~ Rapport de ZHPDiag v2014.2.23.20 - Nicolas Coolman (23/02/2014) ~ Lancé par Propriétaire (28/02/2014 09:35:04) ~ Adresse du Site Web http://nicolascoolman.webs.com ~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/ ~ Traduit par Nicolas Coolman ~ Etat de la version : ~ Liste blanche : Activée par le programme ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Not Found ---\\ Navigateurs Internet MSIE: Internet Explorer v8.0.6001.18702 MFIE: Mozilla Firefox 27.0.1 (Defaut) GCIE: Google Chrome v33.0.1750.117 ---\\ Informations sur les produits Windows ~ Langage: Français Microsoft Windows XP, 32-bit Service Pack 3 (Build 2600) Windows Automatic Updates : OK Windows Genuine Advantage : OK ---\\ Logiciels de protection du système Bitdefender Internet Security v17.15.0.682 Malwarebytes Anti-Malware version 1.75.0.1300 Ad-Aware Antivirus v10.5.3.4405 ---\\ Logiciels d'optimisation du système CCleaner v4.05 =>Piriform Ltd ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels Adobe Flash Player 12 Plugin Adobe Reader XI ---\\ Informations sur le système ~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 3071 MB (56% free) System Restore: Activé (Enable) System drive C: has 15 GB (15%) free of 98 GB ---\\ Mode de connexion au système ~ Computer Name: PC-FIXE ~ User Name: Propriétaire ~ All Users Names: SUPPORT_388945a0, Propriétaire, HelpAssistant, ASPNET, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89 Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Documents and Settings\Propriétaire\Application Data\ZHP\ ~ %AppData% : C:\Documents and Settings\Propriétaire\Application Data\ ~ %Desktop% : C:\Documents and Settings\Propriétaire\Bureau\ ~ %Favorites% : C:\Documents and Settings\Propriétaire\Favoris\ ~ %LocalAppData% : C:\Documents and Settings\Propriétaire\Local Settings\Application Data\ ~ %StartMenu% : C:\Documents and Settings\Propriétaire\Menu Démarrer\ ~ %Windir% : C:\WINDOWS\ ~ %System% : C:\WINDOWS\system32\ ---\\ Enumération des unités disques A: Floppy drive, Flash card reader, USB Key (Not Inserted) C: Hard drive, Flash drive, Thumb drive (Free 15 Go of 98 Go) D: Hard drive, Flash drive, Thumb drive (Free 14 Go of 55 Go) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date ~ Security Center: 38 Legitimates Filtered in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\Explorer.exe [1037824] [MD5.2988BFF8257A55EA8AFD038F49F81A34] - (.Microsoft Corporation - Internet Extensions for Win32.) (.06/02/2014 - 00:20:01.) -- C:\WINDOWS\system32\wininet.dll [920064] [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [512000] [MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496] [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 10:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512] [MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744] [MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976] [MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672] [MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384] [MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144] [MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112] [MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832] [MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264] [MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320] [MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816] [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976] [MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384] [MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328] [MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 10:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224] [MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/04/2008 - 19:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752] [MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376] ~ Generic Processes: Scanned in 00mn 01s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/917 ~ Mes musiques (My Musics) : 1/725 ~ Mes Videos (My Videos) : 2/16 ~ Mes Favoris (My Favorites) : 1/8 ~ Mes Documents (My Documents) : 1/1896 ~ Mon Bureau (My Desktop) : 0/71 ~ Menu demarrer (Programs) : 1/36 ~ Hidden Files: Scanned in 00mn 04s ---\\ Processus lancés [MD5.67E0E806FDA7D2ABC22D28A429489FF4] - (.Bitdefender - Bitdefender Security Service.) -- C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1234792] [PID.1296] [MD5.43E17DA549BC8219EEE90AA9C6480AAA] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [643072] [PID.1584] [MD5.AE1671A3C798A3467DE5E7DD12179803] - (.Lavasoft Limited - Ad-Aware Antivirus Service.) -- C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe [1236336] [PID.1568] [MD5.F518545E5B7623AD49ABE7F8776EFA46] - (.Apple Inc. - YSLoader.exe.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336] [PID.1580] [MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.1976] [MD5.CFE4BD7C25A750D71A5BD2390953BEB6] - (.Microsoft Corporation - IType.exe.) -- C:\Program Files\Microsoft IntelliType Pro\itype.exe [1313640] [PID.1672] [MD5.DDEBDE2BE6DCAD0F5E70A81364210E84] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe [18671104] [PID.2076] [MD5.9D519AAA21E622DF7DF27041E0917499] - (.Pas de propriétaire - DedicarzService.) -- C:\Program Files\Orange\Assistance Livebox\dedicarz\DedicarzService.exe [1966960] [PID.2228] [MD5.F61ED58B79BAEA691D9295D36A380EB3] - (.Bitdefender - Bitdefender Agent.) -- C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1839896] [PID.2756] [MD5.F3C41B7AE649AEBD81DB698BECBE351E] - (.Lavasoft - Ad-Aware Browsing Protection and Anti-Phish.) -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe [554384] [PID.2804] [MD5.C34411A244029F1C08687F7C752C4563] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [73728] [PID.2864] [MD5.FB1A303207C1124C2B61A50E5A32AC21] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968] [PID.2932] [MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.3024] [MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.3204] [MD5.B4E6C1B28AF8806008CB654C716ABAFA] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [152392] [PID.3388] [MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.3528] [MD5.E59AFB64C2F6E0C99350E1C944C75088] - (.Nero AG - NeroUpdate.) -- C:\Program Files\Nero\Update\NASvc.exe [762192] [PID.3532] [MD5.F1A20B296E03BA69D349DA5038AB6F58] - (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1095000] [PID.3560] [MD5.D6D36A01E927480C19333C5A7FB8DE49] - (...) -- C:\Program Files\Orange\Orange Installer\OrangeInstaller.exe [525248] [PID.3696] [MD5.AB96F5AEACBE09B9EB22D0EFEA87EB60] - (.Mega System Technologies, Inc. - Rupsd MFC Application.) -- C:\Program Files\Megatec\RUPS 2000\Rupsd.exe [131072] [PID.3728] [MD5.7C60BEB05D4A41783FBFCD8DB791E45F] - (.Orange - Executable Orange Inside.) -- C:\Documents and Settings\Propriétaire\Application Data\Orange\OrangeInside\one\OrangeInside.exe [1526272] [PID.3764] [MD5.99FC1599F89A80216E41175B8CA44D89] - (.GFI Software - GFI Software Anti Malware Service.) -- C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe [3677000] [PID.728] [MD5.F6987FF6C6D683F79FDCE707B071A997] - (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe [955392] [PID.2280] [MD5.033BFF27900941ABA27FF95CAAB27D9A] - (.Bitdefender - Bitdefender Password Manager Agent.) -- C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [481880] [PID.3112] [MD5.10273EAAC177B75F0ABFA995489F15DF] - (.Bitdefender - Bitdefender Application Password Manager Ag.) -- C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe [614232] [PID.3280] [MD5.4C8942B8721813E5C8874D47112DCF73] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe [2741616] [PID.1416] [MD5.A40824624D8667FE31333B0CEB936169] - (.Sony - Sony PC Companion.) -- C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [449760] [PID.1576] [MD5.DFB13D3470844B6770FFB87DFC9FD340] - (.Orange - MailNotifier.) -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe [884744] [PID.3104] [MD5.693284363914C14E4C91A7660894B3D5] - (.Bitdefender - Bitdefender Update Service.) -- C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [54424] [PID.940] [MD5.9AD31D8018B72E1013CFD012619E0232] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.exe [182272] [PID.4068] [MD5.811F51677FC219235A9A359CBBAC9C28] - (.Mega System Technologies, Inc. - Rupsw32.) -- C:\Program Files\Megatec\RUPS 2000\Rupsw32.exe [40960] [PID.3328] [MD5.BB4CEE22CFE1C259F5C4279349EB879C] - (.Orange - Assistance Livebox.) -- C:\Program Files\Orange\Assistance Livebox\AssistanceLivebox.exe [149824] [PID.3260] [MD5.0F6D06A88A88007AAEE5F0EE1ECE42E4] - (...) -- C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe [70880] [PID.1016] [MD5.749949494676218FFA99501F4AA22ECC] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe [10376704] [PID.596] [MD5.4EE367B8B1964160A1F1B80095183D3A] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin [10368512] [PID.1780] [MD5.9EDFB86FAA07BFED3C3D00211FAB6D82] - (.Orange - Assistance Livebox.) -- C:\Program Files\Orange\Assistance Livebox\dist\ST2.exe [13446464] [PID.1432] [MD5.F54250B7BAC653F78AFA8ECE33ED65D5] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [553288] [PID.3968] [MD5.42FEDBCB3ED926F6F529E0FDDF750BE0] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8339968] [PID.4692] ~ Processes Running: Scanned in 00mn 07s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences ~ Google Browser: 0 Legitimates Filtered in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\e4dfrq3q.default\prefs.js C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\e4dfrq3q.default\user.js M2 - MFEP: prefs.js [Propriétaire - e4dfrq3q.default\{87934c42-161d-45bc-8cef-ef18abe2a30c}] [] Ad-Aware Security Add-on v3.7 (..) ~ Firefox Browser: 18 Legitimates Filtered in 00mn 01s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 20 ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: EPSON Web-To-Page - [HKLM]{EE5D279F-081B-4404-994D-C6B60AAEBA6D} . (.SEIKO EPSON CORPORATION - EPSON Web-To-Page.) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{EE5D279F-081B-4404-994D-C6B60AAEBA6D} Clé orpheline ~ Toolbar: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\Program [AllUsers]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - GS\Program [AllUsers]: MSN.lnk . (.Microsoft Corporation - Win32 Cabinet Self-Extractor.) -- C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe =>.Microsoft Corporation O4 - GS\Program [AllUsers]: Windows Messenger.lnk . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O4 - GS\Program [Propriétaire]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Global Startup: 14 Legitimates Filtered in 00mn 02s ---\\ Applications lancées au démarrage du sytème (O4) O4 - GS\Program [AllUsers]: RUPS Daemon.lnk . (.Mega System Technologies, Inc. - Rupsw32.) -- C:\Program Files\Megatec\RUPS 2000\Rupsw32.exe O4 - GS\Program [Propriétaire]: Assistance Livebox.lnk . (.Orange - Assistance Livebox.) -- C:\Program Files\Orange\Assistance Livebox\AssistanceLivebox.exe O4 - GS\Program [Propriétaire]: OpenOffice.org 3.4.1.lnk . (...) -- C:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - HKLM\..\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc O4 - HKLM\..\Run: [itype] . (.Microsoft Corporation - IType.exe.) -- c:\Program Files\Microsoft IntelliType Pro\itype.exe O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe =>.Realtek Semiconductor Corp O4 - HKLM\..\Run: [Bdagent] . (.Bitdefender - Bitdefender Agent.) -- C:\Program Files\Bitdefender\Bitdefender\bdagent.exe O4 - HKLM\..\Run: [DivXMediaServer] . (.DivX, LLC - DivX DLNA Media Server.) -- C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] . (.Lavasoft - Ad-Aware Browsing Protection and Anti-Phish.) -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe O4 - HKLM\..\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax] . (.MainConcept GmbH - MPEG-1/2 Demultiplexer.) -- C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [GarminExpressTrayApp] . (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files\Garmin\Express Tray\ExpressTray.exe O4 - HKCU\..\Run: [Orange Installer] . (...) -- C:\Program Files\Orange\Orange Installer\OrangeInstaller.exe O4 - HKCU\..\Run: [orangeinside] . (.Orange - Executable Orange Inside.) -- C:\Documents and Settings\Propriétaire\Application Data\Orange\OrangeInside\one\OrangeInside.exe O4 - HKCU\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [Bitdefender Wallet Agent] . (.Bitdefender - Bitdefender Password Manager Agent.) -- C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe O4 - HKCU\..\Run: [Bitdefender Agent de l'application Wallet] . (.Bitdefender - Bitdefender Application Password Manager Ag.) -- C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe O4 - HKCU\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe O4 - HKCU\..\Run: [Sony PC Companion] . (.Sony - Sony PC Companion.) -- C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe O4 - HKCU\..\Run: [MailNotifier] . (.Orange - MailNotifier.) -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.exe =>.Epson Seiko Corporation O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\.DEFAULT\..\Run: [Bitdefender Wallet Agent] . (.Bitdefender - Bitdefender Password Manager Agent.) -- C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe O4 - HKUS\.DEFAULT\..\Run: [Bitdefender Wallet] . (.Bitdefender - Bitdefender Password Manager.) -- C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe O4 - HKUS\.DEFAULT\..\Run: [Bitdefender Agent de l'application Wallet] . (.Bitdefender - Bitdefender Application Password Manager Ag.) -- C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-18\..\Run: [Bitdefender Wallet Agent] . (.Bitdefender - Bitdefender Password Manager Agent.) -- C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe O4 - HKUS\S-1-5-18\..\Run: [Bitdefender Wallet] . (.Bitdefender - Bitdefender Password Manager.) -- C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe O4 - HKUS\S-1-5-18\..\Run: [Bitdefender Agent de l'application Wallet] . (.Bitdefender - Bitdefender Application Password Manager Ag.) -- C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-21-1454471165-413027322-1417001333-1003\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-1454471165-413027322-1417001333-1003\..\Run: [GarminExpressTrayApp] . (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files\Garmin\Express Tray\ExpressTray.exe O4 - HKUS\S-1-5-21-1454471165-413027322-1417001333-1003\..\Run: [Orange Installer] . (...) -- C:\Program Files\Orange\Orange Installer\OrangeInstaller.exe O4 - HKUS\S-1-5-21-1454471165-413027322-1417001333-1003\..\Run: [orangeinside] . (.Orange - Executable Orange Inside.) -- C:\Documents and Settings\Propriétaire\Application Data\Orange\OrangeInside\one\OrangeInside.exe O4 - HKUS\S-1-5-21-1454471165-413027322-1417001333-1003\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKUS\S-1-5-21-1454471165-413027322-1417001333-1003\..\Run: [Bitdefender Wallet Agent] . (.Bitdefender - Bitdefender Password Manager Agent.) -- C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe O4 - HKUS\S-1-5-21-1454471165-413027322-1417001333-1003\..\Run: [Bitdefender Agent de l'application Wallet] . (.Bitdefender - Bitdefender Application Password Manager Ag.) -- C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe O4 - HKUS\S-1-5-21-1454471165-413027322-1417001333-1003\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe O4 - HKUS\S-1-5-21-1454471165-413027322-1417001333-1003\..\Run: [Sony PC Companion] . (.Sony - Sony PC Companion.) -- C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe O4 - HKUS\S-1-5-21-1454471165-413027322-1417001333-1003\..\Run: [MailNotifier] . (.Orange - MailNotifier.) -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe O4 - HKUS\S-1-5-21-1454471165-413027322-1417001333-1003\..\Run: [EPSON Stylus DX8400 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.exe =>.Epson Seiko Corporation ~ Application: Scanned in 00mn 02s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} ((no name)) - http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1375362149546 ~ Objets ActiveX: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{9B034A5B-5934-4EA5-9BD0-3CB65956808A}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{9B034A5B-5934-4EA5-9BD0-3CB65956808A}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{9B034A5B-5934-4EA5-9BD0-3CB65956808A}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\system32\Ati2evxx.dll O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Dedicarz Service (Dedicarz Service) . (.Pas de propriétaire - DedicarzService.) - C:\Program Files\Orange\Assistance Livebox\dedicarz\DedicarzService.exe O23 - Service: Rupsd (Rupsd) . (.Mega System Technologies, Inc. - Rupsd MFC Application.) - C:\Program Files\Megatec\RUPS 2000\Rupsd.exe O23 - Service: Bitdefender Virus Shield (VSSERV) . (.Bitdefender - Bitdefender Security Service.) - C:\Program Files\Bitdefender\Bitdefender\vsserv.exe ~ Services: 16 Legitimates Filtered in 00mn 14s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Wallpaper1.bmp ~ Desktop Component: 4 Legitimates Filtered in 00mn 00s ---\\ Enumère les données de BootExecute (BEX) (O34) O34 - HKLM BootExecute: (Autocheck autochk * ) - File not found ~ BEX: 1 Legitimates Filtered in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Ad-Aware Antivirus Scheduled Scan.job [1098] O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Nero Info.job [296] O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Wise Registry Cleaner 4.job [478] ~ Scheduled Task: 12 Legitimates Filtered in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: RUPS 2000 - (.Megatec.) [HKLM] -- {99D9824A-71EA-4870-AADA-D1FABC69A959} ~ Logic: 30 Legitimates Filtered in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\ToolbarCleaner] [HKLM\Software\MegaTec] ~ Key Software: 352 Legitimates Filtered in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 03/12/2013 - 10:14:58 - [1,632] ----D C:\Program Files\GUMA8E.tmp O43 - CFD: 02/08/2013 - 21:54:16 - [3,287] ----D C:\Program Files\Megatec O43 - CFD: 14/10/2013 - 12:38:44 - [0] ----D C:\Program Files\ss helper =>Adware.SaveShare O43 - CFD: 01/10/2013 - 11:00:25 - [1,272] ----D C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection O43 - CFD: 08/10/2013 - 14:33:55 - [4,604] ----D C:\Documents and Settings\All Users\Application Data\InstallMate O43 - CFD: 04/10/2013 - 15:51:46 - [0] ----D C:\Documents and Settings\Propriétaire\Application Data\31768 O43 - CFD: 09/10/2013 - 15:44:06 - [0] ----D C:\Documents and Settings\Propriétaire\Application Data\31972 O43 - CFD: 09/10/2013 - 16:06:25 - [0] ----D C:\Documents and Settings\Propriétaire\Application Data\3577 O43 - CFD: 01/10/2013 - 10:59:58 - [0,014] ----D C:\Documents and Settings\Propriétaire\Application Data\SecureSearch ~ Program Folder: 194 Legitimates Filtered in 01mn 02s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.771BA4AD9DAF5157DB0835E80C625D04] - 21/02/2014 - 12:47:07 ---A- . (...) -- C:\WINDOWS\B51a_Down.INI [53] O44 - LFC:[MD5.9AD5326A6FD0C5C1D281FE40070550E9] - 26/02/2014 - 15:47:50 ---A- . (...) -- C:\bdlog.txt [52230] O44 - LFC:[MD5.E3DB772C2E5F29748C519A6D03C0450E] - 26/02/2014 - 15:52:07 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.B057DF8164C9A13A6EF118A1AA5D9143] - 26/02/2014 - 15:52:09 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159] ~ Files: 12 Legitimates Filtered in 00mn 48s ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll ~ ShellExecuteHooks: Scanned in 00mn 00s ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "C:\Program Files\Orange\Assistance Livebox\dedicarz\DedicarzService.exe" [Enabled] .(..) -- C:\Program Files\Orange\Assistance Livebox\dedicarz\DedicarzService.exe O47 - AAKE:Key Export SP - "C:\Program Files\Orange\Assistance Livebox\dedicarz\LiveboxManager.exe" [Enabled] .(.Pas de propriétaire.) -- C:\Program Files\Orange\Assistance Livebox\dedicarz\LiveboxManager.exe O47 - AAKE:Key Export SP - "C:\Program Files\Orange\Assistance Livebox\dedicarz\PluginLivebox.exe" [Enabled] .(.Pas de propriétaire.) -- C:\Program Files\Orange\Assistance Livebox\dedicarz\PluginLivebox.exe O47 - AAKE:Key Export SP - "C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\dtUser.exe" [Enabled] .(.Visicom Media Inc..) -- C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\dtUser.exe O47 - AAKE:Key Export SP - "C:\Program Files\Apowersoft\MKV Converter Studio\MKV Converter Studio.exe" [Enabled] .(...) -- C:\Program Files\Apowersoft\MKV Converter Studio\MKV Converter Studio.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\Orange\Orange Installer\OrangeInstaller.exe" [Enabled] .(.Pas de propriétaire.) -- C:\Program Files\Orange\Orange Installer\OrangeInstaller.exe ~ Keys Export: 18 Legitimates Filtered in 00mn 02s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:[MD5.D48659BB24C48345D926ECB45C1EBDF5] - 01/08/2013 - 14:32:17 ---A- . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- C:\WINDOWS\system32\Drivers\ASACPI.sys [5810] O58 - SDL:[MD5.14CA41A657A9638C40D493664F29E4C5] - 22/07/2008 - 14:50:26 ---A- . (.Windows (R) Codename Longhorn DDK provider - BulkUsb Driver.) -- C:\WINDOWS\system32\Drivers\chorus2usb.sys [18048] O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 14/04/2008 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\Drivers\cinemst2.sys [262528] O58 - SDL:[MD5.483924F92E55A5F9423201EC635E2CED] - 01/10/2013 - 10:57:07 ---A- . (.GFI Software - GFI Boot Time Operations Driver.) -- C:\WINDOWS\system32\Drivers\gfibto.sys [13560] O58 - SDL:[MD5.573C7D0A32852B48F3058CFD8026F511] - 14/04/2008 - 13:00:00 ---A- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\hdaudbus.sys [144384] O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 14/04/2008 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\Drivers\ptilink.sys [17792] O58 - SDL:[MD5.E5B0DB8C567020DA63AB0E2FBC097807] - 05/10/2001 - 04:02:00 ---A- . (.Mega Inc. - UPS2501.) -- C:\WINDOWS\system32\Drivers\ups2501_XP.sys [5344] O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 14/04/2008 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\Drivers\vdmindvd.sys [58112] O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097] O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912] O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537] O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146] O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000] O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560] O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648] O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424] O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560] ~ Drivers: 5 Legitimates Filtered in 00mn 06s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Liste les services legacy du registre (LALS) (O64) O64 - Services: CurCS - 10/06/2013 - C:\Program Files\Orange\Assistance Livebox\dedicarz\DedicarzService.exe (Dedicarz Service) .(.Pas de propriétaire - DedicarzService.) - LEGACY_DEDICARZ_SERVICE O64 - Services: CurCS - 21/07/2008 - C:\Program Files\Megatec\RUPS 2000\Rupsd.exe (Rupsd) .(.Mega System Technologies, Inc. - Rupsd MFC Application.) - LEGACY_RUPSD O64 - Services: CurCS - 05/10/2001 - C:\WINDOWS\system32\Drivers\ups2501_XP.sys (ups2501_xp) .(.Mega Inc. - UPS2501.) - LEGACY_UPS2501_XP ~ Legacy: 136 Legitimates Filtered in 00mn 01s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - http://r.orange.fr ~ Keys: Scanned in 00mn 00s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.908D18DF83973D7C41342819FF2A4119] [SPRF][02/08/2013] (...) -- C:\Documents and Settings\All Users\Application Data\1375456765.bdinstall.bin [613961] [MD5.C3BA15D1BCBA079E0D4A735992B59084] [SPRF][20/08/2013] (...) -- C:\Documents and Settings\All Users\Application Data\1376995709.1216.bin [1641] [MD5.E478B72E984EE47ABD43B489B01BDDC8] [SPRF][20/08/2013] (...) -- C:\Documents and Settings\All Users\Application Data\1376995709.1732.bin [2261] [MD5.FFE38AA03BB5500719CD42FAED9EFF7D] [SPRF][20/08/2013] (...) -- C:\Documents and Settings\All Users\Application Data\1376995709.2208.bin [4050] [MD5.F2F92E42C61A9D8728B1EC1E0515F0DA] [SPRF][20/08/2013] (...) -- C:\Documents and Settings\All Users\Application Data\1376995709.2420.bin [94409] [MD5.CDF1D8889C918EC1F377E141A8158543] [SPRF][20/08/2013] (...) -- C:\Documents and Settings\All Users\Application Data\1376996146.1792.bin [6404] [MD5.4A0A19A1AA0A8A6A0617AA8C8880948F] [SPRF][20/08/2013] (...) -- C:\Documents and Settings\All Users\Application Data\1376996146.2732.bin [53646] [MD5.42A30405E6B20DF978EB5217621DC4E3] [SPRF][20/08/2013] (...) -- C:\Documents and Settings\All Users\Application Data\1376996146.3800.bin [2261] [MD5.8D17B487DA9634EBCD6BFA7539B79E32] [SPRF][20/08/2013] (...) -- C:\Documents and Settings\All Users\Application Data\1376996146.4016.bin [94410] [MD5.8CCA019397EA94C6E376BB5D9CF692B0] [SPRF][20/08/2013] (...) -- C:\Documents and Settings\All Users\Application Data\1376996812.bdinstall.bin [92040] [MD5.1CC4665045D4662476A3236107252C47] [SPRF][20/08/2013] (...) -- C:\Documents and Settings\All Users\Application Data\1376996865.bdinstall.bin [617516] [MD5.32195D5D7F6729216D7557A9E34AF32D] [SPRF][08/12/2013] (...) -- C:\Documents and Settings\All Users\Application Data\lpm.dat [10498] ~ Files: 15 Legitimates Filtered in 00mn 01s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 21/02/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe SS - | Disabled 26/02/2013 62688 | (BdDesktopParental) . (.Bitdefender.) - C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe SS - | Demand 14/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe SS - | Auto 13/12/2013 250712 | (Garmin Core Update Service) . (.Garmin Ltd or its subsidiaries.) - C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe SS - | Auto 01/08/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 01/08/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 15/02/2014 118896 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe SS - | Auto 29/08/2013 1073160 | (Orange update Core Service) . (.Orange SA.) - C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe SS - | Demand 04/02/2013 155824 | (Sony PC Companion) . (.Avanquest Software.) - C:\Program Files\Sony\Sony PC Companion\PCCService.exe SR - | Auto 13/06/2013 1236336 | (Ad-Aware Service) . (.Lavasoft Limited.) - C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe SR - | Auto 07/01/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe SR - | Auto 16/11/2012 643072 | (Ati HotKey Poller) . (.ATI Technologies Inc..) - C:\WINDOWS\system32\Ati2evxx.exe SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SR - | Auto 10/06/2013 1966960 | (Dedicarz Service) . (...) - C:\Program Files\Orange\Assistance Livebox\dedicarz\DedicarzService.exe SR - | Demand 06/02/2014 553288 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe SR - | Auto 04/03/2011 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe SR - | Auto 18/07/2013 762192 | (NAUpdate) . (.Nero AG.) - C:\Program Files\Nero\Update\NASvc.exe SR - | Auto 21/07/2008 131072 | (Rupsd) . (.Mega System Technologies, Inc..) - C:\Program Files\Megatec\RUPS 2000\Rupsd.exe SR - | Auto 20/09/2012 3677000 | (SBAMSvc) . (.GFI Software.) - C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe SR - | Auto 22/10/2013 54424 | (UPDATESRV) . (.Bitdefender.) - C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe SR - | Auto 05/02/2014 1234792 | (VSSERV) . (.Bitdefender.) - C:\Program Files\Bitdefender\Bitdefender\vsserv.exe ~ Services: Scanned in 00mn 20s ---\\ Scan Additionnel (O88) Database Version : 13031 - (23/02/2014) Clés trouvées (Keys found) : 2 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 2 Fichiers trouvés (Files found) : 0 [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Orange [HKLM\Software\Google\Chrome\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole] =>Toolbar.AdAware C:\Program Files\ss helper =>Adware.SaveShare^ C:\Documents and Settings\All Users\Application Data\InstallMate =>PUP.Tarma ~ Additionnel Scan: 271769 Items scanned in 00mn 24s ---\\ Récapitulatif des détections trouvées sur votre station ~ http://nicolascoolman.webs.com/apps/blog/show/31929570-adware-saveshare =>Adware.SaveShare ~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma ~ MSI: 2 link(s) detected in 00mn 24s ~ 1006 Legitimates filtered by white list End of the scan (522 lines in 03mn 36s)(0)