cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2014.12.27.179 - Nicolas Coolman (27/12/2014)
~ Lancé par free (07/05/2015 14:43:06)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Nouvelle version disponible
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17728
OPIE: Opera v12.17 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 3Q6C9
Windows License : OK
~ Windows Remaining Initializations Number : 1
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
Windows Defender W7 (Activate)

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 17 NPAPI

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3947 MB (55% free)
System Restore: Activé (Enable)
System drive C: has 167 GB (73%) free of 228 GB

---\\ Mode de connexion au système
~ Computer Name: FREE-HP
~ User Name: free
~ All Users Names: Guest, free, Administrator,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\free\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\free\AppData\Roaming\
~ %Desktop% : C:\Users\free\Desktop\
~ %Favorites% : C:\Users\free\Favorites\
~ %LocalAppData% : C:\Users\free\AppData\Local\
~ %StartMenu% : C:\Users\free\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 167 Go of 228 Go)
D: Hard drive, Flash drive, Thumb drive (Free 3 Go of 16 Go)
E: CD-ROM drive (Not Inserted)
F: CD-ROM drive (Free 0 Go of 0 Go)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
J: Hard drive, Flash drive, Thumb drive (Free 116 Go of 124 Go)
K: Hard drive, Flash drive, Thumb drive (Free 95 Go of 98 Go)
Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 45 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 01:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.77B35D0FC22A2D2EAC8D07C3F9784DBF] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.13/03/2015 - 02:45:57.) -- C:\Windows\System32\wininet.dll [2358784]
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.17/07/2014 - 02:07:24.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 03:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 06:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 01:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 23:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 03:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 03:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 03:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.13/07/2009 - 23:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 02:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 03:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 02:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 03:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) (.11/11/2014 - 01:46:26.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 03:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/3
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 1/24
~ Mes Favoris (My Favorites) : 1/18
~ Mes Documents (My Documents) : 1/412
~ Mon Bureau (My Desktop) : 2/668
~ Menu demarrer (Programs) : 1/60
~ Hidden Files: Scanned in 00mn 00s



---\\ Processus lancés
[MD5.C0B97E53A0E39A48EEA2DCD500EEA07A] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160] [PID.2412]
[MD5.8192B2E274607D1D530F5C191698C544] - (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944] [PID.2488]
[MD5.8A3B69683E63808719D24E1C68C21CC7] - (.Hewlett-Packard Development Company, L.P. - HP On Screen Display.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960] [PID.2500]
[MD5.59069C831AB78064EBAA5270AB5EA7A8] - (.Pas de propriétaire - AutoDect.) -- C:\Program Files (x86)\Internet Haut Débit Mobile\AutoDect.exe [129872] [PID.2328]
[MD5.4F1F1783FBD5EDCE63CD546813E4AAFE] - (.APN - Ask Toolbar Notifier.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2004360] [PID.2468] =>Toolbar.AskBar
[MD5.B00F98FF6FE8682FF941BEB2559BF191] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488] [PID.4648]
[MD5.D37FB1AB4597E4DB26F2B29D093C4803] - (...) -- C:\Program Files (x86)\Internet Haut Débit Mobile\UIMain.exe [14494536] [PID.4304]
[MD5.7B6DB3D135B9BA5BEE49A605593A007C] - (...) -- C:\Program Files (x86)\Internet Haut Débit Mobile\CMUpdater.exe [679752] [PID.4556]
[MD5.64E8DB17AA4D027C24F302AC0E769EFF] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Opera.exe [879456] [PID.5072]
[MD5.E47AC731D42B2452D4C0BF096DF3DD6E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8145408] [PID.2892]
[MD5.2BB7E9A887F26CDB5C19C76636E85394] - (.APN LLC. - APN Updater.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [178568] [PID.1644] =>Toolbar.AskBar
[MD5.4C4A576818EA028257C624AE36FF7A03] - (.Atheros - Atheros Coex Service Application.) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400] [PID.1720]
[MD5.1F79342D9EB530A48742F651E570983A] - (.Microsoft Corporation - Updates Skype Click to Call.) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176] [PID.1784]
[MD5.E4938E0A376CF0B9D989EE5C0A146891] - (.Microsoft Corporation - Phone Number Recognition (PNR) module.) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520] [PID.1824]
[MD5.2BEC76BDCD1BC080210325E7B5094834] - (.Hewlett-Packard Development Company, L.P. - HP Quick Launch WMI Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [35200] [PID.1920]
[MD5.E4693409D06785477A49FB34AFAE1B92] - (.Realsil Microelectronics Inc. - Realtek Card Reader Icon Tool..) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1817088] [PID.1972]
[MD5.08404F317E194B582BCC20E1D9FF68C9] - (.PDF Complete Inc - Dispatcher.) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448] [PID.2396]
[MD5.39B1D0A636A400304565D4521FAD6D77] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [207528] [PID.2772]
[MD5.77C5A741A7452812F278EF2C18478862] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [523944] [PID.3492]
[MD5.B4D1D62A09F09CB2DFD55628350CDAFB] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822496] [PID.3852]
[MD5.D2946D9F020AE76E9CEF9B4A6DF838C0] - (.Hewlett-Packard Company - HP Software Framework WMI Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [1129760] [PID.3944]
[MD5.B25F192EA1F84A316EB7C19EFCCCF33D] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13336] [PID.2816]
[MD5.D7E0BED3EA21D7BDDD410ADE51708D90] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [325656] [PID.2376]
[MD5.A678E5DDD974903DD71F503BDCACA218] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2656280] [PID.4588]
~ Processes Running: Scanned in 00mn 00s



---\\ Opera, Plugins,Démarrage,Recherche (P1,B0,B1)
B0 - SPO: operaprefs.ini [free] Home URL=http://hespress.com/
~ Opera Browser: 1 Legitimates Filtered in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\free\AppData\Local\Google\Chrome\User Data\Default\Preferences

---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 0 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\free\AppData\Roaming\Mozilla\Firefox\Profiles\QahIMqkg.default\prefs.js (.not file.)
M2 - MFEP: prefs.js [free - QahIMqkg.default\abs@avira.com] [] Segurança do navegador Avira v1.4.7 (..)
~ Firefox Browser: 6 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\System32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Search App by Ask - [HKLM]{41564952-412D-5350-00A7-7A786E7484D7} . (.APN LLC. - Passport.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-SP\Passport_x64.dll =>Toolbar.AskBar
~ Toolbar: Scanned in 00mn 00s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [AtherosBtStack] . (.Atheros Communications - Serveur Stack Bluetooth.) -- C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
O4 - HKLM\..\Run: [AthBtTray] . (.Atheros Commnucations - Bluetooth Suite Common Rescource.) -- C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
O4 - HKLM\..\Run: [HPWirelessAssistant] . (...) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Wow6432Node\Run: [PDF Complete] . (.PDF Complete Inc - Sentry for PDF.) -- C:\Program Files (x86)\PDF Complete\pdfsty.exe =>.PDF Complete Inc
O4 - HKLM\..\Wow6432Node\Run: [HP Quick Launch] . (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Wow6432Node\Run: [HPOSD] . (.Hewlett-Packard Development Company, L.P. - HP On Screen Display.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Wow6432Node\Run: [Athan] . (.www.IslamicFinder.org - Automatic Athan (Azan) five times a day f.) -- C:\Program Files (x86)\Athan\Athan.exe
O4 - HKLM\..\Wow6432Node\Run: [autodetect] . (.Pas de propriétaire - AutoDect.) -- C:\Program Files (x86)\Internet Haut Débit Mobile\AutoDect.exe
O4 - HKLM\..\Wow6432Node\Run: [ApnTBMon] . (.APN - Ask Toolbar Notifier.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe =>Toolbar.AskBar
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3997710370-2038550044-157238394-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 [64Bits] - {25510184-5A38-4A99-B273-DCA8EEF6CD08} . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\Resources\Icons\HP.ico
O9 - Extra button: Send by Bluetooth to [64Bits] - {7815BE26-237D-41A8-A98F-F7BD75F71086} -- Clé orpheline
O9 - Extra button: Skype Click to Call settings [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{C18E669C-9FF9-45D7-89B0-9A04D34F23DE}: NameServer = 212.217.0.12 212.217.1.12
O17 - HKLM\System\CS1\Services\Tcpip\..\{C18E669C-9FF9-45D7-89B0-9A04D34F23DE}: NameServer = 212.217.0.12 212.217.1.12
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Service de mise à jour Ask (APNMCP) . (.APN LLC. - APN Updater.) - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe =>Toolbar.AskBar
~ Services: 14 Legitimates Filtered in 00mn 03s



---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [LaunchSignup] (...) -- C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe (.not file.) [0] =>PUP.MyPCBackup
[MD5.00000000000000000000000000000000] [APT] [{003C74A3-9343-4BDA-A508-4FB39D1C41D2}] (...) -- C:\Program Files (x86)\Huawei technologies\Huawei UMTS Data Card\Uninstall.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{0DC9D983-03CD-45FA-A6FA-566D225597CC}] (...) -- E:\341??\CH341PAR.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{121115FC-E666-44BA-BDE2-C12A77FF2D55}] (...) -- C:\Users\free\Desktop\USBBillAcceptorDriver.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{140E580E-139D-4BE5-81E1-8672D97EA8A1}] (...) -- C:\Users\free\Desktop\Client O-Box 2.03\OBoxClient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{193F65FA-BFC6-4D00-B78E-10AEFA2CBAE9}] (...) -- C:\Users\free\Desktop\Client O-Box 2.03\OBoxClient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{25365F54-F0F8-4812-8FE0-D8469F6BDEE0}] (...) -- E:\PL2303 all driver\WIN7_X32_X64\PL-2303 Win7(X32)(X64) Driver Installer.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{253CFC4A-AFA4-4F31-A96A-64531AE7BA14}] (...) -- C:\Users\free\Desktop\Client O-Box 2.11\OBoxClient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{283CFF3E-9170-4387-86D8-242B4707694C}] (...) -- C:\Users\free\Desktop\Client O-Box 2.11\OBoxClient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{29D294FF-0CE9-4632-8D97-165860F1C2F8}] (...) -- C:\Users\free\Desktop\Client O-Box 2.03\OBoxClient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{2A8CFF1B-B035-4A35-8B25-04712D6861A5}] (...) -- J:\Client O-Box 2.11\OBoxClient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{2E26C3E6-2FE6-4D54-84DA-0E9BACC2B8C3}] (...) -- K:\USB-RS232 Z-TEK Driver\FTDIUNIN.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{310077A6-89A9-4F76-976D-EA47233F530B}] (...) -- C:\Program Files (x86)\HUAWEI~1\HUAWEI~1\Driver\DRIVER~2.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{31D5FB65-AFB5-49EB-B94E-5FD88336A1E6}] (...) -- C:\Users\free\Desktop\Client O-Box 2.03\OBoxClient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{31E79767-81DE-4566-BD53-DE325F03D1EF}] (...) -- C:\Users\free\Desktop\Client O-Box 2.11\OBoxClient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{33B92A61-88A5-4A92-883C-DAAE9B5270F6}] (...) -- C:\Users\free\Desktop\Client O-Box 2.11\OBoxClient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{3C03F8B4-1212-4524-A153-140D386F6ED3}] (...) -- E:\Need for speed\Need For Speed II SE\NFS2SEN.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{41E4F5A6-F34F-448E-94DE-2F2EB440BD3C}] (...) -- E:\HL-232-0108\Setup For HugePine.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{47A1A8CE-56B8-4F75-8A00-FA2335262C2B}] (...) -- C:\Users\free\Desktop\ALIMUPG610\ALIMUPG610.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{4AAFFA62-9932-49BF-A24F-D9E35F34A784}] (...) -- C:\Users\free\Desktop\ALIMUPG700.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{4ABC35B2-74E9-4D57-AAB9-68CDB204ED76}] (...) -- E:\LGInstaller.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{53E7BCCE-DAA3-4999-8AEE-1EA3CABA12CB}] (...) -- E:\all driver\Usb-232\R340\HL-340.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{5B952F2D-B488-4175-B95A-49628C927DF5}] (...) -- C:\Users\free\Desktop\Client O-Box 2.11\OBoxClient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{609241EA-B30E-4F5F-B897-171AC9EB7E01}] (...) -- C:\Users\free\Desktop\Client O-Box 2.03\OBoxClient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{6096F80E-7A1D-42FD-AD28-B8216744B64E}] (...) -- C:\Users\free\Desktop\Autoinstaller_WHQL_CDM20830_Win 2Ké XPé Vistaé 7é 8é Server 2008 R2é 32_64bit.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{62BF1328-2FC7-47BF-B05A-D54D93530919}] (...) -- C:\Users\free\AppData\Local\Temp\{A00E8F13-28C2-461C-9765-1DB0E28F0A2A}\adobeshockwavextrabundle.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{6407DB86-D75A-42F1-B781-94FD24CE1CA0}] (...) -- C:\Users\free\Desktop\ALIMUPG610\ALIMUPG610.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{680050DA-406A-4971-8679-9915366EB0B0}] (...) -- C:\Users\free\Desktop\Client O-Box 2.03\OBoxClient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{6A97AE10-5F53-4517-84EA-49854D422082}] (...) -- C:\Users\free\Desktop\Client O-Box 2.03\OBoxClient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{72D9A0E6-41F2-4E3C-9F75-3F62BE076030}] (...) -- C:\Users\free\Desktop\Client O-Box 2.03\OBoxClient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{740C9AB1-E059-45A4-A470-D9BD87F94095}] (...) -- C:\Users\free\Desktop\Client O-Box 2.03\OBoxClient.exe (.not file.) [0]
[MD5.B1A3B36F23C209DD6467B91DFDADD8EB] [APT] [{7D84FD53-EBC2-4DDA-97BD-C279D94CB69C}] (...) -- C:\Users\free\Desktop\CH341SER\SETUP.exe [83800]
[MD5.00000000000000000000000000000000] [APT] [{8150DBC0-C25D-4E3D-8190-808B409376BE}] (...) -- C:\Users\free\Desktop\Client O-Box 2.03\OBoxClient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{8503081A-BEBB-41F4-B27C-EBC7B29CA3D7}] (...) -- C:\Users\free\Desktop\Client O-Box 2.11\OBoxClient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{867F33B1-E3E7-4FAF-8ED9-E6B1990F6FD6}] (...) -- C:\Users\free\Desktop\ALIMUPG700.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{876585FB-C4BB-467F-9073-0F62F985C319}] (...) -- C:\Users\free\Desktop\ALIMUPG610\ALIMUPG610.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{8FD94A94-5762-41F6-85C7-C87CF0E75A5B}] (...) -- C:\Users\free\Desktop\Client O-Box 2.11\OBoxClient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{95D4A08D-7745-4289-946B-BF2371DFB198}] (...) -- C:\Users\free\Desktop\Client O-Box 2.11\OBoxClient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{9AF08499-076F-4396-9B6D-BF3E1C916A4D}] (...) -- C:\Users\free\Desktop\Client O-Box 2.11\OBoxClient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{9B883AC6-E9F5-43E9-9627-A30F671AF98E}] (...) -- E:\Need for speed\Need For Speed II SE\NFS2SEN.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{9C72B0FB-6679-4741-8ADD-3083882810C2}] (...) -- E:\PL2303 all driver\Vista\PL-2303 Vista Driver Installer.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{9F6ADF5B-E291-48E9-8BF0-EB9CB85A597D}] (...) -- C:\Users\free\Desktop\Client O-Box 2.11\OBoxClient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{9FE7942A-C53D-47D0-9ED6-C1A75E05D24D}] (...) -- C:\Users\free\Desktop\Client O-Box 2.03\OBoxClient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A01D7560-B25A-4EEB-AA60-780B11177B9F}] (...) -- C:\Users\free\Desktop\Client O-Box 2.11\OBoxClient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A2EC6244-955F-4B4B-B912-943E45FD6875}] (...) -- E:\HL-232-340\HL-340.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A8AF06A6-F21A-4EA2-AAC8-0D1A33349E86}] (...) -- J:\ALIMUPG610\ALIMUPG610.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{AF005603-9B8A-43B8-A787-23DB119340AB}] (...) -- C:\Users\free\Desktop\Client O-Box 2.11\OBoxClient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B30F388A-F29A-47DD-934F-4F88F62509AA}] (...) -- C:\ProgramData\VMware\VMware Workstation\Uninstaller\uninstall.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B8CDC2A9-FF6B-40FE-BE5A-F6EE0369CD1B}] (...) -- C:\HL-232-340\Setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B9BBD3A1-626F-47BC-8C95-04BD260AD7D5}] (...) -- C:\Users\free\Desktop\Client O-Box 2.03\OBoxClient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{BCF95D6D-A5C2-4D0B-9609-98087F43986C}] (...) -- C:\Users\free\Desktop\Client O-Box 2.03\OBoxClient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{BE063A6C-332E-48BE-8397-C380131FBDDD}] (...) -- C:\Users\free\Desktop\Client O-Box 2.11\OBoxClient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{C02C405D-1517-42EC-BD13-8422CB76F5BB}] (...) -- C:\Users\free\Desktop\Autoinstaller_WHQL_CDM20830_Win 2Ké XPé Vistaé 7é 8é Server 2008 R2é 32_64bit.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{C918105F-62ED-4FA3-B901-BF2BE2AE5D86}] (...) -- C:\Users\free\Desktop\Client O-Box 2.03\OBoxClient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{CB8102B5-6A00-4302-91B2-95B4E9FC1A19}] (...) -- C:\Users\free\Desktop\Client O-Box 2.11\OBoxClient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{CD2A5306-A188-4ECF-8480-31AF92ECE425}] (...) -- C:\Users\free\Desktop\Client O-Box 2.03\OBoxClient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{CF38B528-93CB-4E3F-8B27-431F9918DD38}] (...) -- C:\Users\free\Desktop\Client O-Box 2.03\OBoxClient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{D46B261C-2737-4C59-9CEA-AEB2D7BE61F2}] (...) -- C:\Users\free\Desktop\Autoinstaller_WHQL_CDM20830_Win 2Ké XPé Vistaé 7é 8é Server 2008 R2é 32_64bit.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{D4B283A4-F305-41F6-AE09-2E3F2FA1F31C}] (...) -- C:\Users\free\Desktop\Client O-Box 2.03\OBoxClient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{DCFD1C7D-154C-4D49-9127-A53F8782972F}] (...) -- C:\Users\free\Desktop\Client O-Box 2.03\OBoxClient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{DE8E2717-10A1-4485-B56C-62964CC799E8}] (...) -- C:\Users\free\Desktop\ALIMUPG700.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{E091335B-479E-416B-8B43-B51FAD87CA09}] (...) -- E:\PL2303 all driver\WIN7_X32_X64\PL-2303 Win7(X32)(X64) Driver Installer.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{EFB6629B-B09E-45B6-863B-95DFDB96BBC5}] (...) -- C:\Users\free\Desktop\Client O-Box 2.03\OBoxClient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F1C66B46-AB83-4FB5-B3F4-D5845856B65A}] (...) -- C:\Users\free\Desktop\Client O-Box 2.03\OBoxClient.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F690C6F2-52F4-4353-B549-8B9933F4F27D}] (...) -- C:\Users\free\Desktop\Client O-Box 2.03\OBoxClient.exe (.not file.) [0]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
~ Scheduled Task: 152 Legitimates Filtered in 00mn 02s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: ({c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64.sys =>PUP.LinkiDoo
~ Drivers: 66 Legitimates Filtered in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: Search App by Ask - (.APN, LLC.) [HKLM][64Bits] -- {41564952-412D-5350-00A7-A758B70C1C01} =>Toolbar.Avira
O42 - Logiciel: WindowsMangerProtect20.0.0.722 - (.WindowsProtect LIMITED.) [HKLM][64Bits] -- WindowsMangerProtect =>PUP.Fuyu
~ Logic: 50 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\AskPartnerNetwork] =>Toolbar.AskBar
[HKCU\Software\Dz4-EvEr]
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\MLSync]
[HKCU\Software\OB]
[HKLM\Software\AskPartnerNetwork] =>Toolbar.AskBar
[HKLM\Software\Wow6432Node\AskPartnerNetwork] =>Toolbar.AskBar
~ Key Software: 301 Legitimates Filtered in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 06/05/2015 - 19:01:20 - [] ----D C:\Program Files (x86)\AskPartnerNetwork =>Toolbar.AskBar
O43 - CFD: 06/05/2015 - 19:00:16 - [] ----D C:\ProgramData\APN
O43 - CFD: 06/05/2015 - 19:01:20 - [] ----D C:\ProgramData\AskPartnerNetwork =>Toolbar.AskBar
O43 - CFD: 07/12/2011 - 15:57:55 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Energy Star
O43 - CFD: 06/05/2015 - 19:01:26 - [] ----D C:\Users\free\AppData\Local\AskPartnerNetwork =>Toolbar.AskBar
O43 - CFD: 04/03/2015 - 18:37:58 - [] -SH-D C:\Users\free\AppData\Local\EmieBrowserModeList
~ 19 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 226 Legitimates Filtered in 00mn 00s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.BE0D16437053AA831B265009AEE2CB9D] - 05/05/2015 - 12:47:45 ---A- . (...) -- C:\debug1214.txt [3045924]
~ Files: 15 Legitimates Filtered in 00mn 01s



---\\ Clé de registre Shell MountPoints2 (MPSK) (O51)
O51 - MPSK:{07838802-5e3a-11e1-b83f-74de2b8a21e2}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{0783880c-5e3a-11e1-b83f-74de2b8a21e2}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{07b2e502-e426-11e4-8520-2c768ae4dae9}\AutoRun\command. (.Pas de propriétaire - AutoRun.) -- F:\Windows\AutoRun.exe
O51 - MPSK:{0b6e7cd6-47fe-11e4-bf89-74de2b8a21e2}\AutoRun\command. (.Pas de propriétaire - AutoRun.) -- F:\Windows\AutoRun.exe
O51 - MPSK:{1a5c230b-3465-11e4-9a91-2c768ae4dae9}\AutoRun\command. (.Pas de propriétaire - AutoRun.) -- F:\Windows\AutoRun.exe
O51 - MPSK:{1b007fbe-666e-11e3-8476-74de2b8a21e2}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{1b007fce-666e-11e3-8476-74de2b8a21e2}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{22d5f856-d48b-11e4-b95c-74de2b8a21e2}\AutoRun\command. (.Pas de propriétaire - AutoRun.) -- F:\Windows\AutoRun.exe
O51 - MPSK:{35b31d5f-afce-11e4-8156-74de2b8a21e2}\AutoRun\command. (.Pas de propriétaire - AutoRun.) -- F:\Windows\AutoRun.exe
O51 - MPSK:{425f1ef3-6152-11e4-8ac4-74de2b8a21e2}\AutoRun\command. (.Pas de propriétaire - AutoRun.) -- F:\Windows\AutoRun.exe
O51 - MPSK:{42753c95-51fc-11e4-8cdc-74de2b8a21e2}\AutoRun\command. (.Pas de propriétaire - AutoRun.) -- F:\Windows\AutoRun.exe
O51 - MPSK:{45b3fe6a-4307-11e2-a219-74de2b8a21e2}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{488ecb2c-c1e3-11e4-81e8-2c768ae4dae9}\AutoRun\command. (.Pas de propriétaire - AutoRun.) -- F:\Windows\AutoRun.exe
O51 - MPSK:{4b6185a2-f324-11e4-b299-74de2b8a21e2}\AutoRun\command. (.Pas de propriétaire - AutoRun.) -- F:\Windows\AutoRun.exe
O51 - MPSK:{5315e764-9982-11e4-a918-2c768ae4dae9}\AutoRun\command. (.Pas de propriétaire - AutoRun.) -- F:\Windows\AutoRun.exe
O51 - MPSK:{5385fb7a-ddb4-11e3-a6f2-74de2b8a21e2}\AutoRun\command. (.Pas de propriétaire - AutoRun.) -- F:\Windows\AutoRun.exe
O51 - MPSK:{6a76611e-830a-11e4-8dd2-2c768ae4dae9}\AutoRun\command. (.Pas de propriétaire - AutoRun.) -- F:\Windows\AutoRun.exe
O51 - MPSK:{70f2645d-aefa-11e4-a66f-74de2b8a21e2}\AutoRun\command. (.Pas de propriétaire - AutoRun.) -- F:\Windows\AutoRun.exe
O51 - MPSK:{783fd4b9-4bb1-11e4-b9ab-74de2b8a21e2}\AutoRun\command. (.Pas de propriétaire - AutoRun.) -- F:\Windows\AutoRun.exe
O51 - MPSK:{7b62951a-4bd6-11e3-88c0-74de2b8a21e2}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{848ece0f-9427-11e4-ba92-74de2b8a21e2}\AutoRun\command. (.Pas de propriétaire - AutoRun.) -- F:\Windows\AutoRun.exe
O51 - MPSK:{87057ce7-9018-11e4-93fc-74de2b8a21e2}\AutoRun\command. (.Pas de propriétaire - AutoRun.) -- F:\Windows\AutoRun.exe
O51 - MPSK:{929ae55a-8175-11e1-8837-001e101fabdd}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{942f0d92-2f80-11e4-92bf-74de2b8a21e2}\AutoRun\command. (.Pas de propriétaire - AutoRun.) -- F:\Windows\AutoRun.exe
O51 - MPSK:{95a2affa-62bf-11e4-86c3-74de2b8a21e2}\AutoRun\command. (.Pas de propriétaire - AutoRun.) -- F:\Windows\AutoRun.exe
O51 - MPSK:{a005f941-c665-11e4-b706-74de2b8a21e2}\AutoRun\command. (.Pas de propriétaire - AutoRun.) -- F:\Windows\AutoRun.exe
O51 - MPSK:{a55df033-ad75-11e1-9a5f-001e101fe70e}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{ab68fbda-18b6-11e4-b16a-74de2b8a21e2}\AutoRun\command. (.Pas de propriétaire - AutoRun.) -- F:\Windows\AutoRun.exe
O51 - MPSK:{b8411098-2ce3-11e2-8e83-001e101f8924}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{b84110d6-2ce3-11e2-8e83-001e101f8924}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{c40ec804-af7b-11e3-8f1b-2c768ae4dae9}\AutoRun\command. (.Pas de propriétaire - AutoRun.) -- F:\Windows\AutoRun.exe
O51 - MPSK:{d0f66327-0b98-11e4-b2ef-74de2b8a21e2}\AutoRun\command. (.Pas de propriétaire - AutoRun.) -- F:\Windows\AutoRun.exe
O51 - MPSK:{d13cfdee-5d8e-11e1-8186-74de2b8a21e2}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{d13cfe41-5d8e-11e1-8186-74de2b8a21e2}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{d13cfe53-5d8e-11e1-8186-74de2b8a21e2}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{d13cfe5e-5d8e-11e1-8186-74de2b8a21e2}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{d1b4f70c-331a-11e2-987a-806e6f6e6963}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{d1b4f8e5-331a-11e2-987a-74de2b89c4ea}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{dbc9e34a-16f8-11e3-8bc1-001e101f57d0}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{dd9c7007-7ceb-11e1-882c-001e101f859f}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{dd9c7040-7ceb-11e1-882c-001e101f859f}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{e254e496-8496-11e1-b5b3-74de2b89c4ea}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{e254e4e8-8496-11e1-b5b3-74de2b89c4ea}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{e3519c5a-9384-11e4-a979-74de2b8a21e2}\AutoRun\command. (.Pas de propriétaire - AutoRun.) -- F:\Windows\AutoRun.exe
O51 - MPSK:{e580a0ca-40ae-11e4-8170-2c768ae4dae9}\AutoRun\command. (.Pas de propriétaire - AutoRun.) -- F:\Windows\AutoRun.exe
O51 - MPSK:{e60b9745-be91-11e4-8239-2c768ae4dae9}\AutoRun\command. (.Pas de propriétaire - AutoRun.) -- F:\Windows\AutoRun.exe
O51 - MPSK:{eb27acfb-a2cf-11e1-8c42-001e101f57d0}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{ee76f836-3b20-11e3-a32a-74de2b8a21e2}\AutoRun\command. (...) -- H:\LGAutoRun.exe (.not file.)
O51 - MPSK:{f883f3f5-1fbb-11e4-b195-74de2b8a21e2}\AutoRun\command. (.Pas de propriétaire - AutoRun.) -- F:\Windows\AutoRun.exe
O51 - MPSK:{fbceae9e-b019-11e3-a858-74de2b8a21e2}\AutoRun\command. (.Pas de propriétaire - AutoRun.) -- F:\Windows\AutoRun.exe
O51 - MPSK:{feb93508-431c-11e2-9f6f-001e101f21c1}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{feb93515-431c-11e2-9f6f-001e101f21c1}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 8 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:05/11/2011 - 00:00:00 ---A- . (.www.winchiphead.com - WDM_64 for CH341 serial, by W.ch.) -- C:\Windows\System32\Drivers\CH341S64.SYS [58368]
O58 - SDL:12/06/2007 - 00:00:00 ---A- . (.www.winchiphead.com - Win98 WDM for CH341 serial, by W.ch.) -- C:\Windows\System32\Drivers\CH341S98.SYS [19680]
O58 - SDL:05/11/2011 - 00:00:00 ---A- . (.www.winchiphead.com - WDM for CH341 serial, by W.ch.) -- C:\Windows\System32\Drivers\CH341SER.SYS [39696]
O58 - SDL:14/07/2009 - 01:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 20:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:29/08/2011 - 10:42:56 ---A- . (.MBB Incorporated - CDROM Filter.) -- C:\Windows\System32\Drivers\massfilter.sys [11776]
O58 - SDL:14/07/2009 - 01:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:18/08/2014 - 20:23:02 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64.sys [61072] =>PUP.LinkiDoo
O58 - SDL:05/11/2011 - 00:00:00 ---A- . (.www.winchiphead.com - WDM for CH341 serial, by W.ch.) -- C:\Windows\System32\CH341SER.SYS [39696]
O58 - SDL:09/08/2004 - 08:21:00 ---A- . (.Myson Century, Inc. - Myson-Century USB Mass Storage Driver.) -- C:\Windows\SysWOW64\drivers\MCUSBMS.SYS [90148]
O58 - SDL:15/06/2010 - 01:29:18 ---A- . (...) -- C:\Windows\SysWOW64\StarOpen.sys [5632]
~ Drivers: 86 Legitimates Filtered in 00mn 00s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 05/05/2015 - 14:43:26 ---A- . (...) -- C:\Users\free\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]
O61 - LFC: 05/05/2015 - 14:43:26 ---A- . (...) -- C:\Users\free\AppData\Local\Opera\Opera\temporary_downloads\avira_free_antivirus_fr.exe [166198536]
O61 - LFC: 06/05/2015 - 14:43:26 ---A- . (...) -- C:\Users\free\AppData\Local\Opera\Opera\temporary_downloads\avira_internet_security_suite_fr.exe [160824400]
~ 4502 Fichiers temporaires (Temporary files)
~ 972 Fichiers cookies (Cookies files)
~ Files: 225 Legitimates Filtered in 00mn 00s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 18/08/2014 - C:\Windows\System32\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64.sys ({c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64) .(.StdLib - StdLib.) - LEGACY_{C5E48979-BD7F-4CF7-9B73-2482A67A4F37}GW64 =>PUP.LinkiDoo
~ Legacy: 89 Legitimates Filtered in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (...) -- C:\Program Files (x86)\Opera\Launcher.exe
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Opera.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} - (Bing) - http://www.bing.com
~ Keys: Scanned in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.46F2667ADB3EF8EFBEB0505D2FAD321B] [WIS][05/01/2013] (.SweetIM Technologies Ltd. - SweetPacks Toolbar for Internet Explorer 4.0.) -- C:\Windows\Installer\2a6ddcf.msi [3350528] =>PUP.SweetIM
[MD5.D1A7B6376D70257CFC96ABD41EC58909] [WIS][28/04/2015] (.APN, LLC - Search App by Ask.) -- C:\Windows\Installer\397b2.msi [417792] =>Toolbar.Avira
~ WIS: 2 Legitimates Filtered in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 18/04/2015 268464 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SS - | Auto 02/01/2015 315488 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Auto 25/02/2011 62184 | (XobniService) . (.Xobni Corporation.) - C:\Program Files (x86)\Xobni\XobniService.exe
SR - | Auto 18/11/2009 98208 | (AERTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
SR - | Auto 22/04/2015 178568 | (APNMCP) . (.APN LLC..) - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe =>Toolbar.AskBar
SR - | Auto 01/03/2011 138400 | (Atheros Bt&Wlan Coex Agent) . (.Atheros.) - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
SR - | Auto 01/03/2011 76448 | (AtherosSvc) . (.Atheros Commnucations.) - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
SR - | Auto 21/08/2014 93184 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe =>.Hewlett-Packard Co
SR - | Auto 21/07/2010 103992 | (HP Wireless Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
SR - | Demand 13/05/2013 1129760 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
SR - | Auto 05/03/2012 35200 | (HPWMISVC) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
SR - | Auto 14/09/2010 13336 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 28/12/2010 1817088 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
SR - | Auto 31/12/2010 325656 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 01/02/2011 1127448 | (pdfcDispatcher) . (.PDF Complete Inc.) - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
SR - | Auto 31/12/2010 2656280 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 10s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by free at 07/05/2015 14:43:50
~ OS 64 not supported by MBR tool
~ MBR: 0 Legitimates Filtered in 00mn 00s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by free at 07/05/2015 14:43:52
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 13026 - (27/12/2014)
Clés trouvées (Keys found) : 28
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 3
Fichiers trouvés (Files found) : 4

[HKLM\SYSTEM\CurrentControlSet\Services\APNMCP] =>Toolbar.AskBar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{41564952-412D-5350-00A7-A758B70C1C01}] =>Toolbar.Avira^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect] =>PUP.Fuyu^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKCU\Software\AskPartnerNetwork] =>Toolbar.Ask
[HKLM\Software\AskPartnerNetwork] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\AskPartnerNetwork] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{41564952-412D-5350-00A7-7A786E7484D7} =>Toolbar.AskBar^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:ApnTBMon =>Toolbar.AskBar^
C:\Program Files (x86)\AskPartnerNetwork =>Toolbar.AskBar^
C:\ProgramData\AskPartnerNetwork =>Toolbar.AskBar^
C:\Users\free\AppData\Local\AskPartnerNetwork =>Toolbar.AskBar^
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe =>Toolbar.AskBar^
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe =>Toolbar.AskBar^
C:\Windows\Installer\2a6ddcf.msi =>PUP.SweetIM^
C:\Windows\Installer\397b2.msi =>Toolbar.Avira^
~ Additionnel Scan: 324031 Items scanned in 00mn 18s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Clé de registre Shell MountPoints2 (MPSK) (O51)
~ AMI: 4 Legitimates Filtered in 00mn 00s



---\\ Récapitulatif des détections trouvées sur votre station
http://www.nicolascoolman.fr/blog/ =>Toolbar.AskBar
http://nicolascoolman.fr/pup-mypcbackup =>PUP.MyPCBackup
http://nicolascoolman.fr/pup-linkidoo =>PUP.LinkiDoo
http://www.nicolascoolman.fr/blog/ =>PUP.Fuyu
http://nicolascoolman.fr/adware-installcore =>Adware.InstallCore
http://nicolascoolman.fr/pup-sweetim =>PUP.SweetIM
http://nicolascoolman.fr/toolbar-ask =>Toolbar.Ask
~ MSI: 7 link(s) detected in 00mn 00s



~ 1208 Legitimates filtered by white list
End of the scan (622 lines in 01mn 06s)(0)

Publicité


Signaler le contenu de ce document

Publicité