cjoint

Publicité

Priorité au Logiciel Libre! Je soutiens l'April.

Publicité

Priorité au Logiciel Libre! Je soutiens l'April.

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2014.2.17.15 - Nicolas Coolman (17.02.2014)
~ Lancé par MuMu (23.02.2014 10:58:42)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16518
MFIE: Mozilla Firefox 27.0.1 (Defaut)
GCIE: Google Chrome v32.0.1700.107

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : BWX77
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
avast! Free Antivirus v7.0.1466.0
Malwarebytes Anti-Malware version 1.75.0.1300
McAfee Security Scan Plus v3.8.130.10
Windows Defender W7

---\\ Logiciels d'optimisation du système
CCleaner v3.12 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer
Vuze v4.7 =>P2P.Azureus

---\\ Surveillance de Logiciels
Adobe Flash Player 12 Plugin
Adobe Reader X
Java 7 Update 51

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 37 Stepping 2, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3957.6 MB (29% free)
System Restore: Activé (Enable)
System drive C: has 98 GB (42%) free of 233 GB

---\\ Mode de connexion au système
~ Computer Name: MUMU-TOSH
~ User Name: MuMu
~ All Users Names: MuMu, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\MuMu\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\MuMu\AppData\Roaming\
~ %Desktop% : C:\Users\MuMu\Desktop\
~ %Favorites% : C:\Users\MuMu\Favorites\
~ %LocalAppData% : C:\Users\MuMu\AppData\Local\
~ %StartMenu% : C:\Users\MuMu\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 98 Go of 233 Go)
D: Hard drive, Flash drive, Thumb drive (Free 86 Go of 232 Go)
E: CD-ROM drive (Free 0 Go of 0 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 42 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25.02.2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14.07.2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.263B6E451526A90FF8B1CEC759F22956] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.06.02.2014 - 10:24:52.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20.11.2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20.11.2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28.09.2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14.07.2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14.07.2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20.11.2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20.11.2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20.11.2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14.07.2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14.07.2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27.04.2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20.11.2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12.04.2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14.07.2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20.11.2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14.07.2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20.11.2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20.11.2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/3244
~ Mes musiques (My Musics) : 6/3261
~ Mes Videos (My Videos) : 2/14
~ Mes Favoris (My Favorites) : 1/80
~ Mes Documents (My Documents) : 3/3116
~ Mon Bureau (My Desktop) : 1/365
~ Menu demarrer (Programs) : 1/39
~ Hidden Files: Scanned in 00mn 23s



---\\ Processus lancés
[MD5.B099C8A8A07889DCB3A246FD91C2D671] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152] [PID.2408]
[MD5.10E89F598469C60D8C87A8218089A87D] - (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\MuMu\AppData\Local\Akamai\netsession_win.exe [4489472] [PID.2464]
[MD5.34AF9A2B79C3B495B118B3E7FA03F50E] - (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528] [PID.2508]
[MD5.15759892AB41078E8AFB77EC14FB94C1] - (.Samsung - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168] [PID.2524]
[MD5.E5EA9032823E11543475D46775258CDA] - (.Google Inc. - AutoBackup.) -- C:\Users\MuMu\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3619096] [PID.2532]
[MD5.F1DC2458DFC929331F2FE071EB17CFE8] - (.TomTom - MyDrive Connect.) -- C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe [473496] [PID.2552]
[MD5.9E30189C814095FE0293E39AD08EF943] - (.Syntek Ltd. - Syntek Monitor Application.) -- C:\Windows\STK02N\STK02NM.exe [163840] [PID.2588]
[MD5.ABC2C67DFD48930F846934B907C3D606] - (.OpenOffice.org - OpenOffice.org 3.2.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe [7424000] [PID.2704]
[MD5.76D34863793E484CBFF83D48AFEEF8DD] - (.SWE von Schleusen - UltimateZip Quick Start Executable.) -- C:\Program Files (x86)\UltimateZip\uzqkst.exe [1075200] [PID.2724]
[MD5.15D982E21248E9BE337D9B40247AF30E] - (.OpenOffice.org - OpenOffice.org 3.2.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin [7418368] [PID.2744]
[MD5.D88E81DECD3014C45603B4B327B4EE1A] - (.TOSHIBA CORPORATION - ConfigFree Task Tray Menu.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [304496] [PID.3016]
[MD5.852F12CA7C4FC7E3D77B606492435556] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696] [PID.3312]
[MD5.C5B2679B0AE204FDD0415199B7AFEF20] - (.TOSHIBA CORPORATION - KeNotify MFC Application.) -- C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34088] [PID.784]
[MD5.2438E8DBEDC1F57A7D6905CD4A241867] - (...) -- C:\Program Files (x86)\PDF Suite\PDFServiceEngine.exe [393216] [PID.1864]
[MD5.7C4AE21DB35F7AF697370EC068C4943E] - (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1234216] [PID.5308]
[MD5.4EB0C6C3EF4D8885CF2B5D0062F31E44] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376] [PID.2984]
[MD5.BAD0D303EF0A519409C625738F3E10A3] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4282728] [PID.796]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.6432]
[MD5.085BE68B52CE5A5FA4621507AD518CF3] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.6568]
[MD5.8A07221789D46B2EA7DFCA2BC807572A] - (.TOSHIBA CORPORATION - ConfigFree Switch Manager Process.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe [62848] [PID.6736]
[MD5.1ACCA74287FE5D7449FBB2B9F0C83341] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe [309328] [PID.6228] =>Toolbar.Google
[MD5.4263F6C131E513CEA1AE82B5B81A4E1A] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe [808152] [PID.3952]
[MD5.D9184C5FF3FD526761D518A95ABA74A3] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.8608]
[MD5.FF409C974A9AD58B82374DEEF6B44CBB] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [18544] [PID.11612]
[MD5.0642800E69522E29B93EF4C6BE00D13E] - (.Adobe Systems, Inc. - Adobe Flash Player 12.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe [1863560] [PID.11780]
[MD5.AB44884BC129FC04D75A4649E0710203] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8338432] [PID.15844]
[MD5.04AC21E821F259845BD7367CEE057290] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [44808] [PID.1296]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1140]
[MD5.F518545E5B7623AD49ABE7F8776EFA46] - (.Apple Inc. - YSLoader.exe.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336] [PID.1432]
[MD5.9E530C6F0EEE34CCEAC8104838AB68C7] - (.Microsoft Corporation - Updates Skype Click to Call.) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363616] [PID.2712]
[MD5.96B14B79C71CE4A7783184CC8B5DBCE8] - (.Microsoft Corporation - Phone Number Recognition (PNR) module.) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748640] [PID.2860]
[MD5.8227D3C44DBC47BC5E279E37AF04261C] - (...) -- C:\monitor.exe [487517] [PID.1876]
[MD5.7493EA4DE41348F7D3EDBF9DB298F56A] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13336] [PID.4396]
[MD5.C231BEA86E6EC4C6510C99DE9DD6D6FA] - (.Objectify Media Inc - Pas de description.) -- C:\Program Files (x86)\Web Protect\PCProtect.exe [1265608] [PID.4972]
[MD5.CAB0EEAF5295FC96DDD3E19DCE27E131] - (.TOSHIBA CORPORATION - ConfigFree Service Process.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [46448] [PID.4672]
[MD5.E4534BCCDD1EA7A7A256BB9D6688A5FC] - (.Nero AG - NeroUpdate.) -- C:\Program Files (x86)\Nero\Update\NASvc.exe [490280] [PID.3196]
~ Processes Running: Scanned in 00mn 03s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\MuMu\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://www.google.com
G2 - GCE: Preference [User Data\Default] [booedmolknjekdopkepjjeckmjkdpfgl] Extutil v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [flpcjncodpafbgdpnkljologafpionhb] Managera v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
~ Google Browser: 17 Legitimates Filtered in 00mn 01s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\MuMu\AppData\Roaming\Mozilla\Firefox\Profiles\tjzd956j.default\prefs.js
M0 - MFSP: prefs.js [MuMu - tjzd956j.default] http://mail.google.com
M2 - MFEP: prefs.js [MuMu - tjzd956j.default\quick_start@gmail.com] [] Quick Start v (..)
M2 - MFEP: prefs.js [MuMu - tjzd956j.default\{1cdccf78-1ea9-4f40-b69f-ef7674dbef8c}] [] MegaUpload Time Attack v0.3.8 (..)
~ Firefox Browser: 25 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! WebRep - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll =>Toolbar.Google
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: NewPlayer.lnk . (.Tuguu SL - NewPlayer.) -- C:\Program Files (x86)\NewPlayer\NewPlayer.exe =>PUP.VAFPlayer
O4 - GS\Desktop [Public]: Vuze.lnk . (...) -- C:\Program Files (x86)\Vuze\Azureus.exe (.not file.) =>P2P.Azureus
O4 - GS\Desktop [Public]: Wondershare MobileTrans.lnk . (.Wondershare - Wondershare MobileTrans.) -- C:\Program Files (x86)\Wondershare\MobileTrans\MobileTrans.exe
O4 - GS\Program [Public]: FileMaker Pro.lnk . (.Acresso Software Inc. - InstallShield.) -- C:\Windows\Installer\{EACCC991-8E8C-4397-8854-349506741FC9}\ARPPRODUCTICON.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Nitro PDF Reader.lnk . (...) -- C:\Windows\Installer\{0E61C9EB-AC48-4C20-92AD-48875B85CE0A}\Reader.ico
O4 - GS\Program [Public]: Vuze.lnk . (...) -- C:\Program Files (x86)\Vuze\Azureus.exe (.not file.) =>P2P.Azureus
O4 - GS\QuickLaunch [MuMu]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [MuMu]: Lancer FileMaker Pro.lnk . (.FileMaker, Inc. - FileMaker Pro.) -- C:\Program Files (x86)\FileMaker\FileMaker Pro 11\FileMaker Pro.exe
O4 - GS\QuickLaunch [MuMu]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [MuMu]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [MuMu]: Vuze.lnk . (...) -- C:\Program Files (x86)\Vuze\Azureus.exe (.not file.) =>P2P.Azureus
O4 - GS\TaskBar [MuMu]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [MuMu]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [MuMu]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [MuMu]: PC App Store.lnk . (...) -- C:\Users\MuMu\AppData\Local\Pokki\Engine\pokki.exe (.not file.)
O4 - GS\Program [MuMu]: YouTube.lnk . (...) -- C:\Users\MuMu\AppData\Local\Pokki\Engine\pokki.exe (.not file.)
O4 - GS\SystemTools [MuMu]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [MuMu]: Configure VO Package.lnk . (...) -- C:\Users\MuMu\AppData\Roaming\VOPackage\VOPackage.exe
~ Global Startup: 89 Legitimates Filtered in 00mn 03s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: STK02N 2.0 PNP Monitor.lnk . (.Syntek Ltd. - Syntek Monitor Application.) -- C:\Windows\STK02N\STK02NM.exe
O4 - GS\Startup [MuMu]: OpenOffice.org 3.2.lnk . (...) -- C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - GS\Startup [MuMu]: UltimateZip Quick Start.lnk . (.SWE von Schleusen - UltimateZip Quick Start Executable.) -- C:\Program Files (x86)\UltimateZip\uzqkst.exe
O4 - HKLM\..\Run: [TosSENotify] . (.TOSHIBA Corporation - Pas de description.) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
O4 - HKLM\..\Run: [Toshiba TEMPRO] . (.Toshiba Europe GmbH - Toshiba TEMPRO.) -- C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe =>.Toshiba Corporation
O4 - HKLM\..\Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe (.not file.)
O4 - HKLM\..\Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (.not file.)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.exe (.not file.)
O4 - HKLM\..\Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe (.not file.)
O4 - HKLM\..\Run: [SmoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe (.not file.)
O4 - HKLM\..\Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe (.not file.)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [SmartFaceVWatcher] C:\Program Files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe (.not file.)
O4 - HKLM\..\Run: [Teco] C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe (.not file.)
O4 - HKLM\..\Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe (.not file.)
O4 - HKLM\..\Run: [Toshiba Registration] . (.Toshiba Europe GmbH - Toshiba Notebook Registration Reminder.) -- C:\Program Files\Toshiba\Registration\ToshibaReminder.exe
O4 - HKLM\..\Run: [Windows Mobile Device Center] . (.Microsoft Corporation - Gestionnaire pour appareils Windows Mobile.) -- C:\Windows\WindowsMobile\wmdc.exe
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (.not file.)
O4 - HKCU\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics Co
O4 - HKCU\..\Run: [KiesPDLR] . (.Samsung - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\MuMu\AppData\Local\Akamai\netsession_win.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\MuMu\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKCU\..\Run: [KiesAirMessage] . (.Samsung Electronics - Pas de description.) -- C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
O4 - HKCU\..\Run: [Google+ Auto Backup] . (.Google Inc. - AutoBackup.) -- C:\Users\MuMu\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe
O4 - HKCU\..\Run: [MyDriveConnect.exe] . (.TomTom - MyDrive Connect.) -- C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Wow6432Node\Run: [SVPWUTIL] . (.TOSHIBA - SVPWUTIL Application.) -- C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe
O4 - HKLM\..\Wow6432Node\Run: [HWSetup] . (.TOSHIBA Electronics, Inc. - HWSetup.) -- C:\Program Files\TOSHIBA\Utilities\HWSetup.exe
O4 - HKLM\..\Wow6432Node\Run: [KeNotify] . (.TOSHIBA CORPORATION - KeNotify MFC Application.) -- C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Wow6432Node\Run: [TWebCamera] . (.TOSHIBA CORPORATION. - Pas de description.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
O4 - HKLM\..\Wow6432Node\Run: [ToshibaServiceStation] . (.TOSHIBA Corporation - TOSHIBA Service Station.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe =>.Toshiba Corporation
O4 - HKLM\..\Wow6432Node\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Wow6432Node\Run: [PDFServiceEngine] . (...) -- C:\Program Files (x86)\PDF Suite\PDFServiceEngine.exe
O4 - HKLM\..\Wow6432Node\Run: [EdenFlirt] C:\Program Files (x86)\Eden Flirt\EdenFlirt.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [NBAgent] . (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [WSHelperSetup.exe] . (.Wondershare - Wondershare Studio.) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe =>.Toshiba Corporation
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe =>.Toshiba Corporation
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-421663322-604923899-1713230291-1001\..\Run: [msnmsgr] ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (.not file.)
O4 - HKUS\S-1-5-21-421663322-604923899-1713230291-1001\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics Co
O4 - HKUS\S-1-5-21-421663322-604923899-1713230291-1001\..\Run: [KiesPDLR] . (.Samsung - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-21-421663322-604923899-1713230291-1001\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\MuMu\AppData\Local\Akamai\netsession_win.exe
O4 - HKUS\S-1-5-21-421663322-604923899-1713230291-1001\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\MuMu\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-421663322-604923899-1713230291-1001\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKUS\S-1-5-21-421663322-604923899-1713230291-1001\..\Run: [KiesAirMessage] . (.Samsung Electronics - Pas de description.) -- C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
O4 - HKUS\S-1-5-21-421663322-604923899-1713230291-1001\..\Run: [Google+ Auto Backup] . (.Google Inc. - AutoBackup.) -- C:\Users\MuMu\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe
O4 - HKUS\S-1-5-21-421663322-604923899-1713230291-1001\..\Run: [MyDriveConnect.exe] . (.TomTom - MyDrive Connect.) -- C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe
O4 - HKUS\S-1-5-21-421663322-604923899-1713230291-1001\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
O9 - Extra button: Free YouTube Download [64Bits] - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} . (...) -- C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\dvdvideosoft.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - Broken Internet access because of LSP provider (.not file.) -- mswsock.dll
~ Winsock: 9 Legitimates Filtered in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{6EA05D5E-6989-4736-98C5-BDB8B4F913E9}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{70B7B762-8979-4228-B65F-BC77DD109477}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{6EA05D5E-6989-4736-98C5-BDB8B4F913E9}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{70B7B762-8979-4228-B65F-BC77DD109477}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{6EA05D5E-6989-4736-98C5-BDB8B4F913E9}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{70B7B762-8979-4228-B65F-BC77DD109477}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Protect Monitor (ProtectMonitor) . (...) - C:\monitorsvc.exe
O23 - Service: TOSHIBA eco Utility Service (TOSHIBA eco Utility Service) . (.TOSHIBA Corporation - TOSHIBA eco Utility Service.) - C:\Program Files\TOSHIBA\TECO\TecoService.exe =>.Toshiba Corporation
~ Services: 18 Legitimates Filtered in 00mn 09s



---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [{04FF86EB-5748-4A60-8A8E-5D89A0977FA2}] (...) -- C:\Users\MuMu\Documents\Nero.Burning.ROM.LITE.9.0.9.4d.MULTI.JiNo22\NeroPortable\NeroExpressPortable.exe (.not file.) [0]
[MD5.C301AB0112C4DE7339EDE4FBFAF6F616] [APT] [{1BF0AAAC-FB99-471E-85C7-2FE35AC8EF00}] (...) -- C:\Program Files (x86)\PDF Suite\uninstall.exe [65276]
[MD5.00000000000000000000000000000000] [APT] [{878A8979-4E56-4752-9781-BC6410650D37}] (...) -- C:\Users\MuMu\Downloads\MAJ_Ri4m_v503b.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{8924ACE8-F5B2-40D3-9D17-5A4A1CAB069E}] (...) -- C:\Users\MuMu\Documents\Nero.Burning.ROM.LITE.9.0.9.4d.MULTI.JiNo22\NeroPortable\NeroBurningROMPortable.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{DF725EFA-6CA7-4982-8B34-1F2957719882}] (...) -- C:\Users\MuMu\Desktop\VirtualDub-1.9.11\auxsetup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{EE3702B9-9011-48C5-A4A7-82182576769C}] (...) -- C:\Program Files (x86)\Yahoo!\Common\UNYT_W~1.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F94F6E51-FAC4-4498-8F5A-A970C06F3249}] (...) -- C:\Users\MuMu\Downloads\Nero 10 Portable.exe (.not file.) [0]
~ Scheduled Task: 23 Legitimates Filtered in 00mn 05s



---\\ Logiciels installés (O42)
O42 - Logiciel: Akamai NetSession Interface Service - (...) [HKLM][64Bits] -- Akamai
O42 - Logiciel: Fortunitas - (.Fortunitas.) [HKLM][64Bits] -- Fortunitas =>PUP.Fortunitas
O42 - Logiciel: GesTournois 6.02.01 - (...) [HKLM][64Bits] -- GesTournois
O42 - Logiciel: NewPlayer - (.TUGUU SL.) [HKLM][64Bits] -- NewPlayer =>PUP.VAFPlayer
O42 - Logiciel: STK02N 2.0 - (.Syntek.) [HKLM][64Bits] -- {E42E07F5-5A90-4BA9-B55A-79FCF9EAF9B5}
O42 - Logiciel: UltimateZip - (.SWE von Schleusen.) [HKLM][64Bits] -- UltimateZip_is1
O42 - Logiciel: VO Package - (...) [HKLM][64Bits] -- VOPackage
O42 - Logiciel: Web Protect for Windows - (.Web Protect.) [HKLM][64Bits] -- wp-tgu
O42 - Logiciel: fst_fr_94 - (.FREESOFTTODAY.) [HKLM][64Bits] -- fst_fr_94_is1 =>PUA.FSTfr9
~ Logic: 56 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\GesTournois]
[HKCU\Software\PDF Manager 2008]
[HKCU\Software\SWE von Schleusen]
[HKLM\Software\Wow6432Node\STK02N]
[HKLM\Software\Wow6432Node\Syntek]
[HKLM\Software\Wow6432Node\Taronja]
~ Key Software: 506 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 17.01.2014 - 14:31:58 - [17.606] ----D C:\Program Files (x86)\MyDrive Connect
O43 - CFD: 15.02.2014 - 09:07:39 - [30.395] ----D C:\Program Files (x86)\NewPlayer
O43 - CFD: 12.07.2010 - 11:18:03 - [15.674] ----D C:\Program Files (x86)\UltimateZip
O43 - CFD: 15.02.2014 - 09:09:25 - [6.757] ----D C:\Program Files (x86)\Web Protect
O43 - CFD: 23.11.2011 - 16:23:50 - [5.912] --H-D C:\ProgramData\{08E30618-5D06-461B-BBD3-4ADFB0810824}
O43 - CFD: 05.04.2013 - 15:49:45 - [15.709] --H-D C:\ProgramData\{41BBE7FA-FF2A-4F93-B788-95E2FF187CA4}
O43 - CFD: 02.02.2014 - 11:19:11 - [27.641] -SH-D C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 12.07.2010 - 11:18:02 - [0.000] ----D C:\Users\MuMu\AppData\Roaming\UltimateZip
O43 - CFD: 22.02.2014 - 12:59:13 - [0.299] ----D C:\Users\MuMu\AppData\Roaming\VOPackage
O43 - CFD: 29.12.2013 - 11:01:44 - [0.000] ----D C:\Users\MuMu\AppData\Local\messengerdusexe
O43 - CFD: 15.02.2014 - 09:08:06 - [0.000] ----D C:\Users\MuMu\AppData\Local\newplayer
O43 - CFD: 19.09.2013 - 04:27:19 - [0.000] ----D C:\Users\MuMu\AppData\Local\plan-coquin
O43 - CFD: 27.08.2012 - 16:31:54 - [0.004] ----D C:\Users\MuMu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alarme 3.0
O43 - CFD: 09.01.2014 - 10:35:33 - [0.003] ----D C:\Users\MuMu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
O43 - CFD: 15.08.2011 - 13:57:20 - [0.002] ----D C:\Users\MuMu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Post in top
~ 532 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 840 Legitimates Filtered in 01mn 52s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.8717FA628A749175A7EF127DF2C012FC] - 13.02.2014 - 14:43:24 ---A- . (...) -- C:\monitorsvc.exe [34244]
O44 - LFC:[MD5.8227D3C44DBC47BC5E279E37AF04261C] - 13.02.2014 - 15:12:36 ---A- . (...) -- C:\monitor.exe [487517]
O44 - LFC:[MD5.02301D454602D0F04268332810745328] - 15.02.2014 - 09:07:29 ---A- . (.Objectify Media Inc - Pas de description.) -- C:\Windows\System32\PCProtect64.dll [330624]
O44 - LFC:[MD5.950168153DACCF5B22069803930D8779] - 15.02.2014 - 09:07:38 ---A- . (...) -- C:\Windows\System32\PCProtectOff.ini [2184]
~ Files: 51 Legitimates Filtered in 00mn 07s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\20202693.sys . (...) -- C:\Windows\System32\Drivers\20202693.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\96658622.sys . (...) -- C:\Windows\System32\Drivers\96658622.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\20202693.sys . (...) -- C:\Windows\System32\Drivers\20202693.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\96658622.sys . (...) -- C:\Windows\System32\Drivers\96658622.sys (.not file.)
~ CSB: 17 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
~ MWPS: 17 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.FFCCD922F305B8CFBA8D99F65E35EDD7] - 22.12.2009 - 03:31:04 ---A- . (.Devguru Co., Ltd - Device Error Recovery SDK(x64).) -- C:\Windows\System32\Drivers\dgderdrv.sys [20568]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14.07.2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10.06.2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14.07.2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:[MD5.CE4B6956E4E12492715A53076E58761F] - 04.01.2011 - 16:11:16 ---A- . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\System32\Drivers\TFsExDisk.sys [16392]
O58 - SDL:[MD5.C9E9D59C0099A9FF51697E9306A44240] - 13.12.2012 - 14:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:[MD5.6BEAB6803D68E31DE710DB52C9E9256E] - 12.03.2007 - 13:25:04 ---A- . (.Syntek Ltd. - Syntek UsbCamd Mini Driver.) -- C:\Windows\SysWOW64\drivers\STK02NW1.sys [33728]
O58 - SDL:[MD5.3835FF5A08C4474142814F3DB5CD4CA4] - 12.03.2007 - 13:25:24 ---A- . (.Syntek Ltd. - Syntek UsbIntel Mini Driver.) -- C:\Windows\SysWOW64\drivers\STK02NW2.sys [101520]
O58 - SDL:[MD5.CE4B6956E4E12492715A53076E58761F] - 04.01.2011 - 16:11:16 ---A- . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys [16392]
O58 - SDL:[MD5.DDEE99DC54EFA20BD5A442CD733C4462] - 20.03.2013 - 09:07:16 ---A- . (...) -- C:\Windows\SysWOW64\FsUsbExDisk.Sys [37344]
~ Drivers: 17 Legitimates Filtered in 00mn 06s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- firefox.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- Chrome.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {380996C2-6FBD-4F18-AE5A-E70520AFD0C5} - (Ask Search) - http://websearch.ask.com =>Toolbar.Ask
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {D541A9C2-E556-4961-B897-6CD37CE495CD} - (eBay) - http://rover.ebay.com =>Toolbar.eBay
~ Keys: Scanned in 00mn 00s



---\\ Recherche dans la clé de registre Feature Controls (IFC) (O81)
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe =>Rootkit.TDSS
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe =>Rootkit.TDSS

~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][13.11.2010] (...) -- C:\Users\MuMu\AppData\Roaming\wklnhst.dat [0]
~ Files: 3 Legitimates Filtered in 00mn 00s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "943862168545C5447AE1DCD4F070526A" . (.Radiotracker.) -- C:\Windows\Installer\{61268349-5458-445C-A71E-CD4D0F0725A6}\audials_one_installer_1.exe
~ Update Products: 180 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.2375C3F2C828ED6C359EB6A2922B4C2F] [WIS][11.06.2010] (.FileMaker, Inc. - FileMaker Pro 11.) -- C:\Windows\Installer\10309352.msi [4698624]
[MD5.39988793C0BE26963F7C8228E7F04E23] [WIS][06.01.2014] (.Google - Google+ Auto Backup.) -- C:\Windows\Installer\22dee8e8.msi [3088384]
[MD5.A9CC8DD182E095A8D46454C4363D0A53] [WIS][23.11.2011] (.Bandoo Media Inc. - iLivid Installation.) -- C:\Windows\Installer\fa44179.msi [266240] =>Adware.Bandoo
~ WIS: 183 Legitimates Filtered in 00mn 30s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 20.02.2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 12.10.2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SS - | Auto 06.05.2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 06.05.2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 19.08.2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 10.07.1658 0 | (McComponentHostService) . (...) - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
SS - | Demand 15.02.2014 118896 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 13.02.2014 34244 | (ProtectMonitor) . (...) - C:\monitorsvc.exe
SS - | Auto 05.09.2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe

SR - | Auto 18.12.2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 04.08.2010 203264 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 07.01.2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 21.08.2012 44808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Auto 30.08.2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 27.10.2009 252784 | (cfWiMAXService) . (.TOSHIBA CORPORATION.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
SR - | Auto 10.03.2009 46448 | (ConfigFree Service) . (.TOSHIBA CORPORATION.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
SR - | Auto 02.10.2009 13336 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Demand 20.01.2014 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 25.10.2013 2768208 | (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe
SR - | Auto 25.03.2010 490280 | (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SR - | Auto 03.12.2010 341296 | (NitroReaderDriverReadSpool) . (.Nitro PDF Software.) - C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe
SR - | Demand 08.01.2014 1265608 | (PCProtect) . (.Objectify Media Inc.) - C:\Program Files (x86)\Web Protect\PCProtect.exe
SR - | Auto 15.10.2009 116104 | (TemproMonitoringService) . (.Toshiba Europe GmbH.) - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe =>.Toshiba Corporation
SR - | Demand 06.10.2009 51512 | (TMachInfo) . (.TOSHIBA Corporation.) - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe =>.Toshiba Corporation
SR - | Auto 28.07.2009 140632 | (TODDSrv) . (.TOSHIBA Corporation.) - C:\Windows\system32\TODDSrv.exe
SR - | Auto 05.11.2009 489312 | (TosCoSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
SR - | Auto 28.09.2009 251760 | (TOSHIBA eco Utility Service) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TECO\TecoService.exe =>.Toshiba Corporation
SR - | Demand 05.11.2009 137560 | (TOSHIBA HDD SSD Alert Service) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
SR - | Demand 10.11.2009 824688 | (TPCHSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
SR - | Auto 14.07.2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10.07.1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14.07.2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 33s



---\\ Scan Additionnel (O88)
Database Version : 13031 - (17.02.2014)
Clés trouvées (Keys found) : 87
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 2

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Fortunitas] =>PUP.Fortunitas^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\NewPlayer] =>PUP.VAFPlayer^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\fst_fr_94_is1] =>PUA.FSTfr9^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\16FE85B52F587794795A481CF9295697] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2B1E51D87B2D71A44BB42DDD5E894160] =>Adware.Bandoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E0C8759C69912A4485AD49572CE7CA3] =>Adware.Bandoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\758F5690DAAD39F40845E0E23C8C5C0B] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\254796BF4AC84B64891B61C529A2E23F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\dcmagccbogebndpoodhhhafmofelpffh] =>PUP.RewardsArcade
[HKLM\Software\Classes\SimpleExt.SimpleShlExt] =>Adware.Bloson
[HKLM\Software\Classes\SimpleExt.SimpleShlExt.1] =>Adware.Bloson
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:swg =>Toolbar.Google^
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe =>Toolbar.Google^
C:\Windows\Installer\fa44179.msi =>Adware.Bandoo^
~ Additionnel Scan: 428864 Items scanned in 00mn 42s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/30392620-pup-vafplayer =>PUP.VAFPlayer
~ http://nicolascoolman.webs.com/apps/blog/show/41045904-pup-fortunitas =>PUP.Fortunitas
~ http://nicolascoolman.webs.com/apps/blog/show/34014358-pua-fstfr9 =>PUA.FSTfr9
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/26611908-rootkit-tdss =>Rootkit.TDSS
~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/28000037-pup-rewardsarcade =>PUP.RewardsArcade
~ http://nicolascoolman.webs.com/apps/blog/show/32755958-adware-bloson =>Adware.Bloson
~ MSI: 9 link(s) detected in 00mn 42s



~ 1816 Legitimates filtered by white list
End of the scan (662 lines in 04mn 31s)(0)

Publicité

Soutenons La Quadrature du Net ! Soutenons La Quadrature du Net !

Signaler le contenu de ce document

Publicité

Soutenons La Quadrature du Net !