cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2013.9.9.18 - Nicolas Coolman (09/09/2013)
~ Lanc� par SADOUKI (09/09/2013 21:48:10)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Traduit par Nicolas Coolman
~ Etat de la version : Version � jour.
~ Liste blanche : Activ�e par le programme
~ El�vation des Privil�ges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16660
MFIE: Mozilla Firefox 23.0.1 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Fran�ais
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 3Q6C9
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du syst�me
Avira Free Antivirus v13.0.0.3885
Trusteer S�curit� des points d'acc�s v3.5.1302.54
Windows Defender W7

---\\ Logiciels d'optimisation du syst�me
CCleaner v4.05 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 ActiveX 64-bit
Adobe Reader 9.4.0 - Fran�ais

---\\ Informations sur le syst�me
~ Processor: AMD64 Family 16 Model 6 Stepping 2, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3839 MB (64% free)
System Restore: Activ� (Enable)
System drive C: has 245 GB (41%) free of 584 GB

---\\ Mode de connexion au syst�me
~ Computer Name: SADOUKI-PC
~ User Name: SADOUKI
~ All Users Names: SADOUKI, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppData% : C:\Users\SADOUKI\AppData\Roaming\
~ %Desktop% : C:\Users\SADOUKI\Desktop\
~ %Favorites% : C:\Users\SADOUKI\Favorites\
~ %LocalAppData% : C:\Users\SADOUKI\AppData\Local\
~ %StartMenu% : C:\Users\SADOUKI\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enum�ration des unit�s disques
C:\ Hard drive, Flash drive, Thumb drive (Free 245 Go of 584 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 12 Go)
E:\ CD-ROM drive (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
K:\ Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Etat du Centre de S�curit� Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 32 Legitimates Filtered in 00mn 00s



---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.AC155DD9BD1E6D3B740826A4D1C68AAE] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.26/07/2013 - 06:13:37.) -- C:\Windows\System32\wininet.dll [2241024]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioth�que de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parall�le.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 5/19080
~ Mes musiques (My Musics) : 53/16888
~ Mes Videos (My Videos) : 1/479
~ Mes Favoris (My Favorites) : 1/198
~ Mes Documents (My Documents) : 4/654
~ Mon Bureau (My Desktop) : 2/815
~ Menu demarrer (Programs) : 1/24
~ Hidden Files: Scanned in 00mn 28s



---\\ Processus lanc�s au d�marrage du syst�me
[MD5.CD1BCA41485E6D5F0ADFC52E9BCD16C6] - (.Trusteer Ltd. - RapportService.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe [2476312] [PID.492]
[MD5.A5F78606A9BA8F0C4C8FF9DED6ED5107] - (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048] [PID.2164]
[MD5.1B31D1266691EDD4224B0036449F14B4] - (.Nero AG - Nero Home.) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872] [PID.2176]
[MD5.554A50B5310E702029D3A675459108FF] - (.Hewlett-Packard - hpsysdrv.) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768] [PID.2300]
[MD5.47DCE3A2FE0B34DD9F01EB4037303A3E] - (.Hewlett-Packard - HP Remote Solution.) -- C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896] [PID.2324]
[MD5.5516C26A6AF8EB4E2CAB48EC98A74398] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe [54576] [PID.2424]
[MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288] [PID.2528]
[MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696] [PID.2556]
[MD5.12288E0368EE972CAFA422999F73D3A8] - (.PC Tools - SSDMonit Application.) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [112600] [PID.2608]
[MD5.4631FF0EE2964CCDC646AF807CB778F5] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144] [PID.2640]
[MD5.96E8CF4D3731D90058DE39A3BECAD707] - (.Nero AG - Nero Home.) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe [1201448] [PID.2732]
[MD5.B4CF3FB7E9B8EA69757541DCE6CA20ED] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [276376] [PID.2340]
[MD5.A9BFA26F37B85EDA665CBC32B3B8561D] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7921664] [PID.3736]
[MD5.0126DCDB97D7843659738A00BD5668D0] - (.Trusteer Ltd. - RapportMgmtService.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1435928] [PID.848]
[MD5.99387251353598C939592FAF40DF8AA9] - (.Avira Operations GmbH & Co. KG - Avira Scheduler.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024] [PID.1224]
[MD5.8491FDA93507F2F27FFBA11372764086] - (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088] [PID.1420]
[MD5.D41231AECFEE88973D56AEC2EE5B962D] - (.APN LLC. - APN Updater.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [168400] [PID.1460]
[MD5.4FE5C6D40664AE07BE5105874357D2ED] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [57008] [PID.1496]
[MD5.2238B91AC1A12CC6CC4C4FED41258B2A] - (.Hewlett-Packard Company - LightScribe Service.) -- c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.1696]
[MD5.C98CD9EE0012DF72206BD519DB9780D4] - (.PC Tools - StartMan Application.) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [632792] [PID.1788]
[MD5.696EB1F22EC71262BB8188639DBEED3E] - (.Avira Operations GmbH & Co. KG - Avira WebGuard Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.exe [589368] [PID.888]
[MD5.193FA51DDDD0BFFDED1C340F0434999A] - (.Nero AG - Nero Home.) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [275752] [PID.2508]
[MD5.F02A533F517EB38333CB12A9E8963773] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176] [PID.2012]
~ Processes Running: Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\SADOUKI\AppData\Roaming\Mozilla\Firefox\Profiles\4s5sp50z.default\prefs.js
~ Firefox Browser: 4 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com =>Toolbar.DeltaSearch
~ IE Browser: 17 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Cl� orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Advanced System Optimizer.lnk . (.Systweak Software, (www.systweak.com) - Advanced System Optimizer - UAC Launcher.) -- C:\Program Files (x86)\Advanced System Optimizer 3\HighestAvailable.exe =>PUP.AdvancedSystemOptimizer
O4 - GS\Desktop [Public]: aTube Catcher.lnk . (.DsNET - aTube Catcher to download and convert video.) -- C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
O4 - GS\Desktop [Public]: HP Support Assistant.lnk . (.Hewlett-Packard - HP Support Assistant.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
O4 - GS\Desktop [Public]: OpenOffice.org 3.4.lnk . (.OpenOffice.org - OpenOffice.org 3.4.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
O4 - GS\Desktop [Public]: Smart PC Care.lnk . (.Systweak Software, (www.systweak.com) - Advanced System Optimizer - UAC Launcher.) -- C:\Program Files (x86)\Advanced System Optimizer 3\RequireAdministrator.exe =>PUP.AdvancedSystemOptimizer
O4 - GS\Program [Public]: Magic Desktop.lnk . (.EasyBits Software AS - EasyBits Security Shield.) -- C:\Program Files (x86)\EasyBits For Kids\ezSecShield.exe
O4 - GS\Program [Public]: MusicStation.lnk . (.Omnifone Ltd - MusicStation.) -- C:\Program Files (x86)\Online Services\Omnifone\MusicStation.exe
O4 - GS\QuickLaunch [SADOUKI]: Advanced System Optimizer.lnk . (.Systweak Software, (www.systweak.com) - Advanced System Optimizer - UAC Launcher.) -- C:\Program Files (x86)\Advanced System Optimizer 3\HighestAvailable.exe =>PUP.AdvancedSystemOptimizer
O4 - GS\QuickLaunch [SADOUKI]: Jouer � HP Games.lnk . (.WildTangent, Inc. - GameConsole.) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsole-wt.exe
O4 - GS\QuickLaunch [SADOUKI]: Nero Home.lnk . (.Nero AG - Nero Home.) -- C:\Program Files (x86)\Nero\Nero 7\Nero Home\NeroHome.exe
O4 - GS\TaskBar [SADOUKI]: eBay.lnk . (...) -- C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe
O4 - GS\TaskBar [SADOUKI]: HP MediaSmart.lnk . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (.not file.)
O4 - GS\TaskBar [SADOUKI]: HPAdvisor.lnk . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - GS\Accessories [SADOUKI]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\system32\notepad.exe
O4 - GS\Desktop [SADOUKI]: 2012-07- 08 LISBOA 17 07 2012 - Raccourci.lnk . (...) -- C:\Users\Public\Pictures\Sample Pictures\2012-07- 08 LISBOA 17 07 2012
O4 - GS\Desktop [SADOUKI]: BARCELONA 2013 - Raccourci.lnk . (...) -- C:\Users\SADOUKI\Pictures\BARCELONA 2013
O4 - GS\Desktop [SADOUKI]: Jouer � HP Games.lnk . (.WildTangent, Inc. - GameConsole.) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsole-wt.exe
O4 - GS\Desktop [SADOUKI]: SADOUKI - Raccourci.lnk . (...) -- C:\Users\SADOUKI
~ Global Startup: 62 Legitimates Filtered in 00mn 02s



---\\ Applications lanc�es au d�marrage du syt�me (O4)
O4 - GS\Startup [Public]: Microsoft Office.lnk . (.Microsoft Corporation - Microsoft Office XP component.) -- C:\Program Files (x86)\Microsoft Office\Office10\OSA.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll
O4 - HKLM\..\Run: [SmartMenu] . (.Pas de propri�taire - SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKCU\..\Run: [HPADVISOR] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
O4 - HKCU\..\Run: [Orange Installer] . (...) -- C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe
O4 - HKCU\..\Run: [OrangeInside] . (.Orange - Executable Orange Inside.) -- C:\Users\SADOUKI\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
O4 - HKLM\..\Wow6432Node\Run: [hpsysdrv] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Remote Solution] . (.Hewlett-Packard - HP Remote Solution.) -- C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Wow6432Node\Run: [Easybits Recovery] . (.EasyBits Software AS - Pas de description.) -- C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Wow6432Node\Run: [SSDMonitor] . (.PC Tools - SSDMonit Application.) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-2941249159-3896497089-4231725987-1000\..\Run: [HPADVISOR] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - HKUS\S-1-5-21-2941249159-3896497089-4231725987-1000\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
O4 - HKUS\S-1-5-21-2941249159-3896497089-4231725987-1000\..\Run: [Orange Installer] . (...) -- C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe
O4 - HKUS\S-1-5-21-2941249159-3896497089-4231725987-1000\..\Run: [OrangeInside] . (.Orange - Executable Orange Inside.) -- C:\Users\SADOUKI\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
~ Application: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{B7851C52-B96C-4A3C-BE9D-46E0458616D2}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{B7851C52-B96C-4A3C-BE9D-46E0458616D2}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{B7851C52-B96C-4A3C-BE9D-46E0458616D2}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Titr_HJT34=Protocole additionnel (O18)
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: Service de mise � jour Ask (APNMCP) . (.APN LLC. - APN Updater.) - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: ASO3DiskOptimizer (ASO3DiskOptimizer) . (.Systweak Software, (www.systweak.com) - Advanced System Optimizer - Defrag Service.) - C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe =>PUP.AdvancedSystemOptimizer
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
~ Services: 14 Legitimates Filtered in 00mn 12s



---\\ T�ches planifi�es en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\ASO-AutoCheckUpdate7Days.job [464]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\ASO-OneClickCare.job [434]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\ASOService.job [462]
~ Scheduled Task: 5 Legitimates Filtered in 00mn 00s



---\\ Logiciels install�s (O42)
O42 - Logiciel: BrowserProtect - (...) [HKLM][64Bits] -- BrowserProtect =>Hijacker.Eazel
O42 - Logiciel: MyPC Backup - (.MyPC Backup.) [HKLM][64Bits] -- MyPC Backup =>PUP.MyPCBackup
~ Logic: 124 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\AskPartnerNetwork]
[HKCU\Software\DefaultPackStatus]
[HKCU\Software\PCTools]
[HKCU\Software\Yahoo] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\AskPartnerNetwork]
[HKLM\Software\Wow6432Node\AskTBar]
[HKLM\Software\Wow6432Node\PCTools]
[HKLM\Software\Wow6432Node\Yahoo] =>Toolbar.Yahoo
~ Key Software: 245 Legitimates Filtered in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 09/09/2013 - 14:27:37 - [9,559] ----D C:\Program Files (x86)\AskPartnerNetwork
O43 - CFD: 28/12/2010 - 03:02:49 - [0,005] ----D C:\Program Files (x86)\FileSheets
O43 - CFD: 09/09/2013 - 14:27:37 - [1,431] ----D C:\ProgramData\AskPartnerNetwork
O43 - CFD: 10/08/2013 - 21:14:55 - [0] ----D C:\ProgramData\Yahoo! =>Toolbar.Yahoo
O43 - CFD: 05/12/2009 - 05:26:53 - [20,406] ----D C:\ProgramData\{44AFD825-9603-4521-9447-A6E1C5CA2F3D}
O43 - CFD: 29/06/2010 - 19:57:30 - [6,585] ----D C:\ProgramData\{B3C2C1CD-6B77-4A96-B670-F734AC2A1CBC}
O43 - CFD: 05/12/2009 - 05:09:06 - [5,468] --H-D C:\ProgramData\{D441869F-BEC4-446D-9888-C5CA29F160F9}
O43 - CFD: 18/09/2010 - 14:03:25 - [0,000] ----D C:\Users\SADOUKI\AppData\Roaming\com.prakaz.project.photogettr.FBAB9E68ED32BC183252F597C39DBF71CF315A79.1
O43 - CFD: 18/06/2010 - 11:07:06 - [0] ----D C:\Users\SADOUKI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Audiograbber
~ Program Folder: 177 Legitimates Filtered in 00mn 32s



---\\ Derniers fichiers cr��s dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 02/01/2149 - 07:49:54 - C:\Windows\Prefetch\ReadyBoot
O45 - LFCP:[MD5.DD812F33E1096C501CB0F46ADEF2E089] - 09/09/2013 - 09:43:46 ---A- - C:\Windows\Prefetch\WIZLINK.EXE-1C3BE658.pf
O45 - LFCP:[MD5.E35C12827702724C0B40D5A9EA3F7257] - 09/09/2013 - 12:51:10 ---A- - C:\Windows\Prefetch\HSPLAYER.EXE-6856B8F2.pf
O45 - LFCP:[MD5.0CC5FA0913D876E14E68B885515DAC37] - 09/09/2013 - 12:53:57 ---A- - C:\Windows\Prefetch\CSPEP.EXE-780A7317.pf
O45 - LFCP:[MD5.D49DBAF96DEA5B0E9613E389214ACB57] - 10/08/2013 - 20:05:58 ---A- - C:\Windows\Prefetch\LOCALIZER.EXE-3FF15560.pf
~ Prefetcher: 96 Legitimates Filtered in 00mn 00s



---\\ Enum�ration des cl�s de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\upstv_fr_8.exe [Key] . (...) -- C:\Users\SADOUKI\AppData\Local\startertv_fr_8\upstv_fr_8.exe (.not file.) =>Adware.StarterTV
~ SMSR Keys: 2 Legitimates Filtered in 00mn 00s



---\\ Enum�ration des cl�s de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 21 Legitimates Filtered in 00mn 00s



---\\ Enum�ration des cl�s de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du syst�me (SDL) (O58)
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
~ Drivers: 21 Legitimates Filtered in 00mn 00s



---\\ Derniers fichiers modifi�s ou cr�es (Utilisateur) (O61)
O61 - LFC: 08/09/2013 - 20:21:35 ---A- . (...) -- C:\Users\SADOUKI\AppData\Roaming\wklnhst.dat [6358]
O61 - LFC: 09/09/2013 - 09:39:20 ---A- . (.Piriform Ltd.) -- C:\Users\SADOUKI\Downloads\ccsetup405.exe [4454952]
O61 - LFC: 09/09/2013 - 12:58:01 ---A- . (...) -- C:\Users\SADOUKI\AppData\Roaming\Microsoft\IdentityCRL\Production\MetaConfig.xml [163]
O61 - LFC: 09/09/2013 - 13:00:27 ---A- . (...) -- C:\Users\SADOUKI\Downloads\avira_free_antivirus.exe [640192]
O61 - LFC: 09/09/2013 - 13:01:03 ---A- . (...) -- C:\Users\SADOUKI\Downloads\avira_free_antivirus [1].exe [2092792]
O61 - LFC: 09/09/2013 - 13:43:00 ---A- . (...) -- C:\Users\SADOUKI\AppData\Local\Symantec\CEDUrl.txt [2811352]
O61 - LFC: 09/09/2013 - 13:43:25 ---A- . (...) -- C:\Users\SADOUKI\AppData\Roaming\Tific\Environment.tfc [6416]
O61 - LFC: 09/09/2013 - 13:43:25 ---A- . (...) -- C:\Users\SADOUKI\AppData\Roaming\Tific\tificocs.symantec.com.tfc [6416]
O61 - LFC: 09/09/2013 - 14:25:01 ---A- . (...) -- C:\Users\SADOUKI\Downloads\adwcleaner.exe [1037278]
~ 43 Fichiers temporaires (Temporary files)
~ Files: 767 Legitimates Filtered in 14mn 11s



---\\ Liste des outils de d�sinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s



---\\ Menu de d�marrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {69729FA6-FFB6-44A7-BF9A-3E4D65EF649C} - (Yahoo! Search) - http://fr.search.yahoo.com =>Toolbar.Yahoo
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - http://r.orange.fr
O69 - SBI: SearchScopes [HKCU] {DABF4DC9-031C-4B39-9E60-1A790B452458} - (Bing) - http://www.bing.com
~ Keys: Scanned in 00mn 00s



---\\ Recherche particuli�re � la racine du syst�me (SPRF) (O84)
[MD5.C77F181FE6CE6956767264156F599689] [SPRF][08/09/2013] (...) -- C:\Users\SADOUKI\AppData\Roaming\wklnhst.dat [6358]
[MD5.FCD31E9167248D5384EBF14A0D673204] [SPRF][23/10/2010] (...) -- C:\Users\SADOUKI\Desktop\AdbeRdr940_fr_FR.exe [27769936]
~ Files: 5 Legitimates Filtered in 00mn 12s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{BC24F3B1-EAF9-4C7B-8917-317FB2C254FF}" |In - Public - P6 - TRUE | .(...) -- C:\ProgramData\eSafe\eGdpSvc.exe (.not file.)
~ Firewall: 198 Legitimates Filtered in 00mn 01s



---\\ Enum�re les codes produits des logiciels (PUC) (O90)
O90 - PUC: "25946514D2147365007A7A857BC02020" . (.Avira SearchFree Toolbar plus Web Protection.) -- C:\Windows\Installer\{41564952-412D-5637-00A7-A758B70C0202}\ToolbarIcon.exe =>Toolbar.Avira
~ Update Products: 91 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.23823B6DD7133C17B6B30486257B61D8] [WIS][26/07/2013] (.Ask Partner Network - Avira SearchFree Toolbar plus Web Protection.) -- C:\Windows\Installer\24f3df.msi [759296] =>Toolbar.Avira
[MD5.DC443438B9DB9DE5EEEBB4618270F858] [WIS][25/04/2011] (.Secure Digital Services - MyPDFConverter.) -- C:\Windows\Installer\c671e.msi [9639936] =>Adware.SPointer
~ WIS: 94 Legitimates Filtered in 00mn 13s



---\\ Etat g�n�ral des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 09/09/2013 84024 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
SR - | Auto 09/09/2013 108088 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 09/09/2013 589368 | (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.exe
SR - | Auto 26/07/2013 168400 | (APNMCP) . (.APN LLC..) - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
SR - | Auto 21/12/2012 57008 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 05/03/2013 264488 | (ASO3DiskOptimizer) . (.Systweak Software, (www.systweak.com).) - C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe =>PUP.AdvancedSystemOptimizer
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\ezsvc7.dll (ezSharedSvc) . (.EasyBits Sofware AS.) - C:\Windows\System32\svchost.exe
SS - | Demand 06/06/2009 250616 | (GameConsoleService) . (.WildTangent, Inc..) - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
SS - | Auto 25/04/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 25/04/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SR - | Auto 24/09/2009 125440 | (HP Health Check Service) . (.Hewlett-Packard.) - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
SS - | Demand 30/04/2009 229944 | (hpqwmiex) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
SR - | Auto 20/08/2009 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
SS - | Demand 14/08/2013 117656 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 28/11/2007 800040 | (NBService) . (.Nero AG.) - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
SR - | Demand 22/01/2008 275752 | (NMIndexingService) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
SR - | Auto 29/07/2009 382496 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 28/01/2011 632792 | (PCToolsSSDMonitorSvc) . (.PC Tools.) - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
SR - | Auto 25/07/2013 1435928 | (RapportMgmtService) . (.Trusteer Ltd..) - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
SS - | Auto 01/03/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 18s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by SADOUKI at 09/09/2013 22:08:44
~ OS 64 not supported by MBR tool
~ MBR: 0 Legitimates Filtered in 00mn 00s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by SADOUKI at 09/09/2013 22:08:46

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 12895 - (09/09/2013)
Cl�s trouv�es (Keys found) : 59
Valeurs trouv�es (Values found) : 3
Dossiers trouv�s (Folders found) : 3
Fichiers trouv�s (Files found) : 8

[HKLM\SYSTEM\CurrentControlSet\Services\ASO3DiskOptimizer] =>PUP.AdvancedSystemOptimizer^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\BrowserProtect] =>Hijacker.Eazel^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup] =>PUP.MyPCBackup^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\upstv_fr_8.exe] =>Adware.StarterTV^
[HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A047FE02-C91C-41CB-898C-4ED21B86025A}] =>Toolbar.Orange
[HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS] =>Toolbar.Bing
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>Toolbar.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>Toolbar.Tarma
[HKCU\Software\AskPartnerNetwork] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\AskPartnerNetwork] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220322712280}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
C:\ProgramData\Yahoo! =>Toolbar.Yahoo^
C:\Program Files (x86)\AskPartnerNetwork =>Toolbar.Ask
C:\ProgramData\AskPartnerNetwork =>Toolbar.Ask
C:\Program Files (x86)\Advanced System Optimizer 3\HighestAvailable.exe =>PUP.AdvancedSystemOptimizer^
C:\Program Files (x86)\Advanced System Optimizer 3\RequireAdministrator.exe =>PUP.AdvancedSystemOptimizer^
C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe =>PUP.AdvancedSystemOptimizer^
[HKCU\Software\Yahoo] =>Toolbar.Yahoo^
[HKLM\Software\Wow6432Node\Yahoo] =>Toolbar.Yahoo^
C:\Windows\Installer\{41564952-412D-5637-00A7-A758B70C0202}\ToolbarIcon.exe =>Toolbar.Avira^
C:\Windows\Installer\24f3df.msi =>Toolbar.Avira^
C:\Windows\Installer\c671e.msi =>Adware.SPointer^
~ Additionnel Scan: 310316 Items scanned in 00mn 27s



---\\ R�capitulatif des d�tections trouv�es sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/29357530-pup-advancedsystemoptimizer =>PUP.AdvancedSystemOptimizer
~ http://nicolascoolman.webs.com/apps/blog/show/27161672-hijacker-eazel =>Hijacker.Eazel
~ http://nicolascoolman.webs.com/apps/blog/show/32174815-pup-mypcbackup =>PUP.MyPCBackup
~ http://nicolascoolman.webs.com/apps/blog/show/30268689-toolbar-yahoo =>Toolbar.Yahoo
~ http://nicolascoolman.webs.com/apps/blog/show/29259213-adware-startertv =>Adware.StarterTV
~ http://nicolascoolman.webs.com/apps/blog/show/28419247-toolbar-avira =>Toolbar.Avira
~ http://nicolascoolman.webs.com/apps/blog/show/27556476-adware-spointer =>Adware.SPointer
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/28000037-pup-rewardsarcade =>PUP.RewardsArcade
~ http://nicolascoolman.webs.com/apps/blog/show/31536787-toolbar-bing =>Toolbar.Bing
~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>Toolbar.Tarma
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider =>PUP.CrossRider
~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
~ MSI: 15 link(s) detected in 00mn 27s



~ 1958 Legitimates filtered by white list
End of the scan (562 lines in 21mn 03s)(0)

Publicité


Signaler le contenu de ce document

Publicité