cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2015.3.19.31 - Nicolas Coolman (19/03/2015)
~ Lancé par NIDTALEB (04/04/2015 11:49:14)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Nouvelle version disponible
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox v2.0.0.20 (fr)
GCIE: Google Chrome v41.0.2272.118

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 2C9T3
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)

---\\ Logiciels de protection du système
Malwarebytes Anti-Malware version 2.1.4.1018
Windows Defender W7 (Activate)

---\\ Logiciels d'optimisation du système
CCleaner v4.17

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 16 ActiveX
Adobe Reader X

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3893 MB (44% free)
System Restore: Activé (Enable)
System drive C: has 140 GB (59%) free of 237 GB

---\\ Mode de connexion au système
~ Computer Name: NIDTALEB-PC
~ User Name: NIDTALEB
~ All Users Names: NIDTALEB, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\NIDTALEB\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\NIDTALEB\AppData\Roaming\
~ %Desktop% : C:\Users\NIDTALEB\Desktop\
~ %Favorites% : C:\Users\NIDTALEB\Favorites\
~ %LocalAppData% : C:\Users\NIDTALEB\AppData\Local\
~ %StartMenu% : C:\Users\NIDTALEB\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 140 Go of 237 Go)
D: Hard drive, Flash drive, Thumb drive (Free 8 Go of 20 Go)
E: CD-ROM drive (Not Inserted)
G: Hard drive, Flash drive, Thumb drive (Free 171 Go of 205 Go)
H: CD-ROM drive (Free 0 Go of 3 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 46 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.AC4C51EB24AA95B77F705AB159189E24] - (.Microsoft Corporation - Explorateur Windows.) (.20/11/2010 - 13:24:45.) -- C:\Windows\Explorer.exe [2872320]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 01:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.C4AA30C01694001B8374CC62BF9AE6FF] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.09/12/2013 - 00:20:48.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 13:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 13:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 03:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 01:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 23:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 09:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.13/07/2009 - 23:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 02:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 14:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 10:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 11:06:41.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 09:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 13:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/35
~ Mes musiques (My Musics) : 4/5
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/26
~ Mes Documents (My Documents) : 7/99
~ Mon Bureau (My Desktop) : 2/4203
~ Menu demarrer (Programs) : 1/42
~ Hidden Files: Scanned in 00mn 01s



---\\ Processus lancés
[MD5.349AB4F70E2AC44970894E7F03E1576E] - (.Huawei Technologies Co., Ltd. - DataCardMonitor MFC Application.) -- C:\ProgramData\DatacardService\DCSHelper.exe [236384] [PID.1432]
[MD5.D0A518D233620D59A3D2D79511FBB736] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [6212408] [PID.2148]
[MD5.B7F55E2AE978D3D34F7876EE5D689AAE] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488] [PID.3400]
[MD5.3FAFBCCE3F066EDCC263E25A786FFD50] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016] [PID.3584]
[MD5.72DDAC9716A429425BD47619CD6B7C28] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3858000] [PID.3728]
[MD5.47C1DE0A890613FFCFF1D67648EEDF90] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920] [PID.3860]
[MD5.59069C831AB78064EBAA5270AB5EA7A8] - (.Pas de propriétaire - AutoDect.) -- C:\Program Files (x86)\Internet Haut Débit Mobile\AutoDect.exe [129872] [PID.3796]
[MD5.E3573EBDE923BB48AE1C8672988B5772] - (.Disc Soft Ltd - DAEMON Tools Shell Extensions Helper.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe [2630928] [PID.4968]
[MD5.7C0787598607A46A32726BA8AEAFEF18] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [809288] [PID.4184]
[MD5.6577E0208F612DAF5DE5AD4081BE7696] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8187904] [PID.4868]
[MD5.11A52CF7B265631DEEB24C6149309EFF] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [64952] [PID.1712]
[MD5.3817558D8D5BBC8B0F190CF0D7C4720F] - (.Autodesk, Inc. - Content Service.) -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288] [PID.1852]
[MD5.6227D8C06F94D4C59623AC661947CCD1] - (.Foxit Software Inc. - Foxit Cloud Safe Update Service.) -- C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244448] [PID.1996]
[MD5.F9BD48630768BD3413972F2AEB49974F] - (.SafeNet Inc. - Sentinel LDK License Manager Service.) -- C:\Windows\system32\hasplms.exe [4609928] [PID.2032]
[MD5.66AAE701A787E4BDF73116B79274DC86] - (...) -- C:\ProgramData\Internet Mobile\OnlineUpdate\ouc.exe [655744] [PID.1952]
[MD5.86701B8E4C53280AA8642AC85F8500F4] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160] [PID.1372]
[MD5.E27891A49DF92004041FEC5C3A2D4230] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120] [PID.2076]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\NIDTALEB\AppData\Local\Google\Chrome\User Data\Default\Preferences

---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 0 Legitimates Filtered in 00mn 02s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\NIDTALEB\AppData\Roaming\Mozilla\Firefox\Profiles\cc6wgnbg.default\prefs.js
M3 - MFPP: Plugins - [NIDTALEB] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\default-search.xml =>Hijacker.Browsers
M3 - MFPP: Plugins - [NIDTALEB] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\MediaDICO-fr.xml
~ Firefox Browser: 12 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.10.19.1:3128
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\QuickLaunch [NIDTALEB]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\NIDTALEB\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\Desktop [NIDTALEB]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\NIDTALEB\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 2 Legitimates Filtered in 00mn 01s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe =>.Realtek Semiconductor Corp
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\NIDTALEB\AppData\Roaming\uTorrent\updates\3.4.2_37754.exe =>P2P.BitTorrent
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [Autodesk Sync] . (.Autodesk, Inc. - Autodesk 360.) -- C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [autodetect] . (.Pas de propriétaire - AutoDect.) -- C:\Program Files (x86)\Internet Haut Débit Mobile\AutoDect.exe
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] . (.Autodesk, Inc. - Autodesk 360.) -- C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] . (.Autodesk, Inc. - Autodesk 360.) -- C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-887702475-2095873223-1482034817-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\NIDTALEB\AppData\Roaming\uTorrent\updates\3.4.2_37754.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-887702475-2095873223-1482034817-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-887702475-2095873223-1482034817-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-21-887702475-2095873223-1482034817-1000\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKUS\S-1-5-21-887702475-2095873223-1482034817-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-887702475-2095873223-1482034817-1000\..\Run: [Autodesk Sync] . (.Autodesk, Inc. - Autodesk 360.) -- C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
~ Application: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{F4D46F7C-217B-4AFC-AF53-7352BA0363EF}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{F4D46F7C-217B-4AFC-AF53-7352BA0363EF}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{F4D46F7C-217B-4AFC-AF53-7352BA0363EF}: NameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) . (.Foxit Software Inc. - Foxit Cloud Safe Update Service.) - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
~ Services: 13 Legitimates Filtered in 00mn 12s



---\\ Tâches planifiées en automatique (O39)
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1066]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1070]
~ Scheduled Task: 13 Legitimates Filtered in 00mn 11s



---\\ Logiciels installés (O42)
O42 - Logiciel: ARC-FLASH-ANALYTICS - (.Mykhaylo Furtak.) [HKLM][64Bits] -- {C25404BB-E001-4794-9FF7-5B7870FD5F10}
O42 - Logiciel: Arc Flash Analytic version 5.0.4 - (.ARCAD INC..) [HKLM][64Bits] -- {7DE62A56-1EC5-4575-BBC8-81F7243A7818}_is1
O42 - Logiciel: CYMDIST 4.5 Rev 12 (Français) - (.CYME.) [HKLM][64Bits] -- InstallShield_{672BF505-55F5-45D9-9CF8-3A585754E8A6}
O42 - Logiciel: CYMTCC 4.5 Rev 7 (Français) - (.CYME.) [HKLM][64Bits] -- InstallShield_{49034DD2-90D4-4DBF-A390-6287DB4D1B7F}
O42 - Logiciel: Ecodial 3.38 - (...) [HKLM][64Bits] -- {5BB9966E-D03D-41FC-8AC1-06D30B651F9C}
O42 - Logiciel: ÇáÏÑÑ ÇáÓäíÉ - (...) [HKLM][64Bits] -- ÇáÏÑÑ ÇáÓäíÉ
~ Logic: 23 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\CYME]
[HKCU\Software\Clubic]
[HKCU\Software\OverPDF]
[HKCU\Software\PC Optimizer]
[HKCU\Software\PowerWorld]
[HKCU\Software\ProductSetup] =>Adware.InstallCore
[HKLM\Software\Wow6432Node\CYME]
~ Key Software: 265 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 29/09/2014 - 15:00:51 - [] ----D C:\Program Files (x86)\ARC FLASH ANALYTIC V5.0
O43 - CFD: 18/09/2014 - 20:57:29 - [] ----D C:\Program Files (x86)\ARC-FLASH-ANALYTIC
O43 - CFD: 26/03/2014 - 21:35:08 - [] ----D C:\Program Files (x86)\Dorar
O43 - CFD: 20/03/2015 - 17:08:06 - [] ----D C:\Program Files (x86)\OverCAD PDF to DWG Converter
O43 - CFD: 18/08/2014 - 19:50:24 - [] ----D C:\Program Files (x86)\PowerWorld
O43 - CFD: 04/04/2015 - 10:42:08 - [0] ----D C:\Program Files (x86)\Settings Manager =>PUP.SystemK
O43 - CFD: 17/03/2015 - 10:57:56 - [] ----D C:\ProgramData\FARO
O43 - CFD: 29/09/2014 - 15:00:51 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arc Flash Analytic V5.0
O43 - CFD: 18/09/2014 - 20:57:29 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ARC-FLASH-ANALYTIC
O43 - CFD: 02/09/2014 - 14:40:25 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CYME
O43 - CFD: 10/01/2014 - 20:15:11 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ecodial338
O43 - CFD: 20/03/2015 - 16:57:36 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OverCAD PDF to DWG Converter
O43 - CFD: 18/08/2014 - 19:50:35 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerWorld
O43 - CFD: 20/05/2014 - 14:00:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PSIM 9.0.3 (softkey time-limited)
O43 - CFD: 14/07/2009 - 15:35:02 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 26/03/2014 - 21:34:06 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ÇáÏÑÑ ÇáÓäíÉ
O43 - CFD: 29/09/2014 - 15:02:11 - [] ----D C:\Users\NIDTALEB\AppData\Roaming\afav50
O43 - CFD: 04/04/2015 - 10:42:09 - [0] ----D C:\Users\NIDTALEB\AppData\Roaming\FirefoxToolbar
O43 - CFD: 05/12/2014 - 20:28:48 - [] ----D C:\Users\NIDTALEB\AppData\Roaming\Prodiance
O43 - CFD: 06/07/2014 - 13:42:02 - [] ----D C:\Users\NIDTALEB\AppData\Roaming\SecureSearch
O43 - CFD: 10/02/2014 - 12:55:29 - [] ----D C:\Users\NIDTALEB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ãßÊÈÉ ÇáÔíÎ ÕÇáÍ Âá ÇáÔíÎ
O43 - CFD: 26/03/2014 - 21:34:05 - [0] ----D C:\Users\NIDTALEB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ÇáÏÑÑ ÇáÓäíÉ
~ Program Folder: 203 Legitimates Filtered in 00mn 01s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.C32E4EA79F9866D9FC3CD943AA38D578] - 04/04/2015 - 09:56:22 ---A- . (...) -- C:\Windows\win.ini [565]
O44 - LFC:[MD5.F6EA004BC8A3798CBDC1F380AB9188FA] - 20/03/2015 - 17:03:01 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{38c95e98-da81-4038-a23a-50d0e098cff8}Gw64.sys.mwt [48784] =>PUP.LinkiDoo
O44 - LFC:[MD5.DEDC19EF61804B8BF52D61A5BA7FB86E] - 22/03/2015 - 04:07:42 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{06146dd6-a059-4c4d-9840-35b694aad4ae}Gw64.sys.mwt [48784] =>PUP.LinkiDoo
O44 - LFC:[MD5.B94DE0BBAD78C208833D5C9C6BCB5B6B] - 22/03/2015 - 19:57:03 ---A- . (...) -- C:\Windows\REGBK00.ZIP [18614908]
O44 - LFC:[MD5.EC3076891B6A1E1D6A9EE8A2300048CB] - 24/03/2015 - 08:13:44 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{13e8d46d-09b8-4fd6-b75a-25c04a0db747}Gw64.sys.mwt [48784] =>PUP.LinkiDoo
O44 - LFC:[MD5.8116A7950296927426325D0BAA700A61] - 29/03/2015 - 08:42:57 ---A- . (...) -- C:\Windows\Lic.xxx [29]
O44 - LFC:[MD5.7C9D11628EB5702AF5367A7549BB8BBD] - 29/03/2015 - 08:42:57 ---A- . (...) -- C:\Windows\general.log [380]
~ Files: 22 Legitimates Filtered in 00mn 03s



---\\ Clé de registre Shell MountPoints2 (MPSK) (O51)
O51 - MPSK:{0f5e9763-5c76-11e3-8f4d-74de2bda6ebc}\AutoRun\command. (...) -- H:\AutoRun.exe (.not file.)
O51 - MPSK:{0f5e976f-5c76-11e3-8f4d-74de2bda6ebc}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{14c0e6b8-3350-11e4-ba2c-74de2bda6ebc}\AutoRun\command. (...) -- F:\autorun.exe (.not file.)
O51 - MPSK:{1736fc38-70e3-11e4-8e2b-74de2bda6ebc}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{3fec7168-5cca-11e3-bdd5-001e101f859f}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{9d4ee230-336a-11e4-918d-74de2bda6ebc}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{ff59a223-cc7d-11e4-8b86-74de2bda6ebc}\AutoRun\command. (.Autodesk, Inc. - Autodesk component.) -- H:\Setup.exe
~ Keys: Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:14/07/2009 - 01:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 20:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:09/06/2014 - 08:41:00 ---A- . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\Drivers\idmwfp.sys [180136]
O58 - SDL:26/03/2011 - 10:37:12 ---A- . (.MBB Incorporated - CDROM Filter.) -- C:\Windows\System32\Drivers\massfilter.sys [11776]
O58 - SDL:14/07/2009 - 01:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:22/03/2015 - 04:07:42 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{06146dd6-a059-4c4d-9840-35b694aad4ae}Gw64.sys.mwt [48784] =>PUP.LinkiDoo
O58 - SDL:24/03/2015 - 08:13:44 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{13e8d46d-09b8-4fd6-b75a-25c04a0db747}Gw64.sys.mwt [48784] =>PUP.LinkiDoo
O58 - SDL:20/03/2015 - 00:15:32 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{38c95e98-da81-4038-a23a-50d0e098cff8}Gw64.sys.mwt [48784] =>PUP.LinkiDoo
~ Drivers: 90 Legitimates Filtered in 00mn 00s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 01/08/2013 - C:\Windows\system32\drivers\aksfridge.sys (aksfridge) .(.SafeNet Inc. - Ancillary Function Driver.) - LEGACY_AKSFRIDGE
O64 - Services: CurCS - 17/03/2015 - C:\Windows\system32\drivers\mwac.sys (MBAMWebAccessControl) .(.Malwarebytes Corporation - Malwarebytes Web Access Control.) - LEGACY_MBAMWEBACCESSCONTROL
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
~ Legacy: 181 Legitimates Filtered in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.scr> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 12 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} - (SecureSearch) - http://securedsearch2.lavasoft.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.733319E8380BADDE759CD8462331D21F] [SPRF][21/08/2014] (...) -- C:\ProgramData\ntuser.dat [262144]
~ Files: 5 Legitimates Filtered in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{E6AD2CA4-DAFC-48DF-BC05-0F65A7519BC0}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\NIDTALEB\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{A53518DD-1366-47A3-B087-98E72B2B2B7C}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\NIDTALEB\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 01s



---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Microsoft\Tracing\TornTvUpdater_RASAPI32 =>Hijacker.TornTV
HKLM\SOFTWARE\Microsoft\Tracing\TornTvUpdater_RASMANCS =>Hijacker.TornTV
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\biSetup36378_RASAPI32 =>Adware.MegaSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\biSetup36378_RASMANCS =>Adware.MegaSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\onlysearch_RASAPI32 =>PUP.OnlySearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\onlysearch_RASMANCS =>PUP.OnlySearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_windows-xp-service-pack-3-iso_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_windows-xp-service-pack-3-iso_RASMANCS =>Toolbar.Conduit
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Toolbar Cleaner uninstall_RASAPI32 =>PUP.ToolbarCleaner
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Toolbar Cleaner uninstall_RASMANCS =>PUP.ToolbarCleaner
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\TornTV_RASAPI32 =>Hijacker.TornTV
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\TornTV_RASMANCS =>Hijacker.TornTV
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent-3_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent-3_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASMANCS =>P2P.µTorrent
~ BTK: 340 Legitimates Filtered in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 05/02/2015 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 17/12/2013 1934608 | (DialComService) . (.DIAL GmbH.) - C:\Program Files (x86)\DIAL GmbH\DIAL Communication Framework\DialComService.exe
SS - | Demand 17/03/2015 1471352 | (FlexNet Licensing Service 64) . (.Flexera Software LLC.) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
SS - | Auto 04/12/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 04/12/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 05/12/2013 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 22/10/2004 73728 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
SS - | Auto 10/09/2012 655744 | (Internet Mobile. RunOuc) . (...) - C:\Program Files (x86)\Internet Mobile\UpdateDog\ouc.exe
SS - | Demand 26/06/2014 1771560 | (PDF Architect 2) . (.pdfforge GmbH.) - C:\Program Files (x86)\PDF Architect 2\ws.exe
SS - | Demand 26/06/2014 861736 | (pdfforge CrashHandler) . (.pdfforge GmbH.) - C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe
SS - | Auto 03/04/2014 315008 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 06/06/2011 64952 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 17/11/2009 98208 | (AERTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
SR - | Auto 13/12/2012 12288 | (Autodesk Content Service) . (.Autodesk, Inc..) - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
SR - | Auto 28/10/2014 244448 | (FoxitCloudUpdateService) . (.Foxit Software Inc..) - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
SR - | Auto 01/08/2013 4609928 | (hasplms) . (.SafeNet Inc..) - C:\Windows\system32\hasplms.exe
SR - | Auto 14/03/2011 346976 | (HWDeviceService64.exe) . (...) - C:\ProgramData\DatacardService\HWDeviceService64.exe
SR - | Auto 25/10/2013 2768208 | (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe
SR - | Auto 17/03/2015 1871160 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
SR - | Auto 17/03/2015 1080120 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
SR - | Auto 16/10/2013 289496 | (RtkAudioService) . (.Realtek Semiconductor.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 22/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 18s



---\\ Scan Additionnel (O88)
Database Version : 13008 - (19/03/2015)
Clés trouvées (Keys found) : 7
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 1

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}] =>PUP.ToolbarCleaner
[HKLM\Software\Classes\CLSID\{6c97a91e-4524-4019-86af-2aa2d567bf5c}] =>Toolbar.AdAware
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6c97a91e-4524-4019-86af-2aa2d567bf5c}] =>Toolbar.AdAware
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6c97a91e-4524-4019-86af-2aa2d567bf5c}] =>Toolbar.AdAware
[HKLM\Software\Classes\protector_dll.protectorbho.1] =>PUP.BProtector
[HKLM\Software\Classes\protector_dll.protectorbho] =>PUP.BProtector
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2514}] =>Adware.Bandoo^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.BitTorrent^
C:\Program Files (x86)\Settings Manager =>PUP.SystemK^
[HKCU\Software\ProductSetup] =>Adware.InstallCore^
~ Additionnel Scan: 357157 Items scanned in 00mn 32s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Clé de registre Shell MountPoints2 (MPSK) (O51)
~ AMI: 4 Legitimates Filtered in 00mn 00s



---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/hijacker-browsers =>Hijacker.Browsers
http://nicolascoolman.fr/adware-installcore =>Adware.InstallCore
http://nicolascoolman.fr/pup-systemk =>PUP.SystemK
http://nicolascoolman.fr/pup-linkidoo =>PUP.LinkiDoo
http://nicolascoolman.fr/hijacker-torntv =>Hijacker.TornTV
http://nicolascoolman.fr/adware-megasearch =>Adware.MegaSearch
http://www.nicolascoolman.fr/blog/ =>PUP.OnlySearch
http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit
http://nicolascoolman.fr/pup-toolbarcleaner =>PUP.ToolbarCleaner
http://www.nicolascoolman.fr/blog/ =>Toolbar.AdAware
http://nicolascoolman.fr/pup-bprotector =>PUP.BProtector
http://nicolascoolman.fr/adware-bandoo =>Adware.Bandoo
~ MSI: 12 link(s) detected in 00mn 00s



~ 892 Legitimates filtered by white list
End of the scan (514 lines in 01mn 48s)(0.11)

Publicité


Signaler le contenu de ce document

Publicité