rapport :

 

~ Rapport de ZHPDiag v2013.9.1.2 - Nicolas Coolman (01/09/2013)
~ Lancé par Elbereth Mormegil (02/09/2013 17:53:06)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16618
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows® 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 9YQTR
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
avast! Free Antivirus v7.0.1474.0
Windows Defender W7
---\\ Logiciels d'optimisation du système
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader XI
Java 7 Update 17
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3948 MB (53% free)
System Restore: Activé (Enable)
System drive C: has 14 GB (12%) free of 116 GB
---\\ Mode de connexion au système
~ Computer Name: WHISES
~ User Name: Elbereth Mormegil
~ All Users Names: HomeGroupUser$, Elbereth Mormegil, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppData% : C:\Users\Elbereth Mormegil\AppData\Roaming\
~ %Desktop% : C:\Users\Elbereth Mormegil\Desktop\
~ %Favorites% : C:\Users\Elbereth Mormegil\Favorites\
~ %LocalAppData% : C:\Users\Elbereth Mormegil\AppData\Local\
~ %StartMenu% : C:\Users\Elbereth Mormegil\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C:\ Hard drive, Flash drive, Thumb drive (Free 14 Go of 116 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 247 Go of 328 Go)
E:\ CD-ROM drive (Not Inserted)
G:\ CD-ROM drive (Not Inserted)
H:\ CD-ROM drive (Not Inserted)
Q:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 37 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.12716D987D475B051F35895659159705] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.17/05/2013 - 01:59:03.) -- C:\Windows\System32\wininet.dll [2241024]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 01s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/8863
~ Mes musiques (My Musics) : 1/535
~ Mes Videos (My Videos) : 1/8
~ Mes Favoris (My Favorites) : 1/20
~ Mes Documents (My Documents) : 2/4154
~ Mon Bureau (My Desktop) : 2/46
~ Menu demarrer (Programs) : 1/48
~ Hidden Files: Scanned in 00mn 09s
---\\ Processus lancés au démarrage du système
[MD5.1971D838A88F58D59543E9B3CDA5FFC4] - (.ASUS - SmartLogon Application.) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [305720] [PID.2312]
[MD5.F4DCD4912B185C3AAEB92A7040832AD1] - (.Pas de propriétaire - ALU.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [51768] [PID.2408]
[MD5.BDD790326FABC31FB635130810245062] - (.Pas de propriétaire - Wireless Console 3.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1597440] [PID.2432]
[MD5.852EE4F61139A1B3F44EDAA0D5B3FC14] - (...) -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe [53888] [PID.2448]
[MD5.BD2D29BAF273E029BBAC627AACA37594] - (...) -- C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [2847696] [PID.1928] =>Hijacker.Eazel
[MD5.3ECCDD3FE310DD8F82D085447089ADB0] - (.ASUSTek Computer Inc. - ADSMTray.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [272952] [PID.3104]
[MD5.5C396DDE6AAFFB64ABC0E0FD88F53553] - (.ASUS - AsScrPro.) -- C:\Windows\AsScrPro.exe [3054136] [PID.3464]
[MD5.06785517191817885253B45134704017] - (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1099608] [PID.3624]
[MD5.659474582C6E060DBD8FFFF97DC892C5] - (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968] [PID.3756]
[MD5.57B4D34232852BFE4453BE571DF90D21] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720] [PID.3764]
[MD5.F4ED77EE7CBD4F92A0DB9CDFF0AB86FA] - (.Samsung - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144] [PID.4016]
[MD5.14B827EFBFA9833C8216080183845124] - (.Smartbar - Smartbar.) -- C:\Users\Elbereth Mormegil\AppData\Local\Smartbar\Application\QuickShare.exe [20248] [PID.968] =>PUP.QuickShare
[MD5.6529C89512CE4498919BDC512572F82C] - (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [6998656] [PID.4036]
[MD5.5666955DC9FD455A003D86A21E0483A9] - (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624] [PID.3080]
[MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] - (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016] [PID.3612]
[MD5.083649EF692A066880C9326020915AFE] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4297136] [PID.3456]
[MD5.FDB2FB392B20797AF3F4ED9D7699938E] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152] [PID.1116]
[MD5.43742FFF5E829BA59FBE7EEF89949E63] - (.Infernum Productions AG - Dragon's Prophet Setup.) -- D:\Downloads\DragonsProphetDownloader.exe [1873863] [PID.4708]
[MD5.4C7B2A0F9AAF830B6EA90B58D26FBCB8] - (.Pas de propriétaire - Setup/Uninstall.) -- C:\Users\Elbereth Mormegil\AppData\Local\Temp\is-RR4UK.tmp\DragonsProphetDownloader.tmp [1193472] [PID.3500]
[MD5.4C7B2A0F9AAF830B6EA90B58D26FBCB8] - (.Pas de propriétaire - Setup/Uninstall.) -- C:\Users\Elbereth Mormegil\AppData\Local\Temp\is-HSSUV.tmp\DragonsProphetDownloader.tmp [1193472] [PID.3500]
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\SysWOW64\DllHost.exe [7168] [PID.6508]
[MD5.8E436BD0D9C2CB57306070DFEA3D4513] - (.Google Inc. - Google Chrome.) -- C:\Users\Elbereth Mormegil\AppData\Local\Google\Chrome\Application\chrome.exe [829392] [PID.3584]
[MD5.68825D489DE0DC71FF3A62D6452684BA] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7860224] [PID.6124]
[MD5.18E5C2F937F9DEB8C282DF66A3761925] - (.ASUS - ASLDR Service.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [84536] [PID.1412]
[MD5.8FA553E9AE69808D99C164733A0F9590] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44808] [PID.1572]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1868]
[MD5.F401929EE0CC92BFE7F15161CA535383] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184] [PID.1896]
[MD5.C811032EBB2C2E9FACFC364599E91BE3] - (.ASUS - HControl.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe [174720] [PID.2532]
[MD5.1E505D6CF5C55A3C02F225FA359D9EF4] - (.Pas de propriétaire - eMail ID service for automatic updates.) -- C:\Program Files (x86)\Common Files\Iconix\IconixService.exe [284512] [PID.964]
[MD5.A1C148801B4AF64847AEB9F3AD9594EF] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [262144] [PID.3616]
[MD5.C3CDDD18F43D44AB713CF8C4916F7696] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [219496] [PID.4540]
[MD5.4AA2CC5979AFF984227364F2C23B04F3] - (.Wajam - Auto-updater.) -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [109064] [PID.3296] =>Toolbar.Wajam
[MD5.13693B6354DD6E72DC5131DA7D764B90] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [508776] [PID.5080]
[MD5.72794D112CBAFF3BC0C29BF7350D4741] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822624] [PID.3540]
[MD5.C0BF554D2277F7A4C735D475ADE2E3B2] - (.ASUSTek Computer Inc. - ADSMSrv.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280] [PID.5372]
[MD5.739DB668DBD812285ECC553E64A5E212] - (.Pas de propriétaire - spmgr Module.) -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496] [PID.5864]
[MD5.149126216A694E6BA84E92ECA77AAE3B] - (.ASUS - ATKOSD.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe [2488888] [PID.4796]
[MD5.AA11E1368EEB237DD100BAC6AFFE1C57] - (.ASUS - KBFiltr.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe [113208] [PID.5756]
[MD5.4A7C441D99D86704D194E7678873B95D] - (.ASUS - WDC.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe [174648] [PID.248]
[MD5.41118D920B2B268C0ADC36421248CDCF] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2314240] [PID.2620]
[MD5.D7F82B30ED318E591E27C9C323846DD5] - (.ASUS - SmartLogon Application.) -- C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe [428600] [PID.1188]
~ Processes Running: Scanned in 00mn 04s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Elbereth Mormegil\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 0 Legitimates Filtered in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Elbereth Mormegil\AppData\Roaming\Mozilla\Firefox\Profiles\i85xmxp5.default\prefs.js
C:\Users\Elbereth Mormegil\AppData\Roaming\Mozilla\Firefox\Profiles\i85xmxp5.default\user.js
M3 - MFPP: Plugins - [Elbereth Mormegil] -- C:\Users\Elbereth Mormegil\AppData\Roaming\Mozilla\Firefox\Profiles\i85xmxp5.default\searchplugins\askcom.xml
M3 - MFPP: Plugins - [Elbereth Mormegil] -- C:\Users\Elbereth Mormegil\AppData\Roaming\Mozilla\Firefox\Profiles\i85xmxp5.default\searchplugins\babylon.xml =>Toolbar.Babylon
M3 - MFPP: Plugins - [Elbereth Mormegil] -- C:\Users\Elbereth Mormegil\AppData\Roaming\Mozilla\Firefox\Profiles\i85xmxp5.default\searchplugins\BrowserDefender.xml =>Hijacker.Eazel
M3 - MFPP: Plugins - [Elbereth Mormegil] -- C:\Users\Elbereth Mormegil\AppData\Roaming\Mozilla\Firefox\Profiles\i85xmxp5.default\searchplugins\delta.xml =>Toolbar.DeltaSearch
M3 - MFPP: Plugins - [Elbereth Mormegil] -- C:\Users\Elbereth Mormegil\AppData\Roaming\Mozilla\Firefox\Profiles\i85xmxp5.default\searchplugins\sweetim.xml =>PUP.SweetIM
M0 - MFSP: prefs.js [Elbereth Mormegil - i85xmxp5.default] r_pref("browser.startup.homepage", );
M2 - MFEP: prefs.js [Elbereth Mormegil - i85xmxp5.default\crossriderapp21058@crossrider.com] [] Savings Explorer v (..) =>PUP.CrossRider
M2 - MFEP: prefs.js [Elbereth Mormegil - i85xmxp5.default\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}] [] uTorrentBar_FR v10.10.27.6 (..) =>P2P.µTorrent
~ Firefox Browser: 12 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://feed.snap.do =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do =>Hijacker.SmartBar
~ IE Browser: 17 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Wajam IE BHO [64Bits] - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} . (.Wajam - Wajam Internet Explorer Add-on.) -- C:\Program Files (x86)\Wajam\IE\priam_bho.dll =>Toolbar.Wajam
~ BHO: 9 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
O3 - Toolbar: QuickShare Widget [64Bits] - [HKLM]{ae07101b-46d4-4a98-af68-0333ea26e113} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>PUP.QuickShare
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{D4027C7F-154A-4066-A1AD-4243D8127440} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [ETDWare] . (.ELAN Microelectronic Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [ASUS WebStorage] . (...) -- C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
O4 - HKLM\..\Run: [sysTrayApp] . (.IDT, Inc. - IDT PC Audio TPE.) -- C:\Program Files\IDT\WDM\sttray64.exe
O4 - HKLM\..\Run: [AmIcoSinglun64] . (.AlcorMicro Co., Ltd. - Single LUN Icon Utility for VID 058F PID 63.) -- C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
O4 - HKLM\..\Run: [Logitech Download Assistant] . (.Logitech, Inc. - Logitech Download Assistant.) -- C:\Windows\System32\LogiLDA.dll
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [GarminExpressTrayApp] . (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
O4 - HKCU\..\Run: [skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Elbereth Mormegil\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
O4 - HKCU\..\Run: [browser Infrastructure Helper] . (.Smartbar - Smartbar.) -- C:\Users\Elbereth Mormegil\AppData\Local\Smartbar\Application\QuickShare.exe =>PUP.QuickShare
O4 - HKLM\..\Wow6432Node\Run: [updateLBPShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [updateP2GoShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [startCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKOSD2] . (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKMEDIA] . (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Wow6432Node\Run: [HControlUser] . (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [AdobeCS6ServiceManager] . (.Adobe Systems Incorporated - Adobe CS6 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
O4 - HKLM\..\Wow6432Node\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-1987094096-313741562-2905656634-1000\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-21-1987094096-313741562-2905656634-1000\..\Run: [GarminExpressTrayApp] . (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
O4 - HKUS\S-1-5-21-1987094096-313741562-2905656634-1000\..\Run: [skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-21-1987094096-313741562-2905656634-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Elbereth Mormegil\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-1987094096-313741562-2905656634-1000\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKUS\S-1-5-21-1987094096-313741562-2905656634-1000\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
O4 - HKUS\S-1-5-21-1987094096-313741562-2905656634-1000\..\Run: [browser Infrastructure Helper] . (.Smartbar - Smartbar.) -- C:\Users\Elbereth Mormegil\AppData\Local\Smartbar\Application\QuickShare.exe =>PUP.QuickShare
~ Application: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\TaskBar: Bejeweled 3.lnk . (...) -- D:\Programmes\Bejeweled_3\Bejeweled3.exe
O4 - GS\TaskBar: CCleaner.lnk . (.Piriform Ltd - CCleaner.) -- D:\Programmes\CCleaner\CCleaner64.exe =>Piriform Ltd
O4 - GS\TaskBar: FranceDemon SlayerConnexion rapide au jeu.lnk . (.7Road - ?????.) -- D:\Downloads\Client_Demon_Slayer.exe
O4 - GS\TaskBar: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\Elbereth Mormegil\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar: http___frcs.r2games.com_.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\Elbereth Mormegil\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar: Site Officiel de Lunaria - MMORPG 2D Side-Scrolling Gratuit.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\Elbereth Mormegil\AppData\Local\Google\Chrome\Application\chrome.exe http://frls.r2games.com
O4 - GS\TaskBar: Studio-Scrap.lnk . (.CDIP - Logiciel de Scrapbooking.) -- D:\Studio-Scrap 4 (installations)\Studio-Scrap4\StudioScrap.exe
O4 - GS\TaskBar: Tencent QQ International.lnk . (.Tencent - QQ International.) -- C:\Program Files (x86)\Tencent\QQIntl\Bin\QQ.exe =>Adware.TencentAddressBar
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\Elbereth Mormegil\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Samsung Kies (Lite).lnk . (...) -- C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
O4 - GS\QuickLaunch: Samsung Kies.lnk . (...) -- C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
O4 - GS\QuickLaunch: Tencent QQ.lnk . (.Tencent - QQ International.) -- C:\Program Files (x86)\Tencent\QQIntl\Bin\QQ.exe =>Adware.TencentAddressBar
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\Windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - GS\Desktop: Adobe Illustrator CS6 (64 Bit).lnk . (.Adobe Systems Inc. - Adobe Illustrator CS6.) -- C:\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\Illustrator.exe
O4 - GS\Desktop: FranceDemon SlayerConnexion rapide au jeu.lnk . (.7Road - ?????.) -- D:\Downloads\Client_Demon_Slayer.exe
O4 - GS\Desktop: PhotoFiltre Studio X.lnk . (.PhotoFiltre - PhotoFiltre Studio X.) -- C:\Program Files (x86)\PhotoFiltre Studio X\pfstudiox.exe
~ Global Startup: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{6E96A2AD-0E74-4FD0-AE24-81A38838356F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{6E96A2AD-0E74-4FD0-AE24-81A38838356F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{6E96A2AD-0E74-4FD0-AE24-81A38838356F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Titr_HJT34=Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: BrowserDefendert (BrowserDefendert) . (...) - C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe =>Hijacker.Eazel
O23 - Service: Iconix Update Service (IconixService) . (.Pas de propriétaire - eMail ID service for automatic updates.) - C:\Program Files (x86)\Common Files\Iconix\IconixService.exe
O23 - Service: WajamUpdater (WajamUpdater) . (.Wajam - Auto-updater.) - C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe =>Toolbar.Wajam
~ Services: 16 Legitimates Filtered in 00mn 24s
---\\ Tâches planifiées en automatique (O39)
[MD5.534C82F1D7246EDF654B5257CA82FE70] [APT] [DealPly] (...) -- C:\Users\Elbereth Mormegil\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.exe [93728] =>PUP.DealPly
[MD5.00000000000000000000000000000000] [APT] [{0FE1BF5A-B674-40B4-9FB1-E6AA96519E16}] (...) -- C:\Users\Elbereth Mormegil\Desktop\shaiya_fr_installer_20111201.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{1BEBD37E-83F5-49AD-AAAD-D1409ECDFFC5}] (...) -- C:\Users\Elbereth Mormegil\Downloads\JDFRv125.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{244E141C-6357-4F2B-AC4C-032069696B62}] (...) -- E:\setup.exe (.not file.) [0]
~ Scheduled Task: 30 Legitimates Filtered in 00mn 06s
---\\ Logiciels installés (O42)
O42 - Logiciel: BrowserDefender - (...) [HKLM][64Bits] -- {15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} =>Hijacker.Eazel
O42 - Logiciel: Dragon Nest Europe - (...) [HKLM][64Bits] -- Dragon Nest Europe
O42 - Logiciel: Free Mahjong Games - (...) [HKCU][64Bits] -- Free Mahjong Games
O42 - Logiciel: QuickShare - (.Linkury Inc..) [HKLM][64Bits] -- {04DB50FA-EA80-4256-85F9-540C582E280D} =>PUP.QuickShare
O42 - Logiciel: Wajam - (.Wajam.) [HKLM][64Bits] -- Wajam =>Toolbar.Wajam
~ Logic: 133 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader
[HKCU\Software\5257d8d8b335ea13]
[HKCU\Software\BI]
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\Datamngr] =>PUP.Datamngr
[HKCU\Software\Iconix]
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\OfferBox] =>PUP.OfferBox
[HKCU\Software\SmartbarBackup] =>Hijacker.SmartBar
[HKCU\Software\SmartbarLog] =>Hijacker.SmartBar
[HKCU\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\TENCENT] =>Adware.TencentAddressBar
[HKCU\Software\Wajam] =>Toolbar.Wajam
[HKCU\Software\WideStream] =>Adware.SPointer
[HKCU\Software\co]
[HKCU\Software\iMesh] =>PUP.iMesh
[HKCU\Software\yahooinstall] =>Toolbar.Yahoo
[HKCU\Software\Éñ¹íÊÀ½çÊÖ¶¯°²×°°ü]
[HKCU\Software\???????????????]
[HKLM\Software\DataMngr] =>PUP.Datamngr
[HKLM\Software\Tarma Installer] =>Toolbar.Tarma
[HKLM\Software\Wow6432Node\5257d8d8b335ea13]
[HKLM\Software\Wow6432Node\Babylon] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\DataMngr] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\Iconix]
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\OfferBox] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Tencent] =>Adware.TencentAddressBar
~ Key Software: 258 Legitimates Filtered in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 10/06/2013 - 13:26:07 - [57,475] ----D C:\Program Files (x86)\Tencent =>Adware.TencentAddressBar
O43 - CFD: 16/07/2013 - 16:05:57 - [0,553] ----D C:\Program Files (x86)\Wajam =>Toolbar.Wajam
O43 - CFD: 16/09/2012 - 13:21:31 - [3,984] ----D C:\Program Files (x86)\Common Files\Iconix
O43 - CFD: 01/07/2013 - 10:37:27 - [5,726] ----D C:\Program Files (x86)\Common Files\Tencent =>Adware.TencentAddressBar
O43 - CFD: 21/02/2013 - 12:51:54 - [0] ----D C:\ProgramData\Babylon =>Toolbar.Babylon
O43 - CFD: 24/09/2012 - 21:10:52 - [0,000] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 16/08/2013 - 18:19:01 - [8,084] ----D C:\ProgramData\BrowserDefender =>Hijacker.Eazel
O43 - CFD: 25/10/2012 - 20:32:01 - [0,000] ----D C:\ProgramData\Iconix
O43 - CFD: 03/08/2011 - 11:04:08 - [0,001] ----D C:\ProgramData\Partner
O43 - CFD: 02/01/2013 - 12:10:41 - [0,281] ----D C:\ProgramData\Tarma Installer =>Toolbar.Tarma
O43 - CFD: 09/11/2012 - 23:46:10 - [0] ----D C:\ProgramData\Trymedia =>Adware.Trymedia
O43 - CFD: 31/03/2013 - 13:02:19 - [0] -SH-D C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
O43 - CFD: 24/07/2013 - 23:18:42 - [0,457] ----D C:\Users\Elbereth Mormegil\AppData\Roaming\B1Toolbar =>Hijacker.SearchB1org
O43 - CFD: 21/02/2013 - 12:51:54 - [0,061] ----D C:\Users\Elbereth Mormegil\AppData\Roaming\Babylon =>Toolbar.Babylon
O43 - CFD: 01/05/2013 - 02:26:08 - [0,090] ----D C:\Users\Elbereth Mormegil\AppData\Roaming\DealPly =>PUP.DealPly
O43 - CFD: 16/09/2012 - 13:21:50 - [0,003] ----D C:\Users\Elbereth Mormegil\AppData\Roaming\Iconix
O43 - CFD: 24/07/2012 - 23:29:09 - [0,171] ----D C:\Users\Elbereth Mormegil\AppData\Roaming\OfferBox =>PUP.OfferBox
O43 - CFD: 30/03/2013 - 20:45:28 - [28,495] ----D C:\Users\Elbereth Mormegil\AppData\Roaming\OpenCandy =>Adware.OpenCandy
O43 - CFD: 10/06/2013 - 14:04:05 - [43,927] ----D C:\Users\Elbereth Mormegil\AppData\Roaming\Tencent =>Adware.TencentAddressBar
O43 - CFD: 15/12/2011 - 03:03:23 - [0,001] ----D C:\Users\Elbereth Mormegil\AppData\Roaming\widestream =>Adware.SPointer
O43 - CFD: 12/02/2012 - 20:32:37 - [0,312] ----D C:\Users\Elbereth Mormegil\AppData\Local\APN
O43 - CFD: 15/10/2012 - 17:50:30 - [0] ----D C:\Users\Elbereth Mormegil\AppData\Local\Conduit
O43 - CFD: 08/04/2013 - 18:41:29 - [0] ----D C:\Users\Elbereth Mormegil\AppData\Local\Savings Explorer
O43 - CFD: 20/06/2013 - 14:02:44 - [20,148] ----D C:\Users\Elbereth Mormegil\AppData\Local\Smartbar =>Hijacker.SmartBar
O43 - CFD: 25/10/2012 - 18:56:46 - [0] ----D C:\Users\Elbereth Mormegil\AppData\Local\TempDIR
O43 - CFD: 16/07/2013 - 16:05:46 - [0,054] ----D C:\Users\Elbereth Mormegil\AppData\Local\Wajam =>Toolbar.Wajam
O43 - CFD: 16/12/2011 - 04:10:40 - [0,200] ----D C:\Users\Elbereth Mormegil\AppData\Local\widestream6 Air =>Adware.SPointer
O43 - CFD: 28/03/2013 - 02:11:32 - [0,004] ----D C:\Users\Elbereth Mormegil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Mahjong Games
O43 - CFD: 08/04/2013 - 18:40:06 - [0,005] ----D C:\Users\Elbereth Mormegil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter =>Crapware.SpyHunter
O43 - CFD: 16/07/2013 - 16:05:47 - [0,001] ----D C:\Users\Elbereth Mormegil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam =>Toolbar.Wajam
~ 84 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 321 Legitimates Filtered in 00mn 59s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 24/08/2013 - 13:41:50 ---A- . (...) -- C:\end [0]
~ Files: 13 Legitimates Filtered in 00mn 12s
---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{ac9f38ff-3d43-11e1-890c-f46d04234ca3}\AutoRun\command. (...) -- G:\ICM_Manager.exe (.not file.)
~ Keys: Scanned in 01mn 20s
---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] . (...) -- C:\Program Files (x86)\uTorrent\uTorrent.exe (.not file.) =>P2P.µTorrent
~ SMSR Keys: 10 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.46571ED73AE84469DCA53081D33CF3C8] - 20/06/2013 - 13:00:53 . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\Drivers\dtsoftbus01.sys [283200]
~ Drivers: 16 Legitimates Filtered in 00mn 01s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - ??\??\???? - Pas de propriétaire (ASUSProcObsrv) .(...) - LEGACY_ASUSPROCOBSRV
O64 - Services: CurCS - 02/03/2011 - Pas de propriétaire (esgiguard) .(...) - LEGACY_ESGIGUARD =>Crapware.SpyHunter
O64 - Services: CurCS - 03/08/2007 - Pas de propriétaire (ghaio) .(...) - LEGACY_GHAIO
~ Legacy: 87 Legitimates Filtered in 00mn 01s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Elbereth Mormegil\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: C:\Users\Elbereth Mormegil\AppData\Roaming\Mozilla\Firefox\Profiles\i85xmxp5.default\searchplugins\askcom.xml
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639..clientLogIsEnabled", false);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.CTID", "CT2851639");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.CurrentServerDate", "12-2-2012");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.DSInstall", false);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.DialogsAlignMode", "LTR");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.DialogsGetterLastCheckTime", "Thu Mar 08 2012 01:18:40 GMT+0100");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.DownloadReferralCookieData", "");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.EMailNotifierPollDate", "Thu Nov 24 2011 10:45:39 GMT+0100");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FeedLastCount2548968607390276962", 138);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FeedPollDate2429156812186649977", "Thu Nov 24 2011 10:25:39 GMT+0100");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FeedPollDate2429156813040823546", "Fri Nov 25 2011 11:25:21 GMT+0100");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FeedPollDate2429156813130095866", "Fri Nov 25 2011 11:25:21 GMT+0100");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FeedPollDate2429156813224203613", "Thu Nov 24 2011 10:25:38 GMT+0100");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FeedPollDate2429156813230837251", "Thu Nov 24 2011 10:25:38 GMT+0100");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FeedPollDate2429156813454291735", "Fri Nov 25 2011 11:25:21 GMT+0100");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FeedPollDate2429156813729834876", "Thu Nov 24 2011 10:25:38 GMT+0100");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FeedPollDate2429156813860870021", "Thu Nov 24 2011 10:25:39 GMT+0100");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FeedPollDate2429156814264681793", "Fri Nov 25 2011 11:25:21 GMT+0100");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FeedPollDate2429156814863075366", "Thu Nov 24 2011 10:25:38 GMT+0100");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FeedPollDate2429156815257761081", "Thu Nov 24 2011 10:25:38 GMT+0100");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FeedTTL2429156813040823546", 15);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FeedTTL2429156813130095866", 10);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FeedTTL2429156813454291735", 5);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FeedTTL2429156814264681793", 5);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FirstServerDate", "24-11-2011");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FirstTime", true);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FirstTimeFF3", true);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FixPageNotFoundErrors", false);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.GroupingServerCheckInterval", 1440);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.GroupingServiceUrl", "http://grouping.services.conduit.com/");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.HPInstall", false);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.HasUserGlobalKeys", true);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.HomePageProtectorEnabled", false);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.HomepageBeforeUnload", "http://www.google.fr/");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.Initialize", true);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.InitializeCommonPrefs", true);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.InstallationAndCookieDataSentCount", 3);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.InstallationType", "UnknownIntegration");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.InstalledDate", "Thu Nov 24 2011 10:25:38 GMT+0100");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.IsAlertDBUpdated", true);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.IsGrouping", false);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.IsInitSetupIni", true);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.IsMulticommunity", false);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.IsOpenThankYouPage", true);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.IsOpenUninstallPage", false);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.LanguagePackLastCheckTime", "Thu Mar 08 2012 01:18:40 GMT+0100");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.LanguagePackReloadIntervalMM", 1440);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.LastLogin_3.8.0.8", "Mon Dec 05 2011 16:44:01 GMT+0100");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.LastLogin_3.8.1.0", "Thu Mar 08 2012 01:18:40 GMT+0100");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.LatestVersion", "3.9.0.3");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.Locale", "fr");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.MCDetectTooltipHeight", "83");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.MCDetectTooltipShow", false);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.MCDetectTooltipWidth", "295");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.MyStuffEnabledAtInstallation", true);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.OriginalFirstVersion", "3.8.0.8");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.RadioShrinked", "expanded");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.RadioShrinkedFromSetup", false);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.SHRINK_TOOLBAR", 1);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.SearchBoxWidth", 150);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.SearchCaption", "uTorrentBar_FR Customized Web Search"); =>P2P.µTorrent
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.SearchFromAddressBarIsInit", true);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&q=");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.SearchInNewTabEnabled", true);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.SearchInNewTabIntervalMM", 1440);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.SearchInNewTabLastCheckTime", "Thu Mar 08 2012 01:18:18 GMT+0100");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID"); =>Toolbar.Conduit
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.SearchInNewTabUsageUrl", "http://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID"); =>Toolbar.Conduit
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.SearchProtectorEnabled", false); =>Toolbar.Conduit
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.SearchProtectorToolbarDisabled", false); =>Toolbar.Conduit
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.SendProtectorDataViaLogin", true);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.ServiceMapLastCheckTime", "Thu Mar 08 2012 01:18:39 GMT+0100");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.SettingsLastCheckTime", "Thu Mar 08 2012 01:18:18 GMT+0100");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.SettingsLastUpdate", "1325063002");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.TBHomePageUrl", "http://search.conduit.com/?ctid=CT2851639&SearchSource=13");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.ThirdPartyComponentsInterval", 504);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.ThirdPartyComponentsLastCheck", "Thu Mar 08 2012 01:18:18 GMT+0100");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.ThirdPartyComponentsLastUpdate", "1255344667");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.ToolbarShrinkedFromSetup", false);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.TrusteLinkUrl", "http://trust.conduit.com/CT2851639");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolb[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.UserID", "UN52854129704389643");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.ValidationData_Toolbar", 2);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.WeatherNetwork", "");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.WeatherPollDate", "Fri Nov 25 2011 11:25:21 GMT+0100");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.WeatherUnit", "C");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.alertChannelId", "1243674");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.approveUntrustedApps", false);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.backendstorage.cbfirsttime", "546875204E6F7620323420323031312031303A32353A343020474D542B30313030");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.backendstorage.pairingkey", "46383346323945313344303635323035444532334330463844394135344543463346333138353238[...]
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F6775692F");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.backendstorage.url_history", "68747470733A2F2F706172746963756C696572732E736F636965746567656E6572616C652E66722[...]
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.backendstorage.url_history_time", "31333232313236383030373737");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.backendstorage.uttorrents", "7B226275696C64223A32363437332C226C6162656C223A5B5D2C22746F7272656E7473223A5B5D2C[...]
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.components.1000034", false);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.components.1000234", false);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.components.129351529700900053", false);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.components.129351529701212556", false);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.components.129351529703087570", false);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.components.129351529703087571", false);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.components.129422840102831305", false);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.components.129544678881551249", false);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.components.2548968607390276962", false);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;se[...]
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.globalFirstTimeInfoLastCheckTime", "Thu Mar 08 2012 01:18:40 GMT+0100");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.homepageProtectorEnableByLogin", true);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.initDone", true);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.isAppTrackingManagerOn", true);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.isFirstRadioInstallation", false);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.myStuffEnabled", true);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.myStuffPublihserMinWidth", 400);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&oct[...]
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.myStuffServiceIntervalMM", 1440);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.oldAppsList", "129351529700431300,129351529700743801,1000234,129351529700900053,1000034,129422840102831305,12[...]
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.revertSettingsEnabled", true);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.searchProtectorDialogDelayInSec", 10); =>Toolbar.Conduit
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.searchProtectorEnableByLogin", true); =>Toolbar.Conduit
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.testingCtid", "");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.toolbarAppMetaDataLastCheckTime", "Thu Mar 08 2012 01:18:39 GMT+0100");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.toolbarContextMenuLastCheckTime", "Thu Mar 08 2012 01:18:40 GMT+0100");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.usagesFlag", 2);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.ETag.http://Settings.toolbar.search.conduit.com/root/CT2851639/CT2851639", "\"e5f449b73c261ef2c855e7b6[...]
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.ETag.http://alerts.conduit-services.com/root/1243674/1239347/FR", "\"0\""); =>Toolbar.Conduit
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=CT2851639", "\"1290675760\""); =>Toolbar.Conduit
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=fr", "kLE3EoupXhh+3ayzzXG[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=fr", "TA2mKqdBHssHhc1ui1OG[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=fr", "ev2KSD8BFMMs2dxsoAq[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=fr", "hOlcV9OHcX1OR8Faic1Xmg[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"d229fa25f6c9cc1:0\""); =>Toolbar.Conduit
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.0.8", "\"6a637346d78ccc1:0\"")[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.1.0", "\"801a319dd78ccc1:0\"")[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/Toolbar/?ownerId=CT2851639", "\"13a760730d9291f1df061003ec[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.ETag.http://settings.toolbar.conduit-services.com/?ctid=CT2851639&octid=CT2851639", "\"1321973062\""); =>Toolbar.Conduit
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=fr", "\"e2c7e748baf39a07110b8576b7a4466c\[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.8.1.0");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.ToolbarsList", "CT2851639");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.ToolbarsList2", "CT2851639");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.ToolbarsList4", "CT2851639");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Thu Nov 24 2011 10:25:38 GMT+0100");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.globalUserId", "34c509e5-003f-406d-84c5-d9caaef1f26d");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Thu Mar 08 2012 01:18:40 GMT+0100");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Thu Mar 08 2012 01:18:27 GMT+0100");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.notifications.clientsServerUrl", "http://alert.client.conduit.com");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.notifications.locale", "");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.notifications.loginIntervalMin", 0);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Thu Mar 08 2012 01:18:19 GMT+0100");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.notifications.servicesServerUrl", "http://alert.services.conduit.com");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.notifications.showTrayIcon", false);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.notifications.userId", "82989ed8-4564-4e40-baea-69ba3fbebaee");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.originalHomepage", "http://www.google.fr/");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.autoDisableScopes", -1);
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("extensions.asktb.ff-original-keyword-url", "");
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("sweetim.toolbar.previous.browser.startup.homepage", "http://fr.ask.com/?l=dis&o=15768"); =>PUP.SweetIM
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("sweetim.toolbar.urls.homepage", "http://home.sweetim.com/?crg=3.1010000.00000&barid={6BEAFEBC-40AE-11E2-996E-F46D04234C[...] =>PUP.SweetIM
O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("extensions.crossriderapp21058.adsOldValue", 10); =>PUP.CrossRider
O69 - SBI: SearchScopes [HKCU] {006ee092-9658-4fd6-bd8e-a21a348e59f5} [DefaultScope] - (Web Search) - http://feed.snap.do =>Hijacker.SmartBar
O69 - SBI: SearchScopes [HKCU] {065F8DCC-BA4A-431A-A4FF-8978AEC3B5D0} - (Ask Search) - http://websearch.ask.com =>Toolbar.Ask
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Delta Search) - http://www1.delta-search.com =>Toolbar.DeltaSearch
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} - (Search Results) - http://dts.search-results.com =>PUP.SearchResults
O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (uTorrentBar_FR Customized Web Search) - http://search.conduit.com =>P2P.µTorrent
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {33524C00-63FB-43DB-A6BF-0A4E14B24649} - (BasicScan) - http://www.basicscan.com =>Adware.BasicScan
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {33524C00-63FB-43DB-A6BF-0A4E14B24649} - (BasicScan) - http://www.basicscan.com =>Adware.BasicScan
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.90E1D86D979B92738A47D7072CB22DA8] [sPRF][07/07/2010] (...) -- C:\ProgramData\FullRemove.exe [131472]
[MD5.11D751D299B9ABDC77BFF4156C75C4CF] [sPRF][20/06/2013] (...) -- C:\Users\Elbereth Mormegil\AppData\Local\Temp\bitool.dll [38480]
[MD5.5AA3E89A59E3D556B5F9B6D8D8EE3A82] [sPRF][02/09/2013] (.Somoto Ltd. - Better Installer Cleaner.) -- C:\Users\Elbereth Mormegil\AppData\Local\Temp\bi_cleaner.exe [42080] =>Adware.MegaSearch
[MD5.1BE42EE5E0DFD8B190F889A013CA7D47] [sPRF][20/06/2013] (.DealPly Technologies Ltd. - DealPly.) -- C:\Users\Elbereth Mormegil\AppData\Local\Temp\dp.exe [846368] =>PUP.DealPly
[MD5.EB501CC7E76645141C537C48C109972B] [sPRF][10/06/2013] (.Tencent - QQ????.) -- C:\Users\Elbereth Mormegil\AppData\Local\Temp\qqsafeud.exe [31096] =>Adware.TencentAddressBar
[MD5.4FA8BF7C6CCB8B7C46271820D71EEDF8] [sPRF][20/06/2013] (.QuickShare - QuickShare.) -- C:\Users\Elbereth Mormegil\AppData\Local\Temp\QuickShare1.exe [8049316] =>PUP.QuickShare
[MD5.4EB821E5787C4D18F37220D327288699] [sPRF][02/07/2013] (.Tencent - QQ????????.) -- C:\Users\Elbereth Mormegil\AppData\Local\Temp\selfupdate.exe [31048] =>Adware.TencentAddressBar
[MD5.2B6C5007223ECA47B123CF66C4F2E50C] [sPRF][18/06/2013] (.Pas de propriétaire - Linkury.Installer.MsiWrapper.) -- C:\Users\Elbereth Mormegil\AppData\Local\Temp\SmartbarExeInstaller.exe [8954136] =>Hijacker.SmartBar
[MD5.2FA9B17D3DDAE085B08D4C230199977E] [sPRF][24/08/2013] (.TENCENT - TSSafeEdit.) -- C:\Users\Elbereth Mormegil\AppData\Local\Temp\tssafeedit.dat [53816] =>Adware.TencentAddressBar
[MD5.B0F6507F8666E89DD9F192313D88EB98] [sPRF][16/06/2013] (.Babylon Ltd. - Uninstaller Application.) -- C:\Users\Elbereth Mormegil\AppData\Local\Temp\uninst1.exe [389632] =>Toolbar.Babylon
[MD5.011DB1E20A7B4CDC3C1275899AF3667D] [sPRF][12/02/2013] (...) -- C:\Users\Elbereth Mormegil\Desktop\Miniatures.dat [199620]
~ Files: 13 Legitimates Filtered in 00mn 01s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{183CED50-7498-477B-98E3-BE1B64FBDD21}" | In - Private - P6 - TRUE | .(...) -- D:\Programmes\Dragon Nest Europe\DragonNest.exe
O87 - FAEL: "{008387F4-C006-4AE0-BDE4-EE64E6221364}" | In - Private - P17 - TRUE | .(...) -- D:\Programmes\Dragon Nest Europe\DragonNest.exe
~ Firewall: 198 Legitimates Filtered in 00mn 01s
---\\ Export de clés de registre aléatoires (O91)
[HKCU\Software\5257d8d8b335ea13\2.6.1519.190\upd]:="upd=1"
[HKCU\Software\5257d8d8b335ea13\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
[HKCU\Software\5257d8d8b335ea13\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:version="2.6.1095.52"
[HKCU\Software\5257d8d8b335ea13\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
[HKCU\Software\5257d8d8b335ea13\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:version="2.6.1125.80"
[HKCU\Software\5257d8d8b335ea13\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:dllName="BrowserDefender.dll" =>Hijacker.Eazel
[HKCU\Software\5257d8d8b335ea13\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:exeName="BrowserDefender.exe" =>Hijacker.Eazel
[HKCU\Software\5257d8d8b335ea13\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:folderName="BrowserDefender" =>Hijacker.Eazel
[HKCU\Software\5257d8d8b335ea13\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
[HKCU\Software\5257d8d8b335ea13\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:serviceName="BrowserDefendert" =>Hijacker.Eazel
[HKCU\Software\5257d8d8b335ea13\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:version="2.6.1339.144"
[HKCU\Software\5257d8d8b335ea13]:version="2.6.1519.190"
[HKLM\Software\Wow6432Node\5257d8d8b335ea13]:version="2.6.1519.190"
~ Export Key Software: Scanned in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.FBB03805D9990652152256BB16DE8856] [WIS][04/05/2009] (.ATI - Branding.) -- C:\Windows\Installer\16427.msi [395264]
[MD5.1DA3AFDF337058DFAEE5C372406C0C9D] [WIS][20/06/2013] (.Linkury Inc. - QuickShare Widget.) -- C:\Windows\Installer\264f3e46.msi [8880128] =>PUP.QuickShare
[MD5.BE4D0466AC1EFD2DE669A7606D574348] [WIS][01/07/2013] (.Tencent Technology (Shenzhen) Company Limit - Tencent QQ International.) -- C:\Windows\Installer\30a9886d.msi [1506816] =>Adware.TencentAddressBar
~ WIS: 136 Legitimates Filtered in 00mn 20s
---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 05/09/2011 72704 | (Adobe LM Service) . (.Adobe Systems.) - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
SR - | Auto 11/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 20/08/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Demand 31/03/2008 225280 | (ADSMService) . (.ASUSTek Computer Inc..) - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
SR - | Auto 08/12/2009 379520 | (AFBAgent) . (.ASUSTeK Computer Inc..) - C:\Windows\system32\FBAgent.exe
SR - | Auto 11/11/2009 202752 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 24/05/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 16/06/2009 84536 | (ASLDRService) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
SS - | Auto 10/11/2009 96896 | (ATKGFNEXSrv) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
SR - | Auto 30/10/2012 44808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 26/07/2013 2847696 | (BrowserDefendert) . (...) - C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe =>Hijacker.Eazel
SS - | Auto 11/02/2013 185176 | (Garmin Core Update Service) . (.Garmin Ltd or its subsidiaries.) - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
SS - | Auto 22/02/2013 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 22/02/2013 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SR - | Auto 19/03/2012 284512 | (IconixService) . (...) - C:\Program Files (x86)\Common Files\Iconix\IconixService.exe
SS - | Demand 07/06/2012 936848 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 01/10/2009 262144 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
SS - | Auto 28/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Demand 03/08/2007 125496 | (spmgr) . (...) - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
SR - | Auto 27/11/2009 243712 | (STacSV) . (.IDT, Inc..) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\STacSV64.exe
SR - | Auto 01/10/2009 2314240 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
SR - | Auto 02/05/2013 109064 | (WajamUpdater) . (.Wajam.) - C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe =>Toolbar.Wajam
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 00\00\0000 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 24s
---\\ Scan Additionnel (O88)
Database Version : v2.12874 - (01/09/2013)
Clés trouvées (Keys found) : 228
Valeurs trouvées (Values found) : 4
Dossiers trouvés (Folders found) : 29
Fichiers trouvés (Files found) : 43
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}] =>Toolbar.Wajam^
[HKLM\SYSTEM\CurrentControlSet\Services\BrowserDefendert] =>Hijacker.Eazel^
[HKLM\SYSTEM\CurrentControlSet\Services\WajamUpdater] =>Toolbar.Wajam^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}] =>Hijacker.Eazel^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{04DB50FA-EA80-4256-85F9-540C582E280D}] =>PUP.QuickShare^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Wajam] =>Toolbar.Wajam^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}] =>Toolbar.AskTBar
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}] =>Hijacker.SmartBar
[HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster
[HKLM\Software\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}] =>Toolbar.Wajam
[HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}] =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}] =>Toolbar.Wajam
[HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}] =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}] =>Toolbar.Wajam
[HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}] =>Hijacker.SmartBar
[HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke
[HKLM\Software\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}] =>Hijacker.SmartBar
[HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask
[HKLM\Software\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}] =>Hijacker.SmartBar
[HKLM\Software\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}] =>Hijacker.SmartBar
[HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask
[HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Toolbar.Ask
[HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask
[HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent
[HKLM\Software\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}] =>Hijacker.SmartBar
[HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}] =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}] =>Toolbar.Wajam
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D6533F74-218B-41BE-9D91-5BD471FECFFD}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Adware.Yontoo
[HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\GenericAskToolbar.DLL] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\ehdmaehkiiampolokajdcelladmnopgp] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp] =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib] =>Toolbar.Conduit
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater] =>Toolbar.Wajam
[HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\DataMngr] =>Adware.Bandoo
[HKCU\Software\iMesh] =>PUP.iMesh
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKCU\Software\OfferBox] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\OfferBox] =>PUP.OfferBox
[HKCU\Software\SmartbarBackup] =>Hijacker.SmartBar
[HKCU\Software\SmartbarLog] =>Hijacker.SmartBar
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Tarma Installer] =>Toolbar.Tarma
[HKCU\Software\WideStream] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Babylon_RASAPI32] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Babylon_RASMANCS] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\offerbox_RASAPI32] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\offerbox_RASMANCS] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASAPI32] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASMANCS] =>PUP.OfferBox
[HKLM\Software\Classes\AppID\priam_bho.DLL] =>Toolbar.Wajam
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings] =>PUP.BProtector
[HKLM\Software\Classes\AppID\secman.DLL] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>Toolbar.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>Toolbar.Tarma
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Microsoft\Tracing\QuickShare_RASAPI32] =>PUP.QuickShare
[HKLM\Software\Wow6432Node\Microsoft\Tracing\QuickShare_RASMANCS] =>PUP.QuickShare
[HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\Interface\{C3F058A9-407D-4CD1-8F66-B75605B54B69}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Interface\{C3F058A9-407D-4CD1-8F66-B75605B54B69}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{8911483C-C00A-4183-9FBC-6C9C00946C15}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Interface\{8911483C-C00A-4183-9FBC-6C9C00946C15}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF7BD87A-8024-11E2-F316-F3E56188709B}] =>PUP.DealPly
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF7BD87A-8024-11E2-F316-F3E56188709B}] =>PUP.DealPly
[HKLM\Software\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}] =>Toolbar.Babylon
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Tracing\boxore_RASAPI32] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Microsoft\Tracing\boxore_RASMANCS] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASAPI32] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASMANCS] =>Toolbar.Conduit
[HKLM\Software\Classes\AppID\BabylonHelper.EXE] =>Toolbar.Babylon
[HKCU\Software\BI] =>Adware.MegaSearch
[HKCU\Software\AppDataLow\Software\XingHaoLyrics] =>Adware.ShopperReports
[HKLM\Software\Classes\wajam.WajamBHO] =>Toolbar.Wajam
[HKLM\Software\Classes\wajam.WajamBHO.1] =>Toolbar.Wajam
[HKLM\Software\Classes\wajam.WajamDownloader] =>Toolbar.Wajam
[HKLM\Software\Classes\wajam.WajamDownloader.1] =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\wajam.WajamBHO] =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\wajam.WajamBHO.1] =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\wajam.WajamDownloader] =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\wajam.WajamDownloader.1] =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211101158}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211101158}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211101158}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}] =>Adware.Bandoo^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{ae07101b-46d4-4a98-af68-0333ea26e113} =>PUP.QuickShare^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Browser Infrastructure Helper =>PUP.QuickShare^
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.Avira
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.Avira
C:\Users\Elbereth Mormegil\AppData\Roaming\Mozilla\Firefox\Profiles\i85xmxp5.default\crossriderapp21058@crossrider.com =>PUP.CrossRider^
C:\Program Files (x86)\Tencent =>Adware.TencentAddressBar^
C:\Program Files (x86)\Wajam =>Toolbar.Wajam^
C:\Program Files (x86)\Common Files\Tencent =>Adware.TencentAddressBar^
C:\ProgramData\Babylon =>Toolbar.Babylon^
C:\ProgramData\BrowserDefender =>Hijacker.Eazel^
C:\ProgramData\Tarma Installer =>Toolbar.Tarma^
C:\ProgramData\Trymedia =>Adware.Trymedia^
C:\Users\Elbereth Mormegil\AppData\Roaming\B1Toolbar =>Hijacker.SearchB1org^
C:\Users\Elbereth Mormegil\AppData\Roaming\Babylon =>Toolbar.Babylon^
C:\Users\Elbereth Mormegil\AppData\Roaming\DealPly =>PUP.DealPly^
C:\Users\Elbereth Mormegil\AppData\Roaming\OfferBox =>PUP.OfferBox^
C:\Users\Elbereth Mormegil\AppData\Roaming\OpenCandy =>Adware.OpenCandy^
C:\Users\Elbereth Mormegil\AppData\Roaming\Tencent =>Adware.TencentAddressBar^
C:\Users\Elbereth Mormegil\AppData\Roaming\widestream =>Adware.SPointer^
C:\Users\Elbereth Mormegil\AppData\Local\Smartbar =>Hijacker.SmartBar^
C:\Users\Elbereth Mormegil\AppData\Local\Wajam =>Toolbar.Wajam^
C:\Users\Elbereth Mormegil\AppData\Local\widestream6 Air =>Adware.SPointer^
C:\Users\Elbereth Mormegil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter =>Crapware.SpyHunter^
C:\Users\Elbereth Mormegil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam =>Toolbar.Wajam^
C:\ProgramData\Software =>Adware.Boxore
C:\ProgramData\Partner =>Spyware.Partner
C:\Users\Elbereth Mormegil\AppData\Local\Conduit =>Toolbar.Conduit
C:\Users\Elbereth Mormegil\AppData\Local\Software =>Adware.Boxore
C:\Users\Elbereth Mormegil\AppData\Local\Bundled software uninstaller =>Adware.MegaSearch
C:\Users\Elbereth Mormegil\AppData\LocalLow\Conduit =>Toolbar.Conduit
C:\Users\Elbereth Mormegil\AppData\LocalLow\PriceGong =>Adware.PriceGong
C:\Users\Elbereth Mormegil\AppData\LocalLow\Smartbar =>Hijacker.SmartBar
C:\Users\Elbereth Mormegil\AppData\Local\Temp\Smartbar =>Hijacker.SmartBar
C:\Users\Elbereth Mormegil\AppData\Roaming\Mozilla\Firefox\Profiles\i85xmxp5.default\bprotector_extensions.sqlite =>PUP.BProtector
C:\Users\Elbereth Mormegil\AppData\Roaming\Mozilla\Firefox\Profiles\i85xmxp5.default\bprotector_prefs.js =>PUP.BProtector
C:\Users\Elbereth Mormegil\AppData\Roaming\Mozilla\Firefox\Profiles\i85xmxp5.default\SearchPlugins\sweetim.xml =>PUP.SweetIM
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe =>Hijacker.Eazel^
C:\Users\Elbereth Mormegil\AppData\Local\Smartbar\Application\QuickShare.exe =>PUP.QuickShare^
C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe =>Toolbar.Wajam^
C:\Users\Elbereth Mormegil\AppData\Roaming\Mozilla\Firefox\Profiles\i85xmxp5.default\searchplugins\babylon.xml =>Toolbar.Babylon^
C:\Users\Elbereth Mormegil\AppData\Roaming\Mozilla\Firefox\Profiles\i85xmxp5.default\searchplugins\BrowserDefender.xml =>Hijacker.Eazel^
C:\Users\Elbereth Mormegil\AppData\Roaming\Mozilla\Firefox\Profiles\i85xmxp5.default\searchplugins\delta.xml =>Toolbar.DeltaSearch^
C:\Users\Elbereth Mormegil\AppData\Roaming\Mozilla\Firefox\Profiles\i85xmxp5.default\searchplugins\sweetim.xml =>PUP.SweetIM^
C:\Program Files (x86)\Wajam\IE\priam_bho.dll =>Toolbar.Wajam^
C:\Windows\System32\mscoree.dll =>PUP.QuickShare^
C:\Program Files (x86)\Tencent\QQIntl\Bin\QQ.exe =>Adware.TencentAddressBar^
C:\Users\Elbereth Mormegil\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.exe =>PUP.DealPly^
[HKCU\Software\BabSolution] =>Hijacker.BabSolution^
[HKCU\Software\Conduit] =>Toolbar.Conduit^
[HKCU\Software\Datamngr] =>PUP.Datamngr^
[HKCU\Software\Smartbar] =>Hijacker.SmartBar^
[HKCU\Software\TENCENT] =>Adware.TencentAddressBar^
[HKCU\Software\Wajam] =>Toolbar.Wajam^
[HKCU\Software\yahooinstall] =>Toolbar.Yahoo^
[HKLM\Software\Wow6432Node\Babylon] =>Toolbar.Babylon^
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit^
[HKLM\Software\Wow6432Node\Tencent] =>Adware.TencentAddressBar^
C:\Users\Elbereth Mormegil\AppData\Local\Temp\bi_cleaner.exe =>Adware.MegaSearch^
C:\Users\Elbereth Mormegil\AppData\Local\Temp\dp.exe =>PUP.DealPly^
C:\Users\Elbereth Mormegil\AppData\Local\Temp\qqsafeud.exe =>Adware.TencentAddressBar^
C:\Users\Elbereth Mormegil\AppData\Local\Temp\QuickShare1.exe =>PUP.QuickShare^
C:\Users\Elbereth Mormegil\AppData\Local\Temp\selfupdate.exe =>Adware.TencentAddressBar^
C:\Users\Elbereth Mormegil\AppData\Local\Temp\SmartbarExeInstaller.exe =>Hijacker.SmartBar^
C:\Users\Elbereth Mormegil\AppData\Local\Temp\tssafeedit.dat =>Adware.TencentAddressBar^
C:\Users\Elbereth Mormegil\AppData\Local\Temp\uninst1.exe =>Toolbar.Babylon^
[HKCU\Software\5257d8d8b335ea13\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:dllName="BrowserDefender.dll" =>Hijacker.Eazel^
C:\Windows\Installer\264f3e46.msi =>PUP.QuickShare^
C:\Windows\Installer\30a9886d.msi =>Adware.TencentAddressBar^
C:\Users\Elbereth Mormegil\AppData\Local\Temp\nsf6C39.tmp =>Adware.MegaSearch
~ Additionnel Scan: 290743 Items scanned in 00mn 35s
---\\ Récapitulatif des détections trouvées sur votre station
~ MSI: 39 link(s) detected in 00mn 35s
~ 1327 Legitimates filtered by white list
End of the scan (1097 lines in 04mn 47s)(0)

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Bonjour,

 

Héberger les longs rapports svp!

 

1) Télécharge Junkware Removal Tool sur le bureau: http://www.bleepingcomputer.com/download/junkware-removal-tool/

Site éditeur: http://thisisudax.org/

Sous XP, double-clique sur l'icône et presse une touche lorsque cela sera demandé.

Sous Vista/7/8, clic droit/exécuter en temps qu'administrateur.

L'outil peut demander si on souhaite vérifier la présence d'une nouvelle version Y/N >> taper Y.
S'il découvre une version obsolète, il le dira et devrez presser une touche. L'outil se fermera. Mettez-le à la corbeille et téléchargez la dernière version.

Si c'est déjà la bonne version , il commencera sa recherche de malwares normalement. Patience svp.

Afin de ne pas fausser le rapport, ne passer l'outil qu'une seule fois svp!

Si l'antivirus fait des siennes: désactive-le provisoirement. Si tu ne sais pas comment faire, reporte-toi à cet article.

Poste le rapport généré à la fin de l'analyse.

NB: Le bureau disparaitra un instant, c'est normal.

>>>Si le rapport est long, l'héberger ici: http://cjoint.com ou http://dl.free.fr/

capture1-3bf0deb_zpsf4ca5241.jpg

capture2-3bf0dfa_zps7abd8f5a.jpg

------------------------------
2) Télécharge AdwCleaner par Xplode: http://general-changelog-team.fr/telechargements/logiciels/viewdownload/75-outils-de-xplode/28-adwcleaner

Enregistre-le sur le bureau (et pas ailleurs).

Afin de ne pas fausser le rapport, ne passer l'outil qu'une seule fois svp!

Si tu es sous XP double clique sur AdwCleaner pour lancer l'outil.
Si tu es sous Vista/Seven, clique droit sur AdwCleaner et choisis exécuter en temps qu'administrateur.

Clique sur Scanner et laisse travailler l'outil.

Cliquer sur Nettoyer, le bouton sera accessible.

Le rapport va s'ouvrir en fichier texte; copie la totalité de son contenu et colle-le dans ta réponse.

Le rapport est en outre sauvegardé sous C:\AdwCleaner[s0]

NB: Si l'outil "cale" en mode normal, le lancer en mode sans échec: http://www.vista-xp.fr/forum/topic93.html

A lire absolument: http://www.vista-xp.fr/forum/topic5482.html
http://www.vista-xp.fr/forum/topic10389.html

-------------------------

@++

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

C'est un comique ton "informaticien": il croit que les infections sont dans la poussière des ventilateurs?

 

Bon à rien, va! Mais pour empocher le pognon, ils sont capables hein!

 

C'est vrai qu'il faut nettoyer son ordi de temps en temps, mais ça n'a vraiment aucun rapport.

 

@++

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Les deux outils ont déjà pas mal dégagé ;)

 

1) Télécharger SFTGC.exe sur le Bureau >>>> il ne peut pas être ailleurs! L'y déplacer si nécessaire.

Sous XP, double cliquer sur le fichier.
Sous les autres versions de Windows, clic droit sur le fichier et choisir Exécuter en tant qu'administrateur.

Après l'initialisation, cliquer sur Go pour lancer le nettoyage.

Un rapport va s'ouvrir à la fin.
Ce rapport est sur le bureau (SFT.txt)

Héberger sur http://cjoint.com pour ne pas planter le sujet. ou http://dl.free.fr/

--------------------------
2) Télécharge Malwarebytes' Anti-Malware (MBAM).

Enregistre l'exécutable sur le bureau. http://fr.malwarebytes.org/

http://www.pcastuces.com/logitheque/malwarebytes_anti-malware.htm

Attention, ne rien installer d'autre que MBAM car il est parfois proposé des trucs inutiles comme Registry Booster ou autres bêtises. A éviter donc.
A la fin de l'installation, décocher la case proposant l'essai de la version Pro.

MBAMPRO.jpg

MBAMparam_zps4e3ce4d1.jpg

Si MBAM est déjà installé, aller directement à la mise à jour puis à l'analyse.

Ce logiciel est à garder.

Uniquement en cas de problème de mise à jour:

Télécharger mises à jour MBAM

Exécute le fichier après l'installation de MBAM

Connecter les supports amovibles (clés usb etc.) avant de lancer l'analyse.

  • Double clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
  • Sélectionne "Exécuter un examen complet"
  • Clique sur "Rechercher"
  • L'analyse démarre, le scan est relativement long, c'est normal.
  • A la fin de l'analyse, un message s'affiche :

     
    L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.

    Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
    Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.


Si MBAM demande à redémarrer le pc, fais-le.

Si au redémarrage Windows te dit qu'il a bloqué certains programmes de démarrage, clique sur la bulle puis sur Exécuter les programmes bloqués/Malwarebytes Anti-Malware.

 

---------------------------------------------------

3) Refais un scan ZHPDiag après ça stp.

 

@++

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

 

2.21 Go libérés. (45 s)

 

Hé bé... ;)

Elbereth Junior Member

Elbereth

Posté(e)
  • Auteur
Posté(e)

Oui ! ^^ J'ai commencé l'ordi avait 13.8 dispo sur 116 Go , après avoir installer tous tes logiciels, je suis remontée à 12 Go dispo, et là , 13.4 Go de libres ! C'est toujours moins qu'avant, mais ça a dû me supprimer pas mal de mer*** icon_grin6.gif

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...