FORUM D’ENTRAIDE INFORMATIQUE (FEI)
Site d’assistance et de sécurité informatique

Aide à la désinfection (pages publicitaires, moteur de recherche remplacé, redirections, virus...).
Règles du forum : Entraide concernant la désinfection et la sécurité informatique : en cas de publicités intempestives, pop-up, redirections, logiciels indésirables, ralentissements suspects, virus, etc.
Une désinfection complète vous sera assurée : désinfection, sécurisation, puis prévention.
Seuls les helpers (personnes qualifiées et formées à la désinfection) ainsi que le staff sont autorisés à apporter leur aide dans cette section.
Merci également de prendre connaissance de la charte générale du forum.
  • Avatar du membre
  • Avatar du membre
Avatar du membre
par Marie-Hélène B
#90039
Bonjour j'ai depuis un moment un message me disant que tcbhn a rencontré un problème et doit fermé, mon système d'exploitation est XP mon anti virus est microsoft security essentials, avant j'avais Avast mais avec XP il devient incompatible sembel-t'il. J'ai installé ZHPdiag et voici le rapport:

Spoiler: ~ Rapport de ZHPDiag v2014.1.2.5 - Nicolas Coolman  (02/01/2014)
~ Lancé par Propriétaire (06/01/2014 15:32:20)
~ Adresse du Site Web  http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Not Found


---\\ Navigateurs Internet
MSIE: Internet Explorer v8.0.6001.18702
MFIE: Mozilla Firefox 26.0 (Defaut)
GCIE: Google Chrome v31.0.1650.63

---\\ Informations sur les produits Windows
~ Langage: Français
Microsoft Windows XP, 32-bit Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO

---\\ Logiciels de protection du système
avast! Ad Blocker v1.0.0.0
Microsoft Security Client v4.4.0304.0

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader XI
Java 7 Update 45

---\\ Informations sur le système
~ Processor: x86 Family 15 Model 1 Stepping 2, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1022 MB (17% free)
System Restore: Activé (Enable)
System drive C: has 16 GB (43%) free of 37 GB

---\\ Mode de connexion au système
~ Computer Name: MHB-97FDDE78B71
~ User Name: Propriétaire
~ All Users Names: SUPPORT_388945a0, Propriétaire, HelpAssistant, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Documents and Settings\Propriétaire\Application Data\ZHP\
~ %AppData% : C:\Documents and Settings\Propriétaire\Application Data\
~ %Desktop% : C:\Documents and Settings\Propriétaire\Bureau\
~ %Favorites% : C:\Documents and Settings\Propriétaire\Favoris\
~ %LocalAppData% : C:\Documents and Settings\Propriétaire\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\Propriétaire\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\\ Enumération des unités disques
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 16 Go of 37 Go)
D: CD-ROM drive (Not Inserted)
E: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  Out Of Date
~ Security Center: 38 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.897CA9DA6F568E24549719D5676385A1] - (.Microsoft Corporation - Internet Extensions for Win32.) (.29/10/2013 - 08:57:02.) -- C:\WINDOWS\system32\wininet.dll [920064]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 11:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/04/2008 - 19:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/17949
~ Mes musiques (My Musics) : 1/185
~ Mes Videos (My Videos) : 2/60
~ Mes Favoris (My Favorites) : 1/28
~ Mes Documents (My Documents) : 4/40326
~ Mon Bureau (My Desktop) : 0/1412
~ Menu demarrer (Programs) : 1/80
~ Hidden Files:  Scanned in 00mn 04s



---\\ Processus lancés
[MD5.B0F49DA36F30922F5DDC3B623B778FCE] - (.Microsoft Corporation - Antimalware Service Executable.) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe   [22208] [PID.1012]
[MD5.DCB42AD49D7978263C1C189E363C1E24] - (.Blabbers Communications Ltd - Pas de description.) -- C:\Documents and Settings\All Users.WINDOWS\Application Data\GinyasBrowserCompanion\tbhcn.exe   [590848] [PID.1884] =PUP.Blabbers
[MD5.093D3EE722542BA2E7AD929AA3CA6ABC] - (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe   [155648] [PID.1980]
[MD5.E4CF942A4AEA9D27C87F190F65E7D0F6] - (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe   [126976] [PID.1992]
[MD5.792D0020117F2F6D3B433193BBAC555E] - (.Nuance Communications, Inc. - PaperPort Print to Desktop for NT.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe   [30248] [PID.2024]
[MD5.D9310472B8035439474BE74B5289C852] - (.Yuna Software - Messenger Plus! 6.) -- C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe   [811520] [PID.196]
[MD5.5C3961F89DBF84C2996789B892DC3B4D] - (...) -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\tuto4pc_fr_60\upt4pc_fr_60.exe   [3154416] [PID.228] =PUP.Eorezo
[MD5.47F73264CBAAC4981C3393BA8E4339CD] - (.Brother Industries, Ltd. - Control Center 3 Main Program.) -- C:\Program Files\Brother\ControlCenter3\brccMCtl.exe   [536576] [PID.236]
[MD5.C1DB9BDF885C2F1ADC15264FBEA2788F] - (.Pas de propriétaire - HOSTS Anti-PUPs/Adwares.) -- C:\Program Files\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe   [302961] [PID.248]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe   [254336] [PID.260]
[MD5.F6987FF6C6D683F79FDCE707B071A997] - (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe   [955392] [PID.408]
[MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe   [1695232] [PID.440]
[MD5.749949494676218FFA99501F4AA22ECC] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe   [10376704] [PID.600]
[MD5.4EE367B8B1964160A1F1B80095183D3A] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin   [10368512] [PID.1080]
[MD5.1EEA6C1B35191DC177EA83672B9C3FC0] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe   [275568] [PID.1236]
[MD5.F470B4BCEA84CAA2CDB0CC94C97EA55D] - (.Intel Corporation - Intel® PROSet Monitoring Service.) -- C:\WINDOWS\system32\IProsetMonitor.exe   [109728] [PID.1568]
[MD5.80A79264302910C7C24BA7E44267EFEF] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe   [182696] [PID.1600]
[MD5.2957ED569A2C1EDF31E95CB15C96AC2F] - (.Yuna Software - Service - Messenger Plus! for Skype.) -- C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe   [128000] [PID.1320]
[MD5.13EAFAAE681E9BC2D16A47CC2E574692] - (.BrowseFox - BrowseFox.) -- C:\Program Files\BrowseFox\updateBrowseFox.exe   [65312] [PID.1668] =Adware.BrowseFox
[MD5.13EAFAAE681E9BC2D16A47CC2E574692] - (.BrowseFox - BrowseFox.) -- C:\Program Files\BrowseFox\bin\utilBrowseFox.exe   [65312] [PID.2136] =Adware.BrowseFox
[MD5.0DD74786D22EDFF0CE5B8E1B1E398618] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe   [18544] [PID.3700]
[MD5.486BDC196F8914845302745A15310D62] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [8321024] [PID.3120]
~ Processes Running:  Scanned in 00mn 07s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [mmffncokckfccddfenhkhnllmlobdahm] FastestFox \u2013 Surfez plus vite v.8.0.8 (Activé)
G2 - GCE: Preference [User Data\Default] [ppdjnkblmcjfnlogjjhpigpdgpcgdpll] BrowseFox v.1.0.0 (Désactivé) =Adware.BrowseFox
~ Google Browser: 13 Legitimates Filtered in 00mn 04s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
M2 - MFEP: prefs.js [Propriétaire - wdpsgonk.default-1372774160359\bbrs_002@blabbers.com] [] Ginyas Browser Companion v1.0.5 (..) =PUP.Blabbers
M2 - MFEP: prefs.js [Propriétaire - wdpsgonk.default-1372774160359\e180d6e8-52cd-41d9-9002-9e43f22d4c91@7466a5f3-05bd-4c4d-a0e9-9442a8ea8a0e.com] [] Plus-HD-1.5 v1.0.5 (..) =Adware.PlusHD
~ Firefox Browser: 20 Legitimates Filtered in 00mn 01s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys:  Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 03s
~ Nombre de lignes (Lines number): 9156



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: CrossriderApp0032000 - {11111111-1111-1111-1111-110311201100} . (.Plus HD - Plus-HD-1.5 BHO.) -- C:\Program Files\Plus-HD-1.5\Plus-HD-1.5-bho.dll =Adware.PlusHD
O2 - BHO: BrowseFox - {b9507101-e464-4b3b-a4cb-291aaedd94f2} . (.Browse Fox - BrowseFox.) -- C:\Program Files\BrowseFox\BrowseFoxbho.dll =Adware.BrowseFox
~ BHO: 12 Legitimates Filtered in 00mn 02s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Clé orpheline
~ Toolbar:  Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Program [AllUsers]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.)  -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [AllUsers]: MSN.lnk . (.Microsoft Corporation - Win32 Cabinet Self-Extractor.)  -- C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe =.Microsoft Corporation
O4 - GS\Program [AllUsers]: Windows Messenger.lnk . (.Microsoft Corporation - Windows Messenger.)  -- C:\Program Files\Messenger\msmsgs.exe
O4 - GS\Program [Propriétaire]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [Administrateur]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O4 - GS\Program [Administrateur]: Lecteur Windows Media.lnk . (.Microsoft Corporation - Windows Media Player.)  -- C:\Program Files\Windows Media Player\wmplayer.exe =.Microsoft Corporation
~ Global Startup: 13 Legitimates Filtered in 00mn 05s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Program [Propriétaire]: OpenOffice.org 3.4.1.lnk . (...)  -- C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe =.Adobe Systems Incorporated
O4 - HKLM\..\Run: [SSBkgdUpdate] . (.Nuance Communications, Inc. - SSBkgdUpdate.) -- C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
O4 - HKLM\..\Run: [PaperPort PTD] . (.Nuance Communications, Inc. - PaperPort Print to Desktop for NT.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] . (.Nuance Communications, Inc. - PaperPort IndexSearch.) -- C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [PPort11reminder] . (.Nuance Communications, Inc. - SSEreg MFC Application.) -- C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe
O4 - HKLM\..\Run: [BrMfcWnd] . (.Brother Industries, Ltd. - Brother Status Monitor MFC Application.) -- C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - HKLM\..\Run: [ControlCenter3] . (.Brother Industries, Ltd. - ControlCenter Program.) -- C:\Program Files\Brother\ControlCenter3\brctrcen.exe
O4 - HKLM\..\Run: [PlusService] . (.Yuna Software - Messenger Plus! 6.) -- C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Run: [MessengerPlusForSkypeService] . (.Yuna Software - Service - Messenger Plus! for Skype.) -- C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [tuto4pc_fr_60] Clé orpheline =PUP.Eorezo
O4 - HKLM\..\Run: [upt4pc_fr_60.exe] . (...) -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\tuto4pc_fr_60\upt4pc_fr_60.exe =PUP.Eorezo
O4 - HKLM\..\Run: [HOSTS Anti-Adware_PUPs] . (.Pas de propriétaire - HOSTS Anti-PUPs/Adwares.) -- C:\Program Files\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe =.Oracle Corporation
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [KernelFaultCheck] Clé orpheline
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Update\GoogleUpdate.exe =.Google Inc
O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-602162358-1757981266-1177238915-1003\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-602162358-1757981266-1177238915-1003\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKUS\S-1-5-21-602162358-1757981266-1177238915-1003\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Update\GoogleUpdate.exe =.Google Inc
O4 - HKUS\S-1-5-21-602162358-1757981266-1177238915-1003\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ Application:  Scanned in 00mn 01s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\OFFICE11\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{BA98DA4E-1324-4C63-8EF8-4B21AA24441E}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{BA98DA4E-1324-4C63-8EF8-4B21AA24441E}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{BA98DA4E-1324-4C63-8EF8-4B21AA24441E}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
~ Domain:  Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.dll =.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxsrvc Module.) -- C:\WINDOWS\system32\igfxsrvc.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Update BrowseFox (Update BrowseFox) . (.BrowseFox - BrowseFox.) - C:\Program Files\BrowseFox\updateBrowseFox.exe =Adware.BrowseFox
O23 - Service: Util BrowseFox (Util BrowseFox) . (.BrowseFox - BrowseFox.) - C:\Program Files\BrowseFox\bin\utilBrowseFox.exe =Adware.BrowseFox
~ Services: 8 Legitimates Filtered in 00mn 11s



---\\ Enumération Active Desktop MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - C:\WINDOWS\web\wallpaper\Colline verdoyante.bmp
O24 - Desktop General: WallPaper - .(...) - C:\WINDOWS\web\wallpaper\Colline verdoyante.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 01s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\WINDOWS\Tasks\GinyasBrowserCompanion Chrome Watcher.job   [1028] =PUP.Blabbers
O39 - APT:Automatic Planified Task  - C:\WINDOWS\Tasks\GinyasBrowserCompanion FireFox Watcher.job   [1028] =PUP.Blabbers
O39 - APT:Automatic Planified Task  - C:\WINDOWS\Tasks\GinyasBrowserCompanion Runner.job   [1028] =PUP.Blabbers
O39 - APT:Automatic Planified Task  - C:\WINDOWS\Tasks\GinyasBrowserCompanion Stats Report.job   [1028] =PUP.Blabbers
O39 - APT:Automatic Planified Task  - C:\WINDOWS\Tasks\GinyasBrowserCompanion Update Checker.job   [1028] =PUP.Blabbers
O39 - APT:Automatic Planified Task  - C:\WINDOWS\Tasks\Plus-HD-1.5-chromeinstaller.job   [1892] =Adware.PlusHD
O39 - APT:Automatic Planified Task  - C:\WINDOWS\Tasks\Plus-HD-1.5-codedownloader.job   [1196] =Adware.PlusHD
O39 - APT:Automatic Planified Task  - C:\WINDOWS\Tasks\Plus-HD-1.5-enabler.job   [1096] =Adware.PlusHD
O39 - APT:Automatic Planified Task  - C:\WINDOWS\Tasks\Plus-HD-1.5-firefoxinstaller.job   [1816] =Adware.PlusHD
O39 - APT:Automatic Planified Task  - C:\WINDOWS\Tasks\Plus-HD-1.5-updater.job   [1292] =Adware.PlusHD
O39 - APT:Automatic Planified Task  - C:\WINDOWS\Tasks\temp_Plus-HD-1.6-enabler.job   [1120] =Adware.PlusHD
~ Scheduled Task: 18 Legitimates Filtered in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: BrowseFox 3.0.0 - (.Browse Fox.) [HKLM] -- BrowseFox =Adware.BrowseFox
O42 - Logiciel: Plus-HD-1.5 - (.Plus HD.) [HKLM] -- Plus-HD-1.5 =Adware.PlusHD
O42 - Logiciel: Popims Animator - (...) [HKLM] -- Popims Animator
~ Logic: 15 Legitimates Filtered in 00mn 01s



---\\ HKCU HKLM Software Keys
[HKCU\Software\Blabbers       ] =PUP.Blabbers
[HKCU\Software\BrowseFox] =Adware.BrowseFox
[HKCU\Software\Plus-HD-1.5] =Adware.PlusHD
[HKCU\Software\SmartbarLog] =Hijacker.SmartBar
[HKCU\Software\Tutorials] =Spyware.AgenceExclusive
[HKCU\Software\bbrs_002.tb]
[HKLM\Software\Tutorials] =Spyware.AgenceExclusive
~ Key Software: 212 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 03/10/2013 - 21:00:41 - [2,375] ----D C:\Program Files\BrowseFox =Adware.BrowseFox
O43 - CFD: 14/09/2013 - 17:24:03 - [7,480] ----D C:\Program Files\Plus-HD-1.5 =Adware.PlusHD
O43 - CFD: 19/12/2012 - 21:22:17 - [5,955] ----D C:\Program Files\Popims
O43 - CFD: 07/09/2013 - 17:38:14 - [3,782] ----D C:\Program Files\tuto4pc_fr_60 =PUP.Eorezo
O43 - CFD: 05/09/2013 - 02:58:59 - [0,169] ----D C:\Documents and Settings\All Users.WINDOWS\Application Data\BoxUpdChk =Adware.Boxore
O43 - CFD: 06/01/2014 - 15:04:56 - [3,008] ----D C:\Documents and Settings\Propriétaire\Local Settings\Application Data\tuto4pc_fr_60 =PUP.Eorezo
O43 - CFD: 19/12/2012 - 21:22:38 - [0,002] ----D C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Popims Animator
~ Program Folder: 175 Legitimates Filtered in 00mn 53s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.BF18A1951360718538DBCAE192A7F588] - 06/01/2014 - 15:02:42 ---A- . (...) -- C:\WINDOWS\wiaservc.log   [50]
O44 - LFC:[MD5.A76101830E27269FED3BB6C3A827CFE9] - 06/01/2014 - 15:03:20 ---A- . (...) -- C:\WINDOWS\wiadebug.log   [259]
~ Files: 9 Legitimates Filtered in 02mn 55s



---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks:  Scanned in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO:  Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.FAF091AA45A6A6CF3CF94FE065950956] - 27/06/2013 - 20:23:22 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswSnx.sys.sum   [175]
O58 - SDL:[MD5.3FFBEE694566CADB0A64D8A1ACD7DBCE] - 27/06/2013 - 20:23:22 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswSP.sys.sum   [175]
O58 - SDL:[MD5.22EA82FFE8CA4965C1994F24C35DC202] - 27/06/2013 - 20:23:22 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswVmm.sys.sum   [175]
O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 14/04/2008 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\Drivers\cinemst2.sys   [262528]
O58 - SDL:[MD5.573C7D0A32852B48F3058CFD8026F511] - 14/04/2008 - 13:00:00 ---A- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\hdaudbus.sys   [144384]
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 14/04/2008 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\Drivers\ptilink.sys   [17792]
O58 - SDL:[MD5.F1771926A47A18BD3A3EDAC334FC78E0] - 18/06/2002 - 09:38:56 ---A- . (.Analog Devices, Inc. - SoundMAX Stub Driver.) -- C:\WINDOWS\system32\Drivers\smsens.sys   [3744]
O58 - SDL:[MD5.9C1B44C407F7441E84F90C2524409C2E] - 17/06/2002 - 15:43:14 ---A- . (.Analog Devices, Inc. - SoundMAX Integrated Digital Audio.) -- C:\WINDOWS\system32\Drivers\smwdm.sys   [553624]
O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 14/04/2008 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\Drivers\vdmindvd.sys   [58112]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys   [9037]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys   [27097]
O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys   [4912]
O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys   [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys   [42537]
O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys   [27916]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys   [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys   [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys   [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys   [29146]
O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys   [34000]
O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys   [34560]
O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys   [35648]
O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys   [35424]
O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys   [34560]
~ Drivers: 5 Legitimates Filtered in 00mn 01s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 27/06/2013 - C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe (MsgPlusService)  .(.Yuna Software - Service - Messenger Plus! for Skype.) - LEGACY_MSGPLUSSERVICE
O64 - Services: CurCS - 03/10/2013 - C:\Program Files\BrowseFox\updateBrowseFox.exe (Update BrowseFox)  .(.BrowseFox - BrowseFox.) - LEGACY_UPDATE_BROWSEFOX =Adware.BrowseFox
O64 - Services: CurCS - 03/10/2013 - C:\Program Files\BrowseFox\bin\utilBrowseFox.exe (Util BrowseFox)  .(.BrowseFox - BrowseFox.) - LEGACY_UTIL_BROWSEFOX =Adware.BrowseFox
~ Legacy: 138 Legitimates Filtered in 00mn 01s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: prefs.js [Propriétaire - wdpsgonk.default-1372774160359] user_pref("extensions.crossrider.bic", "13fa23962bb7a71a1ae20b517f85b3d7"); =PUP.CrossRider
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {ED2973BB-74FE-4BD1-8AB1-95DDA337491F} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {F2DC6543-C5F4-4CA7-BEBC-906F8FD07594} - (Ask Search) - http://websearch.ask.com =Toolbar.Ask
~ Keys:  Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.84400BF933AA5311DF3E9895A3BED10B] [SPRF][06/10/2012] (.Pas de propriétaire - Virus/Worm Cleaner Application.) -- C:\Documents and Settings\Propriétaire\Bureau\aswclnr.exe   [407680]
[MD5.F4804ED3F3001A38B2B6363B24260FFE] [SPRF][19/12/2012] (...) -- C:\Documents and Settings\Propriétaire\Bureau\PopimsAnimatorSetup.exe   [3712718]
[MD5.E9BE011BEC6419CDF649FDC472838DEB] [SPRF][22/12/2012] (.Yuna Software - Setup of Messenger Plus! 6.) -- C:\Documents and Settings\Propriétaire\Bureau\Setup-MsgPlus-600.exe   [1043896]
[MD5.04BB40AC1673A2A41FA3E25A350E1ED0] [SPRF][07/09/2013] (.Firser - inst all.) -- C:\Documents and Settings\Propriétaire\Bureau\Setup.exe   [232760]
~ Files: 8 Legitimates Filtered in 00mn 17s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "E50DDDBEFCBEFF04B9DB3C0E992A6B48" . (..) -- C:\WINDOWS\Installer\{EBDDD05E-EBCF-40FF-9BBD-C3E099A2B684}\ARPPRODUCTICON.exe
~ Update Products: 45 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.C0CE58EA2B0CD0D9162A83E948FEEC72] [WIS][30/03/2013] (.VirginMega.Fr - VirginMega.Fr Premium.) -- C:\Windows\Installer\15ce609.msi   [1072640]
[MD5.A31093FA1FBFD315E6AF4DEEA6EC6418] [WIS][01/06/2013] (.Messenger Plus! - Messenger Plus! Community Smartbar.) -- C:\Windows\Installer\2d0b06a.msi   [1781760] =Hijacker.SmartBar
~ WIS: 46 Legitimates Filtered in 00mn 08s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 11/12/2013 257416 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 14/04/2008 225280 |  (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SS - | Auto 13/12/2012 136176 |  (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 13/12/2012 136176 |  (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Auto 28/09/2013 285795 |  (HOSTS Anti-PUPs) . (...) - C:\Program Files\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe
SS - | Demand 04/04/2005 69632 |  (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
SS - | Demand 20/12/2013 119408 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 05/09/2013 171680 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe

SR - | Auto 28/02/2011 109728 |  (Intel(R) PROSet Monitoring Service) . (.Intel Corporation.) - C:\WINDOWS\system32\IProsetMonitor.exe
SR - | Auto 08/10/2013 182696 |  (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Program Files\Java\jre7\bin\jqs.exe
SR - | Auto 27/06/2013 128000 |  (MsgPlusService) . (.Yuna Software.) - C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
SR - | Auto 23/10/2013 22208 |  (MsMpSvc) . (.Microsoft Corporation.) - c:\Program Files\Microsoft Security Client\MsMpEng.exe
SR - | Auto 03/10/2013 65312 |  (Update BrowseFox) . (.BrowseFox.) - C:\Program Files\BrowseFox\updateBrowseFox.exe =Adware.BrowseFox
SR - | Auto 03/10/2013 65312 |  (Util BrowseFox) . (.BrowseFox.) - C:\Program Files\BrowseFox\bin\utilBrowseFox.exe =Adware.BrowseFox

~ Services:  Scanned in 00mn 10s



---\\ Scan Additionnel (O88)
Database Version : 13018 - (02/01/2014)
Clés trouvées (Keys found) : 40
Valeurs trouvées (Values found) : 1
Dossiers trouvés  (Folders found) : 10
Fichiers trouvés  (Files found) : 19

[HKLM\Software\Google\Chrome\Extensions\ppdjnkblmcjfnlogjjhpigpdgpcgdpll] =Adware.BrowseFox^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311201100}] =Adware.PlusHD^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B9507101-E464-4B3B-A4CB-291AAEDD94F2}] =Adware.BrowseFox^
[HKLM\SYSTEM\CurrentControlSet\Services\Update BrowseFox] =Adware.BrowseFox^
[HKLM\SYSTEM\CurrentControlSet\Services\Util BrowseFox] =Adware.BrowseFox^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\BrowseFox] =Adware.BrowseFox^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-1.5] =Adware.PlusHD^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9] =Adware.MyWebSearch
[HKCU\Software\SmartbarLog] =Hijacker.SmartBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Tuto4pc] =PUP.Eorezo
[HKCU\Software\Tutorials] =Spyware.AgenceExclusive
[HKLM\Software\Tutorials] =Spyware.AgenceExclusive
[HKCU\Software\bbrs_002.tb] =PUP.Blabbers
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\GinyasBrowserCompanion] =PUP.Blabbers
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2] =Toolbar.Ask
[HKLM\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}] =Adware.BrowseFox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311201100}] =PUP.CrossRider
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110311201100}] =PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220322202200}] =PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311201100}] =PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =Adware.Boxore^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:tuto4pc_fr_60 =PUP.Eorezo^
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ppdjnkblmcjfnlogjjhpigpdgpcgdpll =Adware.BrowseFox^
C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wdpsgonk.default-1372774160359\extensions\bbrs_002@blabbers.com =PUP.Blabbers^
C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wdpsgonk.default-1372774160359\extensions\e180d6e8-52cd-41d9-9002-9e43f22d4c91@7466a5f3-05bd-4c4d-a0e9-9442a8ea8a0e.com =Adware.PlusHD^
C:\Program Files\BrowseFox =Adware.BrowseFox^
C:\Program Files\Plus-HD-1.5 =Adware.PlusHD^
C:\Program Files\tuto4pc_fr_60 =PUP.Eorezo^
C:\Documents and Settings\All Users.WINDOWS\Application Data\BoxUpdChk =Adware.Boxore^
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\tuto4pc_fr_60 =PUP.Eorezo^
C:\Program Files\GinyasBrowserCompanion =PUP.Blabbers
C:\Documents and Settings\All Users.WINDOWS\Application Data\GinyasBrowserCompanion =PUP.Blabbers
C:\Documents and Settings\All Users.WINDOWS\Application Data\GinyasBrowserCompanion\tbhcn.exe =PUP.Blabbers^
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\tuto4pc_fr_60\upt4pc_fr_60.exe =PUP.Eorezo^
C:\Program Files\BrowseFox\updateBrowseFox.exe =Adware.BrowseFox^
C:\Program Files\BrowseFox\bin\utilBrowseFox.exe =Adware.BrowseFox^
C:\WINDOWS\Tasks\GinyasBrowserCompanion Chrome Watcher.job =PUP.Blabbers^
C:\WINDOWS\Tasks\GinyasBrowserCompanion FireFox Watcher.job =PUP.Blabbers^
C:\WINDOWS\Tasks\GinyasBrowserCompanion Runner.job =PUP.Blabbers^
C:\WINDOWS\Tasks\GinyasBrowserCompanion Stats Report.job =PUP.Blabbers^
C:\WINDOWS\Tasks\GinyasBrowserCompanion Update Checker.job =PUP.Blabbers^
C:\WINDOWS\Tasks\Plus-HD-1.5-chromeinstaller.job =Adware.PlusHD^
C:\WINDOWS\Tasks\Plus-HD-1.5-codedownloader.job =Adware.PlusHD^
C:\WINDOWS\Tasks\Plus-HD-1.5-enabler.job =Adware.PlusHD^
C:\WINDOWS\Tasks\Plus-HD-1.5-firefoxinstaller.job =Adware.PlusHD^
C:\WINDOWS\Tasks\Plus-HD-1.5-updater.job =Adware.PlusHD^
C:\WINDOWS\Tasks\temp_Plus-HD-1.6-enabler.job =Adware.PlusHD^
[HKCU\Software\Blabbers       ] =PUP.Blabbers^
[HKCU\Software\BrowseFox] =Adware.BrowseFox^
[HKCU\Software\Plus-HD-1.5] =Adware.PlusHD^
C:\Windows\Installer\2d0b06a.msi =Hijacker.SmartBar^
~ Additionnel Scan: 213543 Items scanned in 01mn 24s

la suite sur l'autre page...
Avatar du membre
par Marie-Hélène B
#90042
Suite du rapport de ZHPDiag

Spoiler: ---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blo ... p-blabbers =PUP.Blabbers
~ http://nicolascoolman.webs.com/apps/blo ... pup-eorezo =PUP.EoRezo
~ http://nicolascoolman.webs.com/apps/blo ... -browsefox =Adware.BrowseFox
~ http://nicolascoolman.webs.com/apps/blo ... are-plushd =Adware.PlusHD
~ http://nicolascoolman.webs.com/apps/blo ... r-smartbar =Hijacker.SmartBar
~ http://nicolascoolman.webs.com/apps/blo ... eexclusive =Spyware.AgenceExclusive
~ http://nicolascoolman.webs.com/apps/blo ... are-boxore =Adware.Boxore
~ http://nicolascoolman.webs.com/apps/blo ... crossrider =PUP.CrossRider
~ http://nicolascoolman.webs.com/apps/blo ... oolbar-ask =Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blo ... ywebsearch =Adware.MyWebSearch
~ MSI: 10 link(s) detected in 01mn 24s



~ 830 Legitimates filtered by white list
End of the scan (564 lines in 06mn 53s)(0)
[MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232] [PID.440]
~ Processes Running: Scanned in 01mn 26s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [mmffncokckfccddfenhkhnllmlobdahm] FastestFox \u2013 Surfez plus vite v.8.0.8 (Activé)
G2 - GCE: Preference [User Data\Default] [ppdjnkblmcjfnlogjjhpigpdgpcgdpll] BrowseFox v.1.0.0 (Désactivé) =Adware.BrowseFox
~ Google Browser: 25 Legitimates Filtered in 00mn 04s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M2 - MFEP: prefs.js [Propriétaire - wdpsgonk.default-1372774160359\bbrs_002@blabbers.com] [] Ginyas Browser Companion v1.0.5 (..) =PUP.Blabbers
M2 - MFEP: prefs.js [Propriétaire - wdpsgonk.default-1372774160359\e180d6e8-52cd-41d9-9002-9e43f22d4c91@7466a5f3-05bd-4c4d-a0e9-9442a8ea8a0e.com] [] Plus-HD-1.5 v1.0.5 (..) =Adware.PlusHD
~ Firefox Browser: 20 Legitimates Filtered in 00mn 01s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 02s
~ Nombre de lignes (Lines number): 9156



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: CrossriderApp0032000 - {11111111-1111-1111-1111-110311201100} . (.Plus HD - Plus-HD-1.5 BHO.) -- C:\Program Files\Plus-HD-1.5\Plus-HD-1.5-bho.dll =Adware.PlusHD
O2 - BHO: BrowseFox - {b9507101-e464-4b3b-a4cb-291aaedd94f2} . (.Browse Fox - BrowseFox.) -- C:\Program Files\BrowseFox\BrowseFoxbho.dll =Adware.BrowseFox
~ BHO: 24 Legitimates Filtered in 00mn 01s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Program [AllUsers]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [AllUsers]: MSN.lnk . (.Microsoft Corporation - Win32 Cabinet Self-Extractor.) -- C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe =.Microsoft Corporation
O4 - GS\Program [AllUsers]: Windows Messenger.lnk . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - GS\Program [Propriétaire]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [Administrateur]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O4 - GS\Program [Administrateur]: Lecteur Windows Media.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe =.Microsoft Corporation
~ Global Startup: 13 Legitimates Filtered in 00mn 01s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Program [Propriétaire]: OpenOffice.org 3.4.1.lnk . (...) -- C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe =.Adobe Systems Incorporated
O4 - HKLM\..\Run: [SSBkgdUpdate] . (.Nuance Communications, Inc. - SSBkgdUpdate.) -- C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
O4 - HKLM\..\Run: [PaperPort PTD] . (.Nuance Communications, Inc. - PaperPort Print to Desktop for NT.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] . (.Nuance Communications, Inc. - PaperPort IndexSearch.) -- C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [PPort11reminder] . (.Nuance Communications, Inc. - SSEreg MFC Application.) -- C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe
O4 - HKLM\..\Run: [BrMfcWnd] . (.Brother Industries, Ltd. - Brother Status Monitor MFC Application.) -- C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - HKLM\..\Run: [ControlCenter3] . (.Brother Industries, Ltd. - ControlCenter Program.) -- C:\Program Files\Brother\ControlCenter3\brctrcen.exe
O4 - HKLM\..\Run: [PlusService] . (.Yuna Software - Messenger Plus! 6.) -- C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Run: [MessengerPlusForSkypeService] . (.Yuna Software - Service - Messenger Plus! for Skype.) -- C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [tuto4pc_fr_60] Clé orpheline =PUP.Eorezo
O4 - HKLM\..\Run: [upt4pc_fr_60.exe] . (...) -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\tuto4pc_fr_60\upt4pc_fr_60.exe =PUP.Eorezo
O4 - HKLM\..\Run: [HOSTS Anti-Adware_PUPs] . (.Pas de propriétaire - HOSTS Anti-PUPs/Adwares.) -- C:\Program Files\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe =.Oracle Corporation
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [KernelFaultCheck] Clé orpheline
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Update\GoogleUpdate.exe =.Google Inc
O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-602162358-1757981266-1177238915-1003\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-602162358-1757981266-1177238915-1003\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKUS\S-1-5-21-602162358-1757981266-1177238915-1003\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Update\GoogleUpdate.exe =.Google Inc
O4 - HKUS\S-1-5-21-602162358-1757981266-1177238915-1003\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ Application: Scanned in 00mn 01s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\OFFICE11\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{BA98DA4E-1324-4C63-8EF8-4B21AA24441E}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{BA98DA4E-1324-4C63-8EF8-4B21AA24441E}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{BA98DA4E-1324-4C63-8EF8-4B21AA24441E}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.dll =.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxsrvc Module.) -- C:\WINDOWS\system32\igfxsrvc.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Update BrowseFox (Update BrowseFox) . (.BrowseFox - BrowseFox.) - C:\Program Files\BrowseFox\updateBrowseFox.exe =Adware.BrowseFox
O23 - Service: Util BrowseFox (Util BrowseFox) . (.BrowseFox - BrowseFox.) - C:\Program Files\BrowseFox\bin\utilBrowseFox.exe =Adware.BrowseFox
~ Services: 8 Legitimates Filtered in 00mn 07s



---\\ Enumération Active Desktop MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - C:\WINDOWS\web\wallpaper\Colline verdoyante.bmp
O24 - Desktop General: WallPaper - .(...) - C:\WINDOWS\web\wallpaper\Colline verdoyante.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GinyasBrowserCompanion Chrome Watcher.job [1028] =PUP.Blabbers
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GinyasBrowserCompanion FireFox Watcher.job [1028] =PUP.Blabbers
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GinyasBrowserCompanion Runner.job [1028] =PUP.Blabbers
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GinyasBrowserCompanion Stats Report.job [1028] =PUP.Blabbers
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GinyasBrowserCompanion Update Checker.job [1028] =PUP.Blabbers
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Plus-HD-1.5-chromeinstaller.job [1892] =Adware.PlusHD
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Plus-HD-1.5-codedownloader.job [1196] =Adware.PlusHD
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Plus-HD-1.5-enabler.job [1096] =Adware.PlusHD
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Plus-HD-1.5-firefoxinstaller.job [1816] =Adware.PlusHD
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Plus-HD-1.5-updater.job [1292] =Adware.PlusHD
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\temp_Plus-HD-1.6-enabler.job [1120] =Adware.PlusHD
~ Scheduled Task: 36 Legitimates Filtered in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: BrowseFox 3.0.0 - (.Browse Fox.) [HKLM] -- BrowseFox =Adware.BrowseFox
O42 - Logiciel: Plus-HD-1.5 - (.Plus HD.) [HKLM] -- Plus-HD-1.5 =Adware.PlusHD
O42 - Logiciel: Popims Animator - (...) [HKLM] -- Popims Animator
~ Logic: 15 Legitimates Filtered in 00mn 01s



---\\ HKCU HKLM Software Keys
[HKCU\Software\Blabbers ] =PUP.Blabbers
[HKCU\Software\BrowseFox] =Adware.BrowseFox
[HKCU\Software\Plus-HD-1.5] =Adware.PlusHD
[HKCU\Software\SmartbarLog] =Hijacker.SmartBar
[HKCU\Software\Tutorials] =Spyware.AgenceExclusive
[HKCU\Software\bbrs_002.tb]
[HKLM\Software\Tutorials] =Spyware.AgenceExclusive
~ Key Software: 212 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 03/10/2013 - 21:00:41 - [2,375] ----D C:\Program Files\BrowseFox =Adware.BrowseFox
O43 - CFD: 14/09/2013 - 17:24:03 - [7,480] ----D C:\Program Files\Plus-HD-1.5 =Adware.PlusHD
O43 - CFD: 19/12/2012 - 21:22:17 - [5,955] ----D C:\Program Files\Popims
O43 - CFD: 07/09/2013 - 17:38:14 - [3,782] ----D C:\Program Files\tuto4pc_fr_60 =PUP.Eorezo
O43 - CFD: 05/09/2013 - 02:58:59 - [0,169] ----D C:\Documents and Settings\All Users.WINDOWS\Application Data\BoxUpdChk =Adware.Boxore
O43 - CFD: 06/01/2014 - 15:04:56 - [3,008] ----D C:\Documents and Settings\Propriétaire\Local Settings\Application Data\tuto4pc_fr_60 =PUP.Eorezo
O43 - CFD: 19/12/2012 - 21:22:38 - [0,002] ----D C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Popims Animator
~ Program Folder: 175 Legitimates Filtered in 00mn 15s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.BF18A1951360718538DBCAE192A7F588] - 06/01/2014 - 15:02:42 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.A76101830E27269FED3BB6C3A827CFE9] - 06/01/2014 - 15:03:20 ---A- . (...) -- C:\WINDOWS\wiadebug.log [259]
~ Files: 8 Legitimates Filtered in 00mn 02s



---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.FAF091AA45A6A6CF3CF94FE065950956] - 27/06/2013 - 20:23:22 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswSnx.sys.sum [175]
O58 - SDL:[MD5.3FFBEE694566CADB0A64D8A1ACD7DBCE] - 27/06/2013 - 20:23:22 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswSP.sys.sum [175]
O58 - SDL:[MD5.22EA82FFE8CA4965C1994F24C35DC202] - 27/06/2013 - 20:23:22 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswVmm.sys.sum [175]
O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 14/04/2008 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\Drivers\cinemst2.sys [262528]
O58 - SDL:[MD5.573C7D0A32852B48F3058CFD8026F511] - 14/04/2008 - 13:00:00 ---A- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\hdaudbus.sys [144384]
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 14/04/2008 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\Drivers\ptilink.sys [17792]
O58 - SDL:[MD5.F1771926A47A18BD3A3EDAC334FC78E0] - 18/06/2002 - 09:38:56 ---A- . (.Analog Devices, Inc. - SoundMAX Stub Driver.) -- C:\WINDOWS\system32\Drivers\smsens.sys [3744]
O58 - SDL:[MD5.9C1B44C407F7441E84F90C2524409C2E] - 17/06/2002 - 15:43:14 ---A- . (.Analog Devices, Inc. - SoundMAX Integrated Digital Audio.) -- C:\WINDOWS\system32\Drivers\smwdm.sys [553624]
O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 14/04/2008 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\Drivers\vdmindvd.sys [58112]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912]
O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000]
O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
~ Drivers: 5 Legitimates Filtered in 00mn 05s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 27/06/2013 - C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe (MsgPlusService) .(.Yuna Software - Service - Messenger Plus! for Skype.) - LEGACY_MSGPLUSSERVICE
O64 - Services: CurCS - 03/10/2013 - C:\Program Files\BrowseFox\updateBrowseFox.exe (Update BrowseFox) .(.BrowseFox - BrowseFox.) - LEGACY_UPDATE_BROWSEFOX =Adware.BrowseFox
O64 - Services: CurCS - 03/10/2013 - C:\Program Files\BrowseFox\bin\utilBrowseFox.exe (Util BrowseFox) .(.BrowseFox - BrowseFox.) - LEGACY_UTIL_BROWSEFOX =Adware.BrowseFox
~ Legacy: 138 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: prefs.js [Propriétaire - wdpsgonk.default-1372774160359] user_pref("extensions.crossrider.bic", "13fa23962bb7a71a1ae20b517f85b3d7"); =PUP.CrossRider
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {ED2973BB-74FE-4BD1-8AB1-95DDA337491F} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {F2DC6543-C5F4-4CA7-BEBC-906F8FD07594} - (Ask Search) - http://websearch.ask.com =Toolbar.Ask
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.84400BF933AA5311DF3E9895A3BED10B] [SPRF][06/10/2012] (.Pas de propriétaire - Virus/Worm Cleaner Application.) -- C:\Documents and Settings\Propriétaire\Bureau\aswclnr.exe [407680]
[MD5.F4804ED3F3001A38B2B6363B24260FFE] [SPRF][19/12/2012] (...) -- C:\Documents and Settings\Propriétaire\Bureau\PopimsAnimatorSetup.exe [3712718]
[MD5.E9BE011BEC6419CDF649FDC472838DEB] [SPRF][22/12/2012] (.Yuna Software - Setup of Messenger Plus! 6.) -- C:\Documents and Settings\Propriétaire\Bureau\Setup-MsgPlus-600.exe [1043896]
[MD5.04BB40AC1673A2A41FA3E25A350E1ED0] [SPRF][07/09/2013] (.Firser - inst all.) -- C:\Documents and Settings\Propriétaire\Bureau\Setup.exe [232760]
~ Files: 8 Legitimates Filtered in 00mn 01s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "E50DDDBEFCBEFF04B9DB3C0E992A6B48" . (..) -- C:\WINDOWS\Installer\{EBDDD05E-EBCF-40FF-9BBD-C3E099A2B684}\ARPPRODUCTICON.exe
~ Update Products: 45 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.C0CE58EA2B0CD0D9162A83E948FEEC72] [WIS][30/03/2013] (.VirginMega.Fr - VirginMega.Fr Premium.) -- C:\Windows\Installer\15ce609.msi [1072640]
[MD5.A31093FA1FBFD315E6AF4DEEA6EC6418] [WIS][01/06/2013] (.Messenger Plus! - Messenger Plus! Community Smartbar.) -- C:\Windows\Installer\2d0b06a.msi [1781760] =Hijacker.SmartBar
~ WIS: 46 Legitimates Filtered in 00mn 06s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 11/12/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 14/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SS - | Auto 13/12/2012 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 13/12/2012 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Auto 28/09/2013 285795 | (HOSTS Anti-PUPs) . (...) - C:\Program Files\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe
SS - | Demand 04/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
SS - | Demand 20/12/2013 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 05/09/2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe

SR - | Auto 28/02/2011 109728 | (Intel(R) PROSet Monitoring Service) . (.Intel Corporation.) - C:\WINDOWS\system32\IProsetMonitor.exe
SR - | Auto 08/10/2013 182696 | (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Program Files\Java\jre7\bin\jqs.exe
SR - | Auto 27/06/2013 128000 | (MsgPlusService) . (.Yuna Software.) - C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
SR - | Auto 23/10/2013 22208 | (MsMpSvc) . (.Microsoft Corporation.) - c:\Program Files\Microsoft Security Client\MsMpEng.exe
SR - | Auto 03/10/2013 65312 | (Update BrowseFox) . (.BrowseFox.) - C:\Program Files\BrowseFox\updateBrowseFox.exe =Adware.BrowseFox
SR - | Auto 03/10/2013 65312 | (Util BrowseFox) . (.BrowseFox.) - C:\Program Files\BrowseFox\bin\utilBrowseFox.exe =Adware.BrowseFox

~ Services: Scanned in 00mn 07s



---\\ Scan Additionnel (O88)
Database Version : 13018 - (02/01/2014)
Clés trouvées (Keys found) : 40
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 10
Fichiers trouvés (Files found) : 19

[HKLM\Software\Google\Chrome\Extensions\ppdjnkblmcjfnlogjjhpigpdgpcgdpll] =Adware.BrowseFox^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311201100}] =Adware.PlusHD^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B9507101-E464-4B3B-A4CB-291AAEDD94F2}] =Adware.BrowseFox^
[HKLM\SYSTEM\CurrentControlSet\Services\Update BrowseFox] =Adware.BrowseFox^
[HKLM\SYSTEM\CurrentControlSet\Services\Util BrowseFox] =Adware.BrowseFox^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\BrowseFox] =Adware.BrowseFox^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-1.5] =Adware.PlusHD^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E] =Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9] =Adware.MyWebSearch
[HKCU\Software\SmartbarLog] =Hijacker.SmartBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Tuto4pc] =PUP.Eorezo
[HKCU\Software\Tutorials] =Spyware.AgenceExclusive
[HKLM\Software\Tutorials] =Spyware.AgenceExclusive
[HKCU\Software\bbrs_002.tb] =PUP.Blabbers
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\GinyasBrowserCompanion] =PUP.Blabbers
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2] =Toolbar.Ask
[HKLM\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}] =Adware.BrowseFox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311201100}] =PUP.CrossRider
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110311201100}] =PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220322202200}] =PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311201100}] =PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =Adware.Boxore^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:tuto4pc_fr_60 =PUP.Eorezo^
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ppdjnkblmcjfnlogjjhpigpdgpcgdpll =Adware.BrowseFox^
C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wdpsgonk.default-1372774160359\extensions\bbrs_002@blabbers.com =PUP.Blabbers^
C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\wdpsgonk.default-1372774160359\extensions\e180d6e8-52cd-41d9-9002-9e43f22d4c91@7466a5f3-05bd-4c4d-a0e9-9442a8ea8a0e.com =Adware.PlusHD^
C:\Program Files\BrowseFox =Adware.BrowseFox^
C:\Program Files\Plus-HD-1.5 =Adware.PlusHD^
C:\Program Files\tuto4pc_fr_60 =PUP.Eorezo^
C:\Documents and Settings\All Users.WINDOWS\Application Data\BoxUpdChk =Adware.Boxore^
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\tuto4pc_fr_60 =PUP.Eorezo^
C:\Program Files\GinyasBrowserCompanion =PUP.Blabbers
C:\Documents and Settings\All Users.WINDOWS\Application Data\GinyasBrowserCompanion =PUP.Blabbers
C:\Documents and Settings\All Users.WINDOWS\Application Data\GinyasBrowserCompanion\tbhcn.exe =PUP.Blabbers^
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\tuto4pc_fr_60\upt4pc_fr_60.exe =PUP.Eorezo^
C:\Program Files\BrowseFox\updateBrowseFox.exe =Adware.BrowseFox^
C:\Program Files\BrowseFox\bin\utilBrowseFox.exe =Adware.BrowseFox^
C:\WINDOWS\Tasks\GinyasBrowserCompanion Chrome Watcher.job =PUP.Blabbers^
C:\WINDOWS\Tasks\GinyasBrowserCompanion FireFox Watcher.job =PUP.Blabbers^
C:\WINDOWS\Tasks\GinyasBrowserCompanion Runner.job =PUP.Blabbers^
C:\WINDOWS\Tasks\GinyasBrowserCompanion Stats Report.job =PUP.Blabbers^
C:\WINDOWS\Tasks\GinyasBrowserCompanion Update Checker.job =PUP.Blabbers^
C:\WINDOWS\Tasks\Plus-HD-1.5-chromeinstaller.job =Adware.PlusHD^
C:\WINDOWS\Tasks\Plus-HD-1.5-codedownloader.job =Adware.PlusHD^
C:\WINDOWS\Tasks\Plus-HD-1.5-enabler.job =Adware.PlusHD^
C:\WINDOWS\Tasks\Plus-HD-1.5-firefoxinstaller.job =Adware.PlusHD^
C:\WINDOWS\Tasks\Plus-HD-1.5-updater.job =Adware.PlusHD^
C:\WINDOWS\Tasks\temp_Plus-HD-1.6-enabler.job =Adware.PlusHD^
[HKCU\Software\Blabbers ] =PUP.Blabbers^
[HKCU\Software\BrowseFox] =Adware.BrowseFox^
[HKCU\Software\Plus-HD-1.5] =Adware.PlusHD^
C:\Windows\Installer\2d0b06a.msi =Hijacker.SmartBar^
~ Additionnel Scan: 213548 Items scanned in 01mn 13s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blo ... p-blabbers =PUP.Blabbers
~ http://nicolascoolman.webs.com/apps/blo ... pup-eorezo =PUP.EoRezo
~ http://nicolascoolman.webs.com/apps/blo ... -browsefox =Adware.BrowseFox
~ http://nicolascoolman.webs.com/apps/blo ... are-plushd =Adware.PlusHD
~ http://nicolascoolman.webs.com/apps/blo ... r-smartbar =Hijacker.SmartBar
~ http://nicolascoolman.webs.com/apps/blo ... eexclusive =Spyware.AgenceExclusive
~ http://nicolascoolman.webs.com/apps/blo ... are-boxore =Adware.Boxore
~ http://nicolascoolman.webs.com/apps/blo ... crossrider =PUP.CrossRider
~ http://nicolascoolman.webs.com/apps/blo ... oolbar-ask =Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blo ... ywebsearch =Adware.MyWebSearch
~ MSI: 10 link(s) detected in 01mn 14s



~ 860 Legitimates filtered by white list
End of the scan (994 lines in 10mn 13s)(0)
D'avance merci.

Et Bonne année 2014 !
par rubised 3585
#90062
Bonjour,

Bien infecté,mais tu vas déjà faire ce qui suit stp,et ensuite je te ferais refaire un zhpdiag avec la manière de le poster en entier sur le forum



Tu est infecté par des adwares attrapés en téléchargeant gratuitement un ou des logiciels. Cette gratuité n'est pas en réalité gratuite ,il y a une contrepartie qui est de recevoir des pubilicités afin de se rémunérer.Il faut toujours bien lire les Conditions Générales d'utilisation ou sont indiquées justement que tu acceptes de recevoir ces pubs en téléchargeant le logiciel.
Il est plus que conseillé de lire cet article concernant ces pratiques:
http://forum.malekal.com/pctuto-tuto4pc ... 33439.html

Il y a aussi plusieurs barres d'outils uinutiles que tu as dû installé en même temps qu'un autre programme gratuit ou payant d'ailleurs. Faire attention de bien décocher une case avant de cliquer sur suivant pour ne pas installer ces barres d'outils.
Ces barres modifient les navigateurs WEB. D'une façon générale, installer une barre d'outils est inutile et cela ne fait que ralentir ton PC. Pour confirmer mes dires lis donc ce qui suit ci-dessous
Les Toolbars ce n'est pas obligatoires

Tu vas donc faire ce qui suit stp.


Télécharge AdwCleaner( d'Xplode ) sur ton bureau.

Lance le, clique sur [Scanner] puis patiente le temps du scan.

Une fois le scan fini, cela va débloquer la fonction [Nettoyer] que tu va devoir appliquer pour tout nettoyer.

le PC va redémarrer et afficher son rapport.

poste le contenu de ce rapport.sur le forum

•Héberge le rapport AdwCleaner.txt présent sur ton bureau sur le site ci dessous, puis copie/colle le lien fourni dans ta prochaine réponse :

http://www.cjoint.com


•Tutoriel cjoint, si besoin : http://www.forum-entraide-informatique.…riel#16374


si cjoint pas disponible:


http://www.toofiles.com/fr/documents-upload.html

ou :

http://pjjoint.malekal.com/

ou :

http://www.casimages.com


Note : Le rapport est également sauvegardé sous C:\AdwCleaner\AdwCleaner[S0].txt




A te lire
par Dori@n
#91626
ImageOù en-est votre problème ?

Deux solutions,
  • Votre problème est résolu, dans ce cas pensez à nous en faire part.
  • Votre problème est toujours d'actualité, merci de nous renseigner sur ce qui ne va pas, et donner des nouvelles régulièrement.


    À bientôt sur FEI !
Avatar du membre
par WARRIORXAV
#92273
Image Bonjour,

Nous n'avons plus de nouvelle de l'auteur de ce sujet depuis plus de 10 jours. Nous considérons donc ce problème comme résolu ou abandonné par son auteur. La prochaine fois, merci de nous tenir au courant de l'évolution de votre problème, ou à faire un UP régulièrement !

Ce sujet est verrouillé, si vous souhaitez le reprendre, merci de contacter par message privé un membre de l'équipe de modération du forum.

À bientôt sur FEI !

Hi everyone, I’m struggling with staying pr[…]

Hi everyone, I’m reaching out because I&rsq[…]

Facebook Ads Headline Generator

The headline of an ad is perhaps its most critic[…]

Bonjour à tous, Je possede une config pc […]