Forum d'Entraide Informatique (FEI)

Bonsoir,

Comme beaucoup de gens, en faisant un téléchargement gratuit, j'ai récolté bien malgré moi nation zoom, et je ne peux m'en débarrasser suite à plusieurs nettoyages de CCLEANER, SPYBOT ou autre..

J'ai suivi les directives du forum qui conseillent de faire un diagnostic par ZHPDiag et SFTGC que je peux envoyer.

Qui peut m'aider ?? Merci d'avance !!!

Gigi

Bonjour,

Pour mieux recevoir les réponses, tu peux t'inscrire au forum (plus d'informations ici).

Désinstalle Spybot, il est obsolète.

Poste les rapports SFTGC et ZHPDiag en les ayant précédemment hébergé comme ceci : http://www.forum-entraide-informatique. ... m-tutoriel

Gabriel.

Bonsoir,

Le temps que je comprenne comment fonctionne ce forum...voilà j'y suis parvenue.

Donc je réitère mon message, comment supprimer nation zoom, voici les liens ou l'on peut voir les rapports ZHPDiag et SFTG :

http://pjjoint.malekal.com/files.php?id ... r7v10u56r6

http://pjjoint.malekal.com/files.php?id ... 26y5t10u13

Dois je faire autrechose, pour suppprimer cette saleté de logiciel espion ??

Merci de votre aide !!!

Gigi34

Bonjour,

Bien.

Passe AdwCleaner et poste le rapport : http://www.forum-entraide-informatique. ... -de-xplode

Gabriel.

Voilà le rapport, il semble que ADW CLEANER ai fait disparaitre NATION ZOOM ???

# AdwCleaner v3.015 - Rapport créé le 17/12/2013 à 23:37:37
# Mis à jour le 10/12/2013 par Xplode
# Système d'exploitation : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Nom d'utilisateur : gina - PC-DE-GINA
# Exécuté depuis : C:\Users\gina\Downloads\adwcleaner.exe
# Option : Nettoyer

***** [ Services ] *****


***** [ Fichiers / Dossiers ] *****

Dossier Supprimé : C:\Users\gina\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
Dossier Supprimé : C:\Users\gina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbpohikckhbcljgombipcdoinkaedlfa

***** [ Raccourcis ] *****


***** [ Registre ] *****


***** [ Navigateurs ] *****

-\\ Internet Explorer v9.0.8112.16526


-\\ Mozilla Firefox v25.0.1 (fr)

[ Fichier : C:\Users\gina\AppData\Roaming\Mozilla\Firefox\Profiles\8uuqa4pl.default\prefs.js ]

Ligne Supprimée : user_pref("extensions.AVIRA-V7.apn.tldcache", "{\"date\":1387147234973,\"domainList\":[\"ac\",\"com.ac\",\"edu.ac\",\"gov.ac\",\"net.ac\",\"mil.ac\",\"org.ac\",\"ad\",\"nom.ad\",\"ae\",\"co.ae\",\"net[...]

-\\ Google Chrome v31.0.1650.63

[ Fichier : C:\Users\gina\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [10059 octets] - [28/08/2013 08:43:43]
AdwCleaner[R1].txt - [1044 octets] - [28/08/2013 21:08:07]
AdwCleaner[R2].txt - [10336 octets] - [15/12/2013 23:17:23]
AdwCleaner[R3].txt - [1776 octets] - [17/12/2013 23:03:42]
AdwCleaner[R4].txt - [1836 octets] - [17/12/2013 23:32:53]
AdwCleaner[S0].txt - [9784 octets] - [28/08/2013 09:53:22]
AdwCleaner[S1].txt - [1106 octets] - [28/08/2013 21:39:54]
AdwCleaner[S2].txt - [9187 octets] - [15/12/2013 23:23:26]
AdwCleaner[S3].txt - [1761 octets] - [17/12/2013 23:37:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1821 octets] ##########

Bonjour,

Pas sûr.

Refais moi un nouveau ZHPDiag pour voir.

Gabriel.

Voici le rapport ZHPDiag
~ Rapport de ZHPDiag v2013.12.14.22 - Nicolas Coolman (14/12/2013)
~ Lancé par gina (19/12/2013 22:20:54)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program


---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 25.0.1 (Defaut)
GCIE: Google Chrome v31.0.1650.63
OBIE: Safari v5.34.57.2

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Vista (TM) Home Premium, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : RJ34F
Windows License : OK
Windows Automatic Updates : OK

---\\ Logiciels de protection du système
Avira Free Antivirus v14.0.2.286
McAfee Security Scan Plus v3.0.318.3

---\\ Logiciels d'optimisation du système
CCleaner v4.08 =Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 17

---\\ Informations sur le système
~ Processor: x86 Family 15 Model 104 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2045 MB (39% free)
System Restore: Activé (Enable)
System drive C: has 11 GB (14%) free of 74 GB

---\\ Mode de connexion au système
~ Computer Name: PC-DE-GINA
~ User Name: gina
~ All Users Names: gina, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\gina\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\gina\AppData\Roaming\
~ %Desktop% : C:\Users\gina\Desktop\
~ %Favorites% : C:\Users\gina\Favorites\
~ %LocalAppData% : C:\Users\gina\AppData\Local\
~ %StartMenu% : C:\Users\gina\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 11 Go of 74 Go)
D: Hard drive, Flash drive, Thumb drive (Free 147 Go of 149 Go)
F: Hard drive, Flash drive, Thumb drive (Free 73 Go of 73 Go)
G: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
~ Security Center: 50 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.19/01/2008 - 08:33:37.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.4CC9DF09C3D915BA0A101A11DB684F26] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.14/11/2013 - 23:42:41.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.19/01/2008 - 06:28:02.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.19/01/2008 - 06:49:18.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.19/01/2008 - 06:56:28.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.19/01/2008 - 06:56:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10:03:00.) -- C:\Windows\system32\Drivers\rdpdr.sys [242688]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 01s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/198
~ Mes musiques (My Musics) : 3/598
~ Mes Videos (My Videos) : 1/2
~ Mes Documents (My Documents) : 2/1578
~ Mon Bureau (My Desktop) : 1/260
~ Menu demarrer (Programs) : 1/25
~ Hidden Files: Scanned in 00mn 05s



---\\ Processus lancés
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.3164]
[MD5.F5EF0675D6EC37F81F8794AEC9630BE0] - (.TOSHIBA Corporation - TOSHIBA Power Saver.) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe [411192] [PID.3040]
[MD5.1FD7BBB8C48017277F552DE09AE9BF1F] - (.TOSHIBA Corporation - SmoothView.) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe [509496] [PID.2812]
[MD5.6D7EA1B6C6DF62E016605B381F411AC4] - (.TOSHIBA Corporation - TOSHIBA Flash Cards.) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [538744] [PID.2988]
[MD5.AFD400AEBCAB252C99E60991FF00D9D2] - (.Pas de propriétaire - KeNotify MFC Application.) -- C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [34352] [PID.2556]
[MD5.E1FAAF7915BC07352CCF1DFF37058414] - (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe [581632] [PID.3220]
[MD5.5F5764E4046019031C7445541D728721] - (.Interactive Digital Media - Desktop SMS - German.) -- C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe [1507328] [PID.1548]
[MD5.866CD9A4BF30B79B3BEC2D4E2ED2F059] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [4702208] [PID.784]
[MD5.D658AB1B55127D18DCFBCAC8CAAEA522] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208] [PID.3612]
[MD5.DDA90D7E82D87B1AB3C6664EE481766B] - (.Pas de propriétaire - fr.) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [436088] [PID.2532]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.3660]
[MD5.BD713579A87D698E1F2158CE10E48130] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe [272248] [PID.608]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.2576]
[MD5.7E6EA9CB72B5DE84A5D700BED877E5F9] - (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe [397312] [PID.3716]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.3700]
[MD5.81C25E4D89A3ACDF8F3096D093F1DF40] - (.Glarysoft Ltd - Glary Utilities 4.) -- C:\Program Files\Glary Utilities 4\Integrator.exe [771872] [PID.5828]
[MD5.BE670449EDD491C8DD59DC40F36FD899] - (.Glarysoft Ltd - Glary Memfiles Service.) -- C:\Program Files\Glary Utilities 4\MemfilesService.exe [160032] [PID.3936]
[MD5.1ED34E4985B2AF577A1F8F234A0B8163] - (.Glarysoft Ltd - SoftwareUpdate.) -- C:\Program Files\Glary Utilities 4\SoftwareUpdate.exe [235296] [PID.3792]
[MD5.DD231039B13EC2ABDE315D76E658EF0E] - (.Avira Operations GmbH Co. KG - Antivirus System Tray Tool (Desktop).) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [684600] [PID.5736]
[MD5.077D59BA0FD4007E841B6C670862B065] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [275568] [PID.2032]
[MD5.E0B173F23D873286169995D66B9E3CDF] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [18544] [PID.5080]
[MD5.5D60EE718D0C708D69DFF4B3336B68BF] - (.Adobe Systems, Inc. - Adobe Flash Player 11.9 r900.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe [1862536] [PID.3856]
[MD5.2330B5A4A3824F042DC96D524893A6B5] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8295936] [PID.3256]
[MD5.C7FBDD1ED42F82BFA35167A5C9803EA3] - (.Microsoft Corporation - PresentationFontCache.exe.) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [43904] [PID.864]
[MD5.1E28D3FB22FBD2D6B9D16ED20F23030D] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\Windows\system32\Ati2evxx.exe [606208] [PID.1032]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1264]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1988]
[MD5.39E435C90C9C4F780FA0ED05CA3C3A1B] - (.Agere Systems - Agere Soft Modem Call Progress Service.) -- C:\Windows\system32\agrsmsvc.exe [9216] [PID.2020]
[MD5.BEF294FFE5F40BE768BDCBE1837DFABE] - (.APN LLC. - APN Updater.) -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352] [PID.2044] =Toolbar.Ask
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.192]
[MD5.C82162949BBA6CC5D006C7BD008F3CF1] - (.TOSHIBA CORPORATION - Service of ConfigFree..) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960] [PID.276]
[MD5.DDD5D3EABE2E7310A3C15B60998F72E4] - (.TOSHIBA Corporation - TOSHIBA Navi Support Service.) -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [77824] [PID.1424]
[MD5.D540858E65BFA6FDED41AD2495ECE344] - (.TOSHIBA Corporation - TDCSrv Application.) -- C:\Windows\system32\TODDSrv.exe [114688] [PID.1300]
[MD5.6A54C28B53C6B50D333C8EE974C6B208] - (.TOSHIBA Corporation - TOSHIBA Power Saver.) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [427576] [PID.1528]
[MD5.332D341D92B933600D41953B08360DFB] - (.Ulead Systems, Inc. - ULCDRSvr.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152] [PID.2156]
[MD5.FE79366FECD444A16CCA9979134DBEA8] - (.Avira Operations GmbH Co. KG - Antivirus Host Framework Service.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376] [PID.5292]
[MD5.FDE9C7030FB1E9E2715E113EE6A10F90] - (.Avira Operations GmbH Co. KG - Antivirus Host Framework Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376] [PID.3992]
[MD5.6F1E9AB820B3DD8BD38C0190A206205D] - (.Avira Operations GmbH Co. KG - AntiVir shadow copy service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [431672] [PID.1356]
[MD5.29D956C8CB67222D678FAF20D485B25B] - (.Avira Operations GmbH Co. KG - AntiVir WebGuard Service.) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.exe [1011768] [PID.2524]
~ Processes Running: Scanned in 00mn 03s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\gina\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://www.google.com
G2 - GCE: Preference [User Data\Default] [aaaaacalgebmfelllfiaoknifldpngjh] Avira SearchFree Toolbar plus Web Protection v.25.62088, (Désactivé) =Toolbar.Avira
G2 - GCE: Preference [User Data\Default] [pbpohikckhbcljgombipcdoinkaedlfa] Smart Display v.1.6 (Activé) =Spyware.SmartDisplay
~ Google Browser: 13 Legitimates Filtered in 00mn 04s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\gina\AppData\Roaming\Mozilla\Firefox\Profiles\8uuqa4pl.default\prefs.js
M3 - MFPP: Plugins - [gina] -- C:\Program Files\Mozilla FireFox\searchplugins\nationzoom.xml =Hijacker.NationZoom
~ Firefox Browser: 29 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 15s
~ Nombre de lignes (Lines number): 15513



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Avira SearchFree Toolbar - [HKLM]{41564952-412D-5637-00A7-7A786E7484D7} . (.APN LLC. - Passport.) -- C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll =Toolbar.Ask
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{41564952-412D-5637-00A7-7A786E7484D7} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Ciel Compta.lnk . (.Ciel SA - Ciel Compta.) -- C:\Program Files\Ciel\Compta\WK.exe
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: McAfee Security Scan Plus.lnk . (.McAfee, Inc. - McAfee.) -- C:\Program Files\McAfee Security Scan\3.0.318\mcuicnt.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\Desktop [Public]: Socialbox.lnk . (...) -- C:\Program Files\Socialbox\Socialbox.exe
O4 - GS\Program [Public]: Désinstaller QuickTime.lnk . (.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\System32\msiexec.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: PictureViewer.lnk . (...) -- C:\Windows\Installer\{B67BAFBA-4C9F-48FA-9496-933E3B255044}\PictureViewer.ico
O4 - GS\Program [Public]: Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\Program [Public]: Socialbox.lnk . (...) -- C:\Program Files\Socialbox\Socialbox.exe
O4 - GS\Program [Public]: À propos de QuickTime.lnk . (...) -- C:\Windows\Installer\{B67BAFBA-4C9F-48FA-9496-933E3B255044}\RichText.ico
O4 - GS\QuickLaunch [gina]: Apple Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\QuickLaunch [gina]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [gina]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [gina]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [gina]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [gina]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Global Startup: 81 Legitimates Filtered in 00mn 03s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: McAfee Security Scan Plus.lnk . (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [TPwrMain] . (.TOSHIBA Corporation - TOSHIBA Power Saver.) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
O4 - HKLM\..\Run: [HSON] . (.TOSHIBA Corporation - HotStartOn.) -- C:\Program Files\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] . (.TOSHIBA Corporation - SmoothView.) -- C:\Program Files\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] . (.TOSHIBA Corporation - TOSHIBA Flash Cards.) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [KeNotify] . (.Pas de propriétaire - KeNotify MFC Application.) -- C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [SVPWUTIL] . (.TOSHIBA - SVPWUTIL Application.) -- C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe
O4 - HKLM\..\Run: [topi] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe =.Toshiba Corporation
O4 - HKLM\..\Run: [Desktop SMS] . (.Interactive Digital Media - Desktop SMS - German.) -- C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe =.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [StartCCC] . (...) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Toshiba Registration] . (.Toshiba - Vista Registration.) -- C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [Skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Windows\Skytel.exe =.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe =.Hewlett-Packard Co
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =.Adobe Systems Incorporated
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =.Oracle Corporation
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH Co. KG - Antivirus System Tray Tool (Desktop).) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKCU\..\Run: [TOSCDSPD] . (.Pas de propriétaire - fr.) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\gina\AppData\Local\Google\Update\GoogleUpdate.exe =.Google Inc
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-21-4022509144-3797914345-2101987906-1000\..\Run: [TOSCDSPD] . (.Pas de propriétaire - fr.) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKUS\S-1-5-21-4022509144-3797914345-2101987906-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-4022509144-3797914345-2101987906-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\gina\AppData\Local\Google\Update\GoogleUpdate.exe =.Google Inc
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: Microsoft XML Parser for Java - (Microsoft XML Parser for Java) - (.not file.) - C:\Windows\Java\classes\xmldso.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ((no name)) - http://fpdownload.macromedia.com/get/fl ... rashim.cab
~ Objets ActiveX Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{6F87F05D-C810-4664-A5DD-D04689177032}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{6F87F05D-C810-4664-A5DD-D04689177032}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll =.Microsoft Corporation
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Service de mise à jour Ask (APNMCP) . (.APN LLC. - APN Updater.) - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe =Toolbar.Ask
O23 - Service: Ulead Burning Helper (UleadBurningHelper) . (.Ulead Systems, Inc. - ULCDRSvr.) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
~ Services: 15 Legitimates Filtered in 00mn 28s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk * ) - File not found
~ BEX: 1 Legitimates Filtered in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Wise Registry Cleaner Schedule Task.job [440]
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Weekly)] (...) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Wise Registry Cleaner Schedule Task] (...) -- C:\Program Files\Wise\Wise Registry Cleaner\WiseRegCleaner.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{914F850B-3860-4580-AABA-7AEB34E4361F}] (...) -- C:\Users\gina\Downloads\Install_MSN_Messenger.exe (.not file.) [0]
~ Scheduled Task: 24 Legitimates Filtered in 00mn 11s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (eylzvugk) . (. - .) - C:\Windows\system32\drivers\eylzvugk.sys (.not file.)
~ Drivers: 48 Legitimates Filtered in 00mn 02s



---\\ HKCU HKLM Software Keys
[HKCU\Software\AskPartnerNetwork]
[HKCU\Software\PC Optimiseur 2]
[HKLM\Software\AskPartnerNetwork]
[HKLM\Software\supWPM] =PUP.WpManager
~ Key Software: 190 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 13/12/2013 - 23:53:02 - [11,117] ----D C:\Program Files\AskPartnerNetwork
O43 - CFD: 13/12/2013 - 21:25:22 - [0] ----D C:\Program Files\fst_fr_35 =PUA.FSTfr9
O43 - CFD: 13/12/2013 - 21:16:09 - [0,046] ----D C:\Program Files\Uninstaller
O43 - CFD: 13/12/2013 - 23:48:48 - [0] ----D C:\ProgramData\APN
O43 - CFD: 13/12/2013 - 23:53:02 - [3,456] ----D C:\ProgramData\AskPartnerNetwork
O43 - CFD: 14/12/2013 - 00:04:36 - [0] ----D C:\ProgramData\WPM =PUP.WpManager
O43 - CFD: 27/08/2013 - 00:09:40 - [0] ----D C:\ProgramData\苈ʾ軠ʾ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳
O43 - CFD: 25/08/2013 - 21:41:00 - [0] ----D C:\Users\gina\AppData\Roaming\2V2Z1C1P1H1P1Q1F2W1G1I1F1T1QtAtB
O43 - CFD: 15/12/2013 - 23:36:01 - [0,354] ----D C:\Users\gina\AppData\Local\AskPartnerNetwork
~ 586 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 791 Legitimates Filtered in 01mn 29s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.4DABDF0931159CC28AB795B060919D4B] - 15/12/2013 - 23:34:46 ---A- . (...) -- C:\Windows\wininit.ini [13350]
~ Files: 39 Legitimates Filtered in 00mn 24s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.E8F3F21A71720C84BCF423B80028359F] - 02/11/2006 - 10:51:34 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [316520]
O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\System32\Drivers\iteatapi.sys [35944]
O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\System32\Drivers\iteraid.sys [35944]
O58 - SDL:[MD5.566C5FD480FDBCE3BA5CF9FBCFFAEA9A] - 09/10/2008 - 15:42:42 ---A- . (.Windows (R) Codename Longhorn DDK provider - KMWDFilter Driver from UASSOFT.COM.) -- C:\Windows\System32\Drivers\KMWDFILTER.sys [17408]
O58 - SDL:[MD5.7B426B8E809EDF081D771EF429345528] - 21/06/2011 - 11:24:06 ---A- . (...) -- C:\Windows\System32\Drivers\sp_rsdrv2.sys [32768]
O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 25/11/2013 - 11:33:11 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\System32\Drivers\ssmdrv.sys [28520]
O58 - SDL:[MD5.147B9CCE0B523D4DAFD91A60C2CE2B25] - 30/04/2013 - 09:51:09 ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [35088]
O58 - SDL:[MD5.3CD4EA35A6221B85DCC25DAA46313F8D] - 02/11/2006 - 10:51:25 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\System32\Drivers\uliahci.sys [235112]
O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\System32\Drivers\ulsata.sys [98408]
O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 02/11/2006 - 10:50:45 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\System32\Drivers\ulsata2.sys [115816]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 16 Legitimates Filtered in 00mn 06s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- firefox.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files\Safari\Safari.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] 4DAD3C46B54F4FBD93DBDCF002E2844C - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Goo) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {BA23454B-8DDE-4DF7-9B3B-DCB52FAC712A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {c1d89ae7-449d-4929-b24b-fded04adbe06} - (Glary Search) - http://isearch.glarysoft.com
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.6FE811B571C4B1FD799096DCD726501E] [SPRF][06/03/2009] (...) -- C:\ProgramData\ezsidmv.dat [56]
[MD5.8AE65A0C2B64037E6D03A81A89B61CD9] [SPRF][16/04/2013] (...) -- C:\Users\gina\AppData\Local\d3d9caps.dat [680]
[MD5.1217B369A859266AA5BBE61D374466F8] [SPRF][13/12/2013] (...) -- C:\Users\gina\Desktop\avira_free_antivirus_fr.exe [128199416]
~ Files: 4 Legitimates Filtered in 00mn 05s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "25946514D2147365007A7A857BC06000" . (.Avira SearchFree Toolbar.) -- C:\Windows\Installer\{41564952-412D-5637-00A7-A758B70C0600}\ToolbarIcon.exe =Toolbar.Avira
~ Update Products: 119 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.DBC5BEAFDE7ED4787826A24C8F275372] [WIS][13/12/2013] (.Boxore OU - Boxore Client Installer.) -- C:\Windows\Installer\21a875.msi [474624] =Adware.Boxore
[MD5.279931B813362F18F111B9619E1F8306] [WIS][13/12/2013] (.APN, LLC - Avira SearchFree Toolbar.) -- C:\Windows\Installer\e32518.msi [811008] =Toolbar.Avira
~ WIS: 123 Legitimates Filtered in 00mn 15s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 11/12/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 05/03/2009 133104 | (gupdate1c99de39ebe61af) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 05/03/2009 133104 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 31/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 14/11/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
SS - | Demand 05/02/2013 235216 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe
SS - | Demand 16/11/2013 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 05/09/2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe

SR - | Auto 10/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 05/10/2006 9216 | (AgereModemAudio) . (.Agere Systems.) - C:\Windows\system32\agrsmsvc.exe
SR - | Auto 19/12/2013 440376 | (AntiVirSchedulerService) . (.Avira Operations GmbH Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 25/11/2013 440376 | (AntiVirService) . (.Avira Operations GmbH Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 19/12/2013 1011768 | (AntiVirWebService) . (.Avira Operations GmbH Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.exe
SR - | Auto 23/10/2013 166352 | (APNMCP) . (.APN LLC..) - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe =Toolbar.Ask
SR - | Auto 21/06/2007 606208 | (Ati External Event Utility) . (.ATI Technologies Inc..) - C:\Windows\System32\Ati2evxx.exe
SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 14/11/2006 40960 | (CFSvcs) . (.TOSHIBA CORPORATION.) - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
SR - | Auto 28/06/2007 77824 | (TNaviSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
SR - | Auto 25/05/2006 114688 | (TODDSrv) . (.TOSHIBA Corporation.) - C:\Windows\system32\TODDSrv.exe
SR - | Auto 29/03/2007 427576 | (TosCoSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
SR - | Auto 23/08/2006 49152 | (UleadBurningHelper) . (.Ulead Systems, Inc..) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
SR - | Auto 19/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 19/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 17s



---\\ Scan Additionnel (O88)
Database Version : 13013 - (14/12/2013)
Clés trouvées (Keys found) : 7
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 8
Fichiers trouvés (Files found) : 4

[HKLM\Software\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh] =Toolbar.Avira^
[HKLM\Software\Google\Chrome\Extensions\pbpohikckhbcljgombipcdoinkaedlfa] =Spyware.SmartDisplay^
[HKLM\SYSTEM\CurrentControlSet\Services\APNMCP] =Toolbar.Ask^
[HKLM\SOFTWARE\SOFTWARE\UPDATE\CLIENTS\{5B54E9B6-D6C4-11E0-8E9D-92FB4824019B}] =Adware.Boxore
[HKCU\Software\AskPartnerNetwork] =Toolbar.Ask
[HKLM\Software\AskPartnerNetwork] =Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411591118}] =PUP.CrossRider
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{41564952-412D-5637-00A7-7A786E7484D7} =Toolbar.Ask^
C:\Users\gina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh =Toolbar.Avira^
C:\Users\gina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbpohikckhbcljgombipcdoinkaedlfa =Spyware.SmartDisplay^
C:\Program Files\fst_fr_35 =PUA.FSTfr9^
C:\ProgramData\WPM =PUP.WpManager^
C:\Program Files\AskPartnerNetwork =Toolbar.Ask
C:\ProgramData\AskPartnerNetwork =Toolbar.Ask
C:\Users\gina\AppData\Local\Software =Adware.Boxore
C:\Users\gina\AppData\Local\AskPartnerNetwork =Toolbar.Ask
C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe =Toolbar.Ask^
[HKLM\Software\supWPM] =PUP.WpManager^
C:\Windows\Installer\21a875.msi =Adware.Boxore^
C:\Windows\Installer\e32518.msi =Toolbar.Avira^
~ Additionnel Scan: 248052 Items scanned in 01mn 40s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blo ... oolbar-ask =Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blo ... artdisplay =Spyware.SmartDisplay
~ http://nicolascoolman.webs.com/apps/blo ... nationzoom =Hijacker.NationZoom
~ http://nicolascoolman.webs.com/apps/blo ... -wpmanager =PUP.WpManager
~ http://nicolascoolman.webs.com/apps/blo ... pua-fstfr9 =PUA.FSTfr9
~ http://nicolascoolman.webs.com/apps/blo ... are-boxore =Adware.Boxore
~ http://nicolascoolman.webs.com/apps/blo ... crossrider =PUP.CrossRider
~ MSI: 7 link(s) detected in 01mn 41s



~ 1679 Legitimates filtered by white list
End of the scan (524 lines in 07mn 06s)(0)

Bonsoir, j'ai un problème avec un virus NATION ZOOM (suite à une mise à jour de java) et je n'arrive pas du tout à le désinstaller de mon PC. Quelqu'un pourrai m'aider svp ?

Re,

Fais ZHPFix comme ceci avec ces lignes, et poste le rapport.

Sarah.n, merci d'ouvrir un nouveau sujet : http://www.forum-entraide-informatique. ... e=newtopic

Bonne soirée,

Gabriel.

Bonjour,

J'ai bien poste le rapport ZHPFix, qu'en est il ??? Je n'ai pas eu de réponse ???
Merci Gabriel

Bonsoir,

Où est le rapport ZHPFix ?

Gabriel.

Juste au dessus dans le forum, juste avant que Miss SARAH s'interpose dans nos échanges.
J'avais poste mon rapport et je n'ai pas eu de réponse.

Mais je peux le relancer et le renvoyer !!!

Voici à nouveau le rapport que j'ai relancé :

~ Rapport de ZHPDiag v2013.12.14.22 - Nicolas Coolman (14/12/2013)
~ Lancé par gina (21/12/2013 00:21:18)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 26.0 (Defaut)
GCIE: Google Chrome v31.0.1650.63
OBIE: Safari v5.34.57.2

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Vista (TM) Home Premium, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : RJ34F
Windows License : OK
Windows Automatic Updates : OK

---\\ Logiciels de protection du système
Avira Free Antivirus v14.0.2.286
McAfee Security Scan Plus v3.0.318.3

---\\ Logiciels d'optimisation du système
CCleaner v4.08 =Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 17

---\\ Informations sur le système
~ Processor: x86 Family 15 Model 104 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2045 MB (42% free)
System Restore: Activé (Enable)
System drive C: has 11 GB (15%) free of 74 GB

---\\ Mode de connexion au système
~ Computer Name: PC-DE-GINA
~ User Name: gina
~ All Users Names: gina, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\gina\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\gina\AppData\Roaming\
~ %Desktop% : C:\Users\gina\Desktop\
~ %Favorites% : C:\Users\gina\Favorites\
~ %LocalAppData% : C:\Users\gina\AppData\Local\
~ %StartMenu% : C:\Users\gina\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 11 Go of 74 Go)
D: Hard drive, Flash drive, Thumb drive (Free 147 Go of 149 Go)
E: Floppy drive, Flash card reader, USB Key (Free 3 Go of 7 Go)
F: Hard drive, Flash drive, Thumb drive (Free 73 Go of 73 Go)
G: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
~ Security Center: 50 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.19/01/2008 - 08:33:37.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.4CC9DF09C3D915BA0A101A11DB684F26] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.14/11/2013 - 23:42:41.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.19/01/2008 - 06:28:02.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.19/01/2008 - 06:49:18.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.19/01/2008 - 06:56:28.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.19/01/2008 - 06:56:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10:03:00.) -- C:\Windows\system32\Drivers\rdpdr.sys [242688]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/198
~ Mes musiques (My Musics) : 3/598
~ Mes Videos (My Videos) : 1/2
~ Mes Documents (My Documents) : 2/1567
~ Mon Bureau (My Desktop) : 1/234
~ Menu demarrer (Programs) : 1/25
~ Hidden Files: Scanned in 00mn 06s



---\\ Processus lancés
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.3636]
[MD5.F5EF0675D6EC37F81F8794AEC9630BE0] - (.TOSHIBA Corporation - TOSHIBA Power Saver.) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe [411192] [PID.3648]
[MD5.1FD7BBB8C48017277F552DE09AE9BF1F] - (.TOSHIBA Corporation - SmoothView.) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe [509496] [PID.3668]
[MD5.81C25E4D89A3ACDF8F3096D093F1DF40] - (.Glarysoft Ltd - Glary Utilities 4.) -- C:\Program Files\Glary Utilities 4\Integrator.exe [771872] [PID.3676]
[MD5.6D7EA1B6C6DF62E016605B381F411AC4] - (.TOSHIBA Corporation - TOSHIBA Flash Cards.) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [538744] [PID.3700]
[MD5.AFD400AEBCAB252C99E60991FF00D9D2] - (.Pas de propriétaire - KeNotify MFC Application.) -- C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [34352] [PID.3712]
[MD5.E1FAAF7915BC07352CCF1DFF37058414] - (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe [581632] [PID.3072]
[MD5.5F5764E4046019031C7445541D728721] - (.Interactive Digital Media - Desktop SMS - German.) -- C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe [1507328] [PID.3548]
[MD5.866CD9A4BF30B79B3BEC2D4E2ED2F059] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [4702208] [PID.3568]
[MD5.D658AB1B55127D18DCFBCAC8CAAEA522] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208] [PID.3188]
[MD5.DD231039B13EC2ABDE315D76E658EF0E] - (.Avira Operations GmbH Co. KG - Antivirus System Tray Tool (Desktop).) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [684600] [PID.3804]
[MD5.DDA90D7E82D87B1AB3C6664EE481766B] - (.Pas de propriétaire - fr.) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [436088] [PID.3904]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.3536]
[MD5.BD713579A87D698E1F2158CE10E48130] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe [272248] [PID.3888]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.3232]
[MD5.7E6EA9CB72B5DE84A5D700BED877E5F9] - (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe [397312] [PID.4016]
[MD5.1ED34E4985B2AF577A1F8F234A0B8163] - (.Glarysoft Ltd - SoftwareUpdate.) -- C:\Program Files\Glary Utilities 4\SoftwareUpdate.exe [235296] [PID.3860]
[MD5.1EEA6C1B35191DC177EA83672B9C3FC0] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [275568] [PID.5196]
[MD5.2330B5A4A3824F042DC96D524893A6B5] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8295936] [PID.5272]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.4748]
[MD5.C7FBDD1ED42F82BFA35167A5C9803EA3] - (.Microsoft Corporation - PresentationFontCache.exe.) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [43904] [PID.916]
[MD5.1E28D3FB22FBD2D6B9D16ED20F23030D] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\Windows\system32\Ati2evxx.exe [606208] [PID.1092]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1324]
[MD5.FE79366FECD444A16CCA9979134DBEA8] - (.Avira Operations GmbH Co. KG - Antivirus Host Framework Service.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376] [PID.1860]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.196]
[MD5.39E435C90C9C4F780FA0ED05CA3C3A1B] - (.Agere Systems - Agere Soft Modem Call Progress Service.) -- C:\Windows\system32\agrsmsvc.exe [9216] [PID.272]
[MD5.FDE9C7030FB1E9E2715E113EE6A10F90] - (.Avira Operations GmbH Co. KG - Antivirus Host Framework Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376] [PID.304]
[MD5.BEF294FFE5F40BE768BDCBE1837DFABE] - (.APN LLC. - APN Updater.) -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352] [PID.316] =Toolbar.Ask
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.448]
[MD5.C82162949BBA6CC5D006C7BD008F3CF1] - (.TOSHIBA CORPORATION - Service of ConfigFree..) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960] [PID.536]
[MD5.DDD5D3EABE2E7310A3C15B60998F72E4] - (.TOSHIBA Corporation - TOSHIBA Navi Support Service.) -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [77824] [PID.2080]
[MD5.D540858E65BFA6FDED41AD2495ECE344] - (.TOSHIBA Corporation - TDCSrv Application.) -- C:\Windows\system32\TODDSrv.exe [114688] [PID.2116]
[MD5.6A54C28B53C6B50D333C8EE974C6B208] - (.TOSHIBA Corporation - TOSHIBA Power Saver.) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [427576] [PID.2144]
[MD5.332D341D92B933600D41953B08360DFB] - (.Ulead Systems, Inc. - ULCDRSvr.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152] [PID.2192]
[MD5.6F1E9AB820B3DD8BD38C0190A206205D] - (.Avira Operations GmbH Co. KG - AntiVir shadow copy service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [431672] [PID.4004]
[MD5.29D956C8CB67222D678FAF20D485B25B] - (.Avira Operations GmbH Co. KG - AntiVir WebGuard Service.) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.exe [1011768] [PID.2532]
~ Processes Running: Scanned in 00mn 02s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\gina\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://www.google.com
G2 - GCE: Preference [User Data\Default] [aaaaacalgebmfelllfiaoknifldpngjh] Avira SearchFree Toolbar plus Web Protection v.25.62088, (Désactivé) =Toolbar.Avira
G2 - GCE: Preference [User Data\Default] [pbpohikckhbcljgombipcdoinkaedlfa] Smart Display v.1.6 (Activé) =Spyware.SmartDisplay
~ Google Browser: 13 Legitimates Filtered in 00mn 04s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\gina\AppData\Roaming\Mozilla\Firefox\Profiles\8uuqa4pl.default\prefs.js
M3 - MFPP: Plugins - [gina] -- C:\Program Files\Mozilla FireFox\searchplugins\nationzoom.xml =Hijacker.NationZoom
~ Firefox Browser: 29 Legitimates Filtered in 00mn 01s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 19s
~ Nombre de lignes (Lines number): 15513



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Avira SearchFree Toolbar - [HKLM]{41564952-412D-5637-00A7-7A786E7484D7} . (.APN LLC. - Passport.) -- C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll =Toolbar.Ask
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{41564952-412D-5637-00A7-7A786E7484D7} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Ciel Compta.lnk . (.Ciel SA - Ciel Compta.) -- C:\Program Files\Ciel\Compta\WK.exe
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: McAfee Security Scan Plus.lnk . (.McAfee, Inc. - McAfee.) -- C:\Program Files\McAfee Security Scan\3.0.318\mcuicnt.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\Desktop [Public]: Socialbox.lnk . (...) -- C:\Program Files\Socialbox\Socialbox.exe
O4 - GS\Program [Public]: Désinstaller QuickTime.lnk . (.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\System32\msiexec.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: PictureViewer.lnk . (...) -- C:\Windows\Installer\{B67BAFBA-4C9F-48FA-9496-933E3B255044}\PictureViewer.ico
O4 - GS\Program [Public]: Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\Program [Public]: Socialbox.lnk . (...) -- C:\Program Files\Socialbox\Socialbox.exe
O4 - GS\Program [Public]: À propos de QuickTime.lnk . (...) -- C:\Windows\Installer\{B67BAFBA-4C9F-48FA-9496-933E3B255044}\RichText.ico
O4 - GS\QuickLaunch [gina]: Apple Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\QuickLaunch [gina]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [gina]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [gina]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [gina]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [gina]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Global Startup: 81 Legitimates Filtered in 00mn 03s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: McAfee Security Scan Plus.lnk . (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [TPwrMain] . (.TOSHIBA Corporation - TOSHIBA Power Saver.) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
O4 - HKLM\..\Run: [HSON] . (.TOSHIBA Corporation - HotStartOn.) -- C:\Program Files\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] . (.TOSHIBA Corporation - SmoothView.) -- C:\Program Files\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] . (.TOSHIBA Corporation - TOSHIBA Flash Cards.) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [KeNotify] . (.Pas de propriétaire - KeNotify MFC Application.) -- C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [SVPWUTIL] . (.TOSHIBA - SVPWUTIL Application.) -- C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe
O4 - HKLM\..\Run: [topi] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe =.Toshiba Corporation
O4 - HKLM\..\Run: [Desktop SMS] . (.Interactive Digital Media - Desktop SMS - German.) -- C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe =.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [StartCCC] . (...) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Toshiba Registration] . (.Toshiba - Vista Registration.) -- C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [Skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Windows\Skytel.exe =.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe =.Hewlett-Packard Co
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =.Adobe Systems Incorporated
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =.Oracle Corporation
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH Co. KG - Antivirus System Tray Tool (Desktop).) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKCU\..\Run: [TOSCDSPD] . (.Pas de propriétaire - fr.) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\gina\AppData\Local\Google\Update\GoogleUpdate.exe =.Google Inc
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-21-4022509144-3797914345-2101987906-1000\..\Run: [TOSCDSPD] . (.Pas de propriétaire - fr.) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKUS\S-1-5-21-4022509144-3797914345-2101987906-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-4022509144-3797914345-2101987906-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\gina\AppData\Local\Google\Update\GoogleUpdate.exe =.Google Inc
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: Microsoft XML Parser for Java - (Microsoft XML Parser for Java) - (.not file.) - C:\Windows\Java\classes\xmldso.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ((no name)) - http://fpdownload.macromedia.com/get/fl ... rashim.cab
~ Objets ActiveX Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{6F87F05D-C810-4664-A5DD-D04689177032}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{6F87F05D-C810-4664-A5DD-D04689177032}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll =.Microsoft Corporation
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Service de mise à jour Ask (APNMCP) . (.APN LLC. - APN Updater.) - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe =Toolbar.Ask
O23 - Service: Ulead Burning Helper (UleadBurningHelper) . (.Ulead Systems, Inc. - ULCDRSvr.) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
~ Services: 15 Legitimates Filtered in 00mn 20s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk * ) - File not found
~ BEX: 1 Legitimates Filtered in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Wise Registry Cleaner Schedule Task.job [440]
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Weekly)] (...) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Wise Registry Cleaner Schedule Task] (...) -- C:\Program Files\Wise\Wise Registry Cleaner\WiseRegCleaner.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{914F850B-3860-4580-AABA-7AEB34E4361F}] (...) -- C:\Users\gina\Downloads\Install_MSN_Messenger.exe (.not file.) [0]
~ Scheduled Task: 24 Legitimates Filtered in 00mn 07s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (eylzvugk) . (. - .) - C:\Windows\system32\drivers\eylzvugk.sys (.not file.)
~ Drivers: 48 Legitimates Filtered in 00mn 00s



---\\ HKCU HKLM Software Keys
[HKCU\Software\AskPartnerNetwork]
[HKCU\Software\PC Optimiseur 2]
[HKLM\Software\AskPartnerNetwork]
[HKLM\Software\supWPM] =PUP.WpManager
~ Key Software: 192 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 13/12/2013 - 23:53:02 - [11,117] ----D C:\Program Files\AskPartnerNetwork
O43 - CFD: 13/12/2013 - 21:25:22 - [0] ----D C:\Program Files\fst_fr_35 =PUA.FSTfr9
O43 - CFD: 13/12/2013 - 21:16:09 - [0,046] ----D C:\Program Files\Uninstaller
O43 - CFD: 13/12/2013 - 23:48:48 - [0] ----D C:\ProgramData\APN
O43 - CFD: 13/12/2013 - 23:53:02 - [3,456] ----D C:\ProgramData\AskPartnerNetwork
O43 - CFD: 14/12/2013 - 00:04:36 - [0] ----D C:\ProgramData\WPM =PUP.WpManager
O43 - CFD: 27/08/2013 - 00:09:40 - [0] ----D C:\ProgramData\苈ʾ軠ʾ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳
O43 - CFD: 25/08/2013 - 21:41:00 - [0] ----D C:\Users\gina\AppData\Roaming\2V2Z1C1P1H1P1Q1F2W1G1I1F1T1QtAtB
O43 - CFD: 15/12/2013 - 23:36:01 - [0,354] ----D C:\Users\gina\AppData\Local\AskPartnerNetwork
~ 586 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 791 Legitimates Filtered in 01mn 15s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.4DABDF0931159CC28AB795B060919D4B] - 15/12/2013 - 23:34:46 ---A- . (...) -- C:\Windows\wininit.ini [13350]
~ Files: 46 Legitimates Filtered in 00mn 10s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.E8F3F21A71720C84BCF423B80028359F] - 02/11/2006 - 10:51:34 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [316520]
O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\System32\Drivers\iteatapi.sys [35944]
O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\System32\Drivers\iteraid.sys [35944]
O58 - SDL:[MD5.566C5FD480FDBCE3BA5CF9FBCFFAEA9A] - 09/10/2008 - 15:42:42 ---A- . (.Windows (R) Codename Longhorn DDK provider - KMWDFilter Driver from UASSOFT.COM.) -- C:\Windows\System32\Drivers\KMWDFILTER.sys [17408]
O58 - SDL:[MD5.7B426B8E809EDF081D771EF429345528] - 21/06/2011 - 11:24:06 ---A- . (...) -- C:\Windows\System32\Drivers\sp_rsdrv2.sys [32768]
O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 25/11/2013 - 11:33:11 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\System32\Drivers\ssmdrv.sys [28520]
O58 - SDL:[MD5.147B9CCE0B523D4DAFD91A60C2CE2B25] - 30/04/2013 - 09:51:09 ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [35088]
O58 - SDL:[MD5.3CD4EA35A6221B85DCC25DAA46313F8D] - 02/11/2006 - 10:51:25 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\System32\Drivers\uliahci.sys [235112]
O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\System32\Drivers\ulsata.sys [98408]
O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 02/11/2006 - 10:50:45 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\System32\Drivers\ulsata2.sys [115816]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 16 Legitimates Filtered in 01mn 23s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files\Safari\Safari.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] 4DAD3C46B54F4FBD93DBDCF002E2844C - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Goo) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {BA23454B-8DDE-4DF7-9B3B-DCB52FAC712A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {c1d89ae7-449d-4929-b24b-fded04adbe06} - (Glary Search) - http://isearch.glarysoft.com
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.6FE811B571C4B1FD799096DCD726501E] [SPRF][06/03/2009] (...) -- C:\ProgramData\ezsidmv.dat [56]
[MD5.8AE65A0C2B64037E6D03A81A89B61CD9] [SPRF][16/04/2013] (...) -- C:\Users\gina\AppData\Local\d3d9caps.dat [680]
[MD5.0D26EF8C01E3E1C77877C303A9317F69] [SPRF][10/12/2013] (...) -- C:\Users\gina\AppData\Local\Temp\Quarantine.exe [360051]
[MD5.5AFACF0F4E71865473DFC878331E6AD0] [SPRF][20/12/2013] (...) -- C:\Users\gina\AppData\Local\Temp\~gu3-ver.dat [115]
[MD5.7902EF8D44D57F0608E52FAA0528610F] [SPRF][20/12/2013] (...) -- C:\Users\gina\AppData\Local\Temp\~upgrade.dat [1094]
[MD5.1217B369A859266AA5BBE61D374466F8] [SPRF][13/12/2013] (...) -- C:\Users\gina\Desktop\avira_free_antivirus_fr.exe [128199416]
~ Files: 7 Legitimates Filtered in 00mn 05s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "25946514D2147365007A7A857BC06000" . (.Avira SearchFree Toolbar.) -- C:\Windows\Installer\{41564952-412D-5637-00A7-A758B70C0600}\ToolbarIcon.exe =Toolbar.Avira
~ Update Products: 119 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.DBC5BEAFDE7ED4787826A24C8F275372] [WIS][13/12/2013] (.Boxore OU - Boxore Client Installer.) -- C:\Windows\Installer\21a875.msi [474624] =Adware.Boxore
[MD5.279931B813362F18F111B9619E1F8306] [WIS][13/12/2013] (.APN, LLC - Avira SearchFree Toolbar.) -- C:\Windows\Installer\e32518.msi [811008] =Toolbar.Avira
~ WIS: 123 Legitimates Filtered in 00mn 12s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 11/12/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 05/03/2009 133104 | (gupdate1c99de39ebe61af) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 05/03/2009 133104 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 31/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 14/11/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
SS - | Demand 05/02/2013 235216 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe
SS - | Demand 20/12/2013 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 05/09/2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe

SR - | Auto 10/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 05/10/2006 9216 | (AgereModemAudio) . (.Agere Systems.) - C:\Windows\system32\agrsmsvc.exe
SR - | Auto 20/12/2013 440376 | (AntiVirSchedulerService) . (.Avira Operations GmbH Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 25/11/2013 440376 | (AntiVirService) . (.Avira Operations GmbH Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 20/12/2013 1011768 | (AntiVirWebService) . (.Avira Operations GmbH Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.exe
SR - | Auto 23/10/2013 166352 | (APNMCP) . (.APN LLC..) - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe =Toolbar.Ask
SR - | Auto 21/06/2007 606208 | (Ati External Event Utility) . (.ATI Technologies Inc..) - C:\Windows\System32\Ati2evxx.exe
SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 14/11/2006 40960 | (CFSvcs) . (.TOSHIBA CORPORATION.) - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
SR - | Auto 28/06/2007 77824 | (TNaviSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
SR - | Auto 25/05/2006 114688 | (TODDSrv) . (.TOSHIBA Corporation.) - C:\Windows\system32\TODDSrv.exe
SR - | Auto 29/03/2007 427576 | (TosCoSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
SR - | Auto 23/08/2006 49152 | (UleadBurningHelper) . (.Ulead Systems, Inc..) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
SR - | Auto 19/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 19/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 15s



---\\ Scan Additionnel (O88)
Database Version : 13013 - (14/12/2013)
Clés trouvées (Keys found) : 7
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 8
Fichiers trouvés (Files found) : 4

[HKLM\Software\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh] =Toolbar.Avira^
[HKLM\Software\Google\Chrome\Extensions\pbpohikckhbcljgombipcdoinkaedlfa] =Spyware.SmartDisplay^
[HKLM\SYSTEM\CurrentControlSet\Services\APNMCP] =Toolbar.Ask^
[HKLM\SOFTWARE\SOFTWARE\UPDATE\CLIENTS\{5B54E9B6-D6C4-11E0-8E9D-92FB4824019B}] =Adware.Boxore
[HKCU\Software\AskPartnerNetwork] =Toolbar.Ask
[HKLM\Software\AskPartnerNetwork] =Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411591118}] =PUP.CrossRider
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{41564952-412D-5637-00A7-7A786E7484D7} =Toolbar.Ask^
C:\Users\gina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh =Toolbar.Avira^
C:\Users\gina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbpohikckhbcljgombipcdoinkaedlfa =Spyware.SmartDisplay^
C:\Program Files\fst_fr_35 =PUA.FSTfr9^
C:\ProgramData\WPM =PUP.WpManager^
C:\Program Files\AskPartnerNetwork =Toolbar.Ask
C:\ProgramData\AskPartnerNetwork =Toolbar.Ask
C:\Users\gina\AppData\Local\Software =Adware.Boxore
C:\Users\gina\AppData\Local\AskPartnerNetwork =Toolbar.Ask
C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe =Toolbar.Ask^
[HKLM\Software\supWPM] =PUP.WpManager^
C:\Windows\Installer\21a875.msi =Adware.Boxore^
C:\Windows\Installer\e32518.msi =Toolbar.Avira^
~ Additionnel Scan: 250761 Items scanned in 01mn 22s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blo ... oolbar-ask =Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blo ... artdisplay =Spyware.SmartDisplay
~ http://nicolascoolman.webs.com/apps/blo ... nationzoom =Hijacker.NationZoom
~ http://nicolascoolman.webs.com/apps/blo ... -wpmanager =PUP.WpManager
~ http://nicolascoolman.webs.com/apps/blo ... pua-fstfr9 =PUA.FSTfr9
~ http://nicolascoolman.webs.com/apps/blo ... are-boxore =Adware.Boxore
~ http://nicolascoolman.webs.com/apps/blo ... crossrider =PUP.CrossRider
~ MSI: 7 link(s) detected in 01mn 22s



~ 1692 Legitimates filtered by white list
End of the scan (525 lines in 07mn 02s)(0)

Bonjour,

Si si, je t'ai demandé de faire ZHPFix ici : http://www.forum-entraide-informatique. ... zoom#84665
Mais tu ne m'as pas posté le rapport.

Gabriel.

Quand on cliques sur ce lien on se retrouve au même endroit à savoir sur cette discussion, j'ai poste déjà deux fois le rapport sur cette discussion.

Re,

Non ce n'est pas ça, je t'ai demandé de faire ZHPFix (icône seringue) et non ZHPDiag, relis bien mon message.

Gabriel.

OK tout ca est du chinois pour moi, je viens de poster le fichier sur la plateforme, pas évident de comprendre pour un non initié, voici un copier coller ci dessous :
Rapport de ZHPFix 2013.12.14.5 par Nicolas Coolman, Update du 06/12/2013
Fichier d'export Registre :
Run by gina at 21/12/2013 14:53:14
High Elevated Privileges : OK
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)

Corbeille vidée (00mn 02s)

========== Dossiers ==========
SUPPRIMÉS Temporaires Windows (1)

========== Fichiers ==========
SUPPRIMÉS Temporaires Windows (3) (272 062 octets)


========== Récapitulatif ==========
1 : Dossiers
1 : Fichiers


End of clean in 53mn 16s

========== Chemin de fichier rapport ==========
C:\Users\gina\AppData\Roaming\ZHP\ZHPFix[R1].txt - 21/12/2013 14:44:25 [638]
C:\Users\gina\AppData\Roaming\ZHP\ZHPFix[R2].txt - 21/12/2013 14:44:53 [738]
C:\Users\gina\AppData\Roaming\ZHP\ZHPFix[R3].txt - 21/12/2013 14:47:31 [47662]
C:\Users\gina\AppData\Roaming\ZHP\ZHPFix[R4].txt - 21/12/2013 14:50:27 [874]
C:\Users\gina\AppData\Roaming\ZHP\ZHPFix[R5].txt - 21/12/2013 14:53:16 [892]

Re,

Bien.
Fais moi un nouveau rapport ZHPDiag à présent.

Gabriel.

Voila le nouveau rapport :


http://cjoint.com/?3LvqErQnRkk

sinon le copier coller pour éviter tout problème :
~ Rapport de ZHPDiag v2013.12.14.22 - Nicolas Coolman (14/12/2013)
~ Lancé par gina (21/12/2013 16:10:47)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 26.0 (Defaut)
GCIE: Google Chrome v31.0.1650.63
OBIE: Safari v5.34.57.2

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Vista (TM) Home Premium, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : RJ34F
Windows License : OK
Windows Automatic Updates : OK

---\\ Logiciels de protection du système
Avira Free Antivirus v14.0.2.286
McAfee Security Scan Plus v3.0.318.3

---\\ Logiciels d'optimisation du système
CCleaner v4.08 =Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 17

---\\ Informations sur le système
~ Processor: x86 Family 15 Model 104 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2045 MB (27% free)
System Restore: Activé (Enable)
System drive C: has 11 GB (15%) free of 74 GB

---\\ Mode de connexion au système
~ Computer Name: PC-DE-GINA
~ User Name: gina
~ All Users Names: gina, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\gina\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\gina\AppData\Roaming\
~ %Desktop% : C:\Users\gina\Desktop\
~ %Favorites% : C:\Users\gina\Favorites\
~ %LocalAppData% : C:\Users\gina\AppData\Local\
~ %StartMenu% : C:\Users\gina\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 11 Go of 74 Go)
D: Hard drive, Flash drive, Thumb drive (Free 147 Go of 149 Go)
E: Floppy drive, Flash card reader, USB Key (Free 3 Go of 7 Go)
F: Hard drive, Flash drive, Thumb drive (Free 73 Go of 73 Go)
G: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
~ Security Center: 50 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.19/01/2008 - 08:33:37.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.4CC9DF09C3D915BA0A101A11DB684F26] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.14/11/2013 - 23:42:41.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.19/01/2008 - 06:28:02.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.19/01/2008 - 06:49:18.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.19/01/2008 - 06:56:28.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.19/01/2008 - 06:56:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10:03:00.) -- C:\Windows\system32\Drivers\rdpdr.sys [242688]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 04s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/198
~ Mes musiques (My Musics) : 3/598
~ Mes Videos (My Videos) : 1/2
~ Mes Documents (My Documents) : 2/1569
~ Mon Bureau (My Desktop) : 1/236
~ Menu demarrer (Programs) : 1/25
~ Hidden Files: Scanned in 00mn 10s



---\\ Processus lancés
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.220]
[MD5.F5EF0675D6EC37F81F8794AEC9630BE0] - (.TOSHIBA Corporation - TOSHIBA Power Saver.) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe [411192] [PID.2640]
[MD5.81C25E4D89A3ACDF8F3096D093F1DF40] - (.Glarysoft Ltd - Glary Utilities 4.) -- C:\Program Files\Glary Utilities 4\Integrator.exe [771872] [PID.1896]
[MD5.1FD7BBB8C48017277F552DE09AE9BF1F] - (.TOSHIBA Corporation - SmoothView.) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe [509496] [PID.2860]
[MD5.6D7EA1B6C6DF62E016605B381F411AC4] - (.TOSHIBA Corporation - TOSHIBA Flash Cards.) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [538744] [PID.2832]
[MD5.AFD400AEBCAB252C99E60991FF00D9D2] - (.Pas de propriétaire - KeNotify MFC Application.) -- C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [34352] [PID.412]
[MD5.E1FAAF7915BC07352CCF1DFF37058414] - (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe [581632] [PID.2920]
[MD5.5F5764E4046019031C7445541D728721] - (.Interactive Digital Media - Desktop SMS - German.) -- C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe [1507328] [PID.2740]
[MD5.866CD9A4BF30B79B3BEC2D4E2ED2F059] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [4702208] [PID.3696]
[MD5.D658AB1B55127D18DCFBCAC8CAAEA522] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208] [PID.1580]
[MD5.DD231039B13EC2ABDE315D76E658EF0E] - (.Avira Operations GmbH Co. KG - Antivirus System Tray Tool (Desktop).) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [684600] [PID.1732]
[MD5.DDA90D7E82D87B1AB3C6664EE481766B] - (.Pas de propriétaire - fr.) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [436088] [PID.1300]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.1892]
[MD5.BD713579A87D698E1F2158CE10E48130] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe [272248] [PID.2800]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.2648]
[MD5.1EEA6C1B35191DC177EA83672B9C3FC0] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [275568] [PID.2664]
[MD5.7E6EA9CB72B5DE84A5D700BED877E5F9] - (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe [397312] [PID.2440]
[MD5.33BE35574E1081A91EACD2B98E0A472A] - (.APN - Ask Toolbar Notifier.) -- C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1778640] [PID.4412] =Toolbar.Ask
[MD5.1ED34E4985B2AF577A1F8F234A0B8163] - (.Glarysoft Ltd - SoftwareUpdate.) -- C:\Program Files\Glary Utilities 4\SoftwareUpdate.exe [235296] [PID.5232]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.1636]
[MD5.864B19A9FF68F5437C6EDDC2F0DDCD2E] - (.Microsoft Corporation - Microsoft Office Excel.) -- C:\Program Files\Microsoft Office\Office12\EXCEL.exe [18372272] [PID.5472]
[MD5.0DD74786D22EDFF0CE5B8E1B1E398618] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [18544] [PID.11444]
[MD5.5D60EE718D0C708D69DFF4B3336B68BF] - (.Adobe Systems, Inc. - Adobe Flash Player 11.9 r900.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe [1862536] [PID.11480]
[MD5.2330B5A4A3824F042DC96D524893A6B5] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8295936] [PID.1840]
[MD5.C7FBDD1ED42F82BFA35167A5C9803EA3] - (.Microsoft Corporation - PresentationFontCache.exe.) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [43904] [PID.884]
[MD5.1E28D3FB22FBD2D6B9D16ED20F23030D] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\Windows\system32\Ati2evxx.exe [606208] [PID.1052]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1304]
[MD5.FE79366FECD444A16CCA9979134DBEA8] - (.Avira Operations GmbH Co. KG - Antivirus Host Framework Service.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376] [PID.1848]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.188]
[MD5.39E435C90C9C4F780FA0ED05CA3C3A1B] - (.Agere Systems - Agere Soft Modem Call Progress Service.) -- C:\Windows\system32\agrsmsvc.exe [9216] [PID.252]
[MD5.FDE9C7030FB1E9E2715E113EE6A10F90] - (.Avira Operations GmbH Co. KG - Antivirus Host Framework Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376] [PID.296]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.448]
[MD5.C82162949BBA6CC5D006C7BD008F3CF1] - (.TOSHIBA CORPORATION - Service of ConfigFree..) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960] [PID.484]
[MD5.DDD5D3EABE2E7310A3C15B60998F72E4] - (.TOSHIBA Corporation - TOSHIBA Navi Support Service.) -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [77824] [PID.2052]
[MD5.D540858E65BFA6FDED41AD2495ECE344] - (.TOSHIBA Corporation - TDCSrv Application.) -- C:\Windows\system32\TODDSrv.exe [114688] [PID.2100]
[MD5.6A54C28B53C6B50D333C8EE974C6B208] - (.TOSHIBA Corporation - TOSHIBA Power Saver.) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [427576] [PID.2116]
[MD5.332D341D92B933600D41953B08360DFB] - (.Ulead Systems, Inc. - ULCDRSvr.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152] [PID.2144]
[MD5.6F1E9AB820B3DD8BD38C0190A206205D] - (.Avira Operations GmbH Co. KG - AntiVir shadow copy service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [431672] [PID.3040]
[MD5.29D956C8CB67222D678FAF20D485B25B] - (.Avira Operations GmbH Co. KG - AntiVir WebGuard Service.) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.exe [1011768] [PID.3296]
[MD5.B342CD9AA44E4AE99E2368EBDBC2E17A] - (.APN LLC. - APN Updater.) -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352] [PID.4348] =Toolbar.Ask
~ Processes Running: Scanned in 00mn 05s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\gina\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://www.google.com
G2 - GCE: Preference [User Data\Default] [aaaaacalgebmfelllfiaoknifldpngjh] Avira SearchFree Toolbar plus Web Protection v.25.62088, (Désactivé) =Toolbar.Avira
G2 - GCE: Preference [User Data\Default] [pbpohikckhbcljgombipcdoinkaedlfa] Smart Display v.1.6 (Activé) =Spyware.SmartDisplay
~ Google Browser: 13 Legitimates Filtered in 00mn 04s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\gina\AppData\Roaming\Mozilla\Firefox\Profiles\8uuqa4pl.default\prefs.js
M3 - MFPP: Plugins - [gina] -- C:\Program Files\Mozilla FireFox\searchplugins\nationzoom.xml =Hijacker.NationZoom
~ Firefox Browser: 29 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 17s
~ Nombre de lignes (Lines number): 15513



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Avira SearchFree Toolbar - [HKLM]{41564952-412D-5637-00A7-7A786E7484D7} . (.APN LLC. - Passport.) -- C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll =Toolbar.Ask
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{41564952-412D-5637-00A7-7A786E7484D7} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Ciel Compta.lnk . (.Ciel SA - Ciel Compta.) -- C:\Program Files\Ciel\Compta\WK.exe
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: McAfee Security Scan Plus.lnk . (.McAfee, Inc. - McAfee.) -- C:\Program Files\McAfee Security Scan\3.0.318\mcuicnt.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\Desktop [Public]: Socialbox.lnk . (...) -- C:\Program Files\Socialbox\Socialbox.exe
O4 - GS\Program [Public]: Désinstaller QuickTime.lnk . (.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\System32\msiexec.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: PictureViewer.lnk . (...) -- C:\Windows\Installer\{B67BAFBA-4C9F-48FA-9496-933E3B255044}\PictureViewer.ico
O4 - GS\Program [Public]: Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\Program [Public]: Socialbox.lnk . (...) -- C:\Program Files\Socialbox\Socialbox.exe
O4 - GS\Program [Public]: À propos de QuickTime.lnk . (...) -- C:\Windows\Installer\{B67BAFBA-4C9F-48FA-9496-933E3B255044}\RichText.ico
O4 - GS\QuickLaunch [gina]: Apple Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\QuickLaunch [gina]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [gina]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [gina]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [gina]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [gina]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Global Startup: 81 Legitimates Filtered in 00mn 03s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: McAfee Security Scan Plus.lnk . (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [TPwrMain] . (.TOSHIBA Corporation - TOSHIBA Power Saver.) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
O4 - HKLM\..\Run: [HSON] . (.TOSHIBA Corporation - HotStartOn.) -- C:\Program Files\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] . (.TOSHIBA Corporation - SmoothView.) -- C:\Program Files\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] . (.TOSHIBA Corporation - TOSHIBA Flash Cards.) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [KeNotify] . (.Pas de propriétaire - KeNotify MFC Application.) -- C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [SVPWUTIL] . (.TOSHIBA - SVPWUTIL Application.) -- C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe
O4 - HKLM\..\Run: [topi] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe =.Toshiba Corporation
O4 - HKLM\..\Run: [Desktop SMS] . (.Interactive Digital Media - Desktop SMS - German.) -- C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe =.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [StartCCC] . (...) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Toshiba Registration] . (.Toshiba - Vista Registration.) -- C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [Skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Windows\Skytel.exe =.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe =.Hewlett-Packard Co
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =.Adobe Systems Incorporated
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =.Oracle Corporation
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH Co. KG - Antivirus System Tray Tool (Desktop).) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [ApnTBMon] . (.APN - Ask Toolbar Notifier.) -- C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe =Toolbar.Ask
O4 - HKCU\..\Run: [TOSCDSPD] . (.Pas de propriétaire - fr.) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\gina\AppData\Local\Google\Update\GoogleUpdate.exe =.Google Inc
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-21-4022509144-3797914345-2101987906-1000\..\Run: [TOSCDSPD] . (.Pas de propriétaire - fr.) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKUS\S-1-5-21-4022509144-3797914345-2101987906-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-4022509144-3797914345-2101987906-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\gina\AppData\Local\Google\Update\GoogleUpdate.exe =.Google Inc
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: Microsoft XML Parser for Java - (Microsoft XML Parser for Java) - (.not file.) - C:\Windows\Java\classes\xmldso.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ((no name)) - http://fpdownload.macromedia.com/get/fl ... rashim.cab
~ Objets ActiveX Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{6F87F05D-C810-4664-A5DD-D04689177032}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{6F87F05D-C810-4664-A5DD-D04689177032}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll =.Microsoft Corporation
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Service de mise à jour Ask (APNMCP) . (.APN LLC. - APN Updater.) - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe =Toolbar.Ask
O23 - Service: Ulead Burning Helper (UleadBurningHelper) . (.Ulead Systems, Inc. - ULCDRSvr.) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
~ Services: 15 Legitimates Filtered in 00mn 44s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk * ) - File not found
~ BEX: 1 Legitimates Filtered in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Wise Registry Cleaner Schedule Task.job [440]
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Weekly)] (...) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Wise Registry Cleaner Schedule Task] (...) -- C:\Program Files\Wise\Wise Registry Cleaner\WiseRegCleaner.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{914F850B-3860-4580-AABA-7AEB34E4361F}] (...) -- C:\Users\gina\Downloads\Install_MSN_Messenger.exe (.not file.) [0]
~ Scheduled Task: 24 Legitimates Filtered in 00mn 15s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (eylzvugk) . (. - .) - C:\Windows\system32\drivers\eylzvugk.sys (.not file.)
~ Drivers: 48 Legitimates Filtered in 00mn 01s



---\\ HKCU HKLM Software Keys
[HKCU\Software\AskPartnerNetwork]
[HKCU\Software\PC Optimiseur 2]
[HKLM\Software\AskPartnerNetwork]
[HKLM\Software\supWPM] =PUP.WpManager
~ Key Software: 192 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 13/12/2013 - 23:53:02 - [12,758] ----D C:\Program Files\AskPartnerNetwork
O43 - CFD: 13/12/2013 - 21:25:22 - [0] ----D C:\Program Files\fst_fr_35 =PUA.FSTfr9
O43 - CFD: 13/12/2013 - 21:16:09 - [0,046] ----D C:\Program Files\Uninstaller
O43 - CFD: 13/12/2013 - 23:48:48 - [0] ----D C:\ProgramData\APN
O43 - CFD: 13/12/2013 - 23:53:02 - [4,705] ----D C:\ProgramData\AskPartnerNetwork
O43 - CFD: 14/12/2013 - 00:04:36 - [0] ----D C:\ProgramData\WPM =PUP.WpManager
O43 - CFD: 27/08/2013 - 00:09:40 - [0] ----D C:\ProgramData\苈ʾ軠ʾ楬整灡獰洮慣敦⹥潣⽭灡獰洯獳㌯〮栯汥⹰獡p灳
O43 - CFD: 25/08/2013 - 21:41:00 - [0] ----D C:\Users\gina\AppData\Roaming\2V2Z1C1P1H1P1Q1F2W1G1I1F1T1QtAtB
O43 - CFD: 15/12/2013 - 23:36:01 - [0,354] ----D C:\Users\gina\AppData\Local\AskPartnerNetwork
~ Program Folder: 190 Legitimates Filtered in 00mn 39s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.4DABDF0931159CC28AB795B060919D4B] - 15/12/2013 - 23:34:46 ---A- . (...) -- C:\Windows\wininit.ini [13350]
~ Files: 46 Legitimates Filtered in 00mn 09s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.E8F3F21A71720C84BCF423B80028359F] - 02/11/2006 - 10:51:34 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [316520]
O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\System32\Drivers\iteatapi.sys [35944]
O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\System32\Drivers\iteraid.sys [35944]
O58 - SDL:[MD5.566C5FD480FDBCE3BA5CF9FBCFFAEA9A] - 09/10/2008 - 15:42:42 ---A- . (.Windows (R) Codename Longhorn DDK provider - KMWDFilter Driver from UASSOFT.COM.) -- C:\Windows\System32\Drivers\KMWDFILTER.sys [17408]
O58 - SDL:[MD5.7B426B8E809EDF081D771EF429345528] - 21/06/2011 - 11:24:06 ---A- . (...) -- C:\Windows\System32\Drivers\sp_rsdrv2.sys [32768]
O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 25/11/2013 - 11:33:11 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\System32\Drivers\ssmdrv.sys [28520]
O58 - SDL:[MD5.147B9CCE0B523D4DAFD91A60C2CE2B25] - 30/04/2013 - 09:51:09 ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [35088]
O58 - SDL:[MD5.3CD4EA35A6221B85DCC25DAA46313F8D] - 02/11/2006 - 10:51:25 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\System32\Drivers\uliahci.sys [235112]
O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\System32\Drivers\ulsata.sys [98408]
O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 02/11/2006 - 10:50:45 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\System32\Drivers\ulsata2.sys [115816]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 16 Legitimates Filtered in 00mn 09s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files\Safari\Safari.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] 4DAD3C46B54F4FBD93DBDCF002E2844C - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Goo) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {BA23454B-8DDE-4DF7-9B3B-DCB52FAC712A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {c1d89ae7-449d-4929-b24b-fded04adbe06} - (Glary Search) - http://isearch.glarysoft.com
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.6FE811B571C4B1FD799096DCD726501E] [SPRF][06/03/2009] (...) -- C:\ProgramData\ezsidmv.dat [56]
[MD5.8AE65A0C2B64037E6D03A81A89B61CD9] [SPRF][16/04/2013] (...) -- C:\Users\gina\AppData\Local\d3d9caps.dat [680]
[MD5.1217B369A859266AA5BBE61D374466F8] [SPRF][13/12/2013] (...) -- C:\Users\gina\Desktop\avira_free_antivirus_fr.exe [128199416]
~ Files: 4 Legitimates Filtered in 00mn 06s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "25946514D2147365007A7A857BC0A000" . (.Avira SearchFree Toolbar.) -- C:\Windows\Installer\{41564952-412D-5637-00A7-A758B70C0A00}\ToolbarIcon.exe =Toolbar.Avira
~ Update Products: 119 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.DBC5BEAFDE7ED4787826A24C8F275372] [WIS][13/12/2013] (.Boxore OU - Boxore Client Installer.) -- C:\Windows\Installer\21a875.msi [474624] =Adware.Boxore
[MD5.3C7FFC390789EE30F97EF71D02D2D34E] [WIS][21/12/2013] (.APN, LLC - Avira SearchFree Toolbar.) -- C:\Windows\Installer\33c88.msi [809472] =Toolbar.Avira
~ WIS: 123 Legitimates Filtered in 00mn 11s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 11/12/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 05/03/2009 133104 | (gupdate1c99de39ebe61af) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 05/03/2009 133104 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 31/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 14/11/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
SS - | Demand 05/02/2013 235216 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe
SS - | Demand 20/12/2013 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 05/09/2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe

SR - | Auto 10/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 05/10/2006 9216 | (AgereModemAudio) . (.Agere Systems.) - C:\Windows\system32\agrsmsvc.exe
SR - | Auto 20/12/2013 440376 | (AntiVirSchedulerService) . (.Avira Operations GmbH Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 25/11/2013 440376 | (AntiVirService) . (.Avira Operations GmbH Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 20/12/2013 1011768 | (AntiVirWebService) . (.Avira Operations GmbH Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.exe
SR - | Auto 20/12/2013 166352 | (APNMCP) . (.APN LLC..) - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe =Toolbar.Ask
SR - | Auto 21/06/2007 606208 | (Ati External Event Utility) . (.ATI Technologies Inc..) - C:\Windows\System32\Ati2evxx.exe
SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 14/11/2006 40960 | (CFSvcs) . (.TOSHIBA CORPORATION.) - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
SR - | Auto 28/06/2007 77824 | (TNaviSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
SR - | Auto 25/05/2006 114688 | (TODDSrv) . (.TOSHIBA Corporation.) - C:\Windows\system32\TODDSrv.exe
SR - | Auto 29/03/2007 427576 | (TosCoSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
SR - | Auto 23/08/2006 49152 | (UleadBurningHelper) . (.Ulead Systems, Inc..) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
SR - | Auto 19/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 19/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 14s



---\\ Scan Additionnel (O88)
Database Version : 13013 - (14/12/2013)
Clés trouvées (Keys found) : 7
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 8
Fichiers trouvés (Files found) : 5

[HKLM\Software\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh] =Toolbar.Avira^
[HKLM\Software\Google\Chrome\Extensions\pbpohikckhbcljgombipcdoinkaedlfa] =Spyware.SmartDisplay^
[HKLM\SYSTEM\CurrentControlSet\Services\APNMCP] =Toolbar.Ask^
[HKLM\SOFTWARE\SOFTWARE\UPDATE\CLIENTS\{5B54E9B6-D6C4-11E0-8E9D-92FB4824019B}] =Adware.Boxore
[HKCU\Software\AskPartnerNetwork] =Toolbar.Ask
[HKLM\Software\AskPartnerNetwork] =Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411591118}] =PUP.CrossRider
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{41564952-412D-5637-00A7-7A786E7484D7} =Toolbar.Ask^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:ApnTBMon =Toolbar.Ask^
C:\Users\gina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh =Toolbar.Avira^
C:\Users\gina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbpohikckhbcljgombipcdoinkaedlfa =Spyware.SmartDisplay^
C:\Program Files\fst_fr_35 =PUA.FSTfr9^
C:\ProgramData\WPM =PUP.WpManager^
C:\Program Files\AskPartnerNetwork =Toolbar.Ask
C:\ProgramData\AskPartnerNetwork =Toolbar.Ask
C:\Users\gina\AppData\Local\Software =Adware.Boxore
C:\Users\gina\AppData\Local\AskPartnerNetwork =Toolbar.Ask
C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe =Toolbar.Ask^
C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe =Toolbar.Ask^
[HKLM\Software\supWPM] =PUP.WpManager^
C:\Windows\Installer\21a875.msi =Adware.Boxore^
C:\Windows\Installer\33c88.msi =Toolbar.Avira^
~ Additionnel Scan: 242966 Items scanned in 01mn 28s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blo ... oolbar-ask =Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blo ... artdisplay =Spyware.SmartDisplay
~ http://nicolascoolman.webs.com/apps/blo ... nationzoom =Hijacker.NationZoom
~ http://nicolascoolman.webs.com/apps/blo ... -wpmanager =PUP.WpManager
~ http://nicolascoolman.webs.com/apps/blo ... pua-fstfr9 =PUA.FSTfr9
~ http://nicolascoolman.webs.com/apps/blo ... are-boxore =Adware.Boxore
~ http://nicolascoolman.webs.com/apps/blo ... crossrider =PUP.CrossRider
~ MSI: 7 link(s) detected in 01mn 28s



~ 1090 Legitimates filtered by white list
End of the scan (528 lines in 06mn 07s)(0)

Re,

Refais ZHPFix avec ces lignes, et poste le rapport.

Gabriel.

Je ne comprends pas !!! que dois je faire des lignes en question ???
dois je les copier dans zhpfix, je ne suis pas du tout informaticienne....

Bonsoir,

Comme la dernière fois pour ZHPFix :
Comme ceci avec ces lignes, et poste le rapport.

Gabriel.

Voila le nouveau rapport ZHPFix :

http://cjoint.com/?CLCtFFPhUhL

Que dois je faire ensuite ???

Re,

Comment se comporte le PC ?

Gabriel.

Il est tres lent ces jours ci ...et nation zoom avait réaparru aujourdhui sur mozilla.
J'ai nettoye avec adw cleaner.

Re,

Fais un examen complet sur tous les disques avec MBAM. Tu supprimeras tous les éléments détectés et me posteras le rapport : http://www.forum-entraide-informatique. ... m-tutoriel

Gabriel.

Où en-est votre problème ?

Deux solutions,

• Votre problème est résolu, dans ce cas pensez à nous en faire part.
• Votre problème est toujours d'actualité, merci de nous renseigner sur ce qui ne va pas, et donner des nouvelles régulièrement.
  
  
  À bientôt sur FEI !

Bonsoir,

Le problème est loin d'être réglé, je ne peux installer MBAM, quel que soit l'origine du telechargement.
Quand je veux executer le programme, j'ai ce message d'erreur :


L'assistant d'installation n'a pu installer ce dossier :
"C\Users\Gina\Appdata\Local\Temp\is-0P07I.tmp".

Erreur 5 : Accès refusé.

De quoi s'agit il ??

Bonsoir,

Essaye en mode sans échec avec prise en charge réseau pour voir : http://www.forum-entraide-informatique. ... rge-reseau

Gabriel.

J'ai testé et c'est la même chose !!!

Re,

Alors laisse de côté.

Comment se comporte le PC ?

Fais-moi un nouveau rapport ZHPDiag.

Gabriel.

j'ai supprime le logiciel et ne peu plus le reinstaller non plus.

meme type de message !!!

Re,

T'as un point de restauration avant l'apparition de ces soucis survenant lors d'installations de logiciels ?

Gabriel.

non .....pas vraiment!!!

a part ca l'ordinateur marche globalement bien ....

Re,

Quels sont les droits de ta session (simple utilisateur, administrateur, invité) ?

Gabriel.

mon compte est crée comme administrateur, évidemment c'est mon pc

Re,

Passe Windows Repair pour voir : http://www.forum-entraide-informatique. ... r-tutoriel

Gabriel.

Où en-est votre problème ?

Deux solutions,

• Votre problème est résolu, dans ce cas pensez à nous en faire part.
• Votre problème est toujours d'actualité, merci de nous renseigner sur ce qui ne va pas, et donner des nouvelles régulièrement.
  
  
  À bientôt sur FEI !