cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2014.1.25.26 - Nicolas Coolman (25/01/2014)
~ Lancé par Jean Javques (29/01/2014 21:33:52)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program


---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16750
GCIE: Google Chrome v32.0.1700.76 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 8, 64-bit (Build 9200)
Windows Server License Manager Script : OK

---\\ Logiciels de protection du système
Panda Cloud Cleaner v1.0.40
Windows Defender W8

---\\ Logiciels d'optimisation du système
CCleaner v4.08 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Reader XI
Java 7 Update 51

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3980 MB (68% free)
System Restore: Activé (Enable)
System drive C: has 403 GB (87%) free of 458 GB

---\\ Mode de connexion au système
~ Computer Name: VAUDE-PC
~ User Name: Jean Javques
~ All Users Names: yveline, Jean Javques, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Jean Javques\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Jean Javques\AppData\Roaming\
~ %Desktop% : C:\Users\Jean Javques\Desktop\
~ %Favorites% : C:\Users\Jean Javques\Favorites\
~ %LocalAppData% : C:\Users\Jean Javques\AppData\Local\
~ %StartMenu% : C:\Users\Jean Javques\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 403 Go of 458 Go)
D: Hard drive, Flash drive, Thumb drive (Free 457 Go of 458 Go)
E: CD-ROM drive (Not Inserted)
Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 41 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Explorateur Windows.) (.01/06/2013 - 12:34:21.) -- C:\Windows\Explorer.exe [2391280]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.E7099336BF7531B6FCC920DCB5101259] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.25/10/2013 - 07:19:22.) -- C:\Windows\System32\wininet.dll [2241536]
[MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.11/10/2012 - 06:46:58.) -- C:\Windows\System32\Winlogon.exe [517120]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.7C0E0EDF18D6CC565D7BFBB451709FA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.04/09/2013 - 04:11:23.) -- C:\Windows\system32\Drivers\AFD.sys [576512]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.26/07/2012 - 03:26:53.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 07:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.93179D48066918323628CB016D8C94DC] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.05/02/2013 - 23:29:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.76929F4A69E425911A63B407E26C2589] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.02/02/2013 - 11:54:54.) -- C:\Windows\system32\Drivers\ntfs.sys [1933544]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.78A5BBA3819FFFC62FFEC3E2220D102D] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.01/06/2013 - 12:26:33.) -- C:\Windows\system32\Drivers\volsnap.sys [327936]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/101
~ Mes musiques (My Musics) : 3/9
~ Mes Videos (My Videos) : 2/4
~ Mes Favoris (My Favorites) : 1/20
~ Mes Documents (My Documents) : 1/167
~ Mon Bureau (My Desktop) : 2/1103
~ Menu demarrer (Programs) : 1/22
~ Hidden Files: Scanned in 00mn 00s



---\\ Processus lancés
[MD5.198B8C260AA185881415E2128E262497] - (.Panda Security - Internet resident proxy.) -- C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA GLOBAL PROTECTION 2013\WebProxy.exe [108032] [PID.1620]
[MD5.F9413654DBA2F81CA2FDC827C41BDF6E] - (.Panda Security, S.L. - Panda permanent protection.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\ApVxdWin.exe [1038192] [PID.6928]
[MD5.280B64F6BFCEDE6D67D261EB808AA617] - (.Acer Incorporated - Hotkey Utility.) -- C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe [524944] [PID.4688]
[MD5.0049D80BAB72557E9DD09C223FD71E58] - (...) -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1193176] [PID.3332]
[MD5.63A2D767B9261B4F33F97BF88F2FB197] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [276328] [PID.7648]
[MD5.C65B7FA0CF8E53E1D5D1697D0CA08ACB] - (.ITE Tech. Inc. - ITECIR Filter Application for RCMM Protocol.) -- C:\Program Files (x86)\ITE\ITE Infrared Transceiver\CIRAP.exe [604304] [PID.6120]
[MD5.D658AB1B55127D18DCFBCAC8CAAEA522] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208] [PID.3980]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.5388]
[MD5.FB1A303207C1124C2B61A50E5A32AC21] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968] [PID.7520]
[MD5.2FB757B35C94B1C1C65BA35E4E7EC0F2] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe [174952] [PID.2772]
[MD5.F9DFC08677FC9AC81DD5ACA5EE879E47] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe [565096] [PID.8112]
[MD5.B2F0B501A7C017F21C4B4417623895BD] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe [367976] [PID.5384]
[MD5.7AE4D6C70C2D7912AB2B4651DF595575] - (.CyberLink - MediaEspresso DeviceDetector.) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [990320] [PID.44]
[MD5.51DFD7030E0F3DC588DBD5F298B167C1] - (.PointGrab LTD - PointGrab Hand Gesture Control.) -- C:\Program Files (x86)\PointGrab\Hand Gesture Control\PGPanel.exe [7884072] [PID.1756]
[MD5.74D1E004483998E076FBBC0DE9B59763] - (.Panda Security, S.L. - PavBckPT Aplicación.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\PavBckPT.exe [112128] [PID.1488]
[MD5.3B0BA44D5691E00088B956394FDE64B6] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [866584] [PID.1272]
[MD5.CA25CAEEBDBE25D85565877219F684F8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8339968] [PID.1028]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Jean Javques\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [aaaaabcbmongicmdegkmmfgdickgnnob] Movies Toolbar v.29.1, (Désactivé) =>PUP.MoviesToolbar
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
~ Google Browser: 10 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Classic Explorer Bar - [HKLM]{553891B7-A0D5-4526-BE18-D3CE461D6310} . (.IvoSoft - Adds classic Windows Explorer features.) -- C:\Program Files\Classic Shell\ClassicExplorer64.dll
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: Hand Gesture Control.lnk . (.PointGrab LTD - PointGrab Hand Gesture Control.) -- C:\Program Files (x86)\PointGrab\Hand Gesture Control\PGPanel.exe
O4 - GS\Desktop [Public]: Hand Gesture Tutorial.lnk . (.Flexera Software LLC - InstallShield.) -- C:\windows\Installer\{92586A21-3E08-4055-B413-8ACCAAB50A42}\_Built1_6C85496067AB4E2C951FAC4F4B617EE2.exe
O4 - GS\Desktop [Public]: Installer l’accès à distance.lnk . (...) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\Tools\RemoteAccess\BADriveWebSetup.exe
O4 - GS\Desktop [Public]: OpenOffice 4.0.0.lnk . (.Apache Software Foundation - OpenOffice 4.0.0.) -- C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
O4 - GS\Desktop [Public]: Panda Cloud Cleaner.lnk . (...) -- C:\Program Files (x86)\Panda Security\Panda Cloud Cleaner\PAsCleaner.exe
O4 - GS\Desktop [Public]: Panda Global Protection 2013.lnk . (.Panda Security, S.L. - Panda Console.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\Iface.exe
O4 - GS\Program [Public]: Desktop.lnk - Clé orpheline
O4 - GS\Program [Public]: Panda Global Protection 2013.lnk . (.Panda Security, S.L. - Panda Console.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\IFace.exe
O4 - GS\QuickLaunch [yveline]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [yveline]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [yveline]: Panda Global Protection 2013.lnk . (.Panda Security, S.L. - Panda Console.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\Iface.exe
O4 - GS\TaskBar [yveline]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Program [yveline]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [yveline]: Continue Video Performer installation.lnk . (...) -- C:\Documents and Settings\Yveline\Local Settings\Temp\Video Performer63615.exe (.not file.) =>PUP.VideoPerformer
O4 - GS\Desktop [yveline]: Courrier électronique.lnk - Clé orpheline
O4 - GS\Desktop [yveline]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [yveline]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [yveline]: Internet.lnk - Clé orpheline
O4 - GS\Desktop [yveline]: Mes documents.lnk . (...) -- C:\Users\Jean Javques\Documents
O4 - GS\Desktop [yveline]: Raccourci vers Lecteur CD.lnk - Clé orpheline
O4 - GS\Desktop [yveline]: Raccourci vers Mont Dore Touristra 012.lnk . (...) -- C:\Users\Jean Javques\Desktop\Mes images\Mont Dore Touristra 012.jpg (.not file.)
O4 - GS\Desktop [yveline]: Video Performer.lnk . (...) -- C:\Program Files (x86)\VideoPerformer\VideoPerformer.exe (.not file.) =>PUP.VideoPerformer
O4 - GS\QuickLaunch [Jean Javques]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Jean Javques]: iLivid.lnk . (...) -- C:\Users\Jean Javques\AppData\Local\iLivid\iLivid.exe (.not file.) =>Adware.Bandoo
O4 - GS\QuickLaunch [Jean Javques]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [Jean Javques]: Panda Global Protection 2013.lnk . (.Panda Security, S.L. - Panda Console.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\Iface.exe
O4 - GS\TaskBar [Jean Javques]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Program [Jean Javques]: Bibliothèques (2).lnk . (...) -- C:\Users\Jean Javques\AppData\Roaming\Microsoft\Windows\Libraries
O4 - GS\Program [Jean Javques]: Bibliothèques.lnk . (...) -- C:\Users\Jean Javques\AppData\Roaming\Microsoft\Windows\Libraries
O4 - GS\Program [Jean Javques]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Jean Javques]: Continue Video Downloader Installation.lnk . (...) -- C:\Users\Jean Javques\AppData\Local\Temp\4416e10a-b5e8-487c-8460-537d297fff5d\setup (1).exe (.not file.)
O4 - GS\Desktop [Jean Javques]: Developpement Social Local - Raccourci.lnk . (...) -- C:\Users\Jean Javques\Desktop\FORMATION JJV\Développement Social Local\Developpement Social Local.ppt
O4 - GS\Desktop [Jean Javques]: dsresource.lnk . (...) -- C:\Users\Jean Javques\Downloads\dsresource.pdf
O4 - GS\Desktop [Jean Javques]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Jean Javques]: Lien Social numero 565 PARTENARIAT LOUBAT - Raccourci.lnk . (...) -- C:\Users\Jean Javques\Downloads\Lien Social numero 565 PARTENARIAT LOUBAT.htm
O4 - GS\Desktop [Jean Javques]: PARTENARIAT 2 - Raccourci (2).lnk . (...) -- C:\Users\Jean Javques\Desktop\FORMATION JJV\Partenariat\PARTENARIAT 2.ppt
O4 - GS\Desktop [Jean Javques]: PARTENARIAT 2 - Raccourci.lnk . (...) -- C:\Users\Jean Javques\Desktop\FORMATION JJV\Partenariat\PARTENARIAT 2.ppt
O4 - GS\Desktop [Jean Javques]: POLITIQUE_DE_LA_VILLE - Copie (1) - Copie - Raccourci.lnk . (...) -- C:\Users\Jean Javques\Documents\POLITIQUE_DE_LA_VILLE - Copie (1) - Copie.ppt
O4 - GS\Desktop [Jean Javques]: PROJETS TERRITORIAUX - Raccourci.lnk . (...) -- C:\Users\Jean Javques\Desktop\FORMATION JJV\Territoire\PROJETS TERRITORIAUX.doc
O4 - GS\Desktop [Jean Javques]: Questionnaire_Atlas_territoirev2 - Raccourci.lnk . (...) -- C:\Users\Jean Javques\Desktop\FORMATION JJV\Territoire\Questionnaire_Atlas_territoirev2.pdf
O4 - GS\Desktop [Jean Javques]: Raccourci vers Poste de travail.lnk - Clé orpheline
O4 - GS\Desktop [Jean Javques]: RAPPORT ALEXIS - Copie.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\WINDOWS\system32\cmd.exe =>.Microsoft Corporation
O4 - GS\Desktop [Jean Javques]: RAPPORT ALEXIS.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\WINDOWS\system32\cmd.exe =>.Microsoft Corporation
O4 - GS\Desktop [Jean Javques]: welschinger CAFDES PARTENARIAT ET FAMILLE - Raccourci.lnk . (...) -- C:\Users\Jean Javques\Downloads\welschinger CAFDES PARTENARIAT ET FAMILLE.pdf
~ Global Startup: 83 Legitimates Filtered in 00mn 00s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: Acer Remote.lnk . (.Acer - ArcServer.) -- C:\Program Files (x86)\Acer Remote\ArcServer.exe
O4 - GS\Startup [Public]: HP Digital Imaging Monitor.lnk . (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [THXCfg64] . (.Creative Technology Ltd. - Pas de description.) -- C:\Windows\system32\THXCfg64.dll
O4 - HKCU\..\Run: [Spotify Web Helper] . (...) -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [CIRAP] . (.ITE Tech. Inc. - ITECIR Filter Application for RCMM Protocol.) -- C:\Program Files (x86)\ITE\ITE Infrared Transceiver\CIRAP.exe
O4 - HKLM\..\Wow6432Node\Run: [THX Audio Control Panel] . (.Creative Technology Ltd - THXAudio.) -- C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdReg] . (.Creative Technology Ltd. - Creative UpdReg.) -- C:\Windows\UpdReg.exe
O4 - HKLM\..\Wow6432Node\Run: [APVXDWIN] . (.Panda Security, S.L. - Panda permanent protection.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\APVXDWIN.exe
O4 - HKLM\..\Wow6432Node\Run: [SCANINICIO] . (.Panda Security, S.L. - Inicio Programado.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\Inicio.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [DivXMediaServer] . (.DivX, LLC - DivX DLNA Media Server.) -- C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Wow6432Node\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
O4 - HKLM\..\policies\Explorer\Run: [BtvStack] . (.Qualcomm Atheros Commnucations - Extension Core.) -- C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
O4 - HKUS\S-1-5-21-46766209-2143859517-1278411539-1001\..\Run: [Spotify Web Helper] . (...) -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Classic IE9 Settings [64Bits] - {56753E59-AF1D-4FBA-9E15-31557124ADA2} -- Clé orpheline
O9 - Extra button: Send by Bluetooth to [64Bits] - {7815BE26-237D-41A8-A98F-F7BD75F71086} -- Clé orpheline
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{157ABCE1-3E41-4D5F-80F3-0719E8552F9B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{157ABCE1-3E41-4D5F-80F3-0719E8552F9B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: avldr . (.On-Access Anti-Malware Scanner Sync - On-Access Anti-Malware Scanner Sync.) -- C:\Windows\System32\avldr64.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: AtherosSvc (AtherosSvc) . (.Windows (R) Win 7 DDK provider - Windows Setup API.) - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: PGService (PGService) . (.PointGrab LTD - PointGrab Hand Gesture Control.) - C:\Program Files (x86)\PointGrab\Hand Gesture Control\PGService.exe
O23 - Service: PG_Service_Launcher (PG_Service_Launcher) . (.PointGrab LTD - PG Application.) - C:\Program Files (x86)\PointGrab\Hand Gesture Control\PG_Service_Launcher.exe
O23 - Service: Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
~ Services: 20 Legitimates Filtered in 00mn 04s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Digital Sites.job [330]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Nettoyage de base.job [550]
[MD5.00000000000000000000000000000000] [APT] [Digital Sites] (...) -- C:\Users\Jean Javques\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.exe (.not file.) [0]
[MD5.51DFD7030E0F3DC588DBD5F298B167C1] [APT] [PointGrab] (.PointGrab LTD.) -- C:\Program Files (x86)\PointGrab\Hand Gesture Control\PGPanel.exe [7884072]
~ Scheduled Task: 16 Legitimates Filtered in 00mn 01s



---\\ Logiciels installés (O42)
O42 - Logiciel: Ask Toolbar - (.APN, LLC.) [HKLM][64Bits] -- {4F524A2D-5637-4300-76A7-A758B70C0A00} =>Toolbar.Ask
O42 - Logiciel: WPM17.8.0.3159 - (.Cherished Technololgy LIMITED.) [HKLM][64Bits] -- WPM =>PUP.WpManager
O42 - Logiciel: fst_fr_35 - (.FREESOFTTODAY.) [HKLM][64Bits] -- fst_fr_35_is1 =>PUA.FSTfr9
~ Logic: 36 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\APNDTX]
~ Key Software: 244 Legitimates Filtered in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 28/08/2013 - 08:38:56 - [0] ----D C:\ProgramData\OEM_YAHOO
O43 - CFD: 19/01/2014 - 23:40:55 - [0] ----D C:\Users\Jean Javques\AppData\Local\cougar-messenger
~ Program Folder: 155 Legitimates Filtered in 00mn 00s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.706198D0924AC3B32B841196A5E4B031] - 24/01/2014 - 18:44:39 ---A- . (...) -- C:\PhysicalMBR.bin [512]
O44 - LFC:[MD5.7B92B97228C4D7470E6897AE83E45968] - 28/01/2014 - 00:32:39 ---A- . (...) -- C:\DelFix.txt [1418]
O44 - LFC:[MD5.D0A7CAC5B1244991476885BA10D9766A] - 29/01/2014 - 21:09:22 ---A- . (...) -- C:\Windows\System32\Drivers\APPFLTR.CFG [1132]
O44 - LFC:[MD5.D0A7CAC5B1244991476885BA10D9766A] - 29/01/2014 - 21:09:22 ---A- . (...) -- C:\Windows\System32\Drivers\APPFLTR.CFG.bck [1132]
O44 - LFC:[MD5.5A06A021569AC4D0CB8E20E261CB4CFC] - 29/01/2014 - 21:24:57 ---A- . (...) -- C:\Windows\System32\Drivers\APPFCONT.DAT [375144]
O44 - LFC:[MD5.5A06A021569AC4D0CB8E20E261CB4CFC] - 29/01/2014 - 21:24:57 ---A- . (...) -- C:\Windows\System32\Drivers\APPFCONT.DAT.bck [375144]
~ Files: 24 Legitimates Filtered in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - bpsvc.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - browsersafeguard.exe - tasklist.exe =>PUP.BrowserSafeguard
O50 - IFEO:Image File Execution Options - protectedsearch.exe - tasklist.exe =>Spyware.ProtectedSearch
O50 - IFEO:Image File Execution Options - searchprotection.exe - tasklist.exe =>Toolbar.Conduit
O50 - IFEO:Image File Execution Options - snapdo.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - stinst32.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - stinst64.exe - tasklist.exe
~ IFEO: Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
~ MWPS: 18 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.8A64C45F467FB30C47A30AE2819DDD62] - 28/08/2013 - 09:06:04 ---A- . (.Pas de propriétaire - COMFiltr.) -- C:\Windows\System32\Drivers\COMFiltr.sys [15928]
O58 - SDL:[MD5.27069CFFF29B7F04F4B1BB10154BE52B] - 19/10/2012 - 03:52:32 ---A- . (.Windows (R) Win 7 DDK provider - IEEE-1284.4-1999 Driver.) -- C:\Windows\System32\Drivers\Dot4.sys [151968]
O58 - SDL:[MD5.0BD906A79F9CE3013F7D9D0AC45F9F9D] - 19/10/2012 - 03:52:30 ---A- . (.Windows (R) Win 7 DDK provider - IEEE-1284.4 Print Class Driver.) -- C:\Windows\System32\Drivers\Dot4Prt.sys [27040]
O58 - SDL:[MD5.3DBC10CBC436288801FAEE66DE91AE47] - 20/07/2012 - 08:15:00 ---A- . (.Etron Technology Inc - Etron eXtensible Hub Driver..) -- C:\Windows\System32\Drivers\EtronHub3.sys [65152]
O58 - SDL:[MD5.DE261095A2220D400D9603E1E42D4185] - 20/07/2012 - 08:15:00 ---A- . (.Etron Technology Inc - Etron eXtensible Host Controller Driver..) -- C:\Windows\System32\Drivers\EtronXHCI.sys [88832]
O58 - SDL:[MD5.7940C1782C703D8305F81B0449072B7B] - 28/04/2011 - 18:23:36 ---A- . (.ITE Tech. Inc. - ITE Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\itecir.sys [70760]
O58 - SDL:[MD5.0C70C2127D01CAD333DDF5EFE4B308AB] - 20/06/2012 - 08:31:02 ---A- . (.ITE Tech. Inc. - ITECIR Filter Driver.) -- C:\Windows\System32\Drivers\ITECIRfilter.sys [18064]
O58 - SDL:[MD5.0E7689F3BFD1012B0280E077402365F2] - 16/04/2012 - 13:32:18 ---A- . (.Windows (R) Codename Longhorn DDK provider - NDIS User mode I/O Driver.) -- C:\Windows\System32\Drivers\RtkIOAC60.sys [38504]
O58 - SDL:[MD5.4E85355B94CFCB67C135F6521A4895A7] - 26/07/2012 - 06:00:55 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [30960]
~ Drivers: 18 Legitimates Filtered in 00mn 00s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {AA9A4890-4262-4441-8977-E2FFCBFB706C} - (Yahoo!) - http://fr.yhs4.search.yahoo.com
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.47025DD5CBA8B43E9D26C960FF5B32A7] [SPRF][23/10/2013] (...) -- C:\Users\Jean Javques\AppData\Local\Temp\Quarantine.exe [344355]
[MD5.30580F7B1B30BBC94570D864ACCCA452] [SPRF][24/01/2014] (...) -- C:\Users\Jean Javques\AppData\LocalLow\lpm.dat [10498]
~ Files: 2 Legitimates Filtered in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{EB480BEE-E496-45B1-89EA-6392B03F8328}" |In - Private - P6 - TRUE | .(...) -- C:\Users\Jean Javques\AppData\Local\Temp\7zS7F34\hppiw.exe (.not file.)
O87 - FAEL: "{145C0FF8-71CD-4640-89C3-43D706C2B64F}" |In - Private - P17 - TRUE | .(...) -- C:\Users\Jean Javques\AppData\Local\Temp\7zS7F34\hppiw.exe (.not file.)
O87 - FAEL: "{3D5E7D71-E6B1-40DE-B323-E6CE5E29FDB1}" |In - Private - P6 - TRUE | .(...) -- C:\Users\Jean Javques\AppData\Local\Temp\7zS0353\hppiw.exe (.not file.)
O87 - FAEL: "{7FA876C0-7E92-4D0F-82CC-9ECAB32D8F0C}" |In - Private - P17 - TRUE | .(...) -- C:\Users\Jean Javques\AppData\Local\Temp\7zS0353\hppiw.exe (.not file.)
O87 - FAEL: "{F12223E7-0AFC-4D3E-AACC-0210420E0B1D}" |In - None - P6 - TRUE | .(...) -- C:\Users\Jean Javques\AppData\Local\iLivid\iLivid.exe (.not file.) =>Adware.Bandoo
O87 - FAEL: "{B5637B74-1A8B-4F43-8114-150D58FC9C87}" |In - None - P17 - TRUE | .(...) -- C:\Users\Jean Javques\AppData\Local\iLivid\iLivid.exe (.not file.) =>Adware.Bandoo
~ Firewall: 253 Legitimates Filtered in 00mn 00s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "12A6852980E355044B31A8CCAA5BA024" . (.PointGrab Hand Gesture Control Tutorial.) -- C:\windows\Installer\{92586A21-3E08-4055-B413-8ACCAAB50A42}\ARPPRODUCTICON.exe
O90 - PUC: "381541B4689E5854DAFDC037BD751521" . (.PointGrab Hand Gesture Control.) -- C:\Windows\Installer\{4B145183-E986-4585-ADDF-0C73DB575112}\ARPPRODUCTICON.exe
O90 - PUC: "D2A425F473650034677A7A857BC0A000" . (.Ask Toolbar.) -- C:\Windows\Installer\{4F524A2D-5637-4300-76A7-A758B70C0A00}\ToolbarIcon.exe =>Toolbar.Ask
~ Update Products: 71 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.A18901901EDE918C422E3FF6E4C0D458] [WIS][11/01/2014] (.APN, LLC - Ask Toolbar.) -- C:\Windows\Installer\10eb1790.msi [463872] =>Toolbar.Ask
[MD5.A77AFBB8B88E4FCD542670CF41095A57] [WIS][02/04/2013] (.PointGrab - PointGrab Hand Gesture Control Tutorial.) -- C:\Windows\Installer\3c399.msi [197375488]
[MD5.C133F19570415BEC44B8403A15BD4E9A] [WIS][29/04/2011] (.Builds the Destinations MSI - Builds the Destinations MSI.) -- C:\Windows\Installer\4792d3.msi [523776]
[MD5.E5291134C278BE005F45418A26FB71FB] [WIS][31/05/2013] (.PointGrab - Hand Gesture Control.) -- C:\Windows\Installer\6a7e2.msi [43737600]
~ WIS: 71 Legitimates Filtered in 00mn 04s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 26/09/2012 276288 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SS - | Auto 28/08/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 28/08/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 20/09/2012 29696 | C:\Windows\System32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Demand 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 24/04/2013 310400 | (AtherosSvc) . (.Windows (R) Win 7 DDK provider.) - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
SR - | Auto 29/06/2013 68608 | (ClassicShellService) . (.IvoSoft.) - C:\Program Files\Classic Shell\ClassicShellService.exe
SR - | Demand 18/01/2013 660040 | (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
SR - | Demand 20/09/2012 29696 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 20/09/2012 29696 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2012 2451456 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
SR - | Auto 20/04/2012 635104 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 17/07/2012 165760 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 17/07/2012 276864 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 14/07/2012 769432 | (NAUpdate) . (.Nero AG.) - c:\Program Files (x86)\Nero\Update\NASvc.exe
SR - | Auto 19/11/2012 177440 | (Panda Software Controller) . (.Panda Security, S.L..) - C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\PsCtrls.exe
SR - | Auto 21/09/2012 202016 | (PAVFNSVR) . (.Panda Security, S.L..) - C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\PavFnSvr.exe
SR - | Auto 04/02/2008 62768 | (PavPrSrv) . (.Panda Security, S.L..) - C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe
SR - | Auto 13/04/2011 313664 | (PAVSRV) . (.Panda Security, S.L..) - C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\pavsrvx86.exe
SR - | Auto 28/01/2013 54064 | (PGService) . (.PointGrab LTD.) - C:\Program Files (x86)\PointGrab\Hand Gesture Control\PGService.exe
SR - | Auto 28/01/2013 170816 | (PG_Service_Launcher) . (.PointGrab LTD.) - C:\Program Files (x86)\PointGrab\Hand Gesture Control\PG_Service_Launcher.exe
SR - | Auto 20/09/2012 29696 | C:\Windows\System32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 26/11/2009 226560 | (PSHost) . (.Panda Security International.) - c:\program files (x86)\panda security\panda global protection 2013\firewall\PSHOST.exe
SR - | Auto 19/06/2008 108288 | (PSIMSVC) . (.Panda Security S.L..) - C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\PsImSvc.exe
SR - | Auto 16/08/2010 28992 | (PskSvcRetail) . (.Panda Security, S.L..) - C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\PskSvc.exe
SR - | Auto 16/11/2012 173344 | (TPSrv) . (.Panda Security, S.L..) - C:\Program Files (x86)\Panda Security\Panda Global Protection 2013\TPSrvWow.exe
SR - | Auto 17/07/2012 364416 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation

~ Services: Scanned in 00mn 05s



---\\ Scan Additionnel (O88)
Database Version : 13030 - (25/01/2014)
Clés trouvées (Keys found) : 4
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 1

[HKLM\Software\Google\Chrome\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob] =>PUP.MoviesToolbar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5637-4300-76A7-A758B70C0A00}] =>Toolbar.Ask^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WPM] =>PUP.WpManager^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\fst_fr_35_is1] =>PUA.FSTfr9^
C:\Users\Jean Javques\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob =>PUP.MoviesToolbar^
C:\Windows\Installer\10eb1790.msi =>Toolbar.Ask^
~ Additionnel Scan: 211874 Items scanned in 00mn 12s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/33744863-pup-moviestoolbar =>PUP.MoviesToolbar
~ http://nicolascoolman.webs.com/apps/blog/show/29895028-pup-videoperformer =>PUP.VideoPerformer
~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/38737316-pup-wpmanager =>PUP.WpManager
~ http://nicolascoolman.webs.com/apps/blog/show/34014358-pua-fstfr9 =>PUA.FSTfr9
~ http://nicolascoolman.webs.com/apps/blog/show/32799788-pup-browsersafeguard =>PUP.BrowserSafeguard
~ http://nicolascoolman.webs.com/apps/blog/show/33367156-spyware-protectedsearch =>Spyware.ProtectedSearch
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ MSI: 9 link(s) detected in 00mn 12s



~ 930 Legitimates filtered by white list
End of the scan (497 lines in 00mn 31s)(0)

Publicité


Signaler le contenu de ce document

Publicité