FORUM D’ENTRAIDE INFORMATIQUE (FEI)
Site d’assistance et de sécurité informatique

Problème avec Awesomehp

Aide à la désinfection (pages publicitaires, moteur de recherche remplacé, redirections, virus...).
Règles du forum : Entraide concernant la désinfection et la sécurité informatique : en cas de publicités intempestives, pop-up, redirections, logiciels indésirables, ralentissements suspects, virus, etc.
Une désinfection complète vous sera assurée : désinfection, sécurisation, puis prévention.
Seuls les helpers (personnes qualifiées et formées à la désinfection) ainsi que le staff sont autorisés à apporter leur aide dans cette section.
Merci également de prendre connaissance de la charte générale du forum.
 Sujet verrouillé
  • Avatar du membre
Avatar du membre

Problème avec Awesomehp

par jjsta.
 sam. 22 févr. 2014 16:20 #107027
Bonjour, c'est la 2ème fois que je retombe dessus ... Merci de votre aide

Rapport Adwcleaner

# AdwCleaner v3.019 - Rapport créé le 22/02/2014 à 16:13:27
# Mis à jour le 17/02/2014 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Jenna - JENNA-PC
# Exécuté depuis : C:\Users\Jenna\Downloads\adwcleaner(2).exe
# Option : Nettoyer

***** [ Services ] *****


***** [ Fichiers / Dossiers ] *****

Dossier Supprimé : C:\ProgramData\IePluginService
Dossier Supprimé : C:\ProgramData\uniblue
Dossier Supprimé : C:\ProgramData\WPM
Dossier Supprimé : C:\Program Files (x86)\Bench
Dossier Supprimé : C:\Program Files (x86)\predm
Dossier Supprimé : C:\Program Files (x86)\SupTab
Fichier Supprimé : C:\Windows\Tasks\bench-sys.job
Fichier Supprimé : C:\Windows\System32\Tasks\bench-sys

***** [ Raccourcis ] *****


***** [ Registre ] *****

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EA34C851-D481-49F5-A356-3A8B0A8F3B7E}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clé Supprimée : HKLM\Software\Bench
Clé Supprimée : HKLM\Software\caphyon
Clé Supprimée : HKLM\Software\supTab
Clé Supprimée : HKLM\Software\supWPM
Clé Supprimée : HKLM\Software\Trymedia Systems
Clé Supprimée : HKLM\Software\Uniblue
Clé Supprimée : HKLM\Software\Wpm

***** [ Navigateurs ] *****

-\\ Internet Explorer v11.0.9600.16518

Paramètre Restauré : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]

-\\ Mozilla Firefox v27.0.1 (fr)

[ Fichier : C:\Users\Jenna\AppData\Roaming\Mozilla\Firefox\Profiles\gx0z3ugc.default\prefs.js ]

Ligne Supprimée : user_pref("accessibility.lightning.homepage", "hxxp://www.awesomehp.com/?type=hpts=1391854125 ... H0865H0865");

*************************

AdwCleaner[R0].txt - [36893 octets] - [08/02/2014 15:58:42]
AdwCleaner[R1].txt - [8775 octets] - [09/02/2014 10:54:04]
AdwCleaner[R2].txt - [3263 octets] - [22/02/2014 16:12:39]
AdwCleaner[S0].txt - [36454 octets] - [08/02/2014 16:00:26]
AdwCleaner[S1].txt - [8143 octets] - [09/02/2014 10:54:44]
AdwCleaner[S2].txt - [3111 octets] - [22/02/2014 16:13:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [3171 octets] ##########
Avatar du membre

shortcut

par jjsta
 sam. 22 févr. 2014 16:30 #107029
shortcut ne marche pas jusqu'au bout même après l'avoir re téléchargé 2 fois

¤¤¤¤¤¤¤¤¤¤ | Shortcut_Module | g3n-h@ckm@n | 22.02.2014.3

¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤ - Start 16:22:38 - 22/02/2014

Mis à jour le : 22/02/2014 | 15.20 par g3n-h@ckm@n

Contact : http://www.sosvirus.net

Boot : Normal

Système : Windows 7 Home Premium (64 bits) HomePremium Service Pack 1

Mémoire RAM = Total (MB) : 4161 | Libre (MB) : 2353
Pagefile = Total (MB) : 8320 | Libre (MB) : 6224
Virtuelle = Total (MB) : 4194 | Libre (MB) : 4056


Impossible de sauvegarder le registre !!!

¤¤¤¤¤¤¤¤¤¤ | Mises à jour Windows

Aucune mise à jour détectée !!!

912 | C:\Windows\system32\atiesrxx.exe (.AMD - AMD External Events Service Module.) - (6.14.11.1033) - C:\Windows\system32\atiesrxx.exe
368 | C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe (.IDT, Inc. - IDT PC Audio.) - (1.0.6276.0) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
1232 | C:\Windows\system32\Hpservice.exe (.Hewlett-Packard Company - HpService.) - (4.2.2.1) - C:\Windows\system32\Hpservice.exe
1424 | C:\Windows\system32\atieclxx.exe (.AMD - AMD External Events Client Module.) - (6.14.11.1033) - atieclxx
1640 | C:\Windows\System32\spoolsv.exe (.Microsoft Corporation - Application sous-système spouleur.) - (6.1.7601.17777) - C:\Windows\System32\spoolsv.exe
1756 | C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.701.3.3014) - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
1780 | C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - (1.0.64.7) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
1952 | C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (.Apple Inc. - YSLoader.exe.) - (17.327.4.11) - "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
1252 | C:\Program Files\Bonjour\mDNSResponder.exe (.Apple Inc. - Bonjour Service.) - (3.0.0.10) - "C:\Program Files\Bonjour\mDNSResponder.exe"
1688 | C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (.Broadcom Corporation. - Bluetooth Support Server.) - (6.2.0.9602) - "C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
1864 | C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (.Microsoft Corporation - Updates Skype Click to Call.) - (7.0.14735.1561) - "C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
1552 | C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (.Microsoft Corporation - Phone Number Recognition (PNR) module.) - (7.0.14735.1561) - "C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
2108 | C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (.Hewlett-Packard Company - HP Quick Synchronization Service.) - (4.0.112.1) - "C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
2284 | C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (. - RichVideo Module.) - (2.0.0.3027) - "C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
2328 | C:\Program Files (x86)\SFR\Gestionnaire de Connexion\SFR.DashBoard.Service.exe (.SFR - SFR.DashBoard.Service.) - (3.0.0.0) - "C:\Program Files (x86)\SFR\Gestionnaire de Connexion\SFR.DashBoard.Service.exe"
2524 | C:\Program Files (x86)\BringStar\updateBringStar.exe (. - .) - (1.0.5149.8954) - "C:\Program Files (x86)\BringStar\updateBringStar.exe"
2584 | C:\Program Files (x86)\BringStar\bin\utilBringStar.exe (. - .) - (1.0.5149.8954) - "C:\Program Files (x86)\BringStar\bin\utilBringStar.exe"
2984 | C:\Windows\system32\taskhost.exe (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.1.7601.18010) - "taskhost.exe"
3236 | C:\Windows\Explorer.EXE (.Microsoft Corporation - Explorateur Windows.) - (6.1.7601.17567) - C:\Windows\Explorer.EXE
3696 | C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) - (15.3.29.0) - "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
3704 | C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (. - SmartMenu.) - (3.0.30.1) - "C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" /background
3716 | C:\Program Files\IDT\WDM\sttray64.exe (.IDT, Inc. - IDT PC Audio.) - (1.0.6276.0) - "C:\Program Files\IDT\WDM\sttray64.exe"
3784 | C:\Program Files (x86)\SFR\Kit\9props.exe (.SFR - Propriétés de la connexion SFR.) - (10.6.29.0) - "C:\Program Files (x86)\SFR\Kit\9props.exe" /trayicon
4008 | C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE (.Synaptics Incorporated - Synaptics Pointing Device Helper.) - (15.3.29.0) - "C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
4092 | C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (.Broadcom Corporation. - Bluetooth Tray Application.) - (6.2.0.9602) - "C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
3412 | C:\Program Files (x86)\Canon\SELPHY Photo Print\CIC_SPPhelper.exe (.Canon Inc. - SELPHY Photo Print.) - (1.0.0.23) - "C:\Program Files (x86)\Canon\SELPHY Photo Print\CIC_SPPhelper.exe"
3396 | C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) - (6.5.3.1) - "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe" /Start
3628 | C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) - (2.0.0.0) - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
3772 | C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (.Hewlett-Packard Company - HP Wireless Assistant Main Program.) - (3.5.12.1) - "C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"
2152 | C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe (. - DivX Update.) - (1.0.6.88) - "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
3360 | C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe (.Broadcom Corporation. - Bluetooth Stack COM Server.) - (6.2.0.9602) - "C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
3364 | C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe (.Hewlett-Packard - hpwuSchd Application.) - (80.1.1.0) - "C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe"
3776 | C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (.Oracle Corporation - Java(TM) Update Scheduler.) - (2.1.9.8) - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
3996 | C:\Program Files (x86)\iTunes\iTunesHelper.exe (.Apple Inc. - iTunesHelper.) - (11.1.4.62) - "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
3992 | C:\Windows\system32\SearchIndexer.exe (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.7601.17610) - C:\Windows\system32\SearchIndexer.exe /Embedding
3552 | C:\Users\Jenna\AppData\Roaming\Dropbox\bin\Dropbox.exe (.Dropbox, Inc. - Dropbox.) - (2.4.11.0) - "C:\Users\Jenna\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
4116 | C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (.Hewlett-Packard Company - hpqwmiex Module.) - (4.0.112.1) - "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
4308 | C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (.ATI Technologies Inc. - Catalyst Control Centre: Host application.) - (2.0.0.0) - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
4448 | C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (.Broadcom Corporation. - Bluetooth Headset Skype Proxy.) - (6.2.0.9602) - "C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
4680 | C:\Program Files\iPod\bin\iPodService.exe (.Apple Inc. - iPodService Module (64-bit).) - (11.1.4.62) - "C:\Program Files\iPod\bin\iPodService.exe"
4824 | C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe (. - HpqToaster Module.) - (3.0.24.1) - "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe" -Embedding
4908 | C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (.Hewlett-Packard Development Company, L.P. - Com for QLB application.) - (6.5.2.1) - "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe"
¤¤¤¤¤¤¤¤¤¤ | Shortcut_Module | g3n-h@ckm@n | 22.02.2014.3

¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤ - Start 16:25:41 - 22/02/2014

Mis à jour le : 22/02/2014 | 15.20 par g3n-h@ckm@n

Contact : http://www.sosvirus.net

Boot : Normal

Système : Windows 7 Home Premium (64 bits) HomePremium Service Pack 1

Mémoire RAM = Total (MB) : 4161 | Libre (MB) : 2515
Pagefile = Total (MB) : 8320 | Libre (MB) : 6414
Virtuelle = Total (MB) : 4194 | Libre (MB) : 4047


Registre sauvegardé , pour restaurer : C:\Shortcut_Module\Save\Clean\ERDNT.exe

¤¤¤¤¤¤¤¤¤¤ | Mises à jour Windows

Aucune mise à jour détectée !!!
Avatar du membre

rapport zhp

par jjsta
 sam. 22 févr. 2014 16:40 #107035
~ Rapport de ZHPDiag v2014.2.17.15 - Nicolas Coolman (17/02/2014)
~ Lancé par Jenna (22/02/2014 16:31:57)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16518
MFIE: Mozilla Firefox 27.0.1 (Defaut)
GCIE: Google Chrome v33.0.1750.117

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Vista (TM) Ultimate, 64-bit Service Pack 1 (Build 6000)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 3Q6C9
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK

---\\ Logiciels de protection du système
avast! Free Antivirus v9.0.2013

---\\ Logiciels d'optimisation du système
CCleaner v4.10 =Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 12 Plugin
Adobe Reader X
Java 7 Update 45

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4063 MB (69% free)
System Restore: Activé (Enable)
System drive C: has 204 GB (71%) free of 285 GB

---\\ Mode de connexion au système
~ Computer Name: JENNA-PC
~ User Name: Jenna
~ All Users Names: Jenna, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Jenna\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Jenna\AppData\Roaming\
~ %Desktop% : C:\Users\Jenna\Desktop\
~ %Favorites% : C:\Users\Jenna\Favorites\
~ %LocalAppData% : C:\Users\Jenna\AppData\Local\
~ %StartMenu% : C:\Users\Jenna\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 204 Go of 285 Go)
D: Hard drive, Flash drive, Thumb drive (Free 0 Go of 298 Go)
E: Hard drive, Flash drive, Thumb drive (Free 2 Go of 13 Go)
F: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 44 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.263B6E451526A90FF8B1CEC759F22956] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.06/02/2014 - 10:24:52.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/119
~ Mes musiques (My Musics) : 1/990
~ Mes Videos (My Videos) : 1/6
~ Mes Favoris (My Favorites) : 1/11
~ Mes Documents (My Documents) : 1/977
~ Mon Bureau (My Desktop) : 1/6
~ Menu demarrer (Programs) : 1/30
~ Hidden Files: Scanned in 00mn 01s



---\\ Processus lancés
[MD5.A78AAB0D2D70EF7DD56B7328AC502059] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096] [PID.3540]
[MD5.B508A4EE516D905730458BB50B79979B] - (.CyberLink - CyberLink MediaLibray Service.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [206120] [PID.3876]
[MD5.C65B115A03DB0260895DE96681E88221] - (.CyberLink Corp. - HP DVDSmart Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [128296] [PID.3832]
[MD5.7DCE7A74764EB7C67D21A32BC579453D] - (.Oracle Corporation - Java(TM) Update Checker.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe [507264] [PID.5236]
[MD5.AB44884BC129FC04D75A4649E0710203] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8338432] [PID.3852]
[MD5.CC42F104172B4A62793083D380867317] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1456]
[MD5.E87213F37A13E2B54391E40934F071D0] - (.Microsoft Corporation - .NET Runtime Optimization Service.) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [105144] [PID.5972]
[MD5.5121F4D7CF318039F1D62B23963F80F7] - (...) -- C:\Program Files (x86)\BringStar\bin\utilBringStar.exe [80160] [PID.5628]
[MD5.5121F4D7CF318039F1D62B23963F80F7] - (...) -- C:\Program Files (x86)\BringStar\updateBringStar.exe [80160] [PID.5428]
[MD5.F518545E5B7623AD49ABE7F8776EFA46] - (.Apple Inc. - YSLoader.exe.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336] [PID.4576]
~ Processes Running: Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Jenna\AppData\Roaming\Mozilla\Firefox\Profiles\gx0z3ugc.default\prefs.js
M2 - MFEP: prefs.js [Jenna - gx0z3ugc.default\quick_start@gmail.com] [] Quick Start v (..)
P2 - FPN: [HKCU] [@facebook.com/FBPlugin,version=1.0.3] - (.Pas de propriétaire - Provides additional functionality on Facebook. See O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKCU\...\Policies\System] - "WallpaperStyle"=
~ MWPS: 22 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.C04F7B373881009D7994D9BF55D24AB4] - 24/11/2013 - 15:12:47 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776]
O58 - SDL:[MD5.90399625F341AB76BA4B85A5E860EB1F] - 07/01/2014 - 15:04:20 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [207904]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.524C79054636D2E5751169005006460B] - 29/06/2009 - 19:17:00 ---A- . (.ENE TECHNOLOGY INC. - ENE CIR Driver for eHome(64).) -- C:\Windows\System32\Drivers\enecir.sys [70656]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 02/01/1601 - 23:00:00 ---A- . (...) -- C:\Windows\System32\Drivers\sptd.sys [834544]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:[MD5.DFFBC024DFC7BB05B2129E05CBC7A201] - 23/03/2010 - 13:53:06 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\Drivers\stwrt64.sys [505344]
O58 - SDL:[MD5.C9E9D59C0099A9FF51697E9306A44240] - 13/12/2012 - 13:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
~ Drivers: 22 Legitimates Filtered in 00mn 08s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {68D20A9D-AD05-4AFB-AAA7-923B4F443063} - (AlloCine) - http://www.allocine.fr
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
~ Keys: Scanned in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{9F0ABBC9-B626-481E-A2A4-3A31B9386560}C:\users\jenna\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P6 - TRUE | .(...) -- C:\users\jenna\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =PUP.CacaoWeb
O87 - FAEL: "UDP Query User{B003634C-78AA-42FB-BB02-D69A9FC20BB8}C:\users\jenna\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P17 - TRUE | .(...) -- C:\users\jenna\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =PUP.CacaoWeb
O87 - FAEL: "TCP Query User{46382DFA-1D8A-4D61-B140-A9822FF74955}C:\users\jenna\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\jenna\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =PUP.CacaoWeb
O87 - FAEL: "UDP Query User{614ED04D-4F4D-47F2-87D8-5DFBF29003C2}C:\users\jenna\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\jenna\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =PUP.CacaoWeb
~ Firewall: 232 Legitimates Filtered in 00mn 01s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 18/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 22/02/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 02/03/2009 89600 | (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
SS - | Auto 02/07/2009 203264 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SS - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Demand 05/05/2009 228408 | (Com4QLBEx) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
SS - | Auto 24/02/2010 133104 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 24/02/2010 133104 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 24/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Auto 28/03/2011 94264 | (HPDrvMntSvc.exe) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
SS - | Demand 28/03/2011 799800 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
SS - | Auto 13/05/2011 30520 | (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe
SS - | Demand 06/02/2014 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Demand 15/02/2014 118896 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 21/01/2009 247152 | (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
SS - | Auto 23/11/2011 24496 | (SFR.DashBoard.Service) . (.SFR.) - C:\Program Files (x86)\SFR\Gestionnaire de Connexion\SFR.DashBoard.Service.exe
SS - | Auto 05/09/2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Auto 23/03/2010 247808 | (STacSV) . (.IDT, Inc..) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe

SR - | Auto 07/01/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 08/02/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 30/07/2009 864032 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\ezsvc7.dll (ezSharedSvc) . (.EasyBits Sofware AS.) - C:\Windows\System32\svchost.exe
SR - | Auto 21/06/2011 85560 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe =.Hewlett-Packard Co
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 06/02/2014 80160 | (Update BringStar) . (...) - C:\Program Files (x86)\BringStar\updateBringStar.exe
SR - | Auto 08/02/2014 80160 | (Util BringStar) . (...) - C:\Program Files (x86)\BringStar\bin\utilBringStar.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 23/07/2009 146928 | ({55662437-DA8C-40c0-AADA-2C816A897A49}) . (.CyberLink Corp..) - c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl

~ Services: Scanned in 00mn 22s



---\\ Liste des émulateurs de CD/DVD (MBR Hook)
O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 02/01/1601 - 23:00:00 ---A- . (...) -- C:\Windows\System32\Drivers\sptd.sys [834544]
~ Emulateurs: Scanned in 00mn 22s



---\\ Scan Additionnel (O88)
Database Version : 13031 - (17/02/2014)
Clés trouvées (Keys found) : 2
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 2

[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =Toolbar.Bing
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211701196}] =PUP.CrossRider
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =Toolbar.Google^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:fst_fr_83 =PUA.FSTfr9^
C:\Users\Jenna\AppData\Local\Updater27096 =PUP.CrossRider^
C:\Windows\Tasks\bench-Updater removing.job =PUP.GiganticSavings^
C:\Users\Jenna\Downloads\cacaoweb.exe =PUP.CacaoWeb
~ Additionnel Scan: 385916 Items scanned in 01mn 08s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blo ... pua-fstfr9 =PUA.FSTfr9
~ http://nicolascoolman.webs.com/apps/blo ... ticsavings =PUP.GiganticSavings
~ http://nicolascoolman.webs.com/apps/blo ... crossrider =PUP.CrossRider
~ http://nicolascoolman.webs.com/apps/blo ... p-cacaoweb =PUP.CacaoWeb
~ MSI: 4 link(s) detected in 01mn 08s



~ 1209 Legitimates filtered by white list
End of the scan (430 lines in 03mn 50s)(0)
 Sujet verrouillé
 Retourner vers « Désinfection »
fenetres intempestives CMD, rallentissement navigation, virus ?

Merci encore pour votre aide. :good: Je vous tr[…]

FLTL_READ_MORE
Problème suite installation msi B 550 A pro

Bonjour, Je viens de monter un pc bureautique et &[…]

FLTL_READ_MORE
dock pc pour switcher entre PC fixe et portable sur mon installation

carte mere tuf gaming B550

FLTL_READ_MORE
Présentation Kev28

Salut :cheers:

FLTL_READ_MORE
FLTL_VIEW_MORE_TOPICS