[Résolu] Do-Search (2)

[letetra]

message trop court ca me met

[letetra]

~ Rapport de ZHPDiag v2013.12.1.4 - Nicolas Coolman (01/12/2013)
~ Lancé par utilisateur (01/12/2013 17:58:30)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16428
GCIE: Google Chrome v31.0.1650.57 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Business Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows® 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 24367
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft Security Client v4.4.0304.0
Secunia PSI
Ad-Aware Antivirus v10.4.49.4168
Windows Defender W7

---\\ Logiciels d'optimisation du système
CCleaner v3.15 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader XI
Java 7 Update 45

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1900 MB (30% free)
System Restore: Activé (Enable)
System drive C: has 23 GB (16%) free of 138 GB

---\\ Mode de connexion au système
~ Computer Name: UC
~ User Name: utilisateur
~ All Users Names: utilisateur, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\utilisateur\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\utilisateur\AppData\Roaming\
~ %Desktop% : C:\Users\utilisateur\Desktop\
~ %Favorites% : C:\Users\utilisateur\Favorites\
~ %LocalAppData% : C:\Users\utilisateur\AppData\Local\
~ %StartMenu% : C:\Users\utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 23 Go of 138 Go)
D: Hard drive, Flash drive, Thumb drive (Free 0 Go of 1 Go)
E: CD-ROM drive (Not Inserted)
Q: Hard drive, Flash drive, Thumb drive (Free 2 Go of 10 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.E6CB36B85BE59095337427E853A5B65A] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.17/11/2013 - 19:20:29.) -- C:\Windows\System32\wininet.dll [2332160]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 12:06:41.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 04s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/6318
~ Mes musiques (My Musics) : 1/24
~ Mes Videos (My Videos) : 1/3
~ Mes Favoris (My Favorites) : 1/90
~ Mes Documents (My Documents) : 7/4397
~ Mon Bureau (My Desktop) : 1/262
~ Menu demarrer (Programs) : 1/34
~ Hidden Files: Scanned in 00mn 22s



---\\ Processus lancés
[MD5.BB4CEE22CFE1C259F5C4279349EB879C] - (.Orange - Assistance Livebox.) -- C:\Program Files (x86)\Orange\Assistance Livebox\AssistanceLivebox.exe [149824] [PID.1592]
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.2100]
[MD5.299010E02918CE78E6A9839850928E69] - (...) -- C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe [525248] [PID.2108]
[MD5.7E6ACA6B6C89B7CD098944A9159DAED3] - (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248208] [PID.3444]
[MD5.F3F743635E8158E0D06614FBE2A7E6CD] - (.Logitech Inc. - Logitech Vid HD.) -- C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [5915480] [PID.3536]
[MD5.BAF535F843A3E790E04A7613811B55BC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.3624]
[MD5.9EDFB86FAA07BFED3C3D00211FAB6D82] - (.Orange - Assistance Livebox.) -- C:\Program Files (x86)\Orange\Assistance Livebox\dist\ST2.exe [13446464] [PID.1628]
[MD5.D2C618BC5394D6D91D148556F22016A5] - (.Secunia - Secunia PSI Tray.) -- C:\Program Files (x86)\Secunia\PSI\PSI_TRAY.exe [565464] [PID.5820]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ysWOW64\rundll32.exe [0] [PID.5624]
[MD5.E920721DC0E0A3DE33ED414E0D2D8354] - (.Conduit - Search Protect by Conduit.) -- C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe [4026656] [PID.6040] =>Toolbar.Conduit
[MD5.2967AE02ABA43E6A1A3E9D1398C74A83] - (.Conduit - Search Protect by Conduit.) -- C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe [2810656] [PID.4784] =>Toolbar.Conduit
[MD5.BB4F6465EEB9ACAA5C60C36983740219] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe [310352] [PID.5652] =>Toolbar.Google
[MD5.D645B082E49F8655F14C61DB4EEBBA1D] - (.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe [367016] [PID.1344]
[MD5.59A409BAB55E72D33409A8A99F50DB17] - (.IncrediMail, Ltd. - IncrediMail Tray Application.) -- C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe [264616] [PID.4764]
[MD5.C8A8321292A459B0A17FB39A782A5C74] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe [806096] [PID.5776]
[MD5.CC02FE4520CA886508069245D9A6962F] - (.Microsoft Corporation - Internet Low-Mic Utility Tool.) -- C:\Program Files (x86)\Internet Explorer\IELowutil.exe [222720] [PID.9740]
[MD5.3E02FD57FDAF184A15CCAD9D9BD9C626] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8263680] [PID.10056]
[MD5.67A95B9D129ED5399E7965CD09CF30E7] - (.Logitech Inc. - Logitech User mode UMVPF service.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848] [PID.352]
[MD5.A09A61CFDE15E5A67701EA812CE3F43F] - (.Lavasoft Limited - Ad-Aware Antivirus Service.) -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [1236968] [PID.1776]
[MD5.30E3850F303EAE5C364782EA78579CC9] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624] [PID.1816]
[MD5.CF7B0E597C1F34E528285495721DEEE9] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe [237960] [PID.1032]
[MD5.9D519AAA21E622DF7DF27041E0917499] - (.Pas de propriétaire - DedicarzService.) -- C:\Program Files (x86)\Orange\Assistance Livebox\dedicarz\DedicarzService.exe [1966960] [PID.1604]
[MD5.2763A02188FFB04287F5034EC5B6B451] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\AMT\LMS.exe [174616] [PID.1676]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.1428]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.2044]
[MD5.1014E1D146350347ED6D7ECE1C274DEF] - (.Lenovo - Power Manager Dynamic Brightness Control Se.) -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe [72256] [PID.2272]
[MD5.388AE59FE75F1B959DFA0900923C61BB] - (.Skype Technologies S.A. - Skype C2C Service.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000] [PID.2348]
[MD5.E4FAD21646088D79F8889B6531396ACF] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [93072] [PID.2472]
[MD5.D47E82866A6FF02DAE9CEDF127C4BEE0] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2066968] [PID.2508]
[MD5.99FC1599F89A80216E41175B8CA44D89] - (.GFI Software - GFI Software Anti Malware Service.) -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [3677000] [PID.3172]
[MD5.39AC444E07FDBD8C2E8E291A65D515D3] - (.Lenovo Group Limited - About ThinkVantage Technologies.) -- C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1019904] [PID.1608]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1424]
[MD5.DA6C0E0B15CD0B135FD385AEABAE3A4C] - (.Secunia - Secunia PSI Agent.) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504] [PID.5348]
[MD5.1C735146ABF27EEDDCF317996114FFD7] - (.Conduit - Search Protect by Conduit.) -- C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [1735968] [PID.5996] =>Toolbar.Conduit
[MD5.71761EDC432A0E39CF621105884E738E] - (.Secunia - Secunia Update Agent.) -- C:\Program Files (x86)\Secunia\PSI\sua.exe [660184] [PID.5992]
~ Processes Running: Scanned in 00mn 05s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\utilisateur\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 1 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\g7v8doxf.default\prefs.js
C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\p1zoskc1.default\prefs.js
C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\pwi8o4yy.default\prefs.js
C:\Users\utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\qohjijo9.default\prefs.js
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.5] - (...) -- C:\Program Files\VideoLAN\VLC\npvlc.dll (.not file.)
~ Firefox Browser: 6 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://do-search.com =>PUP.DoSearches
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://do-search.com =>PUP.DoSearches
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://do-search.com =>PUP.DoSearches
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://do-search.com =>PUP.DoSearches
~ IE Browser: 19 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback> =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:49207;https=127.0.0.1:49207 =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar [64Bits] - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{CD1A63BA-A08C-431B-9A34-F240AADC728D} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Ad-Aware Antivirus.lnk . (.Lavasoft Limited - Ad-Aware Antivirus Launcher.) -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher.exe
O4 - GS\Desktop [Public]: Brother Creative Center.lnk . (.Adobe Systems Incorporated - Adobe Reader.) -- C:\Program Files (x86)\Brother\CreativeCenter\Brother Creative Center.url
O4 - GS\Desktop [Public]: FaceOnBody.lnk . (...) -- C:\Program Files (x86)\FaceOnBody\FaceOnBody.exe
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://do-search.com =>PUP.DoSearches
O4 - GS\Desktop [Public]: IncrediMail.lnk . (.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
O4 - GS\Desktop [Public]: Orange Portail.lnk . (...) -- C:\Program Files\Orange\Orange Portail.exe
O4 - GS\Program [Public]: IncrediMail.lnk . (.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
O4 - GS\QuickLaunch [utilisateur]: Badoo.Desktop.lnk . (.Badoo - Badoo Desktop.) -- C:\ProgramData\Badoo\Badoo desktop\1.6.58.1220\Badoo.desktop.exe
O4 - GS\QuickLaunch [utilisateur]: Free Easy Burner.lnk . (.Koyote Soft - Main Application.) -- C:\Program Files (x86)\Free Easy CD DVD Burner\FreeEasyBurner.exe
O4 - GS\QuickLaunch [utilisateur]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://do-search.com =>PUP.DoSearches
O4 - GS\QuickLaunch [utilisateur]: IncrediMail 2.0.lnk . (.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
O4 - GS\QuickLaunch [utilisateur]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://do-search.com =>PUP.DoSearches
O4 - GS\TaskBar [utilisateur]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://do-search.com =>PUP.DoSearches
O4 - GS\TaskBar [utilisateur]: IncrediMail.lnk . (.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
O4 - GS\TaskBar [utilisateur]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://do-search.com =>PUP.DoSearches
O4 - GS\Program [utilisateur]: Badoo Desktop.lnk . (.Badoo - Badoo Desktop.) -- C:\ProgramData\Badoo\Badoo desktop\1.6.58.1220\Badoo.desktop.exe
O4 - GS\Program [utilisateur]: Create Amazing Presentations.lnk - Clé orpheline
O4 - GS\Program [utilisateur]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://do-search.com =>PUP.DoSearches
O4 - GS\Program [utilisateur]: Search.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://do-search.com =>PUP.DoSearches
O4 - GS\SystemTools [utilisateur]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://do-search.com =>PUP.DoSearches
O4 - GS\Desktop [utilisateur]: Assistance Livebox.lnk . (.Orange - Assistance Livebox.) -- C:\Program Files (x86)\Orange\Assistance Livebox\AssistanceLivebox.exe
O4 - GS\Desktop [utilisateur]: ATF-Cleaner (1) - Raccourci.lnk . (.Atribune.org - ATF Cleaner.exe.) -- C:\Users\utilisateur\ATF-Cleaner (1).exe
O4 - GS\Desktop [utilisateur]: Auslogics Disk Defrag.lnk . (.Auslogics - Disk Defrag.) -- C:\Program Files (x86)\Auslogics\Auslogics Disk Defrag\DiskDefrag.exe
O4 - GS\Desktop [utilisateur]: Bullzip PDF Printer.lnk . (...) -- C:\Program Files (x86)\Bullzip\PDF Printer\gui.exe (.not file.)
O4 - GS\Desktop [utilisateur]: ControlCenter3.lnk . (.Brother Industries, Ltd. - ControlCenter Program.) -- C:\Program Files (x86)\Brother\ControlCenter3\BrCtrCen.exe
O4 - GS\Desktop [utilisateur]: diskmgmt - Raccourci.lnk . (...) -- C:\Windows\System32\diskmgmt.msc
O4 - GS\Desktop [utilisateur]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://do-search.com =>PUP.DoSearches
O4 - GS\Desktop [utilisateur]: les.profs.2013.french.dvdrip.xvidartefac (1) - Raccourci.lnk . (...) -- C:\Users\utilisateur\les.profs.2013.french.dvdrip.xvidartefac (1).avi
~ Global Startup: 102 Legitimates Filtered in 00mn 13s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: Secunia PSI Tray.lnk . (.Secunia - Secunia PSI Tray.) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O4 - GS\Startup [utilisateur]: Logitech . Enregistrement du produit.lnk . (.Leader Technologies/Logitech - Product Registration.) -- C:\Program Files (x86)\Logitech\Ereg\eReg.exe
O4 - HKLM\..\Run: [Allin1Convert Home Page Guard 64 bit] C:\Program Files (x86)\ALLIN1~2\bar\1.bin\AppIntegrator64.exe (.not file.) =>Adware.Allin1Convert
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKCU\..\Run: [Orange Installer] . (...) -- C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe
O4 - HKCU\..\Run: [OrangeInside] . (.Orange - Executable Orange Inside.) -- C:\Users\utilisateur\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
O4 - HKCU\..\Run: [Logitech Vid] . (.Logitech Inc. - Logitech Vid HD.) -- C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
O4 - HKCU\..\Run: [ConduitFloatingPlugin_lcnnhcneegeeojhgpfijnlnocjdmlaon] . (.Conduit Ltd. - Conduit Toolbar Verifier.) -- C:\Users\utilisateur\AppData\Roaming\ValueApps\CH\TBVerifier.dll =>Toolbar.Conduit
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKCU\..\RunOnce: [uninstall C:\Users\utilisateur\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O4 - HKCU\..\RunOnce: [uninstall C:\Users\utilisateur\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314_1\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O4 - HKCU\..\RunOnce: [uninstall C:\Users\utilisateur\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314_1] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [mobilegeni daemon] . (...) -- C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [sunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\RunOnce: [Malwarebytes Anti-Malware (cleanup)] . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll
O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3913750368-3197513314-2863159900-1000\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3913750368-3197513314-2863159900-1000\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3913750368-3197513314-2863159900-1000\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKUS\S-1-5-21-3913750368-3197513314-2863159900-1000\..\Run: [Orange Installer] . (...) -- C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe
O4 - HKUS\S-1-5-21-3913750368-3197513314-2863159900-1000\..\Run: [OrangeInside] . (.Orange - Executable Orange Inside.) -- C:\Users\utilisateur\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
O4 - HKUS\S-1-5-21-3913750368-3197513314-2863159900-1000\..\Run: [Logitech Vid] . (.Logitech Inc. - Logitech Vid HD.) -- C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
O4 - HKUS\S-1-5-21-3913750368-3197513314-2863159900-1000\..\Run: [ConduitFloatingPlugin_lcnnhcneegeeojhgpfijnlnocjdmlaon] . (.Conduit Ltd. - Conduit Toolbar Verifier.) -- C:\Users\utilisateur\AppData\Roaming\ValueApps\CH\TBVerifier.dll =>Toolbar.Conduit
O4 - HKUS\S-1-5-21-3913750368-3197513314-2863159900-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKUS\S-1-5-21-3913750368-3197513314-2863159900-1000\..\RunOnce: [uninstall C:\Users\utilisateur\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3913750368-3197513314-2863159900-1000\..\RunOnce: [uninstall C:\Users\utilisateur\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314_1\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3913750368-3197513314-2863159900-1000\..\RunOnce: [uninstall C:\Users\utilisateur\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314_1] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 01s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{DC953BB4-E8C2-4D1F-8A2E-77120470E05E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{DC953BB4-E8C2-4D1F-8A2E-77120470E05E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{DC953BB4-E8C2-4D1F-8A2E-77120470E05E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{DC953BB4-E8C2-4D1F-8A2E-77120470E05E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807553E5-5146-11D5-A672-00B0D022E945} . (...) --
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll (.not file.) =>Toolbar.Conduit
~ AppInit DLL: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Dedicarz Service (Dedicarz Service) . (.Pas de propriétaire - DedicarzService.) - C:\Program Files (x86)\Orange\Assistance Livebox\dedicarz\DedicarzService.exe
O23 - Service: Session Launcher Service (PelService) . (...) - C:\Program Files\Lenovo\Lenovo Mouse Suite\PelService.exe
O23 - Service: Intel® Management and Security Application User Notificat (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
~ Services: 21 Legitimates Filtered in 00mn 07s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job [528]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SystemToolsDailyTest.job [466]
[MD5.00000000000000000000000000000000] [APT] [browserSafeguard Update Task] (...) -- C:\Program Files (x86)\Browsersafeguard\uninstall.browsersafeguard.exe (.not file.) [0] =>PUP.BrowserSafeguard
[MD5.00000000000000000000000000000000] [APT] [Test TimeTrigger] (...) -- C:\Users\utilisateur\AppData\Local\Temp\Runner.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{0186D450-2065-4CA0-AF5E-F74513A3BD76}] (...) -- G:\Face On Body v2.4\FOB_Install.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{09C398BC-781B-4160-9C13-8F86FA30C8D9}] (...) -- E:\autorun.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{1D74CCD9-FCF0-4A97-B857-C43EC50C0D2C}] (...) -- G:\InstallTomTomHOME.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{28FF1E8E-93A4-4415-A395-2F368854D5F7}] (...) -- C:\Users\utilisateur\Documents\Downloads\Programs\sp45115_2.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{2B2B98A0-B68D-4C81-BE81-D3A0B8B00217}] (...) -- C:\Users\utilisateur\Documents\Downloads\Programs\sp45115.exe (.not file.) [0]
[MD5.63B340D8E0A47B3B86F9F8056AA49840] [APT] [{3AF90D0F-1639-453B-90F3-99E71BF70023}] (...) -- C:\Users\utilisateur\LeechGet_1800 (3).exe [3054220]
[MD5.00000000000000000000000000000000] [APT] [{48051221-F14A-4A5C-82F3-73B79FE4EE05}] (...) -- C:\Users\utilisateur\Documents\Downloads\Programs\sp45115_4.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{57F15F4A-77A8-4D3D-95C7-23C4BABF65E6}] (...) -- E:\Setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{66A3050A-5789-4490-A56B-82DFE34E390F}] (...) -- D:\InstallTomTomHOME.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A250079E-665E-43B5-AD5A-3A18B6AA93CB}] (...) -- E:\autorun.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A7247161-7A71-4E72-8924-11DAB557BF23}] (...) -- C:\Users\utilisateur\Downloads\ie6setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{BABE044D-1E90-4AB3-9A6B-76BA3CA2C887}] (...) -- F:\Face On Body v2.4\FOB_Install.exe (.not file.) [0]
[MD5.63B340D8E0A47B3B86F9F8056AA49840] [APT] [{BBA080A9-0A58-45F5-9671-944EF05D5137}] (...) -- C:\Users\utilisateur\LeechGet_1800 (1).exe [3054220]
[MD5.00000000000000000000000000000000] [APT] [{C0EC1A29-55D5-4671-B83A-153404EF5E53}] (...) -- E:\menu.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{C14C3045-E94C-4E47-B50B-D28424B0F928}] (...) -- F:\driver wifi\CNP-WF518N1_XP_VISTA.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{C3C19DE6-BD67-4235-B0D5-6340EB3C3F49}] (...) -- C:\Users\utilisateur\Documents\Downloads\Programs\sp45115_5.exe (.not file.) [0]
~ Scheduled Task: 43 Legitimates Filtered in 00mn 07s



---\\ Logiciels installés (O42)
O42 - Logiciel: Allin1Convert Firefox Toolbar - (.Mindspark Interactive Network.) [HKLM][64Bits] -- Allin1Convert_8hbar Uninstall Firefox =>Adware.Allin1Convert
O42 - Logiciel: BrowseToSave - (...) [HKLM][64Bits] -- {6BCB9D72-C934-460D-A4E6-8116B028BF84} =>Adware.Browse2Save
O42 - Logiciel: BrowserSafeguard - (.Browsersafeguard.) [HKLM][64Bits] -- Browsersafeguard =>PUP.BrowserSafeguard
O42 - Logiciel: BuzzSearch 2013.11.07.232809 - (.BuzzSearch.) [HKLM][64Bits] -- BuzzSearch =>PUP.BuzzSearch
O42 - Logiciel: FaceOnBody - (...) [HKLM][64Bits] -- FaceOnBody
O42 - Logiciel: FaceOnBody Pro v 2.4 - (...) [HKLM][64Bits] -- FaceOnBody Pro v 2.4
O42 - Logiciel: IncrediMail - (.IncrediMail.) [HKLM][64Bits] -- {2CF22C94-1369-4C04-9A5F-A4BC6D91B508}
O42 - Logiciel: IncrediMail 2.0 - (.IncrediMail Ltd..) [HKLM][64Bits] -- IncrediMail
O42 - Logiciel: InstallBrain Updater Service - (...) [HKLM][64Bits] -- InstallBrain Updater Service =>Adware.IncrediBar
O42 - Logiciel: Lollipop - (.Lollipop Network, S.L..) [HKCU][64Bits] -- lollipop_11282036 =>Adware.Lollipop
O42 - Logiciel: Photo Loader 2.3F - (...) [HKLM][64Bits] -- {70B45586-B51E-4947-A258-A895596C5CED}
~ Logic: 43 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Allin1Convert_8h] =>Adware.Allin1Convert
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\FaceOnBody2]
[HKCU\Software\IncrediMail]
[HKCU\Software\SecuredDownload]
[HKCU\Software\SpeedBit]
[HKCU\Software\mixidj LTD] =>Toolbar.MixiDJ
[HKLM\Software\Wow6432Node\Allin1Convert_8h] =>Adware.Allin1Convert
[HKLM\Software\Wow6432Node\VBMZ] =>PUP.Duuqu
[HKLM\Software\mamverifier]
~ Key Software: 421 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 29/06/2012 - 10:44:00 - [3,599] ----D C:\Program Files (x86)\FaceOnBody
O43 - CFD: 29/06/2012 - 10:57:47 - [2,693] ----D C:\Program Files (x86)\FaceOnBody Pro
O43 - CFD: 28/06/2012 - 17:39:59 - [3,970] ----D C:\Program Files (x86)\FaceOnBody2
O43 - CFD: 18/12/2012 - 21:22:05 - [26,519] ----D C:\Program Files (x86)\IncrediMail
O43 - CFD: 30/11/2013 - 13:51:37 - [0,307] ----D C:\Program Files (x86)\SProtector =>PUP.Mocaflix
O43 - CFD: 27/11/2013 - 20:56:44 - [0] ----D C:\Program Files (x86)\Storimbo =>PUP.Storimbo
O43 - CFD: 03/02/2013 - 22:22:41 - [0] ----D C:\Program Files (x86)\Common Files\SpeedBit
O43 - CFD: 30/11/2013 - 12:04:30 - [0,004] ----D C:\ProgramData\1ED2
O43 - CFD: 03/02/2013 - 10:19:43 - [1,245] ----D C:\ProgramData\Ad-Aware Browsing Protection
O43 - CFD: 18/10/2013 - 20:28:26 - [2,494] ----D C:\ProgramData\FaceOnBody
O43 - CFD: 28/06/2012 - 18:06:33 - [2,417] ----D C:\ProgramData\FaceOnBody2
O43 - CFD: 23/04/2012 - 18:14:32 - [0] ----D C:\ProgramData\IM
O43 - CFD: 23/04/2012 - 18:13:35 - [6,571] ----D C:\ProgramData\IncrediMail
O43 - CFD: 11/06/2013 - 12:45:58 - [5,473] ----D C:\ProgramData\InstallMate =>PUP.Tarma
O43 - CFD: 30/11/2013 - 13:51:37 - [0,004] ----D C:\ProgramData\OptimizerPro1 =>PUP.OptimizerPro
O43 - CFD: 03/02/2013 - 22:35:56 - [0] ----D C:\ProgramData\SpeedBit
O43 - CFD: 24/04/2012 - 08:01:41 - [0] ----D C:\Users\utilisateur\AppData\Roaming\Update
O43 - CFD: 01/12/2013 - 15:21:30 - [0,269] ----D C:\Users\utilisateur\AppData\Roaming\ValueApps =>Toolbar.Conduit
O43 - CFD: 25/04/2013 - 20:23:28 - [684,603] ----D C:\Users\utilisateur\AppData\Local\IM
~ Program Folder: 280 Legitimates Filtered in 04mn 00s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.71C6DA542D2F7AB957A91E87AE544682] - 01/12/2013 - 15:05:45 ---A- . (...) -- C:\Windows\SysNative\lvcoinst.log [93397]
O44 - LFC:[MD5.71C6DA542D2F7AB957A91E87AE544682] - 01/12/2013 - 15:05:45 ---A- . (...) -- C:\Windows\System32\lvcoinst.log [93397]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 01/12/2013 - 15:21:38 ---A- . (...) -- C:\END [0]
O44 - LFC:[MD5.7CA425B753335C7CB78AF001EB74A208] - 01/12/2013 - 18:03:45 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [25408]
O44 - LFC:[MD5.7CA425B753335C7CB78AF001EB74A208] - 01/12/2013 - 18:03:45 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [25408]
O44 - LFC:[MD5.7CA425B753335C7CB78AF001EB74A208] - 01/12/2013 - 18:03:45 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [25408]
O44 - LFC:[MD5.7CA425B753335C7CB78AF001EB74A208] - 01/12/2013 - 18:03:45 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [25408]
O44 - LFC:[MD5.F862CD08F1AD4EE39BD506853F3C6103] - 17/11/2013 - 19:20:27 ---A- . (...) -- C:\Windows\SysNative\ieuinit.inf [16284]
O44 - LFC:[MD5.F862CD08F1AD4EE39BD506853F3C6103] - 17/11/2013 - 19:20:27 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [16284]
~ Files: 142 Legitimates Filtered in 00mn 10s



---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Allin1Convert Search Scope Monitor [Key] . (...) -- C:\Program Files (x86)\ALLIN1~2\bar\1.bin\8hsrchmn.exe (.not file.) =>Adware.Allin1Convert
O53 - SMSR:HKLM\...\startupreg\Allin1Convert_8h Browser Plugin Loader [Key] . (...) -- C:\Program Files (x86)\ALLIN1~2\bar\1.bin\8hbrmon.exe (.not file.) =>Adware.Allin1Convert
O53 - SMSR:HKLM\...\startupreg\Cld2000.exe [Key] . (...) -- C:\Program Files (x86)\Calendrier\Cld2000.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\ISUSPM [Key] . (...) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\PWMTRV [Key] . (...) -- rundll32 C:\Program Files (x86)\ThinkPad\UTILIT~1\PWMTR64V.dll (.not file.)
O53 - SMSR:HKLM\...\startupreg\PWRAGD [Key] . (...) -- C:\Program Files (x86)\ThinkPad\Utilities\DPMHost.exe
~ SMSR Keys: 35 Legitimates Filtered in 00mn 03s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.14908F4F9005C29DE8F5587E271390EE] - 02/02/2013 - 19:37:38 ---A- . (.GFI Software - GFI Boot Time Operations Driver.) -- C:\Windows\System32\Drivers\gfibto.sys [14456]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.1E7A1B51F1F15E20C70913FFBB4AA77F] - 20/09/2007 - 13:11:18 ----- . (.Primax Electronics Ltd. - PS/2 Mouse Filter Driver (For Windows 2000 Only).) -- C:\Windows\System32\Drivers\PELBTM.SYS [16384]
O58 - SDL:[MD5.355238115A4E65CD09DA6790BC33DB5E] - 23/04/2009 - 14:58:16 ----- . (.Primax Electronics Ltd. - Mouse Suite Driver (For Windows 2000 and Whistler Only).) -- C:\Windows\System32\Drivers\PELMOUBT.SYS [22016]
O58 - SDL:[MD5.EACDC573AB61DAB9FBA200C6A6E2371E] - 30/06/2009 - 10:09:56 ----- . (.Primax Electronics Ltd. - PS/2 Mouse Filter Driver.) -- C:\Windows\System32\Drivers\PELPS2M.SYS [14336]
O58 - SDL:[MD5.DD3FD48D69F5FBBB21D46D1514C1C2DB] - 04/11/2013 - 13:42:02 ---A- . (.Secunia - Secunia PSI Driver.) -- C:\Windows\System32\Drivers\psi_mf_amd64.sys [18456]
O58 - SDL:[MD5.A48B9F81D3C2BA989AE2D566747B4623] - 10/08/2005 - 13:46:20 ---A- . (.Protection Technology - StarForce Protection Environment Driver.) -- C:\Windows\System32\Drivers\sfdrv01.sys [68608]
O58 - SDL:[MD5.9E0ECDA6C72C5D0D8CF3F0FBA076422B] - 16/05/2005 - 14:21:16 ---A- . (.Protection Technology - StarForce Protection Helper Driver.) -- C:\Windows\System32\Drivers\sfhlp02.sys [7168]
O58 - SDL:[MD5.F65D13175EBF3FA49B1F7F948926A16E] - 03/11/2005 - 15:40:56 ---A- . (.Protection Technology - StarForce Protection VFS Driver.) -- C:\Windows\System32\Drivers\sfvfs02.sys [89600]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:[MD5.34859D3801F4BD3DACFA131DD928455A] - 21/02/2012 - 14:58:50 ---A- . (.Windows ® 2000 DDK provider - Image Mounter SCSI Port Driver.) -- C:\Windows\System32\Drivers\uimx64.sys [59184]
O58 - SDL:[MD5.C9E9D59C0099A9FF51697E9306A44240] - 13/12/2012 - 12:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
~ Drivers: 16 Legitimates Filtered in 00mn 09s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://do-search.com =>PUP.DoSearches
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <Torch> <>[HKLM\..\Shell\open\Command] (.Not Key.)
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} [DefaultScope] - (Conduit Search) - http://search.conduit.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - http://r.orange.fr
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.378189889438568FEF3D98588283B3A5] [sPRF][11/11/2013] (...) -- C:\Users\utilisateur\AppData\Local\Temp\Quarantine.exe [350377]
[MD5.466C4732BC4B126B94B0E69C6B5A2348] [sPRF][01/09/2013] (.Pas de propriétaire - SendMsg.) -- C:\Users\utilisateur\AppData\Local\Temp\SendMsg.dll [9216]
[MD5.B7610CA5EF88CD23ADD687FEEBBD3DDE] [sPRF][28/11/2013] (...) -- C:\Users\utilisateur\AppData\Local\Temp\sh4plist.dat [284]
[MD5.C8F3AD4CA2B268C6F939739E7547AD48] [sPRF][28/11/2013] (...) -- C:\Users\utilisateur\AppData\Local\Temp\SHSetup.exe [46777424] =>Crapware.SpyHunter
[MD5.006CC8260405E231C2006A0CEA2127FD] [sPRF][08/11/2013] (.Robert Simpson, et al. - System.Data.SQLite Interop Assembly.) -- C:\Users\utilisateur\AppData\Local\Temp\System.Data.SQLite.dll [1053184]
[MD5.16E53BFC96CE14021C0E07EB1C198478] [sPRF][18/12/2012] (...) -- C:\Users\utilisateur\AppData\Roaming\inst.exe [99384]
[MD5.22A5CE3F835C5F25EA4613B509C99BE7] [sPRF][22/10/2012] (...) -- C:\Users\utilisateur\Desktop\spyhunterS4.exe [32218776] =>Crapware.SpyHunter
~ Files: 13 Legitimates Filtered in 00mn 07s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{432CE224-B330-4614-88CC-D477B215B155}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\adawaretb\dtUser.exe (.not file.) =>Toolbar.Adaware
O87 - FAEL: "{2C55F6E0-AA74-4BAA-98E3-76C5811A97CE}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\adawaretb\dtUser.exe (.not file.) =>Toolbar.Adaware
O87 - FAEL: "TCP Query User{3E09D98A-840F-4B31-99BE-83D65246217A}C:\program files (x86)\flashget network\flashget 3\flashget3.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\flashget network\flashget 3\flashget3.exe (.not file.)
O87 - FAEL: "UDP Query User{B9E5E51D-829D-44F8-82E3-9FF2C1BE1AA0}C:\program files (x86)\flashget network\flashget 3\flashget3.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\flashget network\flashget 3\flashget3.exe (.not file.)
O87 - FAEL: "TCP Query User{E72B84C9-6665-425C-AB27-D67F500FEDD8}C:\program files (x86)\gigatribe\gigatribe.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\gigatribe\gigatribe.exe (.not file.)
O87 - FAEL: "UDP Query User{A205476E-E002-48AA-8632-E964975C0C3B}C:\program files (x86)\gigatribe\gigatribe.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\gigatribe\gigatribe.exe (.not file.)
O87 - FAEL: "TCP Query User{F8DF37AA-60BD-47AC-AFCA-5CDC1794B4CD}C:\program files (x86)\internet download manager\idman.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\internet download manager\idman.exe (.not file.)
O87 - FAEL: "UDP Query User{724EF1CB-10C0-4A28-BD14-FD831A9B404B}C:\program files (x86)\internet download manager\idman.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\internet download manager\idman.exe (.not file.)
O87 - FAEL: "{FA5C6362-16E3-4862-B267-F6F800551230}" |In - Public - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe (.not file.)
O87 - FAEL: "{928CA1FF-B1A8-48FE-B0E5-58AC1D0FC9D0}" |In - Public - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe (.not file.)
O87 - FAEL: "{41D983B3-7652-4F04-A018-683991816994}" | In - Public - P6 - FALSE | .(.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
O87 - FAEL: "{A4AC4A3C-8EF9-436E-B54F-0956195061A3}" | In - Public - P17 - FALSE | .(.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
O87 - FAEL: "{F09A9820-6A3A-469E-BC4A-2ED24A55175B}" | In - Public - P6 - FALSE | .(.IncrediMail, Ltd. - IncrediMail Tray Application.) -- C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
O87 - FAEL: "{8F4FB771-D955-4DD0-A645-A88582A172B9}" | In - Public - P17 - FALSE | .(.IncrediMail, Ltd. - IncrediMail Tray Application.) -- C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
O87 - FAEL: "{F8F27A5A-82C5-46B0-897B-6003A3CCD9CC}" | In - Public - P6 - FALSE | .(.IncrediMail, Ltd. - IncrediMail Content Importer.) -- C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
O87 - FAEL: "{87E5883A-4B38-466A-817E-40777980740E}" | In - Public - P17 - FALSE | .(.IncrediMail, Ltd. - IncrediMail Content Importer.) -- C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
O87 - FAEL: "{0C86694D-1ED6-402C-9950-8F45295DCB95}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Music Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe (.not file.) =>Adware.Bandoo
O87 - FAEL: "{BA297341-8562-4CF2-9AE7-E7DFCD5AD384}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Music Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe (.not file.) =>Adware.Bandoo
O87 - FAEL: "{7AF38A30-C18A-4208-A697-F88C67FD7A89}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe (.not file.) =>PUP.iMesh
~ Firewall: 239 Legitimates Filtered in 00mn 04s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "49C22FC2963140C4A9F54ACBD6195B80" . (.IncrediMail.) -- C:\Windows\Installer\{2CF22C94-1369-4C04-9A5F-A4BC6D91B508}\ARPPRODUCTICON.exe
~ Update Products: 80 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.AD0D3E2D2761E96364C21C5C0ECD1C85] [WIS][14/05/2013] (.IncrediMail - IncrediMail.) -- C:\Windows\Installer\1a39691.msi [2688512]
[MD5.B67811645C5A3B8E4E4B1A1DB1EE271C] [WIS][02/04/2013] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\ef962.msi [45056] =>Adware.Boxore
~ WIS: 83 Legitimates Filtered in 00mn 29s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 01/12/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 24/04/2012 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 16/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 22/10/2004 73728 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
SS - | Auto 29/08/2013 1073160 | (Orange update Core Service) . (.Orange SA.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
SS - | Auto 05/09/2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 06/07/2010 1475896 | (TVT Backup Service) . (.Lenovo Group Limited.) - C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation

SR - | Auto 14/12/2012 1236968 | (Ad-Aware Service) . (.Lavasoft Limited.) - C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
SR - | Auto 05/09/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 10/06/2013 1966960 | (Dedicarz Service) . (...) - C:\Program Files (x86)\Orange\Assistance Livebox\dedicarz\DedicarzService.exe
SR - | Auto 24/04/2012 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SR - | Demand 02/11/2013 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 07/10/2009 174616 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\AMT\LMS.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 23/10/2013 23808 | (MsMpSvc) . (.Microsoft Corporation.) - c:\Program Files\Microsoft Security Client\MsMpEng.exe
SR - | Auto 22/04/2010 177152 | (PelService) . (...) - C:\Program Files\Lenovo\Lenovo Mouse Suite\PelService.exe
SR - | Auto 13/08/2009 72256 | (Power Manager DBC Service) . (.Lenovo.) - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
SR - | Auto 20/09/2012 3677000 | (SBAMSvc) . (.GFI Software.) - C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
SR - | Auto 04/11/2013 1228504 | (Secunia PSI Agent) . (.Secunia.) - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
SR - | Auto 04/11/2013 660184 | (Secunia Update Agent) . (.Secunia.) - C:\Program Files (x86)\Secunia\PSI\sua.exe
SR - | Auto 02/10/2012 3064000 | (Skype C2C Service) . (.Skype Technologies S.A..) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
SR - | Auto 28/08/2009 1019904 | (ThinkVantage Registry Monitor Service) . (.Lenovo Group Limited.) - C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
SR - | Auto 27/08/2013 93072 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
SR - | Auto 18/01/2012 450848 | (UMVPFSrv) . (.Logitech Inc..) - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
SR - | Auto 07/10/2009 2066968 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 35s



---\\ Scan Additionnel (O88)
Database Version : 13007 - (01/12/2013)
Clés trouvées (Keys found) : 64
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 7
Fichiers trouvés (Files found) : 10

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Allin1Convert_8hbar Uninstall Firefox] =>Adware.Allin1Convert^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6BCB9D72-C934-460D-A4E6-8116B028BF84}] =>Adware.Browse2Save^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Browsersafeguard] =>PUP.BrowserSafeguard^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\BuzzSearch] =>PUP.BuzzSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallBrain Updater Service] =>Adware.IncrediBar^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\lollipop_11282036] =>Adware.Lollipop^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Allin1Convert Search Scope Monitor] =>Adware.Allin1Convert^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Allin1Convert_8h Browser Plugin Loader] =>Adware.Allin1Convert^
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPUpdater] =>Hijacker.BabSolution
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Orange
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160] =>Adware.PredictAd
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\BA086F2D38A8E1A47912955A68B3AD24] =>Adware.PredictAd
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Tuto Avast_is1] =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Wow6432Node\VBMZ] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKCU\Software\mixidj LTD] =>Adware.SmileyBar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1EAD96AE2CB1DE84BAA9425A8CCA0817] =>Adware.Boxore
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95525BD9-6136-4A26-8263-9CEE295D442D}] =>Toolbar.4shared
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95525BD9-6136-4A26-8263-9CEE295D442D}] =>Toolbar.4shared
[HKLM\Software\Classes\CLSID\{95525BD9-6136-4A26-8263-9CEE295D442D}] =>Toolbar.4shared
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95525BD9-6136-4A26-8263-9CEE295D442D}] =>Toolbar.4shared
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95525BD9-6136-4A26-8263-9CEE295D442D}] =>Toolbar.4shared
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95080B13-AA71-4EE8-B951-7E98221E1ED5}] =>Toolbar.4shared
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallBrain Updater Service] =>Adware.InstallBrain
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10245650-5917-4ff8-BED6-ABB91DD73E47}] =>Adware.BDSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{116ba71c-8187-4f15-9a1f-c9d6289155d1}] =>Adware.BDSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CD1A63BA-A08C-431B-9A34-F240AADC728D}] =>Adware.MyWebSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CD1A63BA-A08C-431B-9A34-F240AADC728D}] =>Adware.MyWebSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C2FB10-84C3-44EB-9F9E-860FA1D9A797}] =>Adware.Allin1Convert
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C2FB10-84C3-44EB-9F9E-860FA1D9A797}] =>Adware.Allin1Convert
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A4C2FB10-84C3-44EB-9F9E-860FA1D9A797}] =>Adware.Allin1Convert
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d}] =>Adware.Allin1Convert
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d}] =>Adware.Allin1Convert
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d}] =>Adware.Allin1Convert
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Allin1Convert_8hbar Uninstall Firefox] =>Adware.Allin1Convert
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Allin1Convert_8hbar Uninstall Internet Explorer] =>Adware.Allin1Convert
[HKCU\Software\Allin1Convert_8h] =>Adware.Allin1Convert
[HKCU\Software\AppDataLow\Software\Allin1Convert_8h] =>Adware.Allin1Convert
[HKLM\Software\Wow6432Node\Allin1Convert_8h] =>Adware.Allin1Convert
[HKLM\Software\Classes\protector_dll.protectorbho] =>PUP.BProtector
[HKLM\Software\Classes\protector_dll.protectorbho.1] =>PUP.BProtector
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dealply] =>PUP.DealPly
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyLiveUpdateTaskMachineCore] =>PUP.DealPly
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyLiveUpdateTaskMachineUA] =>PUP.DealPly
[HKLM\Software\Classes\IncrediSpooler.DeltaSync] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\IncrediSpooler.DeltaSync.1] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\IncrediSpooler.DeltaSync] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\IncrediSpooler.DeltaSync.1] =>Toolbar.DeltaSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Allin1Convert Home Page Guard 64 bit =>Adware.Allin1Convert^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:ConduitFloatingPlugin_lcnnhcneegeeojhgpfijnlnocjdmlaon =>Toolbar.Conduit^
C:\Program Files (x86)\SProtector =>PUP.Mocaflix^
C:\Program Files (x86)\Storimbo =>PUP.Storimbo^
C:\ProgramData\InstallMate =>PUP.Tarma^
C:\ProgramData\OptimizerPro1 =>PUP.OptimizerPro^
C:\Users\utilisateur\AppData\Roaming\ValueApps =>Toolbar.Conduit^
C:\Program Files (x86)\SearchProtect =>Toolbar.Conduit
C:\Users\utilisateur\AppData\Local\SearchProtect =>Toolbar.Conduit
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe =>Toolbar.Conduit^
C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe =>Toolbar.Conduit^
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe =>Toolbar.Google^
C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe =>Toolbar.Conduit^
[HKCU\Software\Conduit] =>Toolbar.Conduit^
C:\Users\utilisateur\AppData\Local\Temp\SHSetup.exe =>Crapware.SpyHunter^
C:\Users\utilisateur\Desktop\spyhunterS4.exe =>Crapware.SpyHunter^
C:\Windows\Installer\ef962.msi =>Adware.Boxore^
C:\Users\utilisateur\AppData\Local\Temp\OB.exe =>PUP.OfferBox
~ Additionnel Scan: 332879 Items scanned in 01mn 17s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/33477786-pup-dosearches =>PUP.DoSearches
~ http://nicolascoolman.webs.com/apps/blog/show/27232411-hijacker-proxy =>Hijacker.Proxy
~ http://nicolascoolman.webs.com/apps/blog/show/30478407-adware-allin1convert =>Adware.Allin1Convert
~ http://nicolascoolman.webs.com/apps/blog/show/32799788-pup-browsersafeguard =>PUP.BrowserSafeguard
~ http://nicolascoolman.webs.com/apps/blog/show/26627530-adware-browse2save =>Adware.Browse2Save
~ http://nicolascoolman.webs.com/apps/blog/show/36784739-pup-buzzsearch =>PUP.BuzzSearch
~ http://nicolascoolman.webs.com/apps/blog/show/26898222-adware-incredibar =>Adware.Incredibar
~ http://nicolascoolman.webs.com/apps/blog/show/26630902-adware-lollipop =>Adware.Lollipop
~ http://nicolascoolman.webs.com/apps/blog/show/37752731-pup-duuqu =>PUP.Duuqu
~ http://nicolascoolman.webs.com/apps/blog/show/28486577-pup-mocaflix =>PUP.MocaFlix
~ http://nicolascoolman.webs.com/apps/blog/show/38130097-pup-storimbo =>PUP.Storimbo
~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma
~ http://nicolascoolman.webs.com/apps/blog/show/28204239-pup-optimizerpro =>PUP.OptimizerPro
~ http://nicolascoolman.webs.com/apps/blog/show/26609241-crapware-spyhunter =>Crapware.SpyHunter
~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo
~ http://nicolascoolman.webs.com/apps/blog/show/28441146-pup-imesh =>PUP.iMesh
~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
~ http://nicolascoolman.webs.com/apps/blog/show/26678994-hijacker-babsolution =>Hijacker.BabSolution
~ http://nicolascoolman.webs.com/apps/blog/show/27229962-adware-predictad =>Adware.PredictAd
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch =>Adware.MyWebSearch
~ http://nicolascoolman.webs.com/apps/blog/show/26627641-spyware-agenceexclusive =>Spyware.AgenceExclusive
~ http://nicolascoolman.webs.com/apps/blog/show/27530912-adware-smileybar =>Adware.SmileyBar
~ http://nicolascoolman.webs.com/apps/blog/show/26907365-adware-installbrain =>Adware.InstallBrain
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/28158343-adware-bdsearch =>Adware.BDSearch
~ http://nicolascoolman.webs.com/apps/blog/show/28133096-pup-bprotector =>PUP.BProtector
~ http://nicolascoolman.webs.com/apps/blog/show/28060597-pup-dealply =>PUP.DealPly
~ http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/28606910-pup-offerbox =>PUP.OfferBox
~ MSI: 31 link(s) detected in 01mn 17s



~ 1524 Legitimates filtered by white list
End of the scan (724 lines in 08mn 15s)(0)

[Apollo]

Pourrais-tu être plus explicite? As-tu pu télécharger ZHPDiag avec mon dernier lien?

[letetra]

ca me refusait d'envoyer le rapport en mettant: message trop court, mais là tu l'as le rapport.?

[Apollo]

Combien de fois faudra-t-il demander et en quelle langue, d'héberger ces gros rapports?

 

ZHPFix :

• Ferme toutes les applications ouvertes
  
• Double-clique sur ZHPFix, raccourci installé par ZHPDiag sur le Bureau
  Important:
  Sous Vista et Windows 7/8 : il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur.
  
• Copie les lignes ci-dessous dans la fenêtre

sauf citation.

 

 

Script ZHPFix

R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = <http://do-search.com> =>PUP.DoSearches
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = <http://do-search.com> =>PUP.DoSearches
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = <http://do-search.com> =>PUP.DoSearches
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = <http://do-search.com> =>PUP.DoSearches
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback> =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:49207;https=127.0.0.1:49207 =>Hijacker.Proxy
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{CD1A63BA-A08C-431B-9A34-F240AADC728D} Clé orpheline => Infection PUP (Adware.MyWebSearch)
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <http://do-search.com> =>PUP.DoSearches
O4 - GS\QuickLaunch [utilisateur]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <http://do-search.com> =>PUP.DoSearches
O4 - GS\QuickLaunch [utilisateur]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe <http://do-search.com> =>PUP.DoSearches
O4 - GS\TaskBar [utilisateur]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <http://do-search.com> =>PUP.DoSearches
O4 - GS\TaskBar [utilisateur]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe <http://do-search.com> =>PUP.DoSearches
O4 - GS\Program [utilisateur]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe <http://do-search.com> =>PUP.DoSearches
O4 - GS\Program [utilisateur]: Search.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <http://do-search.com> =>PUP.DoSearches
O4 - GS\SystemTools [utilisateur]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe <http://do-search.com> =>PUP.DoSearches
O4 - GS\Desktop [utilisateur]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe <http://do-search.com> =>PUP.DoSearches
O4 - HKLM\..\Run: [Allin1Convert Home Page Guard 64 bit] C:\Program Files (x86)\ALLIN1~2\bar\1.bin\AppIntegrator64.exe (.not file.) =>Adware.Allin1Convert
[MD5.00000000000000000000000000000000] [APT] [browserSafeguard Update Task] (...) -- C:\Program Files (x86)\Browsersafeguard\uninstall.browsersafeguard.exe (.not file.) [0] =>PUP.BrowserSafeguard
[MD5.00000000000000000000000000000000] [APT] [{C0EC1A29-55D5-4671-B83A-153404EF5E53}] (...) -- E:\menu.exe (.not file.) [0] => Infection USB (Trojan.USB)
O42 - Logiciel: Allin1Convert Firefox Toolbar - (.Mindspark Interactive Network.) [HKLM][64Bits] -- Allin1Convert_8hbar Uninstall Firefox =>Adware.Allin1Convert
O42 - Logiciel: BrowseToSave - (...) [HKLM][64Bits] -- {6BCB9D72-C934-460D-A4E6-8116B028BF84} =>Adware.Browse2Save
O42 - Logiciel: BrowserSafeguard - (.Browsersafeguard.) [HKLM][64Bits] -- Browsersafeguard =>PUP.BrowserSafeguard
O42 - Logiciel: BuzzSearch 2013.11.07.232809 - (.BuzzSearch.) [HKLM][64Bits] -- BuzzSearch =>PUP.BuzzSearch
O42 - Logiciel: InstallBrain Updater Service - (...) [HKLM][64Bits] -- InstallBrain Updater Service =>Adware.IncrediBar
O42 - Logiciel: Lollipop - (.Lollipop Network, S.L..) [HKCU][64Bits] -- lollipop_11282036 =>Adware.Lollipop
[HKCU\Software\Allin1Convert_8h] =>Adware.Allin1Convert
[HKLM\Software\Wow6432Node\Allin1Convert_8h] =>Adware.Allin1Convert
[HKLM\Software\Wow6432Node\VBMZ] =>PUP.Duuqu
O43 - CFD: 30/11/2013 - 13:51:37 - [0,307] ----D C:\Program Files (x86)\SProtector =>PUP.Mocaflix
O43 - CFD: 27/11/2013 - 20:56:44 - [0] ----D C:\Program Files (x86)\Storimbo =>PUP.Storimbo
O43 - CFD: 11/06/2013 - 12:45:58 - [5,473] ----D C:\ProgramData\InstallMate =>PUP.Tarma
O43 - CFD: 30/11/2013 - 13:51:37 - [0,004] ----D C:\ProgramData\OptimizerPro1 =>PUP.OptimizerPro
O53 - SMSR:HKLM\...\startupreg\Allin1Convert Search Scope Monitor [Key] . (...) -- C:\Program Files (x86)\ALLIN1~2\bar\1.bin\8hsrchmn.exe (.not file.) =>Adware.Allin1Convert
O53 - SMSR:HKLM\...\startupreg\Allin1Convert_8h Browser Plugin Loader [Key] . (...) -- C:\Program Files (x86)\ALLIN1~2\bar\1.bin\8hbrmon.exe (.not file.) =>Adware.Allin1Convert
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" <http://do-search.com> =>PUP.DoSearches
[MD5.C8F3AD4CA2B268C6F939739E7547AD48] [sPRF][28/11/2013] (...) -- C:\Users\utilisateur\AppData\Local\Temp\SHSetup.exe [46777424] =>Crapware.SpyHunter
[MD5.22A5CE3F835C5F25EA4613B509C99BE7] [sPRF][22/10/2012] (...) -- C:\Users\utilisateur\Desktop\spyhunterS4.exe [32218776] =>Crapware.SpyHunter
O87 - FAEL: "{0C86694D-1ED6-402C-9950-8F45295DCB95}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Music Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe (.not file.) =>Adware.Bandoo
O87 - FAEL: "{BA297341-8562-4CF2-9AE7-E7DFCD5AD384}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Music Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe (.not file.) =>Adware.Bandoo
O87 - FAEL: "{7AF38A30-C18A-4208-A697-F88C67FD7A89}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe (.not file.) =>PUP.iMesh
[MD5.B67811645C5A3B8E4E4B1A1DB1EE271C] [WIS][02/04/2013] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\ef962.msi [45056] =>Adware.Boxore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Allin1Convert_8hbar Uninstall Firefox] =>Adware.Allin1Convert^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6BCB9D72-C934-460D-A4E6-8116B028BF84}] =>Adware.Browse2Save^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Browsersafeguard] =>PUP.BrowserSafeguard^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\BuzzSearch] =>PUP.BuzzSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallBrain Updater Service] =>Adware.IncrediBar^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\lollipop_11282036] =>Adware.Lollipop^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Allin1Convert Search Scope Monitor] =>Adware.Allin1Convert^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Allin1Convert_8h Browser Plugin Loader] =>Adware.Allin1Convert^
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPUpdater] =>Hijacker.BabSolution
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160] =>Adware.PredictAd
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\BA086F2D38A8E1A47912955A68B3AD24] =>Adware.PredictAd
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Tuto Avast_is1] =>Spyware.AgenceExclusive
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKCU\Software\mixidj LTD] =>Adware.SmileyBar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1EAD96AE2CB1DE84BAA9425A8CCA0817] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallBrain Updater Service] =>Adware.InstallBrain
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10245650-5917-4ff8-BED6-ABB91DD73E47}] =>Adware.BDSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{116ba71c-8187-4f15-9a1f-c9d6289155d1}] =>Adware.BDSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CD1A63BA-A08C-431B-9A34-F240AADC728D}] =>Adware.MyWebSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CD1A63BA-A08C-431B-9A34-F240AADC728D}] =>Adware.MyWebSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C2FB10-84C3-44EB-9F9E-860FA1D9A797}] =>Adware.Allin1Convert
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C2FB10-84C3-44EB-9F9E-860FA1D9A797}] =>Adware.Allin1Convert
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A4C2FB10-84C3-44EB-9F9E-860FA1D9A797}] =>Adware.Allin1Convert
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d}] =>Adware.Allin1Convert
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d}] =>Adware.Allin1Convert
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d}] =>Adware.Allin1Convert
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Allin1Convert_8hbar Uninstall Firefox] =>Adware.Allin1Convert
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Allin1Convert_8hbar Uninstall Internet Explorer] =>Adware.Allin1Convert
[HKCU\Software\AppDataLow\Software\Allin1Convert_8h] =>Adware.Allin1Convert
[HKLM\Software\Classes\protector_dll.protectorbho] =>PUP.BProtector
[HKLM\Software\Classes\protector_dll.protectorbho.1] =>PUP.BProtector
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dealply] =>PUP.DealPly
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyLiveUpdateTaskMachineCore] =>PUP.DealPly
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyLiveUpdateTaskMachineUA] =>PUP.DealPly
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Allin1Convert Home Page Guard 64 bit =>Adware.Allin1Convert^
C:\Program Files (x86)\SProtector =>PUP.Mocaflix^
C:\Program Files (x86)\Storimbo =>PUP.Storimbo^
C:\ProgramData\InstallMate =>PUP.Tarma^
C:\ProgramData\OptimizerPro1 =>PUP.OptimizerPro^
C:\Users\utilisateur\AppData\Local\Temp\SHSetup.exe =>Crapware.SpyHunter^
C:\Users\utilisateur\Desktop\spyhunterS4.exe =>Crapware.SpyHunter^
C:\Windows\Installer\ef962.msi =>Adware.Boxore^
C:\Users\utilisateur\AppData\Local\Temp\OB.exe =>PUP.OfferBox

Firewallraz
shortcutfix

proxyfix
emptytemp
emptyflash

 

Cliquer sur IMPORTER., cela devrait coller le contenu du presse papier dans la fenêtre ZHPFix.

• Le script doit automatiquement apparaitre dans ZHPFix.
  Clique sur le bouton GO pour lancer le nettoyage

• Valide par Oui la désinstallation des programmes si demandé.
  
• Laisse l'outil travailler. Si un redémarrage est demandé, accepte et redémarre le PC
  
• Le rapport ZHPFixReport.txt s'affiche. Copie-colle le contenu de ce rapport dans ta réponse.
  Le rapport ZHPFixReport.txt est enregistré sous C:\ZHP\ZHPFix.txt

Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide.

[letetra]

Rapport de ZHPFix 2013.12.1.2 par Nicolas Coolman, Update du 01/12/2013

Fichier d'export Registre :

Run by utilisateur at 01/12/2013 18:34:05

High Elevated Privileges : OK

Windows 7 Business Edition, 64-bit Service Pack 1 (Build 7601)

 

Corbeille vidée (00mn 12s)

Réparation des raccourcis navigateur

 

========== Logiciels ==========

SUPPRIMÉ: Allin1Convert Firefox Toolbar

ABSENT Uninstall Process: c:\program files (x86)\browsersafeguard\uninstall.browsersafeguard.exed=browsersafeguard-pitch-unmonetized

ABSENT Uninstall Process: c:\programdata\installbrainservice\ibsvc.exe

 

========== Processus mémoire ==========

SUPPRIMÉ: Memory Process: C:\Users\utilisateur\AppData\Local\Temp\SHSetup.exe

SUPPRIMÉ: Memory Process: C:\Users\utilisateur\Desktop\spyhunterS4.exe

SUPPRIMÉ: Memory Process: C:\Users\utilisateur\AppData\Local\Temp\OB.exe

 

========== Clés du Registre ==========

SUPPRIMÉ: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Allin1Convert_8hbar Uninstall Firefox]

SUPPRIMÉ Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Browsersafeguard]

SUPPRIMÉ Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallBrain Updater Service]

SUPPRIMÉ: HKCU\Software\Allin1Convert_8h

SUPPRIMÉ: HKLM\Software\Wow6432Node\Allin1Convert_8h

SUPPRIMÉ: HKLM\Software\Wow6432Node\VBMZ

SUPPRIMÉ:* StartupReg: Allin1Convert Search Scope Monitor

SUPPRIMÉ:* StartupReg: Allin1Convert_8h Browser Plugin Loader

SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6BCB9D72-C934-460D-A4E6-8116B028BF84}

SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\BuzzSearch

SUPPRIMÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\lollipop_11282036

SUPPRIMÉ:* HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPUpdater

SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160

SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\BA086F2D38A8E1A47912955A68B3AD24

SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9

SUPPRIMÉ: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Tuto Avast_is1

SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8

SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375

SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5

SUPPRIMÉ: HKCU\Software\mixidj LTD

SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1EAD96AE2CB1DE84BAA9425A8CCA0817

SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47

SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856

SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494

SUPPRIMÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10245650-5917-4ff8-BED6-ABB91DD73E47}

SUPPRIMÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{116ba71c-8187-4f15-9a1f-c9d6289155d1}

SUPPRIMÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CD1A63BA-A08C-431B-9A34-F240AADC728D}

SUPPRIMÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CD1A63BA-A08C-431B-9A34-F240AADC728D}

SUPPRIMÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C2FB10-84C3-44EB-9F9E-860FA1D9A797}

SUPPRIMÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C2FB10-84C3-44EB-9F9E-860FA1D9A797}

SUPPRIMÉ: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A4C2FB10-84C3-44EB-9F9E-860FA1D9A797}

SUPPRIMÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d}

SUPPRIMÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d}

SUPPRIMÉ: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d}

SUPPRIMÉ: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Allin1Convert_8hbar Uninstall Internet Explorer

SUPPRIMÉ: HKCU\Software\AppDataLow\Software\Allin1Convert_8h

SUPPRIMÉ: HKLM\Software\Classes\protector_dll.protectorbho

SUPPRIMÉ: HKLM\Software\Classes\protector_dll.protectorbho.1

SUPPRIMÉ:* HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dealply

SUPPRIMÉ:* HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyLiveUpdateTaskMachineCore

SUPPRIMÉ:* HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyLiveUpdateTaskMachineUA

SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA

SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC

 

========== Valeurs du Registre ==========

SUPPRIMÉ: Toolbar: {CD1A63BA-A08C-431B-9A34-F240AADC728D}

SUPPRIMÉ RunValue: Allin1Convert Home Page Guard 64 bit

SUPPRIMÉ: {0C86694D-1ED6-402C-9950-8F45295DCB95}

SUPPRIMÉ: {BA297341-8562-4CF2-9AE7-E7DFCD5AD384}

SUPPRIMÉ: {7AF38A30-C18A-4208-A697-F88C67FD7A89}

SUPPRIMÉ: FirewallRaz (SP) : C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe

Aucune Valeur Domain Profile: FirewallRaz :

SUPPRIMÉ: FirewallRaz (Public) : {CC71B1AD-DA78-41E1-87DD-AF297FEF0ECD}

SUPPRIMÉ: FirewallRaz (Public) : {62B4EA69-4916-4A54-81A4-77ADADF82CE9}

SUPPRIMÉ: FirewallRaz (None) : {47904B9D-5A00-4B0E-84AD-1A5FC51AE162}

SUPPRIMÉ: FirewallRaz (Public) : {432CE224-B330-4614-88CC-D477B215B155}

SUPPRIMÉ: FirewallRaz (Public) : {2C55F6E0-AA74-4BAA-98E3-76C5811A97CE}

SUPPRIMÉ: FirewallRaz (Public) : TCP Query User{3E09D98A-840F-4B31-99BE-83D65246217A}C:\program files (x86)\flashget network\flashget 3\flashget3.exe

SUPPRIMÉ: FirewallRaz (Public) : UDP Query User{B9E5E51D-829D-44F8-82E3-9FF2C1BE1AA0}C:\program files (x86)\flashget network\flashget 3\flashget3.exe

SUPPRIMÉ: FirewallRaz (Public) : {2CE91DA6-2D22-4A9C-BF8D-379F8FBCFF50}

SUPPRIMÉ: FirewallRaz (Public) : {B81FED49-FF20-427C-AF06-D9579A219A68}

SUPPRIMÉ: FirewallRaz (Public) : TCP Query User{E72B84C9-6665-425C-AB27-D67F500FEDD8}C:\program files (x86)\gigatribe\gigatribe.exe

SUPPRIMÉ: FirewallRaz (Public) : UDP Query User{A205476E-E002-48AA-8632-E964975C0C3B}C:\program files (x86)\gigatribe\gigatribe.exe

SUPPRIMÉ: FirewallRaz (Public) : TCP Query User{F8DF37AA-60BD-47AC-AFCA-5CDC1794B4CD}C:\program files (x86)\internet download manager\idman.exe

SUPPRIMÉ: FirewallRaz (Public) : UDP Query User{724EF1CB-10C0-4A28-BD14-FD831A9B404B}C:\program files (x86)\internet download manager\idman.exe

SUPPRIMÉ: FirewallRaz (Public) : {FA5C6362-16E3-4862-B267-F6F800551230}

SUPPRIMÉ: FirewallRaz (Public) : {928CA1FF-B1A8-48FE-B0E5-58AC1D0FC9D0}

SUPPRIMÉ: FirewallRaz (Public) : {E34DFBB5-CEA8-4913-AAB7-4F0B5EB402DF}

SUPPRIMÉ: FirewallRaz (Public) : {505CD6B0-186E-4D9F-9451-30EDF928575F}

SUPPRIMÉ: FirewallRaz (Public) : TCP Query User{E0D91D59-5944-4E6F-B2BF-69F6958AD874}C:\program files (x86)\tmnationsforever\tmforever.exe

SUPPRIMÉ: FirewallRaz (Public) : UDP Query User{143269FB-2F2A-4A8E-8C9F-50709A3DAB8F}C:\program files (x86)\tmnationsforever\tmforever.exe

SUPPRIMÉ: FirewallRaz (None) : {EA118A7E-A296-4953-BE07-A2D48D40B0BC}

SUPPRIMÉ: FirewallRaz (None) : {5E5DA190-AE57-4A77-AB1E-D682C0BDF263}

ProxyFix : Configuration proxy supprimée avec succès

SUPPRIMÉ ProxyServer Value

SUPPRIMÉ ProxyEnable Value

SUPPRIMÉ EnableHttp1_1 Value

SUPPRIMÉ ProxyHttp1.1 Value

SUPPRIMÉ ProxyOverride Value

 

========== Eléments de donnée du Registre ==========

SUPPRIMÉ: R0 - Main,Start Page = KLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page

SUPPRIMÉ: R1 Search Page =

SUPPRIMÉ: StartMenuInternet: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" <http://do-search.com>

 

========== Dossiers ==========

SUPPRIMÉ: C:\Program Files (x86)\SProtector

SUPPRIMÉ: C:\Program Files (x86)\Storimbo

SUPPRIMÉ: C:\ProgramData\InstallMate

SUPPRIMÉ: C:\ProgramData\OptimizerPro1

SUPPRIMÉS Temporaires Windows (133)

SUPPRIMÉS Flash Cookies (0)

 

========== Fichiers ==========

SUPPRIMÉ: c:\users\public\desktop\google chrome.lnk (http://do-search.com>)

SUPPRIMÉ: c:\users\utilisateur\appdata\roaming\microsoft\internet explorer\quick launch\google chrome.lnk (http://do-search.com>)

SUPPRIMÉ: c:\users\utilisateur\appdata\roaming\microsoft\internet explorer\quick launch\launch internet explorer browser.lnk (http://do-search.com>)

SUPPRIMÉ: c:\users\utilisateur\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\google chrome.lnk (http://do-search.com>)

SUPPRIMÉ: c:\users\utilisateur\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\internet explorer.lnk (http://do-search.com>)

SUPPRIMÉ: c:\users\utilisateur\appdata\roaming\microsoft\windows\start menu\programs\internet explorer.lnk (http://do-search.com>)

SUPPRIMÉ: c:\users\utilisateur\appdata\roaming\microsoft\windows\start menu\programs\search.lnk (http://do-search.com>)

SUPPRIMÉ: c:\users\utilisateur\appdata\roaming\microsoft\windows\start menu\programs\accessories\system tools\internet explorer (no add-ons).lnk (http://do-search.com>)

SUPPRIMÉ: c:\users\utilisateur\desktop\internet explorer (64-bit).lnk (http://do-search.com>)

SUPPRIMÉ: C:\Windows\Installer\ef962.msi

SUPPRIMÉS Temporaires Windows (554) (122 028 781 octets)

SUPPRIMÉS Flash Cookies (0) (0 octets)

 

========== Tache planifiée ==========

SUPPRIMÉ: BrowserSafeguard Update Task

SUPPRIMÉ: {C0EC1A29-55D5-4671-B83A-153404EF5E53}

 

 

========== Récapitulatif ==========

3 : Processus mémoire

43 : Clés du Registre

34 : Valeurs du Registre

3 : Eléments de donnée du Registre

6 : Dossiers

12 : Fichiers

3 : Logiciels

2 : Tache planifiée

 

 

End of clean in 00mn 50s

 

========== Chemin de fichier rapport ==========

C:\Users\utilisateur\AppData\Roaming\ZHP\ZHPFix[R1].txt - 01/12/2013 18:30:41 [494]

C:\Users\utilisateur\AppData\Roaming\ZHP\ZHPFix[R2].txt - 01/12/2013 18:34:18 [10485]

[Apollo]

Comment se comporte la machine?

 

Fais ces vérifications de sécurité stp:

http://theknitter-apollo.xooit.com/p17644.htm

Ou ici: http://www.vista-xp.fr/forum/topic13109.html#p108827

[letetra]

DO Search toujours présent

[Apollo]

Sauvegarde favoris Firefox: http://support.mozilla.org/fr/kb/restaurer-marque-pages-deplacer-ordinateur

Sauvegarde favoris Chrome: http://support.google.com/chrome/bin/answer.py?hl=fr&answer=96816

Désinstaller le navigateur avec RevoUninstaller: http://theknitter-apollo.xooit.com/p20405.htm

Réinstaller son navigateur. (dernière version pour bien faire).

 

Réinitialiser Explorer:

Outils/options Internet/Avancé >> Cliquer sur Réinitialiser.

Rien ne sera perdu, comme les favoris etc.
Il y a juste certains Active X qui seront désactivés, il suffira d'aller dans Outils/gérer les modules complémentaires pour réactiver ceux qui sont nécessaires.

Modifié le 1 décembre 2013 par Apollo

[letetra]

secunia me signale qu'adobe reader xi11.x que la mise à jour à échoué,pourtant ca s'est installé