cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2014.5.4.54 - Nicolas Coolman (04/05/2014)
~ Lancé par pascale (05/05/2014 11:16:51)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Not Found


---\\ Navigateurs Internet
MSIE: Internet Explorer v6.0.2900.2180
MFIE: Mozilla Firefox 28.0 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Microsoft Windows XP, 32-bit Service Pack 2 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK

---\\ Logiciels de protection du système
avast! Free Antivirus v9.0.2018
Malwarebytes Anti-Malware version 1.70.0.1100

---\\ Logiciels d'optimisation du système
CCleaner v4.10

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin

---\\ Informations sur le système
~ Processor: x86 Family 15 Model 47 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1022 MB (36% free)
System Restore: Activé (Enable)
System drive C: has 11 GB (11%) free of 90 GB

---\\ Mode de connexion au système
~ Computer Name: ACER-9DEB84EBB9
~ User Name: pascale
~ All Users Names: SUPPORT_388945a0, roxane, pascale, niels, maelle, HelpAssistant, eric, ASPNET, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Documents and Settings\pascale\Application Data\ZHP\
~ %AppData% : C:\Documents and Settings\pascale\Application Data\
~ %Desktop% : C:\Documents and Settings\pascale\Bureau\
~ %Favorites% : C:\Documents and Settings\pascale\Favoris\
~ %LocalAppData% : C:\Documents and Settings\pascale\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\pascale\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 11 Go of 90 Go)
D: Hard drive, Flash drive, Thumb drive (Free 82 Go of 91 Go)
E: CD-ROM drive (Not Inserted)
F: CD-ROM drive (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)
J: Floppy drive, Flash card reader, USB Key (Not Inserted)
K: Floppy drive, Flash card reader, USB Key (Not Inserted)
M: Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 42 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.4C33E5B9A6197B6ED215F6CFBA0A2DAA] - (.Microsoft Corporation - Explorateur Windows.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\Explorer.exe [1036288]
[MD5.58FE94EF42E074F4CAD8BF02E70E6478] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\wininet.dll [660480]
[MD5.D2DE785AEAB0BB8CA4C14A8A199DBE4E] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [506368]
[MD5.5AC495F4CB807B2B98AD2AD591E6D92E] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.CDFE4411A69C224BD1D11B2DA92DAC51] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\atapi.sys [95360]
[MD5.CD7D5152DF32B47F4E36F710B35AAE02] - (.Microsoft Corporation - CD-ROM File System Driver.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.AF9C19B3100FE010496B1A27181FBF72] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [49536]
[MD5.8B121FF880683607AB2AEF0340721718] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Fips.sys [35072]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 08:36:06.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.D1EFCBD693B5BA21314D06368C471070] - (.Microsoft Corporation - Pilote de port i8042.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54400]
[MD5.F8AA320C6A0409C0380E5D8A99D76EC6] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [41856]
[MD5.B5A8E215AC29D24D60B4D1250EF05ACE] - (.Microsoft Corporation - IP Network Address Translator.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [134912]
[MD5.64537AA5C003A6AFEEE1DF819062D0D1] - (.Microsoft Corporation - IPSec Driver.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [74752]
[MD5.1FD607FC67F7F7C633C3DA65BFC53D18] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [451456]
[MD5.0C80E410CD2F47134407EE7DD19CC86B] - (.Microsoft Corporation - MBT Transport driver.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.B78BE402C3F63DD55521F73876951CDD] - (.Microsoft Corporation - NT File System Driver.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574592]
[MD5.318696359AC7DF48D1E51974EC527DD2] - (.Microsoft Corporation - Pilote de port parallèle.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.98FAEB4A4DCF812BA1C6FCA4AA3E115C] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.A2CAE2C60BC37E0751EF9DDA7CEAF4AD] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.03/08/2004 - 22:01:16.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196864]
[MD5.2CC30B68DD62B73D444A41322CD7FC4C] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.03/08/2004 - 23:39:44.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58496]
[MD5.313B1A0D5DB26DFE1C34A6C13B2CE0A7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 3/8
~ Mes musiques (My Musics) : 1/128
~ Mes Videos (My Videos) : 0/0
~ Mes Favoris (My Favorites) : 1/11
~ Mes Documents (My Documents) : 1/1081
~ Mon Bureau (My Desktop) : 0/9721
~ Menu demarrer (Programs) : 1/39
~ Hidden Files: Scanned in 00mn 48s



---\\ Processus lancés
[MD5.60D2D92BD2390C50BCE4106113F8B83B] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [376832] [PID.928]
[MD5.37D17AE2936867F88EB3C4CBCBC6B8A1] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1580]
[MD5.B33CF4DE909A5B30F526D82053A63C8E] - (.ABBYY - ABBYY network license server.) -- C:\Program Files\Fichiers communs\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048] [PID.252]
[MD5.F401929EE0CC92BFE7F15161CA535383] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184] [PID.272]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.288]
[MD5.E58DCCD13D39C0606DE43FACCAEA03C8] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [270336] [PID.996]
[MD5.751961E128DBCC7A32304339C4BDEFF0] - (.Microsoft Corporation - SQL Server Windows NT.) -- C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe [9150464] [PID.1168]
[MD5.8AA5505E7043298E1FF047F212E4B7AD] - (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\slserv.exe [73796] [PID.1524]
[MD5.AB0A7CA90D9E3D6A193905DC1715DED0] - (.Microsoft Corporation - Windows User Mode Driver Manager.) -- C:\WINDOWS\system32\wdfmgr.exe [38912] [PID.1684]
[MD5.7E8499178C6BA1700DE8CF24F6B27CF3] - (.Acer Inc. - Win32 Service for Control Board and Remote.) -- C:\Program Files\Acer\Acer eMode Management\AspireService.exe [110592] [PID.3604]
[MD5.4A2462FF36EF6A5BCE9611A41A2987DE] - (.Agere Systems - SoftModem Messaging Applet.) -- C:\WINDOWS\AGRSMMSG.exe [88365] [PID.3668]
[MD5.1568FF282E268082C67CF0C3EBCC9179] - (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe [976320] [PID.3964]
[MD5.3E364978E4C74D3BCEA29FB41743CB5A] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704] [PID.2196]
[MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232] [PID.2336]
[MD5.70FFBFC9FE44FFDB39DFE741AF485474] - (.Stag - Pas de description.) -- C:\Program Files\Compteur TFS\Compteur.exe [946176] [PID.2480]
[MD5.CBA61CED5861EB1C023002F20B275B9E] - (.Microsoft Corporation - NTVDM.EXE.) -- C:\WINDOWS\system32\ntvdm.exe [420864] [PID.3900]
[MD5.31776E2F4809B2369ED901A45CDA5B8A] - (.Microsoft Corporation - Windows User-Mode Driver Framework.) -- C:\WINDOWS\system32\uWDF.exe [47104] [PID.2124]
[MD5.76DAC52F7A6D3AD3C8307D012ACF46CE] - (.OpenOffice.org - OpenOffice.org 3.0.) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe [7424000] [PID.1300]
[MD5.EEBF2F715C02C8A6CE6DBE844DD1B4E3] - (.OpenOffice.org - OpenOffice.org 3.0.) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin [7418368] [PID.4080]
[MD5.8E556A72D54F7E3B7844AB9217F02DD7] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [275568] [PID.2092]
[MD5.700803AC9B451FB67DF35EF0E05382E7] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [7869952] [PID.2428]
~ Processes Running: Scanned in 00mn 09s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M2 - MFEP: prefs.js [pascale - lhj5jyzz.default\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}] [] Adobe DLM (powered by getPlus(R)) v1.5.2.35 (..)
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\Plugins\libvlc.dll
~ Firefox Browser: 14 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} . (.Orbiscom Ltd. All rights reserved. - e-Carte Bleue.) -- C:\WINDOWS\system32\BhoECart.dll
~ BHO: 6 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Easy Photo Print - [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.exe =>.Epson Seiko Corporation
O4 - HKLM\..\Run: [AspireService] . (.Acer Inc. - Win32 Service for Control Board and Remote.) -- C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [AGRSMMSG] . (.Agere Systems - SoftModem Messaging Applet.) -- C:\WINDOWS\AGRSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll =>.NVIDIA Corporation
O4 - HKLM\..\Run: [nwiz] . (...) -- C:\WINDOWS\system32\nwiz.exe
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\system32\NvMcTray.dll
O4 - HKLM\..\Run: [EEventManager] . (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKCU\..\Run: [EPSON SX218 Series (Copie 1)] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGDE.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-4122831445-2763146006-512747609-1006\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKUS\S-1-5-21-4122831445-2763146006-512747609-1006\..\Run: [EPSON SX218 Series (Copie 1)] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGDE.exe =>.Epson Seiko Corporation
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Download Video on This Page - {11F19C45-9675-488A-A8E0-8E8234DC245D} . (.Tomato - YouTube Video Downloader Internet Explorer Extension.) -- C:\Program Files\Tomato\FLV Player\MDIEEx.dll
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{7930BCB2-897E-4707-A8C1-B977EF98C145}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS1\Services\Tcpip\..\{7930BCB2-897E-4707-A8C1-B977EF98C145}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS2\Services\Tcpip\..\{7930BCB2-897E-4707-A8C1-B977EF98C145}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS3\Services\Tcpip\..\{7930BCB2-897E-4707-A8C1-B977EF98C145}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\system32\Ati2evxx.dll
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\pascale\Bureau\photos\Photo 011.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\pascale\Bureau\photos\Photo 011.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: 3000 recettes ELLE - (...) [HKLM] -- 3000 recettes ELLE
O42 - Logiciel: A-Ray Scanner 2.0.2.3 - (.A-Ray Software.) [HKLM] -- A-Ray Scanner
O42 - Logiciel: EXPStudio Audio Editor FREE 3.98 - (.EXPStudio.com.) [HKLM] -- EXPStudio Audio Editor FREE 3.98
O42 - Logiciel: The Complete MP3 Manager - (...) [HKLM] -- {A9B169F5-5011-4806-BF25-0FFFEBC467ED}
O42 - Logiciel: Tiger Woods PGA TOUR 2003 - (...) [HKLM] -- {492E1D84-D7BF-4FA2-A26A-30AFC89EF547}
~ Logic: 28 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\ChristmasTree]
[HKCU\Software\Dufek Ladislav]
[HKCU\Software\EXPStudio]
[HKCU\Software\Inverse]
[HKCU\Software\Ryder]
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\YahooPartnerToolbar]
[HKLM\Software\10d6]
[HKLM\Software\54c]
[HKLM\Software\ASPI32]
[HKLM\Software\Compteur TFS]
[HKLM\Software\EXPStudio.com]
[HKLM\Software\L.C. Enterprises]
[HKLM\Software\VideoMarker]
[HKLM\Software\index+]
~ Key Software: 327 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 27/11/2006 - 18:26:04 - [] ----D C:\Program Files\A-Ray Scanner
O43 - CFD: 17/05/2009 - 18:23:12 - [] ----D C:\Program Files\AliveMedia
O43 - CFD: 16/09/2008 - 19:17:48 - [] ----D C:\Program Files\Ameri-Imager
O43 - CFD: 16/07/2008 - 19:10:48 - [] ----D C:\Program Files\Audio Capture ActiveX Control
O43 - CFD: 07/07/2012 - 16:01:56 - [] ----D C:\Program Files\Compteur TFS
O43 - CFD: 17/11/2007 - 17:20:12 - [] ----D C:\Program Files\Copystar
O43 - CFD: 10/02/2009 - 18:25:02 - [] ----D C:\Program Files\eXact
O43 - CFD: 20/01/2010 - 13:41:30 - [] ----D C:\Program Files\L.C. Enterprises
O43 - CFD: 14/05/2009 - 15:16:26 - [] ----D C:\Program Files\Program Files
O43 - CFD: 05/02/2009 - 18:55:02 - [] ----D C:\Program Files\quickmov
O43 - CFD: 18/08/2008 - 11:03:48 - [] ----D C:\Program Files\The Complete MP3 Manager
O43 - CFD: 24/05/2006 - 21:08:26 - [0] ----D C:\Documents and Settings\All Users\Application Data\eConsole
O43 - CFD: 20/01/2010 - 13:41:30 - [] ----D C:\Documents and Settings\pascale\Menu Démarrer\Programmes\L.C. Enterprises
~ Program Folder: 205 Legitimates Filtered in 00mn 01s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.4D6C6E0505A8E5A0656DCB223497D37C] - 01/05/2014 - 14:30:04 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswHwid.sys [24184]
O44 - LFC:[MD5.2687BC91DC9F6A635C7A3D8800418508] - 01/05/2014 - 14:34:20 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.2E628302E0D14D25597369FDCCA37810] - 01/05/2014 - 14:34:39 ---A- . (...) -- C:\WINDOWS\ModemLog_Smart Link 56K Voice Modem #2.txt [4156]
O44 - LFC:[MD5.7F2E433EBD604FDEF853798E2D949F63] - 02/05/2014 - 17:20:27 ---A- . (...) -- C:\WINDOWS\QUICKEN.INI [1656]
O44 - LFC:[MD5.6681976A39265F6A31D2C51B85531B9E] - 04/05/2014 - 10:28:46 ---A- . (...) -- C:\WINDOWS\Twunk001.MTX [156]
O44 - LFC:[MD5.1B19BCF7BF39C131F4EEB0A7C27BE6EC] - 04/05/2014 - 10:29:09 ---A- . (...) -- C:\WINDOWS\TWAIN.LOG [217]
O44 - LFC:[MD5.861DA67E5FD5CE85C238DA3AF4B078BF] - 04/05/2014 - 10:29:12 ---A- . (...) -- C:\WINDOWS\Twain001.Mtx [4]
O44 - LFC:[MD5.F297892DB5A253040CB8CD1AEFAFCC82] - 05/05/2014 - 10:07:40 ---A- . (...) -- C:\WINDOWS\wiadebug.log [367]
O44 - LFC:[MD5.063B3712C0B95E1A0C62919A5EC99F31] - 22/04/2014 - 17:45:03 ---A- . (...) -- C:\WINDOWS\medctroc.Log [2889]
O44 - LFC:[MD5.D26E26EA516450AF9D072635C60387F4] - 22/04/2014 - 17:46:16 ---A- . (...) -- C:\WINDOWS\system32\Drivers\secdrv.sys [27440]
O44 - LFC:[MD5.8737F6F4C8EC1E2A9EA5516F1B3AE1AD] - 22/04/2014 - 17:52:38 ---A- . (...) -- C:\WINDOWS\003213_.tmp [19569]
O44 - LFC:[MD5.51F49BCA3BC5EB19575AFC9522003F24] - 22/04/2014 - 17:52:38 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [30798]
O44 - LFC:[MD5.A791595ADB04D10C945FDF16E2E8C699] - 22/04/2014 - 17:52:38 ---A- . (...) -- C:\WINDOWS\msgsocm.log [1545]
O44 - LFC:[MD5.A78766FA81FC3627A5F0B8CAF6B7D093] - 22/04/2014 - 17:52:38 ---A- . (...) -- C:\WINDOWS\ocgen.log [14580]
O44 - LFC:[MD5.E04D872804A010782B066B3B7B422AD1] - 22/04/2014 - 17:55:08 ---A- . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\SETE44.tmp [86016]
O44 - LFC:[MD5.364EE23E8597B8532076555C5D0F36AC] - 22/04/2014 - 18:01:24 ---A- . (...) -- C:\WINDOWS\DtcInstall.log [610]
O44 - LFC:[MD5.D2D75B85DEE6A7814039C4538B9FE30D] - 22/04/2014 - 18:01:24 ---A- . (...) -- C:\WINDOWS\cmsetacl.log [1170]
O44 - LFC:[MD5.85BC259AB0093C929D6C9B0B3A548DB3] - 22/04/2014 - 18:05:15 ---A- . (...) -- C:\WINDOWS\updspapi.log [1105005]
O44 - LFC:[MD5.E6EE29152D46FE655268C25C24E0B92C] - 22/04/2014 - 18:05:52 ---A- . (...) -- C:\WINDOWS\system32\spdwnwxp.log [160]
O44 - LFC:[MD5.EDB44BC4870CCDC886A7F0D5CB9C266B] - 22/04/2014 - 18:07:05 ---A- . (...) -- C:\WINDOWS\spuninst.log [2439396]
O44 - LFC:[MD5.4C5227FE4A96C898F403B4C14EFFDD5F] - 22/04/2014 - 18:08:09 ---A- . (...) -- C:\WINDOWS\comsetup.log [10169]
O44 - LFC:[MD5.FF860DB152A9F0C7462CBF0C37E3BC38] - 22/04/2014 - 18:08:09 ---A- . (...) -- C:\WINDOWS\iis6.log [4838]
O44 - LFC:[MD5.C8CBA7830FBF15B66AC09440C97CD105] - 22/04/2014 - 18:08:09 ---A- . (...) -- C:\WINDOWS\imsins.log [1374]
O44 - LFC:[MD5.E68594D97345BEA2F9564E7A66A78D5F] - 22/04/2014 - 18:08:09 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [6199]
O44 - LFC:[MD5.FEF1806839A681E762925F390A6C5086] - 22/04/2014 - 18:08:09 ---A- . (...) -- C:\WINDOWS\ocmsn.log [1710]
O44 - LFC:[MD5.AD93EAFBF116BC857EEA9B2C5AC6DCB4] - 22/04/2014 - 18:08:09 ---A- . (...) -- C:\WINDOWS\tsoc.log [11795]
O44 - LFC:[MD5.18DE3BD9A05ED34F75FA399BBB4AE886] - 22/04/2014 - 18:08:13 ---A- . (...) -- C:\WINDOWS\svcpack.log [1740057]
O44 - LFC:[MD5.49EF2A7CA6C66E399F08328DA8B79E07] - 22/04/2014 - 18:12:34 ---A- . (...) -- C:\WINDOWS\spupdsvc.log.1.log [847]
O44 - LFC:[MD5.6D6F4B1886E91EB37ABCCAD19C561EE0] - 22/04/2014 - 18:13:12 ---A- . (...) -- C:\WINDOWS\system32\amcompat.tlb [16832]
O44 - LFC:[MD5.A32B14BE5EDAE794FCE1A9E970827509] - 22/04/2014 - 18:13:12 ---A- . (...) -- C:\WINDOWS\system32\nscompat.tlb [23392]
O44 - LFC:[MD5.DC17DD0189B0C36D863B4DD0A036C10F] - 22/04/2014 - 18:13:22 ---A- . (...) -- C:\WINDOWS\WMSysPr9.prx [316640]
O44 - LFC:[MD5.6A00399B0D5E425855A0915890DEC949] - 22/04/2014 - 18:13:26 ---A- . (...) -- C:\WINDOWS\wmsetup.log [2284]
O44 - LFC:[MD5.7FDFA52287D0C9848F59D32C2FDF734B] - 22/04/2014 - 18:13:27 ---A- . (...) -- C:\WINDOWS\spupdsvc.log [172381]
~ Files: 527 Legitimates Filtered in 02mn 53s



---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "C:\Program Files\Acer\Acer eConsole\MediaSync.exe" [Enabled] .(...) -- C:\Program Files\Acer\Acer eConsole\MediaSync.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Acer\Acer eConsole\eConsole.exe" [Enabled] .(...) -- C:\Program Files\Acer\Acer eConsole\eConsole.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Acer\Acer eConsole\MediaServerService.exe" [Enabled] .(...) -- C:\Program Files\Acer\Acer eConsole\MediaServerService.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\WINDOWS\TEMP\NavBrowser.exe" [Enabled] .(...) -- C:\WINDOWS\TEMP\NavBrowser.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Codemasters\Worms 4 Mayhem\WORMS 4 MAYHEM.EXE" [Disabled] .(...) -- C:\Program Files\Codemasters\Worms 4 Mayhem\WORMS 4 MAYHEM.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Warcraft III\Warcraft III.exe" [Disabled] .(...) -- C:\Program Files\Warcraft III\Warcraft III.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Bluebyte\GC3\GNM.exe" [Enabled] .(...) -- C:\Bluebyte\GC3\GNM.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Atari\TopSpin\TopSpin.exe" [Disabled] .(...) -- C:\Program Files\Atari\TopSpin\TopSpin.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\LucasArts\Star Wars Battlefront II\GameData\BattlefrontII.exe" [Disabled] .(...) -- C:\Program Files\LucasArts\Star Wars Battlefront II\GameData\BattlefrontII.exe (.not file.)
O47 - AAKE:Key Export SP - "D:\Warcraft III\Warcraft III.exe" [Disabled] .(...) -- D:\Warcraft III\Warcraft III.exe (.not file.)
O47 - AAKE:Key Export SP - "D:\Warcraft III\ftinst.tmp\Warcraft III.exe" [Enabled] .(...) -- D:\Warcraft III\ftinst.tmp\Warcraft III.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\WINDOWS\System32\muzapp.exe" [Enabled] .(...) -- C:\WINDOWS\System32\muzapp.exe (.not file.)
~ Keys Export: 30 Legitimates Filtered in 00mn 00s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Notification Packages . (...) -- :\WINDOWS\system32\srrstr.dll
O48 - LSA:Local Security Authority Notification Packages . (...) -- C:\WINDOWS\system32\cli.dll
~ LSA: 21 Legitimates Filtered in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:16/09/2004 - 12:26:40 ---A- . (...) -- C:\WINDOWS\system32\Drivers\ADFUUD.SYS [12634]
O58 - SDL:01/05/2014 - 14:30:04 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswHwid.sys [24184] =>.ALWIL Software
O58 - SDL:01/05/2014 - 14:30:04 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944] =>.ALWIL Software
O58 - SDL:01/05/2014 - 14:30:05 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswVmm.sys [180632] =>.ALWIL Software
O58 - SDL:05/08/2004 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\Drivers\cinemst2.sys [262528]
O58 - SDL:09/08/2006 - 09:10:12 ---A- . (.eMPIA Technology, Inc. - USB 28xx BDA Driver.) -- C:\WINDOWS\system32\Drivers\emBDA.sys [291200]
O58 - SDL:09/08/2006 - 09:10:12 ---A- . (.eMPIA Technology, Inc. - USB 28xx BDA Lower filter.) -- C:\WINDOWS\system32\Drivers\emOEM.sys [28160]
O58 - SDL:13/04/2008 - 08:36:06 ----- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\hdaudbus.sys [144384]
O58 - SDL:13/04/2008 - 10:23:42 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\mtlmnt5.sys [126686]
O58 - SDL:13/04/2008 - 10:23:40 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\mtlstrm.sys [1309184]
O58 - SDL:13/04/2008 - 08:34:28 ----- . (.Matrox Graphics Inc. - Matrox Parhelia Miniport Driver.) -- C:\WINDOWS\system32\Drivers\mtxparhm.sys [452736]
O58 - SDL:13/04/2008 - 10:23:42 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\ntmtlfax.sys [180360]
O58 - SDL:05/08/2004 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\Drivers\ptilink.sys [17792]
O58 - SDL:13/04/2008 - 10:23:44 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\recagent.sys [13776]
O58 - SDL:05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\secdrv.sys [27440]
O58 - SDL:04/04/2005 - 10:43:24 ---A- . (.Protection Technology - StarForce Protection Environment Driver.) -- C:\WINDOWS\system32\Drivers\sfdrv01.sys [48640]
O58 - SDL:23/02/2005 - 15:59:56 ---A- . (.Protection Technology - StarForce Protection Helper Driver.) -- C:\WINDOWS\system32\Drivers\sfhlp02.sys [6656]
O58 - SDL:14/04/2005 - 12:12:34 ---A- . (.Protection Technology - StarForce Protection Synchronization Driver.) -- C:\WINDOWS\system32\Drivers\sfsync02.sys [19968]
O58 - SDL:13/04/2008 - 10:23:44 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\slnt7554.sys [129535]
O58 - SDL:13/04/2008 - 10:23:46 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\slntamr.sys [404990]
O58 - SDL:13/04/2008 - 10:23:48 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\slnthal.sys [95424]
O58 - SDL:13/04/2008 - 10:23:48 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\slwdmsup.sys [13240]
O58 - SDL:25/04/2012 - 11:11:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\WINDOWS\system32\Drivers\usbaapl.sys [43520]
O58 - SDL:05/08/2004 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\Drivers\vdmindvd.sys [58112]
O58 - SDL:05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
O58 - SDL:05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
O58 - SDL:03/01/2013 - 18:42:03 ---A- . (...) -- C:\WINDOWS\system32\giveio.sys [5248]
O58 - SDL:05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912]
O58 - SDL:05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
O58 - SDL:05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
O58 - SDL:05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916]
O58 - SDL:05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
O58 - SDL:05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
O58 - SDL:05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
O58 - SDL:05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
O58 - SDL:05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000]
O58 - SDL:05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
O58 - SDL:05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
O58 - SDL:05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
O58 - SDL:05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
O58 - SDL:24/06/2006 - 12:13:44 ---A- . (.AntiCracking - SVKP driver for NT.) -- C:\WINDOWS\system32\STEC3.sys [2368]
~ Drivers: 104 Legitimates Filtered in 00mn 02s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: Usbfix By C_XX & El Desaparecido - (.C_XX & El Desaparecido.) [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 01/05/2014 - C:\WINDOWS\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
O64 - Services: CurCS - 24/06/2006 - C:\WINDOWS\system32\STEC3.sys (STEC3) .(.AntiCracking - SVKP driver for NT.) - LEGACY_STEC3
~ Legacy: 151 Legitimates Filtered in 00mn 01s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
~ FASS Keys: 12 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - () - http://search.live.com
~ Keys: Scanned in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 05/08/2004 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SS - | Demand 03/03/2009 33176 | (getPlus(R) Helper) . (.NOS Microsystems Ltd..) - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
SS - | Demand 03/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
SS - | Demand 07/06/2012 821648 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Demand 18/04/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 11/11/2005 131139 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe
SR - | Auto 14/05/2009 759048 | (ABBYY.Licensing.FineReader.Sprint.9.0) . (.ABBYY.) - C:\Program Files\Fichiers communs\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
SR - | Auto 24/05/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 30/08/2005 376832 | (Ati HotKey Poller) . (.ATI Technologies Inc..) - C:\WINDOWS\system32\Ati2evxx.exe
SR - | Auto 01/05/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 05/08/2004 73796 | (SLService) . (.Smart Link.) - C:\WINDOWS\system32\slserv.exe
~ Services: Scanned in 00mn 09s



---\\ Scan Additionnel (O88)
Database Version : 13045 - (04/05/2014)
Clés trouvées (Keys found) : 12
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0

[HKLM\Software\Classes\Interface\{2bef239c-752e-4001-8048-f256e0d8cd93}] =>Adware.RecordNRip
[HKLM\Software\Classes\CLSID\{35b8892d-c3fb-4d88-990d-31db2ebd72bd}] =>Adware.RecordNRip
[HKLM\Software\Classes\Interface\{3f607e46-0d3c-4442-b1de-de7fa4768f5c}] =>Adware.RecordNRip
[HKLM\Software\Classes\Interface\{49c00a51-6e59-41fe-b3fa-2d2157fad67b}] =>Adware.RecordNRip
[HKLM\Software\Classes\CLSID\{5eb0259d-ab79-4ae6-a6e6-24ffe21c3da4}] =>Adware.RecordNRip
[HKLM\Software\Classes\Interface\{6dff5dba-ae3a-46db-b301-ecffc6db2982}] =>Adware.RecordNRip
[HKLM\Software\Classes\TypeLib\{93e3d79c-0786-48ff-9329-93bc9f6dc2b3}] =>Adware.RecordNRip
[HKLM\Software\Classes\Interface\{de34cd67-f1c8-4001-9a23-b8a68f63f377}] =>Adware.RecordNRip
[HKLM\Software\Classes\Interface\{fe0273d1-99df-4ac0-87d5-1371c6271785}] =>Adware.RecordNRip
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
~ Additionnel Scan: 287907 Items scanned in 01mn 01s



---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.byethost7.com/wordpress/toolbar-conduit/ =>Toolbar.Conduit
http://nicolascoolman.webs.com/apps/blog/show/27350807-adware-recordnrip =>Adware.RecordNRip
~ MSI: 2 link(s) detected in 00mn 00s



~ 1518 Legitimates filtered by white list
End of the scan (505 lines in 05mn 39s)(0)

Publicité


Signaler le contenu de ce document

Publicité