cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2014.4.25.44 - Nicolas Coolman (25/04/2014)
~ Lancé par Paul (26/04/2014 00:57:21)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16863
MFIE: Mozilla Firefox 28.0 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 8 Pro, 64-bit (Build 9200)
Windows Server License Manager Script : OK
~ Windows(R) Operating System, RETAIL channel
Windows ID Activation : OK
~ Windows Partial Key : PRYQH
Windows License : OK
~ Windows Remaining Initializations Number : 1000
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
Emsisoft Anti-Malware
Malwarebytes Anti-Malware version 2.0.1.1004
McAfee Security Scan Plus v3.0.285.6
Spybot - Search & Destroy v2.1.19
Windows Defender W8

---\\ Logiciels d'optimisation du système
CCleaner v4.12 =>.Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 13 Plugin
Java 7 Update 55

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4087 MB (55% free)
System Restore: Activé (Enable)
System drive C: has 272 GB (82%) free of 331 GB

---\\ Mode de connexion au système
~ Computer Name: PAUL-PC
~ User Name: Paul
~ All Users Names: UpdatusUser, Paul, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Paul\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Paul\AppData\Roaming\
~ %Desktop% : C:\Users\Paul\Desktop\
~ %Favorites% : C:\Users\Paul\Favorites\
~ %LocalAppData% : C:\Users\Paul\AppData\Local\
~ %StartMenu% : C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 272 Go of 331 Go)
D: Hard drive, Flash drive, Thumb drive (Free 204 Go of 298 Go)
E: Hard drive, Flash drive, Thumb drive (Free 97 Go of 115 Go)
F: CD-ROM drive (Not Inserted)
G: CD-ROM drive (Not Inserted)
H: CD-ROM drive (Not Inserted)
I: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
J: Hard drive, Flash drive, Thumb drive (Free 293 Go of 298 Go)
K: Floppy drive, Flash card reader, USB Key (Free 0 Go of 4 Go)
L: Floppy drive, Flash card reader, USB Key (Not Inserted)
M: Floppy drive, Flash card reader, USB Key (Not Inserted)
N: Hard drive, Flash drive, Thumb drive (Free 300 Go of 303 Go)
O: Floppy drive, Flash card reader, USB Key (Not Inserted)
P: Floppy drive, Flash card reader, USB Key (Not Inserted)
Q: Floppy drive, Flash card reader, USB Key (Not Inserted)
R: Hard drive, Flash drive, Thumb drive (Free 414 Go of 466 Go)
S: Hard drive, Flash drive, Thumb drive (Free 43 Go of 239 Go)
T: Hard drive, Flash drive, Thumb drive (Free 125 Go of 227 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
~ Security Center: 40 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Explorateur Windows.) (.01/06/2013 - 12:34:21.) -- C:\Windows\Explorer.exe [2391280]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.2B7920C7885AC45FD0E27DD860F095A1] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.07/03/2014 - 01:08:30.) -- C:\Windows\System32\wininet.dll [2240000]
[MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.11/10/2012 - 06:46:58.) -- C:\Windows\System32\Winlogon.exe [517120]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.7C0E0EDF18D6CC565D7BFBB451709FA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.04/09/2013 - 04:11:23.) -- C:\Windows\system32\Drivers\AFD.sys [576512]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.431141C6859990824D17F71C30A78728] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.16/01/2014 - 00:42:58.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 07:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.7A761AEE58658378BBA45D360F874CB0] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.27/02/2014 - 00:18:55.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.7BE3EDFFA3216F989A6BDCB14795DD08] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.27/01/2014 - 04:39:40.) -- C:\Windows\system32\Drivers\ntfs.sys [1939288]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.78A5BBA3819FFFC62FFEC3E2220D102D] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.01/06/2013 - 12:26:33.) -- C:\Windows\system32\Drivers\volsnap.sys [327936]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/16
~ Mes Videos (My Videos) : 1/9
~ Mes Favoris (My Favorites) : 1/74
~ Mes Documents (My Documents) : 2/223
~ Mon Bureau (My Desktop) : 1/71
~ Menu demarrer (Programs) : 1/37
~ Hidden Files: Scanned in 00mn 00s



---\\ Processus lancés
[MD5.299010E02918CE78E6A9839850928E69] - (...) -- C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe [525248] [PID.2088]
[MD5.0C1B9705E4013B62F01EF25EA896CA01] - (.Orange - Executable Orange Inside.) -- C:\Users\Paul\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe [1530008] [PID.2120]
[MD5.41AD6110110A2E89957F831DCBFAF892] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [6963512] [PID.2308]
[MD5.4F46EA70C7579052F764D0F9B81D23C2] - (.NVIDIA Corporation - NVIDIA Update Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1797064] [PID.1364]
[MD5.DFB13D3470844B6770FFB87DFC9FD340] - (.Orange - MailNotifier.) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe [884744] [PID.3396]
[MD5.A2C1288BD3DEDE03B2327E5972678C2E] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe [271808] [PID.3964]
[MD5.FA8FB2B33674A67A7BA5714C5B1D7AA0] - (.Tlapia - sysTPL.) -- C:\Program Files (x86)\sysTPL\sysTPL.exe [872560] [PID.4140]
[MD5.8FFDB89A0FB7C8ABC3A8825E38047341] - (.Logitech Inc. - Logitech Webcam Software.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136] [PID.4540]
[MD5.09E9425AD8C61664A37ED84B8B58BDCF] - (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3830224] [PID.4376]
[MD5.468B5FBD53D2C6F79964355327BBDBE1] - (.Emsisoft GmbH - Background Guard.) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe [4330432] [PID.1624]
[MD5.E4C53CE8409DCFF708C790A0AC76398D] - (...) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe [264040] [PID.5656]
[MD5.8E556A72D54F7E3B7844AB9217F02DD7] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.4404]
[MD5.CBA0013EBDE3F0B08B043F61857E9809] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [18544] [PID.3204]
[MD5.2F777711F4A380AACADBB85A3E7EBFCB] - (.Adobe Systems, Inc. - Adobe Flash Player 13.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe [1864368] [PID.2616]
[MD5.D92A40FE27C4DA704AB74083FEDAFD4E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7869440] [PID.4028]
[MD5.133E9D8945F8ADAA60101902DB7467B3] - (.Emsisoft GmbH - Emsisoft Anti-Malware Service.) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4163584] [PID.896]
[MD5.CDA9313E34887A111B8309B55BCDCD82] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [411936] [PID.120]
[MD5.67A95B9D129ED5399E7965CD09CF30E7] - (.Logitech Inc. - Logitech User mode UMVPF service.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848] [PID.1252]
[MD5.0D2DA1C6D8ED85F51E3758EAE22455F2] - (...) -- C:\Windows\SysWOW64\XSrvSetup.exe [72280] [PID.1888]
[MD5.0E08BDD7326E657D59DB40BAD23D8169] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720] [PID.1188]
[MD5.A8E7F3DB083EB0839DFC1C763CDD2594] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912] [PID.848]
[MD5.95AA9E165C7DE1B64A11E8B18E91E499] - (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560] [PID.1700]
[MD5.53E7C464578C196424128CAA4050F4A3] - (.Tlapia - sysTPLMonitor.) -- C:\Program Files (x86)\sysTPL\sysTPLMonitor.exe [399640] [PID.2296]
[MD5.D31398D4BB4907B517B6E784C2100C4A] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688] [PID.2400]
[MD5.6AE8E702D1027A9627DDE2B77BB9992B] - (.Safer-Networking Ltd. - Windows Security Center integration..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928] [PID.3212]
[MD5.7A6A1B5E88506A6195D7CC938E1A3A31] - (.Tlapia - sysTPLService.) -- C:\Program Files (x86)\sysTPL\sysTPLService.exe [400664] [PID.2444]
[MD5.13AA2130F2A104DD775EAD0F0EE5417B] - (.Nero AG - NeroUpdate.) -- C:\Program Files (x86)\Nero\Update\NASvc.exe [598312] [PID.412]
[MD5.AA130938A27BB80A8B6438EF83232275] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1364256] [PID.3784]
~ Processes Running: Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\bubxx7ob.default\prefs.js
C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\bubxx7ob.default\user.js
M2 - MFEP: prefs.js [Paul - bubxx7ob.default\ca@dictionaries.addons.mozilla.org] [] Diccionari català (general) v2.5.0 (..)
M2 - MFEP: prefs.js [Paul - bubxx7ob.default\es-es@dictionaries.addons.mozilla.org] [] Diccionario de Español/España v1.7 (..)
M2 - MFEP: prefs.js [Paul - bubxx7ob.default\{9549c857-8c2b-4ece-a142-07fc07e52a39}] [] QuickShare Widget v4.3.7.0 (..) =>PUP.QuickShare
~ Firefox Browser: 13 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8877 =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 04s
~ Nombre de lignes (Lines number): 15516



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D3028143-6145-4318-99D3-3EDCE54A95A9} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: 3D Vision Photo Viewer.lnk . (.NVIDIA Corporation - NVIDIA 3D Vision Photo Viewer.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe
O4 - GS\Desktop [Public]: Canon CanoScan LiDE 210 Manuel en ligne.lnk . (.CANON INC. - Easy Guide Viewer.) -- C:\Program Files (x86)\Canon\IJ Manual\Easy Guide Viewer\cmview.exe
O4 - GS\Desktop [Public]: Canon iP7200 series Manuel en ligne.lnk . (.CANON INC. - Easy Guide Viewer.) -- C:\Program Files (x86)\Canon\IJ Manual\Easy Guide Viewer\cmview.exe
O4 - GS\Desktop [Public]: Canon Quick Menu.lnk . (.CANON INC. - Canon Quick Menu.) -- C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.exe
O4 - GS\Desktop [Public]: Emsisoft Anti-Malware.lnk . (.Emsisoft GmbH - Security Center.) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2start.exe
O4 - GS\Desktop [Public]: IObit Unlocker.lnk . (.IObit - IObitUnlocker.) -- C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.exe
O4 - GS\Desktop [Public]: MAGIX Photo & Graphic Designer 2013.lnk . (.Xara Group Ltd. - Photo & Graphic Designer MX.) -- C:\Program Files (x86)\MAGIX\Photo Graphic Designer 2013\PhotoGraphicDesigner.exe
O4 - GS\Desktop [Public]: McAfee Security Scan Plus.lnk . (.McAfee, Inc. - McAfee.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.285\mcuicnt.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: Mz RAM Booster.lnk . (.Mz Ultimate Tools - Mz RAM Booster.) -- C:\Program Files\Mz Ultimate Tools\Mz RAM Booster\MzRAMBooster.exe
O4 - GS\Desktop [Public]: Orange Portail.lnk . (...) -- C:\Program Files\Orange\Orange Portail.exe
O4 - GS\Desktop [Public]: Spybot-S&D Start Center.lnk . (.Safer-Networking Ltd. - Start Center.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
O4 - GS\Program [Public]: Desktop.lnk - Clé orpheline
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Spybot-S&D Start Center.lnk . (.Safer-Networking Ltd. - Start Center.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
O4 - GS\QuickLaunch [Paul]: Emsisoft Anti-Malware.lnk . (.Emsisoft GmbH - Security Center.) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2start.exe
O4 - GS\QuickLaunch [Paul]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Paul]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Paul]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Paul]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [Paul]: Social Games.lnk - Clé orpheline
O4 - GS\Desktop [Paul]: capture d'écran.lnk . (.Microsoft Corporation - Outil Capture d’écran.) -- C:\WINDOWS\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Desktop [Paul]: ChkFlsh.exe - Raccourci.lnk . (...) -- E:\Copie disque D\Check Flash\ChkFlsh.exe
O4 - GS\Desktop [Paul]: Continue AdwCleaner.lnk . (...) -- C:\Users\Paul\Downloads\AdwCleaner.exe (.not file.)
O4 - GS\Desktop [Paul]: EasyBCD - Raccourci.lnk . (.NeoSmart Technologies - EasyBCD.) -- C:\Program Files (x86)\NeoSmart Technologies\EasyBCD\EasyBCD.exe
O4 - GS\Desktop [Paul]: iexplorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Paul]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Paul]: MP Navigator EX 4.0.lnk . (.CANON INC. - Canon MP Navigator EX.) -- C:\Program Files (x86)\Canon\MP Navigator EX 4.0\mpnex40.exe
O4 - GS\Desktop [Paul]: Orange Player.lnk . (.Microsoft Corporation - Microsoft Silverlight Out-of-Browser Launch.) -- C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe
O4 - GS\Desktop [Paul]: RecentPlaces.lnk - Clé orpheline
O4 - GS\Desktop [Paul]: SIWPortable.exe.lnk . (.Topala Software Solutions - System Information.) -- C:\SIWPortable\SIWPortable.exe
O4 - GS\Desktop [Paul]: XnView.lnk . (.XnView, http://www.xnview.com - XnView for Windows.) -- C:\Program Files (x86)\XnView\xnview.exe
~ Global Startup: 81 Legitimates Filtered in 00mn 00s



---\\ Applications lancées au démarrage du système (O4)
O4 - GS\Startup [Public]: McAfee Security Scan Plus.lnk . (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
O4 - GS\Startup [Paul]: Logitech . Enregistrement du produit.lnk . (.Leader Technologies/Logitech - Product Registration.) -- C:\Program Files (x86)\Logitech\Ereg\eReg.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA Update Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
O4 - HKCU\..\Run: [ISUSPM Startup] . (.InstallShield Software Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
O4 - HKCU\..\Run: [Tomtomax MaxiBox] . (.Tomtomax & KoakDesign - Le logiciel de personnalisation de votre GP.) -- C:\Program Files (x86)\Tomtomax Maxi-Box V3\Tomtomax_MaxiBox.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [Orange Installer] . (...) -- C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe
O4 - HKCU\..\Run: [OrangeInside] . (.Orange - Executable Orange Inside.) -- C:\Users\Paul\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
O4 - HKCU\..\Run: [MailNotifier] . (.Orange - MailNotifier.) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
O4 - HKLM\..\Wow6432Node\Run: [ISUSScheduler] . (.InstallShield Software Corporation - InstallShield Update Service Scheduler.) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
O4 - HKLM\..\Wow6432Node\Run: [JMB36X IDE Setup] . (...) -- C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Wow6432Node\Run: [NBAgent] . (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
O4 - HKLM\..\Wow6432Node\Run: [sysTPL] . (.Tlapia - sysTPL.) -- C:\Program Files (x86)\sysTPL\sysTPL.exe
O4 - HKLM\..\Wow6432Node\Run: [CanonQuickMenu] . (.CANON INC. - Canon Quick Menu.) -- C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.exe
O4 - HKLM\..\Wow6432Node\Run: [LWS] . (.Logitech Inc. - Logitech Webcam Software.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe =>.Logitech Inc
O4 - HKLM\..\Wow6432Node\Run: [SDTray] . (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
O4 - HKLM\..\Wow6432Node\Run: [FLxHCIm64] . (.Windows (R) Win 7 DDK provider - Fresco Logic.) -- C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe
O4 - HKLM\..\Wow6432Node\Run: [emsisoft anti-malware] . (.Emsisoft GmbH - Background Guard.) -- c:\program files (x86)\emsisoft anti-malware\a2guard.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKUS\S-1-5-21-3984839466-2251628970-3961379862-1000\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
O4 - HKUS\S-1-5-21-3984839466-2251628970-3961379862-1000\..\Run: [ISUSPM Startup] . (.InstallShield Software Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
O4 - HKUS\S-1-5-21-3984839466-2251628970-3961379862-1000\..\Run: [Tomtomax MaxiBox] . (.Tomtomax & KoakDesign - Le logiciel de personnalisation de votre GP.) -- C:\Program Files (x86)\Tomtomax Maxi-Box V3\Tomtomax_MaxiBox.exe
O4 - HKUS\S-1-5-21-3984839466-2251628970-3961379862-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3984839466-2251628970-3961379862-1000\..\Run: [Orange Installer] . (...) -- C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe
O4 - HKUS\S-1-5-21-3984839466-2251628970-3961379862-1000\..\Run: [OrangeInside] . (.Orange - Executable Orange Inside.) -- C:\Users\Paul\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
O4 - HKUS\S-1-5-21-3984839466-2251628970-3961379862-1000\..\Run: [MailNotifier] . (.Orange - MailNotifier.) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
~ Application: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A12505E2-D158-453D-A16B-DC88FEF261C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A12505E2-D158-453D-A16B-DC88FEF261C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: JMB36X (JMB36X) . (...) - C:\Windows\SysWOW64\XSrvSetup.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd. - Windows Security Center integration..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
~ Services: 16 Legitimates Filtered in 00mn 09s



---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [{2DB3F636-E59B-4E0B-AA55-BCEA4DAEAFA0}] (...) -- G:\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{408054C9-8E16-44F6-9486-6A2E927ECB6F}] (...) -- G:\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B05B1051-3506-4BC3-99F1-1EC77B618A58}] (...) -- G:\setup.exe (.not file.) [0]
~ Scheduled Task: 11 Legitimates Filtered in 00mn 02s



---\\ Logiciels installés (O42)
O42 - Logiciel: QuickShare - (.Linkury Inc..) [HKLM][64Bits] -- {CC1C2EE8-8E03-4D79-9758-C208D4438A3E} =>PUP.QuickShare
O42 - Logiciel: ViewPassword - (.ViewPassword-software.) [HKLM][64Bits] -- 5A7A58AD-FD66-8003-0AFD-4C1A7BC3CC47 =>PUP.ViewPassword
~ Logic: 7 Legitimates Filtered in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 29/08/2013 - 03:09:20 - [0] -SH-D C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
~ Program Folder: 156 Legitimates Filtered in 00mn 00s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.110BE5198A63D3FF3CE9C30F1DC12EC3] - 17/04/2014 - 22:18:45 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [386722]
O44 - LFC:[MD5.602E2B2BA0F42A4E850BF282ABAA771F] - 18/04/2014 - 01:22:34 ---A- . (...) -- C:\WinUpdateFix.txt [1341]
O44 - LFC:[MD5.0EC1B3C9278D80D37A9366AFB875B89B] - 25/04/2014 - 21:32:22 ---A- . (...) -- C:\Windows\System32\lvcoinst.log [10939]
O44 - LFC:[MD5.97BBB428B2BB17572CD4334499A99D91] - 25/04/2014 - 21:36:38 ---A- . (...) -- C:\Windows\comsetup.log [3145]
O44 - LFC:[MD5.D44D2EF9D0D24211AAF4E96D6A6B3496] - 25/04/2014 - 21:41:51 ---A- . (...) -- C:\Windows\DtcInstall.log [1424]
O44 - LFC:[MD5.E05F0C5A4055B3A5E7710B0217D28E48] - 25/04/2014 - 21:42:42 ---A- . (...) -- C:\Windows\diagerr.xml [87633]
O44 - LFC:[MD5.E05F0C5A4055B3A5E7710B0217D28E48] - 25/04/2014 - 21:42:42 ---A- . (...) -- C:\Windows\diagwrn.xml [87633]
O44 - LFC:[MD5.E1E0DC614F44C4DEDFAB709F9D2F8A16] - 25/04/2014 - 23:51:24 ---A- . (...) -- C:\Windows\System32\vmguest.iso [27901952]
~ Files: 63 Legitimates Filtered in 00mn 01s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\CleanHlp.sys . (...) -- C:\Windows\System32\Drivers\CleanHlp.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\CleanHlp.sys . (...) -- C:\Windows\System32\Drivers\CleanHlp.sys (.not file.)
~ CSB: 19 Legitimates Filtered in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - backitup.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - cautog.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - cnqmmain.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - des2.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - isuspm.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - lightscribecontrolpanel.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - lslauncher.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - setup.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - tomtomax_maxibox.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - unins000.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
~ IFEO: Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
~ MWPS: 18 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:27/04/2010 - 10:56:38 ---A- . (...) -- C:\Windows\System32\Drivers\AppleCharger.sys [21544]
O58 - SDL:26/07/2012 - 06:00:55 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [30960]
~ Drivers: 48 Legitimates Filtered in 00mn 00s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {19A30CF1-AE93-474b-A1B9-18E552D5DB21} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} [DefaultScope] - (Orange) - http://r.orange.fr
O69 - SBI: SearchScopes [HKCU] {975E1516-4EE3-424b-8CCC-CB2088BA8634} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {ADEFE317-2F4C-43dd-9CBB-9733810AC211} - (Yahoo) - http://fr.search.yahoo.com
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.DB5110BB3741F6176730E433131B0008] [SPRF][28/08/2013] (.Mz Ultimate Tools - RAM Optimization Utility.) -- C:\Users\Paul\Desktop\mzram.exe [1351786]
~ Files: 4 Legitimates Filtered in 00mn 00s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "8D5F0AB8F12DD3A46B6E686D1791BD47" . (.IObit Toolbar v7.6.) -- C:\WINDOWS\Installer\{8BA0F5D8-D21F-4A3D-B6E6-86D67119DB74}\ARPPRODUCTICON.exe =>PUP.Dealio
~ Update Products: 1 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.4AFAA1ED6A27FFEEE76EA2B7643B6309] [WIS][28/08/2013] (.DealPly Technologies Ltd - Google Update Helper.) -- C:\Windows\Installer\6957ad.msi [40960] =>PUP.DealPly
~ WIS: 1 Legitimates Filtered in 00mn 02s



---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Microsoft\Tracing\CCleaner64_RASAPI32 =>.Piriform Ltd
HKLM\SOFTWARE\Microsoft\Tracing\CCleaner64_RASMANCS =>.Piriform Ltd
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\appshat-distribution_RASAPI32 =>PUP.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabMaint_RASAPI32 =>Hijacker.BabSolution
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabMaint_RASMANCS =>Hijacker.BabSolution
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\biclient_RASAPI32 =>Adware.MegaSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\bi_client_RASAPI32 =>Adware.MegaSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LollipopInstaller_RASAPI32 =>Adware.Lollipop
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LollipopInstaller_somoto_14693_RASAPI32 =>Adware.Lollipop
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Lollipop_RASAPI32 =>Adware.Lollipop
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ViewPasswordFIX_RASAPI32 =>PUP.ViewPassword
~ BTK: 163 Legitimates Filtered in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 25/04/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 06/04/2010 31272 | (AppleChargerSrv) . (...) - C:\Windows\System32\AppleChargerSrv.exe
SS - | Disabled 17/06/2009 68136 | (DES2 Service) . (...) - C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
SS - | Demand 03/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SS - | Disabled 28/03/2012 140456 | (IJPLMSVC) . (...) - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.exe
SS - | Disabled 04/03/2011 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
SS - | Demand 05/09/2012 234776 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe
SS - | Demand 02/04/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 21/01/2014 699912 | (Orange update Core Service) . (.Orange SA.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
SS - | Demand 11/06/2012 724376 | (ServiceLayer) . (.Nokia.) - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
SS - | Auto 20/09/2012 29696 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 26/02/2014 4163584 | (a2AntiMalware) . (.Emsisoft GmbH.) - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
SR - | Auto 07/09/2010 72280 | (JMB36X) . (...) - C:\Windows\SysWOW64\XSrvSetup.exe
SR - | Auto 03/04/2014 1809720 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
SR - | Auto 03/04/2014 857912 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
SR - | Auto 29/03/2011 598312 | (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SR - | Auto 04/03/2014 922968 | (nvsvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvvsvc.exe
SR - | Auto 27/10/2013 1364256 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 16/05/2013 1817560 | (SDScannerService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
SR - | Auto 16/05/2013 1033688 | (SDUpdateService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
SR - | Auto 15/05/2013 171928 | (SDWSCService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
SR - | Auto 04/03/2014 411936 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 24/03/2014 399640 | (sysTPLMonitor.exe) . (.Tlapia.) - C:\Program Files (x86)\sysTPL\sysTPLMonitor.exe
SR - | Auto 24/03/2014 400664 | (sysTPLService.exe) . (.Tlapia.) - C:\Program Files (x86)\sysTPL\sysTPLService.exe
SR - | Auto 28/01/2014 2412344 | (TuneUp.UtilitiesSvc) . (.TuneUp Software.) - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
SR - | Auto 18/01/2012 450848 | (UMVPFSrv) . (.Logitech Inc..) - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
SR - | Auto 20/09/2012 29696 | C:\Windows\System32\uxtuneup.dll (UxTuneUp) . (.TuneUp Software.) - C:\Windows\System32\svchost.exe
SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
~ Services: Scanned in 00mn 08s



---\\ Scan Additionnel (O88)
Database Version : 13045 - (25/04/2014)
Clés trouvées (Keys found) : 9
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 1

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CC1C2EE8-8E03-4D79-9758-C208D4438A3E}] =>PUP.QuickShare^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\5A7A58AD-FD66-8003-0AFD-4C1A7BC3CC47] =>PUP.ViewPassword^
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}] =>Toolbar.TuneUp
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Orange
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494] =>Adware.IMBooster
C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\bubxx7ob.default\extensions\{9549c857-8c2b-4ece-a142-07fc07e52a39} =>PUP.QuickShare^
C:\Windows\Installer\6957ad.msi =>PUP.DealPly^
~ Additionnel Scan: 289642 Items scanned in 01mn 07s



---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.webs.com/apps/blog/show/28577022-pup-quickshare =>PUP.QuickShare
http://nicolascoolman.webs.com/apps/blog/show/27232411-hijacker-proxy =>Hijacker.Proxy
http://nicolascoolman.webs.com/apps/blog/show/35740148-pup-viewpassword =>PUP.ViewPassword
http://nicolascoolman.webs.com/apps/blog/show/27443462-pup-dealio =>PUP.Dealio
http://nicolascoolman.webs.com/apps/blog/show/28060597-pup-dealply =>PUP.DealPly
http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider =>PUP.CrossRider
http://nicolascoolman.webs.com/apps/blog/show/26678994-hijacker-babsolution =>Hijacker.BabSolution
http://nicolascoolman.webs.com/apps/blog/show/26919368-adware-megasearch =>Adware.MegaSearch
http://nicolascoolman.webs.com/apps/blog/show/26630902-adware-lollipop =>Adware.Lollipop
http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
~ MSI: 10 link(s) detected in 00mn 00s



~ 656 Legitimates filtered by white list
End of the scan (509 lines in 01mn 58s)(0)

Publicité


Signaler le contenu de ce document

Publicité