cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2015.6.4.54 - Nicolas Coolman (31/05/2015)
~ Lancé par daniel (13/08/2015 17:00:43)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Nouvelle version disponible
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17937 (Defaut)
GCIE: Google Chrome v43.0.2357.124

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
~ Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : H2YGR
Windows License : OK
~ Windows Remaining Initializations Number : 998
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 8.1 Connected, 64-bit (Build 9600)

---\\ Logiciels de protection du système
McAfee LiveSafe - Internet Security v14.0.4113
Windows Defender W8 (Deactivate)

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Acrobat Reader DC - Français

---\\ Informations sur le système
~ Processor: AMD64 Family 22 Model 0 Stepping 1, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3517 MB (60% free)
System Restore: Activé (Enable)
System drive C: has 415 GB (91%) free of 452 GB

---\\ Mode de connexion au système
~ Computer Name: FATIMA
~ User Name: daniel
~ All Users Names: HomeGroupUser$, daniel, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\daniel\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\daniel\AppData\Roaming\
~ %Desktop% : C:\Users\daniel\Desktop\
~ %Favorites% : C:\Users\daniel\Favorites\
~ %LocalAppData% : C:\Users\daniel\AppData\Local\
~ %StartMenu% : C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 415 Go of 452 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 13 Go)
E: CD-ROM drive (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 41 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.C10A66189DC8C090E7C84873EDCEBC88] - (.Microsoft Corporation - Explorateur Windows.) (.28/01/2015 - 00:47:12.) -- C:\Windows\Explorer.exe [2501368]
[MD5.A570A64292214C43E0BA50E6A72A6380] - (.Microsoft Corporation - Application de démarrage de Windows.) (.29/10/2014 - 02:25:54.) -- C:\Windows\System32\Wininit.exe [145920]
[MD5.C555B5C8142844DED9E3BD94E6313000] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.16/07/2015 - 20:12:42.) -- C:\Windows\System32\wininet.dll [2427904]
[MD5.EC498BAE1F0D3E0E401C963F8D76C437] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.29/10/2014 - 02:22:52.) -- C:\Windows\System32\Winlogon.exe [572416]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Bibliothèque de licences.) (.18/03/2014 - 16:40:32.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.374E27295F0A9DCAA8FC96370F9BEEA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.30/05/2014 - 04:03:03.) -- C:\Windows\system32\Drivers\AFD.sys [563200]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 13:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 12:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 09:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.06/03/2014 - 10:22:50.) -- C:\Windows\system32\Drivers\DfsC.sys [134144]
[MD5.D4B7ED39C7900384D9E5C1283F1E7926] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.24/07/2014 - 12:45:39.) -- C:\Windows\system32\Drivers\HDAudBus.sys [76800]
[MD5.49EE0AE9E5B64FFBBD06D55C4984B598] - (.Microsoft Corporation - Pilote de port i8042.) (.04/11/2014 - 07:54:54.) -- C:\Windows\system32\Drivers\i8042prt.sys [108544]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.18/03/2014 - 16:40:35.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.6FBDF2B1B025A8E6E069234362FFFFB7] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.27/06/2015 - 04:12:25.) -- C:\Windows\system32\Drivers\MRxSmb.sys [401408]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 12:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.7F68063A5A0461E02BC860CE0E6BFDDC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.15/10/2014 - 09:32:37.) -- C:\Windows\system32\Drivers\ntfs.sys [2025792]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Pilote de port parallèle.) (.22/08/2013 - 12:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 12:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.18/03/2014 - 16:09:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 14:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.64CA2B4A49A8EAF495E435623ECCE7DB] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.19/06/2014 - 03:13:36.) -- C:\Windows\system32\Drivers\volsnap.sys [310080]
~ Generic Processes: Scanned in 00mn 01s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/268
~ Mes Favoris (My Favorites) : 1/14
~ Mes Documents (My Documents) : 0/1
~ Mon Bureau (My Desktop) : 0/2
~ Menu demarrer (Programs) : 1/22
~ Hidden Files: Scanned in 00mn 00s



---\\ Processus lancés
[MD5.5574337F2FDCDEF9F32902FEBA1BEDEC] - (.Pas de propriétaire - Printer Device Monitor.) -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe [770728] [PID.6228]
[MD5.CE4AC8EF66F4622370FB3BE02F5AC2F4] - (...) -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe [148280] [PID.3132]
[MD5.127CD00925C1A2B759765C5B9600DE30] - (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928] [PID.6872]
[MD5.12E2FC1F74265881402DE856D01EFFFE] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8214016] [PID.3208]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Preferences

---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 1 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M2 - MFEP: RegExtension {9E4469B6-7573-15FE-C8A1-B5533774B24F} . (...) -- C:\Program Files (x86)\version13CheckMeUp\192.xpi =>PUP.CrossRider
P2 - FPN: [HKLM] [@mcafee.com/MSC,version=10] - (...) -- C:\Program Files\mcafee\msc\npMcSnFFPl64.dll
~ Firefox Browser: 2 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com =>PUP.StartSearch
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com =>PUP.StartSearch
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com =>PUP.StartSearch
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com =>PUP.StartSearch
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com =>PUP.StartSearch
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com =>PUP.StartSearch
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com =>PUP.StartSearch
~ IE Browser: 17 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: GreeatSave4U [64Bits] - {0D466D0A-9895-4E6C-BB99-00CB1D182E00} . (...) -- C:\Program Files (x86)\GreeatSave4U\U09W0Yqlc3unhK.dll =>PUP.GreatSave4U
O2 - BHO: shopperz Helper [64Bits] - {3c9ce603-44cc-4997-a166-239e6186c6ef} Clé orpheline =>PUP.Shopperz
O2 - BHO: LuckyTab Class [64Bits] - {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} . (.Thinknice Co. Limited - SupTab setup package.) -- C:\Program Files (x86)\MiuiTab\SupTab.dll =>PUP.LuckyTab
O2 - BHO: CheckMeUp [64Bits] - {9371D643-9492-BCE9-D237-F50D3849DF5B} . (...) -- C:\Program Files (x86)\version13CheckMeUp\192.dll =>PUP.CrossRider
O2 - BHO: GrEaTSAvEo4U [64Bits] - {99C7E8D0-1F51-44EA-8D5D-77F682E120A1} . (...) -- C:\Program Files (x86)\GrEaTSAvEo4U\qUFMJaIKQYFetD.dll =>PUP.GreatSave4U
~ BHO: 14 Legitimates Filtered in 00mn 04s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: McAfee SafeKey - [HKLM]{61D700C1-7D8D-43c5-9C13-4FF85157CFE6} . (.McAfee - McAfee SafeKey.) -- C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll
~ Toolbar: Scanned in 00mn 00s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [lxebmon.exe] . (.Pas de propriétaire - Printer Device Monitor.) -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe
O4 - HKLM\..\Run: [EzPrint] . (...) -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
O4 - HKCU\..\Run: [Search Protection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe (.not file.)
O4 - HKCU\..\Run: [WindApp] C:\Users\daniel\AppData\Roaming\Store\WindApp\WindApp.exe (.not file.) =>PUP.Nosibay
O4 - HKCU\..\Run: [Selection Tools] C:\Users\daniel\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe (.not file.) =>PUP.Nosibay
O4 - HKUS\S-1-5-21-1215373533-2193522450-3301530327-1001\..\Run: [Messenger (Yahoo!)] . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
O4 - HKUS\S-1-5-21-1215373533-2193522450-3301530327-1001\..\Run: [Search Protection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe (.not file.)
O4 - HKUS\S-1-5-21-1215373533-2193522450-3301530327-1001\..\Run: [WindApp] C:\Users\daniel\AppData\Roaming\Store\WindApp\WindApp.exe (.not file.) =>PUP.Nosibay
O4 - HKUS\S-1-5-21-1215373533-2193522450-3301530327-1001\..\Run: [Selection Tools] C:\Users\daniel\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe (.not file.) =>PUP.Nosibay
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 [64Bits] - {25510184-5A38-4A99-B273-DCA8EEF6CD08} . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\Resources\Icons\HP.ico
O9 - Extra button: McAfee SafeKey [64Bits] - {43699cd0-e34f-11de-8a39-0800200c9a66} . (.McAfee - McAfee SafeKey.) -- C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 [64Bits] - {A95fe080-8f5d-11d2-a20b-00aa003c157a} -- C:\Program Files (x86)\Evernote\Evernote\EvernoteIEx64.dll (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{9108FA0F-C400-41F5-9BAE-0EE1F2629CA9}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{9108FA0F-C400-41F5-9BAE-0EE1F2629CA9}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Service Google Update (gupdate) (gupdate) . (...) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (.not file.)
O23 - Service: Moody Bird (Moody Bird) . (...) - C:\Program Files (x86)\Moody Bird\Moody Bird.exe
~ Services: 17 Legitimates Filtered in 00mn 18s



---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [B6ehk9sNbYH8SgdpLapQqpRh7] (...) -- C:\Users\daniel\AppData\Roaming\B6ehk9sNbYH8SgdpLapQqpRh7.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Bidaily Synchronize Task[973b]] (...) -- c:\programdata\{d52d1b17-142e-fa18-d52d-d1b171426c5c}\yahoo-messenger.exe (.not file.) [0] =>PUP.BidailySync
[MD5.00000000000000000000000000000000] [APT] [UpdateTask] (...) -- C:\Users\daniel\AppData\Local\{F7A1C~1\UNINST~1.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A46F9E07-4871-47AB-A325-60AFF938589E}] (...) -- E:\Setup.exe (.not file.) [0]
O39 - APT: B6ehk9sNbYH8SgdpLapQqpRh7 - (...) -- C:\Windows\Tasks\B6ehk9sNbYH8SgdpLapQqpRh7.job [1040]
O39 - APT: B6ehk9sNbYH8SgdpLapQqpRh7 - (...) -- C:\Windows\System32\Tasks\B6ehk9sNbYH8SgdpLapQqpRh7 [1040]
O39 - APT: - (..) -- C:\Windows\Tasks\Bidaily Synchronize Task[8da6].job [356] =>PUP.BidailySync
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Bidaily Synchronize Task[8da6] [356] =>PUP.BidailySync
O39 - APT: Bidaily Synchronize Task[973b] - (...) -- C:\Windows\Tasks\Bidaily Synchronize Task[973b].job [360] =>PUP.BidailySync
O39 - APT: Bidaily Synchronize Task[973b] - (...) -- C:\Windows\System32\Tasks\Bidaily Synchronize Task[973b] [360] =>PUP.BidailySync
O39 - APT: UpdateTask - (...) -- C:\Windows\Tasks\UpdateTask.job [288]
O39 - APT: UpdateTask - (...) -- C:\Windows\System32\Tasks\UpdateTask [288]
~ Scheduled Task: 16 Legitimates Filtered in 00mn 09s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (cherimoya) . (. - .) - C:\Windows\System32\drivers\cherimoya.sys (.not file.)
~ Drivers: 36 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\APN PIP]
[HKCU\Software\ArenaHD] =>PUP.CrossRider
[HKCU\Software\AskPartnerNetwork] =>Toolbar.AskBar
[HKCU\Software\HQ Video Pro 3.1cV08.06-nv-ie] =>PUP.CrossRider
[HKCU\Software\HighDefAction] =>PUP.CrossRider
[HKCU\Software\HomeTab] =>PUP.CertifiedToolbar
[HKCU\Software\ICSW1.11]
[HKCU\Software\ICSW1.9]
[HKCU\Software\Kromtech]
[HKCU\Software\ProductSetup] =>Adware.InstallCore
[HKCU\Software\Reimage] =>Rogue.ReimageRepair
[HKCU\Software\SafeKey]
[HKCU\Software\Store] =>PUP.Nosibay
[HKCU\Software\WTools] =>PUP.Nosibay
[HKCU\Software\WajIEnhance] =>PUP.Wajam
[HKCU\Software\YorkNewCin] =>PUP.CrossRider
[HKCU\Software\eFix]
[HKLM\Software\ArenaHD] =>PUP.CrossRider
[HKLM\Software\HighDefAction] =>PUP.CrossRider
[HKLM\Software\Reimage] =>Rogue.ReimageRepair
[HKLM\Software\SafeKey]
[HKLM\Software\WebBar] =>PUP.WebBar
[HKLM\Software\Wow6432Node\55f1280d-f6b3-d5fc-e780-af70b2396374] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\AIM Toolbar]
[HKLM\Software\Wow6432Node\ArenaHD] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\AskPartnerNetwork] =>Toolbar.AskBar
[HKLM\Software\Wow6432Node\Company Name]
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\HighDefAction] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\MaxPower]
[HKLM\Software\Wow6432Node\SpeedBit]
[HKLM\Software\Wow6432Node\SupDp] =>PUP.SupTab
[HKLM\Software\Wow6432Node\YorkNewCin] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\searchult]
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab
[HKLM\Software\YorkNewCin] =>PUP.CrossRider
[HKLM\Software\eFix]
~ Key Software: 229 Legitimates Filtered in 00mn 02s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 10/06/2015 - 06:39:55 - [] ----D C:\Program Files (x86)\Company Name
O43 - CFD: 30/06/2015 - 06:05:19 - [] ----D C:\Program Files (x86)\GrEaTSAvEo4U =>PUP.GreatSave4U
O43 - CFD: 30/06/2015 - 06:05:26 - [] ----D C:\Program Files (x86)\GreatSavve4U =>PUP.GreatSave4U
O43 - CFD: 30/06/2015 - 06:05:30 - [] ----D C:\Program Files (x86)\GreeatSave4U =>PUP.GreatSave4U
O43 - CFD: 01/07/2015 - 18:43:58 - [] ----D C:\Program Files (x86)\MiuiTab
O43 - CFD: 11/07/2015 - 14:14:37 - [] ----D C:\Program Files (x86)\Moody Bird
O43 - CFD: 22/06/2015 - 19:06:01 - [] ----D C:\Program Files (x86)\PuricueMinuss =>PriceMinus
O43 - CFD: 09/07/2015 - 12:40:15 - [] ----D C:\Program Files (x86)\SafeKey
O43 - CFD: 22/06/2015 - 19:07:22 - [0] ----D C:\Program Files (x86)\Shortcuts for
O43 - CFD: 30/06/2015 - 06:02:56 - [] ----D C:\Program Files (x86)\Spanish translator for the web
O43 - CFD: 11/06/2015 - 07:21:13 - [] ----D C:\Program Files (x86)\version13CheckMeUp =>PUP.CrossRider
O43 - CFD: 01/07/2015 - 14:26:07 - [] ----D C:\ProgramData\1650abb000003a86
O43 - CFD: 29/06/2015 - 12:20:11 - [] ----D C:\ProgramData\301763747861404
O43 - CFD: 22/06/2015 - 19:04:11 - [] ----D C:\ProgramData\copkaodnlbabdmnkjaglbbabagdkioha
O43 - CFD: 08/06/2015 - 21:35:29 - [] ----D C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu
O43 - CFD: 06/07/2015 - 08:14:00 - [] ----D C:\ProgramData\{bea54fe9-d5e6-0cac-bea5-54fe9d5e3fa7}
O43 - CFD: 08/07/2014 - 08:11:07 - [] ----D C:\ProgramData\{C19CA186-4F06-4E22-A1E6-6BAB4723A0DE}
O43 - CFD: 24/06/2015 - 01:03:40 - [] ----D C:\ProgramData\{d52d1b17-142e-fa18-d52d-d1b171426c5c}
O43 - CFD: 01/07/2015 - 19:13:26 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
O43 - CFD: 01/07/2015 - 19:15:32 - [0] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
O43 - CFD: 09/06/2015 - 22:16:37 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
O43 - CFD: 18/03/2014 - 17:09:16 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 04/07/2015 - 23:29:20 - [] ----D C:\Users\daniel\AppData\Roaming\837570AA-1435768466-F1F4-C7E0-B7476E69595F
O43 - CFD: 10/06/2015 - 06:34:19 - [] ----D C:\Users\daniel\AppData\Roaming\Company Name
O43 - CFD: 30/06/2015 - 05:50:22 - [] ----D C:\Users\daniel\AppData\Roaming\One System Care
O43 - CFD: 30/06/2015 - 06:05:03 - [0] ----D C:\Users\daniel\AppData\Roaming\Store =>PUP.Nosibay
O43 - CFD: 30/06/2015 - 06:08:42 - [0] ----D C:\Users\daniel\AppData\Roaming\WTools =>PUP.Nosibay
O43 - CFD: 20/07/2015 - 15:32:52 - [] ----D C:\Users\daniel\AppData\Local\CEF
~ Program Folder: 145 Legitimates Filtered in 00mn 01s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.7C57380AB1F9DED092222FD0BC2D5248] - 01/08/2015 - 17:35:47 ---A- . (.Pas de propriétaire - Printer Communication System.) -- C:\Windows\System32\lxebcomm.dll [579584]
O44 - LFC:[MD5.5814570A476C70D753E35AEEDBB6752D] - 01/08/2015 - 17:35:48 ---A- . (...) -- C:\Windows\System32\LXEBinst.dll [495616]
O44 - LFC:[MD5.6AC513C203FFCE9BBBC385001A0354A5] - 01/08/2015 - 17:36:56 ---A- . (...) -- C:\Windows\System32\LexFiles.ulf [219035]
O44 - LFC:[MD5.3DCE7705F6770C90A616B149C261E8EE] - 11/08/2015 - 21:05:36 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [411133]
~ Files: 78 Legitimates Filtered in 03mn 48s



---\\ Déni du service (Local Security Authority) (O48)
~ LSA: 3 Legitimates Filtered in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\mfetdi2k.sys . (...) -- C:\Windows\System32\Drivers\mfetdi2k.sys (.not file.)
~ CSB: 23 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:13/08/2013 - 00:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:29/05/2012 - 14:53:30 ---A- . (.Windows (R) Codename Longhorn DDK provider - hpvhd 64bit support driver.) -- C:\Windows\System32\Drivers\cpqdfw.sys [27456]
O58 - SDL:22/05/2014 - 18:05:08 ---A- . (.NT Kernel Resources - NDISRD helper driver.) -- C:\Windows\System32\Drivers\ncdevice.sys [41248]
O58 - SDL:22/08/2013 - 13:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
O58 - SDL:08/06/2015 - 20:33:11 ---A- . (...) -- C:\Windows\System32\Drivers\webTinstMKTN84.sys [50216] =>PUP.CorsicaTechnologies
~ Drivers: 50 Legitimates Filtered in 00mn 09s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- chrome.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {1A9EA017-4105-436C-A446-A559FDB7B365} - (Yahoo!Search) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {1F34BC93-EBAB-45FC-B93D-35A6B77354E8} - (Yahoo!Search) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {2C559DF5-680F-4A37-9FAC-CEF784C7C076} - (Yahoo!Search) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {2f23ab71-4ac6-41f2-a955-ea576e553146} - (Bing) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (mystartsearch) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {47CE9170-5EC4-4300-875B-F2E4542D4FD1} - (Yahoo!Search) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {7861F1A5-9558-4216-9422-7013D4CFFE65} - (Yahoo!Search) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} - (e) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} - (WebSearch) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {D0A611A9-B524-45E0-868E-5B23374725E4} - (Propositions de recherche Amazon.fr) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {D4AFBF4B-0207-42C7-8174-8A311CEBEE33} - (Yahoo!Search) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {DECA3892-BA8F-44b8-A993-A466AD694AE4} - (Yahoo!) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {E733165D-CBCF-4FDA-883E-ADEF965B476C} - (Google) - http://www.mystartsearch.com =>PUP.StartSearch
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.2FBCDCE2E0BE12B1F6704E9BD912DA0F] [SPRF][11/08/2015] (...) -- C:\Users\daniel\AppData\Roaming\appdataFr25.bin [24]
~ Files: 1 Legitimates Filtered in 00mn 00s



---\\ Export de clés de registre aléatoires (O91)
[HKLM\Software\Wow6432Node\55f1280d-f6b3-d5fc-e780-af70b2396374] => Clé orpheline => Clé orpheline => Clé orpheline => Clé orpheline
~ Export Key Software: Scanned in 00mn 00s



---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PCSUSpeedTest_RASAPI32 =>Adware.ScriptHost
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PCSUSpeedTest_RASMANCS =>Adware.ScriptHost
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SpeedCheckerService_RASAPI32 =>PUP.InternetSpeedChecker
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SpeedCheckerService_RASMANCS =>PUP.InternetSpeedChecker
~ BTK: 87 Legitimates Filtered in 00mn 00s



---\\ Recherche de clés de registre CLSID (O101)
[HKCR\CLSID\{9371D643-9492-BCE9-D237-F50D3849DF5B}] (CheckMeUp) =>PUP.CrossRider
~ BCK: 5314 Legitimates Filtered in 00mn 31s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 22/07/1658 0 | (gupdate) . (...) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 22/07/1658 0 | (gupdatem) . (...) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 13/05/2013 1129760 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
SS - | Disabled 24/06/2015 125112 | (IHProtect Service) . (.XTab system.) - C:\Program Files (x86)\MiuiTab\ProtectService.exe =>Adware.AgentODR
SS - | Auto 14/04/2010 45736 | (lxebCATSCustConnectService) . (.Lexmark International, Inc..) - C:\windows\system32\spool\DRIVERS\x64\3\lxebserv.exe
SS - | Demand 29/07/2013 334608 | (McAWFwk) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe
SS - | Demand 17/07/2015 639456 | (McODS) . (.McAfee, Inc..) - C:\Program Files\mcafee\VirusScan\mcods.exe
SS - | Disabled 21/07/2015 368048 | (McOobeSv2) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
SS - | Auto 29/10/2014 38792 | C:\windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 07/07/2015 82128 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 25/02/2014 239616 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 21/07/2015 368048 | (HomeNetSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 13/01/2014 92160 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe =>.Hewlett-Packard Co
SR - | Auto 14/04/2010 1052328 | (lxeb_device) . (...) - C:\windows\system32\lxebcoms.exe
SR - | Auto 21/07/2015 782608 | (McAPExe) . (.McAfee, Inc..) - C:\Program Files\McAfee\MSC\McAPexe.exe
SR - | Auto 23/07/2015 1694152 | (mccspsvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe
SR - | Auto 21/07/2015 368048 | (McMPFSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 21/07/2015 368048 | (McNaiAnn) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
SR - | Auto 21/07/2015 368048 | (mcpltsvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
SR - | Auto 21/07/2015 368048 | (McProxy) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
SR - | Demand 29/06/2015 232656 | (mfefire) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
SR - | Auto 06/07/2015 373704 | (mfemms) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
SR - | Auto 29/06/2015 254792 | (mfevtp) . (.McAfee, Inc..) - C:\windows\system32\mfevtps.exe
SR - | Auto 11/07/2015 8016082 | (Moody Bird) . (...) - C:\Program Files (x86)\Moody Bird\Moody Bird.exe
SR - | Auto 21/07/2015 368048 | (MSK80Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 11/01/2014 290520 | (RtkAudioService) . (.Realtek Semiconductor.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
SR - | Demand 22/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Demand 22/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 22/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
~ Services: Scanned in 00mn 40s



---\\ Scan Additionnel (O88)
Database Version : 13008 - (31/05/2015)
Clés trouvées (Keys found) : 25
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 8
Fichiers trouvés (Files found) : 23

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0D466D0A-9895-4E6C-BB99-00CB1D182E00}] =>PUP.GreatSave4U^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3C9CE603-44CC-4997-A166-239E6186C6EF}] =>PUP.Shopperz^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}] =>PUP.LuckyTab^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9371D643-9492-BCE9-D237-F50D3849DF5B}] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99C7E8D0-1F51-44EA-8D5D-77F682E120A1}] =>PUP.GreatSave4U^
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}] =>Adware.Bandoo
[HKCU\Software\APN PIP] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>PUP.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>PUP.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\AskPartnerNetwork] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\AskPartnerNetwork] =>Toolbar.Ask
[HKCU\Software\Reimage] =>Rogue.ReimageRepair
[HKLM\Software\Reimage] =>Rogue.ReimageRepair
[HKCU\Software\HomeTab] =>PUP.CertifiedToolbar
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}] =>Toolbar.Yahoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar] =>Adware.IMBooster
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:WindApp =>PUP.Nosibay^
C:\Program Files (x86)\GrEaTSAvEo4U =>PUP.GreatSave4U^
C:\Program Files (x86)\GreatSavve4U =>PUP.GreatSave4U^
C:\Program Files (x86)\GreeatSave4U =>PUP.GreatSave4U^
C:\Program Files (x86)\version13CheckMeUp =>PUP.CrossRider^
C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu^
C:\Users\daniel\AppData\Roaming\Store =>PUP.Nosibay^
C:\Users\daniel\AppData\Roaming\WTools =>PUP.Nosibay^
C:\Users\daniel\AppData\Local\Temp\PremierOpinion =>Adware.PremierOpinion
C:\Windows\Tasks\Bidaily Synchronize Task =>PUP.BidailySync^
C:\Windows\System32\Tasks\Bidaily Synchronize Task =>PUP.BidailySync^
[HKCU\Software\ArenaHD] =>PUP.CrossRider^
[HKCU\Software\HQ Video Pro 3.1cV08.06-nv-ie] =>PUP.CrossRider^
[HKCU\Software\HighDefAction] =>PUP.CrossRider^
[HKCU\Software\ProductSetup] =>Adware.InstallCore^
[HKCU\Software\Store] =>PUP.Nosibay^
[HKCU\Software\WTools] =>PUP.Nosibay^
[HKCU\Software\WajIEnhance] =>PUP.Wajam^
[HKCU\Software\YorkNewCin] =>PUP.CrossRider^
[HKLM\Software\ArenaHD] =>PUP.CrossRider^
[HKLM\Software\HighDefAction] =>PUP.CrossRider^
[HKLM\Software\WebBar] =>PUP.WebBar^
[HKLM\Software\Wow6432Node\55f1280d-f6b3-d5fc-e780-af70b2396374] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\ArenaHD] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit^
[HKLM\Software\Wow6432Node\HighDefAction] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\SupDp] =>PUP.SupTab^
[HKLM\Software\Wow6432Node\YorkNewCin] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab^
[HKLM\Software\YorkNewCin] =>PUP.CrossRider^
[HKCR\CLSID\{9371D643-9492-BCE9-D237-F50D3849DF5B}] (CheckMeUp) =>PUP.CrossRider^
C:\Windows\Reimage.ini =>Rogue.ReimageRepair
~ Additionnel Scan: 192914 Items scanned in 01mn 37s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ AMI: 4 Legitimates Filtered in 00mn 00s



---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider
http://nicolascoolman.fr/pup-startsearch =>PUP.StartSearch
http://www.nicolascoolman.fr/blog/ =>PUP.GreatSave4U
http://www.nicolascoolman.fr/blog/ =>PUP.Shopperz
http://www.nicolascoolman.fr/blog/ =>PUP.LuckyTab
http://www.nicolascoolman.fr/blog/ =>PUP.Nosibay
http://www.nicolascoolman.fr/blog/ =>PUP.BidailySync
http://www.nicolascoolman.fr/blog/ =>Toolbar.AskBar
http://nicolascoolman.fr/pup-certifiedtoolbar =>PUP.CertifiedToolbar
http://nicolascoolman.fr/adware-installcore =>Adware.InstallCore
http://nicolascoolman.fr/rogue-reimagerepair =>Rogue.ReimageRepair
http://nicolascoolman.fr/pup-wajam =>PUP.Wajam
http://www.nicolascoolman.fr/blog/ =>PUP.WebBar
http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit
http://nicolascoolman.fr/adware-imbooster =>Adware.IMBooster
http://nicolascoolman.fr/pup-suptab =>PUP.SupTab
http://www.nicolascoolman.fr/blog/ =>PriceMinus
http://www.nicolascoolman.fr/blog/ =>PUP.Fuyu
http://www.nicolascoolman.fr/blog/ =>PUP.CorsicaTechnologies
Clé orpheline => Clé orpheline => Clé orpheline => Clé orpheline
http://nicolascoolman.fr/adware-scripthost =>Adware.ScriptHost
http://nicolascoolman.fr/pup-internetspeedchecker =>PUP.InternetSpeedChecker
http://www.nicolascoolman.fr/blog/ =>Adware.AgentODR
http://nicolascoolman.fr/pup-v9software =>PUP.V9Software
http://nicolascoolman.fr/adware-bandoo =>Adware.Bandoo
http://nicolascoolman.fr/toolbar-ask =>Toolbar.Ask
http://www.nicolascoolman.fr/blog/ =>PUP.Conduit
http://www.nicolascoolman.fr/blog/ =>Toolbar.Yahoo
http://nicolascoolman.fr/adware-premieropinion =>Adware.PremierOpinion
~ MSI: 29 link(s) detected in 00mn 00s



~ 704 Legitimates filtered by white list
End of the scan (585 lines in 07mn 40s)(0.10)

Publicité


Signaler le contenu de ce document

Publicité