cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2014.1.2.5 - Nicolas Coolman (02/01/2014)
~ Lancé par Roland (05/01/2014 13:15:40)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16476
MFIE: Mozilla Firefox 26.0 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_COA_SLP channel
Windows ID Activation : OK
~ Windows Partial Key : KJQYT
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
AVG 2014 v14.0.3658
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7

---\\ Logiciels d'optimisation du système
CCleaner v3.13 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 45

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 15 Stepping 11, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3071 MB (54% free)
System Restore: Activé (Enable)
System drive C: has 56 GB (57%) free of 98 GB

---\\ Mode de connexion au système
~ Computer Name: ROLAND-PC
~ User Name: Roland
~ All Users Names: Roland, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Roland\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Roland\AppData\Roaming\
~ %Desktop% : D:\Roland\Desktop\
~ %Favorites% : D:\Roland\Favorites\
~ %LocalAppData% : C:\Users\Roland\AppData\Local\
~ %StartMenu% : C:\Users\Roland\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 56 Go of 98 Go)
D: Hard drive, Flash drive, Thumb drive (Free 171 Go of 298 Go)
E: CD-ROM drive (Not Inserted)
F: CD-ROM drive (Not Inserted)
G: Hard drive, Flash drive, Thumb drive (Free 368 Go of 368 Go)
H: CD-ROM drive (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)
J: Floppy drive, Flash card reader, USB Key (Not Inserted)
K: Floppy drive, Flash card reader, USB Key (Not Inserted)
L: Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.9B6678DB9C6A232C5A84D2FDFFF8B0E1] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.26/11/2013 - 08:07:57.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 04:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/32
~ Mes musiques (My Musics) : 6/61
~ Mes Videos (My Videos) : 2/3
~ Mes Favoris (My Favorites) : 1/20
~ Mes Documents (My Documents) : 5/14691
~ Mon Bureau (My Desktop) : 1/267
~ Menu demarrer (Programs) : 1/28
~ Hidden Files: Scanned in 00mn 01s



---\\ Processus lancés
[MD5.736C10E07104E1EB2714E9C9CF1CFB01] - (.Acronis - Acronis Scheduler Helper.) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [391128] [PID.3944]
[MD5.08604D8FE6A01FB2E01241417D005214] - (.Sonix - CameraMonitor Application.) -- C:\Windows\vsnp2std.exe [675840] [PID.3952]
[MD5.F6573840989C4E8ED2EBF8B0644CF500] - (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files (x86)\SFR\Kit\9props.exe [959880] [PID.4088]
[MD5.5883D86F8C22B1E5F78627E4AF19B234] - (.Apple Inc. - Apple Photostreams Uploader Executable.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720] [PID.3088]
[MD5.08B438A5A06CD877F19B92F6868C031D] - (.NEC Electronics Corporation - USB 3.0 Monitor.) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496] [PID.3592]
[MD5.01EF24117E06A7BC740C62983FCB9638] - (.ASUSTeK Computer Inc. - Pas de description.) -- C:\Program Files (x86)\ASUS\Ai Suite\AiNap\AiNap.exe [1430016] [PID.3704]
[MD5.4EB0C6C3EF4D8885CF2B5D0062F31E44] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376] [PID.4032]
[MD5.0F7A641411189D27D48393FFAD8D507A] - (.Acronis - Acronis True Image Monitor.) -- C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe [2570080] [PID.2368]
[MD5.EC479030CEAF7E44FCB9EEDAE5FE1E84] - (.Acronis - Acronis True Image Monitor.) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5492760] [PID.2368]
[MD5.4F79A021FD88110026144CF06D212B84] - (.SONIX - tsnp2std Microsoft.) -- C:\Windows\tsnp2std.exe [258048] [PID.2020]
[MD5.70189D91A5347F5E34039D06C7E58419] - (.Yahoo! Inc - Yahoo! Application.) -- C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe [111856] [PID.4100]
[MD5.643F7A81B4FC27845886AB9650AD2C61] - (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4956176] [PID.4424]
[MD5.1E1922213E51D13B90AF609B5B32625C] - (.Yahoo! Inc. - Yahoo! Messenger Tray.) -- C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe [79160] [PID.4812]
[MD5.BAF535F843A3E790E04A7613811B55BC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.4412]
[MD5.D235EAF46AE3E22A2F56B050D1B369B5] - (.Wondershare - Wondershare Studio.) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1989920] [PID.4060]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.4420]
[MD5.47833576F0BEE0AD7B45109982B769BD] - (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe [59720] [PID.3804]
[MD5.1EEA6C1B35191DC177EA83672B9C3FC0] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.6160]
[MD5.0DD74786D22EDFF0CE5B8E1B1E398618] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [18544] [PID.6536]
[MD5.5D60EE718D0C708D69DFF4B3336B68BF] - (.Adobe Systems, Inc. - Adobe Flash Player 11.9 r900.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe [1862536] [PID.6576]
[MD5.486BDC196F8914845302745A15310D62] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8321024] [PID.3048]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.2072]
[MD5.149E8CA66CEADE0D17AC4028A567499F] - (.Acronis - File Level CDP Manager Service.) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [3975088] [PID.2112]
[MD5.30E3850F303EAE5C364782EA78579CC9] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624] [PID.2136]
[MD5.F89B2DACE0FBE54CF65D12B7081C19C3] - (.AVG Technologies CZ, s.r.o. - AVG Identity Protection Service.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3478544] [PID.2288]
[MD5.B747B6BB015E552F49C634BB19540F3D] - (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008] [PID.2320]
[MD5.7CF1B716372B89568AE4C0FE769F5869] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872] [PID.2520]
[MD5.E5C796B621F6FBA8616511063D7F0FFE] - (.StarWind Software - StarWind iSCSI Target (Alcohol Edition).) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688] [PID.2808]
[MD5.57DDE1395F86EE048AB25717EEB8CAEB] - (.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [4150112] [PID.2892]
[MD5.DD0042F0C3B606A6A8B92D49AFB18AD6] - (.Yahoo! Inc. - AutoUpater Service Module.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe [602392] [PID.2952]
[MD5.9BFD0A072459782E3638362A4473E283] - (...) -- C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2139400] [PID.2984]
~ Processes Running: Scanned in 00mn 01s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Roland\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 0 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Roland\AppData\Roaming\Mozilla\Firefox\Profiles\nvu6zjvh.default\prefs.js
~ Firefox Browser: 4 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 35



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Acronis True Image Home 2011.lnk . (.Acronis - Acronis True Image.) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageLauncher.exe
O4 - GS\Desktop [Public]: Acronis Disk Director Home.lnk . (.Acronis - Disk Director 11 Management Console.) -- C:\Program Files (x86)\Acronis\DiskDirector\ManagementConsole.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: PokerStars.fr.lnk . (.PokerStars - PokerStars Update.) -- C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe
O4 - GS\Desktop [Public]: SmartPCFix.lnk . (...) -- C:\Program Files (x86)\SmartPCFix\SmartPCFix.exe (.not file.) =>Rogue.SmartPCFix
O4 - GS\Desktop [Public]: Yahoo! Messenger.lnk . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [Roland]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [Roland]: PokerStars.fr.lnk . (.PokerStars - PokerStars Update.) -- C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe
O4 - GS\QuickLaunch [Roland]: Yahoo! Messenger.lnk . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
O4 - GS\TaskBar [Roland]: Internet Explorer (2).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Roland]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Roland]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Roland]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Roland]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Global Startup: 75 Legitimates Filtered in 00mn 01s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [Service Scheduler2 Acronis] . (.Acronis - Acronis Scheduler Helper.) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
O4 - HKLM\..\Run: [snp2std] . (.Sonix - CameraMonitor Application.) -- C:\Windows\vsnp2std.exe
O4 - HKCU\..\Run: [Xvid] . (...) -- C:\Program Files (x86)\Xvid\CheckUpdate.exe
O4 - HKCU\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virtual Drive Auto-mount Service.) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
O4 - HKCU\..\Run: [Connexion SFR 9props.exe] . (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files (x86)\SFR\Kit\9props.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] . (.Apple Inc. - Apple Photostreams Uploader Executable.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKLM\..\Wow6432Node\Run: [NUSB3MON] . (.NEC Electronics Corporation - USB 3.0 Monitor.) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [Ai Nap] . (.ASUSTeK Computer Inc. - Pas de description.) -- C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe
O4 - HKLM\..\Wow6432Node\Run: [QFan Help] . (.ASUSTeK Computer Inc. - Pas de description.) -- C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe
O4 - HKLM\..\Wow6432Node\Run: [Cpu Level Up help] . (...) -- C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe
O4 - HKLM\..\Wow6432Node\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Wow6432Node\Run: [AdobeCS5ServiceManager] . (.Adobe Systems Incorporated - Adobe CS5 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [SAOB Monitor] . (.Acronis - Acronis True Image Monitor.) -- C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
O4 - HKLM\..\Wow6432Node\Run: [TrueImageMonitor.exe] . (.Acronis - Acronis True Image Monitor.) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Wow6432Node\Run: [tsnp2std] . (.SONIX - tsnp2std Microsoft.) -- C:\Windows\tsnp2std.exe
O4 - HKLM\..\Wow6432Node\Run: [YSearchProtection] . (.Yahoo! Inc - Yahoo! Application.) -- C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKLM\..\Wow6432Node\Run: [AVG_UI] . (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [Wondershare Helper Compact.exe] . (.Wondershare - Wondershare Studio.) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SpUninstallDeleteDir] Clé orpheline
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2272616278-204740168-897953277-1000\..\Run: [Xvid] . (...) -- C:\Program Files (x86)\Xvid\CheckUpdate.exe
O4 - HKUS\S-1-5-21-2272616278-204740168-897953277-1000\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virtual Drive Auto-mount Service.) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe
O4 - HKUS\S-1-5-21-2272616278-204740168-897953277-1000\..\Run: [Messenger (Yahoo!)] . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
O4 - HKUS\S-1-5-21-2272616278-204740168-897953277-1000\..\Run: [Connexion SFR 9props.exe] . (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files (x86)\SFR\Kit\9props.exe
O4 - HKUS\S-1-5-21-2272616278-204740168-897953277-1000\..\Run: [ApplePhotoStreams] . (.Apple Inc. - Apple Photostreams Uploader Executable.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKUS\S-1-5-21-2272616278-204740168-897953277-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ((no name)) - http://fichiers.touslesdrivers.com/maconfig/MaConfigx64_5_2_1_0.cab
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{DD6339A8-9524-43FE-8F2C-7F129E6F3D2C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{DD6339A8-9524-43FE-8F2C-7F129E6F3D2C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{DD6339A8-9524-43FE-8F2C-7F129E6F3D2C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (vToolbarUpdater17.2.0) . (...) - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe (.not file.) =>Toolbar.AVGSearch
~ Services: 12 Legitimates Filtered in 00mn 05s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job [352]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job [352]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\click-n-mark-5-chromeinstaller.job [1970]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\click-n-mark-5-codedownloader.job [1258]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\click-n-mark-5-enabler.job [1158]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\click-n-mark-5-firefoxinstaller.job [1896]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\click-n-mark-5-updater.job [1352]
[MD5.00000000000000000000000000000000] [APT] [AVG-Secure-Search-Update_JUNE2013_HP_rmv] (...) -- C:\Windows\TEMP\{A92DFE92-C1DB-4376-AD1C-4DFD47529FEC}.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [AVG-Secure-Search-Update_JUNE2013_TB_rmv] (...) -- C:\Windows\TEMP\{0BBAB611-EB32-4C62-9431-51B1D204906C}.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [click-n-mark-5-chromeinstaller] (...) -- C:\Program Files (x86)\click-n-mark-5\click-n-mark-5-chromeinstaller.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [click-n-mark-5-codedownloader] (...) -- C:\Program Files (x86)\click-n-mark-5\click-n-mark-5-codedownloader.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [click-n-mark-5-enabler] (...) -- C:\Program Files (x86)\click-n-mark-5\click-n-mark-5-enabler.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [click-n-mark-5-firefoxinstaller] (...) -- C:\Program Files (x86)\click-n-mark-5\click-n-mark-5-firefoxinstaller.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [click-n-mark-5-updater] (...) -- C:\Program Files (x86)\click-n-mark-5\click-n-mark-5-updater.exe (.not file.) [0]
[MD5.AFFF82ADF77CA68FC4CF552B176F3D73] [APT] [Cpu Level Up Hook Lanunch] (...) -- C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHookLaunch.exe [582656]
~ Scheduled Task: 33 Legitimates Filtered in 00mn 03s



---\\ Logiciels installés (O42)
O42 - Logiciel: DuckCapture Standard 2.7 - (.DuckLink.) [HKLM][64Bits] -- DuckCapture_is1
O42 - Logiciel: PokerStars.fr - (.PokerStars.fr.) [HKLM][64Bits] -- PokerStars.fr
~ Logic: 24 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Ecommfactory]
[HKCU\Software\Kllabs]
[HKCU\Software\로컬 응용 프로그램 마법사에서 생성된 응용 프로그램]
[HKLM\Software\WEDL] =>PUP.weDownloadManager
[HKLM\Software\Wow6432Node\WEDL] =>PUP.weDownloadManager
[HKLM\Software\Wow6432Node\click-n-mark-5]
~ Key Software: 300 Legitimates Filtered in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 29/08/2013 - 23:58:12 - [0,042] ----D C:\Program Files (x86)\Alinéa
O43 - CFD: 11/12/2011 - 11:45:42 - [18,777] ----D C:\Program Files (x86)\DuckLink
O43 - CFD: 27/05/2013 - 07:03:41 - [0,492] ----D C:\Program Files (x86)\Howard
O43 - CFD: 11/12/2013 - 11:41:49 - [137,703] ----D C:\Program Files (x86)\PokerStars.FR
O43 - CFD: 11/12/2011 - 11:45:45 - [0,001] ----D C:\Users\Roland\AppData\Roaming\DuckLink
O43 - CFD: 15/08/2013 - 21:13:44 - [0] ----D C:\Users\Roland\AppData\Roaming\Etvy
O43 - CFD: 15/08/2013 - 21:13:32 - [0,002] ----D C:\Users\Roland\AppData\Roaming\Yssyic
O43 - CFD: 04/01/2014 - 10:53:49 - [0,561] ----D C:\Users\Roland\AppData\Local\C3D71579-2DE9-400E-9E66-8F35FF5E6273.aplzod
O43 - CFD: 07/02/2013 - 14:18:53 - [0,060] ----D C:\Users\Roland\AppData\Local\DashBoard
O43 - CFD: 02/01/2014 - 22:52:25 - [1,224] ----D C:\Users\Roland\AppData\Local\genienext
O43 - CFD: 04/01/2014 - 23:05:12 - [4,147] ----D C:\Users\Roland\AppData\Local\PokerStars.FR
~ Program Folder: 206 Legitimates Filtered in 00mn 01s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.2FC74FEE31D520CC1FE7D8AC113D7C96] - 02/01/2014 - 21:21:32 ---A- . (...) -- C:\logFileUI.txt [1994]
O44 - LFC:[MD5.D7C994B36F2896BFAF40B41A35FF510E] - 24/12/2013 - 17:49:08 ---A- . (...) -- C:\Windows\win.ini [751]
~ Files: 13 Legitimates Filtered in 00mn 02s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
~ MWPS: 19 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.19B006B181E3875FD254F7B67ACF1E7C] - 16/07/2009 - 10:38:40 ---A- . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- C:\Windows\System32\Drivers\ASACPI.sys [15416]
O58 - SDL:[MD5.A4D308271A72D6EDCD328CF08ED4A7F5] - 18/07/2012 - 14:17:00 ---A- . (.Windows (R) Win 7 DDK provider - Dokan Filesystem Driver.) -- C:\Windows\System32\Drivers\dokan.sys [112296]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.7DB54C30F684D591F42CC966EE6BA6A3] - 23/07/2012 - 12:32:41 ---A- . (.Yune Software - MsgPlusDriver WDM Driver.) -- C:\Windows\System32\Drivers\MsgPlusDriver.sys [102160]
O58 - SDL:[MD5.B9B215F461E3A0034CFC303729E857CB] - 25/01/2007 - 18:48:40 ---A- . (.Pas de propriétaire - USB2.0 PC Camera driver.) -- C:\Windows\System32\Drivers\sncamd.sys [33664]
O58 - SDL:[MD5.AC8F1EF394FAF226B64A8E937E6D812B] - 13/02/2008 - 11:35:46 ---A- . (.Pas de propriétaire - USB2.0 PC Camera driver.) -- C:\Windows\System32\Drivers\snp2sxp.sys [12379136]
O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 30/03/1747 - 19:43:41 ---A- . (...) -- C:\Windows\System32\Drivers\sptd.sys [530488]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:[MD5.C9E9D59C0099A9FF51697E9306A44240] - 13/12/2012 - 13:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:[MD5.64F88AF327AA74E03658AE32B48CCB8B] - 28/09/2009 - 09:22:00 ---A- . (...) -- C:\Windows\System32\Drivers\yk62x64.sys [395264]
O58 - SDL:[MD5.ADAA34740E9F6AFF94CC75D5CF8ED7E2] - 04/01/2008 - 13:34:42 ---A- . (...) -- C:\Windows\SysWOW64\drivers\AsInsHelp32.sys [10216]
O58 - SDL:[MD5.EDAA17CE771C696655B6585F7CAD2100] - 04/01/2008 - 13:34:48 ---A- . (...) -- C:\Windows\SysWOW64\drivers\AsInsHelp64.sys [11832]
O58 - SDL:[MD5.A82C01606DC27D05D9D3BFB6BB807E32] - 04/08/2009 - 09:28:28 ---A- . (...) -- C:\Windows\SysWOW64\drivers\AsIO.sys [13440]
O58 - SDL:[MD5.9F66C4BD06334BB772317C438644EF74] - 25/01/2007 - 18:48:34 ---A- . (.Pas de propriétaire - USB2.0 PC Camera driver.) -- C:\Windows\SysWOW64\drivers\sncamd.sys [25472]
O58 - SDL:[MD5.01B4B8B721345692D53F10B584B3D5D8] - 13/02/2008 - 11:34:50 ---A- . (.Pas de propriétaire - USB2.0 PC Camera driver.) -- C:\Windows\SysWOW64\drivers\snp2sxp.sys [12067328]
O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 24/07/2006 - 16:05:00 ---A- . (...) -- C:\Windows\SysWOW64\drivers\StarOpen.sys [5632]
~ Drivers: 19 Legitimates Filtered in 00mn 19s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0E60011D-02A2-43EC-B040-E0092B869203} - (Yahoo!Search) - http://fr.search.yahoo.com
O69 - SBI: SearchScopes [HKCU] {D77A81F8-5FA2-47FE-BFB6-DF53BC357BBD} - (Google) - http://www.google.com
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.154F3E364E5356168B976EE1A79AE648] [SPRF][02/01/2014] (...) -- C:\Users\Roland\AppData\Local\Temp\1374509789_SmartPCFixInstaller_ITNTDigiC_appsP.exe [1800040] =>Rogue.SmartPCFix
[MD5.C49A588C476A6FAA2FA5E98EE8A5F533] [SPRF][02/01/2014] (.Setup © - Setup.) -- C:\Users\Roland\AppData\Local\Temp\19036uninstall.exe [305152]
[MD5.858D895AD40DE9779E78C39A116F9553] [SPRF][02/01/2014] (...) -- C:\Users\Roland\AppData\Local\Temp\BackupSetup.exe [10355400]
[MD5.BFE5AD9DB25C0C2B02A899EBA6B838B8] [SPRF][20/10/2010] (.Yahoo! Inc. - BrowserPlus Uninstaller.) -- C:\Users\Roland\AppData\Local\Temp\bpuninstall.exe [428544]
[MD5.959FB591C9702648D3AB9265201DE83F] [SPRF][02/01/2014] (...) -- C:\Users\Roland\AppData\Local\Temp\kll.bat [118]
[MD5.F0A5B44B9B8A23E2F2950B346B5C7718] [SPRF][23/12/2013] (...) -- C:\Users\Roland\AppData\Local\Temp\Quarantine.exe [360051]
[MD5.5405413FFF79B8D9C747AA900F60F082] [SPRF][02/01/2014] (...) -- C:\Users\Roland\AppData\Local\Temp\Sqlite3.dll [599419]
[MD5.006CC8260405E231C2006A0CEA2127FD] [SPRF][02/01/2014] (.Robert Simpson, et al. - System.Data.SQLite Interop Assembly.) -- C:\Users\Roland\AppData\Local\Temp\System.Data.SQLite.dll [1053184]
[MD5.7CA420A4688109E2AB5844A2C753C905] [SPRF][15/10/2013] (.Conduit Ltd. - Conduit Toolbar.) -- C:\Users\Roland\AppData\Local\Temp\tb01NE.dll [5176096] =>Toolbar.Conduit
[MD5.B0F6507F8666E89DD9F192313D88EB98] [SPRF][16/06/2013] (.Babylon Ltd. - Uninstaller Application.) -- C:\Users\Roland\AppData\Local\Temp\uninst1.exe [389632] =>PUP.Babylon
[MD5.18BB65E7709E8CFDFB1F3E287893C282] [SPRF][04/01/2014] (...) -- C:\Users\Roland\AppData\Local\Temp\uninstallkit.exe [97744]
[MD5.FD090C9793426809A037743D6255FFF3] [SPRF][07/10/2013] (.Yuna Software - Setup - Messenger Plus!.) -- C:\Users\Roland\AppData\Local\Temp\Update_1a21.exe [987504]
[MD5.FD090C9793426809A037743D6255FFF3] [SPRF][22/09/2013] (.Yuna Software - Setup - Messenger Plus!.) -- C:\Users\Roland\AppData\Local\Temp\Update_a912.exe [987504]
[MD5.AF5C84446657B48C9B9B870C46438261] [SPRF][05/01/2014] (...) -- D:\Roland\Desktop\adwcleaner.exe [1233962]
[MD5.B91FE1536AB4D680DDD77469EA3FD4BF] [SPRF][22/12/2013] (...) -- C:\Program Files (x86)\vlc-2.1.2-win32.exe [24097311]
~ Files: 19 Legitimates Filtered in 00mn 02s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{48FD5251-9C0A-4615-942B-A8BA05667D41}" |In - None - P17 - TRUE | .(...) -- C:\Users\Roland\AppData\Local\Temp\SpeedAnalysisSetup-1-.exe (.not file.) =>PUP.SpeedAnalysis
O87 - FAEL: "{C0D51AF8-C7E4-45EF-8F9F-923AC2DC2449}" |Out - None - P17 - TRUE | .(...) -- C:\Users\Roland\AppData\Local\Temp\SpeedAnalysisSetup-1-.exe (.not file.) =>PUP.SpeedAnalysis
~ Firewall: 253 Legitimates Filtered in 00mn 01s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "6F42B19C92612E116B691276168807B9" . (.PDF Split And Merge Basic.) -- C:\Windows\Installer\{C91B24F6-1629-11E2-B696-21676188709B}\pdfsam.ico
~ Update Products: 85 Legitimates Filtered in 00mn 00s



---\\ Enumère les données de la clé NameSpace (MNS) (O92)
O92 - MNS: Photos iCloud - {F0D63F85-37EC-4097-B30D-61B4A8917118}
~ MNS: 1 Legitimates Filtered in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 10/12/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 04/01/2012 135664 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 04/01/2012 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 25/11/2011 427640 | (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\x64\maconfservice.exe
SS - | Demand 20/12/2013 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 05/09/2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
SS - | Auto 10/07/1658 0 | (vToolbarUpdater17.2.0) . (...) - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe =>Toolbar.AVGSearch
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 21/08/2010 1079368 | (AcrSch2Svc) . (.Acronis.) - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
SR - | Auto 10/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 03/12/2011 3975088 | (afcdpsrv) . (.Acronis.) - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
SR - | Auto 18/08/2009 203264 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 11/11/2013 3478544 | (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
SR - | Auto 24/09/2013 348008 | (avgwd) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Demand 02/11/2013 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 25/05/2010 2139400 | (OS Selector) . (...) - C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
SR - | Auto 23/12/2009 370688 | (StarWindServiceAE) . (.StarWind Software.) - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
SR - | Auto 13/06/2013 4150112 | (TeamViewer8) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 09/11/2008 602392 | (YahooAUService) . (.Yahoo! Inc..) - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

~ Services: Scanned in 00mn 16s



---\\ Liste des émulateurs de CD/DVD (MBR Hook)
O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 30/03/1747 - 19:43:41 ---A- . (...) -- C:\Windows\System32\Drivers\sptd.sys [530488]
~ Emulateurs: Scanned in 00mn 16s



---\\ Scan Additionnel (O88)
Database Version : 13018 - (02/01/2014)
Clés trouvées (Keys found) : 25
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 2
Fichiers trouvés (Files found) : 7

[HKLM\SYSTEM\CurrentControlSet\Services\vToolbarUpdater17.2.0] =>Toolbar.AVGSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKLM\Software\Classes\Interface\{8DEC3C75-9A5D-446C-B7B5-E4AB4FDD6309}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\Interface\{8DEC3C75-9A5D-446C-B7B5-E4AB4FDD6309}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
C:\Users\Roland\AppData\Local\Temp\Installer =>Adware.InstallPedia
C:\Users\Roland\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpfeggemggokijeahnacacopejaabljl =>Adware.PlusHD
[HKLM\Software\WEDL] =>PUP.weDownloadManager^
[HKLM\Software\Wow6432Node\WEDL] =>PUP.weDownloadManager^
C:\Users\Roland\AppData\Local\Temp\1374509789_SmartPCFixInstaller_ITNTDigiC_appsP.exe =>Rogue.SmartPCFix^
C:\Users\Roland\AppData\Local\Temp\tb01NE.dll =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\uninst1.exe =>PUP.Babylon^
~ Additionnel Scan: 302180 Items scanned in 00mn 33s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/32037290-rogue-smartpcfix =>Rogue.SmartPCFix
~ http://nicolascoolman.webs.com/apps/blog/show/32930303-pup-wedownloadmanager =>PUP.weDownloadManager
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/28153012-pup-speedanalysis =>PUP.SpeedAnalysis
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo
~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
~ http://nicolascoolman.webs.com/apps/blog/show/26967630-adware-installpedia =>Adware.InstallPedia
~ http://nicolascoolman.webs.com/apps/blog/show/28138048-adware-plushd =>Adware.PlusHD
~ MSI: 10 link(s) detected in 00mn 33s



~ 1203 Legitimates filtered by white list
End of the scan (551 lines in 01mn 50s)(0)

Publicité


Signaler le contenu de ce document

Publicité