cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2014.2.6.4 - Nicolas Coolman (06/02/2014)
~ Lancé par HP (07/02/2014 16:01:08)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16476
GCIE: Google Chrome v32.0.1700.76 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Professional, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 6P6GT
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
avast! Free Antivirus v9.0.2006
Windows Defender W7

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 12 ActiveX
Adobe Reader XI
Java 7 Update 21

---\\ Informations sur le système
~ Processor: x86 Family 6 Model 37 Stepping 2, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1911 MB (30% free)
System Restore: Activé (Enable)
System drive C: has 238 GB (81%) free of 292 GB

---\\ Mode de connexion au système
~ Computer Name: HP-HP
~ User Name: HP
~ All Users Names: Invité 2, HP, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\HP\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\HP\AppData\Roaming\
~ %Desktop% : C:\Users\HP\Desktop\
~ %Favorites% : C:\Users\HP\Favorites\
~ %LocalAppData% : C:\Users\HP\AppData\Local\
~ %StartMenu% : C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 238 Go of 292 Go)
D: Hard drive, Flash drive, Thumb drive (Free 1 Go of 4 Go)
E: CD-ROM drive (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)
J: Floppy drive, Flash card reader, USB Key (Not Inserted)
K: Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: Modified
~ Security Center: 38 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.927FA6456AD6D7630F6854828D2FD16B] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.26/11/2013 - 07:33:33.) -- C:\Windows\System32\wininet.dll [1820160]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 13:17:54.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 13:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.14/09/2013 - 01:48:58.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 09:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 14:45:29.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 11:24:46.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 09:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 13:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/75
~ Mes musiques (My Musics) : 1/6
~ Mes Favoris (My Favorites) : 1/4
~ Mes Documents (My Documents) : 1/126
~ Mon Bureau (My Desktop) : 1/160
~ Menu demarrer (Programs) : 1/28
~ Hidden Files: Scanned in 00mn 00s



---\\ Processus lancés
[MD5.30EC26D3FAF01CAB6B9C8BD9B606550F] - (.DigitalPersona, Inc. - DigitalPersona Local Agent.) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe [628488] [PID.2572]
[MD5.E7FF908CAC792A6DB16F2D4BB775FC95] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920] [PID.3224]
[MD5.709D5D20E51073B63F90D0CE645DBB3F] - (.Hewlett-Packard - File Sanitizer for HP ProtectTools.) -- C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe [11265536] [PID.3324]
[MD5.831FB892A5A5F28BB69DE0AB77FA7281] - (.Adobe Systems Incorporated - Adobe Photoshop Album Starter Edition 3.2 c.) -- C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe [63712] [PID.3356]
[MD5.48B9248CED8A5DE4EB0917CB676CB8D5] - (.Sony Corporation - Media Check Tool.) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe [648032] [PID.3364]
[MD5.157B5DF2CBCE17A0CEECB0FF4297700E] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [142616] [PID.3384]
[MD5.9A30BDDE96721FE6D6B2BA0593F69C81] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [177432] [PID.3392]
[MD5.FEC63BCD1A1DDE7A990223D0F12655D7] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [177944] [PID.3416]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816] [PID.3728]
[MD5.7C0704D4523BA671AFE6D028399942D3] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastui.exe [3567800] [PID.3776]
[MD5.361DD893A616DD6F5D344ACB22BF1D0F] - (.Pas de propriétaire - Printer Device Monitor.) -- C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe [676520] [PID.3784]
[MD5.757690C246C0973493046E52003AE7F4] - (.Pas de propriétaire - Printer Card Transfer Monitor.) -- C:\Program Files\Lexmark 5600-6600 Series\lxduMsdMon.exe [25256] [PID.3800]
[MD5.20F63D80BB2AF096F7D2893A1A2A3A31] - (.Updater - Updater service.) -- C:\ProgramData\Updater\updater.exe [486264] [PID.3852] =>PUP.CrossRider
[MD5.A40824624D8667FE31333B0CEB936169] - (.Sony - Sony PC Companion.) -- C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [449760] [PID.3900]
[MD5.564CB6EACE4064BB4C7815435D035D6A] - (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1093976] [PID.3916]
[MD5.58920E6A409046BA06548D9D139CE0F0] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [20584608] [PID.3980]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ystem32\rundll32.exe [0] [PID.3988]
[MD5.0F6D06A88A88007AAEE5F0EE1ECE42E4] - (...) -- C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe [70880] [PID.3068]
[MD5.728FE96ECB3A7D3F41B4FD67BD976A1E] - (.WatchDog - Pas de description.) -- C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe [429944] [PID.1932] =>PUP.SearchDonkey
[MD5.728FE96ECB3A7D3F41B4FD67BD976A1E] - (.WatchDog - Pas de description.) -- C:\ProgramData\RHelpers\FireFoxHelper\FireFoxHelper.exe [429944] [PID.1060] =>PUP.SearchDonkey
[MD5.728FE96ECB3A7D3F41B4FD67BD976A1E] - (.WatchDog - Pas de description.) -- C:\ProgramData\RHelpers\IEHelper\IeHelper.exe [429944] [PID.3684] =>PUP.SearchDonkey
[MD5.4138AC866C18F94C54C51471E2F188A8] - (.Intel Corporation - Intel(R) Management and Security Status.) -- C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1098264] [PID.5860]
[MD5.655B7942A71237C7383F2F9492D30F9C] - (.AmiExt ltd. - AmiExt IE plugin helper object.) -- C:\Program Files\AmiExt\flashEnhancer\ie\AmiStorage.exe [96256] [PID.8660] =>Adware.FlashEnhancer
[MD5.C8A8321292A459B0A17FB39A782A5C74] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [806096] [PID.8788]
[MD5.E433210DD9F9EF43D4D170E52FFFF116] - (.Microsoft Corporation - Microsoft Word.) -- C:\Program Files\Microsoft Office\Office14\WINWORD.exe [1423008] [PID.6876]
[MD5.C611C6ED5ECFE4608BA79472DFE3D49C] - (.Microsoft Corporation - Microsoft Spell Checking Facility.) -- C:\Windows\System32\MsSpellCheckingFacility.exe [646144] [PID.3408]
[MD5.47D7F5E049E3FAA24176FB92859C552B] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8333824] [PID.5764]
~ Processes Running: Scanned in 00mn 03s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
~ Google Browser: 14 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@unisys.com/npornap] - (...) -- (.not file.)
P2 - FPN: [HKCU] [@lightspark.github.com/Lightspark;version=1] - (...) -- C:\Program Files\Lightspark 0.5.3-git\nplightsparkplugin.dll (.not file.)
~ Firefox Browser: 30 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (...) (No version) -- (.not file.)
~ IE Browser: 18 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: flashEnhancer - {5A60B6BB-FA81-4EFA-AB9C-A820E2143736} . (...) -- C:\Program Files\AmiExt\flashEnhancer\ie\flashEnhancer.dll =>Adware.FlashEnhancer
O2 - BHO: Free Games 111 - {C45EC9F0-8333-465D-9728-074BD41985C9} . (.BestOffers - ScriptHost.) -- C:\Program Files\Free Games 111\ScriptHost.dll =>Adware.ScriptHost
~ BHO: 14 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{1017A80C-6F09-4548-A84D-EDD6AC9525F0} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Garmin Express.lnk . (.Garmin - Express.) -- C:\Program Files\Garmin\Express\Express.exe =>.Garmin Corporation
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: Lexmark Productivity Studio - 5600-6600 Series.LNK . (...) -- C:\Program Files\Lexmark 5600-6600 Series\app4r.exe
O4 - GS\Desktop [Public]: PMB Launcher.lnk . (.Sony Corporation - PMB Launcher.) -- C:\Program Files\Sony\PMB\PMBLauncher.exe
O4 - GS\Program [Public]: Install Embedded Security for HP ProtectTools.lnk . (.Hewlett-Packard Company - Quick Shortcut Creator.) -- C:\SWSetup\ProtectTools\Embedded\QuickLnk.exe
O4 - GS\QuickLaunch [Invité 2]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Invité 2]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Invité 2]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Invité 2]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [Invité 2]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Invité 2]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [HP]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [HP]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [HP]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [HP]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [HP]: Images.lnk . (...) -- C:\Users\HP\AppData\Roaming\Microsoft\Windows\Libraries\Pictures.library-ms
O4 - GS\Desktop [HP]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [HP]: RocketPDF.lnk . (.Krzysztof Kowalczyk - RocketPDF.) -- C:\Program Files\RocketPDF\RocketPDF.exe
O4 - GS\Desktop [HP]: SAUVEGARDE - Raccourci.lnk . (...) -- C:\SAUVEGARDE
O4 - GS\Desktop [HP]: Update Service.lnk . (...) -- C:\Program Files\Sony Ericsson\Update Service\Update Service.exe
~ Global Startup: 86 Legitimates Filtered in 00mn 03s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [IMSS] . (.Pas de propriétaire - PIconStartup application.) -- C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
O4 - HKLM\..\Run: [PDF Complete] . (.PDF Complete Inc - Sentry for PDF.) -- C:\Program Files\PDF Complete\pdfsty.exe =>.PDF Complete Inc
O4 - HKLM\..\Run: [File Sanitizer] . (.Hewlett-Packard - File Sanitizer for HP ProtectTools.) -- C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] . (.Adobe Systems Incorporated - Adobe Photoshop Album Starter Edition 3.2 c.) -- C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
O4 - HKLM\..\Run: [PMBVolumeWatcher] . (.Sony Corporation - Media Check Tool.) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
O4 - HKLM\..\Run: [lxdumon.exe] . (.Pas de propriétaire - Printer Device Monitor.) -- C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe
O4 - HKLM\..\Run: [lxduamon] . (...) -- C:\Program Files\Lexmark 5600-6600 Series\lxduamon.exe
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [Updater] . (.Updater - Updater service.) -- C:\ProgramData\Updater\Updater.exe =>PUP.CrossRider
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe (.not file.) =>PUP.Mobogenie
O4 - HKCU\..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe (.not file.)
O4 - HKCU\..\Run: [Sony PC Companion] . (.Sony - Sony PC Companion.) -- C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
O4 - HKCU\..\Run: [GarminExpressTrayApp] . (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files\Garmin\Express Tray\ExpressTray.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [NextLive] . (.NewNextDotMe - NewNext Helper Engine.) -- C:\Users\HP\AppData\Roaming\newnext.me\nengine.dll =>PUP.NextLive
O4 - HKCU\..\Run: [Updater] . (.Updater - Updater service.) -- C:\ProgramData\Updater\updater.exe =>PUP.CrossRider
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3948013663-480411758-2959562095-1001\..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe (.not file.)
O4 - HKUS\S-1-5-21-3948013663-480411758-2959562095-1001\..\Run: [Sony PC Companion] . (.Sony - Sony PC Companion.) -- C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
O4 - HKUS\S-1-5-21-3948013663-480411758-2959562095-1001\..\Run: [GarminExpressTrayApp] . (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files\Garmin\Express Tray\ExpressTray.exe
O4 - HKUS\S-1-5-21-3948013663-480411758-2959562095-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-3948013663-480411758-2959562095-1001\..\Run: [NextLive] . (.NewNextDotMe - NewNext Helper Engine.) -- C:\Users\HP\AppData\Roaming\newnext.me\nengine.dll =>PUP.NextLive
O4 - HKUS\S-1-5-21-3948013663-480411758-2959562095-1001\..\Run: [Updater] . (.Updater - Updater service.) -- C:\ProgramData\Updater\updater.exe =>PUP.CrossRider
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~1\Office14\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~1\Office14\ONBTTN~1.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} ((no name)) - http://kitchenplanner.ikea.com/FR/Core/Player/2020PlayerAX_IKEA_Win32.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{B1F5334E-3095-4D0D-BFFE-33BEE0E6828D}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{B1F5334E-3095-4D0D-BFFE-33BEE0E6828D}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{B1F5334E-3095-4D0D-BFFE-33BEE0E6828D}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: DeviceNP . (.Hewlett-Packard Limited - Pas de description.) -- C:\Windows\System32\DeviceNP.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Internet Updater (InternetUpdater) . (.Parallel Lines Development, LLC - Internet Updater Service.) - C:\ProgramData\InternetUpdater\InternetUpdaterService.exe =>Adware.IncrediBar
O23 - Service: WajamUpdaterV3 (WajamUpdaterV3) . (...) - C:\Program Files\Wajam\Updater\WajamUpdaterV3.exe (.not file.) =>PUP.Wajam
~ Services: 17 Legitimates Filtered in 00mn 06s



---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [4333] (...) -- C:\Users\HP\AppData\Local\Temp\launchie.vbs \\B (.not file.) [0]
[MD5.19A274DC242BA5C7228D398AFCA66EBA] [APT] [Installation App Launcher] (...) -- C:\Program Files\Lexmark 5600-6600 Series\lxduamon.exe [16040]
[MD5.00000000000000000000000000000000] [APT] [{354B9C98-0CAC-420E-8EF8-616A4CD3E4CD}] (...) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{AEAC1722-24F1-4C36-AB06-16296B76709E}] (...) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{BA84ADF2-4E41-4D9A-B0A8-115ED390D54C}] (...) -- E:\Setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{E1E41C8A-02D0-48E5-83D0-FBAC89270881}] (...) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{EB10C0FB-6203-4453-B2BD-D345E46A1A9F}] (...) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.) [0]
~ Scheduled Task: 20 Legitimates Filtered in 00mn 05s



---\\ Logiciels installés (O42)
O42 - Logiciel: Extended Update - (...) [HKCU] -- UpdaterEX =>PUP.Dealply
O42 - Logiciel: Free Games 111 - (.BestOffers.) [HKLM] -- Free Games 111 =>Adware.ScriptHost
O42 - Logiciel: Internet Updater - (.Parallel Lines Development, LLC.) [HKLM] -- InternetUpdater
O42 - Logiciel: ValueApps - (.Conduit.) [HKCU] -- ValueApps =>Toolbar.Conduit
O42 - Logiciel: flash-Enhancer - (.flash-Enhancer.com.) [HKLM] -- flash-Enhancer =>Adware.FlashEnhancer
~ Logic: 22 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\AmiExt] =>Adware.FlashEnhancer
[HKCU\Software\BonanzaDeals] =>Adware.BonanzaDeals
[HKLM\Software\AmiExt] =>Adware.FlashEnhancer
[HKLM\Software\BonanzaDeals] =>Adware.BonanzaDeals
[HKLM\Software\Shortcut_Module]
[HKLM\Software\mamverifier]
~ Key Software: 212 Legitimates Filtered in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 06/02/2014 - 16:52:01 - [0,817] ----D C:\Program Files\AmiExt =>Adware.FlashEnhancer
O43 - CFD: 24/01/2014 - 14:23:20 - [2,358] ----D C:\Program Files\Free Games 111 =>Adware.ScriptHost
O43 - CFD: 06/02/2014 - 16:51:56 - [0,053] ----D C:\Program Files\PC Cleaner =>USP.PCCleaner
O43 - CFD: 06/02/2014 - 16:51:55 - [0,645] ----D C:\Program Files\SupTab =>PUP.SupTab
O43 - CFD: 24/07/2010 - 14:53:39 - [0] ----D C:\ProgramData\5600-6600 Series
O43 - CFD: 06/02/2014 - 16:52:03 - [1,432] ----D C:\ProgramData\InternetUpdater
O43 - CFD: 06/02/2014 - 16:52:03 - [1,230] ----D C:\ProgramData\RHelpers =>PUP.SearchDonkey
O43 - CFD: 06/02/2014 - 16:52:03 - [1,689] ----D C:\ProgramData\Updater =>PUP.CrossRider
O43 - CFD: 25/01/2014 - 11:04:11 - [43,420] ----D C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
O43 - CFD: 05/02/2014 - 11:49:27 - [1,063] ----D C:\Users\HP\AppData\Roaming\0C1I1L1R1J0C1F1G1G1P1R2Z
O43 - CFD: 05/02/2014 - 11:49:27 - [0] ----D C:\Users\HP\AppData\Roaming\5600-6600 Series
O43 - CFD: 07/02/2014 - 12:32:40 - [1,228] ----D C:\Users\HP\AppData\Roaming\newnext.me =>PUP.NextLive
O43 - CFD: 05/02/2014 - 11:48:40 - [1,224] ----D C:\Users\HP\AppData\Local\genienext
O43 - CFD: 06/02/2014 - 16:52:12 - [0,002] ----D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop =>Adware.Lollipop
~ 1 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 158 Legitimates Filtered in 01mn 19s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.72393FF9B627D0D26634D3BCE58E96A4] - 06/02/2014 - 18:29:55 ---A- . (...) -- C:\Windows\ntbtlog.txt [172280]
O44 - LFC:[MD5.CB3649F34B91C6901BD9672D0233E0F3] - 07/02/2014 - 11:26:17 ---A- . (...) -- C:\DelFix.txt [2262]
O44 - LFC:[MD5.A2BA07B6F73F3CE38ABD3FEEFA780C69] - 07/02/2014 - 12:12:18 ---A- . (...) -- C:\Shortcut_Module_07_02_2014_12_12_18.txt [7664]
O44 - LFC:[MD5.8F9AB0D9E625F5E9A9A4CE37E227C740] - 07/02/2014 - 12:29:56 ---A- . (...) -- C:\Shortcut_Module_07_02_2014_12_29_56.txt [2796]
~ Files: 12 Legitimates Filtered in 00mn 34s



---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{077b617d-37f7-11e2-8c43-d8d385771dd5}\AutoRun\command. (...) -- L:\Startme.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.F385467DF95D0A73775CB3B076B8B969] - 16/10/2013 - 09:59:34 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [49944]
O58 - SDL:[MD5.BADA8FD627F1D0E22308211C33F0BDB5] - 16/10/2013 - 09:59:34 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [178304]
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 14/07/2009 - 02:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 13/07/2009 - 23:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 02/01/1601 - 23:00:00 ---A- . (...) -- C:\Windows\System32\Drivers\SafeBoot.sys [110520]
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 14/07/2009 - 02:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 22:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 22:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 22:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 22:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 22:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 22:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 22:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 22:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 22:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 22:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 22:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 22:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 16 Legitimates Filtered in 00mn 02s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {030B0BC1-5EAE-AAF0-A3BB-313580EF280E} [DefaultScope] - (Delta Search) - http://www1.delta-search.com =>Toolbar.DeltaSearch
O69 - SBI: SearchScopes [HKCU] {2F4B60C8-B8BD-49F4-A3E1-9D89D3F3466C} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {31FE45A0-35B7-4BF0-802C-149A1259990F} - (Ask Search) - http://websearch.ask.com =>Toolbar.Ask
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
~ Keys: Scanned in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{4092DF45-C63D-4DC4-8ACA-04F9EC29BE95}" |In - Public - P6 - TRUE | .(...) -- C:\ProgramData\eSafe\eGdpSvc.exe (.not file.) =>PUP.eSafeSecurity
~ Firewall: 199 Legitimates Filtered in 00mn 00s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "1952D39F10282964DBD8760AFBCAC941" . (.SweetIM Toolbar for Internet Explorer 3.9.) -- C:\Windows\Installer\{F93D2591-8201-4692-BD8D-67A0BFAC9C14}\ARPPRODUCTICON.exe =>PUP.SweetIM
O90 - PUC: "78886CCC70E683440A53C722FEDB1CE5" . (..) -- C:\Windows\Installer\{CCC68887-6E07-4438-A035-7C22EFBDC15E}\ARPPRODUCTICON.exe
O90 - PUC: "B42F9C3329D123649A51183EBBD1D5B6" . (.Reconstitution suite a un Vol .) -- C:\Windows\Installer\{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}\ARPPRODUCTICON.exe
~ Update Products: 97 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.39988793C0BE26963F7C8228E7F04E23] [WIS][06/01/2014] (.Google - Google+ Auto Backup.) -- C:\Windows\Installer\1656f1.msi [3088384]
[MD5.637B765197728E2E3B3C2A4754F62517] [WIS][27/09/2010] (.SweetIM Technologies Ltd. - SweetIM Toolbar for Internet Explorer 3.9.) -- C:\Windows\Installer\3aa2b643.msi [2363392] =>PUP.SweetIM
~ WIS: 99 Legitimates Filtered in 00mn 12s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 05/02/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 07/12/2009 362040 | (FLCDLOCK) . (.Hewlett-Packard Ltd.) - C:\Windows\system32\flcdlock.exe
SS - | Auto 24/07/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 24/07/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 12/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Auto 05/09/2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Demand 04/02/2013 155824 | (Sony PC Companion) . (.Avanquest Software.) - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
SS - | Auto 10/07/1658 0 | (WajamUpdaterV3) . (...) - C:\Program Files\Wajam\Updater\WajamUpdaterV3.exe =>PUP.Wajam

SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 16/10/2013 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Auto 22/01/2010 300808 | (DpHost) . (.DigitalPersona, Inc..) - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
SR - | Auto 19/09/2013 250200 | (Garmin Core Update Service) . (.Garmin Ltd or its subsidiaries.) - C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
SR - | Auto 12/01/2010 36864 | (HP ProtectTools Service) . (.Hewlett-Packard Development Company, L.P.) - C:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
SR - | Auto 04/11/2013 92160 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe =>.Hewlett-Packard Co
SR - | Auto 26/01/2010 281192 | (HpFkCryptService) . (.McAfee, Inc..) - C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
SR - | Auto 11/12/2009 297984 | (HPFSService) . (.Hewlett-Packard.) - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
SR - | Demand 13/05/2013 1129760 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
SR - | Auto 15/01/2014 45568 | (InternetUpdater) . (.Parallel Lines Development, LLC.) - C:\ProgramData\InternetUpdater\InternetUpdaterService.exe
SR - | Auto 04/11/2009 268824 | (LMS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 16/10/2009 94208 | (lxduCATSCustConnectService) . (.Lexmark International, Inc..) - C:\Windows\system32\spool\DRIVERS\W32X86\3\lxduserv.exe
SR - | Auto 16/10/2009 589824 | (lxdu_device) . (...) - C:\Windows\system32\lxducoms.exe
SR - | Auto 18/06/2009 635416 | (pdfcDispatcher) . (.PDF Complete Inc.) - C:\Program Files\PDF Complete\pdfsvc.exe
SR - | Auto 27/11/2010 398176 | (PMBDeviceInfoProvider) . (.Sony Corporation.) - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
SR - | Auto 22/09/2010 249136 | (SeaPort) . (.Microsoft Corporation.) - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
SR - | Auto 04/11/2009 2320920 | (UNS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 15s



---\\ Scan Additionnel (O88)
Database Version : 13030 - (06/02/2014)
Clés trouvées (Keys found) : 9
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 11
Fichiers trouvés (Files found) : 10

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5A60B6BB-FA81-4EFA-AB9C-A820E2143736}] =>Adware.FlashEnhancer^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C45EC9F0-8333-465D-9728-074BD41985C9}] =>Adware.ScriptHost^
[HKLM\SYSTEM\CurrentControlSet\Services\InternetUpdater] =>Adware.IncrediBar^
[HKLM\SYSTEM\CurrentControlSet\Services\WajamUpdaterV3] =>PUP.Wajam^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX] =>PUP.Dealply^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Free Games 111] =>Adware.ScriptHost^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ValueApps] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\flash-Enhancer] =>Adware.FlashEnhancer^
[HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.Ask
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Updater =>PUP.CrossRider^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:NextLive =>PUP.NextLive^
C:\Program Files\AmiExt =>Adware.FlashEnhancer^
C:\Program Files\Free Games 111 =>Adware.ScriptHost^
C:\Program Files\PC Cleaner =>USP.PCCleaner^
C:\Program Files\SupTab =>PUP.SupTab^
C:\ProgramData\RHelpers =>PUP.SearchDonkey^
C:\ProgramData\Updater =>PUP.CrossRider^
C:\Users\HP\AppData\Roaming\newnext.me =>PUP.NextLive^
C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop =>Adware.Lollipop^
C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog =>Adware.SmileyBar
C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf =>PUP.SpeedAnalysis
C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff =>Adware.MyWebSearch
C:\ProgramData\Updater\updater.exe =>PUP.CrossRider^
C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe =>PUP.SearchDonkey^
C:\ProgramData\RHelpers\FireFoxHelper\FireFoxHelper.exe =>PUP.SearchDonkey^
C:\ProgramData\RHelpers\IEHelper\IeHelper.exe =>PUP.SearchDonkey^
C:\Program Files\AmiExt\flashEnhancer\ie\AmiStorage.exe =>Adware.FlashEnhancer^
[HKCU\Software\AmiExt] =>Adware.FlashEnhancer^
[HKCU\Software\BonanzaDeals] =>Adware.BonanzaDeals^
[HKLM\Software\AmiExt] =>Adware.FlashEnhancer^
[HKLM\Software\BonanzaDeals] =>Adware.BonanzaDeals^
C:\Windows\Installer\3aa2b643.msi =>PUP.SweetIM^
~ Additionnel Scan: 254016 Items scanned in 00mn 21s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider =>PUP.CrossRider
~ http://nicolascoolman.webs.com/apps/blog/show/38839825-pup-searchdonkey =>PUP.SearchDonkey
~ http://nicolascoolman.webs.com/apps/blog/show/40653881-adware-flashenhancer =>Adware.FlashEnhancer
~ http://nicolascoolman.webs.com/apps/blog/show/34778910-adware-scripthost =>Adware.ScriptHost
~ http://nicolascoolman.webs.com/apps/blog/show/41034005-pup-mobogenie =>PUP.Mobogenie
~ http://nicolascoolman.webs.com/apps/blog/show/40528410-pup-nextlive =>PUP.NextLive
~ http://nicolascoolman.webs.com/apps/blog/show/26898222-adware-incredibar =>Adware.Incredibar
~ http://nicolascoolman.webs.com/apps/blog/show/27379491-toolbar-wajam =>PUP.Wajam
~ http://nicolascoolman.webs.com/apps/blog/show/28060597-pup-dealply =>PUP.DealPly
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/32816468-adware-bonanzadeals =>Adware.BonanzaDeals
~ http://nicolascoolman.webs.com/apps/blog/show/29956939-usp-pccleaner =>USP.PCCleaner
~ http://nicolascoolman.webs.com/apps/blog/show/41133513-pup-suptab =>PUP.SupTab
~ http://nicolascoolman.webs.com/apps/blog/show/26630902-adware-lollipop =>Adware.Lollipop
~ http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/27588628-pup-esafesecurity =>PUP.eSafeSecurity
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/27530912-adware-smileybar =>Adware.SmileyBar
~ http://nicolascoolman.webs.com/apps/blog/show/28153012-pup-speedanalysis =>PUP.SpeedAnalysis
~ http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch =>Adware.MyWebSearch
~ MSI: 21 link(s) detected in 00mn 21s



~ 1007 Legitimates filtered by white list
End of the scan (578 lines in 03mn 16s)(0)

Publicité


Signaler le contenu de ce document

Publicité