~ Rapport de ZHPDiag v2014.3.21.21 - Nicolas Coolman  (21/03/2014)
~ Lancé par isabelle (21/03/2014 19:38:14)
~ Adresse du Site Web  http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version : 
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16521

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 3Q6C9
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
Windows Defender W7

---\\ Logiciels d'optimisation du système
CCleaner v3.02 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 12 Plugin

---\\ Informations sur le système
~ Processor: AMD64 Family 16 Model 6 Stepping 3, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3839 MB (62% free)
System Restore: Activé (Enable)
System drive C: has 212 GB (36%) free of 586 GB

---\\ Mode de connexion au système
~ Computer Name: ZAZA
~ User Name: isabelle
~ All Users Names: Mcx1-ZAZA, isabelle, isa, HomeGroupUser$, Administrateur, 
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\isabelle\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\isabelle\AppData\Roaming\
~ %Desktop% : C:\Users\isabelle\Desktop\
~ %Favorites% : C:\Users\isabelle\Favorites\
~ %LocalAppData% : C:\Users\isabelle\AppData\Local\
~ %StartMenu% : C:\Users\isabelle\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 212 Go of 586 Go)
D: Hard drive, Flash drive, Thumb drive (Free 1 Go of 10 Go)
F: CD-ROM drive (Not Inserted)
Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 44 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.DF79CE9B950C62677D232154E93A81C7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.01/03/2014 - 04:10:28.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.83D2D75E1EFB81B3450C18131443F7DB] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/07/2009 - 00:19:54.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/14
~ Mes musiques (My Musics) : 12/209
~ Mes Videos (My Videos) : 1/5
~ Mes Favoris (My Favorites) : 1/20
~ Mes Documents (My Documents) : 1/2534
~ Mon Bureau (My Desktop) : 2/4460
~ Menu demarrer (Programs) : 1/3
~ Hidden Files:  Scanned in 00mn 13s



---\\ Processus lancés
[MD5.9C65C4F46BB75904B8B843724971E020] - (.SEIKO EPSON CORPORATION - MyEpson Portal.) -- C:\Program Files (x86)\EPSON\MyEPSON Connect\mep.exe   [2387520] [PID.1624]
[MD5.554A50B5310E702029D3A675459108FF] - (.Hewlett-Packard - hpsysdrv.) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe   [62768] [PID.704]
[MD5.F02A533F517EB38333CB12A9E8963773] - (.Google Inc. - Programme d'installation de Google.) -- C:\Users\isabelle\AppData\Local\Google\Update\GoogleUpdate.exe   [136176] [PID.2212]
[MD5.0FF101F5C767393195602237E211B311] - (.Logitech Inc. - Logitech Vid HD.) -- C:\Program Files (x86)\Logitech\Vid HD\Vid.exe   [6123032] [PID.1084]
[MD5.70EA13A41C0D9D31343EC203A629F801] - (.Ares Development Group - Ares p2p for windows.) -- C:\Program Files (x86)\Ares\Ares.exe   [3209216] [PID.1212]
[MD5.58920E6A409046BA06548D9D139CE0F0] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe   [20584608] [PID.3488]
[MD5.5516C26A6AF8EB4E2CAB48EC98A74398] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe   [54576] [PID.2140]
[MD5.A2418D3C557C0A0C634DA713A8AC3789] - (.Logitech Inc. - Logitech Webcam Software.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe   [205336] [PID.3872]
[MD5.FB1A303207C1124C2B61A50E5A32AC21] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe   [1861968] [PID.896]
[MD5.550B8CB98A8FA1D7A1A7371055A38DDA] - (...) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe   [265240] [PID.2344]
[MD5.902054D6B4292329F9594FFF24EE02DB] - (...) -- C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe   [680984] [PID.1204]
[MD5.A9182CE59CFC56F9C1DDE8B3C0AE8378] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe   [274840] [PID.4024]
[MD5.5331DC9D1C88840326F68C2C531A82A7] - (.Logitech, Inc. - Logitech Updater.) -- C:\Users\isabelle\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LULnchr.exe   [351248] [PID.3588]
[MD5.235D42833F2F89083FA70B9787899846] - (.Logitech, Inc. - Logitech Updater.) -- C:\Users\isabelle\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LogitechUpdate.exe   [1353232] [PID.2400]
[MD5.76CD1E85DDE35D3791825EABBCBC53A0] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [8250368] [PID.4724]
[MD5.67A95B9D129ED5399E7965CD09CF30E7] - (.Logitech Inc. - Logitech User mode UMVPF service.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe   [450848] [PID.956]
[MD5.F401929EE0CC92BFE7F15161CA535383] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe   [55184] [PID.1508]
[MD5.CA793DCC1D5F619021EF1D37CC7A831E] - (.EasyBits Software AS - Shared EasyBits services for Windows.) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe   [514232] [PID.1916]
[MD5.7550D101BF49FDB1F92666A233EE36C4] - (.Hewlett-Packard Company - LightScribe Service.) -- c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe   [73728] [PID.2004]
[MD5.213F5D05EE522E7321C513D4A6A318E0] - (.SEIKO EPSON CORPORATION - MyEpson Portal Service.) -- C:\Program Files (x86)\EPSON\MyEPSON Connect\mepService.exe   [703616] [PID.1028]
[MD5.7D2633295EB6FF2B938185874884059D] - (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe   [935208] [PID.1444]
[MD5.BDF850D185B2344C7811B79E49050188] - (.PDF Complete Inc - Dispatcher.) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe   [635416] [PID.2156]
[MD5.B94C3C4DCA2093243C76CA218EDE2A97] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe   [209768] [PID.2544]
[MD5.BFDB58616FF5EA540A5F58301D50641E] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe   [483688] [PID.2772]
[MD5.C523F582AB537293844596CE66D76125] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe   [821664] [PID.3344]
~ Processes Running:  Scanned in 00mn 01s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
C:\Users\isabelle\AppData\Roaming\Mozilla\Firefox\Profiles\2ruridje.default\prefs.js
M2 - MFEP: prefs.js [isabelle - 2ruridje.default\{40a1f5d7-afc2-498f-b264-02668d616ff6}] [] Mega Manager Integration v1.1 (..)
~ Firefox Browser: 24 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: cam.lnk . (...)  -- C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\HelpMain\launchershortcut.exe
O4 - GS\Desktop [Public]: EPSON Scan.lnk . (.SEIKO EPSON CORP. - EPSON Scan.)  -- C:\Windows\twain_32\escndv\escndv.exe 
O4 - GS\Desktop [Public]: Euro Truck Simulator.lnk . (...)  -- C:\Program Files (x86)\Euro Truck Simulator\eurotrucks.exe
O4 - GS\Desktop [Public]: GetDataBack for NTFS.lnk . (.Runtime Software - GetDataBack for NTFS Data Recovery.)  -- C:\Program Files (x86)\Runtime Software\GetDataBack for NTFS\gdbnt.exe 
O4 - GS\Desktop [Public]: HP games.lnk . (.WildTangent - WildTangent Games App.)  -- C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe 
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.)  -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
O4 - GS\Desktop [Public]: Video Converter Studio.lnk . (.Apowersoft - Video Converter Studio.)  -- C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe 
O4 - GS\Desktop [Public]: Vuze.lnk . (...)  -- C:\Program Files (x86)\Vuze\Azureus.exe (.not file.) =>P2P.Azureus
O4 - GS\Program [Public]: LabelPrint.lnk . (.CyberLink Corp. - LabelPrint.)  -- C:\Program Files (x86)\Cyberlink\LabelPrint\LabelPrint.exe 
O4 - GS\Program [Public]: Magic Desktop.lnk . (.EasyBits Software AS - EasyBits Security Shield.)  -- C:\Program Files (x86)\EasyBits For Kids\ezSecShield.exe  =>.EasyBits Software AS
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.)  -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
O4 - GS\Program [Public]: Power2Go.lnk . (.CyberLink Corp. - Power2Go.)  -- C:\Program Files (x86)\Cyberlink\Power2Go\Power2Go.exe 
O4 - GS\Program [Public]: Vuze.lnk . (...)  -- C:\Program Files (x86)\Vuze\Azureus.exe (.not file.) =>P2P.Azureus
O4 - GS\QuickLaunch [isabelle]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\QuickLaunch [isabelle]: Video Converter Studio.lnk . (.Apowersoft - Video Converter Studio.)  -- C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe 
O4 - GS\QuickLaunch [isabelle]: Vuze.lnk . (...)  -- C:\Program Files (x86)\Vuze\Azureus.exe (.not file.) =>P2P.Azureus
O4 - GS\TaskBar [isabelle]: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Users\isabelle\AppData\Local\Google\Chrome\Application\chrome.exe 
O4 - GS\TaskBar [isabelle]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe 
O4 - GS\Desktop [isabelle]: HP Support Assistant.lnk . (.Hewlett-Packard Company - HP Support Assistant.)  -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe  =>.Hewlett-Packard Co
O4 - GS\QuickLaunch [isa]: France-cotation.lnk - Clé orpheline
O4 - GS\QuickLaunch [isa]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\QuickLaunch [isa]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.)  -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
O4 - GS\TaskBar [isa]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\TaskBar [isa]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.)  -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
O4 - GS\Program [isa]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\Program [isa]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\SystemTools [isa]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\Desktop [isa]: Accelerer PC.lnk . (...)  -- C:\Program Files (x86)\Accelerer PC\PCSpeedUp-Start.bat "C:\Program Files (x86)\Accelerer PC" "C:\Program Files (x86)\Accelerer PC\PCSpeedUp.xap" PCSU (.not file.) =>Rogue.PCSpeedUp
O4 - GS\Desktop [isa]: Assistance Livebox.lnk . (...)  -- C:\Program Files (x86)\Orange\Assistance Livebox\AssistanceLivebox.exe
O4 - GS\Desktop [isa]: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Users\isabelle\AppData\Local\Google\Chrome\Application\chrome.exe 
~ Global Startup: 98 Legitimates Filtered in 00mn 03s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKLM\..\Run: [FullScreen] C:\BLOCK\CFG\flexbuild\FullScreen\launchFS.cmd (.not file.) 
O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe  =>.Hewlett-Packard Co
O4 - HKLM\..\RunOnce: [NCPluginUpdater] . (.Hewlett-Packard - NCPluginUpdater.) -- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe 
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe 
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\isabelle\AppData\Local\Google\Update\GoogleUpdate.exe  =>.Google Inc
O4 - HKCU\..\Run: [EasyFlirt Messenger] C:\Program Files (x86)\EasyFlirt Messenger\EasyFlirt Messenger.exe (.not file.) 
O4 - HKCU\..\Run: [Logitech Vid] . (.Logitech Inc. - Logitech Vid HD.) -- C:\Program Files (x86)\Logitech\Vid HD\Vid.exe 
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\isabelle\AppData\Local\Facebook\Update\FacebookUpdate.exe 
O4 - HKCU\..\Run: [DriverBoost] . (.PC Drivers Headquarters - DriverBoost.) -- C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe 
O4 - HKCU\..\Run: [ares] . (.Ares Development Group - Ares p2p for windows.) -- C:\Program Files (x86)\Ares\Ares.exe 
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe  =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILFE.exe  =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [EPLTarget\P0000000000000002] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILFE.exe  =>.Epson Seiko Corporation
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe  =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [PDF Complete] . (.PDF Complete Inc - Sentry for PDF.) -- C:\Program Files (x86)\PDF Complete\pdfsty.exe  =>.PDF Complete Inc
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe  =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [Easybits Recovery] . (.EasyBits Software AS - Pas de description.) -- C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe  =>.EasyBits Software AS
O4 - HKLM\..\Wow6432Node\Run: [ORAHSSSessionManager] C:\Program Files (x86)\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe (.not file.) 
O4 - HKLM\..\Wow6432Node\Run: [LWS] . (.Logitech Inc. - Logitech Webcam Software.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe  =>.Logitech Inc
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe 
O4 - HKLM\..\Wow6432Node\Run: [DivXMediaServer] . (.DivX, LLC - DivX DLNA Media Server.) -- C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe 
O4 - HKLM\..\Wow6432Node\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe 
O4 - HKLM\..\Wow6432Node\Run: [fst_fr_50] Clé orpheline =>PUA.FSTfr9
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\K-Lite Codec Pack\QuickTime\QTTask.exe 
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2186549345-3802387882-2836175870-1005\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe 
O4 - HKUS\S-1-5-21-2186549345-3802387882-2836175870-1005\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\isabelle\AppData\Local\Google\Update\GoogleUpdate.exe  =>.Google Inc
O4 - HKUS\S-1-5-21-2186549345-3802387882-2836175870-1005\..\Run: [EasyFlirt Messenger] C:\Program Files (x86)\EasyFlirt Messenger\EasyFlirt Messenger.exe (.not file.) 
O4 - HKUS\S-1-5-21-2186549345-3802387882-2836175870-1005\..\Run: [Logitech Vid] . (.Logitech Inc. - Logitech Vid HD.) -- C:\Program Files (x86)\Logitech\Vid HD\Vid.exe 
O4 - HKUS\S-1-5-21-2186549345-3802387882-2836175870-1005\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\isabelle\AppData\Local\Facebook\Update\FacebookUpdate.exe 
O4 - HKUS\S-1-5-21-2186549345-3802387882-2836175870-1005\..\Run: [DriverBoost] . (.PC Drivers Headquarters - DriverBoost.) -- C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe 
O4 - HKUS\S-1-5-21-2186549345-3802387882-2836175870-1005\..\Run: [ares] . (.Ares Development Group - Ares p2p for windows.) -- C:\Program Files (x86)\Ares\Ares.exe 
O4 - HKUS\S-1-5-21-2186549345-3802387882-2836175870-1005\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe  =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-2186549345-3802387882-2836175870-1005\..\Run: [EPLTarget\P0000000000000001] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILFE.exe  =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-2186549345-3802387882-2836175870-1005\..\Run: [EPLTarget\P0000000000000002] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILFE.exe  =>.Epson Seiko Corporation
~ Application:  Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 [64Bits] - {25510184-5A38-4A99-B273-DCA8EEF6CD08} . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\Resources\Icons\HP.ico
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{02A1085A-4D36-4A06-8E86-3CB4246DD49F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{F62D9A33-ECC1-4437-9B7F-30C7D4032A76}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{02A1085A-4D36-4A06-8E86-3CB4246DD49F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{F62D9A33-ECC1-4437-9B7F-30C7D4032A76}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{02A1085A-4D36-4A06-8E86-3CB4246DD49F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{F62D9A33-ECC1-4437-9B7F-30C7D4032A76}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain:  Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (...) -- 
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {92D24E67-F95F-41E0-89B6-CE4936AB8F62}.job   [727]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {BC96B2D5-71AF-48A9-81D3-9E02F5091E1E}.job   [727]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {92D24E67-F95F-41E0-89B6-CE4936AB8F62}.job   [913]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {BC96B2D5-71AF-48A9-81D3-9E02F5091E1E}.job   [913]
[MD5.00000000000000000000000000000000] [APT] [AutoUpdaterTask] (...) -- C:\Program Files (x86)\Auto Updater\AutoUpdater.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{17CB7CA3-3A2F-4389-B851-999DA6072C53}] (...) -- C:\Users\isabelle\Downloads\epson375181eu.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{3B78CA07-0D28-49DB-BCB4-B8FE021E2560}] (...) -- E:\setup.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{5153C7ED-5C58-4E37-86ED-AAF712A2AE26}] (...) -- C:\Program Files (x86)\PriceGong\uninst.exe (.not file.)   [0]  =>Adware.PriceGong
[MD5.00000000000000000000000000000000] [APT] [{7537CFB2-0856-43E8-842C-07F14E9F7957}] (...) -- C:\Users\isabelle\AppData\Roaming\awesomehp\UninstallManager.exe (.not file.)   [0]  =>PUP.Awesomehp
[MD5.00000000000000000000000000000000] [APT] [{7C023849-FAE4-46C4-8E71-0CFE7F6C1E52}] (...) -- C:\Users\isabelle\Desktop\zygo\Zygo CP V2008\Autorun.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{BF3973EC-F3F4-4EF0-B78C-4AB4144351F8}] (...) -- C:\Program Files (x86)\Glary Utilities\uninstaller.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{DD060FEE-904D-4447-9EB8-58DA544D4DE1}] (...) -- C:\Users\isabelle\Downloads\epson324565eu.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{DF4D3D60-0FE6-4190-82CC-414F6DA8E316}] (...) -- C:\Users\isabelle\Downloads\jxpiinstall.exe (.not file.)   [0]
~ Scheduled Task: 48 Legitimates Filtered in 00mn 10s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (acpsfniy) . (. - .) - C:\Windows\system32\drivers\acpsfniy.sys (.not file.)
O41 - Driver: (cognwcsi) . (. - .) - C:\Windows\system32\drivers\cognwcsi.sys (.not file.)
O41 - Driver: (didnuuqs) . (. - .) - C:\Windows\system32\drivers\didnuuqs.sys (.not file.)
~ Drivers: 66 Legitimates Filtered in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: Accelerer PC - Désinstallation complète - (.Speedchecker Limited.) [HKLM][64Bits] -- PCSU-SL_is1 =>Rogue.PCSpeedUp
~ Logic: 18 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\31255InstEnd]
[HKCU\Software\Ares]
[HKCU\Software\DM73]
[HKCU\Software\ELIGCHK]
[HKCU\Software\TVANTS]
[HKCU\Software\VIO ;)]
[HKLM\Software\Wow6432Node\Postbox]
[HKLM\Software\Wow6432Node\Shortcut_Module]
[HKLM\Software\Wow6432Node\Taronja]
[HKLM\Software\Wow6432Node\anset]
[HKLM\Software\Wow6432Node\i-beta] =>PUP.i-Beta
~ Key Software: 234 Legitimates Filtered in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 06/08/2012 - 23:33:08 - [6,885] ----D C:\Program Files (x86)\Ares
O43 - CFD: 01/10/2013 - 20:29:53 - [11,962] ----D C:\Program Files (x86)\i-beta =>PUP.i-Beta
O43 - CFD: 26/01/2014 - 18:01:12 - [43,420] ----D C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
O43 - CFD: 01/10/2013 - 20:29:49 - [0,510] ----D C:\Users\isabelle\AppData\Roaming\Postbox
O43 - CFD: 06/08/2012 - 23:33:09 - [0,032] ----D C:\Users\isabelle\AppData\Local\Ares
O43 - CFD: 01/10/2013 - 20:42:57 - [3,961] ----D C:\Users\isabelle\AppData\Local\Postbox
~ 1 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 213 Legitimates Filtered in 00mn 35s



---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{8a936bcf-0b61-11e1-ae93-d48564a3eab8}\AutoRun\command. (...) -- E:\Handset_USB_Driver.exe (.not file.)
~ Keys:  Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnablELUA"=0
~ MWPS: 21 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.2285B31039611D509F6120D691CA661F] - 29/05/2012 - 14:53:30 ---A- . (.Windows (R) Codename Longhorn DDK provider - hpvhd 64bit support driver.) -- C:\Windows\System32\Drivers\cpqdfw.sys   [27456]
O58 - SDL:[MD5.10FB0FF62AF6262BF88E3607E2AE2A69] - 13/03/2010 - 00:39:14 ---A- . (...) -- C:\Windows\System32\Drivers\cqcpu.sys   [24376]
O58 - SDL:[MD5.DEF365F0F6E017888C4B869D3BA4B8E0] - 25/10/2010 - 10:10:22 ---A- . (.Devguru Co., Ltd - Device Error Recovery SDK(x64).) -- C:\Windows\System32\Drivers\dgderdrv.sys   [20552]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys   [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys   [31232]
O58 - SDL:[MD5.9B4B4838A6C8DC97416581C13CB6482C] - 07/03/2011 - 11:18:48 ---A- . (.HandSet Incorporated - HandSet CDROM Filter.) -- C:\Windows\System32\Drivers\massfilter_hs.sys   [18456]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise  SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys   [24656]
O58 - SDL:[MD5.CE4B6956E4E12492715A53076E58761F] - 25/10/2010 - 10:03:52 ---A- . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\System32\Drivers\TFsExDisk.sys   [16392]
O58 - SDL:[MD5.FB251567F41BC61988B26731DEC19E4B] - 25/04/2012 - 11:11:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys   [52736]
O58 - SDL:[MD5.CE4B6956E4E12492715A53076E58761F] - 25/10/2010 - 10:03:52 ---A- . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys   [16392]
~ Drivers: 21 Legitimates Filtered in 01mn 03s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\Firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: <Google Chrome.isa> <Google Chrome>[HKLM\..\Shell\open\Command] (...) --  C:\Users\isa\AppData\Local\Google\Chrome\Application\chrome.exe" http://www.awesomehp.com =>PUP.Awesomehp
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {1945e092-ce7a-4b44-a259-a105b5dab2fd} - (lookineo) - http://www.lookineo.com
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {129A0CE9-13CF-423B-A38E-D1A6B02E2714} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {65793278-18D6-4D6D-AF3D-D81AC9B88FC6} - (Yahoo) - http://fr.search.yahoo.com
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {AF5F7031-EE4E-44C6-AFF5-5C388E256810} - (Wikipedia) - http://fr.wikipedia.org
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {129A0CE9-13CF-423B-A38E-D1A6B02E2714} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {65793278-18D6-4D6D-AF3D-D81AC9B88FC6} - (Yahoo) - http://fr.search.yahoo.com
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {AF5F7031-EE4E-44C6-AFF5-5C388E256810} - (Wikipedia) - http://fr.wikipedia.org
~ Keys:  Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.A4DFEE10D53C16EED2363A9ABEC4AD9F] [SPRF][04/11/2013] (...) -- C:\ProgramData\1383597050.bdinstall.bin   [502]
[MD5.E6729F8E631FC594B6C1375A11C193A8] [SPRF][04/11/2013] (...) -- C:\ProgramData\1383597129.bdinstall.bin   [834741]
[MD5.072B56CA1FE651298CFB681F5407ABAE] [SPRF][05/11/2013] (...) -- C:\ProgramData\1383684367.bdinstall.bin   [244527]
[MD5.3B770B147655176DC2F3292A9FCFED03] [SPRF][03/03/2014] (...) -- C:\Users\isabelle\Desktop\ets_1_3_setup.exe   [125105248]
~ Files: 6 Legitimates Filtered in 00mn 02s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{05730460-118E-4391-B0F6-FD7827CD7602}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\CrazyLoader\crazyloader.exe (.not file.) =>Adware.SPointer
O87 - FAEL: "UDP Query User{D96C7DE5-F58E-458D-8D39-78D0DE3B2A31}C:\users\isabelle\appdata\local\temp\jdic_0_9_5\ieembed.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\isabelle\appdata\local\temp\jdic_0_9_5\ieembed.exe (.not file.)
O87 - FAEL: "{6F92AB56-43A2-4BE9-806D-0CD0CC34F557}" |In - Private - P17 - TRUE | .(...) -- C:\Users\isabelle\Documents\Mes téléchargements\VideoToMp3Setup.exe (.not file.)
O87 - FAEL: "{B628B1C6-02E1-43B2-A7BB-C355C4DFCF43}" |In - Private - P17 - TRUE | .(...) -- C:\Users\isabelle\Documents\Mes téléchargements\mp4ConverterSetup.exe (.not file.)
O87 - FAEL: "{5F0F90E4-899B-4F93-975D-7923F3FA3C4E}" |In - Private - P17 - TRUE | .(...) -- C:\Users\isabelle\Downloads\SweetImSetup.exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "TCP Query User{2D2C734E-4005-404B-BDD9-617A26C9E5FC}C:\program files (x86)\ares\ares.exe" | In - Private - P6 - TRUE | .(.Ares Development Group - Ares p2p for windows.) -- C:\program files (x86)\ares\ares.exe
O87 - FAEL: "UDP Query User{EDCE86B6-1F35-4C26-9B21-8F7A89E09242}C:\program files (x86)\ares\ares.exe" | In - Private - P17 - TRUE | .(.Ares Development Group - Ares p2p for windows.) -- C:\program files (x86)\ares\ares.exe
O87 - FAEL: "TCP Query User{8F67961A-A56E-476E-B515-779239719680}C:\program files (x86)\ares\ares.exe" | In - Public - P6 - TRUE | .(.Ares Development Group - Ares p2p for windows.) -- C:\program files (x86)\ares\ares.exe
O87 - FAEL: "UDP Query User{937A71DE-26EF-4A68-9E9B-4B1FCBEF446E}C:\program files (x86)\ares\ares.exe" | In - Public - P17 - TRUE | .(.Ares Development Group - Ares p2p for windows.) -- C:\program files (x86)\ares\ares.exe
O87 - FAEL: "{0C83194D-285E-4CAC-873D-4984DD6060C7}" |In - Public - P6 - TRUE | .(...) -- C:\ProgramData\eSafe\eGdpSvc.exe (.not file.) =>PUP.eSafeSecurity
O87 - FAEL: "UDP Query User{EA2F75DB-C50F-404C-BC24-4076F73F09A9}C:\program files (x86)\torntv.com\torntv downloader.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\torntv.com\torntv downloader.exe (.not file.) =>Hijacker.TornTV
O87 - FAEL: "{AFFBFF36-367D-46B6-A0A4-A3B022B0F5A9}" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\torntv.com\torntv downloader.exe (.not file.) =>Hijacker.TornTV
O87 - FAEL: "{4C6D6F62-944D-41CE-8192-A6121C830DF5}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\ExpressFiles\expressdl.exe (.not file.) =>Adware.ExpressFiles
O87 - FAEL: "{9C741B53-5C84-4510-8C45-84E62262CEA4}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe (.not file.) =>Adware.ExpressFiles
~ Firewall: 282 Legitimates Filtered in 00mn 01s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "2EB48BE813F10594388D2C119A0A7893" . (.AM Usb Card Reader Driver.) -- C:\Windows\Installer\{8EB84BE2-1F31-4950-83D8-C211A9A08739}\ARPPRODUCTICON.exe
~ Update Products: 109 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.71D9872F3952C0FB64CB6100423520E8] [WIS][21/03/2014] (.Alcor - Blank Project Template.) -- C:\Windows\Installer\115d8.msi   [1289216]
[MD5.B67811645C5A3B8E4E4B1A1DB1EE271C] [WIS][21/03/2014] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\2c9b7ace.msi   [45056]  =>Adware.Boxore
[MD5.570FBA4141DC67442444045E7A82BF9B] [WIS][21/03/2014] (.DriverBoost - DriverBoost.) -- C:\Windows\Installer\77755.msi   [4011520]
~ WIS: 140 Legitimates Filtered in 00mn 17s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 12/03/2014 257928 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 12/10/2010 206072 |  (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SS - | Demand 13/05/2013 1129760 |  (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
SS - | Demand 18/09/2013 118680 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 20/05/2011 1055872 |  (Orange update Core Service) . (.France Telecom SA.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
SS - | Demand 10/07/1658 0 |  (rpcapd) . (...) - C:\Program Files (x86)\WinPcap\rpcapd.exe
SS - | Auto 05/09/2013 171680 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe

SR - | Auto 02/02/2010 202752 |  (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 24/05/2012 55184 |  (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 17/05/2012 144560 |  (EpsonScanSvc) . (.Seiko Epson Corporation.) - C:\Windows\system32\EscSvc64.exe
SR - | Auto 11/01/2007 126464 |  (EPSON_PM_RPCV4_01) . (.SEIKO EPSON CORPORATION.) - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.exe
SR - | Auto 15/04/2013 152640 |  (EPSON_PM_RPCV4_06) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.exe
SR - | Auto 10/07/1658 0 |  (ezSharedSvc) . (.EasyBits Software AS.) - C:\Windows\System32\ezSharedSvcHost.exe  =>.EasyBits Software AS
SR - | Auto 04/11/2013 92160 |  (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe  =>.Hewlett-Packard Co
SR - | Auto 19/05/2010 73728 |  (LightScribeService) . (.Hewlett-Packard Company.) - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 01/10/2012 703616 |  (MyEPSON Connect Service) . (.SEIKO EPSON CORPORATION.) - C:\Program Files (x86)\EPSON\MyEPSON Connect\mepService.exe
SR - | Auto 23/09/2009 935208 |  (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
SR - | Auto 14/10/2009 635416 |  (pdfcDispatcher) . (.PDF Complete Inc.) - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
SR - | Auto 18/01/2012 450848 |  (UMVPFSrv) . (.Logitech Inc..) - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services:  Scanned in 00mn 19s



---\\ Scan Additionnel (O88)
Database Version : 13031 - (21/03/2014)
Clés trouvées (Keys found) : 2
Valeurs trouvées (Values found) : 5
Dossiers trouvés  (Folders found) : 2
Fichiers trouvés  (Files found) : 2

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1]   =>Rogue.PCSpeedUp^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8]   =>Adware.Boxore
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:fst_fr_50   =>PUA.FSTfr9^
C:\Program Files (x86)\i-beta   =>PUP.i-Beta^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneStopSoft.com   =>PUP.Dealio
[HKLM\Software\Wow6432Node\i-beta]   =>PUP.i-Beta^
C:\Windows\Installer\2c9b7ace.msi   =>Adware.Boxore^
~ Additionnel Scan: 258294 Items scanned in 00mn 15s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/27765487-rogue-pcspeedup   =>Rogue.PCSpeedUp
~ http://nicolascoolman.webs.com/apps/blog/show/34014358-pua-fstfr9    =>PUA.FSTfr9
~ http://nicolascoolman.webs.com/apps/blog/show/26666995-adware-pricegong   =>Adware.PriceGong
~ http://nicolascoolman.webs.com/apps/blog/show/41011964-pup-awesomehp   =>PUP.Awesomehp
~ http://nicolascoolman.webs.com/apps/blog/show/33755964-pup-i-beta   =>PUP.i-Beta
~ http://nicolascoolman.webs.com/apps/blog/show/27556476-adware-spointer   =>Adware.SPointer
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim   =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/27588628-pup-esafesecurity   =>PUP.eSafeSecurity
~ http://nicolascoolman.webs.com/apps/blog/show/27660150-hijacker-torntv   =>Hijacker.TornTV
~ http://nicolascoolman.webs.com/apps/blog/show/26753274-adware-expressfiles  =>Adware.ExpressFiles
~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore  =>Adware.Boxore
~ http://nicolascoolman.webs.com/apps/blog/show/27443462-pup-dealio   =>PUP.Dealio
~ MSI: 12 link(s) detected in 00mn 15s



~ 1301 Legitimates filtered by white list
End of the scan (513 lines in 03mn 07s)(0)