Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ Rapport de ZHPDiag v2014.12.17.175 - Nicolas Coolman (2014-12-17)
~ Lancé par Steve et Lyne (2014-12-18 08:51:13)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17501
MFIE: Mozilla Firefox 23.0.1
GCIE: Google Chrome v38.0.2125.111 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
---\\ Logiciels de protection du système
AVG 2014 v14.0.4235
Windows Defender W7 (Deactivate)
---\\ Logiciels d'optimisation du système
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 12 ActiveX
Adobe Reader XI
---\\ Informations sur le système
~ Processor: AMD64 Family 16 Model 2 Stepping 3, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4094 MB (59% free)
System Restore: Activé (Enable)
System drive C: has 15 GB (3%) free of 466 GB
---\\ Mode de connexion au système
~ Computer Name: STEVEETLYNE-PC
~ User Name: Steve et Lyne
~ All Users Names: UpdatusUser, Steve et Lyne, Lyne Bou, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Steve et Lyne\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Steve et Lyne\AppData\Roaming\
~ %Desktop% : C:\Users\Steve et Lyne\Desktop\
~ %Favorites% : C:\Users\Steve et Lyne\Favorites\
~ %LocalAppData% : C:\Users\Steve et Lyne\AppData\Local\
~ %StartMenu% : C:\Users\Steve et Lyne\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 15 Go of 466 Go)
D: CD-ROM drive (Not Inserted)
E: CD-ROM drive (Free 0 Go of 3 Go)
G: Floppy drive, Flash card reader, USB Key (Free 17 Go of 60 Go)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 41 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.2011-02-25 - 01:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.2009-07-13 - 20:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.4AF089160FE082E5EA5C4AA72782DCA2] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.2014-11-21 - 20:28:21.) -- C:\Windows\System32\wininet.dll [2358272]
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.2014-07-16 - 21:07:24.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.2010-11-20 - 08:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.2014-05-30 - 01:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.2009-07-13 - 20:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.2009-07-13 - 18:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.2010-11-20 - 04:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.2010-11-20 - 04:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.2010-11-20 - 05:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.2009-07-13 - 18:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.2009-07-13 - 19:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.2011-04-26 - 21:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.2010-11-20 - 04:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.2014-01-23 - 21:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.2009-07-13 - 19:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.2010-11-20 - 05:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.2009-07-13 - 19:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) (.2014-11-10 - 20:46:26.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.2010-11-20 - 08:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/2638
~ Mes musiques (My Musics) : 1/220
~ Mes Videos (My Videos) : 2/16
~ Mes Favoris (My Favorites) : 1/25
~ Mes Documents (My Documents) : 1/305
~ Mon Bureau (My Desktop) : 2/3421
~ Menu demarrer (Programs) : 1/74
~ Hidden Files: Scanned in 00mn 11s
---\\ Processus lancés
[MD5.6B08632F7634F344372B25A507DA7C47] - (.NVIDIA Corporation - NVIDIA NvTmru Application.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1012000] [PID.3924]
[MD5.05DD0C6B983F7C2E9B4BF1B91AFC3545] - (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe [1940160] [PID.3860]
[MD5.48C3EBD6D5E52AFCB1A0FA9B7F9802FA] - (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720] [PID.3312]
[MD5.799BCC829F48F19C5689478179060435] - (.Apple Inc. - Apple Photostreams Uploader Executable.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720] [PID.3792]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Steve et Lyne\AppData\Local\Google\Update\GoogleUpdate.exe [116648] [PID.3724]
[MD5.DAB55357D9CC9A76052F4472EBD5C729] - (.Apple Inc. - Apple IE DAV.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1326408] [PID.3448]
[MD5.08DFA176E4FC0E63ACD8EC854449D2B0] - (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Steve et Lyne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344] [PID.3544]
[MD5.3BC680C382FE7CA77AD559EF82E79D50] - (.Sony Computer Entertainment Inc. - Content Manager Assistant.) -- C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe [3576440] [PID.3492]
[MD5.C038485F5A537A60A19EAC8C15D98161] - (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5188112] [PID.1292]
[MD5.AD9C4FBBD6BAE0794B71066DF63849CB] - (.Primax Electronics Ltd. - Pas de description.) -- C:\ProgramData\HP Wi-Fi Mobile Mouse Config\PelAstro.exe [65536] [PID.4212]
[MD5.76375D7763C9B56C0E96AE30F6160DFF] - (.Druide informatique inc. - AgentAntidote.) -- C:\Druide\Antidote 7\Programmes32\agentantidote.exe [600256] [PID.4248]
[MD5.A7D6721D90AB8D3EE1DB118F23FEB653] - (.Pas de propriétaire - VProtect Application.) -- C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408] [PID.4324]
[MD5.D2E3E6D94A9E1CFA1561D9C748136FD0] - (.Apple Inc. - iTunesHelper.) -- C:\iTunes\iTunesHelper.exe [152392] [PID.4332]
[MD5.47833576F0BEE0AD7B45109982B769BD] - (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe [59720] [PID.4368]
[MD5.2AF39FCC0AF8D14B6A349095033F395E] - (.Sony Computer Entertainment Inc. - Content Manager Assistant.) -- C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe [525448] [PID.2776]
[MD5.31D74F51C684B27A24BE0EE08DB998EF] - (.Valve Corporation - Steam Client WebHelper.) -- C:\Program Files (x86)\Steam\bin\steamwebhelper.exe [1519808] [PID.2980]
[MD5.6226810F26227F083929AC5584122951] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\Steve et Lyne\AppData\Roaming\Dropbox\bin\Dropbox.exe [39207112] [PID.6972]
[MD5.A0A6B2F100DD704C419DC0767EA313EB] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8141824] [PID.5136]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Steve et Lyne\AppData\Local\Google\Chrome\User Data\Default\Preferences
---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 0 Legitimates Filtered in 00mn 09s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Steve et Lyne\AppData\Roaming\Mozilla\Firefox\Profiles\rjhh5z96.default\prefs.js
M3 - MFPP: Plugins - [Steve et Lyne] -- C:\Users\Steve et Lyne\AppData\Roaming\Mozilla\Firefox\Profiles\rjhh5z96.default\searchplugins\conduit-search.xml =>Toolbar.Conduit
M0 - MFSP: prefs.js [Steve et Lyne - rjhh5z96.default] http://mysearch.avg.com
~ Firefox Browser: 8 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AVG SafeGuard toolbar [64Bits] - {95B7759C-8C7F-4BF1-B163-73684A933233} . (.AVG Secure Search - toolbar.dll.) -- C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll =>Toolbar.AVGSearch
~ BHO: 3 Legitimates Filtered in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\QuickLaunch [Steve et Lyne]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Steve et Lyne\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\Desktop [Steve et Lyne]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Steve et Lyne\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 2 Legitimates Filtered in 00mn 04s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [Nvtmru] . (.NVIDIA Corporation - NVIDIA NvTmru Application.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe
O4 - HKCU\..\Run: [iCloudServices] . (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] . (.Apple Inc. - Apple Photostreams Uploader Executable.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe (.not file.)
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Steve et Lyne\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKCU\..\Run: [AdobeBridge] Clé orpheline
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKCU\..\Run: [AppleIEDAV] . (.Apple Inc. - Apple IE DAV.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
O4 - HKCU\..\Run: [AVG-Secure-Search-Update_1213b] C:\Users\Steve et Lyne\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe (.not file.) =>Toolbar.AVGSearch
O4 - HKCU\..\Run: [RGSC] . (.Take-Two Interactive Software, Inc. - RGSCLauncher.) -- C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
O4 - HKCU\..\Run: [AVG-Secure-Search-Update_0214c] C:\Users\Steve et Lyne\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe (.not file.) =>Toolbar.AVGSearch
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_F772E7EE57E9C767E902E5E2894F6E69] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIUE.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [Spotify] . (.Spotify Ltd - Spotify.) -- C:\Users\Steve et Lyne\AppData\Roaming\Spotify\Spotify.exe
O4 - HKCU\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Steve et Lyne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
O4 - HKCU\..\RunOnce: [Adobe Speed Launcher] 1418907480
O4 - HKLM\..\Wow6432Node\Run: [AVG_UI] . (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Wow6432Node\Run: [AdobeCS5ServiceManager] . (.Adobe Systems Incorporated - Adobe CS5 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
O4 - HKLM\..\Wow6432Node\Run: [AdobeCS5.5ServiceManager] . (.Adobe Systems Incorporated - Adobe CS5.5 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe
O4 - HKLM\..\Wow6432Node\Run: [PelAstro] . (.Primax Electronics Ltd. - Pas de description.) -- C:\ProgramData\HP Wi-Fi Mobile Mouse Config\PelAstro.exe
O4 - HKLM\..\Wow6432Node\Run: [HPMonitor] . (.Hewlett-Packard - HP Mouse and Keyboard Suite Monitor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Wi-Fi Mobile Mouse\hpMonitor23.exe
O4 - HKLM\..\Wow6432Node\Run: [agentantidote.exe] . (.Druide informatique inc. - AgentAntidote.) -- C:\Druide\Antidote 7\Programmes32\agentantidote.exe
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [vProt] . (.Pas de propriétaire - VProtect Application.) -- C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [AdobeCS6ServiceManager] . (.Adobe Systems Incorporated - Adobe CS6 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-389638890-100705227-403248912-1000\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe
O4 - HKUS\S-1-5-21-389638890-100705227-403248912-1000\..\Run: [iCloudServices] . (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKUS\S-1-5-21-389638890-100705227-403248912-1000\..\Run: [ApplePhotoStreams] . (.Apple Inc. - Apple Photostreams Uploader Executable.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKUS\S-1-5-21-389638890-100705227-403248912-1000\..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe (.not file.)
O4 - HKUS\S-1-5-21-389638890-100705227-403248912-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Steve et Lyne\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKUS\S-1-5-21-389638890-100705227-403248912-1000\..\Run: [AdobeBridge] Clé orpheline
O4 - HKUS\S-1-5-21-389638890-100705227-403248912-1000\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKUS\S-1-5-21-389638890-100705227-403248912-1000\..\Run: [AppleIEDAV] . (.Apple Inc. - Apple IE DAV.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
O4 - HKUS\S-1-5-21-389638890-100705227-403248912-1000\..\Run: [AVG-Secure-Search-Update_1213b] C:\Users\Steve et Lyne\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe (.not file.) =>Toolbar.AVGSearch
O4 - HKUS\S-1-5-21-389638890-100705227-403248912-1000\..\Run: [RGSC] . (.Take-Two Interactive Software, Inc. - RGSCLauncher.) -- C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
O4 - HKUS\S-1-5-21-389638890-100705227-403248912-1000\..\Run: [AVG-Secure-Search-Update_0214c] C:\Users\Steve et Lyne\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe (.not file.) =>Toolbar.AVGSearch
O4 - HKUS\S-1-5-21-389638890-100705227-403248912-1000\..\Run: [GoogleChromeAutoLaunch_F772E7EE57E9C767E902E5E2894F6E69] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKUS\S-1-5-21-389638890-100705227-403248912-1000\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIUE.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-389638890-100705227-403248912-1000\..\Run: [Spotify] . (.Spotify Ltd - Spotify.) -- C:\Users\Steve et Lyne\AppData\Roaming\Spotify\Spotify.exe
O4 - HKUS\S-1-5-21-389638890-100705227-403248912-1000\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Steve et Lyne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
O4 - HKUS\S-1-5-21-389638890-100705227-403248912-1000\..\RunOnce: [Adobe Speed Launcher] 1418907480
~ Application: Scanned in 00mn 00s
---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] http.ma-config.com
O15 - Trusted Zone: [HKCU\...\Domains] http.touslesdrivers.com
~ IE Zone Confiance: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{36725189-BE18-4D37-9422-6B70A5C2B559}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\..\{36725189-BE18-4D37-9422-6B70A5C2B559}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{36725189-BE18-4D37-9422-6B70A5C2B559}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{36725189-BE18-4D37-9422-6B70A5C2B559}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{36725189-BE18-4D37-9422-6B70A5C2B559}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS2\Services\Tcpip\..\{36725189-BE18-4D37-9422-6B70A5C2B559}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: viprotocol [64Bits] - {B658800C-F66E-4EF3-AB85-6C0C227862A9} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: AstroS (AstroS) . (...) - C:\ProgramData\HP Wi-Fi Mobile Mouse Config\AstroS.exe
O23 - Service: VideoCnv (fa6789c5) . (...) - c:\Program Files (x86)\VideoCnv\Zet.dll =>Adware.VideoCnv
O23 - Service: ForceWare Intelligent Application Manager (IAM) (ForceWare Intelligent Application Manager (IAM)) . (.Pas de propriétaire - app_filter Module.) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: (Update service) . (.Company - Updater.) - C:\Program Files (x86)\Popcorn Time\Updater.exe
O23 - Service: (vToolbarUpdater18.1.9) . (.AVG Secure Search - ToolbarU Application.) - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe =>Toolbar.AVGSearch
~ Services: 22 Legitimates Filtered in 00mn 05s
---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [{1F045563-37FA-4DFC-8CA8-7C63B583E6D0}] (...) -- D:\SETUP.exe (.not file.) [0]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1066]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1070]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-389638890-100705227-403248912-1000Core [1058]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-389638890-100705227-403248912-1000UA [1110]
~ Scheduled Task: 13 Legitimates Filtered in 00mn 03s
---\\ Logiciels installés (O42)
O42 - Logiciel: ClipCnv - (.Software Publisher.) [HKLM][64Bits] -- {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{5e9aae86}
O42 - Logiciel: Ethan: Meteor Hunter - (.Seaven Studio.) [HKLM][64Bits] -- Steam App 266330
O42 - Logiciel: Information - Radio-Canada.ca - (.Radio-Canada.) [HKLM][64Bits] -- Widget.13BC082BABA5407D3C98AC73F5DE7F4088D231BF.1
O42 - Logiciel: Information - Radio-Canada.ca - (.Radio-Canada.) [HKLM][64Bits] -- {4CB17967-6E62-A2FE-A790-45074599D5CC}
O42 - Logiciel: Loadout - (.Edge of Reality.) [HKLM][64Bits] -- Steam App 208090
O42 - Logiciel: PokerStars - (.PokerStars.) [HKLM][64Bits] -- PokerStars
O42 - Logiciel: Popcorn Time - (.Popcorn Time.) [HKLM][64Bits] -- Popcorn Time_is1
O42 - Logiciel: RESCUE 2013 - (.rondomedia GmbH.) [HKCU][64Bits] -- RESCUE 2013
O42 - Logiciel: Serena - (.Senscape.) [HKLM][64Bits] -- Steam App 272060
O42 - Logiciel: Smooth Operators - Indie Gala Edition - (.Heydeck Games.) [HKCU][64Bits] -- 6b0b0d2561055daf
O42 - Logiciel: The Wolf Among Us - (...) [HKLM][64Bits] -- VGhlV29sZkFtb25nVXM=_is1
O42 - Logiciel: VideoCnv - (.Software Publisher.) [HKLM][64Bits] -- {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fa6789c5} =>Adware.VideoCnv
O42 - Logiciel: Virtual Pool 3 DL - (.Celeris.) [HKLM][64Bits] -- {7B4873B0-71FF-4BAA-8072-1DEE154C54E4}
O42 - Logiciel: beautydeals - (."".) [HKLM][64Bits] -- {AED1B7A5-67A5-84A5-B646-E3541CE0BB5F}
O42 - Logiciel: browse2buy - (."".) [HKLM][64Bits] -- {D11ED002-6B5F-0D8B-FFCE-C72742F2ABA3}
O42 - Logiciel: crazydeal - (.crazydeal.) [HKLM][64Bits] -- {37476589-E48E-439E-A706-56189E2ED4C4}_is1
O42 - Logiciel: funshopper - (."".) [HKLM][64Bits] -- {68FAFA66-8B9D-79B4-814C-A744C8AC991D}
~ Logic: 31 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Celeris]
[HKCU\Software\Ludosity]
[HKCU\Software\Necrophone Games]
[HKCU\Software\Popcorn Time]
[HKCU\Software\The Fullbright Company]
[HKCU\Software\Voxler]
[HKLM\Software\Wow6432Node\FarSight Studios]
[HKLM\Software\Wow6432Node\id]
~ Key Software: 401 Legitimates Filtered in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 2013-11-19 - 07:43:17 - [] ----D C:\Program Files (x86)\BFG
O43 - CFD: 2014-05-15 - 19:25:57 - [] ----D C:\Program Files (x86)\Celeris
O43 - CFD: 2014-02-08 - 12:59:27 - [] ----D C:\Program Files (x86)\Contrast
O43 - CFD: 2014-12-13 - 10:53:57 - [] ----D C:\Program Files (x86)\FarSight Studios
O43 - CFD: 2013-09-23 - 13:37:01 - [] ----D C:\Program Files (x86)\Hello Games
O43 - CFD: 2014-04-03 - 06:01:53 - [] ----D C:\Program Files (x86)\iPixSoft
O43 - CFD: 2013-09-15 - 10:16:54 - [] ----D C:\Program Files (x86)\PokerStars
O43 - CFD: 2014-10-17 - 02:18:44 - [] ----D C:\Program Files (x86)\Popcorn Time
O43 - CFD: 2014-04-03 - 06:35:50 - [] ----D C:\Program Files (x86)\Radio-Canada
O43 - CFD: 2013-12-26 - 12:22:11 - [] ----D C:\Program Files (x86)\Rescue2013
O43 - CFD: 2014-10-27 - 19:00:32 - [] ----D C:\Program Files (x86)\VideoCnv =>Adware.VideoCnv
O43 - CFD: 2014-12-07 - 13:31:18 - [0] ----D C:\Program Files (x86)\VoxlerGames
O43 - CFD: 2014-12-14 - 10:42:37 - [] ----D C:\ProgramData\beautydeals
O43 - CFD: 2014-12-14 - 10:42:36 - [] ----D C:\ProgramData\browse2buy
O43 - CFD: 2014-12-11 - 20:26:31 - [] ----D C:\ProgramData\crazydeal
O43 - CFD: 2014-12-11 - 20:26:19 - [] ----D C:\ProgramData\dca4acf3394b8683
O43 - CFD: 2014-11-25 - 18:33:41 - [] ----D C:\ProgramData\funshopper
O43 - CFD: 2014-11-25 - 18:33:50 - [] ----D C:\ProgramData\gifton
O43 - CFD: 2014-11-01 - 20:41:52 - [] ----D C:\ProgramData\takegif
O43 - CFD: 2013-11-19 - 07:31:29 - [] ----D C:\ProgramData\Trymedia =>Adware.Trymedia
O43 - CFD: 2014-12-13 - 10:47:57 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FarSight Studios
O43 - CFD: 2014-04-05 - 07:35:16 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
O43 - CFD: 2014-04-03 - 06:02:02 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iPixSoft
O43 - CFD: 2014-10-16 - 02:51:44 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn Time
O43 - CFD: 2014-04-03 - 06:35:51 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Radio-Canada
O43 - CFD: 2009-07-14 - 10:35:05 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2014-05-15 - 19:26:06 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Pool 3 DL
O43 - CFD: 2014-01-22 - 10:16:54 - [] ----D C:\Users\Steve et Lyne\AppData\Roaming\Allgraf
O43 - CFD: 2014-12-13 - 10:46:08 - [] ----D C:\Users\Steve et Lyne\AppData\Roaming\FarSight Studios
O43 - CFD: 2014-08-22 - 22:51:34 - [] ----D C:\Users\Steve et Lyne\AppData\Roaming\Popcorn Time
O43 - CFD: 2014-08-27 - 21:16:59 - [] ----D C:\Users\Steve et Lyne\AppData\Roaming\PopcornTime
O43 - CFD: 2014-03-08 - 18:13:21 - [] ----D C:\Users\Steve et Lyne\AppData\Roaming\Post Master
O43 - CFD: 2014-04-03 - 06:37:34 - [] ----D C:\Users\Steve et Lyne\AppData\Roaming\Widget
O43 - CFD: 2014-04-03 - 06:35:53 - [] ----D C:\Users\Steve et Lyne\AppData\Roaming\Widget.13BC082BABA5407D3C98AC73F5DE7F4088D231BF.1
O43 - CFD: 2013-09-27 - 23:43:23 - [] --H-D C:\Users\Steve et Lyne\AppData\Local\5kmFgT9pDLY
O43 - CFD: 2014-08-10 - 13:15:12 - [] ----D C:\Users\Steve et Lyne\AppData\Local\EdgeOfReality
O43 - CFD: 2013-09-27 - 23:43:23 - [] --H-D C:\Users\Steve et Lyne\AppData\Local\OVbtadGF2
O43 - CFD: 2013-09-15 - 10:17:04 - [] ----D C:\Users\Steve et Lyne\AppData\Local\PokerStars
O43 - CFD: 2014-08-22 - 22:43:00 - [] ----D C:\Users\Steve et Lyne\AppData\Local\Popcorn-Time
O43 - CFD: 2013-09-09 - 09:25:59 - [] ----D C:\Users\Steve et Lyne\AppData\Local\Screwfly_Studios
O43 - CFD: 2013-11-23 - 18:36:33 - [] ----D C:\Users\Steve et Lyne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Heydeck Games
O43 - CFD: 2013-09-15 - 10:16:44 - [] ----D C:\Users\Steve et Lyne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars
O43 - CFD: 2013-12-26 - 12:21:17 - [] ----D C:\Users\Steve et Lyne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RESCUE 2013 – Héros du quotidien
~ Program Folder: 319 Legitimates Filtered in 00mn 02s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.70B16EC67F6B1D9E88E9FD85FFC7B8ED] - 2014-12-13 - 11:34:43 ---A- . (...) -- C:\Windows\DirectX.log [469257]
~ Files: 59 Legitimates Filtered in 00mn 09s
---\\ Clé de registre Shell MountPoints2 (MPSK) (O51)
O51 - MPSK:{0d506f0d-237a-11e3-a198-00248c1def67}\AutoRun\command. (.FarSight Studios - The Pinball Arcade..) -- E:\Setup.exe
O51 - MPSK:{51356aa7-3e39-11e3-bddd-00248c1def67}\AutoRun\command. (.FarSight Studios - The Pinball Arcade..) -- E:\setup.exe
O51 - MPSK:{ae6ec823-836c-11e3-a303-00248c1def67}\AutoRun\command. (...) -- F:\drivers\setup.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:2005-03-29 - 00:30:38 ---A- . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- C:\Windows\System32\Drivers\ASACPI.sys [8192]
O58 - SDL:2009-07-13 - 20:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:2009-06-10 - 15:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:2009-07-13 - 20:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:2012-12-13 - 13:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
~ Drivers: 63 Legitimates Filtered in 00mn 03s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 2009-06-10 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
~ Legacy: 74 Legitimates Filtered in 00mn 00s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} - (Conduit Search) - http://search.conduit.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {95B7759C-8C7F-4BF1-B163-73684A933233} - (AVG Secure Search) - http://mysearch.avg.com =>Toolbar.AVGSearch
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.1036E3DDDC89A4E68D8A33F3823A180E] [SPRF][2014-12-11] (...) -- C:\Users\Steve et Lyne\AppData\Roaming\appdataFr2.bin [4]
~ Files: 1 Legitimates Filtered in 00mn 00s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{85F84BC3-0F0D-4260-ABD5-7D106EF25A30}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Steve et Lyne\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{ACB2EF15-46AB-4A20-9761-7D202A741CCA}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Steve et Lyne\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{B5DD71F2-391A-4CCF-9827-0A134C41CD0D}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Steve et Lyne\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{A093C580-A1D3-4376-90E3-2D78DE605A2C}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Steve et Lyne\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 4 Legitimates Filtered in 00mn 03s
---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASMANCS =>P2P.µTorrent
~ BTK: 88 Legitimates Filtered in 00mn 00s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 2013-08-16 476936 | (BRSptSvc) . (.BitRaider, LLC.) - C:\ProgramData\BitRaider\BRSptSvc.exe
SS - | Auto 2011-12-11 135824 | (EpsonScanSvc) . (.Seiko Epson Corporation.) - C:\Windows\system32\EscSvc64.exe
SS - | Auto 2013-08-16 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 2013-08-16 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 2013-08-14 117656 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 2013-10-23 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 2010-02-19 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
SS - | Demand 2009-07-13 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 2014-12-03 81088 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 2014-02-12 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 2010-12-01 172032 | (AstroS) . (...) - C:\ProgramData\HP Wi-Fi Mobile Mouse Config\AstroS.exe
SR - | Auto 2014-11-07 3247120 | (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
SR - | Auto 2014-11-07 289328 | (avgwd) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
SR - | Auto 2011-08-30 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 2012-02-27 151648 | (EPSON_PM_RPCV4_05) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.exe
SR - | Auto 2014-10-27 3752448 | (fa6789c5) . (...) - c:\Program Files (x86)\VideoCnv\Zet.dll =>Adware.VideoCnv
SR - | Auto 2009-04-19 625184 | (ForceWare Intelligent Application Manager (IAM)) . (...) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
SR - | Demand 2014-05-26 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 2010-04-14 1052328 | (lxeb_device) . (...) - C:\Windows\system32\lxebcoms.exe
SR - | Auto 2013-08-04 2650960 | (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe
SR - | Auto 2009-04-19 207904 | (nSvcIp) . (...) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
SR - | Auto 2013-06-21 884512 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 2013-05-16 1826592 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 2011-10-06 97560 | (ozwpansvc) . (.Ozmo Inc.) - C:\Program Files\WPAN Driver\WPAN Driver\ozwpansvc.exe
SR - | Auto 1658-07-10 0 | (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe
SR - | Demand 2014-11-18 833728 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SR - | Auto 2013-06-21 413472 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 2014-10-09 179200 | (Update service) . (.Company.) - C:\Program Files (x86)\Popcorn Time\Updater.exe
SR - | Auto 2014-08-12 1820184 | (vToolbarUpdater18.1.9) . (.AVG Secure Search.) - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe =>Toolbar.AVGSearch
SR - | Auto 1658-07-10 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 2009-07-13 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 10s
---\\ Scan Additionnel (O88)
Database Version : 13026 - (2014-12-17)
Clés trouvées (Keys found) : 34
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 7
Fichiers trouvés (Files found) : 23
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] =>Toolbar.AVGSearch^
[HKLM\SYSTEM\CurrentControlSet\Services\fa6789c5] =>Adware.VideoCnv^
[HKLM\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.1.9] =>Toolbar.AVGSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fa6789c5}] =>Adware.VideoCnv^
[HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits
[HKLM\Software\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits
[HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\S] =>Toolbar.Agent
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi] =>Toolbar.AVGSearch
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi.1] =>Toolbar.AVGSearch
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE] =>Toolbar.AVGSearch
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE.1] =>Toolbar.AVGSearch
[HKLM\Software\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}] =>Adware.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar] =>Toolbar.AVGSafeGuard
[HKCU\Software\AVG SafeGuard toolbar] =>Toolbar.AVGSafeGuard
[HKLM\Software\Wow6432Node\AVG SafeGuard toolbar] =>Toolbar.AVGSafeGuard
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494] =>Adware.IMBooster
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:AVG-Secure-Search-Update_1213b =>Toolbar.AVGSearch^
C:\Program Files (x86)\VideoCnv =>Adware.VideoCnv^
C:\ProgramData\Trymedia =>Adware.Trymedia^
C:\Program Files (x86)\AVG Security Toolbar =>Toolbar.AVGSearch
C:\Program Files (x86)\Common Files\AVG Secure Search =>Toolbar.AVGSearch
C:\ProgramData\AVG Secure Search =>Toolbar.AVGSearch
C:\ProgramData\AVG Security Toolbar =>Toolbar.AVGSearch
C:\Users\Steve et Lyne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof =>Toolbar.AVGSearch
C:\Users\Steve et Lyne\AppData\Local\Temp\wajam_download.exe =>PUP.Wajam
C:\Users\Steve et Lyne\AppData\Local\Temp\nsb7137.exe =>Toolbar.Conduit
C:\Users\Steve et Lyne\AppData\Local\Temp\nse229.tmp =>Adware.MegaSearch
C:\Users\Steve et Lyne\AppData\Local\Temp\nsfB6F4.exe =>Toolbar.Conduit
C:\Users\Steve et Lyne\AppData\Local\Temp\nsj98DF.tmp =>Adware.MegaSearch
C:\Users\Steve et Lyne\AppData\Local\Temp\nsoD552.tmp =>Adware.MegaSearch
C:\Users\Steve et Lyne\AppData\Local\Temp\nsr242E.exe =>Toolbar.Conduit
C:\Users\Steve et Lyne\AppData\Local\Temp\nsw222A.exe =>Toolbar.Conduit
C:\Users\Steve et Lyne\AppData\Local\Temp\nsw2622.exe =>Toolbar.Conduit
C:\Users\Steve et Lyne\AppData\Local\Temp\nsw6F43.exe =>Toolbar.Conduit
C:\Users\Steve et Lyne\AppData\Local\Temp\nsw733B.exe =>Toolbar.Conduit
C:\Users\Steve et Lyne\AppData\Local\Temp\uttE75B.tmp.exe =>Toolbar.Conduit
~ Additionnel Scan: 446502 Items scanned in 01mn 31s
---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Clé de registre Shell MountPoints2 (MPSK) (O51)
~ AMI: 4 Legitimates Filtered in 00mn 00s
---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit
http://www.nicolascoolman.fr/blog/ =>Adware.VideoCnv
http://nicolascoolman.fr/adware-trymedia =>Adware.Trymedia
http://nicolascoolman.fr/pup-toparcadehits =>PUP.ToparcadeHits
http://www.nicolascoolman.fr/blog/ =>Toolbar.Agent
http://www.nicolascoolman.fr/blog/ =>Adware.Agent
http://www.nicolascoolman.fr/blog/ =>Toolbar.AVGSafeGuard
http://nicolascoolman.fr/adware-imbooster =>Adware.IMBooster
http://nicolascoolman.fr/pup-wajam =>PUP.Wajam
http://nicolascoolman.fr/adware-megasearch =>Adware.MegaSearch
~ MSI: 10 link(s) detected in 00mn 00s
~ 1011 Legitimates filtered by white list
End of the scan (595 lines in 03mn 01s)(0)
~ Lancé par Steve et Lyne (2014-12-18 08:51:13)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17501
MFIE: Mozilla Firefox 23.0.1
GCIE: Google Chrome v38.0.2125.111 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
---\\ Logiciels de protection du système
AVG 2014 v14.0.4235
Windows Defender W7 (Deactivate)
---\\ Logiciels d'optimisation du système
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 12 ActiveX
Adobe Reader XI
---\\ Informations sur le système
~ Processor: AMD64 Family 16 Model 2 Stepping 3, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4094 MB (59% free)
System Restore: Activé (Enable)
System drive C: has 15 GB (3%) free of 466 GB
---\\ Mode de connexion au système
~ Computer Name: STEVEETLYNE-PC
~ User Name: Steve et Lyne
~ All Users Names: UpdatusUser, Steve et Lyne, Lyne Bou, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Steve et Lyne\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Steve et Lyne\AppData\Roaming\
~ %Desktop% : C:\Users\Steve et Lyne\Desktop\
~ %Favorites% : C:\Users\Steve et Lyne\Favorites\
~ %LocalAppData% : C:\Users\Steve et Lyne\AppData\Local\
~ %StartMenu% : C:\Users\Steve et Lyne\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 15 Go of 466 Go)
D: CD-ROM drive (Not Inserted)
E: CD-ROM drive (Free 0 Go of 3 Go)
G: Floppy drive, Flash card reader, USB Key (Free 17 Go of 60 Go)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 41 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.2011-02-25 - 01:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.2009-07-13 - 20:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.4AF089160FE082E5EA5C4AA72782DCA2] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.2014-11-21 - 20:28:21.) -- C:\Windows\System32\wininet.dll [2358272]
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.2014-07-16 - 21:07:24.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.2010-11-20 - 08:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.2014-05-30 - 01:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.2009-07-13 - 20:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.2009-07-13 - 18:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.2010-11-20 - 04:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.2010-11-20 - 04:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.2010-11-20 - 05:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.2009-07-13 - 18:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.2009-07-13 - 19:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.2011-04-26 - 21:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.2010-11-20 - 04:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.2014-01-23 - 21:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.2009-07-13 - 19:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.2010-11-20 - 05:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.2009-07-13 - 19:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) (.2014-11-10 - 20:46:26.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.2010-11-20 - 08:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/2638
~ Mes musiques (My Musics) : 1/220
~ Mes Videos (My Videos) : 2/16
~ Mes Favoris (My Favorites) : 1/25
~ Mes Documents (My Documents) : 1/305
~ Mon Bureau (My Desktop) : 2/3421
~ Menu demarrer (Programs) : 1/74
~ Hidden Files: Scanned in 00mn 11s
---\\ Processus lancés
[MD5.6B08632F7634F344372B25A507DA7C47] - (.NVIDIA Corporation - NVIDIA NvTmru Application.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1012000] [PID.3924]
[MD5.05DD0C6B983F7C2E9B4BF1B91AFC3545] - (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe [1940160] [PID.3860]
[MD5.48C3EBD6D5E52AFCB1A0FA9B7F9802FA] - (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720] [PID.3312]
[MD5.799BCC829F48F19C5689478179060435] - (.Apple Inc. - Apple Photostreams Uploader Executable.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720] [PID.3792]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Steve et Lyne\AppData\Local\Google\Update\GoogleUpdate.exe [116648] [PID.3724]
[MD5.DAB55357D9CC9A76052F4472EBD5C729] - (.Apple Inc. - Apple IE DAV.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1326408] [PID.3448]
[MD5.08DFA176E4FC0E63ACD8EC854449D2B0] - (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Steve et Lyne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344] [PID.3544]
[MD5.3BC680C382FE7CA77AD559EF82E79D50] - (.Sony Computer Entertainment Inc. - Content Manager Assistant.) -- C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe [3576440] [PID.3492]
[MD5.C038485F5A537A60A19EAC8C15D98161] - (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5188112] [PID.1292]
[MD5.AD9C4FBBD6BAE0794B71066DF63849CB] - (.Primax Electronics Ltd. - Pas de description.) -- C:\ProgramData\HP Wi-Fi Mobile Mouse Config\PelAstro.exe [65536] [PID.4212]
[MD5.76375D7763C9B56C0E96AE30F6160DFF] - (.Druide informatique inc. - AgentAntidote.) -- C:\Druide\Antidote 7\Programmes32\agentantidote.exe [600256] [PID.4248]
[MD5.A7D6721D90AB8D3EE1DB118F23FEB653] - (.Pas de propriétaire - VProtect Application.) -- C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408] [PID.4324]
[MD5.D2E3E6D94A9E1CFA1561D9C748136FD0] - (.Apple Inc. - iTunesHelper.) -- C:\iTunes\iTunesHelper.exe [152392] [PID.4332]
[MD5.47833576F0BEE0AD7B45109982B769BD] - (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe [59720] [PID.4368]
[MD5.2AF39FCC0AF8D14B6A349095033F395E] - (.Sony Computer Entertainment Inc. - Content Manager Assistant.) -- C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe [525448] [PID.2776]
[MD5.31D74F51C684B27A24BE0EE08DB998EF] - (.Valve Corporation - Steam Client WebHelper.) -- C:\Program Files (x86)\Steam\bin\steamwebhelper.exe [1519808] [PID.2980]
[MD5.6226810F26227F083929AC5584122951] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\Steve et Lyne\AppData\Roaming\Dropbox\bin\Dropbox.exe [39207112] [PID.6972]
[MD5.A0A6B2F100DD704C419DC0767EA313EB] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8141824] [PID.5136]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Steve et Lyne\AppData\Local\Google\Chrome\User Data\Default\Preferences
---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 0 Legitimates Filtered in 00mn 09s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Steve et Lyne\AppData\Roaming\Mozilla\Firefox\Profiles\rjhh5z96.default\prefs.js
M3 - MFPP: Plugins - [Steve et Lyne] -- C:\Users\Steve et Lyne\AppData\Roaming\Mozilla\Firefox\Profiles\rjhh5z96.default\searchplugins\conduit-search.xml =>Toolbar.Conduit
M0 - MFSP: prefs.js [Steve et Lyne - rjhh5z96.default] http://mysearch.avg.com
~ Firefox Browser: 8 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AVG SafeGuard toolbar [64Bits] - {95B7759C-8C7F-4BF1-B163-73684A933233} . (.AVG Secure Search - toolbar.dll.) -- C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll =>Toolbar.AVGSearch
~ BHO: 3 Legitimates Filtered in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\QuickLaunch [Steve et Lyne]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Steve et Lyne\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\Desktop [Steve et Lyne]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Steve et Lyne\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 2 Legitimates Filtered in 00mn 04s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [Nvtmru] . (.NVIDIA Corporation - NVIDIA NvTmru Application.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe
O4 - HKCU\..\Run: [iCloudServices] . (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] . (.Apple Inc. - Apple Photostreams Uploader Executable.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe (.not file.)
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Steve et Lyne\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKCU\..\Run: [AdobeBridge] Clé orpheline
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKCU\..\Run: [AppleIEDAV] . (.Apple Inc. - Apple IE DAV.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
O4 - HKCU\..\Run: [AVG-Secure-Search-Update_1213b] C:\Users\Steve et Lyne\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe (.not file.) =>Toolbar.AVGSearch
O4 - HKCU\..\Run: [RGSC] . (.Take-Two Interactive Software, Inc. - RGSCLauncher.) -- C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
O4 - HKCU\..\Run: [AVG-Secure-Search-Update_0214c] C:\Users\Steve et Lyne\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe (.not file.) =>Toolbar.AVGSearch
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_F772E7EE57E9C767E902E5E2894F6E69] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIUE.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [Spotify] . (.Spotify Ltd - Spotify.) -- C:\Users\Steve et Lyne\AppData\Roaming\Spotify\Spotify.exe
O4 - HKCU\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Steve et Lyne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
O4 - HKCU\..\RunOnce: [Adobe Speed Launcher] 1418907480
O4 - HKLM\..\Wow6432Node\Run: [AVG_UI] . (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Wow6432Node\Run: [AdobeCS5ServiceManager] . (.Adobe Systems Incorporated - Adobe CS5 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
O4 - HKLM\..\Wow6432Node\Run: [AdobeCS5.5ServiceManager] . (.Adobe Systems Incorporated - Adobe CS5.5 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe
O4 - HKLM\..\Wow6432Node\Run: [PelAstro] . (.Primax Electronics Ltd. - Pas de description.) -- C:\ProgramData\HP Wi-Fi Mobile Mouse Config\PelAstro.exe
O4 - HKLM\..\Wow6432Node\Run: [HPMonitor] . (.Hewlett-Packard - HP Mouse and Keyboard Suite Monitor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Wi-Fi Mobile Mouse\hpMonitor23.exe
O4 - HKLM\..\Wow6432Node\Run: [agentantidote.exe] . (.Druide informatique inc. - AgentAntidote.) -- C:\Druide\Antidote 7\Programmes32\agentantidote.exe
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [vProt] . (.Pas de propriétaire - VProtect Application.) -- C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [AdobeCS6ServiceManager] . (.Adobe Systems Incorporated - Adobe CS6 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-389638890-100705227-403248912-1000\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe
O4 - HKUS\S-1-5-21-389638890-100705227-403248912-1000\..\Run: [iCloudServices] . (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKUS\S-1-5-21-389638890-100705227-403248912-1000\..\Run: [ApplePhotoStreams] . (.Apple Inc. - Apple Photostreams Uploader Executable.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKUS\S-1-5-21-389638890-100705227-403248912-1000\..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe (.not file.)
O4 - HKUS\S-1-5-21-389638890-100705227-403248912-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Steve et Lyne\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKUS\S-1-5-21-389638890-100705227-403248912-1000\..\Run: [AdobeBridge] Clé orpheline
O4 - HKUS\S-1-5-21-389638890-100705227-403248912-1000\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKUS\S-1-5-21-389638890-100705227-403248912-1000\..\Run: [AppleIEDAV] . (.Apple Inc. - Apple IE DAV.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
O4 - HKUS\S-1-5-21-389638890-100705227-403248912-1000\..\Run: [AVG-Secure-Search-Update_1213b] C:\Users\Steve et Lyne\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe (.not file.) =>Toolbar.AVGSearch
O4 - HKUS\S-1-5-21-389638890-100705227-403248912-1000\..\Run: [RGSC] . (.Take-Two Interactive Software, Inc. - RGSCLauncher.) -- C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
O4 - HKUS\S-1-5-21-389638890-100705227-403248912-1000\..\Run: [AVG-Secure-Search-Update_0214c] C:\Users\Steve et Lyne\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe (.not file.) =>Toolbar.AVGSearch
O4 - HKUS\S-1-5-21-389638890-100705227-403248912-1000\..\Run: [GoogleChromeAutoLaunch_F772E7EE57E9C767E902E5E2894F6E69] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKUS\S-1-5-21-389638890-100705227-403248912-1000\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIUE.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-389638890-100705227-403248912-1000\..\Run: [Spotify] . (.Spotify Ltd - Spotify.) -- C:\Users\Steve et Lyne\AppData\Roaming\Spotify\Spotify.exe
O4 - HKUS\S-1-5-21-389638890-100705227-403248912-1000\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Steve et Lyne\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
O4 - HKUS\S-1-5-21-389638890-100705227-403248912-1000\..\RunOnce: [Adobe Speed Launcher] 1418907480
~ Application: Scanned in 00mn 00s
---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] http.ma-config.com
O15 - Trusted Zone: [HKCU\...\Domains] http.touslesdrivers.com
~ IE Zone Confiance: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{36725189-BE18-4D37-9422-6B70A5C2B559}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\..\{36725189-BE18-4D37-9422-6B70A5C2B559}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{36725189-BE18-4D37-9422-6B70A5C2B559}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{36725189-BE18-4D37-9422-6B70A5C2B559}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{36725189-BE18-4D37-9422-6B70A5C2B559}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS2\Services\Tcpip\..\{36725189-BE18-4D37-9422-6B70A5C2B559}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: viprotocol [64Bits] - {B658800C-F66E-4EF3-AB85-6C0C227862A9} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: AstroS (AstroS) . (...) - C:\ProgramData\HP Wi-Fi Mobile Mouse Config\AstroS.exe
O23 - Service: VideoCnv (fa6789c5) . (...) - c:\Program Files (x86)\VideoCnv\Zet.dll =>Adware.VideoCnv
O23 - Service: ForceWare Intelligent Application Manager (IAM) (ForceWare Intelligent Application Manager (IAM)) . (.Pas de propriétaire - app_filter Module.) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: (Update service) . (.Company - Updater.) - C:\Program Files (x86)\Popcorn Time\Updater.exe
O23 - Service: (vToolbarUpdater18.1.9) . (.AVG Secure Search - ToolbarU Application.) - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe =>Toolbar.AVGSearch
~ Services: 22 Legitimates Filtered in 00mn 05s
---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [{1F045563-37FA-4DFC-8CA8-7C63B583E6D0}] (...) -- D:\SETUP.exe (.not file.) [0]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1066]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1070]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-389638890-100705227-403248912-1000Core [1058]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-389638890-100705227-403248912-1000UA [1110]
~ Scheduled Task: 13 Legitimates Filtered in 00mn 03s
---\\ Logiciels installés (O42)
O42 - Logiciel: ClipCnv - (.Software Publisher.) [HKLM][64Bits] -- {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{5e9aae86}
O42 - Logiciel: Ethan: Meteor Hunter - (.Seaven Studio.) [HKLM][64Bits] -- Steam App 266330
O42 - Logiciel: Information - Radio-Canada.ca - (.Radio-Canada.) [HKLM][64Bits] -- Widget.13BC082BABA5407D3C98AC73F5DE7F4088D231BF.1
O42 - Logiciel: Information - Radio-Canada.ca - (.Radio-Canada.) [HKLM][64Bits] -- {4CB17967-6E62-A2FE-A790-45074599D5CC}
O42 - Logiciel: Loadout - (.Edge of Reality.) [HKLM][64Bits] -- Steam App 208090
O42 - Logiciel: PokerStars - (.PokerStars.) [HKLM][64Bits] -- PokerStars
O42 - Logiciel: Popcorn Time - (.Popcorn Time.) [HKLM][64Bits] -- Popcorn Time_is1
O42 - Logiciel: RESCUE 2013 - (.rondomedia GmbH.) [HKCU][64Bits] -- RESCUE 2013
O42 - Logiciel: Serena - (.Senscape.) [HKLM][64Bits] -- Steam App 272060
O42 - Logiciel: Smooth Operators - Indie Gala Edition - (.Heydeck Games.) [HKCU][64Bits] -- 6b0b0d2561055daf
O42 - Logiciel: The Wolf Among Us - (...) [HKLM][64Bits] -- VGhlV29sZkFtb25nVXM=_is1
O42 - Logiciel: VideoCnv - (.Software Publisher.) [HKLM][64Bits] -- {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fa6789c5} =>Adware.VideoCnv
O42 - Logiciel: Virtual Pool 3 DL - (.Celeris.) [HKLM][64Bits] -- {7B4873B0-71FF-4BAA-8072-1DEE154C54E4}
O42 - Logiciel: beautydeals - (."".) [HKLM][64Bits] -- {AED1B7A5-67A5-84A5-B646-E3541CE0BB5F}
O42 - Logiciel: browse2buy - (."".) [HKLM][64Bits] -- {D11ED002-6B5F-0D8B-FFCE-C72742F2ABA3}
O42 - Logiciel: crazydeal - (.crazydeal.) [HKLM][64Bits] -- {37476589-E48E-439E-A706-56189E2ED4C4}_is1
O42 - Logiciel: funshopper - (."".) [HKLM][64Bits] -- {68FAFA66-8B9D-79B4-814C-A744C8AC991D}
~ Logic: 31 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Celeris]
[HKCU\Software\Ludosity]
[HKCU\Software\Necrophone Games]
[HKCU\Software\Popcorn Time]
[HKCU\Software\The Fullbright Company]
[HKCU\Software\Voxler]
[HKLM\Software\Wow6432Node\FarSight Studios]
[HKLM\Software\Wow6432Node\id]
~ Key Software: 401 Legitimates Filtered in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 2013-11-19 - 07:43:17 - [] ----D C:\Program Files (x86)\BFG
O43 - CFD: 2014-05-15 - 19:25:57 - [] ----D C:\Program Files (x86)\Celeris
O43 - CFD: 2014-02-08 - 12:59:27 - [] ----D C:\Program Files (x86)\Contrast
O43 - CFD: 2014-12-13 - 10:53:57 - [] ----D C:\Program Files (x86)\FarSight Studios
O43 - CFD: 2013-09-23 - 13:37:01 - [] ----D C:\Program Files (x86)\Hello Games
O43 - CFD: 2014-04-03 - 06:01:53 - [] ----D C:\Program Files (x86)\iPixSoft
O43 - CFD: 2013-09-15 - 10:16:54 - [] ----D C:\Program Files (x86)\PokerStars
O43 - CFD: 2014-10-17 - 02:18:44 - [] ----D C:\Program Files (x86)\Popcorn Time
O43 - CFD: 2014-04-03 - 06:35:50 - [] ----D C:\Program Files (x86)\Radio-Canada
O43 - CFD: 2013-12-26 - 12:22:11 - [] ----D C:\Program Files (x86)\Rescue2013
O43 - CFD: 2014-10-27 - 19:00:32 - [] ----D C:\Program Files (x86)\VideoCnv =>Adware.VideoCnv
O43 - CFD: 2014-12-07 - 13:31:18 - [0] ----D C:\Program Files (x86)\VoxlerGames
O43 - CFD: 2014-12-14 - 10:42:37 - [] ----D C:\ProgramData\beautydeals
O43 - CFD: 2014-12-14 - 10:42:36 - [] ----D C:\ProgramData\browse2buy
O43 - CFD: 2014-12-11 - 20:26:31 - [] ----D C:\ProgramData\crazydeal
O43 - CFD: 2014-12-11 - 20:26:19 - [] ----D C:\ProgramData\dca4acf3394b8683
O43 - CFD: 2014-11-25 - 18:33:41 - [] ----D C:\ProgramData\funshopper
O43 - CFD: 2014-11-25 - 18:33:50 - [] ----D C:\ProgramData\gifton
O43 - CFD: 2014-11-01 - 20:41:52 - [] ----D C:\ProgramData\takegif
O43 - CFD: 2013-11-19 - 07:31:29 - [] ----D C:\ProgramData\Trymedia =>Adware.Trymedia
O43 - CFD: 2014-12-13 - 10:47:57 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FarSight Studios
O43 - CFD: 2014-04-05 - 07:35:16 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
O43 - CFD: 2014-04-03 - 06:02:02 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iPixSoft
O43 - CFD: 2014-10-16 - 02:51:44 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn Time
O43 - CFD: 2014-04-03 - 06:35:51 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Radio-Canada
O43 - CFD: 2009-07-14 - 10:35:05 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2014-05-15 - 19:26:06 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Pool 3 DL
O43 - CFD: 2014-01-22 - 10:16:54 - [] ----D C:\Users\Steve et Lyne\AppData\Roaming\Allgraf
O43 - CFD: 2014-12-13 - 10:46:08 - [] ----D C:\Users\Steve et Lyne\AppData\Roaming\FarSight Studios
O43 - CFD: 2014-08-22 - 22:51:34 - [] ----D C:\Users\Steve et Lyne\AppData\Roaming\Popcorn Time
O43 - CFD: 2014-08-27 - 21:16:59 - [] ----D C:\Users\Steve et Lyne\AppData\Roaming\PopcornTime
O43 - CFD: 2014-03-08 - 18:13:21 - [] ----D C:\Users\Steve et Lyne\AppData\Roaming\Post Master
O43 - CFD: 2014-04-03 - 06:37:34 - [] ----D C:\Users\Steve et Lyne\AppData\Roaming\Widget
O43 - CFD: 2014-04-03 - 06:35:53 - [] ----D C:\Users\Steve et Lyne\AppData\Roaming\Widget.13BC082BABA5407D3C98AC73F5DE7F4088D231BF.1
O43 - CFD: 2013-09-27 - 23:43:23 - [] --H-D C:\Users\Steve et Lyne\AppData\Local\5kmFgT9pDLY
O43 - CFD: 2014-08-10 - 13:15:12 - [] ----D C:\Users\Steve et Lyne\AppData\Local\EdgeOfReality
O43 - CFD: 2013-09-27 - 23:43:23 - [] --H-D C:\Users\Steve et Lyne\AppData\Local\OVbtadGF2
O43 - CFD: 2013-09-15 - 10:17:04 - [] ----D C:\Users\Steve et Lyne\AppData\Local\PokerStars
O43 - CFD: 2014-08-22 - 22:43:00 - [] ----D C:\Users\Steve et Lyne\AppData\Local\Popcorn-Time
O43 - CFD: 2013-09-09 - 09:25:59 - [] ----D C:\Users\Steve et Lyne\AppData\Local\Screwfly_Studios
O43 - CFD: 2013-11-23 - 18:36:33 - [] ----D C:\Users\Steve et Lyne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Heydeck Games
O43 - CFD: 2013-09-15 - 10:16:44 - [] ----D C:\Users\Steve et Lyne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars
O43 - CFD: 2013-12-26 - 12:21:17 - [] ----D C:\Users\Steve et Lyne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RESCUE 2013 – Héros du quotidien
~ Program Folder: 319 Legitimates Filtered in 00mn 02s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.70B16EC67F6B1D9E88E9FD85FFC7B8ED] - 2014-12-13 - 11:34:43 ---A- . (...) -- C:\Windows\DirectX.log [469257]
~ Files: 59 Legitimates Filtered in 00mn 09s
---\\ Clé de registre Shell MountPoints2 (MPSK) (O51)
O51 - MPSK:{0d506f0d-237a-11e3-a198-00248c1def67}\AutoRun\command. (.FarSight Studios - The Pinball Arcade..) -- E:\Setup.exe
O51 - MPSK:{51356aa7-3e39-11e3-bddd-00248c1def67}\AutoRun\command. (.FarSight Studios - The Pinball Arcade..) -- E:\setup.exe
O51 - MPSK:{ae6ec823-836c-11e3-a303-00248c1def67}\AutoRun\command. (...) -- F:\drivers\setup.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:2005-03-29 - 00:30:38 ---A- . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- C:\Windows\System32\Drivers\ASACPI.sys [8192]
O58 - SDL:2009-07-13 - 20:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:2009-06-10 - 15:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:2009-07-13 - 20:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:2012-12-13 - 13:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
~ Drivers: 63 Legitimates Filtered in 00mn 03s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 2009-06-10 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
~ Legacy: 74 Legitimates Filtered in 00mn 00s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html>
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} - (Conduit Search) - http://search.conduit.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {95B7759C-8C7F-4BF1-B163-73684A933233} - (AVG Secure Search) - http://mysearch.avg.com =>Toolbar.AVGSearch
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.1036E3DDDC89A4E68D8A33F3823A180E] [SPRF][2014-12-11] (...) -- C:\Users\Steve et Lyne\AppData\Roaming\appdataFr2.bin [4]
~ Files: 1 Legitimates Filtered in 00mn 00s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{85F84BC3-0F0D-4260-ABD5-7D106EF25A30}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Steve et Lyne\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{ACB2EF15-46AB-4A20-9761-7D202A741CCA}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Steve et Lyne\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{B5DD71F2-391A-4CCF-9827-0A134C41CD0D}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Steve et Lyne\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{A093C580-A1D3-4376-90E3-2D78DE605A2C}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Steve et Lyne\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 4 Legitimates Filtered in 00mn 03s
---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASMANCS =>P2P.µTorrent
~ BTK: 88 Legitimates Filtered in 00mn 00s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 2013-08-16 476936 | (BRSptSvc) . (.BitRaider, LLC.) - C:\ProgramData\BitRaider\BRSptSvc.exe
SS - | Auto 2011-12-11 135824 | (EpsonScanSvc) . (.Seiko Epson Corporation.) - C:\Windows\system32\EscSvc64.exe
SS - | Auto 2013-08-16 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 2013-08-16 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 2013-08-14 117656 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 2013-10-23 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 2010-02-19 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
SS - | Demand 2009-07-13 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 2014-12-03 81088 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 2014-02-12 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 2010-12-01 172032 | (AstroS) . (...) - C:\ProgramData\HP Wi-Fi Mobile Mouse Config\AstroS.exe
SR - | Auto 2014-11-07 3247120 | (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
SR - | Auto 2014-11-07 289328 | (avgwd) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
SR - | Auto 2011-08-30 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 2012-02-27 151648 | (EPSON_PM_RPCV4_05) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.exe
SR - | Auto 2014-10-27 3752448 | (fa6789c5) . (...) - c:\Program Files (x86)\VideoCnv\Zet.dll =>Adware.VideoCnv
SR - | Auto 2009-04-19 625184 | (ForceWare Intelligent Application Manager (IAM)) . (...) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
SR - | Demand 2014-05-26 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 2010-04-14 1052328 | (lxeb_device) . (...) - C:\Windows\system32\lxebcoms.exe
SR - | Auto 2013-08-04 2650960 | (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe
SR - | Auto 2009-04-19 207904 | (nSvcIp) . (...) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
SR - | Auto 2013-06-21 884512 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 2013-05-16 1826592 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 2011-10-06 97560 | (ozwpansvc) . (.Ozmo Inc.) - C:\Program Files\WPAN Driver\WPAN Driver\ozwpansvc.exe
SR - | Auto 1658-07-10 0 | (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe
SR - | Demand 2014-11-18 833728 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SR - | Auto 2013-06-21 413472 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 2014-10-09 179200 | (Update service) . (.Company.) - C:\Program Files (x86)\Popcorn Time\Updater.exe
SR - | Auto 2014-08-12 1820184 | (vToolbarUpdater18.1.9) . (.AVG Secure Search.) - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe =>Toolbar.AVGSearch
SR - | Auto 1658-07-10 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 2009-07-13 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 10s
---\\ Scan Additionnel (O88)
Database Version : 13026 - (2014-12-17)
Clés trouvées (Keys found) : 34
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 7
Fichiers trouvés (Files found) : 23
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] =>Toolbar.AVGSearch^
[HKLM\SYSTEM\CurrentControlSet\Services\fa6789c5] =>Adware.VideoCnv^
[HKLM\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.1.9] =>Toolbar.AVGSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fa6789c5}] =>Adware.VideoCnv^
[HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits
[HKLM\Software\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits
[HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\S] =>Toolbar.Agent
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi] =>Toolbar.AVGSearch
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi.1] =>Toolbar.AVGSearch
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE] =>Toolbar.AVGSearch
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE.1] =>Toolbar.AVGSearch
[HKLM\Software\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}] =>Adware.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar] =>Toolbar.AVGSafeGuard
[HKCU\Software\AVG SafeGuard toolbar] =>Toolbar.AVGSafeGuard
[HKLM\Software\Wow6432Node\AVG SafeGuard toolbar] =>Toolbar.AVGSafeGuard
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494] =>Adware.IMBooster
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:AVG-Secure-Search-Update_1213b =>Toolbar.AVGSearch^
C:\Program Files (x86)\VideoCnv =>Adware.VideoCnv^
C:\ProgramData\Trymedia =>Adware.Trymedia^
C:\Program Files (x86)\AVG Security Toolbar =>Toolbar.AVGSearch
C:\Program Files (x86)\Common Files\AVG Secure Search =>Toolbar.AVGSearch
C:\ProgramData\AVG Secure Search =>Toolbar.AVGSearch
C:\ProgramData\AVG Security Toolbar =>Toolbar.AVGSearch
C:\Users\Steve et Lyne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof =>Toolbar.AVGSearch
C:\Users\Steve et Lyne\AppData\Local\Temp\wajam_download.exe =>PUP.Wajam
C:\Users\Steve et Lyne\AppData\Local\Temp\nsb7137.exe =>Toolbar.Conduit
C:\Users\Steve et Lyne\AppData\Local\Temp\nse229.tmp =>Adware.MegaSearch
C:\Users\Steve et Lyne\AppData\Local\Temp\nsfB6F4.exe =>Toolbar.Conduit
C:\Users\Steve et Lyne\AppData\Local\Temp\nsj98DF.tmp =>Adware.MegaSearch
C:\Users\Steve et Lyne\AppData\Local\Temp\nsoD552.tmp =>Adware.MegaSearch
C:\Users\Steve et Lyne\AppData\Local\Temp\nsr242E.exe =>Toolbar.Conduit
C:\Users\Steve et Lyne\AppData\Local\Temp\nsw222A.exe =>Toolbar.Conduit
C:\Users\Steve et Lyne\AppData\Local\Temp\nsw2622.exe =>Toolbar.Conduit
C:\Users\Steve et Lyne\AppData\Local\Temp\nsw6F43.exe =>Toolbar.Conduit
C:\Users\Steve et Lyne\AppData\Local\Temp\nsw733B.exe =>Toolbar.Conduit
C:\Users\Steve et Lyne\AppData\Local\Temp\uttE75B.tmp.exe =>Toolbar.Conduit
~ Additionnel Scan: 446502 Items scanned in 01mn 31s
---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Clé de registre Shell MountPoints2 (MPSK) (O51)
~ AMI: 4 Legitimates Filtered in 00mn 00s
---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit
http://www.nicolascoolman.fr/blog/ =>Adware.VideoCnv
http://nicolascoolman.fr/adware-trymedia =>Adware.Trymedia
http://nicolascoolman.fr/pup-toparcadehits =>PUP.ToparcadeHits
http://www.nicolascoolman.fr/blog/ =>Toolbar.Agent
http://www.nicolascoolman.fr/blog/ =>Adware.Agent
http://www.nicolascoolman.fr/blog/ =>Toolbar.AVGSafeGuard
http://nicolascoolman.fr/adware-imbooster =>Adware.IMBooster
http://nicolascoolman.fr/pup-wajam =>PUP.Wajam
http://nicolascoolman.fr/adware-megasearch =>Adware.MegaSearch
~ MSI: 10 link(s) detected in 00mn 00s
~ 1011 Legitimates filtered by white list
End of the scan (595 lines in 03mn 01s)(0)