cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2015.4.28.44 - Nicolas Coolman (28/04/2015)
~ Lancé par JMJ (01/05/2015 13:45:29)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17728
MFIE: Mozilla Firefox 37.0.2 (Defaut)
GCIE: Google Chrome v42.0.2311.135
OBIE: Safari v5.34.57.2

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, RETAIL channel
Windows ID Activation : OK
~ Windows Partial Key : D9DYQ
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)

---\\ Logiciels de protection du système
Malwarebytes Anti-Malware version 2.1.6.1022
Spybot - Search & Destroy v2.4.40
SUPERAntiSpyware v6.0.1170
Windows Defender W7 (Deactivate)

---\\ Logiciels d'optimisation du système
CCleaner v5.05

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 17 NPAPI
Adobe Acrobat Reader DC - Français

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4095.2 MB (50% free)
System Restore: Activé (Enable)
System drive C: has 239 GB (51%) free of 468 GB

---\\ Mode de connexion au système
~ Computer Name: JMJ-PC
~ User Name: JMJ
~ All Users Names: JMJ, HomeGroupUser$, ASPNET, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\JMJ\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\JMJ\AppData\Roaming\
~ %Desktop% : C:\Users\JMJ\Desktop\
~ %Favorites% : C:\Users\JMJ\Favorites\
~ %LocalAppData% : C:\Users\JMJ\AppData\Local\
~ %StartMenu% : C:\Users\JMJ\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 239 Go of 468 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 14 Go)
E: CD-ROM drive (Not Inserted)
J: Hard drive, Flash drive, Thumb drive (Free 202 Go of 449 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.77B35D0FC22A2D2EAC8D07C3F9784DBF] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.13/03/2015 - 03:45:57.) -- C:\Windows\System32\wininet.dll [2358784]
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.17/07/2014 - 03:07:24.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 12:06:41.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) (.11/11/2014 - 02:46:26.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 3/10334
~ Mes musiques (My Musics) : 1/7822
~ Mes Videos (My Videos) : 2/651
~ Mes Favoris (My Favorites) : 1/77
~ Mes Documents (My Documents) : 3/80544
~ Mon Bureau (My Desktop) : 2/9
~ Menu demarrer (Programs) : 1/172
~ Hidden Files: Scanned in 00mn 26s



---\\ Processus lancés
[MD5.C65B115A03DB0260895DE96681E88221] - (.CyberLink Corp. - HP DVDSmart Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [128296] [PID.2848]
[MD5.EF06E2DEDA4BEBF1848FE395D078FFC1] - (.CyberLink - CyberLink MediaLibray Service.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [206120] [PID.2860]
[MD5.345B45BE09381D2011EB7F9AC11D8AC4] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [376944] [PID.3500]
[MD5.CFEF54CB103736A86347259BFAB4817D] - (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe [1536544] [PID.1072]
[MD5.5420880623BD70F2EB6BB62C43620590] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8204800] [PID.1976]
[MD5.49B1E5AF3AA400752A20BE169CB73DFA] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [410952] [PID.964]
[MD5.929593D76589294BA3F74540298D1B3E] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088] [PID.1720]
[MD5.83BB030C71C9727DCFB2737005772C4E] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe [232264] [PID.2216]
[MD5.2B8A40D4D7407E27EB817043A7825BD0] - (.Microsoft Corporation - SQL Server Windows NT.) -- C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [43044512] [PID.2376]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ysWOW64\rundll32.exe [0] [PID.2492]
[MD5.68D6C7F99BC73B88954D844FCCBEB2A0] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408] [PID.1128]
[MD5.9B9B368A8FF5CAF91D7A333CF62CD2CC] - (.Safer-Networking Ltd. - Windows Security Center integration..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928] [PID.3376]
[MD5.D777F1417D9BB9F66CD9D9C3B61F730F] - (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168] [PID.3152]
~ Processes Running: Scanned in 00mn 01s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\JMJ\AppData\Local\Google\Chrome\User Data\Default\Preferences

---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 14 Legitimates Filtered in 00mn 01s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\JMJ\AppData\Roaming\Mozilla\Firefox\Profiles\0c28gtmd.default-1427190744710\prefs.js
C:\Users\JMJ\AppData\Roaming\Mozilla\Firefox\Profiles\sgaeghso.default\prefs.js
M3 - MFPP: Plugins - [JMJ] -- C:\Users\JMJ\AppData\Roaming\Mozilla\Firefox\Profiles\sgaeghso.default\searchplugins\improvedsearch.xml
M2 - MFEP: RegExtension {B64D9B05-48E1-4CEB-BF58-E0643994E900} . (...) -- C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ (.not file.)
M2 - MFEP: Extension [JMJ - 0c28gtmd.default-1427190744710] trafficlight@bitdefender.com.xpi
M2 - MFEP: Extension [JMJ - 0c28gtmd.default-1427190744710] {b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
M2 - MFEP: Extension [JMJ - 0c28gtmd.default-1427190744710] {E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi =>PUP.ScorpionSaver
M2 - MFEP: Extension [JMJ - sgaeghso.default] trafficlight@bitdefender.com.xpi
M2 - MFEP: Extension [JMJ - sgaeghso.default] {b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
M2 - MFEP: Extension [JMJ - sgaeghso.default] {E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi =>PUP.ScorpionSaver
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - FPN: [HKLM] [@mcafee.com/MSC,version=10] - (...) -- C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll
~ Firefox Browser: 34 Legitimates Filtered in 00mn 01s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\System32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (15521)
~ Hosts File: Scanned in 00mn 09s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKLM\..\Wow6432Node\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Wow6432Node\Run: [mcpltui_exe] . (.McAfee, Inc. - McAfee.) -- C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
O4 - HKUS\S-1-5-21-1836565648-3576843417-1317231532-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Console Sun Java [64Bits] - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -- Clé orpheline
O9 - Extra button: Free YouTube Download [64Bits] - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} . (...) -- C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\dvdvideosoft.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] http.geoportail.fr
O15 - Trusted Zone: [HKLM\...\Domains] http.geoportail.fr
~ IE Zone Confiance: Scanned in 00mn 02s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} ((no name)) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{7d1b968b-ea41-4538-a031-1ed1a8665387}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 =>.Google DNS Redirections
O17 - HKLM\System\CCS\Services\Tcpip\..\{783C3A80-E335-438B-931A-85B0FE754904}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{7d1b968b-ea41-4538-a031-1ed1a8665387}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{783C3A80-E335-438B-931A-85B0FE754904}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{7d1b968b-ea41-4538-a031-1ed1a8665387}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 =>.Google DNS Redirections
O17 - HKLM\System\CS2\Services\Tcpip\..\{783C3A80-E335-438B-931A-85B0FE754904}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{7d1b968b-ea41-4538-a031-1ed1a8665387}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{7d1b968b-ea41-4538-a031-1ed1a8665387}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 =>.Google DNS Redirections
O17 - HKLM\System\CS3\Services\Tcpip\..\{783C3A80-E335-438B-931A-85B0FE754904}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{7d1b968b-ea41-4538-a031-1ed1a8665387}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd. - Windows Security Center integration..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
~ Services: 20 Legitimates Filtered in 00mn 11s



---\\ Tâches planifiées en automatique (O39)
[MD5.A903DCA2134D44FE1ADDC86FCD2784A6] [APT] [5abPuTOcpKEKKmL] (...) -- C:\Users\JMJ\AppData\Roaming\qeC203E\wZoIll8.exe [4096]
[MD5.00000000000000000000000000000000] [APT] [WpsUpdateTask_JMJ] (...) -- C:\Program Files (x86)\Kingsoft\Kingsoft Office\office6\wpsupdate.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{00B1273C-E207-45D2-BB92-5F5E2FF8EB8B}] (...) -- J:\Downloads\adsl_TV_1.99_Ultimate_Build_4_6938.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{02ABF705-C101-47AE-B88C-1BBF2ABE7705}] (...) -- J:\Downloads\JavaSetup6u26.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{057B0475-DC34-4447-9120-1BFBC5178C31}] (...) -- K:\setupSNK.exe (.not file.) [0]
[MD5.D640054FFC3831431BC6D12265D85A91] [APT] [{14BED3C1-4BF9-4C08-84F6-67AA56A15E64}] (.The Audacity Team.) -- C:\Program Files (x86)\Audacity\audacity.exe [7457792]
[MD5.00000000000000000000000000000000] [APT] [{1E987BB4-28B7-4CA6-B11C-67A5EC60C494}] (...) -- J:\Downloads\italian_pack.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{20BEEB9C-9DF9-4970-8C05-6D449F50798B}] (...) -- J:\Downloads\ccm-2.0.7.exe (.not file.) [0]
[MD5.A75F8AD162B673CF28DF0C49B7F26711] [APT] [{29C6A3C2-2D0A-45C9-8538-6BED7012FEA3}] (...) -- J:\Prog_divers\GWBasic\GWBASIC.exe [80608]
[MD5.00000000000000000000000000000000] [APT] [{2ECF87BE-22EA-43BC-9916-B118C77222CC}] (...) -- J:\Downloads\mmplugin.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{61D202F2-E452-43CF-B4CB-4BC8D8BEEDB1}] (...) -- C:\Users\JMJ\Documents\Prog_divers\RegSeeker\RegSeeker\RegSeeker.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{682E0A43-AA45-463E-AFD1-410C1A1EA0CB}] (...) -- J:\Downloads\CanonPilotes.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{6BE1FBC3-6EEB-4D51-B35A-86F487E1D677}] (...) -- J:\Downloads\CP510_64.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{70EC1A31-85B7-4413-A462-AFDD010B408B}] (...) -- J:\Downloads\lj631fr.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{720443EA-BA0D-4CC8-94AF-9FBAEB123E47}] (...) -- J:\Downloads\RemplaceTexte.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{7352299C-9998-43C5-8DC1-0B52C56C23C4}] (...) -- C:\Users\JMJ\Downloads\regcleaner.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{77B3F0A1-5025-4482-BC16-81223EB73FC2}] (...) -- C:\Program Files (x86)\Axon Data\AxCrypt\AxCryptU.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{7C69A8BF-CB5D-4BC7-A75D-9C7218934683}] (...) -- C:\Program Files (x86)\Common Files\Logitech\QCDRV\BIN\SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{8E9AD4D1-70BC-40AE-9875-1612337E6E50}] (...) -- J:\Downloads\sp44474.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{909460CD-3A3F-4AFF-9A5B-DC170576D507}] (...) -- C:\Users\JMJ\Documents\prog_divers\Procexpnt\procexp.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A3C1E5E5-12A7-4A05-97B9-E2F480723D63}] (...) -- J:\Downloads\PVMsetup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A9C5FDA4-320F-4990-947B-71A4668E8DF9}] (...) -- J:\Downloads\Windows_Movie_Maker_2.0.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B3BD1980-76EB-47CD-9BEC-726288A2C4FF}] (...) -- J:\Sauvegarde t‚l‚chargements\FLVplayer_v0.0.5.exe (.not file.) [0] =>PUP.FLVPlayer
[MD5.00000000000000000000000000000000] [APT] [{B98E62CC-1CFD-47FD-BCE5-7E11DFEB1D54}] (...) -- J:\Downloads\Freeplayer-Win32-20070531.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F277A293-7F60-4C9C-9DA3-B07217CAD084}] (...) -- J:\Downloads\FuturePinballSetup_v1.9.20081225.exe (.not file.) [0]
[MD5.AC43407D3DBF5D7F672FEFF11D3EC5C0] [APT] [{F4258BE9-FCB4-409E-ADDE-7F344A44CF70}] (...) -- C:\Program Files (x86)\Skyline\TerraExplorer\Setup.exe [124632]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1066]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1070]
O39 - APT: WpsUpdateTask_JMJ - (...) -- C:\Windows\Tasks\WpsUpdateTask_JMJ.job [370]
O39 - APT: WpsUpdateTask_JMJ - (...) -- C:\Windows\System32\Tasks\WpsUpdateTask_JMJ [370]
~ Scheduled Task: 55 Legitimates Filtered in 00mn 07s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (dtsoftbus01) . (. - .) - C:\Windows\System32\DRIVERS\dtsoftbus01.sys (.not file.)
O41 - Driver: (HssDRV6) . (. - .) - C:\Windows\System32\DRIVERS\hssdrv6.sys (.not file.)
O41 - Driver: (MOBKFilter) . (. - .) - C:\Windows\System32\DRIVERS\MOBK.sys (.not file.)
~ Drivers: 110 Legitimates Filtered in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: Assembly Studio 86 - (...) [HKLM][64Bits] -- Assembly Studio 86
O42 - Logiciel: CodeS-SourceS Toolbox - (.UNKNOWN.) [HKLM][64Bits] -- {FDC3D519-D04A-29F8-9C97-77601B964168}
O42 - Logiciel: CommentCaMarche 2.0.7 - (.PILLOU Jean-François.) [HKLM][64Bits] -- CommentCaMarche 2.0.7_is1
O42 - Logiciel: ESI - Romio MIDI Driver - (...) [HKLM][64Bits] -- ESI - Romio MIDI Driver Setup
O42 - Logiciel: Harmony Assistant - (.Myriad SARL.) [HKLM][64Bits] -- Harmony Assistant
O42 - Logiciel: LMMS 0.4.13 - (.LMMS Developers.) [HKLM][64Bits] -- lmms
O42 - Logiciel: Lecture Musicale Multimédia HN - (...) [HKLM][64Bits] -- Lecture Musicale Multimédia HN
O42 - Logiciel: OMeR - (...) [HKLM][64Bits] -- OMeR
O42 - Logiciel: Rapport - (...) [HKLM][64Bits] -- {1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}
O42 - Logiciel: StarDict (remove only) - (...) [HKLM][64Bits] -- StarDict
O42 - Logiciel: USB File Transfer 1.11A - (...) [HKLM][64Bits] -- USB File Transfer 1.11A
~ Logic: 29 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\A99F53189]
[HKCU\Software\Calculator Programming]
[HKCU\Software\Clubic]
[HKCU\Software\Football News App]
[HKCU\Software\LAVResearch]
[HKCU\Software\ProductSetup] =>Adware.InstallCore
[HKCU\Software\WSVCUPlugin]
[HKCU\Software\gps]
[HKCU\Software\ƒAƒvƒŠƒP[ƒVƒ‡ƒ“ ƒEƒBƒU[ƒh‚Ő¶¬‚³‚ꂽƒ[ƒJƒ‹ ƒAƒvƒŠƒP[ƒVƒ‡ƒ“]
[HKLM\Software\Wow6432Node\AntimalwareSolution]
[HKLM\Software\Wow6432Node\Awsdata]
[HKLM\Software\Wow6432Node\Bram Bos]
[HKLM\Software\Wow6432Node\Calculator Programming]
[HKLM\Software\Wow6432Node\DJOnlineFB]
[HKLM\Software\Wow6432Node\IncrediMail]
[HKLM\Software\Wow6432Node\LMMS Developers]
[HKLM\Software\Wow6432Node\SmartUtils]
[HKLM\Software\Wow6432Node\stardict]
~ Key Software: 714 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 24/02/2014 - 00:51:36 - [] ----D C:\Program Files (x86)\Assembly Studio 86
O43 - CFD: 22/10/2012 - 22:20:40 - [] ----D C:\Program Files (x86)\CodeS-SourceS ToolBox
O43 - CFD: 08/08/2011 - 10:49:29 - [] ----D C:\Program Files (x86)\CommentCaMarche
O43 - CFD: 03/12/2012 - 01:08:34 - [] ----D C:\Program Files (x86)\Editeur de cartes
O43 - CFD: 24/01/2015 - 02:12:39 - [] ----D C:\Program Files (x86)\Free Codec Pack
O43 - CFD: 23/04/2015 - 17:54:11 - [] ----D C:\Program Files (x86)\GUM2397.tmp
O43 - CFD: 25/03/2015 - 16:13:34 - [] ----D C:\Program Files (x86)\GUME282.tmp
O43 - CFD: 27/05/2013 - 21:14:09 - [] ----D C:\Program Files (x86)\Happy Note
O43 - CFD: 07/12/2014 - 18:28:36 - [] ----D C:\Program Files (x86)\Harmony Assistant
O43 - CFD: 08/08/2014 - 13:55:49 - [] ----D C:\Program Files (x86)\Omer
O43 - CFD: 24/04/2013 - 07:20:14 - [] ----D C:\Program Files (x86)\Q_Basic64
O43 - CFD: 31/10/2011 - 13:16:12 - [] ----D C:\Program Files (x86)\StarDict
O43 - CFD: 15/02/2015 - 23:51:54 - [] ----D C:\Program Files (x86)\ZedTV
O43 - CFD: 17/02/2015 - 23:43:36 - [] ----D C:\ProgramData\atjs
O43 - CFD: 27/01/2013 - 01:13:09 - [] ----D C:\ProgramData\Circe
O43 - CFD: 23/03/2015 - 00:02:59 - [] ----D C:\ProgramData\clp
O43 - CFD: 18/04/2015 - 00:18:46 - [] ----D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
O43 - CFD: 04/01/2011 - 23:38:33 - [] ----D C:\ProgramData\IM
O43 - CFD: 22/01/2010 - 21:29:41 - [] ----D C:\ProgramData\inf
O43 - CFD: 13/09/2013 - 23:11:28 - [0] ----D C:\ProgramData\xml_param
O43 - CFD: 27/09/2012 - 10:14:26 - [0] -SH-D C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
O43 - CFD: 24/09/2012 - 18:19:08 - [0] -SH-D C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
O43 - CFD: 22/03/2015 - 23:29:01 - [0] -SH-D C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 24/02/2014 - 00:51:44 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assembly Studio 86
O43 - CFD: 27/01/2013 - 01:13:09 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Circé France 4.1
O43 - CFD: 03/12/2012 - 01:08:40 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CommentCaMarche
O43 - CFD: 03/12/2012 - 01:08:40 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Editeur de cartes
O43 - CFD: 17/04/2015 - 23:55:09 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
O43 - CFD: 03/12/2012 - 01:08:41 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Les manuels de l'utilisateur
O43 - CFD: 12/04/2013 - 19:02:15 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LMMS 0.4.13
O43 - CFD: 27/12/2012 - 03:54:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarDict
O43 - CFD: 03/12/2012 - 01:08:42 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB File Transfer 1.11A
O43 - CFD: 15/02/2015 - 23:53:02 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZedTV
O43 - CFD: 22/07/2010 - 14:18:41 - [] ----D C:\Users\JMJ\AppData\Roaming\.emacs.d
O43 - CFD: 23/02/2015 - 14:51:32 - [] ----D C:\Users\JMJ\AppData\Roaming\Bqald6O
O43 - CFD: 23/02/2015 - 14:51:32 - [] ----D C:\Users\JMJ\AppData\Roaming\hNywgJ7
O43 - CFD: 15/02/2010 - 22:31:00 - [] ----D C:\Users\JMJ\AppData\Roaming\igraal =>PUP.iGraal
O43 - CFD: 23/02/2015 - 14:51:32 - [] ----D C:\Users\JMJ\AppData\Roaming\qeC203E
O43 - CFD: 22/10/2012 - 22:20:59 - [] R---D C:\Users\JMJ\AppData\Roaming\Recent
O43 - CFD: 30/11/2014 - 13:47:13 - [] ----D C:\Users\JMJ\AppData\Roaming\Reg
O43 - CFD: 22/12/2013 - 21:54:19 - [] ----D C:\Users\JMJ\AppData\Roaming\StarDict
O43 - CFD: 13/09/2013 - 23:07:50 - [0] ----D C:\Users\JMJ\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
O43 - CFD: 05/04/2014 - 15:24:49 - [] ----D C:\Users\JMJ\AppData\Local\Canal.MyCanal
O43 - CFD: 24/10/2013 - 15:11:58 - [] ----D C:\Users\JMJ\AppData\Local\Digital_Distribution
O43 - CFD: 17/11/2014 - 00:06:12 - [] -SH-D C:\Users\JMJ\AppData\Local\EmieBrowserModeList
O43 - CFD: 09/10/2011 - 16:04:29 - [] ----D C:\Users\JMJ\AppData\Local\RadioGet
O43 - CFD: 27/04/2015 - 10:05:23 - [] ----D C:\Users\JMJ\AppData\Local\WEB2Print
O43 - CFD: 03/12/2012 - 01:08:43 - [] ----D C:\Users\JMJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gold Sound Base
O43 - CFD: 07/12/2014 - 18:28:42 - [] ----D C:\Users\JMJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Harmony Assistant
O43 - CFD: 03/12/2012 - 01:08:43 - [] ----D C:\Users\JMJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OMeR
~ Program Folder: 629 Legitimates Filtered in 00mn 02s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.0D4A0E09E3197F3E15357D5EF6B980DC] - 23/04/2015 - 10:46:13 ---A- . (...) -- C:\Windows\wininit.ini [1474]
~ Files: 9 Legitimates Filtered in 01mn 45s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\mfetdi2k.sys . (...) -- C:\Windows\System32\Drivers\mfetdi2k.sys (.not file.)
~ CSB: 18 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\DFX [Key] . (...) -- C:\Program Files (x86)\DFX\DFX.exe
O53 - SMSR:HKLM\...\startupreg\SystemExplorerAutoStart [Key] . (...) -- C:\Program Files (x86)\System Explorer\SystemExplorer.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\WinLaunch [Key] . (.WinLaunch.bplaced.net - WinLaunch.) -- C:\winlaunch_0_4_5_2___mac_launchpad_for_windows_by_mrc0rrupted-d4ldftg\x64(64bit)\WinLaunch.exe
~ SMSR Keys: 18 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "DisableStatusMessages"=0
~ MWPS: 24 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:09/12/2013 - 16:21:28 ---A- . (...) -- C:\Windows\System32\Drivers\avfsfilter.sys [13720]
O58 - SDL:29/05/2012 - 15:53:30 ---A- . (.Windows (R) Codename Longhorn DDK provider - hpvhd 64bit support driver.) -- C:\Windows\System32\Drivers\cpqdfw.sys [27456]
O58 - SDL:13/12/2012 - 16:41:10 ---A- . (.Windows (R) Win 7 DDK provider - Explore Systems Virtual Audio Device.) -- C:\Windows\System32\Drivers\dfx11_1x64.sys [28008]
O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:08/10/2010 - 09:59:40 ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\Drivers\ewdcsc.sys [32768]
O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:29/02/2008 - 10:14:58 ---A- . (.Logicool, Inc. - Logicool HID Filter Driver..) -- C:\Windows\System32\Drivers\LHidFilt.Sys [54800]
O58 - SDL:29/02/2008 - 10:15:06 ---A- . (.Logicool, Inc. - Logicool Mouse Filter Driver..) -- C:\Windows\System32\Drivers\LMouFilt.Sys [57360]
O58 - SDL:29/02/2008 - 10:15:18 ---A- . (.Logicool, Inc. - Logicool USB Filter Driver..) -- C:\Windows\System32\Drivers\LUsbFilt.sys [41488]
O58 - SDL:06/08/2010 - 00:43:20 ---A- . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\Windows\System32\Drivers\mod7700.sys [1001472]
O58 - SDL:01/03/2013 - 02:49:12 ---A- . (.Riverbed Technology, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\System32\Drivers\npf.sys [36600]
O58 - SDL:13/10/2009 - 15:22:40 ---A- . (...) -- C:\Windows\System32\Drivers\nvflash.sys [13416]
O58 - SDL:26/08/2012 - 23:57:03 ---A- . (.PenMount - PenMount Keyboard Device Filter Driver.) -- C:\Windows\System32\Drivers\pmkbdfltr.sys [18832]
O58 - SDL:08/04/2013 - 13:59:24 ---A- . (.ESI - MIDI Driver by ESI.) -- C:\Windows\System32\Drivers\romio.sys [38168]
O58 - SDL:11/06/2009 - 00:13:02 ---A- . (.Windows (R) Codename Longhorn DDK provider - NDIS User mode I/O Driver.) -- C:\Windows\System32\Drivers\RtNdPt60.sys [26624]
O58 - SDL:12/11/2009 - 13:48:56 ---A- . (...) -- C:\Windows\System32\Drivers\StarOpen.sys [5504]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:16/05/2012 - 02:10:14 ---A- . (.AnchorFree Inc - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\taphss.sys [38632]
O58 - SDL:04/02/2015 - 10:55:55 ---A- . (...) -- C:\Windows\System32\Drivers\TrueSight.sys [37624]
O58 - SDL:15/08/2014 - 23:35:00 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:12/11/2009 - 13:48:56 ---A- . (...) -- C:\Windows\SysWOW64\drivers\StarOpen.sys [7168]
O58 - SDL:17/12/2001 - 17:42:30 ---A- . (...) -- C:\Windows\SysWOW64\drivers\usbhsb.sys [18690]
~ Drivers: 117 Legitimates Filtered in 00mn 03s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 17/02/2015 - C:\Windows\System32\drivers\cfwids.sys (cfwids) .(.McAfee, Inc. - McAfee Personal Firewall IDS Plugin.) - LEGACY_CFWIDS
~ Legacy: 130 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Opera\Launcher.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {39551979-39DC-47FC-9DE4-8B66B2CEE970} - ((www.google.com) Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {6EEFC051-B327-4997-9912-E7BFF5836293} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {996B796D-517B-41BF-A400-AF43274A49D9} - (Recherche sécurisée) - http://fr.search.yahoo.com
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.7A48E61442B888505F30A40AD859CCEC] [SPRF][08/04/2013] (...) -- C:\Users\JMJ\AppData\Roaming\wklnhst.dat [1018]
~ Files: 1 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.2B4435B8A24C72CB360B64EB4397D43A] [WIS][16/04/2012] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\20f19cb.msi [45056] =>Adware.Boxore
[MD5.A672E4C77ED7CCC851575B10B46CC8AD] [WIS][09/09/2012] (.IMinent - IMinent Toolbar.) -- C:\Windows\Installer\297694.msi [1019392] =>Adware.IMBooster
[MD5.CBDD24B0E7DC4323ADCEFE461774EE1A] [WIS][07/09/2010] (.Secure Digital Services - FreeCompressor.) -- C:\Windows\Installer\cfefe1.msi [9340928] =>Adware.SPointer
~ WIS: 3 Legitimates Filtered in 01mn 03s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Disabled 23/07/2014 172344 | (!SASCORE) . (.SUPERAntiSpyware.com.) - C:\Program Files\SUPERAntiSpyware\SASCORE64.exe
SS - | Disabled 17/04/2015 268464 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Disabled 19/01/2015 77128 | (Apple Mobile Device Service) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SS - | Disabled 09/12/2013 2009912 | (AV Engine Scanning Service) . (.Preventon Technologies Limited.) - C:\Program Files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVScanningService.exe
SS - | Disabled 09/12/2013 400528 | (AV Watch Service) . (.Preventon Technologies Limited.) - C:\Program Files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVWatchService.exe
SS - | Disabled 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Disabled 27/03/2013 185688 | (Garmin Core Update Service) . (.Garmin Ltd or its subsidiaries.) - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
SS - | Disabled 18/10/2014 107912 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Disabled 18/10/2014 107912 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Disabled 20/11/2008 136120 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Disabled 13/05/2013 1129760 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
SS - | Disabled 11/12/2014 89864 | (HPSupportSolutionsFrameworkService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
SS - | Disabled 09/11/2010 26680 | (HPWMISVC) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
SS - | Disabled 06/02/2013 351824 | (HWDeviceService64.exe) . (...) - C:\ProgramData\DatacardService\HWDeviceService64.exe
SS - | Demand 06/04/2015 643880 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Disabled 18/05/2009 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
SS - | Disabled 14/04/2015 1871160 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
SS - | Auto 14/04/2015 1080120 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
SS - | Demand 27/02/2015 605472 | (McODS) . (.McAfee, Inc..) - C:\Program Files\McAfee\VirusScan\mcods.exe
SS - | Disabled 23/04/2015 148080 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Disabled 21/01/2014 1593632 | (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
SS - | Disabled 21/01/2014 16939296 | (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
SS - | Disabled 03/09/2004 53248 | (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc..) - C:\Windows\SysWOW64\IoctlSvc.exe
SS - | Disabled 01/03/2013 118520 | (rpcapd) . (.Riverbed Technology, Inc..) - C:\Program Files (x86)\WinPcap\rpcapd.exe
SS - | Disabled 18/04/2013 737616 | (ServiceLayer) . (.Nokia.) - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
SS - | Auto 18/02/2015 315488 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Auto 22/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 06/03/2015 81088 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 11/02/2015 340744 | (HomeNetSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 29/04/2015 155368 | (McAfee SiteAdvisor Service) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
SR - | Auto 03/03/2015 752232 | (McAPExe) . (.McAfee, Inc..) - C:\Program Files\McAfee\MSC\McAPexe.exe
SR - | Auto 21/11/2014 422632 | (mccspsvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe
SR - | Auto 11/02/2015 340744 | (McMPFSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 11/02/2015 340744 | (McNaiAnn) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 11/02/2015 340744 | (mcpltsvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 11/02/2015 340744 | (McProxy) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
SR - | Demand 17/02/2015 232656 | (mfefire) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
SR - | Auto 01/03/2015 372144 | (mfemms) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
SR - | Demand 17/02/2015 250672 | (mfevtp) . (.McAfee, Inc..) - C:\Windows\system32\mfevtps.exe
SR - | Auto 11/02/2015 340744 | (MSK80Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 05/02/2015 935056 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 11/12/2014 292568 | (RtkAudioService) . (.Realtek Semiconductor.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
SR - | Auto 24/06/2014 1738168 | (SDScannerService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
SR - | Auto 27/06/2014 2088408 | (SDUpdateService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
SR - | Auto 25/04/2014 171928 | (SDWSCService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
SR - | Auto 05/02/2015 410952 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 16/07/2014 2145080 | (TuneUp.UtilitiesSvc) . (.TuneUp Software.) - C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\uxtuneup.dll (UxTuneUp) . (.TuneUp Software.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 21s



---\\ Scan Additionnel (O88)
Database Version : 13008 - (28/04/2015)
Clés trouvées (Keys found) : 6
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 2
Fichiers trouvés (Files found) : 6

[HKCU\Software\AppDataLow\Software\Avanquest_FR] =>Toolbar.Avanquest
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\02639FE151B44BD40BAE88E9F2810718] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\bdcfkjjffkboloijgealjeijakofmalg] =>Adware.SPointer
[HKCU\AppEvents\Schemes\Apps\Explorer\Navigating\Old_Current] =>PUP.MediaFinder
[HKLM\Software\Classes\Interface\{03480F0D-7897-4FC0-86D8-18B6FF450D2A}] =>Adware.MapsGalaxy
[HKLM\Software\Classes\Interface\{09B8C335-1622-42C7-8650-A79D56551343}] =>Adware.MapsGalaxy
C:\Users\JMJ\AppData\Roaming\igraal =>PUP.iGraal^
C:\Users\JMJ\AppData\LocalLow\Tom's_Guide_France =>Toolbar.TomsGuide
C:\Users\JMJ\AppData\Roaming\Mozilla\Firefox\Profiles\0c28gtmd.default-1427190744710\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi =>PUP.ScorpionSaver^
C:\Users\JMJ\AppData\Roaming\Mozilla\Firefox\Profiles\sgaeghso.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi =>PUP.ScorpionSaver^
[HKCU\Software\ProductSetup] =>Adware.InstallCore^
C:\Windows\Installer\20f19cb.msi =>Adware.Boxore^
C:\Windows\Installer\297694.msi =>Adware.IMBooster^
C:\Windows\Installer\cfefe1.msi =>Adware.SPointer^
~ Additionnel Scan: 596913 Items scanned in 02mn 22s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ AMI: 2 Legitimates Filtered in 00mn 00s



---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/36718501-pup-scorpionsaver =>PUP.ScorpionSaver
http://www.nicolascoolman.fr/blog/ =>PUP.FLVPlayer
http://nicolascoolman.fr/adware-installcore =>Adware.InstallCore
http://www.nicolascoolman.fr/blog/ =>PUP.iGraal
http://nicolascoolman.fr/adware-boxore =>Adware.Boxore
http://nicolascoolman.fr/adware-imbooster =>Adware.IMBooster
http://nicolascoolman.fr/adware-spointer =>Adware.SPointer
http://www.nicolascoolman.fr/blog/ =>Toolbar.Avanquest
http://nicolascoolman.fr/pup-mediafinder =>PUP.MediaFinder
http://nicolascoolman.fr/adware-mapsgalaxy =>Adware.MapsGalaxy
http://nicolascoolman.fr/30923720-toolbar-tomsguide =>Toolbar.TomsGuide
~ MSI: 11 link(s) detected in 00mn 00s



~ 1719 Legitimates filtered by white list
End of the scan (595 lines in 07mn 22s)(0.10)

Publicité


Signaler le contenu de ce document

Publicité