cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2014.3.30.36 - Nicolas Coolman (30/03/2014)
~ Lancé par User (31/03/2014 10:59:30)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16521 (Defaut)
MFIE: Mozilla Firefox 26.0

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7QJB7
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
Norton Internet Security v21.2.0.38
Windows Defender W7

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer
Pando Media Booster v2.6.0.7

---\\ Surveillance de Logiciels
Adobe Flash Player 12 Plugin
Adobe Reader X

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3934 MB (29% free)
System Restore: Activé (Enable)
System drive C: has 212 GB (47%) free of 446 GB

---\\ Mode de connexion au système
~ Computer Name: USER-PC
~ User Name: User
~ All Users Names: User, UpdatusUser, HomeGroupUser$, fbwuser, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\User\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\User\AppData\Roaming\
~ %Desktop% : C:\Users\User\Desktop\
~ %Favorites% : C:\Users\User\Favorites\
~ %LocalAppData% : C:\Users\User\AppData\Local\
~ %StartMenu% : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 212 Go of 446 Go)
D: CD-ROM drive (Not Inserted)
Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 41 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.14/07/2011 - 06:30:29.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.DF79CE9B950C62677D232154E93A81C7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.01/03/2014 - 04:10:28.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.14/07/2011 - 06:33:59.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.DF8126BD41180351A093A3AD2FC8903B] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.25/02/2011 - 07:25:38.) -- C:\Windows\system32\Drivers\volsnap.sys [296320]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 6/108
~ Mes musiques (My Musics) : 20/402
~ Mes Videos (My Videos) : 2/475
~ Mes Favoris (My Favorites) : 1/18
~ Mes Documents (My Documents) : 6/13
~ Mon Bureau (My Desktop) : 1/67
~ Menu demarrer (Programs) : 1/52
~ Hidden Files: Scanned in 00mn 01s



---\\ Processus lancés
[MD5.1A7F10605F9672E101BFA27CAED210D5] - (.Dritek System Inc. - Launch Manager Worker.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe [343632] [PID.2424]
[MD5.286D7742EC5BA52FBA55B1A906CC1E21] - (.Guillaume Ryder (http://utilfr42.free.fr) - Clavier+.) -- C:\Users\User\AppData\Local\Clavier+\Clavier.exe [101888] [PID.3376]
[MD5.C4160567128FCFC1DCA1693369B62DFE] - (.Symantec Corporation - Norton Internet Security.) -- C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\NIS.exe [276376] [PID.3024]
[MD5.10E89F598469C60D8C87A8218089A87D] - (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\User\AppData\Local\Akamai\netsession_win.exe [4489472] [PID.3876]
[MD5.9D4A0ECBF734E2EECDD5B473A2D705FE] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016] [PID.3896]
[MD5.E981B925C0D89830512DF99B29B38C9F] - (.Acer Incorporated - Acer VCM.) -- C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe [723560] [PID.3920]
[MD5.47C1DE0A890613FFCFF1D67648EEDF90] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920] [PID.4044]
[MD5.4DDE3E01B5020B3D5DEEC7E3DC0F3185] - (.NTI Corporation - Acer Backup Manager.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [296984] [PID.4068]
[MD5.FE668B0E3E87077A46FE77AFB0E27F9C] - (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe [1105488] [PID.540]
[MD5.6BA8D86746935498D64CB5CF6286F2EB] - (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608] [PID.1200]
[MD5.FB1A303207C1124C2B61A50E5A32AC21] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968] [PID.3864]
[MD5.FF4F87DCDAA5080281E0E70BB116086B] - (.Adobe Systems Incorporated - Adobe Creative Cloud.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376] [PID.4192]
[MD5.80086ED442941DE2CA18CB6DAE8C1422] - (.Aeria Games & Entertainment - Aeria Ignite.) -- C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656] [PID.4284]
[MD5.79C28DDF889C26FDD6162F796FD49BC4] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.4348]
[MD5.71738E5D624F00EFE56F7C35DB36267C] - (.Adobe Systems Incorporated - Adobe IPC Broker.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe [769904] [PID.4704]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ysWOW64\RunDll32.exe [0] [PID.3492]
[MD5.4C2812958D3D4342FC21E47CC361D5C2] - (.Pas de propriétaire - Core Sync.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe [4696432] [PID.6064]
[MD5.AE9BC27D095C2F26E082C4B3D25921FE] - (.Adobe Systems Incorporated - Adobe CEF Helper.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe [395120] [PID.6076]
[MD5.72E8A03BD09F88FA4D1EFF6EAEE36BEB] - (.Acer Incoporated - Acer Video Quality Enhancement.) -- C:\Program Files (x86)\Acer\Acer VCM\Vc.exe [6354536] [PID.996]
[MD5.0D28A18940E35EA867155657371BB6FE] - (.CyberLink - MediaEspresso DeviceDetector.) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [988456] [PID.7640]
[MD5.9CC2AFA054D7B903FBBCD79D0C434796] - (.Pas de propriétaire - iuBrowserIEAgent.) -- C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [40552] [PID.2516]
[MD5.166341724BDAC91B620B4ECD7B2D72AC] - (.Pas de propriétaire - iuEmailOutlookAgent.) -- C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [22120] [PID.2536]
[MD5.96CB78535CE7E2490F144FD2BB46E1AB] - (...) -- C:\Program Files (x86)\EnhanceTronic\bin\XTLSApp.exe [78632] [PID.3812] =>PUP.EnhanceTronic
[MD5.794088182E03569E9D827936EFDC4EBE] - (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe [805280] [PID.2732]
[MD5.3A3BEA53F039CE2E997A918E26E30B1D] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe [808152] [PID.3228]
[MD5.4414FD10083ABCAEE2F66982BE0B4F3C] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8179712] [PID.8556]
[MD5.11A52CF7B265631DEEB24C6149309EFF] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [64952] [PID.1812]
[MD5.221564CC7BE37611FE15EACF443E1BF6] - (.Apple Inc. - YSLoader.exe.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336] [PID.1880]
[MD5.C02FF01B821FBB72104132E56EC5B881] - (.Dritek System Inc. - Dritek WMI Service.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe [355920] [PID.2356]
[MD5.D98B7ABBBB55FD3A4D9F7B8A7869FCBF] - (.Dritek System Inc. - Launch Manager utility process.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe [419408] [PID.2456]
[MD5.32096F187020A54D29C95B3A1467D963] - (.Acer Incorporated - Global Registration Service.) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [28264] [PID.2604]
[MD5.EF27B3B58E393E9F10FB6A6643BD8185] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [164184] [PID.2704]
[MD5.6BB516A31DE232DAB436FF3A117E1E80] - (.Acer Incorporated - Updater Service.) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe [255376] [PID.2772]
[MD5.D27A4546417ED7C4AEA7B3420D4F1F50] - (.NTI Corporation - Backup Manager Module.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536] [PID.3176]
[MD5.7CB9F0FDD730F4A4ECF6CDE15EA12E8A] - (.Acer Incorporated - Raw Socket Service.) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640] [PID.3356]
[MD5.39B1D0A636A400304565D4521FAD6D77] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [207528] [PID.4136]
[MD5.2F62BD1B9F2D01695DF15211FC0136DC] - (...) -- C:\Program Files (x86)\EnhanceTronic\updateEnhanceTronic.exe [348456] [PID.4904] =>PUP.EnhanceTronic
[MD5.2F62BD1B9F2D01695DF15211FC0136DC] - (...) -- C:\Program Files (x86)\EnhanceTronic\bin\utilEnhanceTronic.exe [348456] [PID.5168] =>PUP.EnhanceTronic
[MD5.77C5A741A7452812F278EF2C18478862] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [523944] [PID.5252]
[MD5.FD557A50A65E44041CD2FCEF4BEB04DB] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822504] [PID.6008]
[MD5.545462D0DBE24AF379BA869B7C185CCD] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13592] [PID.968]
[MD5.2526FECED1625752EF4F8ABB367CAA7E] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [276824] [PID.6600]
[MD5.AB56C9BF8B0B830833C2CB6A63947D2F] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2458944] [PID.7784]
[MD5.5A5D20BD5BA50B8F671CDA78585729D5] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [362840] [PID.5688]
~ Processes Running: Scanned in 00mn 03s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\3e910uwx.default\prefs.js
M3 - MFPP: Plugins - [User] -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\3e910uwx.default\searchplugins\myplaycity.xml
M3 - MFPP: Plugins - [User] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\awesomehp.xml =>PUP.Awesomehp
P2 - FPN:Firefox Plugin Navigator . (.iVIDI.org - iVIDI.org plug-in.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npffividiplg.dll =>PUP.Ividi
~ Firefox Browser: 9 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896; =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8555;https=127.0.0.1:8555 =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: McAfee SiteAdvisor Toolbar - [HKLM]{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
O3 - Toolbar: Norton Toolbar - [HKLM]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files (x86)\Norton Internet Security\Engine64\21.2.0.38\coIEPlg.dll
O3 - Toolbar: Movies Toolbar (Dist. by Bandoo Media, Inc.) - [HKLM]{d1dac034-9fd9-4c13-a388-d2e10e57707f} . (...) -- C:\Program Files (x86)\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx64.dll =>PUP.Datamngr
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Aeria Ignite.lnk . (.Aeria Games & Entertainment - Aeria Ignite.) -- C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
O4 - GS\Desktop [Public]: EPSON Scan.lnk . (.SEIKO EPSON CORP. - EPSON Scan.) -- C:\Windows\twain_32\escndv\escndv.exe
O4 - GS\Desktop [Public]: Image Converter.lnk . (...) -- C:\Program Files (x86)\Image Converter\Image Converter\imageconverter.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: McAfee Anti-Theft.lnk . (...) -- C:\Program Files (x86)\Preload\McAfee Anti-Theft\StartURL.exe (.not file.)
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [User]: Flash Decompiler Trillix.lnk . (.Eltima Software GmbH - Flash Decompiler.) -- C:\Program Files (x86)\Eltima Software\Flash Decompiler Trillix\fd3.exe
O4 - GS\QuickLaunch [User]: iLivid.lnk . (...) -- C:\Users\User\AppData\Local\iLivid\iLivid.exe (.not file.) =>Adware.Bandoo
O4 - GS\QuickLaunch [User]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [User]: Launch Virtual Personality.lnk . (.Triplebit - Application.) -- C:\Program Files (x86)\Virtual Personality\VPersonality.exe
O4 - GS\QuickLaunch [User]: MiPony.lnk . (.www.mipony.net - Mipony.) -- C:\Program Files (x86)\MiPony\MiPony.exe
O4 - GS\QuickLaunch [User]: Star Defender 4.lnk . (...) -- C:\Program Files (x86)\MyPlayCity.com\Star Defender 4\Star Defender 4.exe
O4 - GS\TaskBar [User]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [User]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [User]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [User]: AuraKingdom-FR.lnk . (.Aeria Games & Entertainment - Ignite Launcher.) -- C:\AeriaGames\AuraKingdom-FR\aeria_launcher.exe
O4 - GS\Desktop [User]: Exorcist III.lnk . (.Exent Technologies Ltd. - EXETender Player.) -- C:\Remote Programs\Exorcist III\GPlrLanc.exe http://www.freeridegames.com
O4 - GS\Desktop [User]: Fichiers d’installation Norton.lnk . (...) -- C:\Users\Public\Downloads\Norton\{NIS21021-SHPD-FSD40014} =>.Symantec Corporation
O4 - GS\Desktop [User]: GrandFantasia-FR.lnk . (.Aeria Games & Entertainment - Ignite Launcher.) -- C:\AeriaGames\GrandFantasia-FR\aeria_launcher.exe
O4 - GS\Desktop [User]: HyperCam 3.lnk . (.Solveig Multimedia, Hyperionics - Pas de description.) -- C:\Program Files (x86)\HyperCam 3\SMM_HyperCam.exe
O4 - GS\Desktop [User]: IMVU.lnk . (...) -- C:\Users\User\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe
O4 - GS\Desktop [User]: MyPlayCity Games.lnk . (...) -- C:\Program Files (x86)\MyPlayCity.com\Star Defender 4\MyPlayCity.url
O4 - GS\Desktop [User]: Spooky Splash AD.lnk . (.Exent Technologies Ltd. - EXETender Player.) -- C:\Remote Programs\Fishdom_ Spooky Splash\GPlrLanc.exe http://www.freeridegames.com
O4 - GS\Desktop [User]: Star Defender 4.lnk . (...) -- C:\Program Files (x86)\MyPlayCity.com\Star Defender 4\Star Defender 4.exe
O4 - GS\Desktop [User]: Zombi Of The Death.lnk . (.Exent Technologies Ltd. - EXETender Player.) -- C:\Remote Programs\Vampires VS Zombies\GPlrLanc.exe http://www.freeridegames.com
~ Global Startup: 90 Legitimates Filtered in 00mn 02s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: Acer VCM.lnk . (.Acer Incorporated - Acer VCM.) -- C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
O4 - GS\Startup [Public]: Bluetooth.lnk . (...) -- C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe (.not file.)
O4 - GS\Startup [User]: IMVU.lnk . (...) -- C:\Users\User\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe
O4 - HKLM\..\Run: [Secure Applicayion] . (.Pas de propriétaire - USecuAppClient.) -- C:\Program Files\Acer\Acer Theft Shield\USecuAppClient.exe
O4 - HKLM\..\Run: [InstantUpdate] . (...) -- C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [RtHDVBg_Dolby] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKLM\..\Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe (.not file.)
O4 - HKLM\..\Run: [IntelTBRunOnce] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] . (.Broadcom Corporation - Broadcom 802.11 Network Adapter Wireless Ne.) -- C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe
O4 - HKLM\..\Run: [Power Management] . (.Acer Incorporated - ePowerTray.) -- C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKCU\..\Run: [Clavier+] . (.Guillaume Ryder (http://utilfr42.free.fr) - Clavier+.) -- C:\Users\User\AppData\Local\Clavier+\Clavier.exe
O4 - HKCU\..\Run: [Exetender] C:\Program Files (x86)\Free Ride Games\GPlayer.exe (.not file.)
O4 - HKCU\..\Run: [VoiceMaster] . (.DJMASTER.COM - VoiceMaster.) -- C:\Program Files\VoiceMaster\VoiceMaster.exe
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICAE.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\User\AppData\Local\Akamai\netsession_win.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKLM\..\Wow6432Node\Run: [SuiteTray] . (.Egis Technology Inc. - SuiteTray.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
O4 - HKLM\..\Wow6432Node\Run: [Norton Online Backup] . (.Symantec Corporation - Norton Online Backup Service.) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe =>.Symantec Corporation
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [BackupManagerTray] . (.NTI Corporation - Acer Backup Manager.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
O4 - HKLM\..\Wow6432Node\Run: [Dolby Home Theater v4] . (.Dolby Laboratories Inc. - Dolby Profile Selector.) -- C:\Dolby PCEE4\pcee4.exe
O4 - HKLM\..\Wow6432Node\Run: [LManager] . (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Wow6432Node\Run: [USB3MON] . (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [DivXMediaServer] . (.DivX, LLC - DivX DLNA Media Server.) -- C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Wow6432Node\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Creative Cloud] . (.Adobe Systems Incorporated - Adobe Creative Cloud.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
O4 - HKLM\..\Wow6432Node\Run: [Aeria Ignite] . (.Aeria Games & Entertainment - Aeria Ignite.) -- C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
O4 - HKLM\..\Wow6432Node\Run: [BrowserSafeguard] C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe (.not file.) =>PUP.BrowserSafeguard
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKUS\.DEFAULT\..\Run: [Exetender] C:\Program Files (x86)\Free Ride Games\GPlayer.exe (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [Exetender] C:\Program Files (x86)\Free Ride Games\GPlayer.exe (.not file.)
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [Exetender] C:\Program Files (x86)\Free Ride Games\GPlayer.exe (.not file.)
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Exetender] C:\Program Files (x86)\Free Ride Games\GPlayer.exe (.not file.)
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-21-3378048908-3272755071-1689389435-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3378048908-3272755071-1689389435-1000\..\Run: [Exetender] C:\Program Files (x86)\Free Ride Games\GPlayer.exe (.not file.)
O4 - HKUS\S-1-5-21-3378048908-3272755071-1689389435-1000\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s



---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] http.aeriagames.com
~ IE Zone Confiance: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{24634D1E-7D6A-425E-8F11-8C613325958C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{24634D1E-7D6A-425E-8F11-8C613325958C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{24634D1E-7D6A-425E-8F11-8C613325958C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Update EnhanceTronic (Update EnhanceTronic) . (...) - C:\Program Files (x86)\EnhanceTronic\updateEnhanceTronic.exe =>PUP.EnhanceTronic
O23 - Service: Acer Theft Shield Service (USecuAppSvc) . (.Pas de propriétaire - USecuAppSvc.) - C:\Program Files\Acer\Acer Theft Shield\USecuAppSvc.exe
O23 - Service: Util EnhanceTronic (Util EnhanceTronic) . (...) - C:\Program Files (x86)\EnhanceTronic\bin\utilEnhanceTronic.exe =>PUP.EnhanceTronic
~ Services: 30 Legitimates Filtered in 00mn 19s



---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [BrowserSafeguard Update Task] (...) -- C:\Program Files (x86)\Browsersafeguard\uninstall.BrowserSafeguard.exe (.not file.) [0] =>PUP.BrowserSafeguard
~ Scheduled Task: 20 Legitimates Filtered in 00mn 06s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (wStLibG64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\wStLibG64.sys =>PUP.LinkiDoo
~ Drivers: 102 Legitimates Filtered in 00mn 14s



---\\ Logiciels installés (O42)
O42 - Logiciel: AuraKingdom-FR - (...) [HKLM][64Bits] -- AuraKingdom-FR
O42 - Logiciel: Boxore Client - (.Boxore OU.) [HKLM][64Bits] -- {903CFFD8-85BF-4A51-8A6D-4BBBCA346A6E} =>Adware.Boxore
O42 - Logiciel: BrowserSafeguard - (.Browsersafeguard.) [HKLM][64Bits] -- Browsersafeguard =>PUP.BrowserSafeguard
O42 - Logiciel: Codec Pack Packages - (...) [HKCU][64Bits] -- Codec Pack Packages
O42 - Logiciel: iVIDI Plugin 1.3 - (.iVIDI Plugin, Inc..) [HKLM][64Bits] -- iVIDI Plugin =>PUP.Ividi
O42 - Logiciel: qone8 Browser Protecter - (.qone8.) [HKLM][64Bits] -- qone8 Browser Protecter =>Hijacker.Qone8
~ Logic: 52 Legitimates Filtered in 00mn 03s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\APNDTX]
[HKCU\Software\BrowsersafeguardInstalled] =>PUP.BrowserSafeguard
[HKCU\Software\Pando Networks]
[HKCU\Software\iVIDI Plugin] =>PUP.Ividi
[HKCU\Software\iVIDI.org] =>PUP.Ividi
[HKCU\Software\ividi] =>PUP.Ividi
[HKLM\Software\Wow6432Node\Pando Networks]
~ Key Software: 472 Legitimates Filtered in 00mn 03s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 03/11/2013 - 20:39:44 - [0,429] ----D C:\Program Files (x86)\iVIDI.org plugin =>PUP.Ividi
O43 - CFD: 24/03/2014 - 20:09:52 - [7,182] ----D C:\Program Files (x86)\Pando Networks
O43 - CFD: 03/03/2014 - 13:54:13 - [0,007] ----D C:\ProgramData\Datamngr =>PUP.Datamngr
O43 - CFD: 30/10/2013 - 01:09:48 - [0] ----D C:\Users\User\AppData\Roaming\OfferMosquito =>Toolbar.OfferMosquito
O43 - CFD: 07/08/2013 - 16:56:47 - [0] ----D C:\Users\User\AppData\Roaming\TFP
~ Program Folder: 245 Legitimates Filtered in 00mn 24s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.9CE41B0A001A729F79285157CFD856BE] - 25/03/2014 - 19:44:29 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\wStLibG64.sys [61120] =>PUP.LinkiDoo
O44 - LFC:[MD5.6226A4ABFEEC194BA01693054B4BB0B3] - 31/03/2014 - 08:50:30 ---A- . (...) -- C:\Windows\win.ini [635]
~ Files: 38 Legitimates Filtered in 00mn 05s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.5B6712623AC89612E14B9DA9869A4A32] - 03/03/2014 - 19:07:48 ---A- - C:\Windows\Prefetch\RS_SERVICE.EXE-A90E6EB7.pf
O45 - LFCP:[MD5.7F89BC573243873AEEBF2C1CC50A0DC9] - 12/03/2014 - 18:17:19 ---A- - C:\Windows\Prefetch\ACERVCM.EXE-F30512DB.pf
O45 - LFCP:[MD5.626E0B288B4E68960E5734637FF3162B] - 23/03/2014 - 18:02:22 ---A- - C:\Windows\Prefetch\DOWNLOAD VIDEOS.EXE-66DB2A39.pf
O45 - LFCP:[MD5.D11086E55D14B2D06C91653AC52F3385] - 24/03/2014 - 19:09:59 ---A- - C:\Windows\Prefetch\CACLS.EXE-62F0D75F.pf
O45 - LFCP:[MD5.96D81B2B2E8B3F677E43B7B755FCC78E] - 26/03/2014 - 07:24:07 ---A- - C:\Windows\Prefetch\PCEE4.EXE-98ED232C.pf
O45 - LFCP:[MD5.5BF562188DEDBC03DA57CB5DE6A43B96] - 28/03/2014 - 19:35:10 ---A- - C:\Windows\Prefetch\LMUTILPS32.EXE-34FC39D7.pf
O45 - LFCP:[MD5.8D13EDB1C8BF2806997B26D6EA4D53FC] - 28/03/2014 - 19:35:38 ---A- - C:\Windows\Prefetch\BTITUNESPLUGIN.EXE-218ECF65.pf
O45 - LFCP:[MD5.EB06E82E47D88EC67D8A92D8F85AF327] - 29/03/2014 - 00:35:58 ---A- - C:\Windows\Prefetch\NIS.EXE-2E98D786.pf
O45 - LFCP:[MD5.DB2958C0629FB6AD72B84676B12280E7] - 29/03/2014 - 08:33:12 ---A- - C:\Windows\Prefetch\CORESYNC.EXE-828489DA.pf
~ Prefetcher: 9 Legitimates Filtered in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - bpsvc.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - browsersafeguard.exe - tasklist.exe =>PUP.BrowserSafeguard
O50 - IFEO:Image File Execution Options - dprotectsvc.exe - tasklist.exe =>Trojan.Staser
O50 - IFEO:Image File Execution Options - protectedsearch.exe - tasklist.exe =>Spyware.ProtectedSearch
O50 - IFEO:Image File Execution Options - rjatydimofu.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - searchprotection.exe - tasklist.exe =>Toolbar.Conduit
O50 - IFEO:Image File Execution Options - searchprotector.exe - tasklist.exe =>Toolbar.Conduit
O50 - IFEO:Image File Execution Options - snapdo.exe - tasklist.exe =>Hijacker.SmartBar
O50 - IFEO:Image File Execution Options - stinst32.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - stinst64.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - utiljumpflip.exe - tasklist.exe =>PUP.JumpFlip
~ IFEO: Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.D4E81658884AF5BA88CDBD150E5EC476] - 19/03/2012 - 12:29:16 ---A- . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\Drivers\ETD.sys [244560]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.88C43BDA9CF964600F6DF07F7C52452C] - 13/11/2013 - 11:49:06 ---A- . (.AnchorFree Inc. - Hotspot Shield Routing Driver.) -- C:\Windows\System32\Drivers\hssdrv6.sys [44744]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:[MD5.79C551E5775AF8F63D4B61F51E18D693] - 24/07/2013 - 03:15:22 ---A- . (.Anchorfree Inc. - Anchorfree HSS VPN Adapter.) -- C:\Windows\System32\Drivers\taphss6.sys [42184]
O58 - SDL:[MD5.C9E9D59C0099A9FF51697E9306A44240] - 13/12/2012 - 13:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:[MD5.9CE41B0A001A729F79285157CFD856BE] - 25/03/2014 - 19:44:29 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\wStLibG64.sys [61120] =>PUP.LinkiDoo
O58 - SDL:[MD5.B280C4608AC389DA9515A35AC4CAB0FD] - 24/06/2010 - 23:53:04 ---A- . (.http://libusb-win32.sourceforge.net - LibUSB-Win32 - Kernel Driver.) -- C:\Windows\SysWOW64\drivers\libusb0.sys [21504]
~ Drivers: 18 Legitimates Filtered in 00mn 04s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 28/03/2014 - 11:01:55 ---A- . (...) -- C:\Users\User\AppData\Roaming\IMVU\IMVULog.log.3 [8456]
O61 - LFC: 28/03/2014 - 11:01:58 ---A- . (...) -- C:\Users\User\Downloads\[Tekmatek] Tokyo Ravens - 11 HD(1280x720 x264).mp4 [336379590]
O61 - LFC: 28/03/2014 - 11:01:58 ---A- . (...) -- C:\Users\User\Downloads\[Tekmatek] Tokyo Ravens - 12 HD(1280x720 x264).mp4 [336580429]
O61 - LFC: 28/03/2014 - 11:01:58 ---A- . (...) -- C:\Users\User\Downloads\[Tekmatek] Tokyo Ravens - 13 HD(1280x720 x264).mp4 [336544165]
O61 - LFC: 28/03/2014 - 11:01:58 ---A- . (...) -- C:\Users\User\Downloads\[Tekmatek] Tokyo Ravens - 14 HD(1280x720 x264).mp4 [336540111]
O61 - LFC: 28/03/2014 - 11:01:58 ---A- . (...) -- C:\Users\User\Downloads\[Tekmatek] Tokyo Ravens - 15 HD(1280x720 x264).mp4 [336570293]
O61 - LFC: 28/03/2014 - 11:01:58 ---A- . (...) -- C:\Users\User\Downloads\[Tekmatek] Tokyo Ravens - 16 HD(1280x720 x264).mp4 [336702053]
O61 - LFC: 28/03/2014 - 11:01:58 ---A- . (...) -- C:\Users\User\Downloads\_Tekmatek__Tokyo_Ravens_-_10_HD(1280x720_x264) (1).mp4 [336659534]
O61 - LFC: 29/03/2014 - 11:01:55 ---A- . (...) -- C:\Users\User\AppData\Roaming\IMVU\IMVULog.log.2 [8598]
O61 - LFC: 29/03/2014 - 11:01:58 ---A- . (...) -- C:\Users\User\Downloads\[Tekmatek] Tokyo Ravens - 17 HD(1280x720 x264).mp4 [336308363]
O61 - LFC: 30/03/2014 - 11:01:55 ---A- . (...) -- C:\Users\User\AppData\Roaming\IMVU\IMVULog.log.1 [8598]
O61 - LFC: 30/03/2014 - 11:01:57 ---A- . (...) -- C:\Users\User\Downloads\adwcleaner.exe [1950720]
O61 - LFC: 30/03/2014 - 11:01:58 ---A- . (...) -- C:\Users\User\Downloads\[Tekmatek] Tokyo Ravens - 18 HD(1280x720 x264).mp4 [336739692]
O61 - LFC: 30/03/2014 - 11:01:58 ---A- . (...) -- C:\Users\User\Downloads\[Tekmatek] Tokyo Ravens - 19 HD(1280x720 x264).mp4 [336470985]
O61 - LFC: 30/03/2014 - 11:01:58 ---A- . (...) -- C:\Users\User\Downloads\[Tekmatek] Tokyo Ravens - 20 HD(1280x720 x264).mp4 [336723464]
O61 - LFC: 30/03/2014 - 11:01:58 ---A- . (...) -- C:\Users\User\Downloads\[Tekmatek] Tokyo Ravens - 21 HD(1280x720 x264).mp4 [336881075]
O61 - LFC: 30/03/2014 - 11:01:58 ---A- . (...) -- C:\Users\User\Downloads\[Tekmatek] Tokyo Ravens - 22 HD(1280x720 x264).mp4 [336926192]
O61 - LFC: 30/03/2014 - 11:01:58 ---A- . (...) -- C:\Users\User\Downloads\[Tekmatek] Tokyo Ravens - 23 HD(1280x720 x264) (1).mp4 [336838584]
O61 - LFC: 30/03/2014 - 11:01:58 ---A- . (...) -- C:\Users\User\Downloads\[Tekmatek] Tokyo Ravens - 23 HD(1280x720 x264).mp4 [336838584]
O61 - LFC: 31/03/2014 - 11:01:32 ---A- . (...) -- C:\Users\User\AppData\Local\Mozilla\updates\E7CF176E110C211B\active-update.xml [1437]
O61 - LFC: 31/03/2014 - 11:01:32 ---A- . (...) -- C:\Users\User\AppData\Local\Mozilla\updates\E7CF176E110C211B\updates.xml [4445]
O61 - LFC: 31/03/2014 - 11:01:32 ---A- . (...) -- C:\Users\User\AppData\Local\Mozilla\updates\E7CF176E110C211B\updates\0\update.mar [3900000]
O61 - LFC: 31/03/2014 - 11:01:32 ---A- . (...) -- C:\Users\User\AppData\Local\Mozilla\updates\E7CF176E110C211B\updates\0\update.status [12]
O61 - LFC: 31/03/2014 - 11:01:55 ---A- . (...) -- C:\Users\User\AppData\Roaming\IMVUClient\ui\profile\blocklist.xml [135]
O61 - LFC: 31/03/2014 - 11:01:55 ---A- . (...) -- C:\Users\User\AppData\Roaming\IMVUClient\ui\profile\cookies.sqlite [15360]
O61 - LFC: 31/03/2014 - 11:01:56 ---A- . (...) -- C:\Users\User\AppData\Roaming\IMVUClient\ui\profile\prefs.js [949]
O61 - LFC: 31/03/2014 - 11:01:57 ---A- . (...) -- C:\Users\User\AppData\Roaming\ZHP\Log.txt [18737] =>.Nicolas Coolman
O61 - LFC: 31/03/2014 - 11:01:57 ---A- . (...) -- C:\Users\User\AppData\Roaming\ZHP\TestsZHPDiag.txt [2826] =>.Nicolas Coolman
O61 - LFC: 31/03/2014 - 11:01:57 ---A- . (...) -- C:\Users\User\Downloads\Java.exe [400272]
~ 250 Fichiers temporaires (Temporary files)
~ Files: 705 Legitimates Filtered in 00mn 29s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 25/03/2014 - C:\Windows\System32\drivers\wStLibG64.sys (wStLibG64) .(.StdLib - StdLib.) - LEGACY_WSTLIBG64 =>PUP.LinkiDoo
~ Legacy: 110 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Not Key.)
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Mysearchdial) - http://start.mysearchdial.com =>Adware.MyWebSearch
O69 - SBI: SearchScopes [HKCU] {2C212073-D6F9-417C-BE52-336F974BCB25} - (Search) - http://search.ividi.org =>PUP.Ividi
O69 - SBI: SearchScopes [HKCU] {30F80CE2-3985-4EC3-A6AE-A19CA855FBF5} [DefaultScope] - (Recherche sécurisée) - http://fr.search.yahoo.com
O69 - SBI: SearchScopes [HKCU] {5670D8DE-E76F-489D-9136-3E99499411D6} - (AF-HSS Customized Web Search) - http://search.conduit.com
O69 - SBI: SearchScopes [HKCU] {81A7DDE8-B5F4-4922-8FA0-997A6C95B84C} - (Search the web (Softonic)) - http://search.softonic.com =>Adware.IMBooster
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.C6429DC5D5487500ABDCCBB1FC8B67BA] [SPRF][04/09/2013] (.Bandoo Media Inc - iLivid Install.) -- C:\Users\User\Desktop\Download Videos.exe [1624064] =>Adware.Bandoo
[MD5.A5978318DB20DE7E865A851CF51E6593] [SPRF][11/11/2013] (.Pas de propriétaire - VoiceMaster Setup.) -- C:\Users\User\Desktop\VMSetup.exe [1665255]
~ Files: 2 Legitimates Filtered in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{4AE55878-AFAA-44F2-9EDC-4CDC4D335782}" | In - None - P17 - TRUE | .(.Pas de propriétaire - USecuAppClient.) -- C:\Program Files\Acer\Acer Theft Shield\USecuAppClient.exe
O87 - FAEL: "{21B6EAC5-A9BC-4737-87B7-0B751620578F}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~2\IE\dtUser.exe (.not file.) =>PUP.Datamngr
O87 - FAEL: "{A0BC2F2E-1791-4AED-B109-6C9D22EC4B5C}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~2\IE\dtUser.exe (.not file.) =>PUP.Datamngr
O87 - FAEL: "{6C653EAD-51F5-46B0-BE73-E23D51EDB44E}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe (.not file.) =>Adware.RelevantKnowledge
O87 - FAEL: "{0854E779-A724-4C1F-AC37-B6947FC40680}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe (.not file.) =>Adware.RelevantKnowledge
O87 - FAEL: "{E98FDE30-B9BF-4A76-BA1F-F8A8B56EF932}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Iminent\Iminent.exe (.not file.) =>Adware.IMBooster
O87 - FAEL: "{66027819-FB5C-4F3A-A0BF-448751972ACF}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Iminent\Iminent.Messengers.exe (.not file.) =>Adware.IMBooster
O87 - FAEL: "{AF3BF453-F3B4-4098-A76A-A17687CB5052}" |In - Public - P6 - TRUE | .(...) -- C:\ProgramData\eSafe\eGdpSvc.exe (.not file.) =>PUP.eSafeSecurity
O87 - FAEL: "{E5B75019-DB19-427B-85A6-EB68F0D5751E}" |In - None - P17 - TRUE | .(...) -- C:\Users\User\AppData\Local\Torch\Application\torch.exe (.not file.)
O87 - FAEL: "{659C82F8-1221-413F-A744-F69F808CC146}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtuser.exe (.not file.) =>PUP.Datamngr
O87 - FAEL: "{5B4605BA-313C-484C-8516-F0AC594D8BDB}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtuser.exe (.not file.) =>PUP.Datamngr
~ Firewall: 244 Legitimates Filtered in 00mn 02s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "0C69D82C09A6E9540A776A07F6E40CCF" . (.Bing Bar.) -- C:\Windows\Installer\{C28D96C0-6A90-459E-A077-A6706F4EC0FC}\icon_installer_ico =>Toolbar.Bing
O90 - PUC: "8DFFC309FB5815A4A8D6B4BBAC43A6E6" . (.Boxore Client.) -- C:\Windows\Installer\{903CFFD8-85BF-4A51-8A6D-4BBBCA346A6E}\boxore.ico =>Adware.Boxore
O90 - PUC: "FE32D6C64E5BF9A4593602E811CBC2AC" . (.Sleep Memory Optimizer.) -- C:\Windows\Installer\{6C6D23EF-B5E4-4A9F-9563-208E11BC2CCA}\AOAC.ico
~ Update Products: 424 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.57CDCDBC271983274B71204F84474938] [WIS][07/02/2012] (.NTI Corporation - Media Maker.) -- C:\Windows\Installer\12165.msi [14190080]
[MD5.FD27033962C87183E39F38DB982AB9A3] [WIS][15/01/2014] (.Boxore OU - Boxore Client Installer.) -- C:\Windows\Installer\3592e7.msi [1896448] =>Adware.Boxore
[MD5.729CD9BDFEF2A0BADBBF9D71414BC52E] [WIS][17/09/2013] (.Iminent - Iminent.) -- C:\Windows\Installer\59f2eb0.msi [10227712] =>Adware.IMBooster
[MD5.6C2A473485E172E8BBEF920E56EF209F] [WIS][03/11/2013] (.Iminent - Iminent.) -- C:\Windows\Installer\6d8b553.msi [10248192] =>Adware.IMBooster
~ WIS: 429 Legitimates Filtered in 01mn 04s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 13/03/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 07/06/2011 191752 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.exe
SS - | Demand 23/04/2012 276248 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 21/06/2011 173424 | (EgisTec Ticket Service) . (.Egis Technology Inc..) - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
SS - | Demand 26/07/2013 655624 | (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SS - | Auto 31/03/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 31/03/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 15/03/2012 192856 | (irstrtsv) . (.Intel Corporation.) - C:\Windows\SysWOW64\irstrtsv.exe
SS - | Demand 25/12/2013 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 20/01/2012 149504 | (TurboBoost) . (.Intel(R) Corporation.) - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
SS - | Demand 01/03/2011 27648 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 06/06/2011 64952 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 12/02/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 12/05/2011 249648 | (BBUpdate) . (.Microsoft Corporation.) - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 21/03/2012 957216 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SR - | Auto 23/03/2012 355920 | (DsiWMIService) . (.Dritek System Inc..) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
SR - | Auto 07/02/2012 871296 | (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
SR - | Auto 11/01/2007 126464 | (EPSON_PM_RPCV4_01) . (.SEIKO EPSON CORPORATION.) - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.exe
SR - | Auto 17/02/2012 79664 | (ExpressCache) . (.Diskeeper Corporation.) - C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
SR - | Auto 12/03/2012 161384 | (FFSOpzSvc) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer Instant Service\Sleep Memory Optimizer\FFSService.exe
SR - | Auto 29/02/2012 28264 | (GREGService) . (.Acer Incorporated.) - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
SR - | Auto 01/02/2012 13592 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 07/12/2011 2429544 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
SR - | Auto 07/03/2012 629984 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Demand 21/02/2014 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 16/04/2012 164184 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 07/02/2012 255376 | (Live Updater Service) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
SR - | Auto 16/04/2012 276824 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 22/01/2014 123384 | (McAfee SiteAdvisor Service) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
SR - | Auto 12/03/2014 276376 | (NIS) . (.Symantec Corporation.) - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\NIS.exe
SR - | Auto 01/06/2010 2804568 | (NOBU) . (.Symantec Corporation.) - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe =>.Symantec Corporation
SR - | Auto 05/01/2012 256536 | (NTI IScheduleSvc) . (.NTI Corporation.) - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
SR - | Auto 04/03/2012 889664 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 04/03/2012 2458944 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 30/01/2010 260640 | (RS_Service) . (.Acer Incorporated.) - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
SR - | Auto 16/04/2012 362840 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 29/03/2014 348456 | (Update EnhanceTronic) . (...) - C:\Program Files (x86)\EnhanceTronic\updateEnhanceTronic.exe =>PUP.EnhanceTronic
SR - | Auto 07/06/2012 235664 | (USecuAppSvc) . (...) - C:\Program Files\Acer\Acer Theft Shield\USecuAppSvc.exe
SR - | Auto 28/03/2014 348456 | (Util EnhanceTronic) . (...) - C:\Program Files (x86)\EnhanceTronic\bin\utilEnhanceTronic.exe =>PUP.EnhanceTronic
SR - | Auto 26/07/2013 48128 | (wltrysvc) . (.Broadcom Corporation.) - C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 01/03/2011 27648 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 01mn 06s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by User at 31/03/2014 11:04:20
~ OS 64 not supported by MBR tool

~ MBR: 0 Legitimates Filtered in 00mn 00s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by User at 31/03/2014 11:04:22

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin

~ MBR: Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 13031 - (30/03/2014)
Clés trouvées (Keys found) : 15
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 4
Fichiers trouvés (Files found) : 33

[HKLM\SYSTEM\CurrentControlSet\Services\Update EnhanceTronic] =>PUP.EnhanceTronic^
[HKLM\SYSTEM\CurrentControlSet\Services\Util EnhanceTronic] =>PUP.EnhanceTronic^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{903CFFD8-85BF-4A51-8A6D-4BBBCA346A6E}] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Browsersafeguard] =>PUP.BrowserSafeguard^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\iVIDI Plugin] =>PUP.Ividi^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\qone8 Browser Protecter] =>Hijacker.Qone8^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160] =>Adware.PredictAd
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\HssSrv] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38D5CDD0A851B3940A43CC50ABBA251C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AAC05EAA51DC78A41A1DCE3B31038584] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{d1dac034-9fd9-4c13-a388-d2e10e57707f} =>PUP.Datamngr^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:BrowserSafeguard =>PUP.BrowserSafeguard^
C:\Program Files (x86)\iVIDI.org plugin =>PUP.Ividi^
C:\ProgramData\Datamngr =>PUP.Datamngr^
C:\Users\User\AppData\Roaming\OfferMosquito =>Toolbar.OfferMosquito^
C:\Users\User\AppData\Local\Software =>Adware.Boxore
C:\Program Files (x86)\EnhanceTronic\bin\XTLSApp.exe =>PUP.EnhanceTronic^
C:\Program Files (x86)\EnhanceTronic\updateEnhanceTronic.exe =>PUP.EnhanceTronic^
C:\Program Files (x86)\EnhanceTronic\bin\utilEnhanceTronic.exe =>PUP.EnhanceTronic^
[HKCU\Software\BrowsersafeguardInstalled] =>PUP.BrowserSafeguard^
[HKCU\Software\iVIDI Plugin] =>PUP.Ividi^
[HKCU\Software\iVIDI.org] =>PUP.Ividi^
[HKCU\Software\ividi] =>PUP.Ividi^
C:\Users\User\Desktop\Download Videos.exe =>Adware.Bandoo^
C:\Windows\Installer\3592e7.msi =>Adware.Boxore^
C:\Windows\Installer\59f2eb0.msi =>Adware.IMBooster^
C:\Windows\Installer\6d8b553.msi =>Adware.IMBooster^
C:\Users\User\AppData\Local\Temp\uninst1.exe =>PUP.Babylon
C:\Users\User\AppData\Local\Temp\BundleSweetIMSetup.exe =>PUP.SweetIM
C:\Users\User\AppData\Local\Temp\MybabylonTB.exe =>PUP.SweetIM
C:\Users\User\AppData\Local\Temp\IminentSetup-1-.exe =>Adware.IMBooster
C:\Users\User\AppData\Local\Temp\IminentSetup-1-[1].exe =>Adware.IMBooster
C:\Users\User\AppData\Local\Temp\WajamC.exe =>Toolbar.Wajam
C:\Users\User\AppData\Local\Temp\wajam_download.exe =>Toolbar.Wajam
C:\Users\User\AppData\Local\Temp\LollipopInstaller_somoto_14693.exe =>Adware.Lollipop
C:\Users\User\AppData\Local\Temp\air1635.exe =>PUP.DealPly
C:\Users\User\AppData\Local\Temp\air52E5.exe =>Adware.IMBooster
C:\Users\User\AppData\Local\Temp\mconduitinstaller.exe =>Toolbar.Conduit
C:\Users\User\AppData\Local\Temp\mism.exe =>Toolbar.Conduit
C:\Users\User\AppData\Local\Temp\UpdateCheckerSetup.exe =>Adware.MegaSearch
~ Additionnel Scan: 457247 Items scanned in 01mn 24s



---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.webs.com/apps/blog/show/42010462-pup-enhancetronic =>PUP.EnhanceTronic
http://nicolascoolman.webs.com/apps/blog/show/41011964-pup-awesomehp =>PUP.Awesomehp
http://nicolascoolman.webs.com/apps/blog/show/33067902-pup-ividi =>PUP.Ividi
http://nicolascoolman.webs.com/apps/blog/show/27232411-hijacker-proxy =>Hijacker.Proxy
http://nicolascoolman.webs.com/apps/blog/show/27583992-pup-datamngr =>PUP.Datamngr
http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo
http://nicolascoolman.webs.com/apps/blog/show/32799788-pup-browsersafeguard =>PUP.BrowserSafeguard
http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
http://nicolascoolman.webs.com/apps/blog/show/33262880-hijacker-qone8 =>Hijacker.Qone8
http://nicolascoolman.webs.com/apps/blog/show/32771797-trojan-staser =>Trojan.Staser
http://nicolascoolman.webs.com/apps/blog/show/33367156-spyware-protectedsearch =>Spyware.ProtectedSearch
http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
http://nicolascoolman.webs.com/apps/blog/show/26990375-hijacker-smartbar =>Hijacker.SmartBar
http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch =>Adware.MyWebSearch
http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
http://nicolascoolman.webs.com/apps/blog/show/27456165-adware-relevantknowledge =>Adware.RelevantKnowledge
http://nicolascoolman.webs.com/apps/blog/show/27588628-pup-esafesecurity =>PUP.eSafeSecurity
http://nicolascoolman.webs.com/apps/blog/show/27229962-adware-predictad =>Adware.PredictAd
http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma
http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
http://nicolascoolman.webs.com/apps/blog/show/26630902-adware-lollipop =>Adware.Lollipop
http://nicolascoolman.webs.com/apps/blog/show/28060597-pup-dealply =>PUP.DealPly
http://nicolascoolman.webs.com/apps/blog/show/26919368-adware-megasearch =>Adware.MegaSearch
~ MSI: 24 link(s) detected in 00mn 00s



~ 2448 Legitimates filtered by white list
End of the scan (703 lines in 06mn 19s)(0)

Publicité


Signaler le contenu de ce document

Publicité