Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ Rapport de ZHPDiag v2014.4.9.16 - Nicolas Coolman (2014-04-09)
~ Lancé par ASUS (2014-09-10 20:01:07)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17239 (Defaut)
GCIE: Google Chrome v27.0.1453.47
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Professional, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, RETAIL channel
Windows ID Activation : OK
~ Windows Partial Key : WTK6C
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
AVG 2014 v14.0.4765
Trusteer Sécurité des points d'accès v3.5.1403.67
Malwarebytes' Anti-Malware
Malwarebytes Anti-Malware version 2.0.2.1012
Microsoft Security Client v4.5.0216.0
Windows Defender W7
---\\ Logiciels d'optimisation du système
CCleaner v3.00 =>.Piriform Ltd
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 14 ActiveX
Adobe Reader XI
Java 7 Update 67
---\\ Informations sur le système
~ Processor: x86 Family 21 Model 16 Stepping 1, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2264 MB (56% free)
System Restore: Activé (Enable)
System drive C: has 879 GB (94%) free of 931 GB
---\\ Mode de connexion au système
~ Computer Name: BERNARD-PC
~ User Name: ASUS
~ All Users Names: ASUS, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\ASUS\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\ASUS\AppData\Roaming\
~ %Desktop% : C:\Users\ASUS\Desktop\
~ %Favorites% : C:\Users\ASUS\Favorites\
~ %LocalAppData% : C:\Users\ASUS\AppData\Local\
~ %StartMenu% : C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 879 Go of 931 Go)
D: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
~ Security Center: 50 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.2011-02-25 - 00:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.2009-07-13 - 20:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.B945BAA81B4805AD6BDDF4D026DCFB47] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.2014-07-25 - 05:05:23.) -- C:\Windows\System32\wininet.dll [1792512]
[MD5.998507B046BA314CE8245364C686FA67] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.2014-03-04 - 04:17:02.) -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.2010-11-20 - 16:29:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.D0B388DA1D111A34366E04EB4A5DD156] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.2014-05-30 - 01:36:07.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.2009-07-13 - 20:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.2009-07-13 - 18:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.2010-11-20 - 16:29:03.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.2010-11-20 - 16:29:07.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.2010-11-20 - 16:29:03.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.2009-07-13 - 18:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.2009-07-13 - 18:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.2011-04-26 - 21:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.2010-11-20 - 16:29:08.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.2014-01-23 - 21:18:22.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.2009-07-13 - 18:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.2009-07-13 - 18:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.2010-11-20 - 16:29:49.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.2009-07-13 - 18:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.2010-11-20 - 16:29:07.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.2010-11-20 - 16:29:03.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 01s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/2
~ Mes musiques (My Musics) : 1/7
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/36
~ Mes Documents (My Documents) : 1/26
~ Mon Bureau (My Desktop) : 1/40
~ Menu demarrer (Programs) : 1/113
~ Hidden Files: Scanned in 00mn 00s
---\\ Processus lancés
[MD5.361B0893A5C6741F347568A3232D2822] - (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files\AVG\AVG2014\avgui.exe [5188112] [PID.2064]
[MD5.1EDDD9562180D2F17385846B7F89490B] - (.IvoSoft - Classic Start Menu.) -- C:\Program Files\Classic Shell\ClassicStartMenu.exe [150208] [PID.2648]
[MD5.308F2EE28005510DE616409148CF077B] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896] [PID.2708]
[MD5.49FC05738158BC8B6C1957E9D2B55494] - (.IBM Corp. - RapportService.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe [2607384] [PID.2724]
[MD5.55B8916A4C1F21AEFC319351B4522023] - (.AVG - AVG PC TuneUp.) -- C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe [1920312] [PID.3356]
[MD5.F4651164AA1330735ADEA50AD0A326F2] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8208896] [PID.3244]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://www.google.fr
---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 1 Legitimates Filtered in 00mn 01s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js (.not file.)
~ Firefox Browser: 7 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://affaires.lapresse.ca
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = http://google.com
~ IE Browser: 15 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 2
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} . (.Adblock Plus - Adblock Plus Module.) -- C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
~ BHO: 16 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: DAP Bar - [HKLM]{62999427-33FC-4baf-9C9C-BCE6BD127F08} . (...) -- (.not file.)
O3 - Toolbar: Classic Explorer Bar - [HKLM]{553891B7-A0D5-4526-BE18-D3CE461D6310} . (.IvoSoft - Adds classic Windows Explorer features.) -- C:\Program Files\Classic Shell\ClassicExplorer32.dll
O3 - Toolbar: Bing Bar - [HKLM]{8dcb7100-df86-4384-8842-8fa844297b3f} . (.Microsoft Corporation. - Extensions du client Bing.) -- C:\Program Files\Microsoft\BingBar\7.1.362.0\BingExt.dll =>Toolbar.Bing
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: AudioWizard.lnk . (.Waves Audio Ltd. - Pas de description.) -- C:\Program Files\Realtek\Audio\HDA\MaxxAudioControl.exe
O4 - GS\Desktop [Public]: DriverUpdate.lnk . (...) -- C:\Windows\Installer\{65C92136-6AF0-4E70-88D2-D19E739CE285}\Icon.exe
O4 - GS\Desktop [Public]: Encore plus de jeux.lnk - Clé orpheline
O4 - GS\Desktop [Public]: Games.lnk . (...) -- C:\Program Files\bfgclient\bfgclient.exe
O4 - GS\Desktop [Public]: Jeux.lnk . (...) -- C:\Program Files\bfgclient\bfgclient.exe
O4 - GS\Desktop [Public]: Jouer à 10 Jours Sous Les Mers.lnk . (...) -- C:\Program Files\10 Jours Sous Les Mers\LaunchGame.bfg
O4 - GS\Desktop [Public]: Jouer à A Girl in the City.lnk . (...) -- C:\Program Files\A Girl in the City\LaunchGame.bfg
O4 - GS\Desktop [Public]: Jouer à Amazing Adventures Riddle of the Two Knights.lnk . (...) -- C:\Program Files\Amazing Adventures Riddle of the Two Knights\LaunchGame.bfg
O4 - GS\Desktop [Public]: Jouer à Arcanika.lnk . (...) -- C:\Program Files\Arcanika\LaunchGame.bfg
O4 - GS\Desktop [Public]: Jouer à Big City Adventure - Paris.lnk . (...) -- C:\Program Files\Big City Adventure - Paris\LaunchGame.bfg
O4 - GS\Desktop [Public]: Jouer à Big City Adventure - Tokyo.lnk . (...) -- C:\Program Files\Big City Adventure - Tokyo\LaunchGame.bfg
O4 - GS\Desktop [Public]: Jouer à Call of Atlantis.lnk . (...) -- C:\Program Files\Call of Atlantis\LaunchGame.bfg
O4 - GS\Desktop [Public]: Jouer à Gem Boy.lnk . (...) -- C:\Program Files\Gem Boy\LaunchGame.bfg
O4 - GS\Desktop [Public]: Jouer à Girls with Secrets.lnk . (...) -- C:\Program Files\Girls with Secrets\LaunchGame.bfg
O4 - GS\Desktop [Public]: Jouer à Hidden in Time - Miroir Miroir.lnk . (...) -- C:\Program Files\Hidden in Time - Miroir Miroir\LaunchGame.bfg
O4 - GS\Desktop [Public]: Jouer à Lost in Reefs 2.lnk . (...) -- C:\Program Files\Lost in Reefs 2\LaunchGame.bfg
O4 - GS\Desktop [Public]: Jouer à Margrave Manor 2 - Le Bateau Disparu.lnk . (...) -- C:\Program Files\Margrave Manor 2 - Le Bateau Disparu\LaunchGame.bfg
O4 - GS\Desktop [Public]: Jouer à Samantha Swift et la Main de Midas.lnk . (...) -- C:\Program Files\Samantha Swift et la Main de Midas\LaunchGame.bfg
O4 - GS\Desktop [Public]: Jouer à Summer SuperSports.lnk . (...) -- C:\Program Files\Summer SuperSports\LaunchGame.bfg
O4 - GS\Desktop [Public]: Jouer à The Path of Hercules.lnk . (...) -- C:\Program Files\The Path of Hercules\LaunchGame.bfg
O4 - GS\Desktop [Public]: Jouer à The Rise of Atlantis.lnk . (...) -- C:\Program Files\The Rise of Atlantis\LaunchGame.bfg
O4 - GS\Desktop [Public]: More Great Games.lnk - Clé orpheline
O4 - GS\Desktop [Public]: Play A Pirate's Legend.lnk . (...) -- C:\Program Files\A Pirate's Legend\LaunchGame.bfg
O4 - GS\Desktop [Public]: Play Artifacts of Eternity.lnk . (...) -- C:\Program Files\Artifacts of Eternity\LaunchGame.bfg
O4 - GS\Desktop [Public]: Play Big City Adventure - Rio de Janeiro.lnk . (...) -- C:\Program Files\Big City Adventure - Rio de Janeiro\LaunchGame.bfg
O4 - GS\Desktop [Public]: Play BVS Solitaire Collection.lnk . (...) -- C:\Program Files\BVS Solitaire Collection\LaunchGame.bfg
O4 - GS\Desktop [Public]: Play Call of Atlantis - Treasures of Poseidon.lnk . (...) -- C:\Program Files\Call of Atlantis - Treasures of Poseidon\LaunchGame.bfg
O4 - GS\Desktop [Public]: Play Call of the Ages.lnk . (...) -- C:\Program Files\Call of the Ages\LaunchGame.bfg
O4 - GS\Desktop [Public]: Play Imperial Island 2 - The Search for New Land.lnk . (...) -- C:\Program Files\Imperial Island 2 - The Search for New Land\LaunchGame.bfg
O4 - GS\Desktop [Public]: Play Vegas Penny Slots.lnk . (...) -- C:\Program Files\Vegas Penny Slots\LaunchGame.bfg
O4 - GS\Desktop [Public]: Registry Repair.lnk . (.Glarysoft Ltd - Glarysoft RegistryCleaner.) -- C:\Program Files\Glarysoft\Registry Repair 5\RegistryCleaner.exe
O4 - GS\Desktop [Public]: Speccy.lnk . (.Piriform Ltd - Speccy.) -- C:\Program Files\Speccy\Speccy.exe
O4 - GS\Program [Public]: AudioWizard.lnk . (.Waves Audio Ltd. - Pas de description.) -- C:\Program Files\Realtek\Audio\HDA\MaxxAudioControl.exe
O4 - GS\Program [Public]: Linksys Connect.lnk . (.Belkin International, Inc. - Linksys Software.) -- C:\Program Files\Linksys\Linksys Connect\Linksys Connect.exe
O4 - GS\Program [Public]: More Great Games.lnk - Clé orpheline
O4 - GS\Program [Public]: Registry Repair.lnk . (.Glarysoft Ltd - Glarysoft RegistryCleaner.) -- C:\Program Files\Glarysoft\Registry Repair 5\RegistryCleaner.exe
O4 - GS\QuickLaunch [ASUS]: Alien Shooter.lnk . (.Sigma Team - AlienShooter Application.) -- C:\Program Files\Sigma Team\Alien Shooter\AlienShooter.exe
O4 - GS\QuickLaunch [ASUS]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\ASUS\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [ASUS]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [ASUS]: Mortimer Beckett and the Secrets of Spooky Manor.lnk . (...) -- C:\Program Files\MyPlayCity.com\Mortimer Beckett and the Secrets of Spooky Manor\Mortimer Beckett and the Secrets of Spooky Manor.exe
O4 - GS\QuickLaunch [ASUS]: Mortimer Beckett And The Time Paradox.lnk . (...) -- C:\Program Files\MyPlayCity.com\Mortimer Beckett And The Time Paradox\Mortimer Beckett And The Time Paradox.exe
O4 - GS\QuickLaunch [ASUS]: Pearl Harbor - Fire on the Water.lnk . (...) -- C:\Program Files\MyPlayCity.com\Pearl Harbor - Fire on the Water\Pearl Harbor - Fire on the Water.exe
O4 - GS\QuickLaunch [ASUS]: Pirate's Solitaire.lnk . (...) -- C:\Program Files\MyPlayCity.com\Pirate's Solitaire\Pirate's Solitaire.exe
O4 - GS\QuickLaunch [ASUS]: Robin's Island Adventure.lnk . (...) -- C:\Program Files\MyPlayCity.com\Robin's Island Adventure\Robin's Island Adventure.exe
O4 - GS\QuickLaunch [ASUS]: Superbike Racers.lnk . (...) -- C:\Program Files\GamesGoFree.com\Superbike Racers\Superbike Racers.exe
O4 - GS\TaskBar [ASUS]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [ASUS]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [ASUS]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SendTo [ASUS]: Unlocker.lnk . (...) -- C:\Program Files\Unlocker\Unlocker.exe
O4 - GS\Desktop [ASUS]: Alien Shooter.lnk . (.Sigma Team - AlienShooter Application.) -- C:\Program Files\Sigma Team\Alien Shooter\AlienShooter.exe
O4 - GS\Desktop [ASUS]: Auslogics DiskDefrag.lnk . (.Auslogics - Disk Defrag.) -- C:\Program Files\Auslogics\DiskDefrag\DiskDefrag.exe
O4 - GS\Desktop [ASUS]: BigCityAdventureNY (2).exe - Raccourci.lnk . (.Jolly Bear Games - Big City Adventure: New York City.) -- C:\Program Files\Big City Adventure - New York City\BigCityAdventureNY (2).exe
O4 - GS\Desktop [ASUS]: bigcityadventuresydney.exe - Raccourci.lnk . (.Jolly Bear Games - Big City Adventure: Sydney.) -- C:\Program Files\Big City Adventure - Sydney Australia\bigcityadventuresydney.exe
O4 - GS\Desktop [ASUS]: BigCityAdventureVan.exe - Raccourci.lnk . (.Jolly Bear Games - Big City Adventure: Vancouver.) -- C:\Program Files\Big City Adventure - Vancouver\BigCityAdventureVan.exe
O4 - GS\Desktop [ASUS]: Crazy Browser.lnk . (.www.CrazyBrowser.com - Crazy Browser.) -- C:\Program Files\Crazy Browser\Crazy Browser.exe
O4 - GS\Desktop [ASUS]: EchoLink.lnk . (.Synergenics, LLC - EchoLink.) -- C:\Program Files\K1RFD\EchoLink\EchoLink.exe
O4 - GS\Desktop [ASUS]: engine.exe - Raccourci.lnk . (...) -- C:\Program Files\MyPlayCity.com\Robin's Island Adventure\engine.exe
O4 - GS\Desktop [ASUS]: FileKiddo Download Manager.lnk . (.FreeDownloadManager.ORG - FileKiddo Download Manager.) -- C:\Program Files\FileKiddo Download Manager\fdm.exe
O4 - GS\Desktop [ASUS]: game.exe - Raccourci.lnk . (...) -- C:\Program Files\MyPlayCity.com\Pearl Harbor - Fire on the Water\game.exe
O4 - GS\Desktop [ASUS]: GamesGoFree Games.lnk . (...) -- C:\Program Files\GamesGoFree.com\Superbike Racers\gamesgofree.url
O4 - GS\Desktop [ASUS]: gotchacelebritysecrets.exe - Raccourci.lnk . (...) -- C:\Program Files\Gotcha - Celebrity Secrets\gotchacelebritysecrets.exe
O4 - GS\Desktop [ASUS]: Highway Pursuit.lnk . (.adamdawes.com/Retrospec - Highway Pursuit.) -- C:\Program Files\HighwayPursuit\HighwayPursuit.exe
O4 - GS\Desktop [ASUS]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [ASUS]: LostInReefs.exe - Raccourci.lnk . (.Rumbic Studio - Lost In Reefs.) -- C:\Program Files\Lost in Reefs\LostInReefs.exe
O4 - GS\Desktop [ASUS]: Margrave Manor 2 (2).exe - Raccourci.lnk . (.Inertia Software - Margrave Manor 2.exe.) -- C:\Program Files\Margrave Manor 2 - The Lost Ship\Margrave Manor 2 (2).exe
O4 - GS\Desktop [ASUS]: maxjongg.exe - Raccourci.lnk . (...) -- C:\Program Files\MaxJongg\maxjongg.exe
O4 - GS\Desktop [ASUS]: mirror mysteries.exe - Raccourci (2).lnk . (...) -- C:\Program Files\The Mirror Mysteries\mirror mysteries.exe
O4 - GS\Desktop [ASUS]: Mortimer Beckett and the Secrets of Spooky Manor.lnk . (...) -- C:\Program Files\MyPlayCity.com\Mortimer Beckett and the Secrets of Spooky Manor\Mortimer Beckett and the Secrets of Spooky Manor.exe
O4 - GS\Desktop [ASUS]: Mortimer Beckett And The Time Paradox.lnk . (...) -- C:\Program Files\MyPlayCity.com\Mortimer Beckett And The Time Paradox\Mortimer Beckett And The Time Paradox.exe
O4 - GS\Desktop [ASUS]: MysteryPILosAngeles (2).exe - Raccourci.lnk . (.SpinTop Games - Mystery P.I. - Lost in LA.) -- C:\Program Files\Mystery P.I. - Lost in Los Angeles\MysteryPILosAngeles (2).exe
O4 - GS\Desktop [ASUS]: MysteryPINewEngland (2).exe - Raccourci.lnk . (.SpinTop Games - Mystery P.I. - The Curious Case of Counterf.) -- C:\Program Files\Mystery P.I. - The Curious Case of Counterfeit Cove\MysteryPINewEngland (2).exe
O4 - GS\Desktop [ASUS]: Mystika2.exe - Raccourci.lnk . (.UnikGame - Mystika II.) -- C:\Program Files\Mystika 2 - Le Sanctuaire\Mystika2.exe
O4 - GS\Desktop [ASUS]: Pirate's Solitaire.lnk . (...) -- C:\Program Files\MyPlayCity.com\Pirate's Solitaire\Pirate's Solitaire.exe
O4 - GS\Desktop [ASUS]: RRBoston (2).exe - Raccourci.lnk . (...) -- C:\Program Files\Renovate & Relocate - Boston\RRBoston (2).exe
O4 - GS\Desktop [ASUS]: Samantha Swift and the Mystery from Atlantis.exe - Raccourci.lnk . (...) -- C:\Program Files\Samantha Swift - Mystery From Atlantis\Samantha Swift and the Mystery from Atlantis.exe
O4 - GS\Desktop [ASUS]: SlingoCasinoPak.exe - Raccourci.lnk . (.SLINGO, Inc. - SLINGO CASINO PAK.) -- C:\Program Files\Slingo Casino Pak\SlingoCasinoPak.exe
O4 - GS\Desktop [ASUS]: SlingoQuest.exe - Raccourci.lnk . (.Funkitron, Inc. - Slingo Quest.) -- C:\Program Files\Slingo Quest\SlingoQuest.exe
O4 - GS\Desktop [ASUS]: Superbike Racers.lnk . (...) -- C:\Program Files\GamesGoFree.com\Superbike Racers\Superbike Racers.exe
O4 - GS\Desktop [ASUS]: three_days.exe - Raccourci.lnk . (...) -- C:\Program Files\3 Days - Amulet Secret\three_days.exe
O4 - GS\Desktop [ASUS]: Titanic (2).exe - Raccourci ().lnk . (...) -- C:\Program Files\1912 - Titanic Mystery\Titanic (2).exe
~ Global Startup: 143 Legitimates Filtered in 00mn 25s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [AVG_UI] . (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files\AVG\AVG2014\avgui.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
O4 - HKLM\..\Run: [Classic Start Menu] . (.IvoSoft - Classic Start Menu.) -- C:\Program Files\Classic Shell\ClassicStartMenu.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Nero AG - NeroCheck.) -- C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKCU\..\Run: [Screenseven News] . (.Intenium - Tray Client.) -- C:\Program Files\OXXOGames\VIVAGPlayer\GameCenterNotifier.exe
O4 - HKCU\..\Run: [GUDelayStartup] . (.Glarysoft Ltd - Glary Utilities StartupManager.) -- C:\Program Files\Glary Utilities 5\StartupManager.exe
O4 - HKUS\S-1-5-21-1402159502-2150757134-1109879191-1000\..\Run: [Screenseven News] . (.Intenium - Tray Client.) -- C:\Program Files\OXXOGames\VIVAGPlayer\GameCenterNotifier.exe
O4 - HKUS\S-1-5-21-1402159502-2150757134-1109879191-1000\..\Run: [GUDelayStartup] . (.Glarysoft Ltd - Glary Utilities StartupManager.) -- C:\Program Files\Glary Utilities 5\StartupManager.exe
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Console Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -- Clé orpheline
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{C0D90873-FF00-45B4-BB0A-7621CE20D51C}: DhcpNameServer = 24.200.241.37 24.202.72.13 24.200.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{C0D90873-FF00-45B4-BB0A-7621CE20D51C}: DhcpNameServer = 24.200.241.37 24.202.72.13 24.200.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{C0D90873-FF00-45B4-BB0A-7621CE20D51C}: DhcpNameServer = 24.200.241.37 24.202.72.13 24.200.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.200.241.37 24.202.72.13 24.200.0.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Photo Gallery Album Download Protocol Handl.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll =>.Microsoft Corporation
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} . (.Advanced Micro Devices - MIME Video Detector for IE.) -- C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk * ) - File not found
O34 - HKLM BootExecute: (BootDefrag.exe) - File not found
~ BEX: 2 Legitimates Filtered in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
[MD5.AB4CDB10226BC2CD7CBB9066D1B6B056] [APT] [{15F4F86A-3B7B-4381-B2A1-E4D960E946A1}] (...) -- C:\Program Files\Mary Kay Andrews - The Fixer Upper\TheFixerUpper (2).exe [1794048]
[MD5.AB4CDB10226BC2CD7CBB9066D1B6B056] [APT] [{2BF8B51E-9D66-4190-8798-E0D832E82C78}] (...) -- C:\Program Files\Mary Kay Andrews - The Fixer Upper\TheFixerUpper (2).exe [1794048]
[MD5.AB4CDB10226BC2CD7CBB9066D1B6B056] [APT] [{5EB0C881-5898-456B-82D0-C99B5FB18BB2}] (...) -- C:\Program Files\Mary Kay Andrews - The Fixer Upper\TheFixerUpper (2).exe [1794048]
[MD5.BD97547DB555DAA1123E8FC3ABD68527] [APT] [{EB929B0B-B326-4DC3-A78B-AE4567202E3D}] (...) -- C:\Downloads\Software\Dr.FelixBigFishGames.exe [557920]
~ Scheduled Task: 22 Legitimates Filtered in 00mn 06s
---\\ Logiciels installés (O42)
O42 - Logiciel: 3 Days - Amulet Secret - (...) [HKLM] -- BFG-3 Days - Amulet Secret
O42 - Logiciel: A Girl in the City - (...) [HKLM] -- BFG-A Girl in the City
O42 - Logiciel: A Pirate's Legend - (...) [HKLM] -- BFG-A Pirate's Legend
O42 - Logiciel: Alien Shooter - (...) [HKLM] -- Alien Shooter
O42 - Logiciel: Alien Shooter v 1.2 - (.Sigma Team.) [HKLM] -- Alien Shooter_is1
O42 - Logiciel: Arcanika - (...) [HKLM] -- BFG-Arcanika
O42 - Logiciel: Artifacts of Eternity - (...) [HKLM] -- BFG-Artifacts of Eternity
O42 - Logiciel: Big City Adventure: New York City - (...) [HKLM] -- BFG-Big City Adventure - New York City
O42 - Logiciel: Big City Adventure: Paris - (...) [HKLM] -- BFG-Big City Adventure - Paris
O42 - Logiciel: Big City Adventure: Rio de Janeiro - (...) [HKLM] -- BFG-Big City Adventure - Rio de Janeiro
O42 - Logiciel: Big City Adventure: Sydney, Australia - (...) [HKLM] -- BFG-Big City Adventure - Sydney Australia
O42 - Logiciel: Big City Adventure: Tokyo - (...) [HKLM] -- BFG-Big City Adventure - Tokyo
O42 - Logiciel: Big City Adventure: Vancouver - (...) [HKLM] -- BFG-Big City Adventure - Vancouver
O42 - Logiciel: Call of the Ages - (...) [HKLM] -- BFG-Call of the Ages
O42 - Logiciel: EchoLink - (.Synergenics, LLC.) [HKLM] -- {DC33421C-0E1C-470A-BE37-7B7C82677812}
O42 - Logiciel: Gem Boy - (...) [HKLM] -- BFG-Gem Boy
O42 - Logiciel: Girls with Secrets - (...) [HKLM] -- BFG-Girls with Secrets
O42 - Logiciel: Gotcha: Celebrity Secrets - (...) [HKLM] -- BFG-Gotcha - Celebrity Secrets
O42 - Logiciel: Imperial Island 2: The Search for New Land - (...) [HKLM] -- BFG-Imperial Island 2 - The Search for New Land
O42 - Logiciel: Lost in Reefs - (...) [HKLM] -- BFG-Lost in Reefs
O42 - Logiciel: Lost in Reefs 2 - (...) [HKLM] -- BFG-Lost in Reefs 2
O42 - Logiciel: Mary Kay Andrews: The Fixer Upper - (...) [HKLM] -- BFG-Mary Kay Andrews - The Fixer Upper
O42 - Logiciel: MaxJongg - (...) [HKLM] -- BFG-MaxJongg
O42 - Logiciel: MaxJongg - (...) [HKLM] -- MaxJongg_is1
O42 - Logiciel: Mystika 2: Le Sanctuaire - (...) [HKLM] -- BFG-Mystika 2 - Le Sanctuaire
O42 - Logiciel: Renovate & Relocate: Boston - (...) [HKLM] -- BFG-Renovate & Relocate - Boston
O42 - Logiciel: Summer SuperSports - (...) [HKLM] -- BFG-Summer SuperSports
O42 - Logiciel: Superbike Racers - (.GamesGoFree.com.) [HKLM] -- Superbike Racers_is1
O42 - Logiciel: Vegas Penny Slots - (...) [HKLM] -- BFG-Vegas Penny Slots
~ Logic: 37 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ETeam]
[HKCU\Software\K1RFD]
[HKCU\Software\Ocean Range 3]
[HKCU\Software\OceanMedia]
[HKCU\Software\Perseus]
[HKCU\Software\Triangle Studios]
[HKLM\Software\ETeam]
[HKLM\Software\Filseclab]
[HKLM\Software\Gromada]
[HKLM\Software\SmartDNS]
~ Key Software: 348 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 2013-10-27 - 11:02:14 - [317,024] ----D C:\Program Files\3 Days - Amulet Secret
O43 - CFD: 2013-10-20 - 14:33:24 - [101,017] ----D C:\Program Files\A Girl in the City
O43 - CFD: 2013-11-24 - 14:55:34 - [23,374] ----D C:\Program Files\A Pirate's Legend
O43 - CFD: 2014-07-11 - 16:33:18 - [76,948] ----D C:\Program Files\Arcanika
O43 - CFD: 2014-07-15 - 20:46:46 - [125,470] ----D C:\Program Files\Artifacts of Eternity
O43 - CFD: 2013-10-14 - 14:54:49 - [54,015] ----D C:\Program Files\Big City Adventure - New York City
O43 - CFD: 2013-09-30 - 14:10:56 - [61,931] ----D C:\Program Files\Big City Adventure - Paris
O43 - CFD: 2014-07-27 - 17:17:16 - [70,246] ----D C:\Program Files\Big City Adventure - Rio de Janeiro
O43 - CFD: 2013-12-01 - 16:44:29 - [35,099] ----D C:\Program Files\Big City Adventure - Sydney Australia
O43 - CFD: 2013-09-30 - 14:09:30 - [69,856] ----D C:\Program Files\Big City Adventure - Tokyo
O43 - CFD: 2014-07-28 - 14:34:18 - [60,334] ----D C:\Program Files\Big City Adventure - Vancouver
O43 - CFD: 2014-03-16 - 15:33:52 - [205,764] ----D C:\Program Files\Call of the Ages
O43 - CFD: 2014-03-28 - 13:17:07 - [33,962] ----D C:\Program Files\DriverUpdate
O43 - CFD: 2014-07-07 - 16:42:25 - [9,171] ----D C:\Program Files\Free FreeCell Solitaire
O43 - CFD: 2013-10-23 - 14:05:37 - [103,241] ----D C:\Program Files\GamesGoFree.com
O43 - CFD: 2013-09-30 - 14:07:43 - [26,504] ----D C:\Program Files\Gem Boy
O43 - CFD: 2013-09-30 - 14:06:51 - [141,687] ----D C:\Program Files\Girls with Secrets
O43 - CFD: 2013-10-11 - 15:07:55 - [161,277] ----D C:\Program Files\Gotcha - Celebrity Secrets
O43 - CFD: 2014-09-06 - 14:54:40 - [190,872] ----D C:\Program Files\Imperial Island 2 - The Search for New Land
O43 - CFD: 2014-01-22 - 12:35:20 - [3,093] ----D C:\Program Files\K1RFD
O43 - CFD: 2013-11-17 - 15:19:09 - [42,071] ----D C:\Program Files\Lost in Reefs
O43 - CFD: 2013-11-17 - 15:25:31 - [76,490] ----D C:\Program Files\Lost in Reefs 2
O43 - CFD: 2013-10-15 - 14:37:16 - [104,811] ----D C:\Program Files\Mary Kay Andrews - The Fixer Upper
O43 - CFD: 2014-04-23 - 14:14:23 - [13,679] ----D C:\Program Files\MaxJongg
O43 - CFD: 2014-09-06 - 14:22:10 - [55,879] ----D C:\Program Files\Mystika 2 - Le Sanctuaire
O43 - CFD: 2013-10-14 - 14:24:32 - [166,117] ----D C:\Program Files\Renovate & Relocate - Boston
O43 - CFD: 2013-10-11 - 16:03:00 - [36,099] ----D C:\Program Files\Sigma Team
O43 - CFD: 2013-09-30 - 13:54:40 - [238,303] ----D C:\Program Files\Summer SuperSports
O43 - CFD: 2013-09-28 - 14:37:35 - [121,404] ----D C:\Program Files\Vegas Penny Slots
O43 - CFD: 2014-04-15 - 13:04:47 - [0,012] ----D C:\ProgramData\ClassicShell
O43 - CFD: 2014-05-13 - 11:21:38 - [7,138] ----D C:\ProgramData\Discovering Nature
O43 - CFD: 2014-05-11 - 11:41:24 - [5,107] ----D C:\ProgramData\Perseus
O43 - CFD: 2013-10-03 - 10:36:37 - [0] ----D C:\ProgramData\SpeedBit
O43 - CFD: 2014-07-12 - 14:45:15 - [0,181] ----D C:\Users\ASUS\AppData\Roaming\Arcanika
O43 - CFD: 2014-09-10 - 17:34:46 - [2,629] ----D C:\Users\ASUS\AppData\Roaming\ClassicShell
O43 - CFD: 2014-07-25 - 14:43:38 - [75,580] ----D C:\Users\ASUS\AppData\Roaming\DarkManor
O43 - CFD: 2013-11-18 - 17:08:46 - [0,069] ----D C:\Users\ASUS\AppData\Roaming\GirlsWithSecrets
O43 - CFD: 2014-07-30 - 14:40:50 - [0,001] ----D C:\Users\ASUS\AppData\Roaming\Juliette's Fashion Empire
O43 - CFD: 2014-07-20 - 14:04:49 - [0,001] ----D C:\Users\ASUS\AppData\Roaming\Laruaville
O43 - CFD: 2014-06-29 - 14:43:07 - [0] ----D C:\Users\ASUS\AppData\Roaming\library_dir
O43 - CFD: 2014-05-04 - 13:41:09 - [0,444] ----D C:\Users\ASUS\AppData\Roaming\MP3Rocket
O43 - CFD: 2013-10-23 - 16:31:08 - [0] ----D C:\Users\ASUS\AppData\Roaming\Tape_Worm
O43 - CFD: 2014-07-20 - 13:16:29 - [0,027] ----D C:\Users\ASUS\AppData\Roaming\ToyDefenseFantasy
O43 - CFD: 2014-05-06 - 13:50:34 - [0] -SH-D C:\Users\ASUS\AppData\Local\EmieSiteList
O43 - CFD: 2014-05-06 - 13:50:34 - [0] -SH-D C:\Users\ASUS\AppData\Local\EmieUserList
O43 - CFD: 2013-09-27 - 14:47:00 - [0] R---D C:\Users\ASUS\AppData\Local\Nouveau porte-documents
O43 - CFD: 2013-10-27 - 11:00:30 - [0,003] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3 Days - Amulet Secret
O43 - CFD: 2013-10-20 - 13:43:54 - [0,003] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\A Girl in the City
O43 - CFD: 2014-07-11 - 16:31:27 - [0,003] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Arcanika
O43 - CFD: 2014-07-15 - 20:46:13 - [0,003] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Artifacts of Eternity
O43 - CFD: 2013-10-06 - 13:02:45 - [0,004] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Big City Adventure - New York City
O43 - CFD: 2013-09-30 - 14:10:35 - [0,003] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Big City Adventure - Paris
O43 - CFD: 2014-07-27 - 17:16:58 - [0,004] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Big City Adventure - Rio de Janeiro
O43 - CFD: 2013-09-30 - 14:09:09 - [0,003] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Big City Adventure - Tokyo
O43 - CFD: 2014-07-28 - 14:33:48 - [0,003] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Big City Adventure - Vancouver
O43 - CFD: 2014-03-16 - 15:32:34 - [0,003] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Call of the Ages
O43 - CFD: 2014-01-22 - 12:35:22 - [0,009] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EchoLink
O43 - CFD: 2013-09-30 - 14:07:32 - [0,003] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gem Boy
O43 - CFD: 2013-09-30 - 14:02:05 - [0,003] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Girls with Secrets
O43 - CFD: 2013-10-11 - 15:00:16 - [0,003] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gotcha - Celebrity Secrets
O43 - CFD: 2014-09-06 - 14:54:03 - [0,004] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperial Island 2 - The Search for New Land
O43 - CFD: 2013-09-30 - 13:56:46 - [0,003] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lost in Reefs 2
O43 - CFD: 2013-10-15 - 14:33:28 - [0,004] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mary Kay Andrews - The Fixer Upper
O43 - CFD: 2014-09-06 - 14:21:44 - [0,003] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mystika 2 - Le Sanctuaire
O43 - CFD: 2013-10-14 - 14:21:56 - [0,003] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Renovate & Relocate - Boston
O43 - CFD: 2013-09-30 - 13:54:13 - [0,003] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Summer SuperSports
O43 - CFD: 2013-09-28 - 14:37:04 - [0,003] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vegas Penny Slots
~ Program Folder: 352 Legitimates Filtered in 00mn 52s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.72C72A89F7EF664DBAC2A430E8BE1335] - 2014-09-06 - 11:22:39 ---A- . (...) -- C:\Windows\ntbtlog.txt [350568]
O44 - LFC:[MD5.FCD6BCB56C1689FCEF28B57C22475BAD] - 2014-09-10 - 16:35:10 ---A- . (...) -- C:\Windows\System32\spu_storage.bin [65536]
~ Files: 15 Legitimates Filtered in 00mn 08s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 2009-07-13 - 20:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 2009-07-13 - 17:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 2009-07-13 - 20:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:[MD5.6A3F24667A4E13851D7CA7B610015430] - 2014-07-08 - 14:57:20 ---A- . (...) -- C:\Windows\System32\Drivers\SWDUMon.sys [13464]
O58 - SDL:[MD5.BD45CEB3EBB6832AE7997FA29468ACE1] - 2014-07-10 - 18:50:02 ---A- . (...) -- C:\Windows\System32\Drivers\TrueSight.sys [29160]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 2009-07-13 - 16:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 2009-07-13 - 16:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 2009-07-13 - 16:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 2009-07-13 - 16:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 2009-07-13 - 16:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 2009-07-13 - 16:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 2009-07-13 - 16:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 2009-07-13 - 16:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 2009-07-13 - 16:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 2009-07-13 - 16:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 2009-07-13 - 16:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 2009-07-13 - 16:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 2009-07-13 - 16:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 2009-07-13 - 16:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 2009-07-13 - 16:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 19 Legitimates Filtered in 00mn 06s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Not Key.)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- c:\users\asus\appdata\local\google\chrome\application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- c:\program files\internet explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {0191A6B0-1154-4C22-9182-23A95BBE92D9} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} - (Yahoo! Search) - http://ca.search.yahoo.com
O69 - SBI: SearchScopes [HKUS\S-1-5-19] {0191A6B0-1154-4C22-9182-23A95BBE92D9} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKUS\S-1-5-20] {0191A6B0-1154-4C22-9182-23A95BBE92D9} - (Google) - http://www.google.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.3264FC05C2A51D34D14BAE0C9ADE43E4] [SPRF][2014-08-16] (.Pas de propriétaire - Adblock Plus for IE.) -- C:\Users\ASUS\Desktop\adblockplusie-1.1.exe [4741136]
~ Files: 3 Legitimates Filtered in 00mn 00s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "5923976166327F040A543A4EA21863E5" . (.Bing Bar.) -- C:\Windows\Installer\{16793295-2366-40F7-A045-A3E42A81365E}\icon_installer_ico =>Toolbar.Bing
O90 - PUC: "63129C560FA607E4882D1DE937C92E58" . (.DriverUpdate.) -- C:\Windows\Installer\{65C92136-6AF0-4E70-88D2-D19E739CE285}\Icon.exe
~ Update Products: 102 Legitimates Filtered in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.8B3BB443B8519A17F275D8149B6315F8] [WIS][2014-01-22] (.Synergenics, LLC - EchoLink.) -- C:\Windows\Installer\24516d.msi [2581504]
[MD5.4941092D70B5C9ABA6512AAAE7A1615A] [WIS][2013-10-25] (.AVG - AVG PC TuneUp 2014 (fr-FR).) -- C:\Windows\Installer\4eeb4f.msi [2560000]
[MD5.170504C5F7C959106404BBBA14843881] [WIS][2013-10-25] (.AVG - AVG PC TuneUp 2014.) -- C:\Windows\Installer\4eeb53.msi [34947072]
~ WIS: 106 Legitimates Filtered in 00mn 12s
---\\ Recherche de clés de registre CLSID (O101)
[HKCR\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}] (Bing Bar) =>Toolbar.Bing
[HKCR\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] (Bing Bar Helper) =>Toolbar.Bing
~ BCK: 6807 Legitimates Filtered in 00mn 06s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Disabled 2013-12-21 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 2014-08-13 262320 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Disabled 2013-09-07 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SS - | Auto 2012-02-13 193816 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\7.1.362.0\BBSvc.exe =>Toolbar.Bing
SS - | Disabled 2011-08-30 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Disabled 2013-09-17 553288 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Demand 2006-11-10 774144 | (NBService) . (.Nero AG.) - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
SS - | Disabled 2014-03-27 581568 | (ogmservice) . (.RealNetworks, Inc..) - C:\Program Files\Online Games Manager\ogmservice.exe
SS - | Disabled 2013-10-23 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Demand 2009-07-13 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 2014-04-17 208896 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 2014-04-17 276992 | (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
SR - | Auto 2014-08-25 3242000 | (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files\AVG\AVG2014\avgidsagent.exe
SR - | Auto 2014-08-25 289328 | (avgwd) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
SR - | Demand 2012-02-13 240408 | (BBUpdate) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\7.1.362.0\SeaPort.exe =>Toolbar.Bing
SR - | Auto 2014-03-11 22216 | (MsMpSvc) . (.Microsoft Corporation.) - c:\Program Files\Microsoft Security Client\MsMpEng.exe
SR - | Auto 2014-08-21 1919256 | (RapportMgmtService) . (.IBM Corp..) - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
SR - | Auto 2014-07-14 1858360 | (TuneUp.UtilitiesSvc) . (.AVG.) - C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
SR - | Auto 2009-07-13 20992 | C:\Windows\System32\uxtuneup.dll (UxTuneUp) . (.AVG.) - C:\Windows\System32\svchost.exe
SR - | Auto 2009-07-13 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 08s
---\\ Scan Additionnel (O88)
Database Version : 13044 - (2014-04-09)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 2
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{8dcb7100-df86-4384-8842-8fa844297b3f} =>Toolbar.Bing^
[HKCR\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}] (Bing Bar) =>Toolbar.Bing^
[HKCR\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] (Bing Bar Helper) =>Toolbar.Bing^
~ Additionnel Scan: 371050 Items scanned in 00mn 26s
---\\ Récapitulatif des détections trouvées sur votre station
~ MSI: 0 link(s) detected in 00mn 00s
~ 1579 Legitimates filtered by white list
End of the scan (612 lines in 03mn 24s)(0)
~ Lancé par ASUS (2014-09-10 20:01:07)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17239 (Defaut)
GCIE: Google Chrome v27.0.1453.47
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Professional, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, RETAIL channel
Windows ID Activation : OK
~ Windows Partial Key : WTK6C
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
AVG 2014 v14.0.4765
Trusteer Sécurité des points d'accès v3.5.1403.67
Malwarebytes' Anti-Malware
Malwarebytes Anti-Malware version 2.0.2.1012
Microsoft Security Client v4.5.0216.0
Windows Defender W7
---\\ Logiciels d'optimisation du système
CCleaner v3.00 =>.Piriform Ltd
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 14 ActiveX
Adobe Reader XI
Java 7 Update 67
---\\ Informations sur le système
~ Processor: x86 Family 21 Model 16 Stepping 1, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2264 MB (56% free)
System Restore: Activé (Enable)
System drive C: has 879 GB (94%) free of 931 GB
---\\ Mode de connexion au système
~ Computer Name: BERNARD-PC
~ User Name: ASUS
~ All Users Names: ASUS, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\ASUS\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\ASUS\AppData\Roaming\
~ %Desktop% : C:\Users\ASUS\Desktop\
~ %Favorites% : C:\Users\ASUS\Favorites\
~ %LocalAppData% : C:\Users\ASUS\AppData\Local\
~ %StartMenu% : C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 879 Go of 931 Go)
D: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
~ Security Center: 50 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.2011-02-25 - 00:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.2009-07-13 - 20:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.B945BAA81B4805AD6BDDF4D026DCFB47] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.2014-07-25 - 05:05:23.) -- C:\Windows\System32\wininet.dll [1792512]
[MD5.998507B046BA314CE8245364C686FA67] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.2014-03-04 - 04:17:02.) -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.2010-11-20 - 16:29:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.D0B388DA1D111A34366E04EB4A5DD156] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.2014-05-30 - 01:36:07.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.2009-07-13 - 20:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.2009-07-13 - 18:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.2010-11-20 - 16:29:03.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.2010-11-20 - 16:29:07.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.2010-11-20 - 16:29:03.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.2009-07-13 - 18:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.2009-07-13 - 18:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.2011-04-26 - 21:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.2010-11-20 - 16:29:08.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.2014-01-23 - 21:18:22.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.2009-07-13 - 18:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.2009-07-13 - 18:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.2010-11-20 - 16:29:49.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.2009-07-13 - 18:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.2010-11-20 - 16:29:07.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.2010-11-20 - 16:29:03.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 01s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/2
~ Mes musiques (My Musics) : 1/7
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/36
~ Mes Documents (My Documents) : 1/26
~ Mon Bureau (My Desktop) : 1/40
~ Menu demarrer (Programs) : 1/113
~ Hidden Files: Scanned in 00mn 00s
---\\ Processus lancés
[MD5.361B0893A5C6741F347568A3232D2822] - (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files\AVG\AVG2014\avgui.exe [5188112] [PID.2064]
[MD5.1EDDD9562180D2F17385846B7F89490B] - (.IvoSoft - Classic Start Menu.) -- C:\Program Files\Classic Shell\ClassicStartMenu.exe [150208] [PID.2648]
[MD5.308F2EE28005510DE616409148CF077B] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896] [PID.2708]
[MD5.49FC05738158BC8B6C1957E9D2B55494] - (.IBM Corp. - RapportService.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe [2607384] [PID.2724]
[MD5.55B8916A4C1F21AEFC319351B4522023] - (.AVG - AVG PC TuneUp.) -- C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe [1920312] [PID.3356]
[MD5.F4651164AA1330735ADEA50AD0A326F2] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8208896] [PID.3244]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://www.google.fr
---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 1 Legitimates Filtered in 00mn 01s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js (.not file.)
~ Firefox Browser: 7 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://affaires.lapresse.ca
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = http://google.com
~ IE Browser: 15 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 2
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} . (.Adblock Plus - Adblock Plus Module.) -- C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
~ BHO: 16 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: DAP Bar - [HKLM]{62999427-33FC-4baf-9C9C-BCE6BD127F08} . (...) -- (.not file.)
O3 - Toolbar: Classic Explorer Bar - [HKLM]{553891B7-A0D5-4526-BE18-D3CE461D6310} . (.IvoSoft - Adds classic Windows Explorer features.) -- C:\Program Files\Classic Shell\ClassicExplorer32.dll
O3 - Toolbar: Bing Bar - [HKLM]{8dcb7100-df86-4384-8842-8fa844297b3f} . (.Microsoft Corporation. - Extensions du client Bing.) -- C:\Program Files\Microsoft\BingBar\7.1.362.0\BingExt.dll =>Toolbar.Bing
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: AudioWizard.lnk . (.Waves Audio Ltd. - Pas de description.) -- C:\Program Files\Realtek\Audio\HDA\MaxxAudioControl.exe
O4 - GS\Desktop [Public]: DriverUpdate.lnk . (...) -- C:\Windows\Installer\{65C92136-6AF0-4E70-88D2-D19E739CE285}\Icon.exe
O4 - GS\Desktop [Public]: Encore plus de jeux.lnk - Clé orpheline
O4 - GS\Desktop [Public]: Games.lnk . (...) -- C:\Program Files\bfgclient\bfgclient.exe
O4 - GS\Desktop [Public]: Jeux.lnk . (...) -- C:\Program Files\bfgclient\bfgclient.exe
O4 - GS\Desktop [Public]: Jouer à 10 Jours Sous Les Mers.lnk . (...) -- C:\Program Files\10 Jours Sous Les Mers\LaunchGame.bfg
O4 - GS\Desktop [Public]: Jouer à A Girl in the City.lnk . (...) -- C:\Program Files\A Girl in the City\LaunchGame.bfg
O4 - GS\Desktop [Public]: Jouer à Amazing Adventures Riddle of the Two Knights.lnk . (...) -- C:\Program Files\Amazing Adventures Riddle of the Two Knights\LaunchGame.bfg
O4 - GS\Desktop [Public]: Jouer à Arcanika.lnk . (...) -- C:\Program Files\Arcanika\LaunchGame.bfg
O4 - GS\Desktop [Public]: Jouer à Big City Adventure - Paris.lnk . (...) -- C:\Program Files\Big City Adventure - Paris\LaunchGame.bfg
O4 - GS\Desktop [Public]: Jouer à Big City Adventure - Tokyo.lnk . (...) -- C:\Program Files\Big City Adventure - Tokyo\LaunchGame.bfg
O4 - GS\Desktop [Public]: Jouer à Call of Atlantis.lnk . (...) -- C:\Program Files\Call of Atlantis\LaunchGame.bfg
O4 - GS\Desktop [Public]: Jouer à Gem Boy.lnk . (...) -- C:\Program Files\Gem Boy\LaunchGame.bfg
O4 - GS\Desktop [Public]: Jouer à Girls with Secrets.lnk . (...) -- C:\Program Files\Girls with Secrets\LaunchGame.bfg
O4 - GS\Desktop [Public]: Jouer à Hidden in Time - Miroir Miroir.lnk . (...) -- C:\Program Files\Hidden in Time - Miroir Miroir\LaunchGame.bfg
O4 - GS\Desktop [Public]: Jouer à Lost in Reefs 2.lnk . (...) -- C:\Program Files\Lost in Reefs 2\LaunchGame.bfg
O4 - GS\Desktop [Public]: Jouer à Margrave Manor 2 - Le Bateau Disparu.lnk . (...) -- C:\Program Files\Margrave Manor 2 - Le Bateau Disparu\LaunchGame.bfg
O4 - GS\Desktop [Public]: Jouer à Samantha Swift et la Main de Midas.lnk . (...) -- C:\Program Files\Samantha Swift et la Main de Midas\LaunchGame.bfg
O4 - GS\Desktop [Public]: Jouer à Summer SuperSports.lnk . (...) -- C:\Program Files\Summer SuperSports\LaunchGame.bfg
O4 - GS\Desktop [Public]: Jouer à The Path of Hercules.lnk . (...) -- C:\Program Files\The Path of Hercules\LaunchGame.bfg
O4 - GS\Desktop [Public]: Jouer à The Rise of Atlantis.lnk . (...) -- C:\Program Files\The Rise of Atlantis\LaunchGame.bfg
O4 - GS\Desktop [Public]: More Great Games.lnk - Clé orpheline
O4 - GS\Desktop [Public]: Play A Pirate's Legend.lnk . (...) -- C:\Program Files\A Pirate's Legend\LaunchGame.bfg
O4 - GS\Desktop [Public]: Play Artifacts of Eternity.lnk . (...) -- C:\Program Files\Artifacts of Eternity\LaunchGame.bfg
O4 - GS\Desktop [Public]: Play Big City Adventure - Rio de Janeiro.lnk . (...) -- C:\Program Files\Big City Adventure - Rio de Janeiro\LaunchGame.bfg
O4 - GS\Desktop [Public]: Play BVS Solitaire Collection.lnk . (...) -- C:\Program Files\BVS Solitaire Collection\LaunchGame.bfg
O4 - GS\Desktop [Public]: Play Call of Atlantis - Treasures of Poseidon.lnk . (...) -- C:\Program Files\Call of Atlantis - Treasures of Poseidon\LaunchGame.bfg
O4 - GS\Desktop [Public]: Play Call of the Ages.lnk . (...) -- C:\Program Files\Call of the Ages\LaunchGame.bfg
O4 - GS\Desktop [Public]: Play Imperial Island 2 - The Search for New Land.lnk . (...) -- C:\Program Files\Imperial Island 2 - The Search for New Land\LaunchGame.bfg
O4 - GS\Desktop [Public]: Play Vegas Penny Slots.lnk . (...) -- C:\Program Files\Vegas Penny Slots\LaunchGame.bfg
O4 - GS\Desktop [Public]: Registry Repair.lnk . (.Glarysoft Ltd - Glarysoft RegistryCleaner.) -- C:\Program Files\Glarysoft\Registry Repair 5\RegistryCleaner.exe
O4 - GS\Desktop [Public]: Speccy.lnk . (.Piriform Ltd - Speccy.) -- C:\Program Files\Speccy\Speccy.exe
O4 - GS\Program [Public]: AudioWizard.lnk . (.Waves Audio Ltd. - Pas de description.) -- C:\Program Files\Realtek\Audio\HDA\MaxxAudioControl.exe
O4 - GS\Program [Public]: Linksys Connect.lnk . (.Belkin International, Inc. - Linksys Software.) -- C:\Program Files\Linksys\Linksys Connect\Linksys Connect.exe
O4 - GS\Program [Public]: More Great Games.lnk - Clé orpheline
O4 - GS\Program [Public]: Registry Repair.lnk . (.Glarysoft Ltd - Glarysoft RegistryCleaner.) -- C:\Program Files\Glarysoft\Registry Repair 5\RegistryCleaner.exe
O4 - GS\QuickLaunch [ASUS]: Alien Shooter.lnk . (.Sigma Team - AlienShooter Application.) -- C:\Program Files\Sigma Team\Alien Shooter\AlienShooter.exe
O4 - GS\QuickLaunch [ASUS]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\ASUS\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [ASUS]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [ASUS]: Mortimer Beckett and the Secrets of Spooky Manor.lnk . (...) -- C:\Program Files\MyPlayCity.com\Mortimer Beckett and the Secrets of Spooky Manor\Mortimer Beckett and the Secrets of Spooky Manor.exe
O4 - GS\QuickLaunch [ASUS]: Mortimer Beckett And The Time Paradox.lnk . (...) -- C:\Program Files\MyPlayCity.com\Mortimer Beckett And The Time Paradox\Mortimer Beckett And The Time Paradox.exe
O4 - GS\QuickLaunch [ASUS]: Pearl Harbor - Fire on the Water.lnk . (...) -- C:\Program Files\MyPlayCity.com\Pearl Harbor - Fire on the Water\Pearl Harbor - Fire on the Water.exe
O4 - GS\QuickLaunch [ASUS]: Pirate's Solitaire.lnk . (...) -- C:\Program Files\MyPlayCity.com\Pirate's Solitaire\Pirate's Solitaire.exe
O4 - GS\QuickLaunch [ASUS]: Robin's Island Adventure.lnk . (...) -- C:\Program Files\MyPlayCity.com\Robin's Island Adventure\Robin's Island Adventure.exe
O4 - GS\QuickLaunch [ASUS]: Superbike Racers.lnk . (...) -- C:\Program Files\GamesGoFree.com\Superbike Racers\Superbike Racers.exe
O4 - GS\TaskBar [ASUS]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [ASUS]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [ASUS]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SendTo [ASUS]: Unlocker.lnk . (...) -- C:\Program Files\Unlocker\Unlocker.exe
O4 - GS\Desktop [ASUS]: Alien Shooter.lnk . (.Sigma Team - AlienShooter Application.) -- C:\Program Files\Sigma Team\Alien Shooter\AlienShooter.exe
O4 - GS\Desktop [ASUS]: Auslogics DiskDefrag.lnk . (.Auslogics - Disk Defrag.) -- C:\Program Files\Auslogics\DiskDefrag\DiskDefrag.exe
O4 - GS\Desktop [ASUS]: BigCityAdventureNY (2).exe - Raccourci.lnk . (.Jolly Bear Games - Big City Adventure: New York City.) -- C:\Program Files\Big City Adventure - New York City\BigCityAdventureNY (2).exe
O4 - GS\Desktop [ASUS]: bigcityadventuresydney.exe - Raccourci.lnk . (.Jolly Bear Games - Big City Adventure: Sydney.) -- C:\Program Files\Big City Adventure - Sydney Australia\bigcityadventuresydney.exe
O4 - GS\Desktop [ASUS]: BigCityAdventureVan.exe - Raccourci.lnk . (.Jolly Bear Games - Big City Adventure: Vancouver.) -- C:\Program Files\Big City Adventure - Vancouver\BigCityAdventureVan.exe
O4 - GS\Desktop [ASUS]: Crazy Browser.lnk . (.www.CrazyBrowser.com - Crazy Browser.) -- C:\Program Files\Crazy Browser\Crazy Browser.exe
O4 - GS\Desktop [ASUS]: EchoLink.lnk . (.Synergenics, LLC - EchoLink.) -- C:\Program Files\K1RFD\EchoLink\EchoLink.exe
O4 - GS\Desktop [ASUS]: engine.exe - Raccourci.lnk . (...) -- C:\Program Files\MyPlayCity.com\Robin's Island Adventure\engine.exe
O4 - GS\Desktop [ASUS]: FileKiddo Download Manager.lnk . (.FreeDownloadManager.ORG - FileKiddo Download Manager.) -- C:\Program Files\FileKiddo Download Manager\fdm.exe
O4 - GS\Desktop [ASUS]: game.exe - Raccourci.lnk . (...) -- C:\Program Files\MyPlayCity.com\Pearl Harbor - Fire on the Water\game.exe
O4 - GS\Desktop [ASUS]: GamesGoFree Games.lnk . (...) -- C:\Program Files\GamesGoFree.com\Superbike Racers\gamesgofree.url
O4 - GS\Desktop [ASUS]: gotchacelebritysecrets.exe - Raccourci.lnk . (...) -- C:\Program Files\Gotcha - Celebrity Secrets\gotchacelebritysecrets.exe
O4 - GS\Desktop [ASUS]: Highway Pursuit.lnk . (.adamdawes.com/Retrospec - Highway Pursuit.) -- C:\Program Files\HighwayPursuit\HighwayPursuit.exe
O4 - GS\Desktop [ASUS]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [ASUS]: LostInReefs.exe - Raccourci.lnk . (.Rumbic Studio - Lost In Reefs.) -- C:\Program Files\Lost in Reefs\LostInReefs.exe
O4 - GS\Desktop [ASUS]: Margrave Manor 2 (2).exe - Raccourci.lnk . (.Inertia Software - Margrave Manor 2.exe.) -- C:\Program Files\Margrave Manor 2 - The Lost Ship\Margrave Manor 2 (2).exe
O4 - GS\Desktop [ASUS]: maxjongg.exe - Raccourci.lnk . (...) -- C:\Program Files\MaxJongg\maxjongg.exe
O4 - GS\Desktop [ASUS]: mirror mysteries.exe - Raccourci (2).lnk . (...) -- C:\Program Files\The Mirror Mysteries\mirror mysteries.exe
O4 - GS\Desktop [ASUS]: Mortimer Beckett and the Secrets of Spooky Manor.lnk . (...) -- C:\Program Files\MyPlayCity.com\Mortimer Beckett and the Secrets of Spooky Manor\Mortimer Beckett and the Secrets of Spooky Manor.exe
O4 - GS\Desktop [ASUS]: Mortimer Beckett And The Time Paradox.lnk . (...) -- C:\Program Files\MyPlayCity.com\Mortimer Beckett And The Time Paradox\Mortimer Beckett And The Time Paradox.exe
O4 - GS\Desktop [ASUS]: MysteryPILosAngeles (2).exe - Raccourci.lnk . (.SpinTop Games - Mystery P.I. - Lost in LA.) -- C:\Program Files\Mystery P.I. - Lost in Los Angeles\MysteryPILosAngeles (2).exe
O4 - GS\Desktop [ASUS]: MysteryPINewEngland (2).exe - Raccourci.lnk . (.SpinTop Games - Mystery P.I. - The Curious Case of Counterf.) -- C:\Program Files\Mystery P.I. - The Curious Case of Counterfeit Cove\MysteryPINewEngland (2).exe
O4 - GS\Desktop [ASUS]: Mystika2.exe - Raccourci.lnk . (.UnikGame - Mystika II.) -- C:\Program Files\Mystika 2 - Le Sanctuaire\Mystika2.exe
O4 - GS\Desktop [ASUS]: Pirate's Solitaire.lnk . (...) -- C:\Program Files\MyPlayCity.com\Pirate's Solitaire\Pirate's Solitaire.exe
O4 - GS\Desktop [ASUS]: RRBoston (2).exe - Raccourci.lnk . (...) -- C:\Program Files\Renovate & Relocate - Boston\RRBoston (2).exe
O4 - GS\Desktop [ASUS]: Samantha Swift and the Mystery from Atlantis.exe - Raccourci.lnk . (...) -- C:\Program Files\Samantha Swift - Mystery From Atlantis\Samantha Swift and the Mystery from Atlantis.exe
O4 - GS\Desktop [ASUS]: SlingoCasinoPak.exe - Raccourci.lnk . (.SLINGO, Inc. - SLINGO CASINO PAK.) -- C:\Program Files\Slingo Casino Pak\SlingoCasinoPak.exe
O4 - GS\Desktop [ASUS]: SlingoQuest.exe - Raccourci.lnk . (.Funkitron, Inc. - Slingo Quest.) -- C:\Program Files\Slingo Quest\SlingoQuest.exe
O4 - GS\Desktop [ASUS]: Superbike Racers.lnk . (...) -- C:\Program Files\GamesGoFree.com\Superbike Racers\Superbike Racers.exe
O4 - GS\Desktop [ASUS]: three_days.exe - Raccourci.lnk . (...) -- C:\Program Files\3 Days - Amulet Secret\three_days.exe
O4 - GS\Desktop [ASUS]: Titanic (2).exe - Raccourci ().lnk . (...) -- C:\Program Files\1912 - Titanic Mystery\Titanic (2).exe
~ Global Startup: 143 Legitimates Filtered in 00mn 25s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [AVG_UI] . (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files\AVG\AVG2014\avgui.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
O4 - HKLM\..\Run: [Classic Start Menu] . (.IvoSoft - Classic Start Menu.) -- C:\Program Files\Classic Shell\ClassicStartMenu.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Nero AG - NeroCheck.) -- C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKCU\..\Run: [Screenseven News] . (.Intenium - Tray Client.) -- C:\Program Files\OXXOGames\VIVAGPlayer\GameCenterNotifier.exe
O4 - HKCU\..\Run: [GUDelayStartup] . (.Glarysoft Ltd - Glary Utilities StartupManager.) -- C:\Program Files\Glary Utilities 5\StartupManager.exe
O4 - HKUS\S-1-5-21-1402159502-2150757134-1109879191-1000\..\Run: [Screenseven News] . (.Intenium - Tray Client.) -- C:\Program Files\OXXOGames\VIVAGPlayer\GameCenterNotifier.exe
O4 - HKUS\S-1-5-21-1402159502-2150757134-1109879191-1000\..\Run: [GUDelayStartup] . (.Glarysoft Ltd - Glary Utilities StartupManager.) -- C:\Program Files\Glary Utilities 5\StartupManager.exe
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Console Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -- Clé orpheline
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{C0D90873-FF00-45B4-BB0A-7621CE20D51C}: DhcpNameServer = 24.200.241.37 24.202.72.13 24.200.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{C0D90873-FF00-45B4-BB0A-7621CE20D51C}: DhcpNameServer = 24.200.241.37 24.202.72.13 24.200.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{C0D90873-FF00-45B4-BB0A-7621CE20D51C}: DhcpNameServer = 24.200.241.37 24.202.72.13 24.200.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.200.241.37 24.202.72.13 24.200.0.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Photo Gallery Album Download Protocol Handl.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll =>.Microsoft Corporation
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} . (.Advanced Micro Devices - MIME Video Detector for IE.) -- C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk * ) - File not found
O34 - HKLM BootExecute: (BootDefrag.exe) - File not found
~ BEX: 2 Legitimates Filtered in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
[MD5.AB4CDB10226BC2CD7CBB9066D1B6B056] [APT] [{15F4F86A-3B7B-4381-B2A1-E4D960E946A1}] (...) -- C:\Program Files\Mary Kay Andrews - The Fixer Upper\TheFixerUpper (2).exe [1794048]
[MD5.AB4CDB10226BC2CD7CBB9066D1B6B056] [APT] [{2BF8B51E-9D66-4190-8798-E0D832E82C78}] (...) -- C:\Program Files\Mary Kay Andrews - The Fixer Upper\TheFixerUpper (2).exe [1794048]
[MD5.AB4CDB10226BC2CD7CBB9066D1B6B056] [APT] [{5EB0C881-5898-456B-82D0-C99B5FB18BB2}] (...) -- C:\Program Files\Mary Kay Andrews - The Fixer Upper\TheFixerUpper (2).exe [1794048]
[MD5.BD97547DB555DAA1123E8FC3ABD68527] [APT] [{EB929B0B-B326-4DC3-A78B-AE4567202E3D}] (...) -- C:\Downloads\Software\Dr.FelixBigFishGames.exe [557920]
~ Scheduled Task: 22 Legitimates Filtered in 00mn 06s
---\\ Logiciels installés (O42)
O42 - Logiciel: 3 Days - Amulet Secret - (...) [HKLM] -- BFG-3 Days - Amulet Secret
O42 - Logiciel: A Girl in the City - (...) [HKLM] -- BFG-A Girl in the City
O42 - Logiciel: A Pirate's Legend - (...) [HKLM] -- BFG-A Pirate's Legend
O42 - Logiciel: Alien Shooter - (...) [HKLM] -- Alien Shooter
O42 - Logiciel: Alien Shooter v 1.2 - (.Sigma Team.) [HKLM] -- Alien Shooter_is1
O42 - Logiciel: Arcanika - (...) [HKLM] -- BFG-Arcanika
O42 - Logiciel: Artifacts of Eternity - (...) [HKLM] -- BFG-Artifacts of Eternity
O42 - Logiciel: Big City Adventure: New York City - (...) [HKLM] -- BFG-Big City Adventure - New York City
O42 - Logiciel: Big City Adventure: Paris - (...) [HKLM] -- BFG-Big City Adventure - Paris
O42 - Logiciel: Big City Adventure: Rio de Janeiro - (...) [HKLM] -- BFG-Big City Adventure - Rio de Janeiro
O42 - Logiciel: Big City Adventure: Sydney, Australia - (...) [HKLM] -- BFG-Big City Adventure - Sydney Australia
O42 - Logiciel: Big City Adventure: Tokyo - (...) [HKLM] -- BFG-Big City Adventure - Tokyo
O42 - Logiciel: Big City Adventure: Vancouver - (...) [HKLM] -- BFG-Big City Adventure - Vancouver
O42 - Logiciel: Call of the Ages - (...) [HKLM] -- BFG-Call of the Ages
O42 - Logiciel: EchoLink - (.Synergenics, LLC.) [HKLM] -- {DC33421C-0E1C-470A-BE37-7B7C82677812}
O42 - Logiciel: Gem Boy - (...) [HKLM] -- BFG-Gem Boy
O42 - Logiciel: Girls with Secrets - (...) [HKLM] -- BFG-Girls with Secrets
O42 - Logiciel: Gotcha: Celebrity Secrets - (...) [HKLM] -- BFG-Gotcha - Celebrity Secrets
O42 - Logiciel: Imperial Island 2: The Search for New Land - (...) [HKLM] -- BFG-Imperial Island 2 - The Search for New Land
O42 - Logiciel: Lost in Reefs - (...) [HKLM] -- BFG-Lost in Reefs
O42 - Logiciel: Lost in Reefs 2 - (...) [HKLM] -- BFG-Lost in Reefs 2
O42 - Logiciel: Mary Kay Andrews: The Fixer Upper - (...) [HKLM] -- BFG-Mary Kay Andrews - The Fixer Upper
O42 - Logiciel: MaxJongg - (...) [HKLM] -- BFG-MaxJongg
O42 - Logiciel: MaxJongg - (...) [HKLM] -- MaxJongg_is1
O42 - Logiciel: Mystika 2: Le Sanctuaire - (...) [HKLM] -- BFG-Mystika 2 - Le Sanctuaire
O42 - Logiciel: Renovate & Relocate: Boston - (...) [HKLM] -- BFG-Renovate & Relocate - Boston
O42 - Logiciel: Summer SuperSports - (...) [HKLM] -- BFG-Summer SuperSports
O42 - Logiciel: Superbike Racers - (.GamesGoFree.com.) [HKLM] -- Superbike Racers_is1
O42 - Logiciel: Vegas Penny Slots - (...) [HKLM] -- BFG-Vegas Penny Slots
~ Logic: 37 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ETeam]
[HKCU\Software\K1RFD]
[HKCU\Software\Ocean Range 3]
[HKCU\Software\OceanMedia]
[HKCU\Software\Perseus]
[HKCU\Software\Triangle Studios]
[HKLM\Software\ETeam]
[HKLM\Software\Filseclab]
[HKLM\Software\Gromada]
[HKLM\Software\SmartDNS]
~ Key Software: 348 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 2013-10-27 - 11:02:14 - [317,024] ----D C:\Program Files\3 Days - Amulet Secret
O43 - CFD: 2013-10-20 - 14:33:24 - [101,017] ----D C:\Program Files\A Girl in the City
O43 - CFD: 2013-11-24 - 14:55:34 - [23,374] ----D C:\Program Files\A Pirate's Legend
O43 - CFD: 2014-07-11 - 16:33:18 - [76,948] ----D C:\Program Files\Arcanika
O43 - CFD: 2014-07-15 - 20:46:46 - [125,470] ----D C:\Program Files\Artifacts of Eternity
O43 - CFD: 2013-10-14 - 14:54:49 - [54,015] ----D C:\Program Files\Big City Adventure - New York City
O43 - CFD: 2013-09-30 - 14:10:56 - [61,931] ----D C:\Program Files\Big City Adventure - Paris
O43 - CFD: 2014-07-27 - 17:17:16 - [70,246] ----D C:\Program Files\Big City Adventure - Rio de Janeiro
O43 - CFD: 2013-12-01 - 16:44:29 - [35,099] ----D C:\Program Files\Big City Adventure - Sydney Australia
O43 - CFD: 2013-09-30 - 14:09:30 - [69,856] ----D C:\Program Files\Big City Adventure - Tokyo
O43 - CFD: 2014-07-28 - 14:34:18 - [60,334] ----D C:\Program Files\Big City Adventure - Vancouver
O43 - CFD: 2014-03-16 - 15:33:52 - [205,764] ----D C:\Program Files\Call of the Ages
O43 - CFD: 2014-03-28 - 13:17:07 - [33,962] ----D C:\Program Files\DriverUpdate
O43 - CFD: 2014-07-07 - 16:42:25 - [9,171] ----D C:\Program Files\Free FreeCell Solitaire
O43 - CFD: 2013-10-23 - 14:05:37 - [103,241] ----D C:\Program Files\GamesGoFree.com
O43 - CFD: 2013-09-30 - 14:07:43 - [26,504] ----D C:\Program Files\Gem Boy
O43 - CFD: 2013-09-30 - 14:06:51 - [141,687] ----D C:\Program Files\Girls with Secrets
O43 - CFD: 2013-10-11 - 15:07:55 - [161,277] ----D C:\Program Files\Gotcha - Celebrity Secrets
O43 - CFD: 2014-09-06 - 14:54:40 - [190,872] ----D C:\Program Files\Imperial Island 2 - The Search for New Land
O43 - CFD: 2014-01-22 - 12:35:20 - [3,093] ----D C:\Program Files\K1RFD
O43 - CFD: 2013-11-17 - 15:19:09 - [42,071] ----D C:\Program Files\Lost in Reefs
O43 - CFD: 2013-11-17 - 15:25:31 - [76,490] ----D C:\Program Files\Lost in Reefs 2
O43 - CFD: 2013-10-15 - 14:37:16 - [104,811] ----D C:\Program Files\Mary Kay Andrews - The Fixer Upper
O43 - CFD: 2014-04-23 - 14:14:23 - [13,679] ----D C:\Program Files\MaxJongg
O43 - CFD: 2014-09-06 - 14:22:10 - [55,879] ----D C:\Program Files\Mystika 2 - Le Sanctuaire
O43 - CFD: 2013-10-14 - 14:24:32 - [166,117] ----D C:\Program Files\Renovate & Relocate - Boston
O43 - CFD: 2013-10-11 - 16:03:00 - [36,099] ----D C:\Program Files\Sigma Team
O43 - CFD: 2013-09-30 - 13:54:40 - [238,303] ----D C:\Program Files\Summer SuperSports
O43 - CFD: 2013-09-28 - 14:37:35 - [121,404] ----D C:\Program Files\Vegas Penny Slots
O43 - CFD: 2014-04-15 - 13:04:47 - [0,012] ----D C:\ProgramData\ClassicShell
O43 - CFD: 2014-05-13 - 11:21:38 - [7,138] ----D C:\ProgramData\Discovering Nature
O43 - CFD: 2014-05-11 - 11:41:24 - [5,107] ----D C:\ProgramData\Perseus
O43 - CFD: 2013-10-03 - 10:36:37 - [0] ----D C:\ProgramData\SpeedBit
O43 - CFD: 2014-07-12 - 14:45:15 - [0,181] ----D C:\Users\ASUS\AppData\Roaming\Arcanika
O43 - CFD: 2014-09-10 - 17:34:46 - [2,629] ----D C:\Users\ASUS\AppData\Roaming\ClassicShell
O43 - CFD: 2014-07-25 - 14:43:38 - [75,580] ----D C:\Users\ASUS\AppData\Roaming\DarkManor
O43 - CFD: 2013-11-18 - 17:08:46 - [0,069] ----D C:\Users\ASUS\AppData\Roaming\GirlsWithSecrets
O43 - CFD: 2014-07-30 - 14:40:50 - [0,001] ----D C:\Users\ASUS\AppData\Roaming\Juliette's Fashion Empire
O43 - CFD: 2014-07-20 - 14:04:49 - [0,001] ----D C:\Users\ASUS\AppData\Roaming\Laruaville
O43 - CFD: 2014-06-29 - 14:43:07 - [0] ----D C:\Users\ASUS\AppData\Roaming\library_dir
O43 - CFD: 2014-05-04 - 13:41:09 - [0,444] ----D C:\Users\ASUS\AppData\Roaming\MP3Rocket
O43 - CFD: 2013-10-23 - 16:31:08 - [0] ----D C:\Users\ASUS\AppData\Roaming\Tape_Worm
O43 - CFD: 2014-07-20 - 13:16:29 - [0,027] ----D C:\Users\ASUS\AppData\Roaming\ToyDefenseFantasy
O43 - CFD: 2014-05-06 - 13:50:34 - [0] -SH-D C:\Users\ASUS\AppData\Local\EmieSiteList
O43 - CFD: 2014-05-06 - 13:50:34 - [0] -SH-D C:\Users\ASUS\AppData\Local\EmieUserList
O43 - CFD: 2013-09-27 - 14:47:00 - [0] R---D C:\Users\ASUS\AppData\Local\Nouveau porte-documents
O43 - CFD: 2013-10-27 - 11:00:30 - [0,003] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3 Days - Amulet Secret
O43 - CFD: 2013-10-20 - 13:43:54 - [0,003] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\A Girl in the City
O43 - CFD: 2014-07-11 - 16:31:27 - [0,003] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Arcanika
O43 - CFD: 2014-07-15 - 20:46:13 - [0,003] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Artifacts of Eternity
O43 - CFD: 2013-10-06 - 13:02:45 - [0,004] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Big City Adventure - New York City
O43 - CFD: 2013-09-30 - 14:10:35 - [0,003] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Big City Adventure - Paris
O43 - CFD: 2014-07-27 - 17:16:58 - [0,004] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Big City Adventure - Rio de Janeiro
O43 - CFD: 2013-09-30 - 14:09:09 - [0,003] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Big City Adventure - Tokyo
O43 - CFD: 2014-07-28 - 14:33:48 - [0,003] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Big City Adventure - Vancouver
O43 - CFD: 2014-03-16 - 15:32:34 - [0,003] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Call of the Ages
O43 - CFD: 2014-01-22 - 12:35:22 - [0,009] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EchoLink
O43 - CFD: 2013-09-30 - 14:07:32 - [0,003] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gem Boy
O43 - CFD: 2013-09-30 - 14:02:05 - [0,003] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Girls with Secrets
O43 - CFD: 2013-10-11 - 15:00:16 - [0,003] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gotcha - Celebrity Secrets
O43 - CFD: 2014-09-06 - 14:54:03 - [0,004] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperial Island 2 - The Search for New Land
O43 - CFD: 2013-09-30 - 13:56:46 - [0,003] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lost in Reefs 2
O43 - CFD: 2013-10-15 - 14:33:28 - [0,004] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mary Kay Andrews - The Fixer Upper
O43 - CFD: 2014-09-06 - 14:21:44 - [0,003] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mystika 2 - Le Sanctuaire
O43 - CFD: 2013-10-14 - 14:21:56 - [0,003] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Renovate & Relocate - Boston
O43 - CFD: 2013-09-30 - 13:54:13 - [0,003] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Summer SuperSports
O43 - CFD: 2013-09-28 - 14:37:04 - [0,003] ----D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vegas Penny Slots
~ Program Folder: 352 Legitimates Filtered in 00mn 52s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.72C72A89F7EF664DBAC2A430E8BE1335] - 2014-09-06 - 11:22:39 ---A- . (...) -- C:\Windows\ntbtlog.txt [350568]
O44 - LFC:[MD5.FCD6BCB56C1689FCEF28B57C22475BAD] - 2014-09-10 - 16:35:10 ---A- . (...) -- C:\Windows\System32\spu_storage.bin [65536]
~ Files: 15 Legitimates Filtered in 00mn 08s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 2009-07-13 - 20:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 2009-07-13 - 17:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 2009-07-13 - 20:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:[MD5.6A3F24667A4E13851D7CA7B610015430] - 2014-07-08 - 14:57:20 ---A- . (...) -- C:\Windows\System32\Drivers\SWDUMon.sys [13464]
O58 - SDL:[MD5.BD45CEB3EBB6832AE7997FA29468ACE1] - 2014-07-10 - 18:50:02 ---A- . (...) -- C:\Windows\System32\Drivers\TrueSight.sys [29160]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 2009-07-13 - 16:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 2009-07-13 - 16:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 2009-07-13 - 16:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 2009-07-13 - 16:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 2009-07-13 - 16:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 2009-07-13 - 16:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 2009-07-13 - 16:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 2009-07-13 - 16:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 2009-07-13 - 16:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 2009-07-13 - 16:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 2009-07-13 - 16:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 2009-07-13 - 16:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 2009-07-13 - 16:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 2009-07-13 - 16:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 2009-07-13 - 16:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 19 Legitimates Filtered in 00mn 06s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {0191A6B0-1154-4C22-9182-23A95BBE92D9} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} - (Yahoo! Search) - http://ca.search.yahoo.com
O69 - SBI: SearchScopes [HKUS\S-1-5-19] {0191A6B0-1154-4C22-9182-23A95BBE92D9} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKUS\S-1-5-20] {0191A6B0-1154-4C22-9182-23A95BBE92D9} - (Google) - http://www.google.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.3264FC05C2A51D34D14BAE0C9ADE43E4] [SPRF][2014-08-16] (.Pas de propriétaire - Adblock Plus for IE.) -- C:\Users\ASUS\Desktop\adblockplusie-1.1.exe [4741136]
~ Files: 3 Legitimates Filtered in 00mn 00s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "5923976166327F040A543A4EA21863E5" . (.Bing Bar.) -- C:\Windows\Installer\{16793295-2366-40F7-A045-A3E42A81365E}\icon_installer_ico =>Toolbar.Bing
O90 - PUC: "63129C560FA607E4882D1DE937C92E58" . (.DriverUpdate.) -- C:\Windows\Installer\{65C92136-6AF0-4E70-88D2-D19E739CE285}\Icon.exe
~ Update Products: 102 Legitimates Filtered in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.8B3BB443B8519A17F275D8149B6315F8] [WIS][2014-01-22] (.Synergenics, LLC - EchoLink.) -- C:\Windows\Installer\24516d.msi [2581504]
[MD5.4941092D70B5C9ABA6512AAAE7A1615A] [WIS][2013-10-25] (.AVG - AVG PC TuneUp 2014 (fr-FR).) -- C:\Windows\Installer\4eeb4f.msi [2560000]
[MD5.170504C5F7C959106404BBBA14843881] [WIS][2013-10-25] (.AVG - AVG PC TuneUp 2014.) -- C:\Windows\Installer\4eeb53.msi [34947072]
~ WIS: 106 Legitimates Filtered in 00mn 12s
---\\ Recherche de clés de registre CLSID (O101)
[HKCR\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}] (Bing Bar) =>Toolbar.Bing
[HKCR\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] (Bing Bar Helper) =>Toolbar.Bing
~ BCK: 6807 Legitimates Filtered in 00mn 06s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Disabled 2013-12-21 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 2014-08-13 262320 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Disabled 2013-09-07 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SS - | Auto 2012-02-13 193816 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\7.1.362.0\BBSvc.exe =>Toolbar.Bing
SS - | Disabled 2011-08-30 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Disabled 2013-09-17 553288 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Demand 2006-11-10 774144 | (NBService) . (.Nero AG.) - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
SS - | Disabled 2014-03-27 581568 | (ogmservice) . (.RealNetworks, Inc..) - C:\Program Files\Online Games Manager\ogmservice.exe
SS - | Disabled 2013-10-23 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Demand 2009-07-13 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 2014-04-17 208896 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 2014-04-17 276992 | (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
SR - | Auto 2014-08-25 3242000 | (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files\AVG\AVG2014\avgidsagent.exe
SR - | Auto 2014-08-25 289328 | (avgwd) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
SR - | Demand 2012-02-13 240408 | (BBUpdate) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\7.1.362.0\SeaPort.exe =>Toolbar.Bing
SR - | Auto 2014-03-11 22216 | (MsMpSvc) . (.Microsoft Corporation.) - c:\Program Files\Microsoft Security Client\MsMpEng.exe
SR - | Auto 2014-08-21 1919256 | (RapportMgmtService) . (.IBM Corp..) - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
SR - | Auto 2014-07-14 1858360 | (TuneUp.UtilitiesSvc) . (.AVG.) - C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
SR - | Auto 2009-07-13 20992 | C:\Windows\System32\uxtuneup.dll (UxTuneUp) . (.AVG.) - C:\Windows\System32\svchost.exe
SR - | Auto 2009-07-13 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 08s
---\\ Scan Additionnel (O88)
Database Version : 13044 - (2014-04-09)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 2
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{8dcb7100-df86-4384-8842-8fa844297b3f} =>Toolbar.Bing^
[HKCR\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}] (Bing Bar) =>Toolbar.Bing^
[HKCR\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] (Bing Bar Helper) =>Toolbar.Bing^
~ Additionnel Scan: 371050 Items scanned in 00mn 26s
---\\ Récapitulatif des détections trouvées sur votre station
~ MSI: 0 link(s) detected in 00mn 00s
~ 1579 Legitimates filtered by white list
End of the scan (612 lines in 03mn 24s)(0)