FORUM D’ENTRAIDE INFORMATIQUE (FEI)Site d’assistance et de sécurité informatique

[miniroi]

bonjour
j ai des pages internet qui s ouvre toute seule
j ai passé un coup de zhp diag donc voici le rapport
merci d avance de votre aide


~ Rapport de ZHPDiag v2013.11.6.11 - Nicolas Coolman  (06/11/2013)
~ Lancé par mick (07/11/2013 16:56:32)
~ Adresse du Site Web  http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program


---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16721
GCIE: Google Chrome v30.0.1599.101 (Defaut)
GCIE: Google Chrome Frame v30.0.1599.101 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_COA_SLP channel
Windows ID Activation : OK
~ Windows Partial Key : 9YVRV
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
avast! Free Antivirus v8.0.1489.0
Windows Defender W7

---\\ Logiciels d'optimisation du système
CCleaner v4.06 =Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 ActiveX
Adobe Reader XI
Java 7 Update 45

---\\ Informations sur le système
~ Processor: AMD64 Family 16 Model 6 Stepping 2, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3839 MB (67% free)
System Restore: Activé (Enable)
System drive C: has 52 GB (8%) free of 596 GB

---\\ Mode de connexion au système
~ Computer Name: MICK-PC
~ User Name: mick
~ All Users Names: UpdatusUser, mick, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\mick\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\mick\AppData\Roaming\
~ %Desktop% : C:\Users\mick\Desktop\
~ %Favorites% : C:\Users\mick\Favorites\
~ %LocalAppData% : C:\Users\mick\AppData\Local\
~ %StartMenu% : C:\Users\mick\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 52 Go of 596 Go)
D: CD-ROM drive (Not Inserted)
E: Floppy drive, Flash card reader, USB Key (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
I: CD-ROM drive (Free 0 Go of 5 Go)
J: CD-ROM drive (Free 0 Go of 1 Go)
K: CD-ROM drive (Not Inserted)
L: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  Out Of Date
~ Security Center: 41 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.AC4C51EB24AA95B77F705AB159189E24] - (.Microsoft Corporation - Explorateur Windows.) (.21/11/2010 - 04:24:11.) -- C:\Windows\Explorer.exe [2872320]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.D28B35DE88D27EFB27DF4B1E8319E3C0] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/09/2013 - 23:55:10.) -- C:\Windows\System32\wininet.dll [2241024]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 8/3115
~ Mes musiques (My Musics) : 12/168
~ Mes Videos (My Videos) : 1/17
~ Mes Favoris (My Favorites) : 1/83
~ Mes Documents (My Documents) : 3/4901
~ Mon Bureau (My Desktop) : 1/122
~ Menu demarrer (Programs) : 1/66
~ Hidden Files:  Scanned in 00mn 04s



---\\ Processus lancés
[MD5.327390D564D124C248DE624750D52D01] - (.Simplygen - ProtectedSearch.) -- C:\Program Files (x86)\HomeTab\ProtectedSearch.exe   [88648] [PID.1296]  =Adware.PredictAd
[MD5.94171331B984EF16FDB0890AA995A4DE] - (.D-Link Corp. - D-Link WLAN Application.) -- C:\Program Files (x86)\D-Link\DWA-131 revA\wirelesscm.exe   [505152] [PID.3960]
[MD5.3F11B20D12D89365D7721BDC860CE5F0] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe   [4858968] [PID.4008]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   [254336] [PID.4044]
[MD5.2C911DAC840451896880BB7CC3B82735] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [8183296] [PID.2800]
[MD5.28D6701C710AD7BA3CB95E75F8F1A9AA] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe   [46808] [PID.1284]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe   [65640] [PID.1676]
[MD5.CF7B0E597C1F34E528285495721DEEE9] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe   [237960] [PID.1448]
[MD5.C71EE856C4F5B52E2D094F494CEE4936] - (.Pas de propriétaire - WlanSvc Application.) -- C:\Program Files (x86)\D-Link\DWA-131 revA\WlanWpsSvc.exe   [167936] [PID.2624]
[MD5.84E035225474E48CD3A6A3CE52332095] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe   [1258856] [PID.2584]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [116648] [PID.4980]
~ Processes Running:  Scanned in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\mick\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://search.certified-toolbar.com =PUP.CertifiedToolbar
G0 - GCSP: Preference [User Data\Default][HomePage] about:newtab?source=home
G2 - GCE: Preference [User Data\Default] [bakijjialdiiboeaknfpmflphhmljfkd] Nouvel onglet v.9.4 (Activé) =Adware.SearchYa
G2 - GCE: Preference [User Data\Default] [booedmolknjekdopkepjjeckmjkdpfgl] Managerr v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [efbkdhmfnmnmfimllbjamfodcoanhmdd] WebToSave v.5.2.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [flpcjncodpafbgdpnkljologafpionhb] Managera v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [hnofepcmbghfcimfbjicplikedjcnalm] Coupons Malibu v.2.0.1.9 (Activé)
G2 - GCE: Preference [User Data\Default] [hpljfflibaokjcndmchkfjalpjjblioc] My Movie Magnet v.4.0.0.0 (Activé)
G2 - GCE: Preference [User Data\Default] [iijngnlhcebnigailgiknadgjehhlppg] HomeTab v.4.9, (Activé) =PUP.CertifiedToolbar
G2 - GCE: Preference [User Data\Default] [khongjfjjmklggionajlpjcpmnppdace] BargainJoy v.3.3.3.0 (Activé)
G2 - GCE: Preference [User Data\Default] [lladpgmmlijbmhfknhgkenkhikoaapmj] Real Summer Sale v.5.0.0.0 (Activé)
G2 - GCE: Preference [User Data\Default] [mphpbdjcljebbcnfopfngmfdackbbdgf] DealPly  Shopping v.3.5.0.0 (Désactivé) =PUP.DealPly
~ Google Browser: 19 Legitimates Filtered in 00mn 19s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com =PUP.CertifiedToolbar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com =PUP.CertifiedToolbar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com =PUP.CertifiedToolbar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com =PUP.CertifiedToolbar
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab
~ IE Browser: 15 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: HomeTab [64Bits] - {6d848594-ca01-4891-b4b7-9dbb05b1a053} . (.Simply Tech LTD. - wtb Module.) -- C:\Users\mick\AppData\Roaming\HomeTab\HomeTab.dll =PUP.CertifiedToolbar
~ BHO: 10 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar:  Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Anno 1701.lnk . (.Related Designs Software GmbH - Anno 1701.)  -- C:\Program Files (x86)\Anno 1701\Anno1701.exe
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: Hotel Giant 2.lnk . (...)  -- C:\Program Files (x86)\Nobilis\Hotel Giant 2\HG2.exe
O4 - GS\Desktop [Public]: Imperium Romanum - Gold Edition.lnk . (...)  -- C:\Program Files (x86)\Kalypso Media\Imperium Romanum - Gold Edition\Imperium Romanum.exe
O4 - GS\Desktop [Public]: Le Maître de l'Olympe et le Maître de l'Atlandide.lnk . (.Sierra - Zeus and Poseidon.)  -- C:\Sierra\Le Maître de l' Olympe  Zeus\zeus.exe
O4 - GS\Desktop [Public]: Les Sims™ Medieval Nobles et Pirates.lnk . (.Electronic Arts, Inc. - SimsMedievalLauncher.)  -- C:\Program Files (x86)\Electronic Arts\Les Sims Medieval Nobles et Pirates\Game\Bin\SimsMedievalLauncher.exe
O4 - GS\Desktop [Public]: RomStation.lnk . (...)  -- C:\Program Files (x86)\RomStation\RomStation.exe
O4 - GS\Desktop [Public]: Theme Hospital.lnk . (.DOSBox Team - DOSBox DOS Emulator.)  -- C:\Program Files (x86)\GOG.com\Theme Hospital\DOSBOX\DOSBox.exe
O4 - GS\Desktop [UpdatusUser]: CD Keys.lnk . (...)  -- C:\Program Files (x86)\Camtech\CD Keys\CDKeys.exe (.not file.)
O4 - GS\Desktop [UpdatusUser]: GameSpy Arcade.lnk . (...)  -- C:\Program Files (x86)\GameSpy Arcade\Aphex.exe (.not file.)
O4 - GS\Desktop [UpdatusUser]: Jugar Jurassic Park Operation Genesis.lnk . (...)  -- C:\Program Files (x86)\Universal Interactive\Blue Tongue Software\Jurassic Park Operation Genesis\JPOG\SimJP.exe (.not file.)
O4 - GS\Desktop [UpdatusUser]: Jurassic Park Operation Genesis.lnk . (...)  -- C:\Program Files (x86)\Universal Interactive\Blue Tongue Software\Jurassic Park Operation Genesis\JPOG\SimJP.exe (.not file.)
O4 - GS\Desktop [UpdatusUser]: The Settlers II - 10th Anniversary - Éditeur de carte.lnk . (...)  -- C:\Program Files (x86)\Ubisoft\Funatics\The Settlers II - 10th Anniversary\bin\S2DNGEditor.exe (.not file.)
O4 - GS\Desktop [UpdatusUser]: The Settlers II - 10th Anniversary.lnk . (...)  -- C:\Program Files (x86)\Ubisoft\Funatics\The Settlers II - 10th Anniversary\bin\S2DNG.exe (.not file.)
O4 - GS\Desktop [UpdatusUser]: Worms - Àðìàãåääîí.lnk . (...)  -- C:\Program Files (x86)\Russobit-M\Worms Armageddon\wa.exe (.not file.)
O4 - GS\QuickLaunch [mick]: BitTorrent.lnk . (.BitTorrent Inc. - BitTorrent.)  -- C:\Users\mick\AppData\Roaming\BitTorrent\BitTorrent.exe =P2P.BitTorrent
O4 - GS\QuickLaunch [mick]: Easy Audio Cutter.lnk . (.Koyote Soft - Pas de description.)  -- C:\Program Files (x86)\Free mp3 Wma Converter\Easy Audio Cutter\AudioCutter.exe
O4 - GS\QuickLaunch [mick]: Free CD Ripper.lnk . (.Koyote Soft - FreeCDRipper.)  -- C:\Program Files (x86)\Free mp3 Wma Converter\Free CD Ripper\FreeCDRipper.exe
O4 - GS\QuickLaunch [mick]: Free Mp3 Wma Converter.lnk . (.Koyote Soft - Free Audio Converter.)  -- C:\Program Files (x86)\Free mp3 Wma Converter\FreeConverter\FreeConverter.exe
O4 - GS\QuickLaunch [mick]: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [mick]: BitTorrent.lnk . (.BitTorrent Inc. - BitTorrent.)  -- C:\Users\mick\AppData\Roaming\BitTorrent\BitTorrent.exe =P2P.BitTorrent
O4 - GS\Desktop [mick]: Company of Heroes - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop [mick]: Corbeille - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop [mick]: Farming Simulator 2013 .lnk . (.GIANTS Software GmbH - GIANTS Launcher.)  -- C:\Program Files (x86)\Farming Simulator 2013\FarmingSimulator2013.exe
O4 - GS\Desktop [mick]: Jouer à Anno 1701.lnk . (.Related Designs Software GmbH - Anno 1701.)  -- C:\Program Files (x86)\Anno 1701\Anno1701.exe
O4 - GS\Desktop [mick]: Le Maître de l' Olympe  Zeus.lnk . (.Sierra - Zeus and Poseidon.)  -- C:\Sierra\Le Maître de l' Olympe  Zeus\Zeus.exe
O4 - GS\Desktop [mick]: Men of War Vietnam.lnk . (."Best Way" Corp - Main executable.)  -- C:\Program Files (x86)\1C Company\Men of War Vietnam\vietnam.exe
O4 - GS\Desktop [mick]: Men of War. Assault Squad.lnk . (."Best Way" Corp - Main executable.)  -- C:\Program Files (x86)\1C Company\Men of War. Assault Squad\mow_assault_squad.exe
O4 - GS\Desktop [mick]: Men of War. Condemned Heroes.lnk . (."Best Way" Corp - Main executable.)  -- C:\Program Files (x86)\1C Company\Men of War. Condemned Heroes\Condemned Heroes.exe
O4 - GS\Desktop [mick]: Start Unlocker.lnk . (...)  -- C:\Program Files\Unlocker\Unlocker.exe
~ Global Startup: 88 Legitimates Filtered in 00mn 01s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: Wireless Connection Manager.lnk . (.D-Link Corp. - D-Link WLAN Application.)  -- C:\Program Files (x86)\D-Link\DWA-131 revA\wirelesscm.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe  =.DT Soft Ltd
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe  =.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe  =.Oracle Corporation
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe  =.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe  =.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe  =.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe  =.Microsoft Corporation
O4 - HKUS\S-1-5-21-1228908707-3737677011-4175844305-1000\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe  =.DT Soft Ltd
~ Application:  Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{005C5984-032E-4C80-9EC8-771D59241933}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{4E3D36FF-70D6-41DF-837E-8DE04240E60D}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{005C5984-032E-4C80-9EC8-771D59241933}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{4E3D36FF-70D6-41DF-837E-8DE04240E60D}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{005C5984-032E-4C80-9EC8-771D59241933}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{4E3D36FF-70D6-41DF-837E-8DE04240E60D}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain:  Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll  =.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll  =.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [0] (...) -- c:\program files\internet explorer\iexplore.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [4601] (...) -- C:\Users\mick\AppData\Local\Temp\launchie.vbs \\B (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Antivirus Scheduled Scan] (...) -- C:\Program Files (x86)\AD-AWA~1\AdAwareLauncher.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [Go for FilesUpdate] (...) -- C:\Program Files (x86)\GoforFiles\GFFUpdater.exe (.not file.)   [0]  =P2P.GoforFiles
[MD5.00000000000000000000000000000000] [APT] [{0053950B-DAF5-45A8-87D5-769F8BEDC60E}] (...) -- c:\program files\internet explorer\iexplore.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{18A59647-4F30-4C8C-8C66-CDC4DD982965}] (...) -- I:\autorun.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{2D9D0B65-7F93-499E-A08D-17F439FFEB32}] (...) -- c:\program files\internet explorer\iexplore.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{3ABC6005-E4D7-495A-9384-A6F4C546E095}] (...) -- I:\autorun.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{3CF04F6D-F7B9-4FFC-AE15-94ECAAF00889}] (...) -- C:\Users\mick\Downloads\Empire Earth\ee_1000-1040_en.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{4E4945FE-E275-44D0-A362-B6B130A80CDB}] (...) -- I:\autorun.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{632D5496-CFD7-49E1-A593-32469044BB63}] (...) -- I:\autorun.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{7E49154E-4CA7-4110-BADB-C370B7C46DC2}] (...) -- I:\autorun.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{863856C7-B6B9-4E38-B7AC-40BBFEAD0C80}] (...) -- C:\Users\mick\Bubble Bobble WinXP-TLN\install.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{89813C20-47B9-46B7-A8E8-546589432DA8}] (...) -- C:\Users\mick\Downloads\jeu pc\Cruise\demo32.exe (.not file.)   [0]
[MD5.29944F858349A52E250E53870020A319] [APT] [{89E449E9-092D-4C5A-8225-DE86DADB4513}] (...) -- C:\Program Files (x86)\GOG.com\Theme Hospital\Graphic mode setup.exe   [980992]
[MD5.00000000000000000000000000000000] [APT] [{9F6229F9-F8B6-4DB8-ACC8-1176DC5DD066}] (...) -- C:\Users\mick\Downloads\CC Generals and Zero Hour\setup.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{A2336310-964C-4604-BC5D-4751BB4132CE}] (...) -- C:\Program Files (x86)\Paradox Interactive\Ship Simulator Extremes\Steam.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{A48FFB45-3377-4EEB-853A-73F31D96A426}] (...) -- I:\autorun.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{BB5A9940-4FB0-41B6-A2B5-6D1645471712}] (...) -- I:\autorun.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{BF87BE80-06DE-4B21-B8B5-1C300AE7DDD3}] (...) -- C:\Users\mick\Downloads\jeu pc\Cruise\Launch.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{DDD783C1-E918-4E39-8067-FC515DB0D64D}] (...) -- I:\autorun.exe (.not file.)   [0]
[MD5.327390D564D124C248DE624750D52D01] [APT] [Protected Search] (.Simplygen.) -- C:\Program Files (x86)\HomeTab\ProtectedSearch.exe   [88648]  =Adware.PredictAd
~ Scheduled Task: 42 Legitimates Filtered in 00mn 04s



---\\ Logiciels installés (O42)
O42 - Logiciel: HomeTab 4.9 - (.HomeTab.) [HKLM][64Bits] -- {56ef6786-ed52-4384-8de3-c73aeff7a182}_is1 =PUP.CertifiedToolbar
O42 - Logiciel: Le Maître de l'Olympe - Zeus. - (...) [HKLM][64Bits] -- Le Maître de l'Olympe - Zeus.
O42 - Logiciel: Le Maître de l'Olympe et le Maître de l'Atlandide - (...) [HKLM][64Bits] -- {8043219B-D2C0-4561-90AB-3F1113ED5A87}
~ Logic: 126 Legitimates Filtered in 00mn 00s



---\\ HKCU HKLM Software Keys
[HKCU\Software\CnC Generals and Zero Hour]
[HKCU\Software\DealPlyLive] =PUP.DealPly
[HKCU\Software\DealPly] =PUP.DealPly
[HKCU\Software\HomeTab] =PUP.CertifiedToolbar
[HKCU\Software\Iminent] =Adware.IMBooster
[HKCU\Software\Russobit-M]
[HKCU\Software\Softonic] =Toolbar.Conduit
[HKCU\Software\Stefan Pohl]
[HKCU\Software\Turbo Tape Games]
[HKCU\Software\UIG]
[HKLM\Software\Wow6432Node\DealPlyLive] =PUP.DealPly
[HKLM\Software\Wow6432Node\DealPly] =PUP.DealPly
[HKLM\Software\Wow6432Node\Iminent] =Adware.IMBooster
[HKLM\Software\Wow6432Node\IncrediMail]
[HKLM\Software\Wow6432Node\ODDSociety]
[HKLM\Software\Wow6432Node\SweetIM] =PUP.SweetIM
[HKLM\Software\Wow6432Node\Vittalia] =PUP.Vittalia
~ Key Software: 296 Legitimates Filtered in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 07/11/2013 - 07:55:00 - [0,918] ----D C:\Program Files (x86)\DealPly =PUP.DealPly
O43 - CFD: 02/11/2013 - 11:15:16 - [0] ----D C:\Program Files (x86)\DealPlyLive =PUP.DealPly
O43 - CFD: 15/02/2013 - 08:07:35 - [0] ----D C:\Program Files (x86)\GUMDA27.tmp
O43 - CFD: 02/11/2013 - 14:13:29 - [6,760] ----D C:\Program Files (x86)\HomeTab =PUP.CertifiedToolbar
O43 - CFD: 07/04/2013 - 21:28:35 - [0,195] ----D C:\Program Files (x86)\Universal Interactive
O43 - CFD: 02/11/2013 - 11:15:16 - [0,384] ----D C:\ProgramData\DealPlyLive =PUP.DealPly
O43 - CFD: 04/11/2013 - 11:17:51 - [0,021] ----D C:\Users\mick\AppData\Roaming\Civitas2
O43 - CFD: 02/11/2013 - 11:15:11 - [0] ----D C:\Users\mick\AppData\Roaming\Dealply =PUP.DealPly
O43 - CFD: 02/11/2013 - 14:13:27 - [1,042] ----D C:\Users\mick\AppData\Roaming\HomeTab =PUP.CertifiedToolbar
O43 - CFD: 17/01/2013 - 20:54:08 - [0] ----D C:\Users\mick\AppData\Roaming\Pole Position 2012
O43 - CFD: 17/01/2013 - 20:54:08 - [0,212] ----D C:\Users\mick\AppData\Roaming\Reign of Augustus
O43 - CFD: 02/11/2013 - 11:15:16 - [0] ----D C:\Users\mick\AppData\Local\DealPlyLive =PUP.DealPly
O43 - CFD: 17/05/2013 - 22:00:42 - [9,549] ----D C:\Users\mick\AppData\Local\S2
O43 - CFD: 17/01/2013 - 20:53:36 - [0,257] ----D C:\Users\mick\AppData\Local\storage
O43 - CFD: 17/01/2013 - 20:53:36 - [0,005] ----D C:\Users\mick\AppData\Local\Street Cleaning
O43 - CFD: 02/12/2012 - 13:26:53 - [0] ----D C:\Users\mick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bubble Struggle 2
O43 - CFD: 02/11/2013 - 11:15:01 - [0,001] ----D C:\Users\mick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly =PUP.DealPly
~ 2 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 263 Legitimates Filtered in 00mn 50s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.1B2CE85F36F5BB6DEC7AE685978DB825] - 02/11/2013 - 11:13:26 ---A- . (.Pas de propriétaire - Toolbar_Exe_Launcher_Form.) -- C:\Windows\Launcher.exe   [32328]
O44 - LFC:[MD5.01E4F34B236FD7CF915B16467A9BA2AE] - 04/11/2013 - 12:01:47 ---A- . (...) -- C:\Windows\SIERRA.INI   [469]
O44 - LFC:[MD5.685AD827841E46AE66E06E38A02359CD] - 04/11/2013 - 12:07:04 ---A- . (...) -- C:\Windows\wininit.ini   [150]
O44 - LFC:[MD5.79109E7B2C252EDC6A5BE6E34221E5BC] - 04/11/2013 - 12:44:59 ---A- . (...) -- C:\Windows\DirectX.log   [210786]
O44 - LFC:[MD5.8899434D6E9CA0DC6021C56CB0D90EB8] - 07/11/2013 - 12:28:37 ---A- . (...) -- C:\Windows\IE9_main.log   [885]
O44 - LFC:[MD5.DC9255E83EA715B1A94D28FAF30A1F19] - 07/11/2013 - 13:08:00 ---A- . (...) -- C:\Windows\IE10_main.log   [2334]
O44 - LFC:[MD5.3D4748F088328AAAE53F0E7E36D8B369] - 27/10/2013 - 09:48:35 ---A- . (...) -- C:\Windows\setup.ico   [2998]
~ Files: 24 Legitimates Filtered in 00mn 04s



---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{e426c72a-195b-11e2-a0a8-001fc6fa3a1d}\AutoRun\command. (.Mad Doc Software - EE3AutoRun.exe.) -- I:\EE3AutoRun.exe
O51 - MPSK:{e426c737-195b-11e2-a0a8-001fc6fa3a1d}\AutoRun\command. (.Pas de propriétaire - Imperium Romanum - Gold Edition.) -- J:\setup.exe
~ Keys:  Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.5573AA70993A2BB81525B1C704B88763] - 09/05/2013 - 09:59:07 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys   [65336]
O58 - SDL:[MD5.19166026A93206F9C6A8CD3A1F010AE4] - 02/04/2009 - 13:30:14 ---A- . (...) -- C:\Windows\SysWOW64\drivers\ASUSHWIO.SYS   [10296]
~ Drivers: 16 Legitimates Filtered in 00mn 00s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: [HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Not Key.)
~ Keys:  Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCR] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (Web Search) - http://search.certified-toolbar.com =PUP.CertifiedToolbar
~ Keys:  Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.B3D26A6E8DDE3EF576938F904B84CF83] [SPRF][03/11/2013] (.Pas de propriétaire - SoloApp Setup.) -- C:\Users\mick\AppData\Local\Temp\apptorun.exe   [5848088]
[MD5.4D7B2D363D8377644F546EBB604E0BFD] [SPRF][07/11/2013] (...) -- C:\Users\mick\AppData\Local\Temp\instloffer.exe   [390933]
[MD5.132CE239666612EBEC211F4EF1D28839] [SPRF][02/11/2013] (.HomeTab - HomeTab Setup.) -- C:\Users\mick\AppData\Local\Temp\tbuF797.exe   [3659928]  =PUP.CertifiedToolbar
[MD5.010CD7E0A3FFE1DD3D643CFB35D4B3A0] [SPRF][22/10/2010] (.Pas de propriétaire - MafiaInstallShield MFC Application.) -- C:\Users\mick\AppData\Roaming\MafiaSetup.exe   [233472]
[MD5.605A171C61A0607BDCF6BE80ED07CF95] [SPRF][30/03/2013] (.AnjoCaido - Free launcher for Minecraft Alpha.) -- C:\Users\mick\Desktop\Minecraft (1).exe   [695296]
[MD5.F3AF9E6BE544B4A28B2ABFF08292CDE6] [SPRF][30/03/2013] (...) -- C:\Users\mick\Desktop\minecraft.exe   [278561]
~ Files: 23 Legitimates Filtered in 00mn 07s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "UDP Query User{ADBE8466-5353-483A-913B-B926ABBB0AAA}C:\program files (x86)\internet explorer\iexplore.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\internet explorer\iexplore.exe (.not file.)
O87 - FAEL: "TCP Query User{4D57E6AC-EC2F-46B7-B534-A5A9120DC7A4}C:\program files (x86)\internet explorer\iexplore.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\internet explorer\iexplore.exe (.not file.)
O87 - FAEL: "{7CA126D4-9B00-4BBB-B8BF-90C16A5BD3B3}" | In - Private - P6 - TRUE | .(."Best Way" Corp - Main executable.) -- C:\Program Files (x86)\1C Company\Men of War. Condemned Heroes\Condemned Heroes.exe
O87 - FAEL: "{FF30B5F7-3CAE-44DF-A506-1C8C2EEBBE43}" | In - Private - P17 - TRUE | .(."Best Way" Corp - Main executable.) -- C:\Program Files (x86)\1C Company\Men of War. Condemned Heroes\Condemned Heroes.exe
O87 - FAEL: "{E2BB8BCA-0C74-439B-B04C-AA382BD03EAF}" | In - None - P17 - TRUE | .(.Simplygen - ProtectedSearch.) -- C:\Program Files (x86)\HomeTab\ProtectedSearch.exe =Adware.PredictAd
O87 - FAEL: "{50B187A8-7777-432A-86FE-E8697F4F5A30}" | Out - None - P17 - TRUE | .(.Simplygen - ProtectedSearch.) -- C:\Program Files (x86)\HomeTab\ProtectedSearch.exe =Adware.PredictAd
O87 - FAEL: "{031E2500-C6EE-41A5-B11B-FB10784A23ED}" | In - None - P17 - TRUE | .(.Simply Tech Ltd. - TBUpdater Module.) -- C:\Program Files (x86)\HomeTab\TBUpdater.dll =PUP.CertifiedToolbar
O87 - FAEL: "{E31EFA31-B294-4BE2-B6BC-DA038BDD4CDB}" | Out - None - P17 - TRUE | .(.Simply Tech Ltd. - TBUpdater Module.) -- C:\Program Files (x86)\HomeTab\TBUpdater.dll =PUP.CertifiedToolbar
O87 - FAEL: "{E08B06A6-BA41-49FF-B6C6-FBA392795EB4}" | In - None - P17 - TRUE | .(.Pas de propriétaire - WidditSoloApp.) -- C:\SoloApp\SoloApp.exe
O87 - FAEL: "{F58161B3-3BBF-4CAC-9105-96FBD9AAD755}" | Out - None - P17 - TRUE | .(.Pas de propriétaire - WidditSoloApp.) -- C:\SoloApp\SoloApp.exe
O87 - FAEL: "{47EAD24D-EA16-42F8-A6AD-04D62B7C4757}" | In - None - P17 - TRUE | .(.Selenium Committers - Selenium WebDriver.) -- C:\SoloApp\WebDriver.dll
O87 - FAEL: "{FF8290E0-D7F0-4BA6-9C3F-26073C56DBE6}" | Out - None - P17 - TRUE | .(.Selenium Committers - Selenium WebDriver.) -- C:\SoloApp\WebDriver.dll
O87 - FAEL: "{6797839B-055E-4797-8E6E-71F83FF6EA30}" | In - None - P17 - TRUE | .(...) -- C:\SoloApp\chromedriver.exe
O87 - FAEL: "{BA73E41E-5AC6-4B20-B5F9-9913AFFE2907}" | Out - None - P17 - TRUE | .(...) -- C:\SoloApp\chromedriver.exe
O87 - FAEL: "{261AFF21-375D-496B-94E6-49A42D6C62DD}" | In - None - P17 - TRUE | .(.Software Freedom Conservancy - Command line server for the IE driver.) -- C:\SoloApp\IEDriverServer.exe
O87 - FAEL: "{DEB1EEB9-3DAF-4260-8518-8E30D8F0EF54}" | Out - None - P17 - TRUE | .(.Software Freedom Conservancy - Command line server for the IE driver.) -- C:\SoloApp\IEDriverServer.exe
O87 - FAEL: "{3A419804-7D0D-4C00-8126-CB6874A75E96}" | In - None - P17 - TRUE | .(.Simplygen - ProtectedSearch.) -- C:\Program Files (x86)\HomeTab\ProtectedSearch.exe =Adware.PredictAd
O87 - FAEL: "{DBAB8E17-CBC5-4626-A806-EC7DA684D8E9}" | Out - None - P17 - TRUE | .(.Simplygen - ProtectedSearch.) -- C:\Program Files (x86)\HomeTab\ProtectedSearch.exe =Adware.PredictAd
O87 - FAEL: "{4A38BF8B-6EE9-40E4-AFC0-ED8224510F58}" | In - None - P17 - TRUE | .(.Simply Tech Ltd. - TBUpdater Module.) -- C:\Program Files (x86)\HomeTab\TBUpdater.dll =PUP.CertifiedToolbar
O87 - FAEL: "{16A8CC51-A41C-4846-8990-F82940C5A441}" | Out - None - P17 - TRUE | .(.Simply Tech Ltd. - TBUpdater Module.) -- C:\Program Files (x86)\HomeTab\TBUpdater.dll =PUP.CertifiedToolbar
O87 - FAEL: "{8D38FD04-8551-49DF-ADB3-BBBC7B66EE7B}" | In - None - P17 - TRUE | .(.Pas de propriétaire - WidditSoloApp.) -- C:\SoloApp\SoloApp.exe
O87 - FAEL: "{1A8CE60C-63C3-454D-87C6-443C5A25CB26}" | Out - None - P17 - TRUE | .(.Pas de propriétaire - WidditSoloApp.) -- C:\SoloApp\SoloApp.exe
O87 - FAEL: "{335C5CCC-95E9-4D9E-92EE-592534252EBF}" | In - None - P17 - TRUE | .(.Selenium Committers - Selenium WebDriver.) -- C:\SoloApp\WebDriver.dll
O87 - FAEL: "{890570D8-35B7-4E0F-B01E-B625BA5AAFD6}" | Out - None - P17 - TRUE | .(.Selenium Committers - Selenium WebDriver.) -- C:\SoloApp\WebDriver.dll
O87 - FAEL: "{C2AA0A9B-D8CB-4D3E-90A2-FB47E76C557B}" | In - None - P17 - TRUE | .(...) -- C:\SoloApp\chromedriver.exe
O87 - FAEL: "{8F4F0034-2209-4704-972E-38871ACC8E2F}" | Out - None - P17 - TRUE | .(...) -- C:\SoloApp\chromedriver.exe
O87 - FAEL: "{0A0C9ECB-871E-4857-BC30-D094C836FF6C}" | In - None - P17 - TRUE | .(.Software Freedom Conservancy - Command line server for the IE driver.) -- C:\SoloApp\IEDriverServer.exe
O87 - FAEL: "{984D3981-5B27-4384-BA6B-2AC05DE45292}" | Out - None - P17 - TRUE | .(.Software Freedom Conservancy - Command line server for the IE driver.) -- C:\SoloApp\IEDriverServer.exe
~ Firewall: 264 Legitimates Filtered in 00mn 01s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "49B108ABD82CEE648B601E0E123A5D91" . (.Company of Heroes.) -- C:\Windows\Installer\{BA801B94-C28D-46EE-B806-E1E021A3D519}\ARPPRODUCTICON.exe
~ Update Products: 54 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.B7FE437267EDED741A0E8DF5DDF56A4F] [WIS][23/10/2013] (.Skype Technologies S.A. - Skype.) -- C:\Windows\Installer\112ac3f.msi   [22413312]
[MD5.EDD21B7C504C7E3F36DE766B31BD3178] [WIS][15/01/2013] (.SweetIM Technologies Ltd. - SweetPacks Toolbar for Internet Explorer 4.0.) -- C:\Windows\Installer\2a3a865.msi   [3304960]  =PUP.SweetIM
[MD5.3CD19859CD377AD00B30E4BEE49D374E] [WIS][15/01/2013] (.SweetIM Technologies Ltd. - Sweetpacks Communicator 1.1.) -- C:\Windows\Installer\2a3a86a.msi   [2997248]  =PUP.SweetIM
[MD5.B67811645C5A3B8E4E4B1A1DB1EE271C] [WIS][30/03/2013] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\df106.msi   [45056]  =Adware.Boxore
~ WIS: 64 Legitimates Filtered in 00mn 09s



---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 11/05/2013 65640 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 14/10/2013 257416 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 09/05/2013 46808 |  (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 12/12/2011 135824 |  (EpsonScanSvc) . (.Seiko Epson Corporation.) - C:\Windows\system32\EscSvc64.exe
SR - | Auto 21/02/2012 151648 |  (EPSON_PM_RPCV4_04) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.exe
SR - | Auto 25/04/2011 136576 |  (EPSON_PM_RPCV4_05) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.exe
SR - | Auto 22/10/2012 116648 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 22/10/2012 116648 |  (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 04/04/2005 69632 |  (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SS - | Demand 28/10/2012 427976 |  (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\x64\maconfservice.exe
SR - | Auto 31/01/2013 878368 |  (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 02/10/2012 1258856 |  (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SS - | Auto 05/09/2013 171680 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 26/06/2008 167936 |  (WlanWpsSvc) . (...) - C:\Program Files (x86)\D-Link\DWA-131 revA\WlanWpsSvc.exe
SR - | Auto 10/07/1658 0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe  =.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services:  Scanned in 00mn 10s



---\\ Scan Additionnel (O88)
Database Version : 12991 - (06/11/2013)
Clés trouvées (Keys found) : 179
Valeurs trouvées (Values found) : 2
Dossiers trouvés  (Folders found) : 12
Fichiers trouvés  (Files found) : 11

[HKLM\Software\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd]   =Adware.SearchYa^
[HKLM\Software\Google\Chrome\Extensions\iijngnlhcebnigailgiknadgjehhlppg]   =PUP.CertifiedToolbar^
[HKLM\Software\Google\Chrome\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf]   =PUP.DealPly^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D848594-CA01-4891-B4B7-9DBB05B1A053}]   =PUP.CertifiedToolbar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{56ef6786-ed52-4384-8de3-c73aeff7a182}_is1]   =PUP.CertifiedToolbar^
[HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}]   =Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}]   =Adware.IMBooster
[HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}]   =Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}]   =Adware.IMBooster
[HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}]   =Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}]   =Adware.IMBooster
[HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}]   =Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}]   =Adware.IMBooster
[HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}]   =PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}]   =PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}]   =PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}]   =PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}]   =PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}]   =PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}]   =PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}]   =PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}]   =PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}]   =PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}]   =PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}]   =PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}]   =Adware.IMBooster
[HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}]   =PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}]   =PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}]   =PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}]   =PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}]   =PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}]   =PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}]   =PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}]   =PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}]   =PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}]   =PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}]   =PUP.RewardsArcade
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}]   =Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}]   =Toolbar.Conduit
[HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}]   =PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}]   =PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}]   =PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}]   =PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}]   =PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}]   =PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}]   =PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}]   =PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}]   =PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}]   =PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}]   =PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}]   =Adware.IMBooster
[HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}]   =PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}]   =PUP.RewardsArcade
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7]   =PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D]   =PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267]   =PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058]   =PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401]   =PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6]   =PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED]   =PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81]   =PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635]   =PUP.SweetIM
[HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}]   =PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}]   =PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}]   =PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}]   =PUP.RewardsArcade
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E]   =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6]   =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852]   =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0]   =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA]   =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96]   =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59]   =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC]   =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA]   =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E]   =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF]   =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E]   =Toolbar.Ask
[HKCU\Software\Iminent]   =Adware.IMBooster
[HKLM\Software\Wow6432Node\Iminent]   =Adware.IMBooster
[HKCU\Software\AppDataLow\Software\PriceGong]   =Adware.PriceGong
[HKCU\Software\Softonic]   =Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B]   =PUP.SweetIM
[HKLM\Software\Wow6432Node\SweetIM]   =PUP.SweetIM
[HKCU\Software\DealPly]   =PUP.DealPly
[HKLM\Software\Wow6432Node\DealPly]   =PUP.DealPly
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32]   =Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS]   =Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP]   =Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8]   =Adware.Boxore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3]   =PUP.SweetIM
[HKLM\Software\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}]   =Adware.PredictAd
[HKLM\Software\Wow6432Node\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}]   =Adware.PredictAd
[HKLM\Software\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}]   =Adware.PredictAd
[HKLM\Software\Wow6432Node\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}]   =Adware.PredictAd
[HKLM\Software\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}]   =Adware.PredictAd
[HKLM\Software\Wow6432Node\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}]   =Adware.PredictAd
[HKLM\Software\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}]   =Adware.PredictAd
[HKLM\Software\Wow6432Node\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}]   =Adware.PredictAd
[HKLM\Software\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}]   =Adware.PredictAd
[HKLM\Software\Wow6432Node\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}]   =Adware.PredictAd
[HKLM\Software\Classes\wtb.Band]   =Adware.PredictAd
[HKLM\Software\Classes\wtb.Band.1]   =Adware.PredictAd
[HKLM\Software\Classes\wtb.NotificationSource]   =Adware.PredictAd
[HKLM\Software\Classes\wtb.NotificationSource.1]   =Adware.PredictAd
[HKLM\Software\Classes\wtb.SourceSinkImpl]   =Adware.PredictAd
[HKLM\Software\Classes\wtb.SourceSinkImpl.1]   =Adware.PredictAd
[HKLM\Software\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}]   =Adware.PredictAd
[HKLM\Software\Wow6432Node\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}]   =Adware.PredictAd
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375]   =PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5]   =PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D]   =PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E]   =PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0]   =PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA]   =PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420]   =PUP.SweetIM
[HKLM\Software\Classes\wtb.ToolbarInfo]   =Adware.PredictAd
[HKLM\Software\Classes\wtb.ToolbarInfo.1]   =Adware.PredictAd
[HKCU\Software\HomeTab]   =PUP.CertifiedToolbar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC]   =Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A]   =PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E]   =PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB]   =PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C]   =PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5]   =PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B]   =PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4]   =PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0]   =PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2]   =PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C]   =PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C]   =PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789]   =PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D]   =PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399]   =PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770]   =PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156]   =PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6]   =PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98]   =PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836]   =PUP.SweetIM^
C:\Users\mick\AppData\Local\Google\Chrome\User Data\Default\Extensions\bakijjialdiiboeaknfpmflphhmljfkd   =Adware.SearchYa^
C:\Users\mick\AppData\Local\Google\Chrome\User Data\Default\Extensions\iijngnlhcebnigailgiknadgjehhlppg   =PUP.CertifiedToolbar^
C:\Users\mick\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf   =PUP.DealPly^
C:\Program Files (x86)\DealPly   =PUP.DealPly^
C:\Program Files (x86)\DealPlyLive   =PUP.DealPly^
C:\Program Files (x86)\HomeTab   =PUP.CertifiedToolbar^
C:\ProgramData\DealPlyLive   =PUP.DealPly^
C:\Users\mick\AppData\Roaming\Dealply   =PUP.DealPly^
C:\Users\mick\AppData\Roaming\HomeTab   =PUP.CertifiedToolbar^
C:\Users\mick\AppData\Local\DealPlyLive   =PUP.DealPly^
C:\Users\mick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly   =PUP.DealPly^
C:\Users\mick\AppData\LocalLow\HomeTab   =PUP.CertifiedToolbar
C:\Program Files (x86)\HomeTab\ProtectedSearch.exe   =Adware.PredictAd^
[HKCU\Software\DealPlyLive]   =PUP.DealPly^
[HKLM\Software\Wow6432Node\DealPlyLive]   =PUP.DealPly^
[HKLM\Software\Wow6432Node\Vittalia]   =PUP.Vittalia^
C:\Users\mick\AppData\Local\Temp\tbuF797.exe   =PUP.CertifiedToolbar^
C:\Windows\Installer\2a3a865.msi   =PUP.SweetIM^
C:\Windows\Installer\2a3a86a.msi   =PUP.SweetIM^
C:\Windows\Installer\df106.msi   =Adware.Boxore^
C:\Users\mick\AppData\Local\Temp\instloffer.exe   =PUP.OfferBox
C:\Users\mick\AppData\Local\Temp\GoogleToolbarInstaller1.log  =Toolbar.Babylon
C:\Users\mick\AppData\Local\Temp\GoogleToolbarInstaller2.log  =Toolbar.Babylon
~ Additionnel Scan: 301849 Items scanned in 00mn 19s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blo ... -predictad   =Adware.PredictAd
~ http://nicolascoolman.webs.com/apps/blo ... iedtoolbar   =PUP.CertifiedToolbar
~ http://nicolascoolman.webs.com/apps/blo ... e-searchya   =Adware.SearchYa
~ http://nicolascoolman.webs.com/apps/blo ... up-dealply   =PUP.DealPly
~ http://nicolascoolman.webs.com/apps/blo ... -imbooster  =Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blo ... ar-conduit   =Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blo ... up-sweetim   =PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blo ... p-vittalia   =PUP.Vittalia
~ http://nicolascoolman.webs.com/apps/blo ... are-boxore  =Adware.Boxore
~ http://nicolascoolman.webs.com/apps/blo ... ardsarcade    =PUP.RewardsArcade
~ http://nicolascoolman.webs.com/apps/blo ... oolbar-ask   =Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blo ... -pricegong   =Adware.PriceGong
~ http://nicolascoolman.webs.com/apps/blo ... are-bandoo  =Adware.Bandoo
~ http://nicolascoolman.webs.com/apps/blo ... lbar-tarma   =PUP.Tarma
~ http://nicolascoolman.webs.com/apps/blo ... p-offerbox   =PUP.OfferBox
~ http://nicolascoolman.webs.com/apps/blo ... ar-babylon  =Toolbar.Babylon
~ MSI: 16 link(s) detected in 00mn 19s



~ 1289 Legitimates filtered by white list
End of the scan (744 lines in 02mn 34s)(0)

[Dori@n]

Salut,

Ne poste pas un rapport zhpdiag comme cela, il ne passe pas en entier sur le forum, faut l'héberger sur cjoint par exemple .


Télécharges cet utilitaire sur ton bureau-- AdwCleaner (d'Xplode)
Clic droit dessus et lances-le "en tant qu'administrateur"
Cliques sur "Scanner".

Cliques ensuite sur Nettoyer

Postes le rapport dans ton prochain message.

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S0].txt


==========================

Télécharges Junkware Removal Tool (le téléchargement va débuter automatiquement)
Enregistres le sur le bureau.
Fermes toutes les applications en cours.
Lances le (Sous Windows Vista / 7 ou 8, faites clic droit = Exécuter en tant qu'administrateur)
Une fois le logiciel ouvert, appuyes sur la touche Entrée.
Patientes le temps que l'outil travaille : le bureau va disparaître quelques instants, c'est tout à fait normal.
À la fin de l'analyse, un rapport nommé JRT.txt va s'ouvrir. Héberges-le sur http://www.cjoint.com/ et postes le lien obtenu dans ta prochaine réponse.


===========================

• Télécharge SFTGC.exe : http://www.archive-host.com/link/646ee8 ... 933f83.exe
• Enregistre le fichier sur le bureau.
• Ouvre SFTGC.exe et patiente durant l'initialisation du logiciel.
• Pour lancer le nettoyage, il suffit de cliquer sur Go.
• À la fin du nettoyage, un rapport (présent sur le bureau) va s'ouvrir. Pour le poster, héberge-le comme ceci.

[miniroi]

premier rapport http://cjoint.com/?3Khr46xal6O
deuxieme http://cjoint.com/?3KhsoCZFGbu
et le dernier http://cjoint.com/?3KhsK2QUcHS

[Dori@n]

Ok, Fais attention aux sites sur lesquels tu télécharges, évites Softonic, 01net.

Quand tu veux me répondre, fais le avec le bouton bleu Répondre, pas la peine d'éditer ta première réponse, sinon je ne vois pas si tu me réponds ensuite



On va faire un diagnostic de ton PC pour plus de renseignements ==

• Télécharge ZHPDiag sur ton bureau : https://www.sosvirus.net/telecharger/zhpdiag/
• Laisse-toi guider lors de l'installation.
• Ouvre ZHPDiag (icône parchemin) puis clique sur Configurer.
• Dans les icônes qui apparaissent en bas, clique sur la loupe la plus à droite (Diagnostic avec légitimes). Dans la fenêtre qui apparaît demandant un rapport avec full options, clique sur Oui, puis patiente le temps du scan.
• Héberge le rapport ZHPDiag.txt présent sur ton bureau sur le site ci dessous, puis copie/colle le lien fourni dans ta prochaine réponse :
  http://www.cjoint.com
• Tutoriel ZHPdiag, si tu n'as pas tout compris : http://www.forum-entraide-informatique. ... g-tutoriel
• Tutoriel cjoint, si besoin : http://www.forum-entraide-informatique. ... riel#16374

[miniroi]

voila
http://cjoint.com/?3KhthQAFDyK

[Dori@n]

Ok, j'analyse ton rapport et reviens vers toi ensuite

[miniroi]

ok pas de soucis encore merci de m aider

[Dori@n]

• Copie les lignes qui sont à l'intérieur de ce lien (Ctrl + A puis Ctrl + C) :
  
  http://cjoint.com/13nv/CKhubokMmU6_zhpfix.txt
• Ouvre ZHPfix, icone seringue (Vista/7/8 : "Exécuter en tant qu'administrateur").
• Colle les lignes helpers si elles ne sont déjà présentes. Pour ce, clique sur Importer.
• Clique sur Go.
• Clique sur Oui pour confirmer le nettoyage des données et pour celui de la corbeille.
• Copie le rapport, et colle-le dans la prochaine réponse sur le forum.

P.S. Si le bureau disparaît, fais Ctrl + Alt + Suppr afin d'ouvrir le gestionnaire des tâches puis dans Applications, clique sur Nouvelle tâche puis tape explorer.exe. Le bureau devrait normalement réapparaître.

/!\ Attention, ta corbeille va être vidée. Vérifie qu'il n'y ait aucun fichier supprimé par mégarde à l'intérieur. /!\

[miniroi]

voila le rapport avec un peu de retard desolé
http://cjoint.com/?3Khw2umHHUZ

[Dori@n]

Ok, refais un moi un rapport zhpdiag tout neuf stp

[2011N2]

Où en-est votre problème ?

Deux solutions,

• Votre problème est résolu, dans ce cas pensez à nous en faire part.
• Votre problème est toujours d'actualité, merci de nous renseigner sur ce qui ne va pas, et donner des nouvelles régulièrement.
  
  
  À bientôt sur FEI !

[Dori@n]

Bonjour,

Nous n'avons plus de nouvelle de l'auteur de ce sujet depuis plus de 10 jours. Nous considérons donc ce problème comme résolu ou abandonné par son auteur. La prochaine fois, merci de nous tenir au courant de l'évolution de votre problème, ou à faire un UP régulièrement !

Ce sujet est verrouillé, si vous souhaitez le reprendre, merci de contacter par message privé un membre de l'équipe de modération du forum.

À bientôt sur FEI !