cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2013.9.23.44 - Nicolas Coolman (23/09/2013)
~ Lanc� par Boedec (24/09/2013 15:37:54)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activ�e par le programme
~ El�vation des Privil�ges : OK
~ User Account Control (UAC): Not Found


---\\ Navigateurs Internet
MSIE: Internet Explorer v8.0.6001.18702
MFIE: Mozilla Firefox 23.0.1 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Fran�ais
Windows XP Home Edition Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK

---\\ Logiciels de protection du syst�me
Kaspersky Internet Security 2013 v13.0.1.4190
Malwarebytes Anti-Malware version 1.75.0.1300

---\\ Logiciels d'optimisation du syst�me
CCleaner v4.05 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader X

---\\ Informations sur le syst�me
~ Processor: x86 Family 6 Model 10 Stepping 0, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2047 MB (56% free)
System Restore: Activ� (Enable)
System drive C: has 22 GB (29%) free of 75 GB

---\\ Mode de connexion au syst�me
~ Computer Name: MAISON
~ User Name: Boedec
~ All Users Names: SUPPORT_388945a0, HelpAssistant, Boedec, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\Boedec\Application Data\
~ %Desktop% : C:\Documents and Settings\Boedec\Bureau\
~ %Favorites% : C:\Documents and Settings\Boedec\Favoris\
~ %LocalAppData% : C:\Documents and Settings\Boedec\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\Boedec\Menu D�marrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\\ Enum�ration des unit�s disques
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 22 Go of 75 Go)
D: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: CD-ROM drive (Not Inserted)
I: CD-ROM drive (Not Inserted)
J: Floppy drive, Flash card reader, USB Key (Not Inserted)
K: Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Etat du Centre de S�curit� Windows
~ Security Center: 30 Legitimates Filtered in 00mn 00s



---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.13/04/2008 - 18:34:04.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.EA7AB3839BE1FFE067A8131F3547160D] - (.Microsoft Corporation - Internet Extensions for Win32.) (.08/08/2013 - 07:05:46.) -- C:\WINDOWS\system32\wininet.dll [920064]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.13/04/2008 - 18:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 10:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/04/2008 - 11:14:22.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/04/2008 - 10:40:48.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.13/04/2008 - 17:57:40.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 08:36:06.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.13/04/2008 - 18:00:54.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/04/2008 - 10:41:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/04/2008 - 10:57:16.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/04/2008 - 11:19:44.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/04/2008 - 11:21:02.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 - 11:15:54.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parall�le.) (.13/04/2008 - 18:09:42.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/04/2008 - 11:19:44.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 10:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/04/2008 - 17:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.13/04/2008 - 17:56:06.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 2/3659
~ Mes musiques (My Musics) : 8/207
~ Mes Videos (My Videos) : 3/7
~ Mes Favoris (My Favorites) : 1/288
~ Mes Documents (My Documents) : 3/5296
~ Mon Bureau (My Desktop) : 1/18
~ Menu demarrer (Programs) : 2/89
~ Hidden Files: Scanned in 00mn 00s



---\\ Processus lanc�s
[MD5.587EFD6A3A30A35A27904D21AE1FB882] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356376] [PID.220]
[MD5.25A3B42033D056718A7BF29C2367EBDA] - (.F-Secure - Terra Giga Drive.) -- C:\Program Files\Orange\mes contenus - mon disque\mounter.exe [75648] [PID.656]
[MD5.626CF4DB8FF93DF819A6FF479F8086C4] - (.Pas de propri�taire - Printer Communication System.) -- C:\WINDOWS\system32\lxdecoms.exe [598960] [PID.1184]
[MD5.18A2E16BCB1D76DA0A7AE666FB755D35] - (.Mozilla Corporation - Thunderbird.) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe [389016] [PID.3980]
[MD5.B4CF3FB7E9B8EA69757541DCE6CA20ED] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [276376] [PID.1088]
[MD5.D63791AEA2D98C5B3A2881A230613B8E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8006144] [PID.4036]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\Boedec\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://dts.search-results.com =>PUP.SearchResults
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.jeanmarcmorandini.com
G0 - GCSP: Preference [User Data\Default] http://www.searchnu.com =>Adware.Bandoo
~ Google Browser: 3 Legitimates Filtered in 00mn 13s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\Boedec\Application Data\Mozilla\Firefox\Profiles\10zfds1v.default\prefs.js
C:\Documents and Settings\Boedec\Application Data\Mozilla\Firefox\Profiles\10zfds1v.default\user.js
M3 - MFPP: Plugins - [Boedec] -- C:\Documents and Settings\Boedec\Application Data\Mozilla\Firefox\Profiles\10zfds1v.default\searchplugins\application-portable-papoo.xml
M3 - MFPP: Plugins - [Boedec] -- C:\Documents and Settings\Boedec\Application Data\Mozilla\Firefox\Profiles\10zfds1v.default\searchplugins\avg-secure-search.xml
M3 - MFPP: Plugins - [Boedec] -- C:\Documents and Settings\Boedec\Application Data\Mozilla\Firefox\Profiles\10zfds1v.default\searchplugins\dictionarist.xml
M3 - MFPP: Plugins - [Boedec] -- C:\Documents and Settings\Boedec\Application Data\Mozilla\Firefox\Profiles\10zfds1v.default\searchplugins\ecofree---france.xml
M3 - MFPP: Plugins - [Boedec] -- C:\Documents and Settings\Boedec\Application Data\Mozilla\Firefox\Profiles\10zfds1v.default\searchplugins\google-pl.xml
M3 - MFPP: Plugins - [Boedec] -- C:\Documents and Settings\Boedec\Application Data\Mozilla\Firefox\Profiles\10zfds1v.default\searchplugins\Search_Results.xml =>PUP.SearchResults
M3 - MFPP: Plugins - [Boedec] -- C:\Documents and Settings\Boedec\Application Data\Mozilla\Firefox\Profiles\10zfds1v.default\searchplugins\sweetim.xml =>PUP.SweetIM
M3 - MFPP: Plugins - [Boedec] -- C:\Program Files\Mozilla FireFox\searchplugins\MediaDICO-fr.xml
M3 - MFPP: Plugins - [Boedec] -- C:\Program Files\Mozilla FireFox\searchplugins\Search_Results.xml =>PUP.SearchResults
M2 - MFEP: prefs.js [Boedec - 10zfds1v.default\{03B08592-E5B4-45ff-A0BE-C1D975458688}] [] Toolbar Buttons v1.0 (..)
P2 - FPN: [HKLM] [@pandasoftware.com/nanoscan] - (...) -- (.not file.)
~ Firefox Browser: 38 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1
~ IE Browser: 12 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 19



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - [HKLM]{D3028143-6145-4318-99D3-3EDCE54A95A9} Cl� orpheline
O3 - Toolbar: (no name) - [HKCU]{1E796980-9CC5-11D1-A83F-00C04FC99D61} Cl� orpheline
O3 - Toolbar: (no name) - [HKCU]{710EB7A1-45ED-11D0-924A-0020AFC7AC4D} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D3028143-6145-4318-99D3-3EDCE54A95A9} Cl� orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Program [AllUsers]: MSN Messenger 7.5.lnk . (...) -- C:\WINDOWS\Installer\{BAFD3C1E-03EC-11DA-BFBD-00065BBDC0B5}\MsblIco.exe (.not file.)
O4 - GS\Program [AllUsers]: Windows Messenger.lnk . (...) -- C:\Program Files\Messenger\msmsgs.exe (.not file.)
O4 - GS\Program [Boedec]: Windows Install Clean Up.lnk . (...) -- C:\Documents and Settings\Boedec\Application Data\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
~ Global Startup: 19 Legitimates Filtered in 00mn 00s



---\\ Applications lanc�es au d�marrage du syt�me (O4)
O4 - HKLM\..\Run: [AVP] . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
~ Application: Scanned in 00mn 00s



---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Clavier virtuel - {0C4CC089-D306-440D-9772-464E226F6539} . (...) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\kbrd.ico
O9 - Extra button: &Envoyer � OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} . (.Microsoft Corporation - ActiveSync Favorite Synchronization.) -- C:\Program Files\MI3AA1~1\INetRepl.dll
O9 - Extra button: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -- Cl� orpheline
O9 - Extra button: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} -- Cl� orpheline
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
O9 - Extra button: Analyse des liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} . (...) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\logo.ico
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Cl� orpheline
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} ((no name)) - http://www.eset.eu/OnlineScanner.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} ((no name)) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1E022AF0-6139-4F89-8938-9F8593B2FC76}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{1E022AF0-6139-4F89-8938-9F8593B2FC76}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{1E022AF0-6139-4F89-8938-9F8593B2FC76}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent r�seau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: klogon . (.Kaspersky Lab ZAO - Logon Visualizer.) -- C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: lxde_device (lxde_device) . (.Pas de propri�taire - Printer Communication System.) - C:\WINDOWS\system32\lxdecoms.exe
~ Services: 4 Legitimates Filtered in 00mn 09s



---\\ Enum�ration Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\Boedec\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\Boedec\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s



---\\ Enum�re les donn�es de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck ) - File not found
~ BEX: 2 Legitimates Filtered in 00mn 00s



---\\ Logiciels install�s (O42)
O42 - Logiciel: UsbBoost - (...) [HKLM] -- UsbBoost
~ Logic: 81 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\IncrediMail]
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\TorrentAid]
[HKCU\Software\YahooPartnerToolbar] =>Toolbar.Yahoo
[HKCU\Software\babidyxp]
[HKCU\Software\iLivid] =>Adware.Bandoo
[HKCU\Software\?? ?? ???? ????? ??? ?? ????]
[HKLM\Software\Datamngr] =>PUP.Datamngr
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\IncrediMail]
[HKLM\Software\M�gath�que]
[HKLM\Software\S3Inc]
[HKLM\Software\Sauleo3]
[HKLM\Software\SpeedTouch]
[HKLM\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\iLividSRTB] =>Adware.Bandoo
~ Key Software: 264 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 24/10/2010 - 11:31:43 - [0] ----D C:\Program Files\APC
O43 - CFD: 09/04/2005 - 10:40:10 - [0,000] ----D C:\Program Files\CodedColor
O43 - CFD: 10/11/2008 - 20:20:31 - [1,973] ----D C:\Program Files\EuroThink
O43 - CFD: 16/01/2005 - 21:06:10 - [69,966] ----D C:\Program Files\FloorPlan 8.2 Setup
O43 - CFD: 11/10/2007 - 22:09:38 - [0,492] ----D C:\Program Files\Ghost Navigator2_8_2
O43 - CFD: 03/12/2012 - 19:26:56 - [0,829] ----D C:\Program Files\Iminent =>Adware.IMBooster
O43 - CFD: 13/01/2006 - 21:33:32 - [393,746] ----D C:\Program Files\Micro�ds
O43 - CFD: 28/02/2006 - 20:03:47 - [0,049] ----D C:\Program Files\PLR
O43 - CFD: 02/02/2008 - 21:47:36 - [0,002] ----D C:\Program Files\S3Inc
O43 - CFD: 03/12/2012 - 19:27:06 - [2,251] ----D C:\Program Files\SweetIM =>PUP.SweetIM
O43 - CFD: 29/04/2007 - 17:44:06 - [2,801] ----D C:\Program Files\Time Date
O43 - CFD: 16/09/2011 - 18:45:45 - [0,008] ----D C:\Program Files\Ultra MP3 CD Burner
O43 - CFD: 08/07/2010 - 21:00:12 - [6,923] ----D C:\Program Files\UsbBoost
O43 - CFD: 09/03/2008 - 11:18:07 - [0,000] ----D C:\Documents and Settings\All Users.WINDOWS\Application Data\IM
O43 - CFD: 11/04/2009 - 11:14:33 - [0,730] ----D C:\Documents and Settings\All Users.WINDOWS\Application Data\LxThumbs
O43 - CFD: 31/01/2013 - 22:17:03 - [0,065] ----D C:\Documents and Settings\All Users.WINDOWS\Application Data\SweetIM =>PUP.SweetIM
O43 - CFD: 25/02/2010 - 20:59:55 - [0] ----D C:\Documents and Settings\All Users.WINDOWS\Application Data\xml_param
O43 - CFD: 19/09/2012 - 21:51:18 - [0] -SH-D C:\Documents and Settings\All Users.WINDOWS\Application Data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
O43 - CFD: 19/09/2012 - 21:51:18 - [0] -SH-D C:\Documents and Settings\All Users.WINDOWS\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
O43 - CFD: 05/09/2013 - 17:35:20 - [30,383] -SH-D C:\Documents and Settings\All Users.WINDOWS\Application Data\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 27/06/2008 - 20:14:53 - [0,000] ----D C:\Documents and Settings\Boedec\Application Data\LuckyTender
O43 - CFD: 28/01/2012 - 20:42:56 - [3,598] ----D C:\Documents and Settings\Boedec\Local Settings\Application Data\Films
O43 - CFD: 06/04/2008 - 00:20:53 - [11,732] ----D C:\Documents and Settings\Boedec\Local Settings\Application Data\IM
O43 - CFD: 30/05/2009 - 06:40:42 - [0,001] ----D C:\Documents and Settings\Boedec\Local Settings\Application Data\Kakomira
O43 - CFD: 17/02/2009 - 09:33:35 - [20,724] ----D C:\Documents and Settings\Boedec\Local Settings\Application Data\{20EDE18A-0F17-41D8-A8B7-552990B1E2E0}
O43 - CFD: 17/02/2009 - 09:26:54 - [20,723] ----D C:\Documents and Settings\Boedec\Local Settings\Application Data\{984264BC-76C5-4185-9D49-846AA56E007E}
O43 - CFD: 26/06/2009 - 18:31:28 - [20,915] ----D C:\Documents and Settings\Boedec\Local Settings\Application Data\{EF480C9A-060F-452A-AF3E-43598209C365}
~ Program Folder: 311 Legitimates Filtered in 00mn 03s



---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.C8CB90E735C0541D7BF2ABCA6076D752] - 24/09/2013 - 14:37:57 ---A- . (...) -- C:\Documents [120]
O44 - LFC:[MD5.7A89D940E7F26506B9723350E0318D7F] - 24/09/2013 - 13:23:21 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.3822C1034BDACD49AA77D3CD3FC88BD9] - 24/09/2013 - 13:23:10 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.2BF5C56D90DD7862561756C9CBE2DBE9] - 20/09/2013 - 15:33:28 ---A- . (...) -- C:\WINDOWS\comsetup.log [2061]
O44 - LFC:[MD5.14ECC0F531BF0E729BC239C889D5C765] - 20/09/2013 - 15:33:28 ---A- . (...) -- C:\WINDOWS\iis6.log [959]
O44 - LFC:[MD5.51A836FFAA2A9DE5BB08DF65EDE18299] - 20/09/2013 - 15:33:28 ---A- . (...) -- C:\WINDOWS\imsins.log [1374]
O44 - LFC:[MD5.83E647CC718A95F3D7125414BD5ADE1E] - 20/09/2013 - 15:33:28 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [1247]
O44 - LFC:[MD5.80A802866C76155CB24BF1B36C1EBE07] - 20/09/2013 - 15:33:28 ---A- . (...) -- C:\WINDOWS\ocmsn.log [342]
O44 - LFC:[MD5.C424DAEE37079712A2FD70CC835B401A] - 20/09/2013 - 15:33:28 ---A- . (...) -- C:\WINDOWS\tsoc.log [2359]
O44 - LFC:[MD5.94CB75420927C946B1B4E69F0AD8DB82] - 20/09/2013 - 15:33:21 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [6182]
O44 - LFC:[MD5.0CA7DE5CBC5ADFB57FA5094445B6A061] - 20/09/2013 - 15:33:21 ---A- . (...) -- C:\WINDOWS\msgsocm.log [303]
O44 - LFC:[MD5.9A33C2323705B4B88761514DC88C1BE0] - 20/09/2013 - 15:33:21 ---A- . (...) -- C:\WINDOWS\ocgen.log [2956]
O44 - LFC:[MD5.C9DD76D0EF94637C77FF8CA5E0FB0684] - 16/09/2013 - 05:50:39 ---A- . (...) -- C:\WINDOWS\system.ini [227]
O44 - LFC:[MD5.2454F1455E4E402B1461E820847EFD8A] - 16/09/2013 - 05:50:39 ---A- . (...) -- C:\WINDOWS\win.ini [771]
~ Files: 34 Legitimates Filtered in 00mn 01s



---\\ Op�rations et fonctions au d�marrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ Export de cl� d'application autoris�e (O47)
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\lxdecoms.exe" [Enabled] .(..) -- C:\WINDOWS\system32\lxdecoms.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Lexmark 4800 Series\lxdemon.exe" [Enabled] .(..) -- C:\Program Files\Lexmark 4800 Series\lxdemon.exe
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\lxdecfg.exe" [Enabled] .(..) -- C:\WINDOWS\system32\lxdecfg.exe
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdepswx.exe" [Enabled] .(..) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdepswx.exe
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdejswx.exe" [Enabled] .(..) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdejswx.exe
O47 - AAKE:Key Export SP - "H:\Setup\HipServSetup.exe" [Enabled] .(...) -- H:\Setup\HipServSetup.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Lexmark 4800 Series\frun.exe" [Enabled] .(..) -- C:\Program Files\Lexmark 4800 Series\frun.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Orange\Orange Installer\OrangeInstaller.exe" [Enabled] .(.Pas de propri�taire.) -- C:\Program Files\Orange\Orange Installer\OrangeInstaller.exe
~ Keys Export: 34 Legitimates Filtered in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - backitup.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
O50 - IFEO:Image File Execution Options - bttray.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
O50 - IFEO:Image File Execution Options - cdspeed.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
O50 - IFEO:Image File Execution Options - coverdes.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
O50 - IFEO:Image File Execution Options - drivespeed.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
O50 - IFEO:Image File Execution Options - fixitcenter.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
O50 - IFEO:Image File Execution Options - googleearth.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
O50 - IFEO:Image File Execution Options - imagedrive.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
O50 - IFEO:Image File Execution Options - infotool.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
O50 - IFEO:Image File Execution Options - javaws.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
O50 - IFEO:Image File Execution Options - mytomtomsa.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
O50 - IFEO:Image File Execution Options - nero.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
O50 - IFEO:Image File Execution Options - neroburnrights.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
O50 - IFEO:Image File Execution Options - nerohome.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
O50 - IFEO:Image File Execution Options - neromediahome.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
O50 - IFEO:Image File Execution Options - neroscoutoptions.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
O50 - IFEO:Image File Execution Options - nerostartsmart.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
O50 - IFEO:Image File Execution Options - nerovision.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
O50 - IFEO:Image File Execution Options - orangesc.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
O50 - IFEO:Image File Execution Options - photosnap.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
O50 - IFEO:Image File Execution Options - photosnapviewer.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
O50 - IFEO:Image File Execution Options - presentationhost.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
O50 - IFEO:Image File Execution Options - recode.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
O50 - IFEO:Image File Execution Options - setup.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
O50 - IFEO:Image File Execution Options - setupneromobile.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
O50 - IFEO:Image File Execution Options - setupx.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
O50 - IFEO:Image File Execution Options - showtime.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
O50 - IFEO:Image File Execution Options - skype.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
O50 - IFEO:Image File Execution Options - soundtrax.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
O50 - IFEO:Image File Execution Options - tomtomhome.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
O50 - IFEO:Image File Execution Options - unins000.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
O50 - IFEO:Image File Execution Options - uninstall mytomtom3.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
O50 - IFEO:Image File Execution Options - uninstall tomtom home.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
O50 - IFEO:Image File Execution Options - waveedit.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s



---\\ Cl� de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{1117c9ac-4acb-11de-ab27-00115b1cb427}\AutoRun\command. (...) -- C:\WINDOWS\system32\cmd \C launch.bat (.not file.)
O51 - MPSK:{ba79e6c7-7789-11de-a020-00115b1cb427}\AutoRun\command. (...) -- C:\WINDOWS\system32\cmd \C launch.bat (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Liste des pilotes du syst�me (SDL) (O58)
O58 - SDL:[MD5.A9355A51698F6901B362EF738B15631D] - 23/09/2003 - 02:03:00 ---A- . (.Sensaura Ltd - Sensaura WDM 3D Audio Driver.) -- C:\WINDOWS\system32\Drivers\ALCXSENS.SYS [404736]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
~ Drivers: 5 Legitimates Filtered in 00mn 00s



---\\ Liste des outils de d�sinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 29/05/2007 - C:\WINDOWS\system32\lxdecoms.exe (lxde_device) .(.Pas de propri�taire - Printer Communication System.) - LEGACY_LXDE_DEVICE
~ Legacy: 179 Legitimates Filtered in 00mn 00s



---\\ Menu de d�marrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Boedec\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: prefs.js [Boedec - 10zfds1v.default] user_pref("browser.search.order.1", "Search Results");
O69 - SBI: prefs.js [Boedec - 10zfds1v.default] user_pref("weboftrust.search.ask.display", "Ask.com Web Search");
O69 - SBI: SearchScopes [HKCU] Live Search - (Live Search) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6582734F-6EB4-4725-BB30-EC00F940ADA2} - (Yahoo! Search) - http://fr.search.yahoo.com =>Toolbar.Yahoo
O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - http://r.orange.fr
O69 - SBI: SearchScopes [HKCU] {95B7759C-8C7F-4BF1-B163-73684A933233} - (AVG Secure Search) - http://isearch.avg.com =>Toolbar.AVGSearch
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} [DefaultScope] - (Search Results) - http://dts.search-results.com =>PUP.SearchResults
O69 - SBI: SearchScopes [HKCU] {D9EDC3B6-FEB4-49AC-AC0A-E04F14CE31C5} - (ecofree.org - France) - http://www.ecofree.orgcenter%3BBGC%3A000000%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3AB3B3B3%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BLH%3A24%3BLW%3A100%3BFORID%3A11&opens=opens&hl=fr&Language=FR
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://search.live.com
~ Keys: Scanned in 00mn 00s



---\\ Recherche particuli�re � la racine du syst�me (SPRF) (O84)
[MD5.254FBCA565E049648B0CCE2CEADF05D2] [SPRF][23/01/2012] (...) -- C:\Documents and Settings\Boedec\Application Data\inst.exe [87608]
[MD5.5B6C11DE7E839C05248CED8825470FEF] [SPRF][23/01/2012] (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\Documents and Settings\Boedec\Application Data\pcouffin.sys [47360]
[MD5.3BD291478DC706A0CB0D0E65B8139DB9] [SPRF][22/09/2013] (...) -- C:\Documents and Settings\Boedec\Bureau\bitdefender-internet-security_2014_fr_14296.exe [7174472]
[MD5.18075B2C9F0F300BEE209744A8BEC353] [SPRF][05/01/2009] (...) -- C:\WINDOWS\Downloaded Program Files\bdcore.dll [32]
[MD5.2B1C4C87EB20ADDBA59DCA975E28DFFB] [SPRF][05/01/2009] (...) -- C:\WINDOWS\Downloaded Program Files\ipsupd.dll [741376]
[MD5.18075B2C9F0F300BEE209744A8BEC353] [SPRF][05/01/2009] (...) -- C:\WINDOWS\Downloaded Program Files\libfn.dll [32]
~ Files: 14 Legitimates Filtered in 00mn 08s



---\\ Enum�re les codes produits des logiciels (PUC) (O90)
O90 - PUC: "B8713814E4D47A84297554B49AA067E0" . (.SweetPacks Toolbar for Internet Explorer 4.6.) -- C:\WINDOWS\Installer\{4183178B-4D4E-48A7-9257-454BA90A760E}\ARPPRODUCTICON.exe =>PUP.SweetIM
~ Update Products: 83 Legitimates Filtered in 00mn 00s



---\\ Enum�re les donn�es de la cl� NameSpace (MNS) (O92)
O92 - MNS: Mobile Device - {49BF5420-FA7F-11cf-8011-00A0C90A8F78}
~ MNS: 4 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.9E4A55BDA92BA036D762B7BC4F3AE273] [WIS][03/12/2012] (.SweetIM Technologies Ltd. - SweetPacks Toolbar for Internet Explorer 4.0.) -- C:\Windows\Installer\56960c.msi [1859072] =>PUP.SweetIM
~ WIS: 87 Legitimates Filtered in 00mn 06s



---\\ Etat g�n�ral des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 23/09/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 21/01/2013 356376 | (AVP) . (.Kaspersky Lab ZAO.) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
SS - | Disabled 14/04/2008 342624 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
SS - | Demand 13/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SR - | Auto 20/07/2012 75648 | (DokanMounter) . (.F-Secure.) - C:\Program Files\Orange\mes contenus - mon disque\mounter.exe
SS - | Disabled 09/01/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Disabled 09/01/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Disabled 04/04/2012 161664 | (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
SS - | Auto 29/05/2007 99248 | (lxdeCATSCustConnectService) . (.Lexmark International, Inc..) - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdeserv.exe
SR - | Auto 29/05/2007 598960 | (lxde_device) . (...) - C:\WINDOWS\system32\lxdecoms.exe
SS - | Demand 17/08/2013 117656 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Disabled 08/09/2008 575488 | (ServiceLayer) . (.Nokia..) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
SS - | Disabled 02/10/2012 3064000 | (Skype C2C Service) . (.Skype Technologies S.A..) - C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
SS - | Disabled 09/11/2012 160944 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Disabled 23/01/2012 92592 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
~ Services: Scanned in 00mn 07s



---\\ Scan Additionnel (O88)
Database Version : 12930 - (23/09/2013)
Cl�s trouv�es (Keys found) : 69
Valeurs trouv�es (Values found) : 0
Dossiers trouv�s (Folders found) : 4
Fichiers trouv�s (Files found) : 9

[HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{13e3ff74-b861-4e69-b223-43d711686832}] =>Adware.LuckyTender
[HKLM\Software\Classes\CLSID\{1a03f196-9617-4ca0-842b-a83ceecb022b}] =>PUP.SweetIM
[HKLM\Software\Classes\Interface\{3794345d-c731-4fbb-8471-73ddc8dffdd2}] =>Spyware.Passwords
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKLM\Software\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKLM\Software\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}] =>PUP.Dealio
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A047FE02-C91C-41CB-898C-4ED21B86025A}] =>Toolbar.Orange
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Orange
[HKLM\Software\Classes\CLSID\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Orange
[HKLM\Software\Classes\Interface\{D6094FC6-821F-474C-8D73-C13066CD178D}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{de85a67a-3f04-4aba-a10b-a37b220afb70}] =>Adware.LuckyTender
[HKLM\Software\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\SearchBar.Client] =>Toolbar.Agent
[HKLM\Software\Classes\Installer\Features\B8713814E4D47A84297554B49AA067E0] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\B8713814E4D47A84297554B49AA067E0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B8713814E4D47A84297554B49AA067E0] =>PUP.SweetIM
[HKLM\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\iLividSRTB] =>Adware.Bandoo
[HKCU\Software\ilivid] =>Adware.Bandoo
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4183178B-4D4E-48A7-9257-454BA90A760E}] =>PUP.SweetIM
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>Toolbar.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>Toolbar.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{377E5D4D-77E5-476A-8716-7E70A9272DA0}] =>PUP.Datamngr
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{377E5D4D-77E5-476A-8716-7E70A9272DA0}] =>PUP.Datamngr
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}] =>Adware.SimilarSites
[HKLM\Software\Classes\CLSID\{BD5843ED-13C4-4EFF-ACE9-56CEE22BC087}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook] =>PUP.SweetIM
[HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1] =>PUP.SweetIM
[HKLM\Software\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
C:\Program Files\Iminent =>Adware.IMBooster^
C:\Program Files\SweetIM =>PUP.SweetIM^
C:\Documents and Settings\All Users.WINDOWS\Application Data\SweetIM =>PUP.SweetIM^
C:\Documents and Settings\Boedec\Application Data\LuckyTender =>Adware.LuckyTender
C:\Documents and Settings\Boedec\Application Data\Mozilla\Firefox\Profiles\10zfds1v.default\SearchPlugins\sweetim.xml =>PUP.SweetIM
C:\Documents and Settings\Boedec\Application Data\Mozilla\Firefox\Profiles\10zfds1v.default\searchplugins\Search_Results.xml =>PUP.SearchResults^
C:\Documents and Settings\Boedec\Application Data\Mozilla\Firefox\Profiles\10zfds1v.default\searchplugins\sweetim.xml =>PUP.SweetIM^
C:\Program Files\Mozilla FireFox\searchplugins\Search_Results.xml =>PUP.SearchResults^
[HKCU\Software\YahooPartnerToolbar] =>Toolbar.Yahoo^
[HKCU\Software\iLivid] =>Adware.Bandoo^
[HKLM\Software\Datamngr] =>PUP.Datamngr^
C:\WINDOWS\Installer\{4183178B-4D4E-48A7-9257-454BA90A760E}\ARPPRODUCTICON.exe =>PUP.SweetIM^
C:\Windows\Installer\56960c.msi =>PUP.SweetIM^
~ Additionnel Scan: 255410 Items scanned in 00mn 25s



---\\ R�capitulatif des d�tections trouv�es sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/30319724-pup-searchresults =>PUP.SearchResults
~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/29790567-adware-installcore =>Adware.InstallCore
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/30268689-toolbar-yahoo =>Toolbar.Yahoo
~ http://nicolascoolman.webs.com/apps/blog/show/27583992-pup-datamngr =>PUP.Datamngr
~ http://nicolascoolman.webs.com/apps/blog/show/30898245-toolbar-skype =>Toolbar.Skype
~ http://nicolascoolman.webs.com/apps/blog/show/27443462-pup-dealio =>PUP.Dealio
~ http://nicolascoolman.webs.com/apps/blog/show/30234464-pup-toparcadehits =>PUP.ToparcadeHits
~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>Toolbar.Tarma
~ http://nicolascoolman.webs.com/apps/blog/show/29344956-adware-similarsites =>Adware.SimilarSites
~ MSI: 13 link(s) detected in 00mn 26s



~ 1263 Legitimates filtered by white list
End of the scan (635 lines in 01mn 24s)(0)

Publicité


Signaler le contenu de ce document

Publicité