cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2014.1.1.2 - Nicolas Coolman (01/01/2014)
~ Lancé par Kleck (01/01/2014 18:04:36)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16476
GCIE: Google Chrome v31.0.1650.63 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 8.1 Pro, 64-bit (Build 9600)
Windows Server License Manager Script : OK
System - Enable Open file C:\Users\Kleck\AppData\Roaming\ZHP\Licence.txt =>.Nicolas Coolman

---\\ Logiciels de protection du système
avast! Internet Security v9.0.2008
Trusteer Sécurité des points d'accès v3.5.1304.15
Microsoft Security Client FR-FR Language Pack v2.1.1116.0
Windows Defender W8

---\\ Logiciels d'optimisation du système
CCleaner v4.09 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 45

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2046 MB (11% free)
System Restore: Activé (Enable)
System drive C: has 36 GB (17%) free of 200 GB

---\\ Mode de connexion au système
~ Computer Name: KLECK-PC
~ User Name: Kleck
~ All Users Names: Kleck, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Kleck\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Kleck\AppData\Roaming\
~ %Desktop% : C:\Users\Kleck\Desktop\
~ %Favorites% : C:\Users\Kleck\Favorites\
~ %LocalAppData% : C:\Users\Kleck\AppData\Local\
~ %StartMenu% : C:\Users\Kleck\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 36 Go of 200 Go)
D: Hard drive, Flash drive, Thumb drive (Free 478 Go of 645 Go)
E: CD-ROM drive (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)
J: Hard drive, Flash drive, Thumb drive (Free 34 Go of 87 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.63DC38C3E4564B2405D562855643ABA2] - (.Microsoft Corporation - Explorateur Windows.) (.22/10/2013 - 08:55:27.) -- C:\Windows\Explorer.exe [2328872]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Application de démarrage de Windows.) (.22/08/2013 - 10:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.9B6678DB9C6A232C5A84D2FDFFF8B0E1] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.26/11/2013 - 08:07:57.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.7C94FDA3809015B8F2208D2E1C221F17] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.22/08/2013 - 10:55:08.) -- C:\Windows\System32\Winlogon.exe [564736]
[MD5.2F18065618E39AA2E656EE737B71E791] - (.Microsoft Corporation - Bibliothèque de licences.) (.22/08/2013 - 11:39:40.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.239268BAB58EAE9A3FF4E08334C00451] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.22/08/2013 - 14:25:35.) -- C:\Windows\system32\Drivers\AFD.sys [567296]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 13:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 12:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 09:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.5DB26D7E0216D0BF364A81D3829AD7B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.22/08/2013 - 12:38:00.) -- C:\Windows\system32\Drivers\DfsC.sys [134656]
[MD5.03909BDBFF0DCACCABF2B2D4ADEE44DC] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.22/08/2013 - 12:38:38.) -- C:\Windows\system32\Drivers\HDAudBus.sys [78336]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Pilote de port i8042.) (.22/08/2013 - 12:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.E23D32BAF152FBE35F18C6A2AB8EF271] - (.Microsoft Corporation - IP Network Address Translator.) (.30/09/2013 - 05:13:41.) -- C:\Windows\system32\Drivers\IpNat.sys [141824]
[MD5.6129EDB793A4255B1E2FB41773AC9D9A] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.30/09/2013 - 05:13:38.) -- C:\Windows\system32\Drivers\MRxSmb.sys [404992]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 12:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.4412D565C0278C401575E11072C7DCE3] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.22/08/2013 - 14:25:41.) -- C:\Windows\system32\Drivers\ntfs.sys [2011488]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Pilote de port parallèle.) (.22/08/2013 - 12:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 12:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.30/09/2013 - 04:59:55.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 14:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.9F9CE33B50611A1C61A46B8911E0B30B] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.22/08/2013 - 13:39:15.) -- C:\Windows\system32\Drivers\volsnap.sys [312160]
~ Generic Processes: Scanned in 00mn 02s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 3/2124
~ Mes musiques (My Musics) : 1/4210
~ Mes Videos (My Videos) : 2/3
~ Mes Favoris (My Favorites) : 1/337
~ Mes Documents (My Documents) : 3/14824
~ Mon Bureau (My Desktop) : 2/64
~ Menu demarrer (Programs) : 1/52
~ Hidden Files: Scanned in 00mn 47s



---\\ Processus lancés
[MD5.F530202CBFCD03173973FD08B5E90883] - (.Trusteer Ltd. - RapportService.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe [2480408] [PID.3128]
[MD5.376A9B411BF8B77D5BF84B24D0C7DACD] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [863184] [PID.5640]
[MD5.BF8382259F4EAF534DC806D7C7B0AEAA] - (.Samsung - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1106288] [PID.6392]
[MD5.7738C9F1318EA2E747330008C42B9473] - (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968] [PID.6024]
[MD5.5A32D1ABB92186BC1A193845FEADDE20] - (...) -- C:\Users\Kleck\AppData\Roaming\Dashlane\Dashlane.exe [277688] [PID.5972] =>Toolbar.Dashlane
[MD5.BE1DAE43DFBCA94FB6B4157C1B16923E] - (...) -- ysWOW64\rundll32.exe [0] [PID.6624]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.5468]
[MD5.32BD04B415865C8BCAF77310CCCB8A10] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\Kleck\AppData\Roaming\Dropbox\bin\Dropbox.exe [30714312] [PID.1204]
[MD5.1F0A97900FC718CE617A722BEF8580CD] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312] [PID.468]
[MD5.0FBD76E8BA11D87010309DB7AC199FF0] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8310272] [PID.6356]
~ Processes Running: Scanned in 00mn 03s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Kleck\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://search.conduit.com
G2 - GCE: Preference [User Data\Default] [fjpdnoojnohifgekbkmnfbiobhcbedka] outobox v.1.0.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google00A0Wallet v.0.0.6.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pamebaeiblihenfdcafombfkppomffoh] Webexp Enhanced v.1.1 (Désactivé) =>PUP.WebexpEnhanced
~ Google Browser: 12 Legitimates Filtered in 00mn 01s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;*.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: WebexpEnhancedV1alpha387 [64Bits] - {14a9c1dd-92ad-49d8-97ab-206ddf0a1410} . (.Pas de propriétaire - Webexp Enhanced.) -- C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha387\ie\WebexpEnhancedV1alpha387.dll =>PUP.WebexpEnhanced
O2 - BHO: outobox [64Bits] - {30f06672-0e95-41a9-80cb-dee386af99ad} . (.outobox - outobox.) -- C:\Program Files (x86)\outobox\outoboxbho.dll
O2 - BHO: Ask Toolbar BHO [64Bits] - {42435041-3300-A76A-76A7-7A786E7484D7} . (...) -- "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\BCPA3\Passport.dll" (.not file.) =>Toolbar.Ask
~ BHO: 12 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! Online Security - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
O3 - Toolbar: Ask Toolbar - [HKLM]{42435041-3300-A76A-76A7-7A786E7484D7} . (...) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\BCPA3\Passport_x64.dll =>Toolbar.Ask
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll =>Toolbar.Google
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{42435041-3300-A76A-76A7-7A786E7484D7} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Ashampoo Burning Studio 6 FREE.lnk . (.ashampoo Technology GmbH & Co. KG - Burning Studio 6 Free.) -- C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 6 FREE\burningstudio.exe
O4 - GS\Desktop [Public]: Ashampoo Photo Commander 9.lnk . (.ashampoo GmbH & Co. KG - Ashampoo Photo Commander 9.) -- C:\Program Files (x86)\Ashampoo\Ashampoo Photo Commander 9\apc.exe
O4 - GS\Desktop [Public]: BookSmart.lnk . (.Blurb, Inc - BookSmart® 3.4.3 3.4.3 34780.) -- C:\Program Files (x86)\BookSmart\BookSmart.exe
O4 - GS\Desktop [Public]: Easy-PhotoPrint.lnk . (.CANON INC. - BJEZPRN.) -- C:\Program Files (x86)\Canon\Easy-PhotoPrint\BJEZPRN.exe
O4 - GS\Desktop [Public]: Etiquettes CD-DVD.lnk . (...) -- C:\Program Files (x86)\Micro Application\Etiquettes CD-DVD\draw4483.exe
O4 - GS\Desktop [Public]: Garmin Express.lnk . (.Garmin - Express.) -- C:\Program Files (x86)\Garmin\Express\Express.exe =>.Garmin Corporation
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: MP Navigator 3.0.lnk . (.CANON INC. - MP Navigator.) -- C:\Program Files (x86)\Canon\MP Navigator 3.0\mpn30.exe
O4 - GS\Desktop [Public]: MP600 Manuel en ligne.lnk . (...) -- C:\Program Files (x86)\Canon\IJ Manual\MP600\French\Windows\Contents87.chm
O4 - GS\Desktop [Public]: Pinnacle Studio 15.lnk . (.Pinnacle Systems - Studio program file.) -- C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe
O4 - GS\Desktop [Public]: PrintPratic.lnk . (.Micro Application - Print Pratic.) -- C:\Program Files (x86)\Micro Application\PrintPratic\PrintPratic.exe
O4 - GS\Desktop [Public]: Tap'Touche 6.0.lnk . (.De Marque Inc. - Application MFC Tap'Touche.) -- C:\Program Files (x86)\Tap'Touche 6.0\TTouche.exe
O4 - GS\Desktop [Public]: VideoPlayer.lnk . (.Tuguu SL - VAFPlayer.) -- C:\Program Files (x86)\VideoPlayer\VAFPlayer.exe =>PUP.VAFPlayer
O4 - GS\Program [Public]: Desktop.lnk - Clé orpheline
O4 - GS\QuickLaunch [Kleck]: Free Video Converter.lnk . (.Koyote Soft - FreeVideoConverter.) -- C:\Program Files (x86)\Free Video Converter\FreeVideoConverter.exe
O4 - GS\QuickLaunch [Kleck]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Kleck]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Kleck]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Kleck]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Kleck]: MP Navigator 3.0.lnk . (.CANON INC. - MP Navigator.) -- C:\Program Files (x86)\Canon\MP Navigator 3.0\mpn30.exe
O4 - GS\TaskBar [Kleck]: Windows Firewall with Advanced Security.lnk . (...) -- C:\WINDOWS\system32\WF.msc
O4 - GS\Program [Kleck]: Contraventions.lnk - Clé orpheline
O4 - GS\Program [Kleck]: Etiquettes CD-DVD.lnk . (...) -- C:\Program Files (x86)\Micro Application\Etiquettes CD-DVD\draw4483.exe
O4 - GS\Program [Kleck]: Images.lnk . (...) -- C:\Users\Kleck\AppData\Roaming\Microsoft\Windows\Libraries\Pictures.library-ms
O4 - GS\Program [Kleck]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [Kleck]: Mes favoris.lnk . (...) -- C:\Users\Kleck\Documents\Mes favoris
O4 - GS\Program [Kleck]: Panneau de configuration.lnk - Clé orpheline
O4 - GS\SendTo [Kleck]: Evernote3.5.lnk . (.Evernote Corp., 333 W Evelyn Ave. Mountain - Evernote for Windows.) -- C:\Program Files (x86)\Evernote\Evernote3.5\Evernote.exe
O4 - GS\Desktop [Kleck]: Captvty.exe - Raccourci.lnk . (...) -- C:\Users\Kleck\Desktop\Captvty\Captvty.exe
O4 - GS\Desktop [Kleck]: Dashlane.lnk . (...) -- C:\Users\Kleck\AppData\Roaming\Dashlane\Dashlane.exe =>Toolbar.Dashlane
O4 - GS\Desktop [Kleck]: Dropbox-Voy.Diapos-les Amis.lnk . (.Dropbox, Inc. - Dropbox.) -- C:\Users\Kleck\AppData\Roaming\Dropbox\bin\Dropbox.exe =>.Dropbox
O4 - GS\Desktop [Kleck]: Fermer.lnk . (.Microsoft Corporation - Outil d’arrêt et d’annotation Windows.) -- C:\Windows\System32\shutdown.exe
O4 - GS\Desktop [Kleck]: Free Video Converter.lnk . (.Koyote Soft - FreeVideoConverter.) -- C:\Program Files (x86)\Free Video Converter\FreeVideoConverter.exe
O4 - GS\Desktop [Kleck]: Galaxy S II - Raccourci.lnk . (...) -- C:\Users\Kleck\Documents\Notices\Galaxy S II.pdf
O4 - GS\Desktop [Kleck]: GIMP 2.lnk . (.Spencer Kimball, Peter Mattis and the GIMP - GNU Image Manipulation Program.) -- C:\Program Files\GIMP 2\bin\gimp-2.8.exe
O4 - GS\Desktop [Kleck]: Mes images - Raccourci.lnk . (...) -- C:\Users\Kleck\Pictures
O4 - GS\Desktop [Kleck]: Mes vidéos - Raccourci.lnk . (...) -- C:\Users\Kleck\Videos
O4 - GS\Desktop [Kleck]: Picasa AlbumWeb - Raccourci.lnk . (...) -- C:\Users\Kleck\Pictures\Album Picasa.htm
O4 - GS\Desktop [Kleck]: SkyDrive-Fam.Amis.Images.lnk . (...) -- C:\Users\Kleck\SkyDrive
O4 - GS\Desktop [Kleck]: System Checkup.lnk . (.iolo technologies, LLC - System Checkup®.) -- C:\Program Files (x86)\iolo\System Checkup\SystemCheckup.exe
O4 - GS\Desktop [Kleck]: transformer_pad_tf300t_emanual - Raccourci.lnk . (...) -- C:\Users\Kleck\Documents\Notices\transformer_pad_tf300t_emanual.pdf
~ Global Startup: 110 Legitimates Filtered in 00mn 05s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Kleck]: Dropbox.lnk . (.Dropbox, Inc. - Dropbox.) -- C:\Users\Kleck\AppData\Roaming\Dropbox\bin\Dropbox.exe =>.Dropbox
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [CanonMyPrinter] . (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
O4 - HKCU\..\Run: [KiesPDLR] . (.Samsung - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [KiesAirMessage] . (.Samsung Electronics - Pas de description.) -- C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
O4 - HKCU\..\Run: [SkyDrive] . (.Microsoft Corporation - Microsoft SkyDrive.) -- C:\Users\Kleck\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [GarminExpressTrayApp] . (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
O4 - HKCU\..\Run: [Dashlane] . (...) -- C:\Users\Kleck\AppData\Roaming\Dashlane\Dashlane.exe =>Toolbar.Dashlane
O4 - HKCU\..\Run: [TBHostSupport] C:\Users\Kleck\AppData\Local\TBHostSupport\TBHostSupport.dll (.not file.)
O4 - HKCU\..\Run: [NextLive] . (.NewNextDotMe - NewNext Helper Engine.) -- C:\Users\Kleck\AppData\Roaming\newnext.me\nengine.dll
O4 - HKLM\..\Wow6432Node\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics Co
O4 - HKLM\..\Wow6432Node\Run: [ScanSoft OmniPage SE 4.0-reminder] C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\Ereg\Ereg.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [Cobian Backup 11] . (.Luis Cobian, CobianSoft - Cobian Backup 11 Gravity.) -- C:\Program Files (x86)\Cobian Backup 11\Cobian.exe
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [AMD AVT] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\Cmd.exe =>.Microsoft Corporation
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe (.not file.)
O4 - HKUS\S-1-5-21-3565623869-889656329-2835060224-1000\..\Run: [KiesPDLR] . (.Samsung - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-21-3565623869-889656329-2835060224-1000\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKUS\S-1-5-21-3565623869-889656329-2835060224-1000\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe
O4 - HKUS\S-1-5-21-3565623869-889656329-2835060224-1000\..\Run: [KiesAirMessage] . (.Samsung Electronics - Pas de description.) -- C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
O4 - HKUS\S-1-5-21-3565623869-889656329-2835060224-1000\..\Run: [SkyDrive] . (.Microsoft Corporation - Microsoft SkyDrive.) -- C:\Users\Kleck\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3565623869-889656329-2835060224-1000\..\Run: [GarminExpressTrayApp] . (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
O4 - HKUS\S-1-5-21-3565623869-889656329-2835060224-1000\..\Run: [Dashlane] . (...) -- C:\Users\Kleck\AppData\Roaming\Dashlane\Dashlane.exe =>Toolbar.Dashlane
O4 - HKUS\S-1-5-21-3565623869-889656329-2835060224-1000\..\Run: [TBHostSupport] C:\Users\Kleck\AppData\Local\TBHostSupport\TBHostSupport.dll (.not file.)
O4 - HKUS\S-1-5-21-3565623869-889656329-2835060224-1000\..\Run: [NextLive] . (.NewNextDotMe - NewNext Helper Engine.) -- C:\Users\Kleck\AppData\Roaming\newnext.me\nengine.dll
~ Application: Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{90575AAF-8E51-4A2E-BF9F-7C9306E31D09}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{90575AAF-8E51-4A2E-BF9F-7C9306E31D09}: DhcpDomain = lan
O17 - HKLM\System\CS1\Services\Tcpip\..\{90575AAF-8E51-4A2E-BF9F-7C9306E31D09}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{90575AAF-8E51-4A2E-BF9F-7C9306E31D09}: DhcpDomain = lan
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Tor Win32 Service (tor) . (...) - C:\Program Files (x86)\Tor\tor.exe
O23 - Service: Update outobox (Update outobox) . (...) - C:\Program Files (x86)\outobox\updateoutobox.exe
O23 - Service: Util outobox (Util outobox) . (...) - C:\Program Files (x86)\outobox\bin\utiloutobox.exe
~ Services: 13 Legitimates Filtered in 00mn 10s



---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [4671] (...) -- C:\Users\Kleck\AppData\Local\Temp\launchie.vbs \\B (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [iolo System Checkup] (...) -- C:\ProgramData\iolo\scustask.lnk \toaster (.not file.) [0]
[MD5.8C7FB9078A63B7E5E899E7A2DBB0DB53] [APT] [{3A5F57EF-3EC6-44A1-B6BA-00196501CAE3}] (...) -- C:\Users\Kleck\AppData\Roaming\2V2Z1C1P1H1P1Q1F2W1G1I1F1T1QtAtB\Evernote Packages\uninstaller.exe [1114624]
[MD5.00000000000000000000000000000000] [APT] [{889C0B1B-CA97-4142-A8C5-4B63C4CAD86B}] (...) -- C:\Program Files (x86)\Wajam\uninstall.exe (.not file.) [0] =>PUP.Wajam
[MD5.00000000000000000000000000000000] [APT] [{C903BAAB-5B8C-4CB2-B106-C27CE59EB6AF}] (...) -- C:\PROGRA~3\TARMAI~1\{889DF~1\Setup.exe (.not file.) [0] =>PUP.Tarma
~ Scheduled Task: 16 Legitimates Filtered in 00mn 10s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (gtxqftpr) . (. - .) - C:\WINDOWS\system32\drivers\gtxqftpr.sys (.not file.)
O41 - Driver: (onjykfur) . (. - .) - C:\WINDOWS\system32\drivers\onjykfur.sys (.not file.)
O41 - Driver: (ygdvmesh) . (. - .) - C:\WINDOWS\system32\drivers\ygdvmesh.sys (.not file.)
~ Drivers: 54 Legitimates Filtered in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: Ask Toolbar - (.APN, LLC.) [HKLM][64Bits] -- {42435041-3300-A76A-76A7-A758B70C0700} =>Toolbar.Ask
O42 - Logiciel: Free Zip 9.20 - (.Somoto Ltd.) [HKLM][64Bits] -- 7-Zip =>Adware.MegaSearch
O42 - Logiciel: Setup1 - (.Default Company Name.) [HKLM][64Bits] -- {A5C0036F-9219-489B-AC10-39A33C7332BE}
O42 - Logiciel: WPM17.8.0.3159 - (.Cherished Technololgy LIMITED.) [HKLM][64Bits] -- WPM =>PUP.WpManager
O42 - Logiciel: outobox - (.outobox.) [HKLM][64Bits] -- outobox
~ Logic: 29 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\outobox]
[HKLM\Software\Wow6432Node\Better Surf Plus]
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\outobox]
~ Key Software: 324 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 08/07/2013 - 08:38:23 - [0,221] ----D C:\Program Files (x86)\FR-mywebsites.pro =>Toolbar.MyWebsites
O43 - CFD: 01/10/2013 - 11:46:34 - [3,509] ----D C:\Program Files (x86)\Free Zip
O43 - CFD: 31/12/2013 - 10:12:36 - [2,264] ----D C:\Program Files (x86)\outobox
O43 - CFD: 27/11/2013 - 14:41:20 - [1,126] ----D C:\Program Files (x86)\WiseConvert =>Toolbar.Conduit
O43 - CFD: 23/09/2013 - 07:47:33 - [0,003] ----D C:\ProgramData\clp
O43 - CFD: 19/06/2012 - 09:08:30 - [0] ----D C:\ProgramData\Preventon
O43 - CFD: 02/07/2013 - 08:19:14 - [1,063] ----D C:\Users\Kleck\AppData\Roaming\0A1Q1B1P1T1C1R1M1P1B
O43 - CFD: 04/08/2013 - 08:07:49 - [1,063] ----D C:\Users\Kleck\AppData\Roaming\2V2Z1C1P1H1P1Q1F2W1G1I1F1T1QtAtB
O43 - CFD: 01/01/2014 - 14:38:01 - [1,228] ----D C:\Users\Kleck\AppData\Roaming\newnext.me
O43 - CFD: 31/12/2013 - 15:25:43 - [1,224] ----D C:\Users\Kleck\AppData\Local\genienext
O43 - CFD: 30/12/2013 - 15:25:04 - [0,003] ----D C:\Users\Kleck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat =>Adware.MegaSearch
~ 1 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 243 Legitimates Filtered in 01mn 29s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.52A5F2AF655529F3425C397A1F6FFF3C] - 01/01/2014 - 08:39:22 ---A- . (...) -- C:\Windows\System32\lvcoinst.log [18312]
O44 - LFC:[MD5.BE86F146095DABC2DC7229A3FADDF35D] - 20/12/2013 - 18:46:53 ---A- . (...) -- C:\extensions.ini [161]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 29/12/2013 - 18:05:31 ---A- . (...) -- C:\autoexec.bat [0]
~ Files: 11 Legitimates Filtered in 00mn 45s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.C04F7B373881009D7994D9BF55D24AB4] - 31/10/2013 - 08:56:28 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776]
O58 - SDL:[MD5.59787B95DD9CA44CB139D96863438587] - 31/10/2013 - 08:56:28 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [205320]
O58 - SDL:[MD5.C1ABB0F7E3BEA48A0417BDF6FF14AB21] - 13/08/2013 - 00:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:[MD5.366DEA74BBA65B362BCCFC6FC2ADFD8B] - 22/08/2013 - 13:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
O58 - SDL:[MD5.DDEE99DC54EFA20BD5A442CD733C4462] - 20/03/2013 - 09:07:16 ---A- . (...) -- C:\Windows\SysWOW64\FsUsbExDisk.Sys [37344]
~ Drivers: 19 Legitimates Filtered in 00mn 05s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.3B32CAA07D672F8A2E0DF5CB3A873F45] [SPRF][22/06/2012] (...) -- C:\Users\Kleck\AppData\Local\Temp\ESGScanner.sys [22704]
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][16/12/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Kleck\AppData\Local\Temp\nsh24FC.exe [167812] =>Toolbar.Conduit
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][16/12/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Kleck\AppData\Local\Temp\nsj4FE.exe [167812] =>Toolbar.Conduit
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][16/12/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Kleck\AppData\Local\Temp\nso6BD8.exe [167812] =>Toolbar.Conduit
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][16/12/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Kleck\AppData\Local\Temp\nso783D.exe [167812] =>Toolbar.Conduit
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][16/12/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Kleck\AppData\Local\Temp\nso8406.exe [167812] =>Toolbar.Conduit
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][16/12/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Kleck\AppData\Local\Temp\nsv15E7.exe [167812] =>Toolbar.Conduit
[MD5.F0A5B44B9B8A23E2F2950B346B5C7718] [SPRF][23/12/2013] (...) -- C:\Users\Kleck\AppData\Local\Temp\Quarantine.exe [360051]
[MD5.C8F3AD4CA2B268C6F939739E7547AD48] [SPRF][29/12/2013] (...) -- C:\Users\Kleck\AppData\Local\Temp\SHSetup.exe [46777424] =>Crapware.SpyHunter
~ Files: 13 Legitimates Filtered in 00mn 01s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "UDP Query User{B7ADA9B1-04A9-4B52-BA41-C8FD88B06370}C:\program files (x86)\cobian backup 11\cbremotemanager.exe" | In - Private - P17 - TRUE | .(.Luis Cobian, CobianSoft - Cobian Backup 11, Gravity, Remote Manager.) -- C:\program files (x86)\cobian backup 11\cbremotemanager.exe
O87 - FAEL: "TCP Query User{EA024B2D-80C4-442C-A598-5FA65C46AF7C}C:\program files (x86)\cobian backup 11\cbremotemanager.exe" | In - Private - P6 - TRUE | .(.Luis Cobian, CobianSoft - Cobian Backup 11, Gravity, Remote Manager.) -- C:\program files (x86)\cobian backup 11\cbremotemanager.exe
~ Firewall: 248 Legitimates Filtered in 00mn 04s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "140534240033A67A677A7A857BC07000" . (.Ask Toolbar.) -- C:\WINDOWS\Installer\{42435041-3300-A76A-76A7-A758B70C0700}\ToolbarIcon.exe =>Toolbar.Ask
O90 - PUC: "D21EC9447C2E79B41BE9551D36AE4953" . (.Bing Bar.) -- C:\Windows\Installer\{449CE12D-E2C7-4B97-B19E-55D163EA9435}\icon_installer_ico =>Toolbar.Bing
~ Update Products: 125 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.55349D8F5B3E27D6651830C57F88088E] [WIS][14/11/2013] (.Trusteer - Rapport.) -- C:\Windows\Installer\15846.msi [40443904]
[MD5.EE48B1ED5A2B6A5E761BD2861E606864] [WIS][08/11/2013] (.APN, LLC - Ask Toolbar.) -- C:\Windows\Installer\8a65ac.msi [467456] =>Toolbar.Ask
[MD5.D12E504B9C195A84A264A79388B55A88] [WIS][13/05/2013] (.Linkury Inc. - QuickShare Widget.) -- C:\Windows\Installer\ea093.msi [8495104] =>PUP.QuickShare
~ WIS: 130 Legitimates Filtered in 01mn 16s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 01/04/2011 183560 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.exe
SS - | Auto 01/03/2012 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 01/03/2012 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 26/04/2013 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 17/09/2013 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Auto 25/07/2013 162672 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 22/08/2013 37768 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 10/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 12/12/2013 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 12/12/2013 116776 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 07/03/2013 67584 | (cbVSCService11) . (.CobianSoft, Luis Cobian.) - C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
SR - | Auto 22/08/2013 220504 | (Garmin Core Update Service) . (.Garmin Ltd or its subsidiaries.) - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
SR - | Auto 25/10/2013 1444120 | (RapportMgmtService) . (.Trusteer Ltd..) - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
SR - | Auto 28/03/2011 249648 | (SeaPort) . (.Microsoft Corporation.) - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.exe
SR - | Auto 04/09/2013 3233806 | (tor) . (...) - C:\Program Files (x86)\Tor\tor.exe
SR - | Auto 07/12/2013 66840 | (Update outobox) . (...) - C:\Program Files (x86)\outobox\updateoutobox.exe
SR - | Auto 31/12/2013 66840 | (Util outobox) . (...) - C:\Program Files (x86)\outobox\bin\utiloutobox.exe
SR - | Demand 10/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation

~ Services: Scanned in 01mn 36s



---\\ Scan Additionnel (O88)
Database Version : 13018 - (01/01/2014)
Clés trouvées (Keys found) : 18
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 5
Fichiers trouvés (Files found) : 16

[HKLM\Software\Google\Chrome\Extensions\pamebaeiblihenfdcafombfkppomffoh] =>PUP.WebexpEnhanced^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14A9C1DD-92AD-49D8-97AB-206DDF0A1410}] =>PUP.WebexpEnhanced^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42435041-3300-A76A-76A7-7A786E7484D7}] =>Toolbar.Ask^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{42435041-3300-A76A-76A7-A758B70C0700}] =>Toolbar.Ask^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\7-Zip] =>Adware.MegaSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WPM] =>PUP.WpManager^
[HKLM\Software\Classes\TypeLib\{3277CD27-4001-4EF8-9D96-C6CA745AC2F9}] =>Trojan.BHO
[HKLM\Software\Classes\Interface\{38493F7F-2922-4C6C-9A9A-8DA2C940D0EE}] =>Trojan.BHO
[HKLM\Software\Wow6432Node\Classes\Interface\{38493F7F-2922-4C6C-9A9A-8DA2C940D0EE}] =>Trojan.BHO
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ba679afc-8ba0-48f4-b8bf-c144e8699fbc}] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}] =>Toolbar.InBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}] =>Toolbar.InBox
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{669695BC-A811-4A9D-8CDF-BA8C795F261C}] =>Toolbar.Dashlane
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{669695BC-A811-4A9D-8CDF-BA8C795F261C}] =>Toolbar.Dashlane
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{42435041-3300-A76A-76A7-7A786E7484D7} =>Toolbar.Ask^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Dashlane =>Toolbar.Dashlane^
C:\Users\Kleck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pamebaeiblihenfdcafombfkppomffoh =>PUP.WebexpEnhanced^
C:\Program Files (x86)\FR-mywebsites.pro =>Toolbar.MyWebsites^
C:\Program Files (x86)\WiseConvert =>Toolbar.Conduit^
C:\Users\Kleck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat =>Adware.MegaSearch^
C:\ProgramData\Software =>Adware.Boxore
C:\Users\Kleck\AppData\Roaming\Dashlane\Dashlane.exe =>Toolbar.Dashlane^
C:\Users\Kleck\AppData\Local\Temp\nsh24FC.exe =>Toolbar.Conduit^
C:\Users\Kleck\AppData\Local\Temp\nsj4FE.exe =>Toolbar.Conduit^
C:\Users\Kleck\AppData\Local\Temp\nso6BD8.exe =>Toolbar.Conduit^
C:\Users\Kleck\AppData\Local\Temp\nso783D.exe =>Toolbar.Conduit^
C:\Users\Kleck\AppData\Local\Temp\nso8406.exe =>Toolbar.Conduit^
C:\Users\Kleck\AppData\Local\Temp\nsv15E7.exe =>Toolbar.Conduit^
C:\Users\Kleck\AppData\Local\Temp\SHSetup.exe =>Crapware.SpyHunter^
C:\Windows\Installer\8a65ac.msi =>Toolbar.Ask^
C:\Windows\Installer\ea093.msi =>PUP.QuickShare^
~ Additionnel Scan: 350731 Items scanned in 01mn 04s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/32053643-toolbar-dashlane =>Toolbar.Dashlane
~ http://nicolascoolman.webs.com/apps/blog/show/40249870-pup-webexpenhanced =>PUP.WebexpEnhanced
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/30392620-pup-vafplayer =>PUP.VAFPlayer
~ http://nicolascoolman.webs.com/apps/blog/show/27379491-toolbar-wajam =>PUP.Wajam
~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma
~ http://nicolascoolman.webs.com/apps/blog/show/26919368-adware-megasearch =>Adware.MegaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/38737316-pup-wpmanager =>PUP.WpManager
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/26609241-crapware-spyhunter =>Crapware.SpyHunter
~ http://nicolascoolman.webs.com/apps/blog/show/28577022-pup-quickshare =>PUP.QuickShare
~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
~ MSI: 13 link(s) detected in 01mn 04s



~ 1157 Legitimates filtered by white list
End of the scan (547 lines in 06mn 51s)(0)

Publicité


Signaler le contenu de ce document

Publicité