cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2014.4.19.35 - Nicolas Coolman (19/04/2014)
~ Lancé par Amine (20/04/2014 00:06:58)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16659
MFIE: Mozilla Firefox 28.0
OPIE: Opera vStable 20.0.1387.91 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 8.1 Pro, 32-bit (Build 9600)
Windows Server License Manager Script : OK
~ Windows(R) Operating System, VOLUME_MAK channel
Windows ID Activation : OK
~ Windows Partial Key : C36VD
Windows License : OK
~ Windows Remaining Initializations Number : 999
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
avast! Internet Security v9.0.2016
Malwarebytes Anti-Malware version 2.0.1.1004
Windows Defender W8

---\\ Logiciels d'optimisation du système
CCleaner v4.11 =>.Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 12 Plugin
Java 7 Update 51

---\\ Informations sur le système
~ Processor: x86 Family 6 Model 15 Stepping 6, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1789 MB (24% free)
System Restore: Activé (Enable)
System drive C: has 108 GB (73%) free of 146 GB

---\\ Mode de connexion au système
~ Computer Name: AMINE
~ User Name: Amine
~ All Users Names: HomeGroupUser$, Amine, Administrateur,
~ Unselected Option: O45,O61
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Amine\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Amine\AppData\Roaming\
~ %Desktop% : C:\Users\Amine\Desktop\
~ %Favorites% : C:\Users\Amine\Favorites\
~ %LocalAppData% : C:\Users\Amine\AppData\Local\
~ %StartMenu% : C:\Users\Amine\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 108 Go of 146 Go)
D: Hard drive, Flash drive, Thumb drive (Free 146 Go of 146 Go)
E: Hard drive, Flash drive, Thumb drive (Free 161 Go of 173 Go)
F: CD-ROM drive (Not Inserted)
G: CD-ROM drive (Not Inserted)
H: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
~ Security Center: 46 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.1A0BC9598E4A58FC84570FFF5A108E58] - (.Microsoft Corporation - Explorateur Windows.) (.22/10/2013 - 07:03:47.) -- C:\Windows\Explorer.exe [2065448]
[MD5.02BC073156B3097E94D63C4D609020DD] - (.Microsoft Corporation - Application de démarrage de Windows.) (.22/08/2013 - 03:49:55.) -- C:\Windows\System32\Wininit.exe [112640]
[MD5.AAFEAB4FC9D70253F8C7E353E879E8A2] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.01/03/2014 - 03:32:16.) -- C:\Windows\System32\wininet.dll [1820160]
[MD5.94385F95EF948FB274A70DE3EDE5696D] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.22/08/2013 - 03:48:19.) -- C:\Windows\System32\Winlogon.exe [458752]
[MD5.BFB9E1202225113991F981D29BFB9029] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/12/2013 - 09:08:12.) -- C:\Windows\System32\sppcomapi.dll [438272]
[MD5.2AF7DA157FFF947A507FCB4AB8BB4C7C] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.22/08/2013 - 07:13:54.) -- C:\Windows\system32\Drivers\AFD.sys [455168]
[MD5.72FCAE2CE6DFEAB2AB072435017F3417] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 06:33:25.) -- C:\Windows\system32\Drivers\atapi.sys [23392]
[MD5.CE232BB0965C0C0B786C3F976CCBFB7D] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 05:11:55.) -- C:\Windows\system32\Drivers\Cdfs.sys [73728]
[MD5.E2FC132D48EA4E8B04432C33EFB77801] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 02:59:12.) -- C:\Windows\system32\Drivers\Cdrom.sys [124928]
[MD5.D4ADBFC2409EF883164F3AA49B22F366] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.22/08/2013 - 05:09:45.) -- C:\Windows\system32\Drivers\DfsC.sys [101376]
[MD5.A31901DE6A22EA67AB83AAF7036F98CC] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.22/08/2013 - 05:10:12.) -- C:\Windows\system32\Drivers\HDAudBus.sys [69632]
[MD5.5043E69532392A43549E5D41E22638AA] - (.Microsoft Corporation - Pilote de port i8042.) (.22/08/2013 - 05:10:59.) -- C:\Windows\system32\Drivers\i8042prt.sys [82944]
[MD5.FA6C94C754A566EA8A61D658932F32DE] - (.Microsoft Corporation - IP Network Address Translator.) (.27/11/2013 - 12:03:35.) -- C:\Windows\system32\Drivers\IpNat.sys [126976]
[MD5.9E030D5C03E68E0C78EA120212759D66] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.23/11/2013 - 07:09:50.) -- C:\Windows\system32\Drivers\MRxSmb.sys [332800]
[MD5.BC242922B0D08F61CF7C87FD08FAFA8B] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 05:08:26.) -- C:\Windows\system32\Drivers\netBT.sys [218624]
[MD5.D13D35452A5F452DCC1626AE1A7D9790] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.10/03/2014 - 09:43:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1673048]
[MD5.4F30970F15ADCC382544B31D5D7E368E] - (.Microsoft Corporation - Pilote de port parallèle.) (.22/08/2013 - 05:11:49.) -- C:\Windows\system32\Drivers\Parport.sys [81408]
[MD5.C51AB62AB41A2E8560D12472B204CC00] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 05:07:36.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [81920]
[MD5.67E91843B0344411820A012063E876B2] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.30/09/2013 - 04:49:31.) -- C:\Windows\system32\Drivers\rdpdr.sys [143872]
[MD5.DB0C184142CF9FA1746F598A16EE92B2] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 07:13:54.) -- C:\Windows\system32\Drivers\tdx.sys [87040]
[MD5.CA3C52D981550DEA46576F9FFBA22C58] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.31/01/2014 - 15:04:24.) -- C:\Windows\system32\Drivers\volsnap.sys [265560]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/16
Mes musiques (My Musics) : 2/2 (Modified)
~ Mes Videos (My Videos) : 1/3
~ Mes Favoris (My Favorites) : 1/4
~ Mes Documents (My Documents) : 1/72
~ Mon Bureau (My Desktop) : 2/279
~ Menu demarrer (Programs) : 1/43
~ Hidden Files: Scanned in 00mn 01s



---\\ Processus lancés
[MD5.61A5597AB30F257BCC47A8E61711F039] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) -- C:\Windows\system32\taskhostex.exe [66632] [PID.3032]
[MD5.62CA2829B6C25A9AA53FEEB90E497884] - (.DT Soft Ltd - DAEMON Tools Shell Extensions Helper.) -- C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe [2668864] [PID.3784]
[MD5.4BFA1849DC7AA3CB99C160D9EB96C67B] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640] [PID.4052]
[MD5.0EE209370FAA94C2267B3B201D31E412] - (.Zbshareware Lab - USB Disk Security.) -- C:\Program Files\USB Disk Security\USBGuard.exe [687336] [PID.2656]
[MD5.E0DF6506C36AA207F41EFED13D876D83] - (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files\Adobe\Acrobat 11.0\Acrobat\acrotray.exe [3478392] [PID.2964]
[MD5.AA16204FD1F75637E8EAEB593A8FA597] - (.PowerISO Computing, Inc. - PowerISO Virtual Drive Manager.) -- C:\Program Files\PowerISO\PWRISOVM.exe [180224] [PID.3284]
[MD5.44A9229022A519ED45294A1934C05EEC] - (.Flux Software LLC - f.lux.) -- C:\Users\Amine\AppData\Local\FluxSoftware\Flux\flux.exe [1017224] [PID.1152]
[MD5.E7E69A45148BE15CD26C5F63EEEC8133] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe [3829328] [PID.3776]
[MD5.BD95E822E7A958BBCA842D078426A151] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe [269848] [PID.2412]
[MD5.0D144D0404D250999DDA38FF726AF5CF] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\20.0.1387.91\opera.exe [46143840] [PID.2628]
[MD5.825753025ECC5E56957D66BDDB821DE4] - (...) -- C:\Program Files\Opera\20.0.1387.91\opera_crashreporter.exe [1380704] [PID.2648]
[MD5.41AD6110110A2E89957F831DCBFAF892] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe [6963512] [PID.5304]
[MD5.A1C1669580EF1D8F54D7EAFF527AB6A9] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8219648] [PID.5684]
~ Processes Running: Scanned in 00mn 01s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M2 - MFEP: prefs.js [Amine - ouknopn6.default\en-US@dictionaries.addons.mozilla.org] [] United States English Spellchecker v7.0.1 (..)
M2 - MFEP: prefs.js [Amine - ouknopn6.default\jid1-4P0kohSJxU1qGg@jetpack] [] Hola Unblocker v1.3.103 (..)
~ Firefox Browser: 12 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 19



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - [HKLM]{47833539-D0C5-4125-9FA8-0819E2EAAC93} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: 1-Click-Optimizer (WO11).lnk . (.Ashampoo Development GmbH & Co. KG - Ashampoo WinOptimizer 11.) -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 11\WO11.exe
O4 - GS\Desktop [Public]: Apps.lnk . (...) -- C:\Users\Public\Libraries\Apps.library-ms
O4 - GS\Desktop [Public]: Ashampoo Burning Studio 14 Compact Mode.lnk . (.Ashampoo - Ashampoo Burning Studio 14.) -- C:\Program Files\Ashampoo\Ashampoo Burning Studio 14\burningstudio14.exe
O4 - GS\Desktop [Public]: Ashampoo Burning Studio 14.lnk . (.Ashampoo - Ashampoo Burning Studio 14.) -- C:\Program Files\Ashampoo\Ashampoo Burning Studio 14\burningstudio14.exe
O4 - GS\Desktop [Public]: Ashampoo WinOptimizer 11.lnk . (.Ashampoo Development GmbH & Co. KG - Ashampoo WinOptimizer 11.) -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 11\WO11.exe
O4 - GS\Desktop [Public]: Kaspersky Password Manager.lnk . (.Kaspersky Lab - Kaspersky Password Manager.) -- C:\Program Files\Kaspersky Lab\Kaspersky Password Manager\stpass.exe
O4 - GS\Desktop [Public]: Kepard.lnk . (.Kepard - Kepard.) -- C:\Program Files\Kepard\Kepard.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: Opera.lnk . (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe
O4 - GS\Desktop [Public]: PowerISO.lnk . (.PowerISO Computing, Inc. - PowerISO.) -- C:\Program Files\PowerISO\PowerISO.exe
O4 - GS\Desktop [Public]: Rosetta Stone TOTALe.lnk . (.Rosetta Stone Ltd. - Rosetta Stone Ltd. application.) -- C:\Program Files\Rosetta Stone\Rosetta Stone TOTALe\RosettaStoneTOTALe.exe
O4 - GS\Desktop [Public]: Start BlueStacks.lnk . (.BlueStack Systems, Inc. - BlueStacks StartLauncher.) -- C:\Program Files\BlueStacks\HD-StartLauncher.exe
O4 - GS\Desktop [Public]: USB Disk Security.lnk . (.Zbshareware Lab - USB Disk Security.) -- C:\Program Files\USB Disk Security\USBGuard.exe
O4 - GS\Program [Public]: Desktop.lnk - Clé orpheline
O4 - GS\Program [Public]: HD VDeck.lnk . (.VIA - VIA HD Audio CPL.) -- C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Opera.lnk . (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe
O4 - GS\QuickLaunch [Amine]: Kepard.lnk . (.Kepard - Kepard.) -- C:\Program Files\Kepard\Kepard.exe
O4 - GS\QuickLaunch [Amine]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [Amine]: Paltalk Messenger.lnk . (.AVM Software Inc. - Paltalk Messenger.) -- C:\Program Files\Paltalk Messenger\paltalk.exe
O4 - GS\QuickLaunch [Amine]: QQPlayer.lnk . (...) -- C:\Program Files\Tencent\QQPlayer\QQPlayer.exe (.not file.) =>Adware.TencentAddressBar
O4 - GS\QuickLaunch [Amine]: Upgrade to Paltalk Extreme.lnk - Clé orpheline
O4 - GS\QuickLaunch [Amine]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Amine\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\TaskBar [Amine]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Amine]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [Amine]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Amine]: Auslogics DiskDefrag.lnk . (.Auslogics - Disk Defrag.) -- C:\Program Files\Auslogics\DiskDefrag\DiskDefrag.exe
O4 - GS\Desktop [Amine]: DllSuite.lnk . (...) -- C:\Program Files\DLLSuite\2014\DLLSuite.exe
O4 - GS\Desktop [Amine]: File Repair.lnk . (.Repair File - universal file repair utility.) -- C:\Program Files\Repair File\File Repair\file-repair.exe
O4 - GS\Desktop [Amine]: FileSearchy Pro.lnk . (...) -- C:\Program Files\FileSearchy Pro\FileSearchyPro.exe
O4 - GS\Desktop [Amine]: Paltalk Messenger.lnk . (.AVM Software Inc. - Paltalk Messenger.) -- C:\Program Files\Paltalk Messenger\paltalk.exe
O4 - GS\Desktop [Amine]: QQPlayer.lnk . (...) -- C:\Program Files\Tencent\QQPlayer\QQPlayer.exe (.not file.) =>Adware.TencentAddressBar
O4 - GS\Desktop [Amine]: Your Unin-staller!.lnk . (.URSoft,Inc - Your Uninstaller! - New way to uninstall pr.) -- C:\Program Files\Your Uninstaller! 7\urmain.exe
~ Global Startup: 71 Legitimates Filtered in 00mn 03s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Run: [USB Security] . (.Zbshareware Lab - USB Disk Security.) -- C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [Kepard] . (.Kepard - Kepard.) -- C:\Program Files\Kepard\Kepard.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] . (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] . (.PowerISO Computing, Inc. - PowerISO Virtual Drive Manager.) -- C:\Program Files\PowerISO\PWRISOVM.exe
O4 - HKCU\..\Run: [f.lux] . (.Flux Software LLC - f.lux.) -- C:\Users\Amine\AppData\Local\FluxSoftware\Flux\flux.exe
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe
O4 - HKCU\..\Run: [pdiface] C:\Program Files\Bitdefender\60-Second Virus Scanner\pdiface.exe (.not file.)
O4 - HKUS\S-1-5-21-3558377350-1154284899-3988369031-1001\..\Run: [f.lux] . (.Flux Software LLC - f.lux.) -- C:\Users\Amine\AppData\Local\FluxSoftware\Flux\flux.exe
O4 - HKUS\S-1-5-21-3558377350-1154284899-3988369031-1001\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-21-3558377350-1154284899-3988369031-1001\..\Run: [pdiface] C:\Program Files\Bitdefender\60-Second Virus Scanner\pdiface.exe (.not file.)
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Cliquer pour appeler Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Office\Office15\lync.exe
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} . (.AVM Software Inc. - Paltalk Messenger.) -- C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office15\ONBTTN~1.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] http.hola.org
~ IE Zone Confiance: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{7B9CC3B1-0A60-4878-8AFF-FB4E304AA0E6}: DhcpNameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{F70C658D-D308-4FC4-B698-C8F109262BC2}: DhcpNameServer = 192.168.1.1 0.0.0.0
O17 - HKLM\System\CS1\Services\Tcpip\..\{7B9CC3B1-0A60-4878-8AFF-FB4E304AA0E6}: DhcpNameServer = 8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{F70C658D-D308-4FC4-B698-C8F109262BC2}: DhcpNameServer = 192.168.1.1 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.0BD843EEF179B8F70CD62FA30E3DCDCB] [APT] [FileSearchyPro_SkipUAC] (...) -- C:\Program Files\FileSearchy Pro\FileSearchyPro.exe [363520]
[MD5.00000000000000000000000000000000] [APT] [iolo Process Governor] (...) -- C:\Program Files\iolo\System Mechanic\iologovernor.exe (.not file.) [0]
O39 - APT: - (..) -- C:\Windows\Tasks\Wise Turbo Checker.job [390]
~ Scheduled Task: 7 Legitimates Filtered in 00mn 05s



---\\ Logiciels installés (O42)
O42 - Logiciel: FileSearchy Pro - (.Midlinesoft.) [HKLM] -- FileSearchy Pro
~ Logic: 4 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\No Reply Games]
[HKLM\Software\Amigabit]
[HKLM\Software\IO3O]
~ Key Software: 190 Legitimates Filtered in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 09/04/2014 - 19:38:50 - [0] ----D C:\Program Files\BrowseMark =>PUP.BrowseMark
O43 - CFD: 16/04/2014 - 20:09:32 - [] ----D C:\Program Files\FileSearchy Pro
O43 - CFD: 19/04/2014 - 11:53:39 - [] ----D C:\Program Files\GB18030
O43 - CFD: 13/04/2014 - 21:18:13 - [] ----D C:\Program Files\Portable
O43 - CFD: 10/04/2014 - 18:34:34 - [] ----D C:\Program Files\Repair File
O43 - CFD: 01/04/2014 - 16:19:52 - [] ----D C:\Program Files\RosettaStoneLtdServices
O43 - CFD: 08/04/2014 - 19:51:10 - [0] ----D C:\ProgramData\Amigabit
O43 - CFD: 09/04/2014 - 07:29:58 - [0] ----D C:\ProgramData\ioloGovernor
O43 - CFD: 01/04/2014 - 16:19:51 - [] ----D C:\ProgramData\RosettaStoneLtdServices
O43 - CFD: 08/04/2014 - 20:05:13 - [] ----D C:\Users\Amine\AppData\Roaming\ioloGovernor
O43 - CFD: 14/04/2014 - 17:10:45 - [0] ----D C:\Users\Amine\AppData\Roaming\Popcorn Time
O43 - CFD: 16/04/2014 - 20:09:57 - [] ----D C:\Users\Amine\AppData\Local\FileSearchy Pro
O43 - CFD: 14/04/2014 - 17:10:06 - [] ----D C:\Users\Amine\AppData\Local\Popcorn-Time
O43 - CFD: 16/04/2014 - 20:09:05 - [] ----D C:\Users\Amine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileSearchy Pro
~ Program Folder: 183 Legitimates Filtered in 00mn 01s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.D6E8B83F8FA70FEF7D49F6316041D6B2] - 10/04/2014 - 20:39:03 ---A- . (.Hola Networks Ltd. - Hola Network Monitor Driver.) -- C:\Windows\System32\Drivers\hola_mon_drv.sys [73368]
O44 - LFC:[MD5.30475F091008E24550523515A023270D] - 14/04/2014 - 19:27:40 ---A- . (...) -- C:\Windows\System32\autoexec.nt [1688]
O44 - LFC:[MD5.81051BCC2CF1BEDF378224B0A93E2877] - 14/04/2014 - 19:27:40 RSHA- . (...) -- C:\Windows\winstart.bat [2]
O44 - LFC:[MD5.EE0DF911EA295B3A2A199EFD10C11393] - 18/04/2014 - 11:25:26 ---A- . (...) -- C:\Windows\QQPlayer.INI [30]
O44 - LFC:[MD5.DAA6AAD525D12F8985695B882301336F] - 19/04/2014 - 21:52:32 ---A- . (...) -- C:\Windows\win.ini [167]
~ Files: 46 Legitimates Filtered in 00mn 23s



---\\ Déni du service (Local Security Authority) (O48)
~ LSA: 3 Legitimates Filtered in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\hitmanpro37.sys . (...) -- C:\Windows\System32\Drivers\hitmanpro37.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\hitmanpro37.sys . (...) -- C:\Windows\System32\Drivers\hitmanpro37.sys (.not file.)
~ CSB: 20 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
~ MWPE Keys: 2 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.84B4C00AE8CDFC52CF68F322D821F34C] - 01/04/2014 - 14:26:29 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [49944]
O58 - SDL:[MD5.680448905E27BBC6587ADB28597640D6] - 01/04/2014 - 14:26:29 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [180760]
O58 - SDL:[MD5.596DB7E4D0DB6AC32DF142C861001979] - 13/08/2013 - 00:25:32 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [16088]
O58 - SDL:[MD5.687AF6BB383885FF6A64071B189A7F3E] - 01/04/2014 - 16:41:41 ---A- . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\Drivers\dtsoftbus01.sys [242240]
O58 - SDL:[MD5.D6E8B83F8FA70FEF7D49F6316041D6B2] - 10/04/2014 - 20:39:03 ---A- . (.Hola Networks Ltd. - Hola Network Monitor Driver.) -- C:\Windows\System32\Drivers\hola_mon_drv.sys [73368]
O58 - SDL:[MD5.5854121C87EC74267A99A314B2262940] - 24/03/2014 - 21:07:54 ---A- . (.AnchorFree Inc. - Hotspot Shield Routing Driver.) -- C:\Windows\System32\Drivers\hssdrv6.sys [39624]
O58 - SDL:[MD5.203BB2691E7D0088A2C1F9C39C15A9B7] - 28/11/2013 - 01:24:18 ---A- . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\Drivers\idmwfp.sys [108000]
O58 - SDL:[MD5.20B2751CD4C8F3FD989739CA661B9F30] - 12/04/2010 - 09:44:34 ---A- . (.PowerISO Computing, Inc. - PowerISO Virtual Drive.) -- C:\Windows\System32\Drivers\scdemu.sys [59388]
O58 - SDL:[MD5.B4489EA5810BF73778CD8BDC305109CE] - 22/08/2013 - 06:32:57 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x86.) -- C:\Windows\System32\Drivers\stexstor.sys [26976]
O58 - SDL:[MD5.432D9D823C4C26B6070C41BAD4404CE4] - 22/08/2013 - 13:40:22 ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [35288]
O58 - SDL:[MD5.5756084F329E376AE6628AE4119EFA1D] - 24/03/2014 - 21:11:18 ---A- . (.Anchorfree Inc. - Anchorfree HSS VPN Adapter.) -- C:\Windows\System32\Drivers\taphss6.sys [37064]
~ Drivers: 17 Legitimates Filtered in 00mn 04s



---\\ Fichiers Alternate Data Stream (ADS) (O62)
O62 - ADS:Alternate Data Stream File - C:\Windows\System32\Dts2APO.dll:Zone.Identifier
O62 - ADS:Alternate Data Stream File - C:\Windows\System32\Dts2PropPageExt.dll:Zone.Identifier
O62 - ADS:Alternate Data Stream File - C:\Windows\System32\nQAPO.dll:Zone.Identifier
O62 - ADS:Alternate Data Stream File - C:\Windows\System32\nQPropPageExt.dll:Zone.Identifier
O62 - ADS:Alternate Data Stream File - C:\Windows\System32\ViaMicArrayAPO.dll:Zone.Identifier
O62 - ADS:Alternate Data Stream File - C:\Windows\System32\ViaMicArrayPropPageExt.dll:Zone.Identifier
O62 - ADS:Alternate Data Stream File - C:\Windows\System32\VIAPropPageExt.dll:Zone.Identifier
O62 - ADS:Alternate Data Stream File - C:\Windows\System32\VIASysFx.dll:Zone.Identifier
O62 - ADS:Alternate Data Stream File - C:\Windows\System32\VMAPO32.DLL:Zone.Identifier
O62 - ADS:Alternate Data Stream File - C:\Windows\System32\VMPPCN32.DLL:Zone.Identifier
O62 - ADS:Alternate Data Stream File - C:\Windows\System32\VMPPLD32.DLL:Zone.Identifier
O62 - ADS:Alternate Data Stream File - C:\Windows\System32\VMWRP32.DLL:Zone.Identifier
O62 - ADS:Alternate Data Stream File - C:\Windows\System32\Drivers\viahduaa.sys:Zone.Identifier
~ ADS: Scanned in 00mn 02s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\Launcher.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: prefs.js [Amine - ouknopn6.default] user_pref("weboftrust.search.ask.display", "Ask.com Web Search");
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.9967C98121CCF2AA4C67A10ECF39DB31] [SPRF][17/04/2014] (...) -- C:\ProgramData\1397736166.bdinstall.bin [50048]
[MD5.0CB00F4104E7E34EE7CFF825C4534D43] [SPRF][17/04/2014] (...) -- C:\ProgramData\1397736298.bdinstall.bin [18210]
[MD5.9557B89D7B47605CBE33E267C2E9FFB6] [SPRF][17/04/2014] (...) -- C:\ProgramData\1397736314.bdinstall.bin [18400]
[MD5.BA551900FA21905C68B53D2F1304B9AC] [SPRF][17/04/2014] (...) -- C:\ProgramData\1397736336.bdinstall.bin [33219]
[MD5.F1A6AF03EB869D81F116E3898165B0F4] [SPRF][17/04/2014] (...) -- C:\ProgramData\1397736408.bdinstall.bin [18231]
[MD5.04B47DEEB298AE90A0C42DEAED71F8BA] [SPRF][17/04/2014] (...) -- C:\Users\Amine\Desktop\adwcleaner_2.exe [1426178]
[MD5.452D4ECD57921D22CDF1254E482D5A68] [SPRF][01/03/2014] (.Geek Uninstaller Software - Geek Unіnstaller.) -- C:\Users\Amine\Desktop\geek.exe [2146816]
[MD5.8E3383A88D0DA242983F3A92FC6A3D6B] [SPRF][22/12/2012] (.Pas de propriétaire - Setup Application.) -- C:\Users\Amine\Desktop\Google Earth Pro 7.0.2.8415 Final Portable (registred).exe [54837641]
[MD5.240DDA08F6EE9290747D1A04A99D1CCA] [SPRF][17/04/2014] (...) -- C:\Users\Amine\Desktop\RogueKiller.exe [3972608]
[MD5.C235DAD901917606C4E96CCFDD6460AE] [SPRF][01/05/2009] (.Ldc - USB Show.) -- C:\Users\Amine\Desktop\USB Show.exe [116224]
[MD5.B3BF0FB371B61559F58C00841AF135C8] [SPRF][18/04/2014] (.BitTorrent Inc. - µTorrent.) -- C:\Users\Amine\Desktop\uTorrent.exe [1671248] =>P2P.BitTorrent
~ Files: 13 Legitimates Filtered in 00mn 01s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{A6835CF6-3BF8-4C8A-ABD1-675896766E8C}" | Out - None - P6 - TRUE | .(...) -- C:\Program Files\Rosetta Stone\Rosetta Stone TOTALe\Rosetta Stone TOTALe.exe
O87 - FAEL: "{C4102CC3-78E3-4D8F-B0BA-1800D92B6100}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\BitComet\BitComet.exe (.not file.) =>P2P.BitComet
O87 - FAEL: "{A3CCCD10-DBD7-4AFD-88A7-4C8EC82E0B2D}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\BitComet\BitComet.exe (.not file.) =>P2P.BitComet
O87 - FAEL: "TCP Query User{62F5C93E-C13C-418D-990D-B3521656E90A}C:\users\amine\appdata\local\akamai\netsession_win.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\amine\appdata\local\akamai\netsession_win.exe (.not file.)
O87 - FAEL: "UDP Query User{9119FAA3-F683-48CC-916C-C4261A561223}C:\users\amine\appdata\local\akamai\netsession_win.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\amine\appdata\local\akamai\netsession_win.exe (.not file.)
O87 - FAEL: "{1FD3D187-142E-4779-87D0-11CC42A97BF3}" |In - Private - P6 - TRUE | .(...) -- C:\Users\Amine\Downloads\KMSpico.v9.0.6.20131120-alaa4alwafi\KMSpico.v9.0.6.20131120-heldigard\KMSpico Portable\AutoPico.exe (.not file.) =>PUP.KMSpico
O87 - FAEL: "{77B95569-1FDD-43B4-B9AD-07D19CB7F7C8}" |In - Private - P17 - TRUE | .(...) -- C:\Users\Amine\Downloads\KMSpico.v9.0.6.20131120-alaa4alwafi\KMSpico.v9.0.6.20131120-heldigard\KMSpico Portable\AutoPico.exe (.not file.) =>PUP.KMSpico
O87 - FAEL: "{8B9F98BD-2D17-4D3E-9FE4-71DED59C6E62}" |In - Public - P6 - TRUE | .(...) -- C:\Users\Amine\Downloads\KMSpico.v9.0.6.20131120-alaa4alwafi\KMSpico.v9.0.6.20131120-heldigard\KMSpico Portable\KMSServer.exe (.not file.) =>PUP.KMSpico
O87 - FAEL: "{A1A519FB-8A15-4503-B9F4-7C98ECD9E60C}" |In - Public - P17 - TRUE | .(...) -- C:\Users\Amine\Downloads\KMSpico.v9.0.6.20131120-alaa4alwafi\KMSpico.v9.0.6.20131120-heldigard\KMSpico Portable\KMSServer.exe (.not file.) =>PUP.KMSpico
O87 - FAEL: "{10434DC6-9420-45C6-A0A4-0F7636045125}" |In - Public - P6 - TRUE | .(...) -- C:\Users\Amine\Downloads\KMSpico.v9.0.6.20131120-alaa4alwafi\KMSpico.v9.0.6.20131120-heldigard\KMSpico Portable\AutoPico.exe (.not file.) =>PUP.KMSpico
O87 - FAEL: "{160DBE48-C764-436F-96B4-4DF63565CC77}" |In - Public - P17 - TRUE | .(...) -- C:\Users\Amine\Downloads\KMSpico.v9.0.6.20131120-alaa4alwafi\KMSpico.v9.0.6.20131120-heldigard\KMSpico Portable\AutoPico.exe (.not file.) =>PUP.KMSpico
O87 - FAEL: "{B373191E-4781-4749-AD3F-A94CE9CD29C1}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\KMSpico\KMSELDI.exe (.not file.) =>PUP.KMSpico
O87 - FAEL: "{574BC803-ABCD-49FC-B503-91AC46DF6CF4}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\KMSpico\KMSELDI.exe (.not file.) =>PUP.KMSpico
~ Firewall: 261 Legitimates Filtered in 00mn 02s



---\\ Enumère les données de la clé NameSpace (MNS) (O92)
O92 - MNS: - {1CF1260C-4DD0-4ebb-811F-33C572699FDE}
O92 - MNS: - {374DE290-123F-4565-9164-39C4925E467B}
O92 - MNS: - {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}
O92 - MNS: - {A0953C92-50DC-43bf-BE83-3742FED03C9C}
O92 - MNS: - {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}
O92 - MNS: - {B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
~ MNS: 6 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.672314463DF2EB4DF20CFFEB08006BD6] [WIS][03/05/2012] (.Novell, Inc. - Gtk# for .Net 2.12.10.) -- C:\Windows\Installer\2046076.msi [16502272]
[MD5.672314463DF2EB4DF20CFFEB08006BD6] [WIS][03/05/2012] (.Novell, Inc. - Gtk# for .Net 2.12.10.) -- C:\Windows\Installer\204607c.msi [16502272]
~ WIS: 38 Legitimates Filtered in 00mn 05s



---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Microsoft\Tracing\BrowseMark_RASAPI32 =>PUP.BrowseMark
HKLM\SOFTWARE\Microsoft\Tracing\BrowseMark_RASMANCS =>PUP.BrowseMark
HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseMark_RASAPI32 =>PUP.BrowseMark
HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseMark_RASMANCS =>PUP.BrowseMark
~ BTK: 63 Legitimates Filtered in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Disabled 16/08/2012 397176 | (BstHdAndroidSvc) . (.BlueStack Systems, Inc..) - C:\Program Files\BlueStacks\HD-Service.exe
SS - | Disabled 16/08/2012 384888 | (BstHdLogRotatorSvc) . (.BlueStack Systems, Inc..) - C:\Program Files\BlueStacks\HD-LogRotatorService.exe
SS - | Disabled 24/08/2009 406016 | (DfSdkS) . (.mst software GmbH, Germany.) - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 11\DfsdkS.exe
SS - | Disabled 01/04/2014 1045256 | (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Disabled 15/03/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Disabled 31/03/2011 1646056 | (RosettaStoneDaemon) . (.Rosetta Stone Ltd..) - C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe
SS - | Disabled 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe

SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 01/04/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 01/04/2014 109048 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Auto 03/04/2014 1809720 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
SR - | Auto 03/04/2014 857912 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
SR - | Demand 31/10/2013 22224 | (WinDefend) . (.Microsoft Corporation.) - C:\Program Files\Windows Defender\MsMpEng.exe
SR - | Auto 22/08/2013 31552 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 12s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net

~ MBR: 1 Legitimates Filtered in 00mn 02s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Amine at 20/04/2014 00:10:14

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin

~ MBR: Scanned in 00mn 04s



---\\ Scan Additionnel (O88)
Database Version : 13044 - (19/04/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 1

C:\Program Files\BrowseMark =>PUP.BrowseMark^
C:\Users\Amine\Desktop\uTorrent.exe =>P2P.BitTorrent^
~ Additionnel Scan: 298375 Items scanned in 00mn 56s



---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.webs.com/apps/blog/show/27668065-adware-tencentaddressbar =>Adware.TencentAddressBar
http://nicolascoolman.webs.com/apps/blog/show/42099886-pup-browsemark =>PUP.BrowseMark
http://nicolascoolman.webs.com/apps/blog/show/29633319-pup-kmspico =>PUP.KMSpico
~ MSI: 3 link(s) detected in 00mn 00s



~ 931 Legitimates filtered by white list
End of the scan (520 lines in 04mn 14s)(0)

Publicité


Signaler le contenu de ce document

Publicité