cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2014.3.21.21 - Nicolas Coolman (21/03/2014)
~ Lancé par isabelle (02/04/2014 19:30:05)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16521

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 3Q6C9
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
Windows Defender W7

---\\ Logiciels d'optimisation du système
CCleaner v3.02 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 12 Plugin

---\\ Informations sur le système
~ Processor: AMD64 Family 16 Model 6 Stepping 3, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3839 MB (57% free)
System Restore: Activé (Enable)
System drive C: has 213 GB (36%) free of 586 GB

---\\ Mode de connexion au système
~ Computer Name: ZAZA
~ User Name: isabelle
~ All Users Names: Mcx1-ZAZA, isabelle, isa, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\isabelle\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\isabelle\AppData\Roaming\
~ %Desktop% : C:\Users\isabelle\Desktop\
~ %Favorites% : C:\Users\isabelle\Favorites\
~ %LocalAppData% : C:\Users\isabelle\AppData\Local\
~ %StartMenu% : C:\Users\isabelle\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 213 Go of 586 Go)
D: Hard drive, Flash drive, Thumb drive (Free 1 Go of 10 Go)
F: CD-ROM drive (Not Inserted)
Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 44 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.DF79CE9B950C62677D232154E93A81C7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.01/03/2014 - 04:10:28.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.83D2D75E1EFB81B3450C18131443F7DB] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/07/2009 - 00:19:54.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/14
~ Mes musiques (My Musics) : 12/209
~ Mes Videos (My Videos) : 1/5
~ Mes Favoris (My Favorites) : 1/20
~ Mes Documents (My Documents) : 1/2512
~ Mon Bureau (My Desktop) : 2/4454
~ Menu demarrer (Programs) : 1/3
~ Hidden Files: Scanned in 00mn 01s



---\\ Processus lancés
[MD5.9C65C4F46BB75904B8B843724971E020] - (.SEIKO EPSON CORPORATION - MyEpson Portal.) -- C:\Program Files (x86)\EPSON\MyEPSON Connect\mep.exe [2387520] [PID.3932]
[MD5.554A50B5310E702029D3A675459108FF] - (.Hewlett-Packard - hpsysdrv.) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768] [PID.900]
[MD5.F02A533F517EB38333CB12A9E8963773] - (.Google Inc. - Programme d'installation de Google.) -- C:\Users\isabelle\AppData\Local\Google\Update\GoogleUpdate.exe [136176] [PID.3176]
[MD5.0FF101F5C767393195602237E211B311] - (.Logitech Inc. - Logitech Vid HD.) -- C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6123032] [PID.1528]
[MD5.70EA13A41C0D9D31343EC203A629F801] - (.Ares Development Group - Ares p2p for windows.) -- C:\Program Files (x86)\Ares\Ares.exe [3209216] [PID.324]
[MD5.9D4A0ECBF734E2EECDD5B473A2D705FE] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016] [PID.1836]
[MD5.5516C26A6AF8EB4E2CAB48EC98A74398] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe [54576] [PID.3124]
[MD5.A2418D3C557C0A0C634DA713A8AC3789] - (.Logitech Inc. - Logitech Webcam Software.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336] [PID.3360]
[MD5.FB1A303207C1124C2B61A50E5A32AC21] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968] [PID.3528]
[MD5.550B8CB98A8FA1D7A1A7371055A38DDA] - (...) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe [265240] [PID.2868]
[MD5.902054D6B4292329F9594FFF24EE02DB] - (...) -- C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe [680984] [PID.1904]
[MD5.5331DC9D1C88840326F68C2C531A82A7] - (.Logitech, Inc. - Logitech Updater.) -- C:\Users\isabelle\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LULnchr.exe [351248] [PID.4936]
[MD5.235D42833F2F89083FA70B9787899846] - (.Logitech, Inc. - Logitech Updater.) -- C:\Users\isabelle\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LogitechUpdate.exe [1353232] [PID.3836]
[MD5.A9182CE59CFC56F9C1DDE8B3C0AE8378] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [274840] [PID.5992]
[MD5.12FD4EF8F2CBBF98E0A5CED88258DDF3] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [17816] [PID.4216]
[MD5.497E84A1B6767142987A17574C57C04E] - (.Adobe Systems, Inc. - Adobe Flash Player 12.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe [1863560] [PID.4684]
[MD5.76CD1E85DDE35D3791825EABBCBC53A0] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8250368] [PID.4672]
[MD5.67A95B9D129ED5399E7965CD09CF30E7] - (.Logitech Inc. - Logitech User mode UMVPF service.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848] [PID.956]
[MD5.F401929EE0CC92BFE7F15161CA535383] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184] [PID.1480]
[MD5.CA793DCC1D5F619021EF1D37CC7A831E] - (.EasyBits Software AS - Shared EasyBits services for Windows.) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232] [PID.1660]
[MD5.7550D101BF49FDB1F92666A233EE36C4] - (.Hewlett-Packard Company - LightScribe Service.) -- c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.1728]
[MD5.213F5D05EE522E7321C513D4A6A318E0] - (.SEIKO EPSON CORPORATION - MyEpson Portal Service.) -- C:\Program Files (x86)\EPSON\MyEPSON Connect\mepService.exe [703616] [PID.1772]
[MD5.7D2633295EB6FF2B938185874884059D] - (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [935208] [PID.1820]
[MD5.BDF850D185B2344C7811B79E49050188] - (.PDF Complete Inc - Dispatcher.) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe [635416] [PID.1956]
[MD5.B94C3C4DCA2093243C76CA218EDE2A97] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [209768] [PID.2152]
[MD5.BFDB58616FF5EA540A5F58301D50641E] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [483688] [PID.2380]
[MD5.C523F582AB537293844596CE66D76125] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [821664] [PID.2924]
~ Processes Running: Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\isabelle\AppData\Roaming\Mozilla\Firefox\Profiles\2ruridje.default\prefs.js
M2 - MFEP: prefs.js [isabelle - 2ruridje.default\{40a1f5d7-afc2-498f-b264-02668d616ff6}] [] Mega Manager Integration v1.1 (..)
~ Firefox Browser: 24 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: cam.lnk . (...) -- C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\HelpMain\launchershortcut.exe
O4 - GS\Desktop [Public]: EPSON Scan.lnk . (.SEIKO EPSON CORP. - EPSON Scan.) -- C:\Windows\twain_32\escndv\escndv.exe
O4 - GS\Desktop [Public]: GetDataBack for NTFS.lnk . (.Runtime Software - GetDataBack for NTFS Data Recovery.) -- C:\Program Files (x86)\Runtime Software\GetDataBack for NTFS\gdbnt.exe
O4 - GS\Desktop [Public]: HP games.lnk . (.WildTangent - WildTangent Games App.) -- C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: Video Converter Studio.lnk . (.Apowersoft - Video Converter Studio.) -- C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe
O4 - GS\Desktop [Public]: Vuze.lnk . (...) -- C:\Program Files (x86)\Vuze\Azureus.exe (.not file.) =>P2P.Azureus
O4 - GS\Program [Public]: LabelPrint.lnk . (.CyberLink Corp. - LabelPrint.) -- C:\Program Files (x86)\Cyberlink\LabelPrint\LabelPrint.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Power2Go.lnk . (.CyberLink Corp. - Power2Go.) -- C:\Program Files (x86)\Cyberlink\Power2Go\Power2Go.exe
O4 - GS\Program [Public]: Vuze.lnk . (...) -- C:\Program Files (x86)\Vuze\Azureus.exe (.not file.) =>P2P.Azureus
O4 - GS\QuickLaunch [isabelle]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [isabelle]: Video Converter Studio.lnk . (.Apowersoft - Video Converter Studio.) -- C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe
O4 - GS\QuickLaunch [isabelle]: Vuze.lnk . (...) -- C:\Program Files (x86)\Vuze\Azureus.exe (.not file.) =>P2P.Azureus
O4 - GS\TaskBar [isabelle]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\isabelle\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [isabelle]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [isabelle]: HP Support Assistant.lnk . (.Hewlett-Packard Company - HP Support Assistant.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe =>.Hewlett-Packard Co
O4 - GS\QuickLaunch [isa]: France-cotation.lnk - Clé orpheline
O4 - GS\QuickLaunch [isa]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [isa]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\TaskBar [isa]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [isa]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [isa]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [isa]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [isa]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [isa]: Accelerer PC.lnk . (...) -- C:\Program Files (x86)\Accelerer PC\PCSpeedUp-Start.bat "C:\Program Files (x86)\Accelerer PC" "C:\Program Files (x86)\Accelerer PC\PCSpeedUp.xap" PCSU (.not file.) =>Rogue.PCSpeedUp
O4 - GS\Desktop [isa]: Assistance Livebox.lnk . (...) -- C:\Program Files (x86)\Orange\Assistance Livebox\AssistanceLivebox.exe
O4 - GS\Desktop [isa]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\isabelle\AppData\Local\Google\Chrome\Application\chrome.exe
~ Global Startup: 96 Legitimates Filtered in 00mn 00s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKLM\..\Run: [FullScreen] C:\BLOCK\CFG\flexbuild\FullScreen\launchFS.cmd (.not file.)
O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe =>.Hewlett-Packard Co
O4 - HKLM\..\RunOnce: [NCPluginUpdater] . (.Hewlett-Packard - NCPluginUpdater.) -- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\isabelle\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKCU\..\Run: [EasyFlirt Messenger] C:\Program Files (x86)\EasyFlirt Messenger\EasyFlirt Messenger.exe (.not file.)
O4 - HKCU\..\Run: [Logitech Vid] . (.Logitech Inc. - Logitech Vid HD.) -- C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\isabelle\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [DriverBoost] . (.PC Drivers Headquarters - DriverBoost.) -- C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe
O4 - HKCU\..\Run: [ares] . (.Ares Development Group - Ares p2p for windows.) -- C:\Program Files (x86)\Ares\Ares.exe
O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILFE.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [EPLTarget\P0000000000000002] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILFE.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [PDF Complete] . (.PDF Complete Inc - Sentry for PDF.) -- C:\Program Files (x86)\PDF Complete\pdfsty.exe =>.PDF Complete Inc
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [Easybits Recovery] . (.EasyBits Software AS - Pas de description.) -- C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe =>.EasyBits Software AS
O4 - HKLM\..\Wow6432Node\Run: [ORAHSSSessionManager] C:\Program Files (x86)\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [LWS] . (.Logitech Inc. - Logitech Webcam Software.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe =>.Logitech Inc
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [DivXMediaServer] . (.DivX, LLC - DivX DLNA Media Server.) -- C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Wow6432Node\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [fst_fr_50] Clé orpheline =>PUA.FSTfr9
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\K-Lite Codec Pack\QuickTime\QTTask.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2186549345-3802387882-2836175870-1005\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-2186549345-3802387882-2836175870-1005\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\isabelle\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKUS\S-1-5-21-2186549345-3802387882-2836175870-1005\..\Run: [EasyFlirt Messenger] C:\Program Files (x86)\EasyFlirt Messenger\EasyFlirt Messenger.exe (.not file.)
O4 - HKUS\S-1-5-21-2186549345-3802387882-2836175870-1005\..\Run: [Logitech Vid] . (.Logitech Inc. - Logitech Vid HD.) -- C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
O4 - HKUS\S-1-5-21-2186549345-3802387882-2836175870-1005\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\isabelle\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-2186549345-3802387882-2836175870-1005\..\Run: [DriverBoost] . (.PC Drivers Headquarters - DriverBoost.) -- C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe
O4 - HKUS\S-1-5-21-2186549345-3802387882-2836175870-1005\..\Run: [ares] . (.Ares Development Group - Ares p2p for windows.) -- C:\Program Files (x86)\Ares\Ares.exe
O4 - HKUS\S-1-5-21-2186549345-3802387882-2836175870-1005\..\Run: [EPLTarget\P0000000000000001] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILFE.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-2186549345-3802387882-2836175870-1005\..\Run: [EPLTarget\P0000000000000002] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILFE.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-2186549345-3802387882-2836175870-1005\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 [64Bits] - {25510184-5A38-4A99-B273-DCA8EEF6CD08} . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\Resources\Icons\HP.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{02A1085A-4D36-4A06-8E86-3CB4246DD49F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{F62D9A33-ECC1-4437-9B7F-30C7D4032A76}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{02A1085A-4D36-4A06-8E86-3CB4246DD49F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{F62D9A33-ECC1-4437-9B7F-30C7D4032A76}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{02A1085A-4D36-4A06-8E86-3CB4246DD49F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{F62D9A33-ECC1-4437-9B7F-30C7D4032A76}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {92D24E67-F95F-41E0-89B6-CE4936AB8F62}.job [727]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {BC96B2D5-71AF-48A9-81D3-9E02F5091E1E}.job [727]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {92D24E67-F95F-41E0-89B6-CE4936AB8F62}.job [913]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {BC96B2D5-71AF-48A9-81D3-9E02F5091E1E}.job [913]
[MD5.00000000000000000000000000000000] [APT] [AutoUpdaterTask] (...) -- C:\Program Files (x86)\Auto Updater\AutoUpdater.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{0F47ED95-2F0E-45B2-877C-AB5E4B84933C}] (...) -- C:\Users\isabelle\Documents\Revo Uninstaller Pro v3.0.7 (x86-x64) Incl Crack [TorDigger]\Crack x86\RevoUninPro.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{17CB7CA3-3A2F-4389-B851-999DA6072C53}] (...) -- C:\Users\isabelle\Downloads\epson375181eu.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{3B78CA07-0D28-49DB-BCB4-B8FE021E2560}] (...) -- E:\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{5153C7ED-5C58-4E37-86ED-AAF712A2AE26}] (...) -- C:\Program Files (x86)\PriceGong\uninst.exe (.not file.) [0] =>Adware.PriceGong
[MD5.00000000000000000000000000000000] [APT] [{7537CFB2-0856-43E8-842C-07F14E9F7957}] (...) -- C:\Users\isabelle\AppData\Roaming\awesomehp\UninstallManager.exe (.not file.) [0] =>PUP.Awesomehp
[MD5.00000000000000000000000000000000] [APT] [{7C023849-FAE4-46C4-8E71-0CFE7F6C1E52}] (...) -- C:\Users\isabelle\Desktop\zygo\Zygo CP V2008\Autorun.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{BF3973EC-F3F4-4EF0-B78C-4AB4144351F8}] (...) -- C:\Program Files (x86)\Glary Utilities\uninstaller.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{DD060FEE-904D-4447-9EB8-58DA544D4DE1}] (...) -- C:\Users\isabelle\Downloads\epson324565eu.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{DF4D3D60-0FE6-4190-82CC-414F6DA8E316}] (...) -- C:\Users\isabelle\Downloads\jxpiinstall.exe (.not file.) [0]
~ Scheduled Task: 51 Legitimates Filtered in 00mn 02s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (acpsfniy) . (. - .) - C:\Windows\system32\drivers\acpsfniy.sys (.not file.)
O41 - Driver: (cognwcsi) . (. - .) - C:\Windows\system32\drivers\cognwcsi.sys (.not file.)
O41 - Driver: (didnuuqs) . (. - .) - C:\Windows\system32\drivers\didnuuqs.sys (.not file.)
~ Drivers: 66 Legitimates Filtered in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: Accelerer PC - Désinstallation complète - (.Speedchecker Limited.) [HKLM][64Bits] -- PCSU-SL_is1 =>Rogue.PCSpeedUp
~ Logic: 18 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\31255InstEnd]
[HKCU\Software\Ares]
[HKCU\Software\DM73]
[HKCU\Software\ELIGCHK]
[HKCU\Software\TVANTS]
[HKCU\Software\VIO ;)]
[HKLM\Software\Wow6432Node\Postbox]
[HKLM\Software\Wow6432Node\Shortcut_Module]
[HKLM\Software\Wow6432Node\Taronja]
[HKLM\Software\Wow6432Node\anset]
[HKLM\Software\Wow6432Node\i-beta] =>PUP.i-Beta
~ Key Software: 236 Legitimates Filtered in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 07/08/2012 - 00:33:08 - [6,885] ----D C:\Program Files (x86)\Ares
O43 - CFD: 01/10/2013 - 21:29:53 - [11,962] ----D C:\Program Files (x86)\i-beta =>PUP.i-Beta
O43 - CFD: 26/01/2014 - 19:01:12 - [43,420] ----D C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
O43 - CFD: 01/10/2013 - 21:29:49 - [0,510] ----D C:\Users\isabelle\AppData\Roaming\Postbox
O43 - CFD: 07/08/2012 - 00:33:09 - [0,032] ----D C:\Users\isabelle\AppData\Local\Ares
O43 - CFD: 01/10/2013 - 21:42:57 - [3,961] ----D C:\Users\isabelle\AppData\Local\Postbox
~ 7 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 220 Legitimates Filtered in 00mn 01s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.B66543B5549FB9E1D81607ACFFC8E1E6] - 02/04/2014 - 08:00:10 ---A- . (...) -- C:\Shortcut_Module_02_04_2014_09_00_10.txt [28709]
~ Files: 22 Legitimates Filtered in 00mn 01s



---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{8a936bcf-0b61-11e1-ae93-d48564a3eab8}\AutoRun\command. (...) -- E:\Handset_USB_Driver.exe (.not file.)
O51 - MPSK:{e8af9c59-1341-11e2-894b-d48564a3eab8}\AutoRun\command. (...) -- E:\LaunchU3.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnablELUA"=0
~ MWPS: 21 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.2285B31039611D509F6120D691CA661F] - 29/05/2012 - 14:53:30 ---A- . (.Windows (R) Codename Longhorn DDK provider - hpvhd 64bit support driver.) -- C:\Windows\System32\Drivers\cpqdfw.sys [27456]
O58 - SDL:[MD5.10FB0FF62AF6262BF88E3607E2AE2A69] - 13/03/2010 - 00:39:14 ---A- . (...) -- C:\Windows\System32\Drivers\cqcpu.sys [24376]
O58 - SDL:[MD5.DEF365F0F6E017888C4B869D3BA4B8E0] - 25/10/2010 - 10:10:22 ---A- . (.Devguru Co., Ltd - Device Error Recovery SDK(x64).) -- C:\Windows\System32\Drivers\dgderdrv.sys [20552]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.9B4B4838A6C8DC97416581C13CB6482C] - 07/03/2011 - 11:18:48 ---A- . (.HandSet Incorporated - HandSet CDROM Filter.) -- C:\Windows\System32\Drivers\massfilter_hs.sys [18456]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:[MD5.CE4B6956E4E12492715A53076E58761F] - 25/10/2010 - 10:03:52 ---A- . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\System32\Drivers\TFsExDisk.sys [16392]
O58 - SDL:[MD5.FB251567F41BC61988B26731DEC19E4B] - 25/04/2012 - 11:11:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [52736]
O58 - SDL:[MD5.CE4B6956E4E12492715A53076E58761F] - 25/10/2010 - 10:03:52 ---A- . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys [16392]
~ Drivers: 21 Legitimates Filtered in 00mn 00s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
O63 - Logiciel: ZHPFix 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPFix_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\Firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Users\isa\AppData\Local\Google\Chrome\Application\chrome.exe" http://www.awesomehp.com =>PUP.Awesomehp
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {1945e092-ce7a-4b44-a259-a105b5dab2fd} - (lookineo) - http://www.lookineo.com
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {129A0CE9-13CF-423B-A38E-D1A6B02E2714} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {65793278-18D6-4D6D-AF3D-D81AC9B88FC6} - (Yahoo) - http://fr.search.yahoo.com
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {AF5F7031-EE4E-44C6-AFF5-5C388E256810} - (Wikipedia) - http://fr.wikipedia.org
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {129A0CE9-13CF-423B-A38E-D1A6B02E2714} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {65793278-18D6-4D6D-AF3D-D81AC9B88FC6} - (Yahoo) - http://fr.search.yahoo.com
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {AF5F7031-EE4E-44C6-AFF5-5C388E256810} - (Wikipedia) - http://fr.wikipedia.org
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.A4DFEE10D53C16EED2363A9ABEC4AD9F] [SPRF][04/11/2013] (...) -- C:\ProgramData\1383597050.bdinstall.bin [502]
[MD5.E6729F8E631FC594B6C1375A11C193A8] [SPRF][04/11/2013] (...) -- C:\ProgramData\1383597129.bdinstall.bin [834741]
[MD5.072B56CA1FE651298CFB681F5407ABAE] [SPRF][05/11/2013] (...) -- C:\ProgramData\1383684367.bdinstall.bin [244527]
~ Files: 5 Legitimates Filtered in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "UDP Query User{D96C7DE5-F58E-458D-8D39-78D0DE3B2A31}C:\users\isabelle\appdata\local\temp\jdic_0_9_5\ieembed.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\isabelle\appdata\local\temp\jdic_0_9_5\ieembed.exe (.not file.)
O87 - FAEL: "{B628B1C6-02E1-43B2-A7BB-C355C4DFCF43}" |In - Private - P17 - TRUE | .(...) -- C:\Users\isabelle\Documents\Mes téléchargements\mp4ConverterSetup.exe (.not file.)
O87 - FAEL: "TCP Query User{2D2C734E-4005-404B-BDD9-617A26C9E5FC}C:\program files (x86)\ares\ares.exe" | In - Private - P6 - TRUE | .(.Ares Development Group - Ares p2p for windows.) -- C:\program files (x86)\ares\ares.exe
O87 - FAEL: "UDP Query User{EDCE86B6-1F35-4C26-9B21-8F7A89E09242}C:\program files (x86)\ares\ares.exe" | In - Private - P17 - TRUE | .(.Ares Development Group - Ares p2p for windows.) -- C:\program files (x86)\ares\ares.exe
O87 - FAEL: "TCP Query User{8F67961A-A56E-476E-B515-779239719680}C:\program files (x86)\ares\ares.exe" | In - Public - P6 - TRUE | .(.Ares Development Group - Ares p2p for windows.) -- C:\program files (x86)\ares\ares.exe
O87 - FAEL: "UDP Query User{937A71DE-26EF-4A68-9E9B-4B1FCBEF446E}C:\program files (x86)\ares\ares.exe" | In - Public - P17 - TRUE | .(.Ares Development Group - Ares p2p for windows.) -- C:\program files (x86)\ares\ares.exe
O87 - FAEL: "{0C83194D-285E-4CAC-873D-4984DD6060C7}" |In - Public - P6 - TRUE | .(...) -- C:\ProgramData\eSafe\eGdpSvc.exe (.not file.) =>PUP.eSafeSecurity
O87 - FAEL: "{AFFBFF36-367D-46B6-A0A4-A3B022B0F5A9}" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\torntv.com\torntv downloader.exe (.not file.) =>Hijacker.TornTV
O87 - FAEL: "{9C741B53-5C84-4510-8C45-84E62262CEA4}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe (.not file.) =>Adware.ExpressFiles
~ Firewall: 275 Legitimates Filtered in 00mn 00s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "2EB48BE813F10594388D2C119A0A7893" . (.AM Usb Card Reader Driver.) -- C:\Windows\Installer\{8EB84BE2-1F31-4950-83D8-C211A9A08739}\ARPPRODUCTICON.exe
~ Update Products: 108 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.71D9872F3952C0FB64CB6100423520E8] [WIS][02/04/2014] (.Alcor - Blank Project Template.) -- C:\Windows\Installer\115d8.msi [1289216]
[MD5.B67811645C5A3B8E4E4B1A1DB1EE271C] [WIS][02/04/2014] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\2c9b7ace.msi [45056] =>Adware.Boxore
[MD5.570FBA4141DC67442444045E7A82BF9B] [WIS][02/04/2014] (.DriverBoost - DriverBoost.) -- C:\Windows\Installer\77755.msi [4011520]
~ WIS: 140 Legitimates Filtered in 00mn 02s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 12/03/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SS - | Demand 13/05/2013 1129760 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
SS - | Demand 18/09/2013 118680 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 20/05/2011 1055872 | (Orange update Core Service) . (.France Telecom SA.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
SS - | Demand 10/07/1658 0 | (rpcapd) . (...) - C:\Program Files (x86)\WinPcap\rpcapd.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe

SR - | Auto 02/02/2010 202752 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 24/05/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 17/05/2012 144560 | (EpsonScanSvc) . (.Seiko Epson Corporation.) - C:\Windows\system32\EscSvc64.exe
SR - | Auto 11/01/2007 126464 | (EPSON_PM_RPCV4_01) . (.SEIKO EPSON CORPORATION.) - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.exe
SR - | Auto 15/04/2013 152640 | (EPSON_PM_RPCV4_06) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.exe
SR - | Auto 10/07/1658 0 | (ezSharedSvc) . (.EasyBits Software AS.) - C:\Windows\System32\ezSharedSvcHost.exe =>.EasyBits Software AS
SR - | Auto 04/11/2013 92160 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe =>.Hewlett-Packard Co
SR - | Auto 19/05/2010 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 01/10/2012 703616 | (MyEPSON Connect Service) . (.SEIKO EPSON CORPORATION.) - C:\Program Files (x86)\EPSON\MyEPSON Connect\mepService.exe
SR - | Auto 23/09/2009 935208 | (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
SR - | Auto 14/10/2009 635416 | (pdfcDispatcher) . (.PDF Complete Inc.) - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
SR - | Auto 18/01/2012 450848 | (UMVPFSrv) . (.Logitech Inc..) - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 13031 - (21/03/2014)
Clés trouvées (Keys found) : 2
Valeurs trouvées (Values found) : 5
Dossiers trouvés (Folders found) : 2
Fichiers trouvés (Files found) : 2

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1] =>Rogue.PCSpeedUp^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:fst_fr_50 =>PUA.FSTfr9^
C:\Program Files (x86)\i-beta =>PUP.i-Beta^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneStopSoft.com =>PUP.Dealio
[HKLM\Software\Wow6432Node\i-beta] =>PUP.i-Beta^
C:\Windows\Installer\2c9b7ace.msi =>Adware.Boxore^
~ Additionnel Scan: 258267 Items scanned in 00mn 15s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/27765487-rogue-pcspeedup =>Rogue.PCSpeedUp
~ http://nicolascoolman.webs.com/apps/blog/show/34014358-pua-fstfr9 =>PUA.FSTfr9
~ http://nicolascoolman.webs.com/apps/blog/show/26666995-adware-pricegong =>Adware.PriceGong
~ http://nicolascoolman.webs.com/apps/blog/show/41011964-pup-awesomehp =>PUP.Awesomehp
~ http://nicolascoolman.webs.com/apps/blog/show/33755964-pup-i-beta =>PUP.i-Beta
~ http://nicolascoolman.webs.com/apps/blog/show/27588628-pup-esafesecurity =>PUP.eSafeSecurity
~ http://nicolascoolman.webs.com/apps/blog/show/27660150-hijacker-torntv =>Hijacker.TornTV
~ http://nicolascoolman.webs.com/apps/blog/show/26753274-adware-expressfiles =>Adware.ExpressFiles
~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
~ http://nicolascoolman.webs.com/apps/blog/show/27443462-pup-dealio =>PUP.Dealio
~ MSI: 10 link(s) detected in 00mn 15s



~ 1282 Legitimates filtered by white list
End of the scan (514 lines in 00mn 40s)(0)

Publicité


Signaler le contenu de ce document

Publicité