Windows 7 Familial Premium: explorateur windows

Windows 7 Familial Premium: explorateur windows Sujet résolu

Ajouter un message à la discussion

Pages : [1] 2 3 ... Fin

novotek

Posté le 10/03/2015 @ 00:37

bonsoir,

A partir de hier je ne peux plus ouvrir ni poste de travail, ni panneau de configuration, ni les dossiers sur les disques dur, ni personnalisation. :(

Mon ordi a été infecté par 500 viruses et troyanes qui sont venus hier. Maintenant il est propre. Hier j'ai nettoyé mon ordi completement. Et j'ai fait un scan de mon ordi après le rédemarrage. Mais explorateur windows ne s'ouvre plus. J'ai essayé de le recouperer par le fichier "explorer.exe" de mon CD-ROM Windows 7, mais ça ne change rien. Je ne sais pas quoi faire. Pourriez vous m'aider de marcher "explorer.exe" (explorateur windows)? J'ai voulu mettre ici les screenshots, mais je ne sais pas comment faire ça.

Aidez moi s'il vous plait, resoudre mon probleme. Je suis débutant dans l'informatique.

flober

Posté le 10/03/2015 à 00:44

novotek

Posté le 10/03/2015 à 01:06

Bonsoir,

j'ai fait la diagnostique par ZHPdiag, mais je n'ai pas trouvé ici l'option "inserer un rapport" :(

comment je peux vous envoyer le rapport?

J'ai fait le nettoyage de mon ordi hier par Microsoft Windows Essentiel et Malwarebyte Antimalware. Tout est propre. Que l'explorateur windows est completement endommagé et je ne peux plus le recuperer.

flober

Posté le 10/03/2015 à 01:11

tout en bas du rapport de ZHPdiag

sélectionne le dernier paragraphe Copie/coller et transmet le moi.

novotek

Posté le 10/03/2015 à 01:28

Je n'arrive pas ajouter le rapport ici, car la page de votre forum me dit ça:

Request object error 'ASP 0104 : 80004005'

Operation not Allowed

/inc_haut.asp, line 46

il y a un autre moyen pour vous envoyer le rapport?

flober

Posté le 10/03/2015 à 01:38

Sélectionne uniquement le dernier paragraphe a l'aide de la souris en passant dessus en pressant clic gauche puis dans ta nouvelle réponse colle la.

Modifié par flober le 10/03/2015 01:40

novotek

Posté le 10/03/2015 à 01:43

par ici, ça va?

---\\ List all legacy services(LALS) (O64)

O64 - Services: CurCS - 10.01.2011 - C:\Windows\System32\DRIVERS\AppleCharger.sys (AppleCharger) .(...) - LEGACY_APPLECHARGER

O64 - Services: CurCS - 02.12.2012 - C:\Windows\System32\drivers\gfibto.sys (gfibto) .(.GFI Software - GFI Boot Time Operations Driver.) - LEGACY_GFIBTO

O64 - Services: CurCS - 27.02.2014 - C:\Windows\system32\drivers\hcmon.sys (hcmon) .(.VMware, Inc. - VMware USB monitor.) - LEGACY_HCMON

O64 - Services: CurCS - 07.03.2015 - C:\Windows\sysWOW64\drivers\HWiNFO64A.sys (HWiNFO32) .(.REALiX(tm) - HWiNFO AMD64 Kernel Driver.) - LEGACY_HWINFO32

O64 - Services: CurCS - 21.11.2014 - C:\Windows\system32\drivers\mbamchameleon.sys (mbamchameleon) .(.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) - LEGACY_MBAMCHAMELEON

O64 - Services: CurCS - 21.11.2014 - C:\Windows\system32\drivers\mbam.sys (MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMPROTECTOR

O64 - Services: CurCS - 01.03.2013 - C:\Windows\System32\drivers\npf.sys (NPF) .(.Riverbed Technology, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) - LEGACY_NPF

O64 - Services: CurCS - 10.06.2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV

O64 - Services: CurCS - 01.07.2010 - C:\Program Files\Unlocker\UnlockerDriver5.sys (UnlockerDriver5) .(...) - LEGACY_UNLOCKERDRIVER5

O64 - Services: CurCS - 19.12.2012 - C:\Users\GELO\Desktop\VirtualBox 4.2.6 82870 Portable\App\VirtualBox\drivers\USB\filter\VBoxUSBMon.sys (VBoxUSBMon) .(.Oracle Corporation - VirtualBox USB Monitor Driver.) - LEGACY_VBOXUSBMON

O64 - Services: CurCS - 29.10.2014 - C:\Windows\System32\DRIVERS\vmnetbridge.sys (VMnetBridge) .(.VMware, Inc. - VMware bridge driver (64-bit).) - LEGACY_VMNETBRIDGE

O64 - Services: CurCS - 29.10.2014 - C:\Windows\system32\drivers\vmnetuserif.sys (VMnetuserif) .(.VMware, Inc. - VMware network application interface driver.) - LEGACY_VMNETUSERIF

O64 - Services: CurCS - 29.10.2014 - C:\Windows\system32\drivers\vmx86.sys (vmx86) .(.VMware, Inc. - VMware kernel driver.) - LEGACY_VMX86

O64 - Services: CurCS - 08.10.2013 - C:\Windows\System32\drivers\vsock.sys (vsock) .(.VMware, Inc. - VMware vSockets Service.) - LEGACY_VSOCK

~ Legacy: 94 Scanned in 00mn 08s

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <OperaStable>[HKLM\..\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Launcher.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S

O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)

~ FASS Keys: 11 Scanned in 00mn 00s

---\\ Start Menu Internet (SMI) (O68)

O68 - StartMenuInternet: <Aviator> <Aviator>[HKLM\..\Shell\open\Command] (.Not Key.)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Not Key.)

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Not Key.)

O68 - StartMenuInternet: <k-meleon.exe> <K-Meleon>[HKLM\..\Shell\open\Command] (.Not Key.)

O68 - StartMenuInternet: <Lunascape6> <Lunascape6>[HKLM\..\Shell\open\Command] (.Not Key.)

O68 - StartMenuInternet: <Opera> <Opera>[HKLM\..\Shell\open\Command] (.Not Key.)

O68 - StartMenuInternet: <OperaStable> <Opera Stable>[HKLM\..\Shell\open\Command] (.Not Key.)

~ Keys: Scanned in 00mn 00s

---\\ Search Browser Infection (SBI) (O69)

O69 - SBI: prefs.js [GELO - blozzve3.default] user_pref("weboftrust.search.ask.display", "Ask.com Web Search");

O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com

O69 - SBI: SearchScopes [HKCU] {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} - (e) - http://rambler.ru

O69 - SBI: SearchScopes [HKCU] {231CE532-7C50-418F-AAFC-B14AA5118BD8} - (Translate.Ru) - http://rambler.ru

O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - http://www.google.com

O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com

O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com

~ Keys: Scanned in 00mn 00s

---\\ Search Svchost Services (SSS) (O83)

O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192]

O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]

O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]

O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032]

O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728]

O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [859648]

O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [680960]

O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99328]

O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064]

O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792]

O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [64512]

O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424]

O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [316928]

O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [683520]

O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [2477536]

O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [849920]

O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688]

O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344]

O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]

O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70144]

O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672]

O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [67584]

O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [219136]

O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [121856]

O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136704]

O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104]

O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110016]

O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [90624]

O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480]

O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [210432]

O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544]

O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864]

~ Services: 32 Scanned in 00mn 00s

---\\ Search Particular Root Folder (SPRF) (O84)

[MD5.6CD985C9E791C4D9F6441C9C360CA5BB] [SPRF][14.08.2013] (...) -- C:\ProgramData\fontcacheev1.dat [389]

[MD5.F1D3FF8443297732862DF21DC4E57262] [SPRF][09.08.2014] (...) -- C:\Users\GELO\AppData\Roaming\wklnhst.dat [4]

[MD5.72695F5E580D1F66F933C64323520093] [SPRF][09.03.2015] (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Users\GELO\Desktop\ZHPDiag2.exe [6877328]

[MD5.CFE1AF5EE9CD57726695DC11941C0FB1] [SPRF][20.04.2011] (...) -- C:\Windows\Downloaded Program Files\WebInstallRunner.dll [43008]

~ Files: 4 Scanned in 00mn 00s

---\\ Firewall Active Exception List (FirewallRules) (O87)

O87 - FAEL: "TCP Query User{684C0968-BAD5-4925-A14F-B447D7ABFC88}E:\telechargements\logiciels\portables\загрузка\utorrent portable\app\utorrent\utorrent.exe" | In - Public - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- E:\telechargements\logiciels\portables\загрузка\utorrent portable\app\utorrent\utorrent.exe =>P2P.BitTorrent

O87 - FAEL: "UDP Query User{A1262EFB-21DF-4EF3-B28D-AFAC5BC49423}E:\telechargements\logiciels\portables\загрузка\utorrent portable\app\utorrent\utorrent.exe" | In - Public - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- E:\telechargements\logiciels\portables\загрузка\utorrent portable\app\utorrent\utorrent.exe =>P2P.BitTorrent

~ Firewall: 2 Scanned in 00mn 18s

---\\ Windows Installer Scan (WIS) (O93) (NTFS)

[MD5.013946FEC4064E014774D39623AA7CE4] [WIS][16.10.2013] (.APN, LLC - Sopcast Toolbar.) -- C:\Windows\Installer\346d8a5.msi [523264] =>Toolbar.Ask

~ WIS: 1 Scanned in 00mn 06s

---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped)

SS - | Demand 09.02.2015 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

SS - | Auto 22.07.1658 0 | (AdvancedSystemCareService8) . (...) - C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASCService.exe

SS - | Demand 06.04.2010 31272 | (AppleChargerSrv) . (...) - C:\Windows\System32\AppleChargerSrv.exe

SS - | Auto 22.07.1658 0 | (ASCAntivirusSrv) . (...) - C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ascavsvc.exe

SS - | Auto 20.10.2014 107912 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SS - | Demand 20.10.2014 107912 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SS - | Demand 14.08.2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

SS - | Auto 22.07.1658 0 | (HitmanProScheduler) . (...) - C:\Program Files\HitmanPro\hmpsched.exe

SS - | Demand 14.11.2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

SS - | Demand 31.01.2014 887232 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe

SS - | Auto 22.07.1658 0 | (LiveUpdateSvc) . (...) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe

SS - | Auto 21.11.2014 969016 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

SS - | Demand 05.03.2015 148592 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

SS - | Demand 09.10.2006 724992 | (NBService) . (.Nero AG.) - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe

SS - | Auto 08.04.2013 799280 | (PDF Architect Service) . (.pdfforge GmbH.) - C:\Program Files (x86)\PDF Architect\ConversionService.exe

SS - | Demand 01.03.2013 118520 | (rpcapd) . (.Riverbed Technology, Inc..) - C:\Program Files (x86)\WinPcap\rpcapd.exe

SS - | Demand 04.11.2008 68760 | (SandraAgentSrv) . (.SiSoftware.) - C:\Program Files\SiSoftware\SiSoftware Sandra Business 2013\RpcAgentSrv.exe

SS - | Auto 02.01.2015 315488 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe

SS - | Demand 14.07.2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SS - | Demand 22.07.1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation

SR - | Auto 14.05.2009 759048 | (ABBYY.Licensing.FineReader.Sprint.9.0) . (.ABBYY.) - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

SR - | Auto 15.12.2011 917640 | (AcuWVSSchedulerv8) . (...) - C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 8\WVSScheduler.exe

SR - | Auto 03.12.2014 81088 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

SR - | Auto 24.01.2012 21880 | (APC Data Service) . (.Schneider Electric.) - C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe

SR - | Auto 24.01.2012 705912 | (APC UPS Service) . (.Schneider Electric.) - C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe

SR - | Auto 12.02.2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

SR - | Auto 30.08.2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe

SR - | Auto 06.03.2015 315240 | (cmcore) . (.Kingsoft Corporation.) - c:\program files (x86)\cmcm\Clean Master\cmcore.exe

SR - | Auto 21.02.2012 151648 | (EPSON_PM_RPCV4_04) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.exe

SR - | Auto 14.02.2014 579584 | (HauppaugeTVServer) . (.Hauppauge Computer Works.) - C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe

SR - | Auto 20.01.2014 2818896 | (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe

SR - | Auto 21.11.2014 1871160 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

SR - | Auto 30.01.2015 23784 | (MsMpSvc) . (.Microsoft Corporation.) - c:\Program Files\Microsoft Security Client\MsMpEng.exe

SR - | Auto 18.08.2009 7599616 | (MySQL) . (...) - C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe

SR - | Auto 31.01.2013 878368 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe

SR - | Auto 19.02.2013 1259296 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

SR - | Auto 08.04.2013 1320496 | (PDF Architect Helper Service) . (.pdfforge GmbH.) - C:\Program Files (x86)\PDF Architect\HelperService.exe

SR - | Auto 17.01.2013 8704 | (RumoteVMCService) . (.Rumote.) - C:\Program Files (x86)\Rumote\RumoteVMC\RumoteMCEService.exe

SR - | Auto 10.09.2012 193392 | (SCPDFReadSpool) . (.Solid Documents, LLC.) - C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDF\SolidConverterPDFServicex64.exe

SR - | Auto 28.03.2012 82944 | (SLService) . (...) - C:\Windows\System32\slmdmsr.exe

SR - | Demand 20.12.2014 820960 | (SystemExplorerHelpService) . (.Mister Group.) - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe

SR - | Auto 29.10.2014 86744 | (VMAuthdService) . (.VMware, Inc..) - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe

SR - | Auto 22.07.1658 0 | (VMnetDHCP) . (.VMware, Inc..) - C:\Windows\system32\vmnetdhcp.exe

SR - | Auto 27.02.2014 906432 | (VMUSBArbService) . (.VMware, Inc..) - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe

SR - | Auto 22.07.1658 0 | (VMware NAT Service) . (.VMware, Inc..) - C:\Windows\system32\vmnat.exe

SR - | Auto 14.07.2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 08.09.2014 97280 | (_wfcs) . (.BiniSoft.org.) - C:\Program Files\Windows Firewall Control\wfcs.exe

~ Services: Scanned in 00mn 11s

---\\ Search Master Boot Record Infection (MBR)(O80)

Run by GELO at 09.03.2015 22:49:13

~ OS 64 not supported by MBR tool

~ MBR: 0 Scanned in 00mn 00s

---\\ Search Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by GELO at 09.03.2015 22:49:15

********* Dump file Name *********

C:\PhysicalDisk0_MBR.bin

~ MBR: Scanned in 00mn 02s

---\\ Scan Additionnel (O88)

Database Version : 13008 - (08.03.2015)

Clés trouvées (Keys found) : 6

Valeurs trouvées (Values found) : 1

Dossiers trouvés (Folders found) : 5

Fichiers trouvés (Files found) : 6

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Applian FLV Player2.0.24] =>PUP.ApplianTechnologies^

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Applian FLV and Media Player] =>PUP.ApplianTechnologies^

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{53504356-3700-A76A-76A7-A758B70C0600}] =>Toolbar.Ask^

[HKLM\Software\Classes\Interface\{D6094FC6-821F-474C-8D73-C13066CD178D}] =>Toolbar.Agent

[HKLM\Software\Wow6432Node\Classes\Interface\{D6094FC6-821F-474C-8D73-C13066CD178D}] =>Toolbar.Agent

[HKLM\Software\Classes\AppID\secman.DLL] =>PUP.Babylon

C:\Users\GELO\AppData\Roaming\Mozilla\Firefox\Profiles\blozzve3.default\extensions\pavel.sherbakov@gmail.com =>PUP.QuickShare^

C:\Users\GELO\AppData\Roaming\Mozilla\Firefox\Profiles\fi77grgz.dev-edition-default\extensions\pavel.sherbakov@gmail.com =>PUP.QuickShare^

C:\Program Files (x86)\Applian Technologies =>PUP.ApplianTechnologies^

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applian Technologies =>PUP.ApplianTechnologies^

C:\Users\GELO\AppData\Roaming\Applian FLV and Media Player =>PUP.ApplianTechnologies^

C:\Windows\Tasks\AVG-Secure-Search-Update_0214b_rel.job =>Toolbar.AVGSearch^

C:\Windows\System32\Tasks\AVG-Secure-Search-Update_0214b_rel =>Toolbar.AVGSearch^

C:\Windows\Tasks\AVG-Secure-Search-Update_0214b_rmv.job =>Toolbar.AVGSearch^

C:\Windows\System32\Tasks\AVG-Secure-Search-Update_0214b_rmv =>Toolbar.AVGSearch^

[HKLM\Software\Wow6432Node\Applian Technologies] =>PUP.ApplianTechnologies^

C:\Windows\Installer\346d8a5.msi =>Toolbar.Ask^

~ Additionnel Scan: 388926 Items scanned in 00mn 30s

---\\ Additional information about modules

~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)

~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects (O2)

~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer toolbars (O3)

~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Auto loading programs from Registry and folders (O4)

~ AMI: 4 Scanned in 00mn 00s

---\\ Summary of the detections found on your workstation

http://nicolascoolman.fr/pup-quickshare =>PUP.QuickShare

http://www.nicolascoolman.fr/blog/ =>PUP.ApplianTechnologies

http://nicolascoolman.fr/toolbar-ask =>Toolbar.Ask

http://www.nicolascoolman.fr/blog/ =>PUP.CorsicaTechnologies

http://www.nicolascoolman.fr/blog/ =>Toolbar.Agent

http://nicolascoolman.fr/pup-babylon =>PUP.Babylon

~ MSI: 6 link(s) detected in 00mn 00s

End of the scan (2423 lines in 10mn 15s)(0.10)

flober

Posté le 10/03/2015 à 01:52

Le rapport montre que tu es infecté.

Attends demain qu'un Helper te prenne en charge pour remettre tout en ordre.

Il serait souhaitable que tu transfert ta demande dans le forum sécurité.

bonne nuit.

Modifié par flober le 10/03/2015 01:54

novotek

Posté le 10/03/2015 à 01:57

ok, bonne nuit. à demain

lilidurhone

Posté le 10/03/2015 à 06:40

Ton rapport est incomplet .Héberge le sur cjoint :) .pour demander ton transfert clique sur le panneau point d'exclamation jaune et dis que tu souhaites être transférer dans sécurité

novotek

Posté le 10/03/2015 à 08:35

Bonjour,

Malheureusement il n'y a pas de ça ici: "Insérer un rapport", je n'ai pas trouvé. Ici il y a ça Options : Ne plus suivre le sujet | Marquer comme résolu, donc je ne sais pas où et comment je peux vous envoyer le rapport en totalité.

J'essaye faire comme ça, je partagerai sur quelque paragraph de ce rapport ici pour que vous pouvez le lire et me conseiller quoi faire avec mon ordi.

~ Report of ZHPDiag v2015.3.8.28 - Nicolas Coolman (08.03.2015)

~ Launched by GELO (09.03.2015 22:39:36)

~ Facebook : https://www.facebook.com/nicolascoolman1

~ Web forum address : http://forum.nicolascoolman.fr

~ Translated by

~ Version State : Updated version.

~ White List : Deactivate by user

~ Elevation of privilege : OK

~ User Account Control : Deactivate by program

---\\ Internet browsers

MSIE: Internet Explorer v11.0.9600.17633

MFIE: Mozilla Firefox 35.0.1

GCIE: Google Chrome v40.0.2214.115 (Defaut)

OPIE: Opera v12.17

OPIE: Opera Stable v27.0.1689.76

---\\ Windows product information

~ Langage: Anglais

Windows Server License Manager Script : OK

~ Windows Operating System - Windows(R) 7, OEM_COA_NSLP channel

Windows ID Activation : OK

~ Windows Partial Key : 468V7

Windows License : OK

~ Windows Remaining Initializations Number : 3

Software Protection Service (Protection logicielle) : OK

Windows Automatic Updates : OK

Windows Activation Technologies : OK

Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)

---\\ System protection software

Malwarebytes Anti-Malware, версия 2.0.4.1028

Microsoft Security Client RU-RU Language Pack v2.1.1116.0

Windows Defender W7 (Deactivate)

---\\ System optimization software

---\\ Sharing software PeerToPeer

---\\ Surveillance software

Adobe Flash Player 16 NPAPI

Adobe Reader 64-bit fixes

Adobe Reader XI

Java 7 Update 60 (64-bit)

---\\ Information on the system

~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel

~ Operating System: 64 Bits

Boot mode: Normal (Normal boot)

Total RAM: 8175 MB (46% free)

System Restore: Activé (Enable)

System drive C: has 270 GB (57%) free of 466 GB

---\\ Connection to the system mode

~ Computer Name: HENRI-PC

~ User Name: GELO

~ All Users Names: UpdatusUser, GELO, Administrateur,

~ Unselected Option: None

Logged in as Administrator

---\\ Environment variables

~ System Unit : C:\

~ %AppZHP% : C:\Users\GELO\AppData\Roaming\ZHP\

~ %AppData% : C:\Users\GELO\AppData\Roaming\

~ %Desktop% : C:\Users\GELO\Desktop\

~ %Favorites% : C:\Users\GELO\Favorites\

~ %LocalAppData% : C:\Users\GELO\AppData\Local\

~ %StartMenu% : C:\Users\GELO\AppData\Roaming\Microsoft\Windows\Start Menu\

~ %Windir% : C:\Windows\

~ %System% : C:\Windows\System32\

---\\ Enumeration of the disk units

C: Hard drive, Flash drive, Thumb drive (Free 270 Go of 466 Go)

D: CD-ROM drive (Not Inserted)

E: Hard drive, Flash drive, Thumb drive (Free 1016 Go of 1397 Go)

---\\ State of the Windows Security Center

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK

[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

~ Security Center: 41 Scanned in 00mn 00s

---\\ Search Generic System Files

[MD5.AC4C51EB24AA95B77F705AB159189E24] - (.Microsoft Corporation - Explorateur Windows.) (.21.11.2010 - 4:24:12.) -- C:\Windows\Explorer.exe [2872320]

[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14.07.2009 - 2:39:52.) -- C:\Windows\System32\Wininit.exe [129024]

[MD5.9DFE41A69DF70AAB75CB5BA8C1109EA2] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.12.01.2015 - 2:27:32.) -- C:\Windows\System32\wininet.dll [2358272]

[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.17.07.2014 - 3:07:24.) -- C:\Windows\System32\Winlogon.exe [455168]

[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21.11.2010 - 4:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]

[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30.05.2014 - 7:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]

[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14.07.2009 - 2:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]

[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14.07.2009 - 0:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]

[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21.11.2010 - 4:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]

[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21.11.2010 - 4:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]

[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21.11.2010 - 4:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]

[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14.07.2009 - 0:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]

[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14.07.2009 - 1:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]

[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27.04.2011 - 3:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]

[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21.11.2010 - 4:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]

[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24.01.2014 - 3:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]

[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14.07.2009 - 1:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]

[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21.11.2010 - 4:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]

[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14.07.2009 - 1:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]

[MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) (.11.11.2014 - 2:46:26.) -- C:\Windows\system32\Drivers\tdx.sys [119296]

[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21.11.2010 - 4:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]

~ Generic Processes: Scanned in 00mn 00s

---\\ Hidden files state (Hidden/Total)

~ Mes images (My Pictures) : 2/3327

~ Mes musiques (My Musics) : 3/12379

~ Mes Videos (My Videos) : 1/7

~ Mes Favoris (My Favorites) : 1/418

~ Mes Documents (My Documents) : 4/564

~ Mon Bureau (My Desktop) : 1/396

~ Menu demarrer (Programs) : 1/61

~ Hidden Files: Scanned in 00mn 03s

---\\ Process running

[MD5.06E0199BE4653D7FEDFB3612324FF084] - (.Innovative Solutions - Application Starter.) -- C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe [1065352] [PID.2332]

[MD5.43A1E2ADF070C541290084D741B0310F] - (.Kingsoft Corporation - Clean Master.) -- c:\program files (x86)\cmcm\Clean Master\cmtray.exe [468328] [PID.2340]

[MD5.5CB4C3C7A74E9436273261F74625B646] - (.PIMOne Software - PIMOne.) -- C:\Program Files (x86)\PIMOne\PIMOne.exe [2883584] [PID.5032]

[MD5.AD12F815BE0348F1FD7FEBF720FA307C] - (.Team MediaPortal - IR Server.) -- C:\Program Files (x86)\IR Server Suite\IR Server.exe [341504] [PID.3868]

[MD5.0A2BB12C84543B68E8E2E6E4235ADE58] - (.Team MediaPortal - IR Server Tray.) -- C:\Program Files (x86)\IR Server Suite\IR Server Tray.exe [426496] [PID.4032]

[MD5.39AF1CDEAFA4FC9D5185FBD9F4D141C4] - (.Octoshape ApS - Main program for Octoshape client.) -- C:\Users\GELO\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [107800] [PID.4028]

[MD5.7B6CB5C60E549B746FA8DEEE82C5BB53] - (...) -- C:\Users\GELO\AppData\Roaming\ACEStream\engine\ace_engine.exe [23984] [PID.528]

[MD5.99C03F5D726A415253DBF09AFDA0A72E] - (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe [1565504] [PID.1116]

[MD5.43DFDE6570A948A178000348950B3546] - (...) -- C:\Users\GELO\AppData\Roaming\AceWebExtension\updater\ace_web_extension.exe [22824] [PID.4620]

[MD5.D3AC38E80E928CC61A22650E04423BB8] - (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328] [PID.5084]

[MD5.36873F8B02A1F61DEC99D00E18E6C305] - (.Hauppauge Computer Works - IR.) -- C:\Program Files (x86)\WinTV\Ir.exe [118544] [PID.4212]

[MD5.0D45E25843928A8CF67959F2A382742B] - (.Hauppauge Computer Works, Inc. - WinTVTray.) -- C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe [151552] [PID.2424]

[MD5.7791897A9EC247982F8B6DFA0230E6E4] - (.No owner - MDAPI_Plus Host Application.) -- C:\Program Files (x86)\MDAPI_Plus\MDAPIHost.exe [243200] [PID.5072]

[MD5.16AFB34618E1286FF856DC600AC49C79] - (.No owner - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968] [PID.4628]

[MD5.60D2665C567B38C96E1216E9BC6F0253] - (.4t Niagara Software - 4t Tray Minimizer Free.) -- C:\Program Files (x86)\4t Tray Minimizer\4t-min.exe [1848832] [PID.4936]

[MD5.7C557FD090347693F7FD5DBFEC444D02] - (.No owner - Process Killer.) -- C:\Program Files\Process Killer 1.4.2\prkiller.exe [38400] [PID.4596]

[MD5.C32E458C8DDB46220C2D9C7807EC1A3F] - (.Schneider Electric - PowerChute System Tray Power Icon.) -- C:\Program Files (x86)\APC\PowerChute Personal Edition\apcsystray.exe [673144] [PID.3924]

[MD5.6B7F08FC28191D99F6FDE92949C6628A] - (.Mister Group - System Explorer.) -- C:\Program Files (x86)\System Explorer\SystemExplorer.exe [3391200] [PID.2040]

[MD5.53EBC5A93B96B8590BC7F02D7316A9EE] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616] [PID.1788]

[MD5.A8C1BF646DD0168E81AFAA9662CCD843] - (...) -- C:\Users\GELO\AppData\Roaming\ACEStream\updater\ace_update.exe [22824] [PID.6032]

[MD5.B9D6D7E6E5C4FCD8DD7F88EC9D563085] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592] [PID.6840]

[MD5.0FDA13AB12896ABB885B2781DAA950E5] - (.ABBYY. - ABBYY ScreenshotReader.) -- C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [925960] [PID.6044]

[MD5.6B7BE218304D5DCCCBFFAE29F31F5AE7] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8184832] [PID.7212]

[MD5.E6D260721A9DF6A254FEDB7990FB5E77] - (.Kingsoft Corporation - Clean Master.) -- c:\program files (x86)\cmcm\Clean Master\cmcore.exe [315240] [PID.1264]

[MD5.B33CF4DE909A5B30F526D82053A63C8E] - (.ABBYY - ABBYY network license server.) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048] [PID.1860]

[MD5.8A27975A7BD3EA10E7F22553558F3A74] - (...) -- C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 8\WVSScheduler.exe [917640] [PID.1940]

[MD5.4C72FDD915D62EAEF149BD9C73AB9CF4] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088] [PID.1180]

[MD5.C7F8C8080B055B3DE9A8141DFD8E308A] - (.Schneider Electric - Battery Backup Management Service.) -- C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe [705912] [PID.1592]

[MD5.221564CC7BE37611FE15EACF443E1BF6] - (.Apple Inc. - YSLoader.exe.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336] [PID.1736]

[MD5.2EC3AFFE3AC7776AE9DA4028D370593F] - (.Hauppauge Computer Works - Hauppauge TV Server.) -- C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [579584] [PID.2152]

[MD5.0BB29DE40C9D9529793DCDB59A43CF5B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160] [PID.2616]

[MD5.9972EDE411AA4D1FFF3341DC8819A5A4] - (.Hauppauge Computer Works - Capture plugin for the USB devices.) -- C:\Program Files (x86)\WinTV\TVServer\CaptureGenUSB.exe [405504] [PID.2824]

[MD5.20372BE109FEE1C37E2D5216680DB9EB] - (.pdfforge GmbH - PDF Architect Helper Service.) -- C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496] [PID.2408]

[MD5.295010C3EDECCAF760853544D0C92C03] - (.VMware, Inc. - VMware NAT Service.) -- C:\Windows\SysWOW64\vmnat.exe [437976] [PID.2548]

[MD5.107AB19CC1D40B9D04537F6EEAAC34C9] - (.Schneider Electric - PowerChute Data Service.) -- C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe [21880] [PID.3296]

[MD5.1AA9C2331234786211A261C8FC69EB25] - (.VMware, Inc. - VMware Authorization Service.) -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe [86744] [PID.3344]

[MD5.7EEBDDF76D013181E21592D2FFD66A98] - (.VMware, Inc. - VMware VMnet DHCP service.) -- C:\Windows\SysWOW64\vmnetdhcp.exe [359128] [PID.3416]

[MD5.A3A25E0509F67473B960DAF214828BE3] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1259296] [PID.5740]

~ Processes Running: Scanned in 00mn 00s

---\\ Opera, Plugins,Start,Search (P1,B0,B1)

B0 - SPO: operaprefs.ini [GELO] Home URL=http://www.rambler.ru/

B1 - OSP: search.ini [GELO] URL=http://www.bing.com/search?q=%s&form=OPRTSD&pc=OPER

B1 - OSP: search.ini [GELO] URL=http://redir.opera.com/amazon

B1 - OSP: search.ini [GELO] URL=http://redir.opera.com/ebay =>Toolbar.eBay

B1 - OSP: search.ini [GELO] URL=http://fr.wikipedia.org/wiki/Special:Search?search=%s

P1 - OPN:Opera Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files (x86)\Opera\Program\Plugins\NPOFF12.DLL

P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Opera\Program\Plugins\npqtplugin.dll

P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Opera\Program\Plugins\npqtplugin2.dll

P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Opera\Program\Plugins\npqtplugin3.dll

P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Opera\Program\Plugins\npqtplugin4.dll

P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Opera\Program\Plugins\npqtplugin5.dll

P1 - OPN:Opera Plugin Navigator . (...) -- C:\Program Files (x86)\Opera\Program\Plugins\NPSWF32.dll

P1 - OPN:Opera Plugin Navigator . (.Adobe Systems, Inc. - Adobe Flash Player Helper 10.0 r45.) -- C:\Program Files (x86)\Opera\Program\Plugins\NPSWF32_FlashUtil.exe =>.Adobe Systems Incorporated