cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2014.3.21.20 - Nicolas Coolman (21/03/2014)
~ Lancé par anass (21/03/2014 15:30:03)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16521
MFIE: Mozilla Firefox 27.0.1 (Defaut)
GCIE: Google Chrome v33.0.1750.154

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 8.1 Pro, 32-bit (Build 9600)
Windows Server License Manager Script : OK
~ ion : Windows(R) Operating System, VOLUME_MAK channel
Windows ID Activation : OK
~ Windows Partial Key : CKBDQ
Windows License : OK
~ Windows Remaining Initializations Number : 1000
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
avast! Internet Security v9.0.2013
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W8

---\\ Logiciels d'optimisation du système
CCleaner v4.11 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 ActiveX & Plugin

---\\ Informations sur le système
~ Processor: x86 Family 15 Model 4 Stepping 9, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 959 MB (14% free)
System Restore: Activé (Enable)
System drive C: has 42 GB (56%) free of 74 GB

---\\ Mode de connexion au système
~ Computer Name: RAYAN
~ User Name: anass
~ All Users Names: anass, Administrateur,
~ Unselected Option: O45,O61
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\anass\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\anass\AppData\Roaming\
~ %Desktop% : C:\Users\anass\Desktop\
~ %Favorites% : C:\Users\anass\Favorites\
~ %LocalAppData% : C:\Users\anass\AppData\Local\
~ %StartMenu% : C:\Users\anass\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 42 Go of 74 Go)
D: Floppy drive, Flash card reader, USB Key (Free 1 Go of 2 Go)
E: Floppy drive, Flash card reader, USB Key (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Free 4 Go of 7 Go)
I: CD-ROM drive (Not Inserted)
J: Floppy drive, Flash card reader, USB Key (Free 1 Go of 7 Go)
K: Floppy drive, Flash card reader, USB Key (Free 0 Go of 7 Go)
L: Floppy drive, Flash card reader, USB Key (Free 4 Go of 4 Go)



---\\ Etat du Centre de Sécurité Windows
~ Security Center: 50 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.1A0BC9598E4A58FC84570FFF5A108E58] - (.Microsoft Corporation - Explorateur Windows.) (.22/10/2013 - 07:03:47.) -- C:\Windows\Explorer.exe [2065448]
[MD5.02BC073156B3097E94D63C4D609020DD] - (.Microsoft Corporation - Application de démarrage de Windows.) (.22/08/2013 - 03:49:55.) -- C:\Windows\System32\Wininit.exe [112640]
[MD5.AAFEAB4FC9D70253F8C7E353E879E8A2] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.01/03/2014 - 03:32:16.) -- C:\Windows\System32\wininet.dll [1820160]
[MD5.94385F95EF948FB274A70DE3EDE5696D] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.22/08/2013 - 03:48:19.) -- C:\Windows\System32\Winlogon.exe [458752]
[MD5.BFB9E1202225113991F981D29BFB9029] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/12/2013 - 09:08:12.) -- C:\Windows\System32\sppcomapi.dll [438272]
[MD5.2AF7DA157FFF947A507FCB4AB8BB4C7C] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.22/08/2013 - 07:13:54.) -- C:\Windows\system32\Drivers\AFD.sys [455168]
[MD5.72FCAE2CE6DFEAB2AB072435017F3417] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 06:33:25.) -- C:\Windows\system32\Drivers\atapi.sys [23392]
[MD5.CE232BB0965C0C0B786C3F976CCBFB7D] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 05:11:55.) -- C:\Windows\system32\Drivers\Cdfs.sys [73728]
[MD5.E2FC132D48EA4E8B04432C33EFB77801] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 02:59:12.) -- C:\Windows\system32\Drivers\Cdrom.sys [124928]
[MD5.D4ADBFC2409EF883164F3AA49B22F366] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.22/08/2013 - 05:09:45.) -- C:\Windows\system32\Drivers\DfsC.sys [101376]
[MD5.A31901DE6A22EA67AB83AAF7036F98CC] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.22/08/2013 - 05:10:12.) -- C:\Windows\system32\Drivers\HDAudBus.sys [69632]
[MD5.5043E69532392A43549E5D41E22638AA] - (.Microsoft Corporation - Pilote de port i8042.) (.22/08/2013 - 05:10:59.) -- C:\Windows\system32\Drivers\i8042prt.sys [82944]
[MD5.FA6C94C754A566EA8A61D658932F32DE] - (.Microsoft Corporation - IP Network Address Translator.) (.27/11/2013 - 12:03:35.) -- C:\Windows\system32\Drivers\IpNat.sys [126976]
[MD5.9E030D5C03E68E0C78EA120212759D66] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.23/11/2013 - 07:09:50.) -- C:\Windows\system32\Drivers\MRxSmb.sys [332800]
[MD5.BC242922B0D08F61CF7C87FD08FAFA8B] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 05:08:26.) -- C:\Windows\system32\Drivers\netBT.sys [218624]
[MD5.AAAB5E1A700E4C55DC22D7805A731F6F] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.27/11/2013 - 15:30:34.) -- C:\Windows\system32\Drivers\ntfs.sys [1674584]
[MD5.4F30970F15ADCC382544B31D5D7E368E] - (.Microsoft Corporation - Pilote de port parallèle.) (.22/08/2013 - 05:11:49.) -- C:\Windows\system32\Drivers\Parport.sys [81408]
[MD5.C51AB62AB41A2E8560D12472B204CC00] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 05:07:36.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [81920]
[MD5.67E91843B0344411820A012063E876B2] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.22/08/2013 - 15:36:25.) -- C:\Windows\system32\Drivers\rdpdr.sys [143872]
[MD5.DB0C184142CF9FA1746F598A16EE92B2] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 07:13:54.) -- C:\Windows\system32\Drivers\tdx.sys [87040]
[MD5.CA3C52D981550DEA46576F9FFBA22C58] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.31/01/2014 - 15:04:24.) -- C:\Windows\system32\Drivers\volsnap.sys [265560]
~ Generic Processes: Scanned in 00mn 01s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/8
~ Mes musiques (My Musics) : 1/11
~ Mes Favoris (My Favorites) : 1/14
~ Mes Documents (My Documents) : 1/584
~ Mon Bureau (My Desktop) : 1/937
~ Menu demarrer (Programs) : 1/34
~ Hidden Files: Scanned in 00mn 05s



---\\ Processus lancés
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.2824]
[MD5.EE7C82B0D69F038245CECBCE9EC45A9A] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\system32\DllHost.exe [17760] [PID.3512]
[MD5.61A5597AB30F257BCC47A8E61711F039] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) -- C:\Windows\system32\taskhostex.exe [66632] [PID.2744]
[MD5.42433CDEC449D40F508752F2D487D8E4] - (.Microsoft Corporation - Host Process for Setting Synchronization.) -- C:\Windows\System32\SettingSyncHost.exe [478208] [PID.2996]
[MD5.3F98B594E5404311D464769733DF5125] - (.Zbshareware Lab - USB Disk Security.) -- C:\Program Files\USB Disk Security\USBGuard.exe [658632] [PID.3944]
[MD5.A78AAB0D2D70EF7DD56B7328AC502059] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096] [PID.2364]
[MD5.BAB9D34A58C9CA038B0E4589E1DD01AA] - (.Microsoft Corporation - SkyDrive Sync Engine Host.) -- C:\Windows\System32\skydrive.exe [671232] [PID.3708]
[MD5.6C4B88203FFE721C18B041DE1312C67A] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe [3825232] [PID.160]
[MD5.BD95E822E7A958BBCA842D078426A151] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe [269848] [PID.2216]
[MD5.D9184C5FF3FD526761D518A95ABA74A3] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [275568] [PID.3828]
[MD5.ACF60A53F8DD6C781E24112429C26E09] - (.Microsoft Corporation - Communications Service.) -- C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x86__8wekyb3d8bbwe\LiveComm.exe [138240] [PID.4052]
[MD5.8998A4837A47F16F27000C0A61EFC90D] - (.Microsoft Corporation - Runtime Broker.) -- C:\Windows\System32\RuntimeBroker.exe [29920] [PID.2508]
[MD5.41D2D33B604B97B3F0331FA693136053] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8356864] [PID.1880]
~ Processes Running: Scanned in 00mn 02s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\anass\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] http://isearch.avg.com
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
~ Google Browser: 15 Legitimates Filtered in 00mn 03s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M2 - MFEP: prefs.js [anass - i55hwjla.default\{96f454ea-9d38-474f-b504-56193e00c1a5}] [] uTorrentControl_v6 v10.28.0.100 (..) =>P2P.µTorrent
~ Firefox Browser: 11 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.linkzb.com
~ IE Browser: 9 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} . (.Adblock Plus - Adblock Plus Module.) -- C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
~ BHO: 8 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! Online Security - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: DriverNavigator.lnk . (.Easeware - DriverNavigator.) -- C:\Program Files\DriverNavigator\DriverNavigator\DriverNavigator.exe
O4 - GS\Desktop [Public]: REALTEK RTL8187 Wireless LAN Utility.lnk . (.Realtek - ReStart MFC Application.) -- C:\Program Files\REALTEK\RTL8187 Wireless LAN Utility\ReStart.exe
O4 - GS\Program [Public]: Desktop.lnk - Clé orpheline
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Server Manager.lnk . (.Microsoft Corporation - Server Manager.) -- C:\Windows\system32\ServerManager.exe
O4 - GS\QuickLaunch [anass]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [anass]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [anass]: mediAvatar Convertisseur Vidéo YouTube.lnk . (...) -- C:\Program Files\mediAvatar\YouTube Video Converter\VideoDownloader.exe
O4 - GS\QuickLaunch [anass]: SpeedUpMyPC.lnk . (.Uniblue Systems Limited - Uniblue SpeedUpMyPC.) -- C:\Program Files\Uniblue\SpeedUpMyPC\speedupmypc.exe =>PUP.SpeedUpMyPC
O4 - GS\QuickLaunch [anass]: Yahoo! Messenger.lnk . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O4 - GS\QuickLaunch [anass]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\anass\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\TaskBar [anass]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [anass]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [anass]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [anass]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [anass]: IDMan - Raccourci.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe
O4 - GS\Desktop [anass]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\anass\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 46 Legitimates Filtered in 00mn 04s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKLM\..\Run: [USB Security] . (.Zbshareware Lab - USB Disk Security.) -- C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKCU\..\Run: [CCleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>Piriform Ltd
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-21-3970391449-1408628387-1352652463-1001\..\Run: [CCleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>Piriform Ltd
O4 - HKUS\S-1-5-21-3970391449-1408628387-1352652463-1001\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} . (.Microsoft Corporation - Synchronisation des favoris ActiveSync.) -- C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -- Clé orpheline
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{0DC4A48F-9819-4814-823F-F1925FC4E2FB}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{0DC4A48F-9819-4814-823F-F1925FC4E2FB}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: LiveUpdate (LiveUpdateSvc) . (...) - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe (.not file.)
~ Services: 10 Legitimates Filtered in 00mn 28s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SpeedUpMyPC Maintenance.job [278] =>PUP.SpeedUpMyPC
~ Scheduled Task: 13 Legitimates Filtered in 00mn 20s



---\\ Logiciels installés (O42)
O42 - Logiciel: DriverNavigator - (...) [HKLM] -- DriverNavigator
~ Logic: 3 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\ADSRemoval]
[HKLM\Software\Conduit] =>Toolbar.Conduit
~ Key Software: 172 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 28/02/2014 - 18:08:20 - [0,609] ----D C:\Program Files\Conduit
O43 - CFD: 15/03/2014 - 21:12:44 - [4,962] ----D C:\Program Files\DriverNavigator
O43 - CFD: 09/03/2014 - 21:10:30 - [8,449] ----D C:\Program Files\Update Services
O43 - CFD: 28/02/2014 - 20:36:49 - [1,637] ----D C:\ProgramData\Conduit
O43 - CFD: 14/03/2014 - 18:09:08 - [0] ----D C:\ProgramData\ProductData
O43 - CFD: 23/02/2014 - 23:15:05 - [0] ----D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
O43 - CFD: 14/03/2014 - 18:02:26 - [0] ----D C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
O43 - CFD: 14/03/2014 - 18:01:57 - [0] ----D C:\ProgramData\{E1ED556E-3EA0-4F44-8BE7-CC5FB0F4B424}
O43 - CFD: 28/02/2014 - 18:17:43 - [2,520] ----D C:\Users\anass\AppData\Roaming\iSafe =>Trojan.Trojan.Staser
O43 - CFD: 14/03/2014 - 18:03:37 - [0,006] ----D C:\Users\anass\AppData\Roaming\ProductData
O43 - CFD: 25/02/2014 - 16:02:19 - [0] ----D C:\Users\anass\AppData\Local\Conduit
O43 - CFD: 15/03/2014 - 21:12:44 - [0,005] ----D C:\Users\anass\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DriverNavigator
~ Program Folder: 163 Legitimates Filtered in 00mn 42s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.827C8058C284FF0013E4462EFE2591A3] - 07/03/2014 - 19:15:24 ---A- . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\tapoas.sys [26112]
O44 - LFC:[MD5.E7249F315288E8C2070239C9619EF09A] - 09/03/2014 - 20:58:45 ---A- . (...) -- C:\Windows\System32\dfsrHealthReport.xsl [268640]
O44 - LFC:[MD5.275D8AE9B484BC1227FB46D9AE764B21] - 09/03/2014 - 20:58:45 ---A- . (...) -- C:\Windows\System32\dfsrPropagationReport.xsl [155741]
O44 - LFC:[MD5.5461E58CD5C26F88C9C032255529186E] - 09/03/2014 - 20:59:07 ---A- . (...) -- C:\Windows\System32\dsa.msc [145017]
O44 - LFC:[MD5.94FA9169B16F55ED50CC8C1DD01670D7] - 09/03/2014 - 20:59:25 ---A- . (...) -- C:\Windows\System32\dnsmgmt.msc [145867]
O44 - LFC:[MD5.BE056912A83D6EB356038E9C3615AA3F] - 09/03/2014 - 20:59:25 ---A- . (...) -- C:\Windows\System32\gpme.msc [146712]
O44 - LFC:[MD5.628DA3989F8B4818D14193EE9ADEF5E9] - 09/03/2014 - 20:59:34 ---A- . (...) -- C:\Windows\System32\dfsmgmt.msc [55953]
O44 - LFC:[MD5.72E3CE77346830245C1E4C056C4F105A] - 09/03/2014 - 20:59:34 ---A- . (...) -- C:\Windows\System32\gpmc.msc [146446]
O44 - LFC:[MD5.22A2EE35DCA70CDD992E2AFA8FCA4BCE] - 09/03/2014 - 20:59:39 ---A- . (...) -- C:\Windows\System32\dhcpmgmt.msc [146654]
O44 - LFC:[MD5.C6017C392C05F7591B7F8AD637FA27E3] - 09/03/2014 - 21:00:35 ---A- . (...) -- C:\Windows\System32\domain.msc [144951]
O44 - LFC:[MD5.B0BF5BB17DD94CABD6E2ACA9969F3F85] - 09/03/2014 - 21:01:59 ---A- . (...) -- C:\Windows\System32\CluAdmin.msc [150924]
O44 - LFC:[MD5.E5347BE896ECB7035CD9E956B070798E] - 09/03/2014 - 21:02:15 ---A- . (...) -- C:\Windows\System32\NfsConfigGuide.exe.config [989]
O44 - LFC:[MD5.EB0BF2792FE4166B6DCCD6AF9D85C12C] - 09/03/2014 - 21:02:15 ---A- . (...) -- C:\Windows\System32\ProvisionShare.exe.config [940]
O44 - LFC:[MD5.35211619BD9C641CD177C0D56B97D232] - 09/03/2014 - 21:02:15 ---A- . (...) -- C:\Windows\System32\ProvisionStorage.exe.config [933]
O44 - LFC:[MD5.A1BFDD9E014E623E6E1CF649EBC3387C] - 09/03/2014 - 21:02:15 ---A- . (...) -- C:\Windows\System32\StorageMgmt.dll.config [1702]
O44 - LFC:[MD5.754370C3905B1C6100EA0CE495814E56] - 09/03/2014 - 21:02:16 ---A- . (...) -- C:\Windows\System32\SetupNfsIdMap.exe.config [1048]
O44 - LFC:[MD5.6F55A10B36DE9FF7179AE4F4E165E0E3] - 09/03/2014 - 21:03:04 ---A- . (...) -- C:\Windows\System32\DefaultParameters.xml [3034]
O44 - LFC:[MD5.47C56A6C0FD134AB750F6275563BA4ED] - 09/03/2014 - 21:03:32 ---A- . (...) -- C:\Windows\System32\ClusterUpdateUI.exe.config [1151]
O44 - LFC:[MD5.4D0BE6D3CD64BBE32FF9D6DB13D78951] - 09/03/2014 - 21:03:47 ---A- . (...) -- C:\Windows\System32\pkiview.msc [144354]
O44 - LFC:[MD5.BE031F873B020516D9ADB8ACF46F0B14] - 09/03/2014 - 21:04:01 ---A- . (...) -- C:\Windows\System32\StorageMgmt.msc [108940]
O44 - LFC:[MD5.F0BAFA87FC4A9242DB76D6F2D9D1EB5E] - 09/03/2014 - 21:04:39 ---A- . (...) -- C:\Windows\System32\fsrm.msc [108461]
O44 - LFC:[MD5.664707579759CD95333095E18BBCC24D] - 09/03/2014 - 21:05:24 ---A- . (...) -- C:\Windows\System32\certsrv.msc [92853]
O44 - LFC:[MD5.21667C2BFA27EA2A8D1351D98E254B51] - 09/03/2014 - 21:05:25 ---A- . (...) -- C:\Windows\System32\ocsp.msc [92554]
O44 - LFC:[MD5.BE7F46EC594E7332FED8BCA678011EBF] - 09/03/2014 - 21:05:38 ---A- . (...) -- C:\Windows\System32\certtmpl.msc [145293]
O44 - LFC:[MD5.5206B9369267A6388CA7CD04641FB2BC] - 09/03/2014 - 21:05:42 ---A- . (...) -- C:\Windows\System32\lsdiag.msc [115237]
O44 - LFC:[MD5.AF045DD4E551DE7E2ECA3E8062C0BD55] - 09/03/2014 - 21:05:44 ---A- . (...) -- C:\Windows\System32\rrasmgmt.msc [34000]
O44 - LFC:[MD5.4B33DD71369D3F39C7C73CCF7A731059] - 09/03/2014 - 21:06:01 ---A- . (...) -- C:\Windows\System32\tsgateway.msc [115860]
O44 - LFC:[MD5.F034249730E90D7C38DE149D9AE1D42B] - 09/03/2014 - 21:06:03 ---A- . (...) -- C:\Windows\System32\gptedit.msc [146019]
O44 - LFC:[MD5.C7E3A604777230B1854D199B13710CA7] - 09/03/2014 - 21:06:06 ---A- . (...) -- C:\Windows\System32\FailoverClusters.SnapInHelper.msc [151743]
O44 - LFC:[MD5.0E65213C4D92C7E09A77DEB234763762] - 09/03/2014 - 21:06:17 ---A- . (...) -- C:\Windows\System32\LServer_PKConfig.xml [54530]
O44 - LFC:[MD5.73844A4BE5227D16A392F01E09D263C3] - 09/03/2014 - 21:09:57 ---A- . (...) -- C:\Windows\System32\adsiedit.msc [144380]
O44 - LFC:[MD5.10628D323F66944385629618C6D41E45] - 09/03/2014 - 21:09:58 ---A- . (...) -- C:\Windows\System32\dssite.msc [144646]
O44 - LFC:[MD5.83B391D95E7E785DED8EAE7102319753] - 09/03/2014 - 21:09:59 ---A- . (...) -- C:\Windows\System32\delegwiz.inf [4988]
O44 - LFC:[MD5.995C48AC8E3D8712CD4B8D784488CCA4] - 09/03/2014 - 21:10:03 ---A- . (...) -- C:\Windows\DfsrAdmin.exe.config [1315]
O44 - LFC:[MD5.85DFC6001905F7A301B42028F53EB18F] - 09/03/2014 - 21:10:03 ---A- . (...) -- C:\Windows\System32\DfsMgmt.dll.config [1311]
O44 - LFC:[MD5.B44178959B187EF47D8064926C13EC13] - 09/03/2014 - 21:10:04 ---A- . (...) -- C:\Windows\System32\dsac.exe.config [764]
O44 - LFC:[MD5.2100B28C34C4FCE916A4A61F58E31198] - 10/03/2014 - 11:06:53 ---A- . (...) -- C:\Windows\System32\connectedsearch-results.searchconnector-ms [9701]
O44 - LFC:[MD5.BB80546517CCE8EB7693C0934ADE76C8] - 11/03/2014 - 14:20:33 ---A- . (...) -- C:\Windows\A9600E.bat [2840]
O44 - LFC:[MD5.110BE5198A63D3FF3CE9C30F1DC12EC3] - 13/03/2014 - 15:24:45 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [386722]
O44 - LFC:[MD5.FA425C74CE2EB719B2A77A7A2ADDAE32] - 15/03/2014 - 22:35:28 ---A- . (.Pas de propriétaire - Lagarith.) -- C:\Windows\System32\LAGARITH.DLL [216064]
O44 - LFC:[MD5.A103FDF7348130EF3F3FEF56B1700A27] - 17/03/2014 - 17:47:05 ---A- . (...) -- C:\END [9]
~ Files: 507 Legitimates Filtered in 00mn 44s



---\\ Déni du service (Local Security Authority) (O48)
~ LSA: 3 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.CBE71C122434805CB73FFB6619F60598] - 16/07/2009 - 11:36:30 ---A- . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- C:\Windows\System32\Drivers\ASACPI.sys [13216]
O58 - SDL:[MD5.F385467DF95D0A73775CB3B076B8B969] - 02/03/2014 - 19:59:26 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [49944]
O58 - SDL:[MD5.1B0662514A68C3A42E60D240C5ABEF28] - 02/03/2014 - 19:59:26 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [180248]
O58 - SDL:[MD5.596DB7E4D0DB6AC32DF142C861001979] - 13/08/2013 - 00:25:32 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [16088]
O58 - SDL:[MD5.203BB2691E7D0088A2C1F9C39C15A9B7] - 28/11/2013 - 01:24:18 ---A- . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\Drivers\idmwfp.sys [108000]
O58 - SDL:[MD5.B4489EA5810BF73778CD8BDC305109CE] - 22/08/2013 - 06:32:57 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x86.) -- C:\Windows\System32\Drivers\stexstor.sys [26976]
O58 - SDL:[MD5.432D9D823C4C26B6070C41BAD4404CE4] - 22/08/2013 - 13:40:22 ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [35288]
O58 - SDL:[MD5.827C8058C284FF0013E4462EFE2591A3] - 15/07/2012 - 16:48:16 ---A- . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\tapoas.sys [26112]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 24/02/2014 - 19:39:39 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 24/02/2014 - 19:39:40 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 24/02/2014 - 19:39:39 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 24/02/2014 - 19:39:41 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 24/02/2014 - 19:39:41 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 24/02/2014 - 19:39:41 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 24/02/2014 - 19:39:40 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 24/02/2014 - 19:39:40 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 24/02/2014 - 19:39:40 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 24/02/2014 - 19:39:40 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.CB4EE86C87F4C03FAC7E14F30D57153E] - 24/02/2014 - 19:39:43 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33968]
O58 - SDL:[MD5.30A64B24DABF0483DDF6759D4F58A180] - 24/02/2014 - 19:39:40 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34688]
O58 - SDL:[MD5.112BFAEA0B8AD1AAB4484BBBE1DA9B40] - 24/02/2014 - 19:39:40 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.BE6FE759FC5B154243914AA330BAADE6] - 24/02/2014 - 19:39:40 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35552]
O58 - SDL:[MD5.37BA9F0CB578362516C64344ECEC8ADC] - 24/02/2014 - 19:39:40 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34688]
~ Drivers: 17 Legitimates Filtered in 00mn 06s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: prefs.js [anass - i55hwjla.default] user_pref("CT3289075.installType", "conduitnsisintegration");
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {65EF95E6-8814-4E9B-8951-5694AD50412F} - (uTorrentControl_v6 Customized Web Search) - http://search.conduit.com =>P2P.µTorrent
~ Keys: Scanned in 00mn 00s



---\\ Enumère les fichiers Crack & Keygen (CKF) (O82)
J:\traduction des films\Keygen.Womble EasySub 2.0.0.109.By_Sco\Keygen.exe
J:\traduction des films\Keygen.Womble EasySub 2.0.0.109.By_Sco\startimes.com.url
J:\traduction des films\Keygen.Womble EasySub 2.0.0.109.By_Sco.rar
J:\traduction des films\Womble EasySub 2.0.0.109.By_Sco\Keygen\Keygen.exe
J:\driver nav\Driver Navigator PreCracked 3.4.5.4275 by sayid_eldalam_elghamed\Driver Navigator PreCracked 3.4.5.4275.exe
~ Files: Scanned in 00mn 48s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "125A162AFDFAEB84DBD5887E419870F7" . (.PDF-XChange Editor.) -- C:\Windows\Installer\{A261A521-AFDF-48BE-BD5D-88E71489077F}\AppIco
~ Update Products: 50 Legitimates Filtered in 00mn 00s



---\\ Enumère les données de la clé NameSpace (MNS) (O92)
O92 - MNS: - {1CF1260C-4DD0-4ebb-811F-33C572699FDE}
O92 - MNS: - {374DE290-123F-4565-9164-39C4925E467B}
O92 - MNS: - {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}
O92 - MNS: - {A0953C92-50DC-43bf-BE83-3742FED03C9C}
O92 - MNS: - {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}
O92 - MNS: - {B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
~ MNS: 7 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.E98191118C3BCA9AA39665203D740156] [WIS][26/12/2013] (.Tracker Software Products (Canada) Ltd. - PDF-XChange Editor (x86).) -- C:\Windows\Installer\11b90e.msi [25554944]
~ WIS: 51 Legitimates Filtered in 00mn 19s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 02/03/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 02/03/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 21/02/2014 553288 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Auto 10/07/1658 0 | (LiveUpdateSvc) . (...) - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
SS - | Demand 13/02/2014 118896 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 08/04/2008 800040 | (NBService) . (.Nero AG.) - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
SS - | Demand 22/01/2008 275752 | (NMIndexingService) . (.Nero AG.) - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Demand 22/08/2013 31552 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 12/02/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 02/03/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 02/03/2014 113704 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 19/12/2006 81920 | (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc..) - C:\Windows\system32\IoctlSvc.exe
SR - | Auto 07/12/2009 40960 | (Realtek87B) . (.Realtek.) - C:\Program Files\REALTEK\RTL8187 Wireless LAN Utility\RtlService.exe
SR - | Demand 31/10/2013 22224 | (WinDefend) . (.Microsoft Corporation.) - C:\Program Files\Windows Defender\MsMpEng.exe

~ Services: Scanned in 00mn 25s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net

~ MBR: 1 Legitimates Filtered in 00mn 02s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by anass at 21/03/2014 15:35:10

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin

~ MBR: Scanned in 00mn 04s



---\\ Scan Additionnel (O88)
Database Version : 13031 - (21/03/2014)
Clés trouvées (Keys found) : 9
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 9
Fichiers trouvés (Files found) : 3

[HKLM\Software\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}] =>Adware.iWinArcade
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1] =>PUP.SpeedUpMyPC
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494] =>Adware.IMBooster
[HKLM\Software\Classes\SpeedUpMyPC] =>PUP.SpeedUpMyPC
[HKLM\Software\Classes\Toolbar.CT3289075] =>Toolbar.Conduit
C:\Users\anass\AppData\Roaming\Mozilla\Firefox\Profiles\i55hwjla.default\extensions\{96f454ea-9d38-474f-b504-56193e00c1a5} =>P2P.µTorrent^
C:\Users\anass\AppData\Roaming\iSafe =>Trojan.Trojan.Staser^
C:\Program Files\Conduit =>Toolbar.Conduit
C:\ProgramData\Conduit =>Toolbar.Conduit
C:\Users\anass\AppData\Local\Conduit =>Toolbar.Conduit
C:\Users\anass\AppData\LocalLow\Conduit =>Toolbar.Conduit
C:\Users\anass\AppData\LocalLow\pandasecuritytb =>Toolbar.Agent
C:\Users\anass\AppData\LocalLow\PriceGong =>Adware.PriceGong
C:\Users\anass\AppData\Roaming\Mozilla\Firefox\Profiles\i55hwjla.default\Smartbar =>Hijacker.SmartBar
C:\Windows\Tasks\SpeedUpMyPC Maintenance.job =>PUP.SpeedUpMyPC^
[HKCU\Software\Conduit] =>Toolbar.Conduit^
[HKLM\Software\Conduit] =>Toolbar.Conduit^
~ Additionnel Scan: 285891 Items scanned in 01mn 51s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/32771797-trojan-staser =>Trojan.Staser
~ http://nicolascoolman.webs.com/apps/blog/show/28766471-adware-iwinarcade =>Adware.iWinArcade
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/26666995-adware-pricegong =>Adware.PriceGong
~ http://nicolascoolman.webs.com/apps/blog/show/26990375-hijacker-smartbar =>Hijacker.SmartBar
~ MSI: 6 link(s) detected in 01mn 51s



~ 1375 Legitimates filtered by white list
End of the scan (529 lines in 07mn 00s)(5)

Publicité


Signaler le contenu de ce document

Publicité