cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2013.9.10.19 - Nicolas Coolman (10/09/2013)
~ Lancé par Claude (10/09/2013 19:07:47)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16660
GCIE: Google Chrome v29.0.1547.66 (Defaut)
OBIE: Safari v5.34.57.2

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 3Q6C9
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
Kaspersky Anti-Virus 2012 v12.0.0.374
Malwarebytes Anti-Malware version 1.75.0.1300
Spybot - Search & Destroy v1.6.2
Windows Defender W7

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer
µTorrent v3.3.0.29677 =>P2P.µTorrent

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 25

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 30 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 6135 MB (60% free)
System Restore: Activé (Enable)
System drive C: has 478 GB (69%) free of 685 GB

---\\ Mode de connexion au système
~ Computer Name: CLAUDE-PC
~ User Name: Claude
~ All Users Names: UpdatusUser, HomeGroupUser$, Claude, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppData% : C:\Users\Claude\AppData\Roaming\
~ %Desktop% : C:\Users\Claude\Desktop\
~ %Favorites% : C:\Users\Claude\Favorites\
~ %LocalAppData% : C:\Users\Claude\AppData\Local\
~ %StartMenu% : C:\Users\Claude\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C:\ Hard drive, Flash drive, Thumb drive (Free 478 Go of 685 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 14 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
K:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
L:\ Hard drive, Flash drive, Thumb drive (Free 55 Go of 144 Go)
M:\ Hard drive, Flash drive, Thumb drive (Free 22 Go of 144 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: Modified
~ Security Center: 37 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.AC155DD9BD1E6D3B740826A4D1C68AAE] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.26/07/2013 - 06:13:37.) -- C:\Windows\System32\wininet.dll [2241024]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 3/18200
~ Mes musiques (My Musics) : 186/633
~ Mes Videos (My Videos) : 3/110
~ Mes Favoris (My Favorites) : 1/107
~ Mes Documents (My Documents) : 1/4078
~ Mon Bureau (My Desktop) : 1/231
~ Menu demarrer (Programs) : 1/32
~ Hidden Files: Scanned in 00mn 05s



---\\ Processus lancés
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.2980]
[MD5.384366C69DF4C11133915C3315F541CC] - (.NVIDIA Corporation - NVIDIA NvTmru Application.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028896] [PID.2312]
[MD5.4C8942B8721813E5C8874D47112DCF73] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2741616] [PID.2952]
[MD5.F6573840989C4E8ED2EBF8B0644CF500] - (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files (x86)\SFR\Kit\9props.exe [959880] [PID.3004]
[MD5.C156DE6EB37B6C5D6498DD87C23F3FA4] - (.SFR - Mediacenter Evolution.) -- C:\Program Files (x86)\SFR\Mediacenter Evolution\MediaCenter.exe [2688368] [PID.2992]
[MD5.6C9D5BADC8F83D410A278717C2EEA6F6] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe [206448] [PID.1120]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816] [PID.3372]
[MD5.4476C54D84C792E6B9ECFE4C68BE50D0] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.3460]
[MD5.EF06E2DEDA4BEBF1848FE395D078FFC1] - (.CyberLink - CyberLink MediaLibray Service.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [206120] [PID.3356]
[MD5.C65B115A03DB0260895DE96681E88221] - (.CyberLink Corp. - HP DVDSmart Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [128296] [PID.3300]
[MD5.DF1BBA1168C0AD1D080A1F1B99576A76] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [829392] [PID.3392]
[MD5.2C6AC6ECAA1D97FF9F75D3400D173C5F] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7928320] [PID.4420]
[MD5.2222073BE0232E70A397B8302293AA9D] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [413472] [PID.976]
[MD5.ADC420616C501B45D26C0FD3EF1E54E4] - (.ArcSoft Inc. - ArcSoft Connect Service.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152] [PID.1776]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1844]
[MD5.85180CF88C5EBAD73B452A43A004CA51] - (.AOL LLC - AOL Connectivity Service.) -- C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe [46640] [PID.1948]
[MD5.4FE5C6D40664AE07BE5105874357D2ED] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [57008] [PID.1984]
[MD5.353AC873D5566366C98C1ECA79B74ED2] - (.Garmin Ltd or its subsidiaries - Garmin Core Update Service.) -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [219480] [PID.1940]
[MD5.C34411A244029F1C08687F7C752C4563] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.2140]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.2268]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.2660]
[MD5.7BAB808957880CF38EFC6816FEF7276E] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1887520] [PID.1868]
[MD5.A0FF419B61AE47E26ADF3BB15DB4F2FE] - (...) -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608] [PID.2412]
[MD5.388AE59FE75F1B959DFA0900923C61BB] - (.Skype Technologies S.A. - Skype C2C Service.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000] [PID.3148]
[MD5.1B6EBAA539502C816930AE4FC9F192FE] - (.Iminent - Iminent Protection.) -- C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [2868544] [PID.3360] =>Adware.IMBooster
[MD5.0765EE4A7A0D6609BF91CA2E4700E885] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [93072] [PID.3692]
[MD5.7548066DF68A8A1A56B043359F915F37] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [354840] [PID.3352]
[MD5.794D4B48DFB6E999537C7C3947863463] - (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368] [PID.3468]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Claude\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default] http://start.iminent.com =>Adware.IMBooster
G2 - GCE: Preference [User Data\Default] [ppdjnkblmcjfnlogjjhpigpdgpcgdpll] BrowseFox v.1.0.0 (Désactivé) =>Adware.BrowseFox
~ Google Browser: 15 Legitimates Filtered in 00mn 11s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\qacybrhf.default\prefs.js
M0 - MFSP: prefs.js [Claude - qacybrhf.default] r_pref("browser.startup.homepage", );
M0 - MFSP: prefs.js [Claude - qacybrhf.default] http://start.iminent.com =>Adware.IMBooster
~ Firefox Browser: 6 Legitimates Filtered in 00mn 05s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.iminent.com =>Adware.IMBooster
~ IE Browser: 23 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AOL Toolbar BHO [64Bits] - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} . (.AOL LLC - AOL IE Toolbar Dynamic Link Library.) -- C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: BrowseFox [64Bits] - {b9507101-e464-4b3b-a4cb-291aaedd94f2} . (.Browse Fox - BrowseFox.) -- C:\Program Files (x86)\BrowseFox\BrowseFoxbho.dll =>Adware.BrowseFox
~ BHO: 18 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{DE9C389F-3316-41A7-809B-AA305ED9D922} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{F2E259E8-0FC8-438C-A6E0-342DD80FA53E} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{1017A80C-6F09-4548-A84D-EDD6AC9525F0} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{33727F97-486D-4D19-97C3-23F432EF93FC} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{DB89E9A0-FA7F-48D6-89BB-2B8B53A26E87} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Achat de consommables - HP Officejet Pro 8600.lnk . (...) -- C:\Program Files (x86)\HP\HP Officejet Pro 8600\Bin\hpqDTSS.exe (.not file.)
O4 - GS\Desktop [Public]: AOL 9.0 VR.lnk . (.AOL - AOL.) -- C:\Program Files (x86)\AOL 9.0 VR\aol.exe
O4 - GS\Desktop [Public]: Diaporama Flash Deluxe.lnk . (.Wondershare - Flash Gallery Factory.) -- C:\Program Files (x86)\Micro Application\Diaporama Flash Deluxe\FGF.exe
O4 - GS\Desktop [Public]: Free JPG To PDF Converter.lnk . (.JPG To PDF Converter - www.JPGToPDFConverter.com.) -- C:\FreeJPG2PDF\FreeJPG2PDF.exe
O4 - GS\Desktop [Public]: Galerie photo.lnk . (...) -- C:\Program Files (x86)\Pixum\Livre photo Pixum\Galerie photo.exe
O4 - GS\Desktop [Public]: Garmin Express.lnk . (.Garmin - Express.) -- C:\Program Files (x86)\Garmin\Express\Express.exe
O4 - GS\Desktop [Public]: GEXFAC.lnk . (.Gexfac - Gexfac.) -- C:\Program Files (x86)\Gexfac\GEXFAC.exe
O4 - GS\Desktop [Public]: Google Earth.lnk . (.Google - Google Earth.) -- C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe
O4 - GS\Desktop [Public]: HP ePrintCenter - HP Officejet Pro 8600.lnk . (.Google - Google Earth.) -- C:\Program Files (x86)\HP\HP Officejet Pro 8600\ePrintCenterShortcut.url (.not file.)
O4 - GS\Desktop [Public]: LightScribe.lnk . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files (x86)\Common Files\LightScribe\LSLauncher.exe
O4 - GS\Desktop [Public]: Livre photo Pixum.lnk . (...) -- C:\Program Files (x86)\Pixum\Livre photo Pixum\Livre photo Pixum.exe
O4 - GS\Desktop [Public]: MagicScan.lnk . (.KenXen - MagicScan.) -- C:\Program Files (x86)\MagicScan\MagicScan.exe
O4 - GS\Desktop [Public]: Media Go.lnk . (.Sony Creative Software Inc. - Media Go.) -- C:\Program Files (x86)\Sony\Media Go\MediaGo.exe
O4 - GS\Desktop [Public]: Mon Intérieur 3D.lnk . (.Eleco Software GmbH - ArCon.) -- C:\Program Files (x86)\Micro Application\Mon Intérieur 3D\Programme\ArCon.exe
O4 - GS\Desktop [Public]: Nero Burning ROM 12.lnk . (...) -- C:\Windows\Installer\{CF508721-0E1E-4F99-A359-59E4EA8DAEC1}\ARPPRODUCTICON.exe (.not file.)
O4 - GS\Desktop [Public]: NETGEAR Genie.lnk . (...) -- C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
O4 - GS\Desktop [Public]: Nikon Transfer.lnk . (.Nikon Corporation - Nikon Transfer Application.) -- C:\Program Files (x86)\Nikon\Nikon Transfer\NktTransfer.exe
O4 - GS\Desktop [Public]: Paint.NET.lnk . (...) -- C:\Program Files (x86)\Paint.NET\PaintDotNet.exe (.not file.)
O4 - GS\Desktop [Public]: Panorama Maker 5.lnk . (.ArcSoft Inc. - ArcSoft Panorama Maker.) -- C:\Program Files (x86)\ArcSoft\Panorama Maker 5\PMK.exe
O4 - GS\Desktop [Public]: Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\Desktop [Public]: ViewNX.lnk . (.Nikon Corporation - ViewNX.) -- C:\Program Files (x86)\Nikon\ViewNX\ViewNX.exe
O4 - GS\Desktop [Public]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Claude\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\Desktop [UpdatusUser]: Notes de frais.lnk . (...) -- C:\Program Files (x86)\Notes de frais\notes_de_frais.exe (.not file.)
O4 - GS\QuickLaunch [Claude]: AOL 9.0 VR.lnk . (.AOL - AOL.) -- C:\Program Files (x86)\AOL 9.0 VR\aol.exe
O4 - GS\QuickLaunch [Claude]: Apple Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\QuickLaunch [Claude]: Free JPG To PDF Converter.lnk . (.JPG To PDF Converter - www.JPGToPDFConverter.com.) -- C:\FreeJPG2PDF\FreeJPG2PDF.exe
O4 - GS\QuickLaunch [Claude]: PjPlayer.lnk . (.C4DL Media - Audio/Video Player.) -- C:\Program Files (x86)\PjPlayer\PjPlayer.exe
O4 - GS\QuickLaunch [Claude]: Spybot - Search & Destroy.lnk . (.Safer Networking Limited - Spybot - Search & Destroy.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
O4 - GS\QuickLaunch [Claude]: x3_Codec.lnk . (.C4DL Media - Audio/Video Codec Loader.) -- C:\Program Files (x86)\x3_Codec\x3_codec.exe =>Trojan.x3Codec
O4 - GS\QuickLaunch [Claude]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Claude\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\TaskBar [Claude]: HP MediaSmart.lnk . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (.not file.)
O4 - GS\TaskBar [Claude]: HPAdvisor.lnk . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - GS\SendTo [Claude]: Anti yeux rouges.lnk . (...) -- C:\Users\Claude\AppData\Local\Temp\Temp1_redeye.zip\redeye.exe (.not file.)
O4 - GS\SendTo [Claude]: AVS Mobile Uploader.lnk . (.Online Media Technologies Ltd. - AVS Mobile Uploader.) -- C:\Program Files (x86)\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.exe
O4 - GS\SendTo [Claude]: Desk 365.lnk . (...) -- C:\Program Files (x86)\Desk 365\desk365.exe (.not file.) =>Hijacker.22Find
O4 - GS\Desktop [Claude]: AVS Audio Converter.lnk . (.Online Media Technologies Ltd. - AVS Audio Converter.) -- C:\Program Files (x86)\AVS4YOU\AVSAudioConverter\AVSAudioConverter.exe
O4 - GS\Desktop [Claude]: AVS4YOU Software Navigator.lnk . (.Online Media Technologies Ltd. - Pas de description.) -- C:\Program Files (x86)\AVS4YOU\AVSSoftwareNavigator\AVS4YOUSoftwareNavigator.exe
O4 - GS\Desktop [Claude]: dossier contansou - Raccourci.lnk . (...) -- C:\Users\Claude\Documents\dossier contansou
O4 - GS\Desktop [Claude]: Florilège !!!! - Raccourci.lnk . (...) -- C:\Users\Claude\Documents\Downloads\Florilège !!!!
O4 - GS\Desktop [Claude]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Claude]: IPHONE CLAUDE - Raccourci.lnk . (...) -- C:\Users\Claude\Documents\IPHONE CLAUDE
O4 - GS\Desktop [Claude]: ITUNES IPHONE - Raccourci.lnk . (...) -- C:\Users\Claude\Documents\ITUNES IPHONE
O4 - GS\Desktop [Claude]: Kaspersky Anti-Virus 2012 - Raccourci.lnk . (...) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus 2012
O4 - GS\Desktop [Claude]: Magic Desktop.lnk . (.EasyBits Software AS - EasyBits Security Shield.) -- C:\Program Files (x86)\EasyBits For Kids\ezSecShield.exe
O4 - GS\Desktop [Claude]: PjPlayer.lnk . (.C4DL Media - Audio/Video Player.) -- C:\Program Files (x86)\PjPlayer\PjPlayer.exe
O4 - GS\Desktop [Claude]: RocketPDF.lnk . (.Krzysztof Kowalczyk - RocketPDF.) -- C:\Program Files (x86)\RocketPDF\RocketPDF.exe
O4 - GS\Desktop [Claude]: SIMULATEUR-GSDF-FRF - Raccourci.lnk . (...) -- C:\Users\Claude\Downloads\SIMULATEUR-GSDF-FRF.exe
O4 - GS\Desktop [Claude]: x3_Codec.lnk . (.C4DL Media - Audio/Video Codec Loader.) -- C:\Program Files (x86)\x3_Codec\x3_codec.exe =>Trojan.x3Codec
~ Global Startup: 78 Legitimates Filtered in 00mn 04s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKLM\..\Run: [Windows Mobile-based device management] . (.Microsoft Corporation - Gestionnaire pour appareils Windows Mobile.) -- C:\Windows\WindowsMobile\wmdcBase.exe
O4 - HKLM\..\Run: [Nvtmru] . (.NVIDIA Corporation - NVIDIA NvTmru Application.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
O4 - HKCU\..\Run: [Neuf Media Center] C:\Program Files (x86)\SFR\Media Center\MediaCenter.exe (.not file.)
O4 - HKCU\..\Run: [HP Officejet Pro 8600 (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
O4 - HKCU\..\Run: [Connexion SFR 9props.exe] . (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files (x86)\SFR\Kit\9props.exe
O4 - HKCU\..\Run: [SFR Mediacenter] . (.SFR - Mediacenter Evolution.) -- C:\Program Files (x86)\SFR\Mediacenter Evolution\MediaCenter.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Wow6432Node\Run: [AVP] . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-4184632552-1208856427-1241964200-1003\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-4184632552-1208856427-1241964200-1003\..\Run: [HPADVISOR] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - HKUS\S-1-5-21-4184632552-1208856427-1241964200-1003\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Clavier &virtuel [64Bits] - {4248FE82-7FCB-46AC-B270-339F08212110} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\kbrd.ico
O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
O9 - Extra button: Analyse des &liens [64Bits] - {CCF151D8-D089-449F-A5A4-D9909053F20F} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\logo.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{2955B127-B635-438C-8BBD-904A73304F9A}: DhcpNameServer = 172.20.2.39 172.20.2.10
O17 - HKLM\System\CCS\Services\Tcpip\..\{2B82DFDC-59CA-419D-81AD-8FDE4FDFC57D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{B1ED4F8A-1731-4006-B789-62B8D6C9A7FA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{2955B127-B635-438C-8BBD-904A73304F9A}: DhcpNameServer = 172.20.2.39 172.20.2.10
O17 - HKLM\System\CS1\Services\Tcpip\..\{2B82DFDC-59CA-419D-81AD-8FDE4FDFC57D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{B1ED4F8A-1731-4006-B789-62B8D6C9A7FA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{2955B127-B635-438C-8BBD-904A73304F9A}: DhcpNameServer = 172.20.2.39 172.20.2.10
O17 - HKLM\System\CS2\Services\Tcpip\..\{2B82DFDC-59CA-419D-81AD-8FDE4FDFC57D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{B1ED4F8A-1731-4006-B789-62B8D6C9A7FA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Titr_HJT34=Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: klogon . (.Kaspersky Lab ZAO - Logon Visualizer.) -- C:\Windows\System32\klogon.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Service Software Update (Software_update (Software_update) . (...) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe (.not file.) =>Adware.Boxore
O23 - Service: SProtection (SProtection) . (.Iminent - Iminent Protection.) - C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe =>Adware.IMBooster
O23 - Service: Update BrowseFox (Update BrowseFox) . (.BrowseFox - BrowseFox.) - C:\Program Files (x86)\BrowseFox\updateBrowseFox.exe =>Adware.BrowseFox
~ Services: 26 Legitimates Filtered in 00mn 07s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HerculesCamService 0.job [404]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HerculesCamService 1.job [404]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HerculesCamService 2.job [404]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HerculesCamService 3.job [404]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HerculesCamService 4.job [404]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HerculesCamService 5.job [404]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HerculesCamService 6.job [404]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HerculesCamService 7.job [404]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HerculesCamService 8.job [404]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HerculesCamService 9.job [404]
[MD5.00000000000000000000000000000000] [APT] [DealPly] (...) -- C:\Users\Claude\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>PUP.DealPly
[MD5.00000000000000000000000000000000] [APT] [DealPlyUpdate] (...) -- C:\Program Files (x86)\DealPly\DealPlyUpdate.exe (.not file.) [0] =>PUP.DealPly
[MD5.2FA6E4F7FD15961EB9775DF4525677A7] [APT] [Fried Cookie Update] (.FriedCookie.) -- C:\Program Files (x86)\Fried Cookie\Updater\Updater.exe [280128]
[MD5.00000000000000000000000000000000] [APT] [RunAsStdUser] (...) -- C:\Program Files (x86)\Desk 365\desk365.exe (.not file.) [0] =>Hijacker.22Find
[MD5.00000000000000000000000000000000] [APT] [Scheduled Update for Ask Toolbar] (...) -- C:\Program Files (x86)\Ask.com\UpdateTask.exe (.not file.) [0] =>Toolbar.Ask
[MD5.00000000000000000000000000000000] [APT] [{1C844EA6-CD79-4A67-ACAA-C408E436366F}] (...) -- C:\Users\Claude\Desktop\win2k_xp\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{3EFCD085-7E03-41BB-987C-769967EAA3A6}] (...) -- C:\Program Files (x86)\Micro Application\Cartes de Visite\PrintPratic.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{4AEC568B-B8B8-4061-AC7C-EB04F87D196A}] (...) -- E:\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{570EDC84-9DCF-43B1-B107-2713CB377A4F}] (...) -- C:\Users\Claude\Downloads\Notefrais.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{638873AC-A81C-4921-AA83-0837FD49C21E}] (...) -- C:\Users\Claude\Downloads\aolsetup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{95A31C9B-D4EF-441E-8BA2-7A575BF92877}] (...) -- C:\Users\Claude\Downloads\kav11.0.1.400fr.exe (.not file.) [0]
[MD5.7182B01E01FE74002617C3E789C086B2] [APT] [{ACCC0F1D-B299-4895-917E-7A07208B449C}] (...) -- C:\Users\Claude\Desktop\Diaporama_microsoap\3427.exe [245695272]
[MD5.00000000000000000000000000000000] [APT] [{B8E676DF-D9D5-4812-8B9E-32FE6A175591}] (...) -- C:\Users\Claude\Documents\Downloads\epson318196euD120.exe (.not file.) [0]
~ Scheduled Task: 53 Legitimates Filtered in 00mn 08s



---\\ Logiciels installés (O42)
O42 - Logiciel: BrowseFox 3.0.0 - (.Browse Fox.) [HKLM][64Bits] -- BrowseFox =>Adware.BrowseFox
O42 - Logiciel: DVD Profiler Version 2.4.0 - (...) [HKLM][64Bits] -- DVD Profiler_is1
O42 - Logiciel: Free JPG To PDF Converter 1.0 - (.JPG2PDF Developer Team.) [HKLM][64Bits] -- Free JPG To PDF Converter_is1
O42 - Logiciel: Fried Cookie Updater - (.Fried Cookie.) [HKLM][64Bits] -- Fried Cookie Updater
O42 - Logiciel: GEXFAC version 7.0.0.7 - (.GEXFAC.) [HKLM][64Bits] -- {2BFD6D2C-B632-4501-B2E5-62AF009C5536}_is1
O42 - Logiciel: Iminent - (.Iminent.) [HKLM][64Bits] -- {90259377-55E9-4D60-A0C0-32EF312931A1} =>Adware.IMBooster
O42 - Logiciel: MagicScan - (.MagicScan.) [HKLM][64Bits] -- SAUTRANSLATENET_is1
O42 - Logiciel: NewFreeScreensaver nfsBalls02 - (...) [HKLM][64Bits] -- nfsClock14 New Free Screensaver_is1
O42 - Logiciel: NewFreeScreensaver nfsCanadaFlagClock - (...) [HKLM][64Bits] -- nfsCanadaFlagClock New Free Screensaver_is1
O42 - Logiciel: Red Eye Remover 2.0 - (...) [HKLM][64Bits] -- Red Eye Remover_is1
~ Logic: 231 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\APN PIP]
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\BearShare] =>PUP.BearShare
[HKCU\Software\BrowseFox] =>Adware.BrowseFox
[HKCU\Software\Delta]
[HKCU\Software\Fried Cookie]
[HKCU\Software\GAILLARD]
[HKCU\Software\Gexfac]
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\InkjetPrinter]
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\PIP]
[HKCU\Software\Reimage] =>Rogue.ReimageRepair
[HKCU\Software\YahooPartnerToolbar] =>Toolbar.Yahoo
[HKCU\Software\sj]
[HKCU\Software\yahoo] =>Toolbar.Yahoo
[HKLM\Software\Reimage] =>Rogue.ReimageRepair
[HKLM\Software\Wow6432Node\Delta]
[HKLM\Software\Wow6432Node\Fried Cookie Ringtone Maker]
[HKLM\Software\Wow6432Node\PIP]
[HKLM\Software\Wow6432Node\Umbrella]
[HKLM\Software\Wow6432Node\Yahoo] =>Toolbar.Yahoo
~ Key Software: 381 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 10/09/2013 - 17:09:33 - [1,171] ----D C:\Program Files (x86)\BrowseFox =>Adware.BrowseFox
O43 - CFD: 10/09/2013 - 16:07:21 - [1,576] ----D C:\Program Files (x86)\Delta
O43 - CFD: 19/05/2013 - 14:57:37 - [0,478] ----D C:\Program Files (x86)\Fried Cookie
O43 - CFD: 15/04/2012 - 18:53:06 - [52,131] ----D C:\Program Files (x86)\Gexfac
O43 - CFD: 21/05/2013 - 12:18:08 - [855,201] ----D C:\Program Files (x86)\MagicScan
O43 - CFD: 13/08/2010 - 20:02:26 - [2,290] ----D C:\Program Files (x86)\NewFreeScreensavers
O43 - CFD: 07/12/2012 - 10:26:44 - [7,631] ----D C:\Program Files (x86)\Notes de frais
O43 - CFD: 31/12/2011 - 20:26:49 - [3,316] ----D C:\Program Files (x86)\Red Eye Remover
O43 - CFD: 27/06/2011 - 20:32:55 - [0,373] ----D C:\Program Files (x86)\x3_Codec =>Trojan.x3Codec
O43 - CFD: 20/05/2012 - 13:12:50 - [0,181] ----D C:\Program Files (x86)\Yahoo! =>Toolbar.Yahoo
O43 - CFD: 10/09/2013 - 17:09:44 - [2,736] ----D C:\Program Files (x86)\Common Files\Umbrella
O43 - CFD: 10/09/2013 - 16:07:12 - [0,147] ----D C:\ProgramData\DSearchLink =>Toolbar.DeltaSearch
O43 - CFD: 15/04/2012 - 18:53:57 - [0,002] ----D C:\ProgramData\Gexfac
O43 - CFD: 13/10/2009 - 21:38:48 - [5,393] --H-D C:\ProgramData\{ADCBF7A8-716E-4B21-AF03-E3F11C06C309}
O43 - CFD: 18/05/2013 - 16:53:46 - [23,535] -SH-D C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
O43 - CFD: 24/10/2010 - 19:58:12 - [17,670] -SH-D C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
O43 - CFD: 15/04/2012 - 18:53:53 - [0,134] ----D C:\Users\Claude\AppData\Local\GEXFAC
O43 - CFD: 17/05/2012 - 13:40:40 - [0,211] ----D C:\Users\Claude\AppData\Local\Notedefrais
O43 - CFD: 27/06/2011 - 20:32:55 - [0,002] ----D C:\Users\Claude\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\x3_Codec 1.5.0.0 =>Trojan.x3Codec
~ 71 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 395 Legitimates Filtered in 00mn 04s



---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{ecd6f784-9c00-11df-960b-4061862e53cc}\AutoRun\command. (...) -- J:\NokiaPCIA_Autorun.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\ccleaner [Key] . (...) -- C:\Program Files\CCleaner\CCleaner64.exe (.not file.) =>Piriform Ltd
O53 - SMSR:HKLM\...\startupreg\HostManager [Key] . (.America Online, Inc. - AOL.) -- C:\Program Files (x86)\Common Files\AOL\1292600817\ee\AOLSoftware.exe
O53 - SMSR:HKLM\...\startupreg\NETGEARGenie [Key] . (...) -- C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
O53 - SMSR:HKLM\...\startupreg\Windows Mobile Device Center [Key] . (...) -- C:\Windows\WindowsMobile\wmdc.exe (.not file.)
~ SMSR Keys: 28 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 20 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.D63802C63DCAC9D2450333105C81E91E] - 13/04/2007 - 18:30:43 ---A- . (.America Online - ATW Protocol Driver.) -- C:\Windows\System32\Drivers\ATWPKT264.SYS [33592]
O58 - SDL:[MD5.0D74D0AA2ECCB5E2019B5E10C38AFD19] - 13/04/2007 - 18:30:39 ---A- . (.America Online - ATW Protocol Driver.) -- C:\Windows\SysWOW64\drivers\atwpkt2.sys [25136]
~ Drivers: 20 Legitimates Filtered in 00mn 00s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 19 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (...) -- C:\PROGRA~2\AOL9~1.0VR\aol.exe http://www.22find.com =>Hijacker.22Find
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Safari\Safari.exe" http://www.qvo6.com =>Hijacker.Qvo6
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {14FB9F5D-D535-46D2-B167-94600629D0CE} - (AOL Recherche) - http://slirsredirect.search.aol.com
O69 - SBI: SearchScopes [HKCU] {1EC86572-0EFD-4E4D-A386-D9FC476A32EA} - (Yahoo!) - http://fr.search.yahoo.com =>Toolbar.Yahoo
O69 - SBI: SearchScopes [HKCU] {45450030-0482-485F-9DAC-00547EE9F21C} - (Yahoo! Search) - http://search.yahoo.com =>Toolbar.Yahoo
O69 - SBI: SearchScopes [HKCU] {658A3BDA-E1DD-4EE8-9B37-C55F92ED790C} - (Ask Search) - http://websearch.ask.com =>Toolbar.Ask
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {7D7AE29F-C990-4602-A381-7B85EAA69B32} - (AOL search) - http://slirsredirect.search.aol.com
O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {CA3DF579-C67E-4E78-B840-707F1606B427} - (Kelkoo) - http://fr.kelkoopartners.net
O69 - SBI: SearchScopes [HKCU] {DBFFA256-C38F-471B-8BFC-25698EEAC03A} - (Search the web (Softonic)) - http://search.softonic.com =>Adware.IMBooster
O69 - SBI: SearchScopes [HKCU] {F39F2C44-6EE9-4DA9-A0A6-AF3C3B6D26FB} - (Bing) - http://www.bing.com
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.B3A840E05F27DC6AE773A5D622BFA994] [SPRF][11/09/2012] (.Ask.com - Offercast - APN Install Manager.) -- C:\Users\Claude\AppData\Local\Temp\AskPIP_FF_.exe [783560]
[MD5.32DCED18FFFEA0035E4FA975CA0AE8BE] [SPRF][22/04/2013] (.The Software Group - Software Update Setup.) -- C:\Users\Claude\AppData\Local\Temp\BoxoreInstaller.exe [620656] =>Adware.Boxore
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][12/05/2013] (...) -- C:\Users\Claude\AppData\Local\Temp\e3hyqq0f.dll [0]
[MD5.3B32CAA07D672F8A2E0DF5CB3A873F45] [SPRF][22/06/2012] (...) -- C:\Users\Claude\AppData\Local\Temp\ESGScanner.sys [22704]
[MD5.50C0970BCAAE029A9AB15E5E5775387E] [SPRF][12/05/2013] (...) -- C:\Users\Claude\AppData\Local\Temp\g4pgw4kw.dll [175104]
[MD5.262FFFA7DAE3043393153E2D5C19698C] [SPRF][19/05/2013] (...) -- C:\Users\Claude\AppData\Local\Temp\i4jdel0.exe [4608]
[MD5.C1088478BA3526E2C360001084508D90] [SPRF][01/04/2013] (...) -- C:\Users\Claude\AppData\Local\Temp\ICReinstall_PDFConverterSetup.exe [690960]
[MD5.121E4A808839EECD5F4E494F23C44D50] [SPRF][04/06/2013] (...) -- C:\Users\Claude\AppData\Local\Temp\MapSource.reg [452]
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][06/03/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Claude\AppData\Local\Temp\nslD858.exe [110936] =>Toolbar.Conduit
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][06/03/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Claude\AppData\Local\Temp\nsv6E40.exe [110936] =>Toolbar.Conduit
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][06/03/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Claude\AppData\Local\Temp\nsv9324.exe [110936] =>Toolbar.Conduit
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][06/03/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Claude\AppData\Local\Temp\nsvDF50.exe [110936] =>Toolbar.Conduit
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][13/05/2013] (...) -- C:\Users\Claude\AppData\Local\Temp\o13mny5x.dll [0]
[MD5.8F19CF5D91B94E8EEED25E38921B9CF5] [SPRF][08/05/2013] (...) -- C:\Users\Claude\AppData\Local\Temp\oqislmvm.dll [15360]
[MD5.4D5EE039DF40AF36B8643A1388D287A8] [SPRF][06/05/2013] (.Reimage® - Reimage Repair.) -- C:\Users\Claude\AppData\Local\Temp\ReimagePackage.exe [11871520] =>Rogue.ReimageRepair
[MD5.98E1D63A539CA25A7614165126AD2906] [SPRF][06/05/2013] (...) -- C:\Users\Claude\AppData\Local\Temp\sh4plist.dat [68]
[MD5.2D3F145B357E282F01ED3B1DD0CD21E1] [SPRF][06/05/2013] (...) -- C:\Users\Claude\AppData\Local\Temp\SHSetup.exe [45937744] =>Crapware.SpyHunter
[MD5.EA5C1D73FB6840B69E5034ACE95684AF] [SPRF][27/03/2013] (.Conduit - Search Protect by conduit.) -- C:\Users\Claude\AppData\Local\Temp\SPStub.exe [68968] =>Toolbar.Conduit
[MD5.385AC3C3EC27F773979043EC1B2115F3] [SPRF][10/09/2013] (...) -- C:\Users\Claude\AppData\Local\Temp\Uninst.bat [635]
[MD5.3C74C26999F2060BC6302448F173A342] [SPRF][28/08/2013] (.Babylon Ltd. - Uninstaller Application.) -- C:\Users\Claude\AppData\Local\Temp\uninst1.exe [340464] =>Toolbar.Babylon
[MD5.F225CE03607B45177BD87DA8E3B11257] [SPRF][16/05/2013] (...) -- C:\Users\Claude\AppData\Local\Temp\utt8C01.tmp.bat [102]
[MD5.CC714D36850EE93381DA376BF650528A] [SPRF][23/03/2013] (...) -- C:\Users\Claude\AppData\Local\Temp\wajam_install.exe [473616] =>Toolbar.Wajam
[MD5.B3BBE479F176BB60496A1CA01D14CE5E] [SPRF][10/09/2013] (...) -- C:\Users\Claude\AppData\Local\Temp\xaroy3he.dll [15360]
[MD5.01179F414E74B8E13462618C68CB1FC0] [SPRF][26/03/2012] (...) -- C:\Users\Claude\AppData\Roaming\wklnhst.dat [356]
[MD5.96030AE285C32ECCD1C599F1C5DD2BEF] [SPRF][10/09/2013] (...) -- C:\Users\Claude\Desktop\AdwCleaner_1.606_En(1).exe [581957]
[MD5.96030AE285C32ECCD1C599F1C5DD2BEF] [SPRF][23/03/2013] (...) -- C:\Users\Claude\Desktop\AdwCleaner_1.606_En.exe [581957]
[MD5.177787D82CC2AC24E08AD1A8A9C24F7E] [SPRF][02/12/2012] (...) -- C:\Users\Claude\Desktop\HSS-2.75-install-plain-370-plain.exe [5100832]
[MD5.C03920C36E0B183AE5C3D93E48064469] [SPRF][05/02/2012] (.Softonic - Pas de description.) -- C:\Users\Claude\Desktop\softonic_ggl_1.5.11.5.exe [1553208] =>Toolbar.Conduit
[MD5.D1B06862DD6AE36F8A886EE5AB930B64] [SPRF][31/12/2011] (.Pas de propriétaire - Photo! Web Album Setup.) -- C:\Users\Claude\Desktop\webalbinst.exe [19620864]
[MD5.8F700DA1A1A75501D6EEF76BC866EB29] [SPRF][15/01/2010] (...) -- C:\Windows\Downloaded Program Files\LMIProxyHelper.exe [70984]
[MD5.1C635861E857359F1FCF692C9076F61F] [SPRF][01/06/2010] (...) -- C:\Windows\Downloaded Program Files\RACtrl.dll [4064656]
~ Files: 42 Legitimates Filtered in 00mn 06s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{EAEBFB86-AE91-4A55-B9F8-6610588E68C1}" | In - Private - P6 - TRUE | .(.SweetIM Technologies, Ltd. - SweetIM Installer.) -- C:\Users\Claude\Downloads\SweetImSetup (1).exe =>PUP.SweetIM
O87 - FAEL: "{F0063CF9-DB34-4EBD-AA2B-1DEE5B3C6900}" | In - Private - P17 - TRUE | .(.SweetIM Technologies, Ltd. - SweetIM Installer.) -- C:\Users\Claude\Downloads\SweetImSetup (1).exe =>PUP.SweetIM
O87 - FAEL: "{695D425B-E10C-41EF-A00F-432B36611131}" | In - Private - P6 - TRUE | .(.SweetIM Technologies, Ltd. - SweetIM Installer.) -- C:\Users\Claude\Downloads\SweetImSetup (2).exe =>PUP.SweetIM
O87 - FAEL: "{02EC150C-33D9-4EAF-963C-CA8C38FE56FB}" | In - Private - P17 - TRUE | .(.SweetIM Technologies, Ltd. - SweetIM Installer.) -- C:\Users\Claude\Downloads\SweetImSetup (2).exe =>PUP.SweetIM
O87 - FAEL: "{57894671-AB02-4778-B757-0E68950AEEA2}" | In - Private - P6 - TRUE | .(.SweetIM Technologies, Ltd. - SweetIM Installer.) -- C:\Users\Claude\Downloads\SweetImSetup (3).exe =>PUP.SweetIM
O87 - FAEL: "{769309B4-A599-424B-9269-96BD8F51E0F2}" | In - Private - P17 - TRUE | .(.SweetIM Technologies, Ltd. - SweetIM Installer.) -- C:\Users\Claude\Downloads\SweetImSetup (3).exe =>PUP.SweetIM
O87 - FAEL: "TCP Query User{E7CF4911-550D-4688-8C7B-82F8FFCE6C4F}C:\program files (x86)\netgear genie\bin\netgeargenie.exe" | In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\netgear genie\bin\netgeargenie.exe
O87 - FAEL: "UDP Query User{AF08704F-A3ED-44F0-95A7-6706774F5049}C:\program files (x86)\netgear genie\bin\netgeargenie.exe" | In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\netgear genie\bin\netgeargenie.exe
O87 - FAEL: "TCP Query User{39A6AE64-E9F7-4B6B-96A9-651BF852DE38}C:\program files (x86)\netgear genie\bin\netgeargenie.exe" | In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\netgear genie\bin\netgeargenie.exe
O87 - FAEL: "UDP Query User{E861BBC3-7EBE-4EEE-9118-684675268AE4}C:\program files (x86)\netgear genie\bin\netgeargenie.exe" | In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\netgear genie\bin\netgeargenie.exe
O87 - FAEL: "{A8C63EBD-F6F9-42F5-97F6-AC4459C36D3B}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "{8A8B7BCB-2C3B-464E-B7B2-FEA8B29D04BE}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "{6FDFFC30-7EAF-4746-9335-65CF0C4CE443}" | In - Private - P6 - TRUE | .(.SweetIM Technologies, Ltd. - SweetIM Installer.) -- C:\Users\Claude\Downloads\SweetImSetup.exe =>PUP.SweetIM
O87 - FAEL: "{1916690D-2184-4930-A94F-95F16CFEC6A0}" | In - Private - P17 - TRUE | .(.SweetIM Technologies, Ltd. - SweetIM Installer.) -- C:\Users\Claude\Downloads\SweetImSetup.exe =>PUP.SweetIM
O87 - FAEL: "{EB39AFAA-9A2B-42B8-8C29-912FF5CEDC8F}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Iminent\Iminent.exe (.not file.) =>Adware.IMBooster
O87 - FAEL: "{237CAC23-F2A7-4DD7-B095-8DCCD057B5A8}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Iminent\Iminent.Messengers.exe (.not file.) =>Adware.IMBooster
O87 - FAEL: "{4E4DC667-064D-4443-9D2A-4A1D346388E3}" |In - None - P6 - TRUE | .(...) -- C:\Program Files (x86)\BearShare Applications\BearShare\BearShare.exe (.not file.) =>PUP.BearShare
~ Firewall: 279 Legitimates Filtered in 00mn 02s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "25BD30E1BC5D83343A835E62DDD4D41B" . (.Bing Bar.) -- C:\Windows\Installer\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}\icon_installer_ico =>Toolbar.Bing
O90 - PUC: "773952099E5506D40A0C23FE1392131A" . (.Iminent.) -- C:\Windows\Installer\{90259377-55E9-4D60-A0C0-32EF312931A1}\imbooster.ico =>Adware.IMBooster
~ Update Products: 166 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.1838AAD72EF6FD18E190FB2E4B72AD6E] [WIS][10/09/2013] (.Iminent - Iminent.) -- C:\Windows\Installer\113115.msi [10231808] =>Adware.IMBooster
[MD5.483E076A52D0CD5AAAC43DE6B42EDFD9] [WIS][20/01/2013] (.Linkury Inc. - QuickShare Widget.) -- C:\Windows\Installer\24b91f.msi [7962624] =>PUP.QuickShare
[MD5.C4C873997DB038B18ECCD267A9B51428] [WIS][06/05/2013] (.Iminent - Iminent.) -- C:\Windows\Installer\2e5a1.msi [10145792] =>Adware.IMBooster
~ WIS: 182 Legitimates Filtered in 00mn 23s



---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 18/03/2010 113152 | (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
SS - | Demand 08/06/2010 72704 | (Adobe LM Service) . (.Adobe Systems.) - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
SR - | Auto 10/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 20/08/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 23/10/2006 46640 | (AOL ACS) . (.AOL LLC.) - C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
SR - | Auto 21/12/2012 57008 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 30/10/2012 206448 | (AVP) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
SS - | Demand 01/03/2011 183560 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 11/01/2007 126464 | (EPSON_PM_RPCV4_01) . (.SEIKO EPSON CORPORATION.) - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\ezsvc7.dll (ezSharedSvc) . (.EasyBits Sofware AS.) - C:\Windows\System32\svchost.exe
SS - | Demand 22/05/2009 250616 | (GameConsoleService) . (.WildTangent, Inc..) - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
SR - | Auto 30/05/2013 219480 | (Garmin Core Update Service) . (.Garmin Ltd or its subsidiaries.) - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
SS - | Auto 10/11/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 10/11/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 14/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 30/04/2009 229944 | (hpqwmiex) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
SR - | Auto 04/06/2009 354840 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
SS - | Demand 04/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SR - | Demand 15/05/2013 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 04/03/2011 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 14/04/2010 45736 | (lxeaCATSCustConnectService) . (.Lexmark International, Inc..) - C:\Windows\system32\spool\DRIVERS\x64\3\lxeaserv.exe
SR - | Auto 07/01/2010 1052328 | (lxea_device) . (...) - C:\Windows\system32\lxeacoms.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 25/09/2012 231752 | (NETGEARGenieDaemon) . (.NETGEAR.) - C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
SR - | Auto 21/06/2013 884512 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 03/07/2013 1887520 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 29/11/2012 38608 | (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
SR - | Auto 26/01/2009 1153368 | (SBSDWSCService) . (.Safer Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
SR - | Auto 25/02/2011 249648 | (SeaPort) . (.Microsoft Corporation.) - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.exe
SS - | Demand 29/04/2008 572928 | (ServiceLayer) . (.Nokia..) - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
SR - | Auto 02/10/2012 3064000 | (Skype C2C Service) . (.Skype Technologies S.A..) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
SS - | Auto 13/07/2012 160944 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Auto 10/07/1658 0 | (Software_update) . (...) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore
SS - | Demand 10/07/1658 0 | (Software_update_m) . (...) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore
SR - | Auto 07/08/2013 2868544 | (SProtection) . (.Iminent.) - C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe =>Adware.IMBooster
SR - | Auto 21/06/2013 413472 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 22/03/2013 93072 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
SR - | Auto 30/08/2013 206624 | (Update BrowseFox) . (.BrowseFox.) - C:\Program Files (x86)\BrowseFox\updateBrowseFox.exe =>Adware.BrowseFox
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 25s



---\\ Scan Additionnel (O88)
Database Version : 12895 - (10/09/2013)
Clés trouvées (Keys found) : 63
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 7
Fichiers trouvés (Files found) : 39

[HKLM\Software\Google\Chrome\Extensions\ppdjnkblmcjfnlogjjhpigpdgpcgdpll] =>Adware.BrowseFox^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B9507101-E464-4B3B-A4CB-291AAEDD94F2}] =>Adware.BrowseFox^
[HKLM\SYSTEM\CurrentControlSet\Services\Software_update (Software_update] =>Adware.Boxore^
[HKLM\SYSTEM\CurrentControlSet\Services\SProtection] =>Adware.IMBooster^
[HKLM\SYSTEM\CurrentControlSet\Services\Update BrowseFox] =>Adware.BrowseFox^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\BrowseFox] =>Adware.BrowseFox^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{90259377-55E9-4D60-A0C0-32EF312931A1}] =>Adware.IMBooster^
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4e42-A125-57C0A11DBCDE}] =>PUP.iMesh
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9] =>Adware.MyWebSearch
[HKCU\Software\APN PIP] =>Toolbar.Ask
[HKCU\Software\BlabbersToolbar] =>PUP.Blabbers
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\PIP] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\PIP] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}] =>Toolbar.Bing
[HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Classes\Installer\Features\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Bing
[HKLM\Software\Classes\Installer\Products\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Bing
[HKLM\Software\Wow6432Node\Classes\Installer\Features\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Bing
[HKLM\Software\Wow6432Node\Classes\Installer\Products\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>Toolbar.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>Toolbar.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2] =>Toolbar.Ask
[HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\desksvc] =>Hijacker.22find
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1EAD96AE2CB1DE84BAA9425A8CCA0817] =>Adware.Boxore
[HKCU\Software\Reimage] =>Rogue.ReimageRepair
[HKLM\Software\Reimage] =>Rogue.ReimageRepair
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\x3_Codec] =>Trojan.DivoCodec
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\eSafeSvc] =>PUP.eSafeSecurity
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.TestContentCommand] =>Adware.IMBooster
[HKLM\Software\Classes\aolfrTb.AOLToolBand.1] =>Toolbar.Agent
[HKLM\Software\Classes\AOLTB.AOLToolBand.1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.TestContentCommand] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\aolfrTb.AOLToolBand.1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\AOLTB.AOLToolBand.1] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
C:\Program Files (x86)\BrowseFox =>Adware.BrowseFox^
C:\Program Files (x86)\x3_Codec =>Trojan.x3Codec^
C:\Program Files (x86)\Yahoo! =>Toolbar.Yahoo^
C:\ProgramData\DSearchLink =>Toolbar.DeltaSearch^
C:\Users\Claude\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\x3_Codec 1.5.0.0 =>Trojan.x3Codec^
C:\Program Files (x86)\BearShare Applications =>PUP.BearShare
C:\Program Files (x86)\Common Files\Umbrella =>Adware.IMBooster
C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe =>Adware.IMBooster^
C:\Users\Claude\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppdjnkblmcjfnlogjjhpigpdgpcgdpll =>Adware.BrowseFox^
C:\Program Files (x86)\BrowseFox\BrowseFoxbho.dll =>Adware.BrowseFox^
C:\Program Files (x86)\x3_Codec\x3_codec.exe =>Trojan.x3Codec^
C:\Program Files (x86)\BrowseFox\updateBrowseFox.exe =>Adware.BrowseFox^
[HKCU\Software\BabSolution] =>Hijacker.BabSolution^
[HKCU\Software\BearShare] =>PUP.BearShare^
[HKCU\Software\BrowseFox] =>Adware.BrowseFox^
[HKCU\Software\YahooPartnerToolbar] =>Toolbar.Yahoo^
[HKCU\Software\yahoo] =>Toolbar.Yahoo^
[HKLM\Software\Wow6432Node\Yahoo] =>Toolbar.Yahoo^
C:\Users\Claude\AppData\Local\Temp\BoxoreInstaller.exe =>Adware.Boxore^
C:\Users\Claude\AppData\Local\Temp\nslD858.exe =>Toolbar.Conduit^
C:\Users\Claude\AppData\Local\Temp\nsv6E40.exe =>Toolbar.Conduit^
C:\Users\Claude\AppData\Local\Temp\nsv9324.exe =>Toolbar.Conduit^
C:\Users\Claude\AppData\Local\Temp\nsvDF50.exe =>Toolbar.Conduit^
C:\Users\Claude\AppData\Local\Temp\ReimagePackage.exe =>Rogue.ReimageRepair^
C:\Users\Claude\AppData\Local\Temp\SHSetup.exe =>Crapware.SpyHunter^
C:\Users\Claude\AppData\Local\Temp\SPStub.exe =>Toolbar.Conduit^
C:\Users\Claude\AppData\Local\Temp\uninst1.exe =>Toolbar.Babylon^
C:\Users\Claude\AppData\Local\Temp\wajam_install.exe =>Toolbar.Wajam^
C:\Users\Claude\Desktop\softonic_ggl_1.5.11.5.exe =>Toolbar.Conduit^
C:\Users\Claude\Downloads\SweetImSetup (1).exe =>PUP.SweetIM^
C:\Users\Claude\Downloads\SweetImSetup (2).exe =>PUP.SweetIM^
C:\Users\Claude\Downloads\SweetImSetup (3).exe =>PUP.SweetIM^
C:\Users\Claude\Downloads\SweetImSetup.exe =>PUP.SweetIM^
C:\Windows\Installer\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}\icon_installer_ico =>Toolbar.Bing^
C:\Windows\Installer\{90259377-55E9-4D60-A0C0-32EF312931A1}\imbooster.ico =>Adware.IMBooster^
C:\Windows\Installer\113115.msi =>Adware.IMBooster^
C:\Windows\Installer\24b91f.msi =>PUP.QuickShare^
C:\Windows\Installer\2e5a1.msi =>Adware.IMBooster^
C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore^
C:\Windows\Reimage.ini =>Rogue.ReimageRepair
~ Additionnel Scan: 484594 Items scanned in 00mn 26s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/32363262-adware-browsefox =>Adware.BrowseFox
~ http://nicolascoolman.webs.com/apps/blog/show/32036479-trojan-x3codec =>Trojan.x3Codec
~ http://nicolascoolman.webs.com/apps/blog/show/26630379-hijacker-22find =>Hijacker.22Find
~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
~ http://nicolascoolman.webs.com/apps/blog/show/28060597-pup-dealply =>PUP.DealPly
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/26678994-hijacker-babsolution =>Hijacker.BabSolution
~ http://nicolascoolman.webs.com/apps/blog/show/26705717-pup-bearshare =>PUP.BearShare
~ http://nicolascoolman.webs.com/apps/blog/show/29790567-adware-installcore =>Adware.InstallCore
~ http://nicolascoolman.webs.com/apps/blog/show/26633218-rogue-reimagerepair =>Rogue.ReimageRepair
~ http://nicolascoolman.webs.com/apps/blog/show/30268689-toolbar-yahoo =>Toolbar.Yahoo
~ http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/26631242-hijacker-qvo6 =>Hijacker.Qvo6
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/26609241-crapware-spyhunter =>Crapware.SpyHunter
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>Toolbar.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/27379491-toolbar-wajam =>Toolbar.Wajam
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/31536787-toolbar-bing =>Toolbar.Bing
~ http://nicolascoolman.webs.com/apps/blog/show/28577022-pup-quickshare =>PUP.QuickShare
~ http://nicolascoolman.webs.com/apps/blog/show/28441146-pup-imesh =>PUP.iMesh
~ http://nicolascoolman.webs.com/apps/blog/show/30898245-toolbar-skype =>Toolbar.Skype
~ http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch =>Adware.MyWebSearch
~ http://nicolascoolman.webs.com/apps/blog/show/27280149-pup-blabbers =>PUP.Blabbers
~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo
~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>Toolbar.Tarma
~ http://nicolascoolman.webs.com/apps/blog/show/27588628-pup-esafesecurity =>PUP.eSafeSecurity
~ MSI: 28 link(s) detected in 00mn 26s



~ 1704 Legitimates filtered by white list
End of the scan (785 lines in 02mn 20s)(0)

Publicité


Signaler le contenu de ce document

Publicité