Nettoyage PC...
Résolu/Fermé
bapt1510
Messages postés
44
Date d'inscription
lundi 12 octobre 2009
Statut
Membre
Dernière intervention
15 mai 2014
-
Modifié par bapt1510 le 15/05/2014 à 10:07
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 15 mai 2014 à 10:36
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 15 mai 2014 à 10:36
Bonjour à tous,
Je viens de lancer une analyse de mon PC via ZHPDiag...
En, voici le résultat... Quelqu'un peut me dire s'il y a quelque chose à faire ??
Merci d'avance !
~ Rapport de ZHPDiag v2014.5.14.63 - Nicolas Coolman (14/05/2014)
~ Lancé par Claire et Baptiste (15/05/2014 09:51:36)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Blog d'analyse software : http://nicolascoolman.byethost7.com
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16576
GCIE: Google Chrome v34.0.1847.137 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
---\\ Logiciels de protection du système
AVG 2014 v14.0.3950
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7
---\\ Logiciels d'optimisation du système
CCleaner v4.13
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 14 Plugin
Adobe Reader XI
Java 7 Update 55
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4095 MB (37% free)
System Restore: Activé (Enable)
System drive C: has 217 GB (46%) free of 466 GB
---\\ Mode de connexion au système
~ Computer Name: CLAIREETBAPT
~ User Name: Claire et Baptiste
~ All Users Names: HomeGroupUser$, Claire et Baptiste, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Claire et Baptiste\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Claire et Baptiste\AppData\Roaming\
~ %Desktop% : C:\Users\Claire et Baptiste\Desktop\
~ %Favorites% : C:\Users\Claire et Baptiste\Favorites\
~ %LocalAppData% : C:\Users\Claire et Baptiste\AppData\Local\
~ %StartMenu% : C:\Users\Claire et Baptiste\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 217 Go of 466 Go)
D: CD-ROM drive (Not Inserted)
E: Hard drive, Flash drive, Thumb drive (Free 227 Go of 466 Go)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 47 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.27A9000C534AA9BADC9EE74940F50C6D] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.05/04/2013 - 07:52:14.) -- C:\Windows\System32\wininet.dll [2242048]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 12:06:41.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/3278
~ Mes musiques (My Musics) : 210/675
~ Mes Videos (My Videos) : 2/13
~ Mes Favoris (My Favorites) : 1/2
~ Mes Documents (My Documents) : 8/126156
~ Mon Bureau (My Desktop) : 1/8
~ Menu demarrer (Programs) : 1/41
~ Hidden Files: Scanned in 00mn 58s
---\\ Processus lancés
[MD5.293770C94202D1EA18EE27E0D3EB6A41] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2201032] [PID.2920]
[MD5.A40824624D8667FE31333B0CEB936169] - (.Sony - Sony PC Companion.) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [449760] [PID.3080]
[MD5.542459D16B416D054161007FC9B1246E] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032] [PID.3116]
[MD5.741D787A3A42663F2EAEB723C8C3D090] - (...) -- C:\Program Files (x86)\LG Soft India\forteManager\bin\Monitor.exe [1683456] [PID.3600]
[MD5.0F6D06A88A88007AAEE5F0EE1ECE42E4] - (...) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe [70880] [PID.4040]
[MD5.5FA7D3322DA8E6A6D92B49130E48A0D7] - (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432] [PID.4052]
[MD5.5F7EE76129F9A591F22F99F95D97AC95] - (.CANON INC. - Canon IJ Network Scanner Selector EX.) -- C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016] [PID.3252]
[MD5.3C5856F5D8F6438A3F4651B10F60BF3B] - (.Sony Corporation - Reader Application Helper.) -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [899400] [PID.3576]
[MD5.926D373B7C52DB332C872FA9470114FB] - (.Pas de propriétaire - VProtect Application.) -- C:\Program Files (x86)\AVG Secure Search\vprot.exe [2557976] [PID.1060] =>Toolbar.AVGSearch
[MD5.F505FED2BE73AD26D2941A0CBCEF2DB5] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128] [PID.3608]
[MD5.79C28DDF889C26FDD6162F796FD49BC4] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.4064]
[MD5.E1B4EE856AD8A31B64D9E2AB20542D96] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7874560] [PID.1488]
~ Processes Running: Scanned in 00mn 01s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Claire et Baptiste\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activé)
G2 - GCE: Preference [User Data\Default] [beapnbfmjmjhhfpaoajfhjbbfnnlfpnc] Météo (extension) v.0.9.0.7 (Activé)
G2 - GCE: Preference [User Data\Default] [eddehnkimbchcgmbpbpmfiomedigjjki] Despicable Me Minions Partying v.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ligadippipkigjepjkefpdagcfhgciee] Barre d'Outils Galerie MasterCard v.1 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 20 Legitimates Filtered in 00mn 25s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.msn.com/fr-fr/
~ IE Browser: 21 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 22
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation
O4 - HKLM\..\Run: [ShadowPlay] . (.NVIDIA Corporation - NVIDIA Capture Server Proxy.) -- C:\Windows\system32\nvspcap64.dll
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Run: [HDAudDeck] . (.VIA - VIA HD Audio CPL.) -- C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [Sony PC Companion] . (.Sony - Sony PC Companion.) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
O4 - HKCU\..\Run: [A0F405F4299135B2C480118D5BB0748386813722._service_run] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_51F65BF0D2CAA76DCA9BD8F9702B96C0] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKCU\..\Run: [ISUSPM Startup] . (.InstallShield Software Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
O4 - HKLM\..\Wow6432Node\Run: [AVG_UI] . (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
O4 - HKLM\..\Wow6432Node\Run: [HDAudDeck] . (.VIA - VIA HD Audio CPL.) -- C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
O4 - HKLM\..\Wow6432Node\Run: [CanonQuickMenu] . (.CANON INC. - Canon Quick Menu.) -- C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.exe
O4 - HKLM\..\Wow6432Node\Run: [IJNetworkScannerSelectorEX] . (.CANON INC. - Canon IJ Network Scanner Selector EX.) -- C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
O4 - HKLM\..\Wow6432Node\Run: [Reader Application Helper] . (.Sony Corporation - Reader Application Helper.) -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [vProt] . (.Pas de propriétaire - VProtect Application.) -- C:\Program Files (x86)\AVG Secure Search\vprot.exe =>Toolbar.AVGSearch
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2313164949-656910271-2096276315-1001\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2313164949-656910271-2096276315-1001\..\Run: [Sony PC Companion] . (.Sony - Sony PC Companion.) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
O4 - HKUS\S-1-5-21-2313164949-656910271-2096276315-1001\..\Run: [A0F405F4299135B2C480118D5BB0748386813722._service_run] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKUS\S-1-5-21-2313164949-656910271-2096276315-1001\..\Run: [GoogleChromeAutoLaunch_51F65BF0D2CAA76DCA9BD8F9702B96C0] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKUS\S-1-5-21-2313164949-656910271-2096276315-1001\..\Run: [ISUSPM Startup] . (.InstallShield Software Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{77E13ECA-E868-4308-A305-B4FEFE375B42}: DhcpNameServer = 172.20.2.39 172.20.2.10
O17 - HKLM\System\CCS\Services\Tcpip\..\{FB42F091-5691-4489-AAD2-49FC2A6090C0}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS1\Services\Tcpip\..\{77E13ECA-E868-4308-A305-B4FEFE375B42}: DhcpNameServer = 172.20.2.39 172.20.2.10
O17 - HKLM\System\CS1\Services\Tcpip\..\{FB42F091-5691-4489-AAD2-49FC2A6090C0}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS2\Services\Tcpip\..\{77E13ECA-E868-4308-A305-B4FEFE375B42}: DhcpNameServer = 172.20.2.39 172.20.2.10
O17 - HKLM\System\CS2\Services\Tcpip\..\{FB42F091-5691-4489-AAD2-49FC2A6090C0}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: viprotocol [64Bits] - {B658800C-F66E-4EF3-AB85-6C0C227862A9} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: KMService (KMService) . (...) - C:\Windows\SysWOW64\srvany.exe =>Hijacker.Office
O23 - Service: (vToolbarUpdater18.1.0) . (.AVG Secure Search - ToolbarU Application.) - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe =>Toolbar.AVGSearch
O23 - Service: WV5Communication (WV5Communication) . (.LaCrosse Technology - WV5Communcation service.) - C:\Program Files (x86)\HeavyWeatherWV5\HeavyWeatherService.exe
~ Services: 16 Legitimates Filtered in 00mn 06s
---\\ Clés Session Manager (AppCertDlls,KnownDLLs) (O36)
O36 - AppCertDlls: (x86) . (...) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll =>PUP.Datamngr
O36 - AppCertDlls: (x64) . (...) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll =>PUP.Datamngr
~ Keys: Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [4788] (...) -- C:\Users\Claire et Baptiste\AppData\Local\Temp\launchie.vbs \\B (.not file.) [0]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1088]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1092]
~ Scheduled Task: 17 Legitimates Filtered in 00mn 05s
---\\ Logiciels installés (O42)
O42 - Logiciel: CDCheck - (...) [HKLM][64Bits] -- CDCheck
O42 - Logiciel: Evaluations Diagnostiques FAR GS - (...) [HKLM][64Bits] -- EvalFarGS
~ Logic: 8 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\APDFR]
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\Editions Retz]
[HKCU\Software\Kernel for PDF Repair]
[HKCU\Software\YahooPartnerToolbar]
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKLM\Software\Wow6432Node\AedgePerformanceBCN] =>Adware.SPointer
[HKLM\Software\Wow6432Node\DicomWorks]
[HKLM\Software\Wow6432Node\Lelouette Patrick]
[HKLM\Software\Wow6432Node\OfficialVideoConverter] =>PUP.OfficialVideoConverter
~ Key Software: 306 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 15/01/2014 - 10:42:28 - [] ----D C:\Program Files (x86)\DicomWorks
O43 - CFD: 08/10/2013 - 20:55:57 - [] ----D C:\Program Files (x86)\EvalFarGS
O43 - CFD: 27/01/2012 - 11:59:23 - [] ----D C:\Program Files (x86)\Gss EziSoft
O43 - CFD: 07/09/2013 - 07:31:02 - [0] ----D C:\Program Files (x86)\Mastercard
O43 - CFD: 07/06/2012 - 11:05:57 - [] ----D C:\Program Files (x86)\OfficialVideoConverter =>PUP.OfficialVideoConverter
O43 - CFD: 08/10/2013 - 17:03:13 - [0] ----D C:\Program Files (x86)\Search Results Toolbar =>PUP.SearchResults
O43 - CFD: 09/09/2012 - 19:57:07 - [] ----D C:\ProgramData\tsipmcwyzlzlxss
O43 - CFD: 14/02/2014 - 11:14:02 - [0] -SH-D C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
O43 - CFD: 19/09/2012 - 17:41:55 - [0] -SH-D C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
O43 - CFD: 15/02/2014 - 10:09:18 - [0] -SH-D C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 16/12/2012 - 15:42:07 - [] ----D C:\Users\Claire et Baptiste\AppData\Local\PutLockerDownloader =>Spyware.PutLocker
O43 - CFD: 26/03/2013 - 19:47:49 - [] ----D C:\Users\Claire et Baptiste\AppData\Local\SpreadsheetTools
~ Program Folder: 250 Legitimates Filtered in 00mn 01s
---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - ccleaner64.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - mcdetection.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - mcsettings.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - uninst.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
~ IFEO: Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:29/03/2005 - 01:30:38 ---A- . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- C:\Windows\System32\Drivers\ASACPI.sys [8192]
O58 - SDL:26/08/2011 - 09:46:00 ---A- . (.Belcarra Technologies - Windows USBLAN Host Driver.) -- C:\Windows\System32\Drivers\btblan.sys [40320]
O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:01/03/2013 - 02:49:12 ---A- . (.Riverbed Technology, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\System32\Drivers\npf.sys [36600]
O58 - SDL:02/01/1601 - 23:00:00 ---A- . (...) -- C:\Windows\System32\Drivers\sptd.sys [503352]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:09/07/2012 - 13:42:54 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [52736]
O58 - SDL:13/07/2001 - 12:56:14 ---A- . (...) -- C:\Windows\SysWOW64\drivers\SBKUPNT.SYS [14976]
~ Drivers: 80 Legitimates Filtered in 00mn 05s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {12D9DA2F-97DA-4185-9D7E-B36BE0535060} [DefaultScope] - ((www.google.com) Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {B407D187-C0B1-4F04-9580-3958FFF3485B} - (Google) - https://www.google.com/?gws_rd=ssl
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.9149E19DB451DF6C7735942DC71451C8] [SPRF][21/12/2009] (.Pas de propriétaire - asusTek_sys_ctrl Module.) -- C:\Windows\Downloaded Program Files\asusTek_sys_ctrl.dll [139776]
~ Files: 8 Legitimates Filtered in 00mn 00s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "95FA1DD41215F1249BD2EEFBF30243A5" . (.Official Video Converter.) -- C:\Windows\Installer\{4DD1AF59-5121-421F-B92D-EEBF3F20345A}\ARPPRODUCTICON.exe =>PUP.OfficialVideoConverter
~ Update Products: 1 Legitimates Filtered in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.9FC57B0ECA1DE15EA8CEBBA46B998DD2] [WIS][07/06/2012] (.Aedge Performance BCN SL - Official Video Converter.) -- C:\Windows\Installer\c2983f.msi [4308480] =>PUP.OfficialVideoConverter
[MD5.A91D34375B4647FF0F57E8076EC72B1B] [WIS][08/08/2012] (.Babylon Ltd - BabylonObjectInstaller.) -- C:\Windows\Installer\db1563.msi [343040] =>PUP.Babylon
[MD5.B67811645C5A3B8E4E4B1A1DB1EE271C] [WIS][24/09/2012] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\db1571.msi [45056] =>Adware.Boxore
~ WIS: 3 Legitimates Filtered in 00mn 07s
---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\avg-secure-search-installer_RASAPI32 =>Toolbar.AVGSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\avg-secure-search-installer_RASMANCS =>Toolbar.AVGSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\boxore_RASAPI32 =>Adware.Boxore
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\boxore_RASMANCS =>Adware.Boxore
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock BSetup_RASAPI32 =>PUP.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock BSetup_RASMANCS =>PUP.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock Update_RASAPI32 =>PUP.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock Update_RASMANCS =>PUP.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock_RASAPI32 =>PUP.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock_RASMANCS =>PUP.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FTDownloader_RASAPI32 =>Adware.Downware
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FTDownloader_RASMANCS =>Adware.Downware
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_4E7D715D860E20E1_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_4E7D715D860E20E1_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentSetup{0_RASAPI32 =>Adware.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentSetup{0_RASMANCS =>Adware.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Installer_BubbleDock_AED_RASAPI32 =>PUP.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Installer_BubbleDock_AED_RASMANCS =>PUP.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\officialvideoconverter-setup_RASAPI32 =>PUP.OfficialVideoConverter
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\officialvideoconverter-setup_RASMANCS =>PUP.OfficialVideoConverter
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_free-video-dub_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_free-video-dub_RASMANCS =>Toolbar.Conduit
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_xvid4psp_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_xvid4psp_RASMANCS =>Toolbar.Conduit
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SweetImSetup_RASAPI32 =>PUP.SweetIM
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SweetImSetup_RASMANCS =>PUP.SweetIM
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SweetIM_RASAPI32 =>PUP.SweetIM
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SweetIM_RASMANCS =>PUP.SweetIM
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamUpdater_RASAPI32 =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamUpdater_RASMANCS =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooSetup-S-1810_RASAPI32 =>Adware.Yontoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooSetup-S-1810_RASMANCS =>Adware.Yontoo
~ BTK: 524 Legitimates Filtered in 00mn 00s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 15/05/2014 262320 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 28/02/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 28/02/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 03/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SS - | Auto 10/07/1658 0 | (KMService) . (...) - C:\Windows\system32\srvany.exe =>Hijacker.Office
SS - | Disabled 20/01/2014 2818896 | (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe
SS - | Disabled 01/03/2013 118520 | (rpcapd) . (.Riverbed Technology, Inc..) - C:\Program Files (x86)\WinPcap\rpcapd.exe
SS - | Demand 04/02/2013 155824 | (Sony PC Companion) . (.Avanquest Software.) - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
SS - | Demand 26/11/2013 73728 | (Sony SCSI Helper Service) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 06/04/2012 236544 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 12/02/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 18/04/2014 3645456 | (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
SR - | Auto 27/03/2014 291912 | (avgwd) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Demand 21/02/2014 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 02/04/2014 1615192 | (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
SR - | Auto 02/04/2014 20541216 | (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
SR - | Auto 27/03/2014 927520 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 26/03/2014 413128 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 15/04/2014 2140984 | (TuneUp.UtilitiesSvc) . (.TuneUp Software.) - C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\uxtuneup.dll (UxTuneUp) . (.TuneUp Software.) - C:\Windows\System32\svchost.exe
SR - | Auto 22/10/2012 27768 | (VIAKaraokeService) . (.VIA Technologies, Inc..) - C:\Windows\System32\viakaraokesrv.exe
SR - | Auto 09/05/2014 1801240 | (vToolbarUpdater18.1.0) . (.AVG Secure Search.) - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe =>Toolbar.AVGSearch
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 19/04/2011 1854464 | (WV5Communication) . (.LaCrosse Technology.) - C:\Program Files (x86)\HeavyWeatherWV5\HeavyWeatherService.exe
~ Services: Scanned in 00mn 08s
---\\ Liste des émulateurs de CD/DVD (MBR Hook)
O58 - SDL:02/01/1601 - 23:00:00 ---A- . (...) -- C:\Windows\System32\Drivers\sptd.sys [503352]
~ Emulateurs: Scanned in 00mn 08s
---\\ Scan Additionnel (O88)
Database Version : 13045 - (14/05/2014)
Clés trouvées (Keys found) : 70
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 8
Fichiers trouvés (Files found) : 5
[HKLM\SYSTEM\CurrentControlSet\Services\KMService] =>Hijacker.Office^
[HKLM\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.1.0] =>Toolbar.AVGSearch^
[HKLM\Software\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}] =>PUP.Funmoods
[HKLM\Software\Classes\Interface\{3f607e46-0d3c-4442-b1de-de7fa4768f5c}] =>Adware.RecordNRip
[HKLM\Software\Wow6432Node\Classes\Interface\{3f607e46-0d3c-4442-b1de-de7fa4768f5c}] =>Adware.RecordNRip
[HKLM\Software\Classes\TypeLib\{93e3d79c-0786-48ff-9329-93bc9f6dc2b3}] =>Adware.RecordNRip
[HKLM\Software\Classes\Interface\{fe0273d1-99df-4ac0-87d5-1371c6271785}] =>Adware.RecordNRip
[HKLM\Software\Wow6432Node\Classes\Interface\{fe0273d1-99df-4ac0-87d5-1371c6271785}] =>Adware.RecordNRip
[HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}] =>Adware.Yontoo
[HKLM\Software\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}] =>Adware.Agent
[HKLM\Software\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{4897bba6-48d9-468c-8efa-846275d7701b}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{4897bba6-48d9-468c-8efa-846275d7701b}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}] =>Adware.Agent
[HKLM\Software\Wow6432Node\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}] =>Adware.Agent
[HKLM\Software\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}] =>Toolbar.Ask
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}] =>Adware.Bandoo
[HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits
[HKLM\Software\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits
[HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] =>Toolbar.AVGSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Adware.Yontoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Adware.Yontoo
[HKLM\Software\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}] =>Adware.BullseyeToolbar
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi] =>Toolbar.AVGSearch
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi.1] =>Toolbar.AVGSearch
[HKLM\Software\Classes\URLSearchHook.ToolbarURLSearchHook] =>Toolbar.Agent
[HKLM\Software\Classes\urlsearchhook.toolbarurlsearchhook.1] =>Adware.Agent
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE] =>Toolbar.AVGSearch
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE.1] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\AedgePerformanceBCN] =>Adware.SPointer
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Prod.cap] =>PUP.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Classes\Installer\Features\6207E55EA2FE71A4AA7ABD89AEF31D1B] =>PUP.DealPly
[HKLM\Software\Classes\Installer\Products\6207E55EA2FE71A4AA7ABD89AEF31D1B] =>PUP.DealPly
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6207E55EA2FE71A4AA7ABD89AEF31D1B] =>PUP.DealPly
[HKLM\Software\Wow6432Node\Classes\Installer\Features\6207E55EA2FE71A4AA7ABD89AEF31D1B] =>PUP.DealPly
[HKLM\Software\Wow6432Node\Classes\Installer\Products\6207E55EA2FE71A4AA7ABD89AEF31D1B] =>PUP.DealPly
[HKCU\AppEvents\Schemes\Apps\Explorer\Navigating\Old_Current] =>PUP.MediaFinder
[HKLM\Software\Wow6432Node\OfficialVideoConverter] =>PUP.OfficialVideoConverter
[HKLM\Software\Classes\Installer\Products\95FA1DD41215F1249BD2EEFBF30243A5] =>PUP.OfficialVideoConverter
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\95FA1DD41215F1249BD2EEFBF30243A5] =>PUP.OfficialVideoConverter
[HKLM\Software\Wow6432Node\Classes\Installer\Products\95FA1DD41215F1249BD2EEFBF30243A5] =>PUP.OfficialVideoConverter
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4DD1AF59-5121-421F-B92D-EEBF3F20345A}] =>PUP.OfficialVideoConverter
[HKLM\Software\Wow6432Node\Microsoft\Tracing\boxore_RASAPI32] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Microsoft\Tracing\boxore_RASMANCS] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\ddjobbmbkpnhmiloopddfpnedcmhcdpg] =>Hijacker.Proxy
[HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASAPI32] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASMANCS] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\askpartnercobrandingtool_rasapi32] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\askpartnercobrandingtool_rasmancs] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:vProt =>Toolbar.AVGSearch^
C:\Program Files (x86)\OfficialVideoConverter =>PUP.OfficialVideoConverter^
C:\Program Files (x86)\Search Results Toolbar =>PUP.SearchResults^
C:\Users\Claire et Baptiste\AppData\Local\PutLockerDownloader =>Spyware.PutLocker^
C:\Program Files (x86)\AVG Secure Search =>Toolbar.AVGSearch
C:\Program Files (x86)\Common Files\AVG Secure Search =>Toolbar.AVGSearch
C:\ProgramData\AVG Secure Search =>Toolbar.AVGSearch
C:\Users\Claire et Baptiste\AppData\Local\AVG Secure Search =>Toolbar.AVGSearch
C:\Users\Claire et Baptiste\AppData\LocalLow\AVG Secure Search =>Toolbar.AVGSearch
C:\Program Files (x86)\AVG Secure Search\vprot.exe =>Toolbar.AVGSearch^
[HKCU\Software\Conduit] =>Toolbar.Conduit^
C:\Windows\Installer\c2983f.msi =>PUP.OfficialVideoConverter^
C:\Windows\Installer\db1563.msi =>PUP.Babylon^
C:\Windows\Installer\db1571.msi =>Adware.Boxore^
~ Additionnel Scan: 404293 Items scanned in 01mn 14s
---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.webs.com/apps/blog/show/29626487-hijacker-office =>Hijacker.Office
http://nicolascoolman.byethost7.com/pup-datamngr =>PUP.Datamngr
http://nicolascoolman.byethost7.com/toolbar-conduit =>Toolbar.Conduit
http://nicolascoolman.byethost7.com/pup-tarma =>PUP.Tarma
http://nicolascoolman.byethost7.com/adware-spointer =>Adware.SPointer
http://nicolascoolman.webs.com/apps/blog/show/29286660-pup-officialvideoconverter =>PUP.OfficialVideoConverter
http://nicolascoolman.byethost7.com/pup-searchresults =>PUP.SearchResults
http://nicolascoolman.byethost7.com/spyware-putlocker =>Spyware.PutLocker
http://nicolascoolman.byethost7.com/pup-babylon =>PUP.Babylon
http://nicolascoolman.byethost7.com/adware-boxore =>Adware.Boxore
http://nicolascoolman.byethost7.com/pup-bubbledock =>PUP.BubbleDock
http://nicolascoolman.byethost7.com/adware-downware =>Adware.Downware
http://nicolascoolman.byethost7.com/adware-imbooster =>Adware.IMBooster
http://nicolascoolman.byethost7.com/pup-sweetim =>PUP.SweetIM
http://nicolascoolman.byethost7.com/pup-wajam =>PUP.Wajam
http://nicolascoolman.byethost7.com/adware-yontoo =>Adware.Yontoo
http://nicolascoolman.byethost7.com/pup-funmoods =>PUP.Funmoods
http://nicolascoolman.webs.com/apps/blog/show/27350807-adware-recordnrip =>Adware.RecordNRip
http://nicolascoolman.byethost7.com/adware-socialskinz =>Adware.SocialSkinz
http://nicolascoolman.byethost7.com/toolbar-ask =>Toolbar.Ask
http://nicolascoolman.byethost7.com/adware-bandoo =>Adware.Bandoo
http://nicolascoolman.byethost7.com/pup-toparcadehits =>PUP.ToparcadeHits
http://nicolascoolman.webs.com/apps/blog/show/27674245-adware-bullseyetoolbar =>Adware.BullseyeToolbar
http://nicolascoolman.byethost7.com/pup-dealply =>PUP.DealPly
http://nicolascoolman.webs.com/apps/blog/show/28445531-pup-mediafinder =>PUP.MediaFinder
http://nicolascoolman.byethost7.com/hijacker-proxy =>Hijacker.Proxy
~ MSI: 26 link(s) detected in 00mn 00s
~ 888 Legitimates filtered by white list
End of the scan (596 lines in 06mn 10s)(0)
Je viens de lancer une analyse de mon PC via ZHPDiag...
En, voici le résultat... Quelqu'un peut me dire s'il y a quelque chose à faire ??
Merci d'avance !
~ Rapport de ZHPDiag v2014.5.14.63 - Nicolas Coolman (14/05/2014)
~ Lancé par Claire et Baptiste (15/05/2014 09:51:36)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Blog d'analyse software : http://nicolascoolman.byethost7.com
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16576
GCIE: Google Chrome v34.0.1847.137 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
---\\ Logiciels de protection du système
AVG 2014 v14.0.3950
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7
---\\ Logiciels d'optimisation du système
CCleaner v4.13
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 14 Plugin
Adobe Reader XI
Java 7 Update 55
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4095 MB (37% free)
System Restore: Activé (Enable)
System drive C: has 217 GB (46%) free of 466 GB
---\\ Mode de connexion au système
~ Computer Name: CLAIREETBAPT
~ User Name: Claire et Baptiste
~ All Users Names: HomeGroupUser$, Claire et Baptiste, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Claire et Baptiste\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Claire et Baptiste\AppData\Roaming\
~ %Desktop% : C:\Users\Claire et Baptiste\Desktop\
~ %Favorites% : C:\Users\Claire et Baptiste\Favorites\
~ %LocalAppData% : C:\Users\Claire et Baptiste\AppData\Local\
~ %StartMenu% : C:\Users\Claire et Baptiste\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 217 Go of 466 Go)
D: CD-ROM drive (Not Inserted)
E: Hard drive, Flash drive, Thumb drive (Free 227 Go of 466 Go)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 47 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.27A9000C534AA9BADC9EE74940F50C6D] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.05/04/2013 - 07:52:14.) -- C:\Windows\System32\wininet.dll [2242048]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 12:06:41.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/3278
~ Mes musiques (My Musics) : 210/675
~ Mes Videos (My Videos) : 2/13
~ Mes Favoris (My Favorites) : 1/2
~ Mes Documents (My Documents) : 8/126156
~ Mon Bureau (My Desktop) : 1/8
~ Menu demarrer (Programs) : 1/41
~ Hidden Files: Scanned in 00mn 58s
---\\ Processus lancés
[MD5.293770C94202D1EA18EE27E0D3EB6A41] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2201032] [PID.2920]
[MD5.A40824624D8667FE31333B0CEB936169] - (.Sony - Sony PC Companion.) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [449760] [PID.3080]
[MD5.542459D16B416D054161007FC9B1246E] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032] [PID.3116]
[MD5.741D787A3A42663F2EAEB723C8C3D090] - (...) -- C:\Program Files (x86)\LG Soft India\forteManager\bin\Monitor.exe [1683456] [PID.3600]
[MD5.0F6D06A88A88007AAEE5F0EE1ECE42E4] - (...) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe [70880] [PID.4040]
[MD5.5FA7D3322DA8E6A6D92B49130E48A0D7] - (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432] [PID.4052]
[MD5.5F7EE76129F9A591F22F99F95D97AC95] - (.CANON INC. - Canon IJ Network Scanner Selector EX.) -- C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016] [PID.3252]
[MD5.3C5856F5D8F6438A3F4651B10F60BF3B] - (.Sony Corporation - Reader Application Helper.) -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [899400] [PID.3576]
[MD5.926D373B7C52DB332C872FA9470114FB] - (.Pas de propriétaire - VProtect Application.) -- C:\Program Files (x86)\AVG Secure Search\vprot.exe [2557976] [PID.1060] =>Toolbar.AVGSearch
[MD5.F505FED2BE73AD26D2941A0CBCEF2DB5] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128] [PID.3608]
[MD5.79C28DDF889C26FDD6162F796FD49BC4] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.4064]
[MD5.E1B4EE856AD8A31B64D9E2AB20542D96] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7874560] [PID.1488]
~ Processes Running: Scanned in 00mn 01s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Claire et Baptiste\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activé)
G2 - GCE: Preference [User Data\Default] [beapnbfmjmjhhfpaoajfhjbbfnnlfpnc] Météo (extension) v.0.9.0.7 (Activé)
G2 - GCE: Preference [User Data\Default] [eddehnkimbchcgmbpbpmfiomedigjjki] Despicable Me Minions Partying v.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ligadippipkigjepjkefpdagcfhgciee] Barre d'Outils Galerie MasterCard v.1 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 20 Legitimates Filtered in 00mn 25s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.msn.com/fr-fr/
~ IE Browser: 21 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 22
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation
O4 - HKLM\..\Run: [ShadowPlay] . (.NVIDIA Corporation - NVIDIA Capture Server Proxy.) -- C:\Windows\system32\nvspcap64.dll
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Run: [HDAudDeck] . (.VIA - VIA HD Audio CPL.) -- C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [Sony PC Companion] . (.Sony - Sony PC Companion.) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
O4 - HKCU\..\Run: [A0F405F4299135B2C480118D5BB0748386813722._service_run] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_51F65BF0D2CAA76DCA9BD8F9702B96C0] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKCU\..\Run: [ISUSPM Startup] . (.InstallShield Software Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
O4 - HKLM\..\Wow6432Node\Run: [AVG_UI] . (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
O4 - HKLM\..\Wow6432Node\Run: [HDAudDeck] . (.VIA - VIA HD Audio CPL.) -- C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
O4 - HKLM\..\Wow6432Node\Run: [CanonQuickMenu] . (.CANON INC. - Canon Quick Menu.) -- C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.exe
O4 - HKLM\..\Wow6432Node\Run: [IJNetworkScannerSelectorEX] . (.CANON INC. - Canon IJ Network Scanner Selector EX.) -- C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
O4 - HKLM\..\Wow6432Node\Run: [Reader Application Helper] . (.Sony Corporation - Reader Application Helper.) -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [vProt] . (.Pas de propriétaire - VProtect Application.) -- C:\Program Files (x86)\AVG Secure Search\vprot.exe =>Toolbar.AVGSearch
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2313164949-656910271-2096276315-1001\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2313164949-656910271-2096276315-1001\..\Run: [Sony PC Companion] . (.Sony - Sony PC Companion.) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
O4 - HKUS\S-1-5-21-2313164949-656910271-2096276315-1001\..\Run: [A0F405F4299135B2C480118D5BB0748386813722._service_run] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKUS\S-1-5-21-2313164949-656910271-2096276315-1001\..\Run: [GoogleChromeAutoLaunch_51F65BF0D2CAA76DCA9BD8F9702B96C0] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKUS\S-1-5-21-2313164949-656910271-2096276315-1001\..\Run: [ISUSPM Startup] . (.InstallShield Software Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{77E13ECA-E868-4308-A305-B4FEFE375B42}: DhcpNameServer = 172.20.2.39 172.20.2.10
O17 - HKLM\System\CCS\Services\Tcpip\..\{FB42F091-5691-4489-AAD2-49FC2A6090C0}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS1\Services\Tcpip\..\{77E13ECA-E868-4308-A305-B4FEFE375B42}: DhcpNameServer = 172.20.2.39 172.20.2.10
O17 - HKLM\System\CS1\Services\Tcpip\..\{FB42F091-5691-4489-AAD2-49FC2A6090C0}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS2\Services\Tcpip\..\{77E13ECA-E868-4308-A305-B4FEFE375B42}: DhcpNameServer = 172.20.2.39 172.20.2.10
O17 - HKLM\System\CS2\Services\Tcpip\..\{FB42F091-5691-4489-AAD2-49FC2A6090C0}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: viprotocol [64Bits] - {B658800C-F66E-4EF3-AB85-6C0C227862A9} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: KMService (KMService) . (...) - C:\Windows\SysWOW64\srvany.exe =>Hijacker.Office
O23 - Service: (vToolbarUpdater18.1.0) . (.AVG Secure Search - ToolbarU Application.) - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe =>Toolbar.AVGSearch
O23 - Service: WV5Communication (WV5Communication) . (.LaCrosse Technology - WV5Communcation service.) - C:\Program Files (x86)\HeavyWeatherWV5\HeavyWeatherService.exe
~ Services: 16 Legitimates Filtered in 00mn 06s
---\\ Clés Session Manager (AppCertDlls,KnownDLLs) (O36)
O36 - AppCertDlls: (x86) . (...) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll =>PUP.Datamngr
O36 - AppCertDlls: (x64) . (...) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll =>PUP.Datamngr
~ Keys: Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [4788] (...) -- C:\Users\Claire et Baptiste\AppData\Local\Temp\launchie.vbs \\B (.not file.) [0]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1088]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1092]
~ Scheduled Task: 17 Legitimates Filtered in 00mn 05s
---\\ Logiciels installés (O42)
O42 - Logiciel: CDCheck - (...) [HKLM][64Bits] -- CDCheck
O42 - Logiciel: Evaluations Diagnostiques FAR GS - (...) [HKLM][64Bits] -- EvalFarGS
~ Logic: 8 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\APDFR]
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\Editions Retz]
[HKCU\Software\Kernel for PDF Repair]
[HKCU\Software\YahooPartnerToolbar]
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKLM\Software\Wow6432Node\AedgePerformanceBCN] =>Adware.SPointer
[HKLM\Software\Wow6432Node\DicomWorks]
[HKLM\Software\Wow6432Node\Lelouette Patrick]
[HKLM\Software\Wow6432Node\OfficialVideoConverter] =>PUP.OfficialVideoConverter
~ Key Software: 306 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 15/01/2014 - 10:42:28 - [] ----D C:\Program Files (x86)\DicomWorks
O43 - CFD: 08/10/2013 - 20:55:57 - [] ----D C:\Program Files (x86)\EvalFarGS
O43 - CFD: 27/01/2012 - 11:59:23 - [] ----D C:\Program Files (x86)\Gss EziSoft
O43 - CFD: 07/09/2013 - 07:31:02 - [0] ----D C:\Program Files (x86)\Mastercard
O43 - CFD: 07/06/2012 - 11:05:57 - [] ----D C:\Program Files (x86)\OfficialVideoConverter =>PUP.OfficialVideoConverter
O43 - CFD: 08/10/2013 - 17:03:13 - [0] ----D C:\Program Files (x86)\Search Results Toolbar =>PUP.SearchResults
O43 - CFD: 09/09/2012 - 19:57:07 - [] ----D C:\ProgramData\tsipmcwyzlzlxss
O43 - CFD: 14/02/2014 - 11:14:02 - [0] -SH-D C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
O43 - CFD: 19/09/2012 - 17:41:55 - [0] -SH-D C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
O43 - CFD: 15/02/2014 - 10:09:18 - [0] -SH-D C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 16/12/2012 - 15:42:07 - [] ----D C:\Users\Claire et Baptiste\AppData\Local\PutLockerDownloader =>Spyware.PutLocker
O43 - CFD: 26/03/2013 - 19:47:49 - [] ----D C:\Users\Claire et Baptiste\AppData\Local\SpreadsheetTools
~ Program Folder: 250 Legitimates Filtered in 00mn 01s
---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - ccleaner64.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - mcdetection.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - mcsettings.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - uninst.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
~ IFEO: Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:29/03/2005 - 01:30:38 ---A- . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- C:\Windows\System32\Drivers\ASACPI.sys [8192]
O58 - SDL:26/08/2011 - 09:46:00 ---A- . (.Belcarra Technologies - Windows USBLAN Host Driver.) -- C:\Windows\System32\Drivers\btblan.sys [40320]
O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:01/03/2013 - 02:49:12 ---A- . (.Riverbed Technology, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\System32\Drivers\npf.sys [36600]
O58 - SDL:02/01/1601 - 23:00:00 ---A- . (...) -- C:\Windows\System32\Drivers\sptd.sys [503352]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:09/07/2012 - 13:42:54 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [52736]
O58 - SDL:13/07/2001 - 12:56:14 ---A- . (...) -- C:\Windows\SysWOW64\drivers\SBKUPNT.SYS [14976]
~ Drivers: 80 Legitimates Filtered in 00mn 05s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {12D9DA2F-97DA-4185-9D7E-B36BE0535060} [DefaultScope] - ((www.google.com) Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {B407D187-C0B1-4F04-9580-3958FFF3485B} - (Google) - https://www.google.com/?gws_rd=ssl
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.9149E19DB451DF6C7735942DC71451C8] [SPRF][21/12/2009] (.Pas de propriétaire - asusTek_sys_ctrl Module.) -- C:\Windows\Downloaded Program Files\asusTek_sys_ctrl.dll [139776]
~ Files: 8 Legitimates Filtered in 00mn 00s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "95FA1DD41215F1249BD2EEFBF30243A5" . (.Official Video Converter.) -- C:\Windows\Installer\{4DD1AF59-5121-421F-B92D-EEBF3F20345A}\ARPPRODUCTICON.exe =>PUP.OfficialVideoConverter
~ Update Products: 1 Legitimates Filtered in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.9FC57B0ECA1DE15EA8CEBBA46B998DD2] [WIS][07/06/2012] (.Aedge Performance BCN SL - Official Video Converter.) -- C:\Windows\Installer\c2983f.msi [4308480] =>PUP.OfficialVideoConverter
[MD5.A91D34375B4647FF0F57E8076EC72B1B] [WIS][08/08/2012] (.Babylon Ltd - BabylonObjectInstaller.) -- C:\Windows\Installer\db1563.msi [343040] =>PUP.Babylon
[MD5.B67811645C5A3B8E4E4B1A1DB1EE271C] [WIS][24/09/2012] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\db1571.msi [45056] =>Adware.Boxore
~ WIS: 3 Legitimates Filtered in 00mn 07s
---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\avg-secure-search-installer_RASAPI32 =>Toolbar.AVGSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\avg-secure-search-installer_RASMANCS =>Toolbar.AVGSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\boxore_RASAPI32 =>Adware.Boxore
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\boxore_RASMANCS =>Adware.Boxore
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock BSetup_RASAPI32 =>PUP.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock BSetup_RASMANCS =>PUP.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock Update_RASAPI32 =>PUP.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock Update_RASMANCS =>PUP.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock_RASAPI32 =>PUP.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock_RASMANCS =>PUP.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FTDownloader_RASAPI32 =>Adware.Downware
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FTDownloader_RASMANCS =>Adware.Downware
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_4E7D715D860E20E1_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_4E7D715D860E20E1_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentSetup{0_RASAPI32 =>Adware.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentSetup{0_RASMANCS =>Adware.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Installer_BubbleDock_AED_RASAPI32 =>PUP.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Installer_BubbleDock_AED_RASMANCS =>PUP.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\officialvideoconverter-setup_RASAPI32 =>PUP.OfficialVideoConverter
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\officialvideoconverter-setup_RASMANCS =>PUP.OfficialVideoConverter
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_free-video-dub_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_free-video-dub_RASMANCS =>Toolbar.Conduit
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_xvid4psp_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_xvid4psp_RASMANCS =>Toolbar.Conduit
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SweetImSetup_RASAPI32 =>PUP.SweetIM
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SweetImSetup_RASMANCS =>PUP.SweetIM
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SweetIM_RASAPI32 =>PUP.SweetIM
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SweetIM_RASMANCS =>PUP.SweetIM
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamUpdater_RASAPI32 =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamUpdater_RASMANCS =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooSetup-S-1810_RASAPI32 =>Adware.Yontoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooSetup-S-1810_RASMANCS =>Adware.Yontoo
~ BTK: 524 Legitimates Filtered in 00mn 00s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 15/05/2014 262320 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 28/02/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 28/02/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 03/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SS - | Auto 10/07/1658 0 | (KMService) . (...) - C:\Windows\system32\srvany.exe =>Hijacker.Office
SS - | Disabled 20/01/2014 2818896 | (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe
SS - | Disabled 01/03/2013 118520 | (rpcapd) . (.Riverbed Technology, Inc..) - C:\Program Files (x86)\WinPcap\rpcapd.exe
SS - | Demand 04/02/2013 155824 | (Sony PC Companion) . (.Avanquest Software.) - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
SS - | Demand 26/11/2013 73728 | (Sony SCSI Helper Service) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 06/04/2012 236544 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 12/02/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 18/04/2014 3645456 | (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
SR - | Auto 27/03/2014 291912 | (avgwd) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Demand 21/02/2014 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 02/04/2014 1615192 | (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
SR - | Auto 02/04/2014 20541216 | (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
SR - | Auto 27/03/2014 927520 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 26/03/2014 413128 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 15/04/2014 2140984 | (TuneUp.UtilitiesSvc) . (.TuneUp Software.) - C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\uxtuneup.dll (UxTuneUp) . (.TuneUp Software.) - C:\Windows\System32\svchost.exe
SR - | Auto 22/10/2012 27768 | (VIAKaraokeService) . (.VIA Technologies, Inc..) - C:\Windows\System32\viakaraokesrv.exe
SR - | Auto 09/05/2014 1801240 | (vToolbarUpdater18.1.0) . (.AVG Secure Search.) - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe =>Toolbar.AVGSearch
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 19/04/2011 1854464 | (WV5Communication) . (.LaCrosse Technology.) - C:\Program Files (x86)\HeavyWeatherWV5\HeavyWeatherService.exe
~ Services: Scanned in 00mn 08s
---\\ Liste des émulateurs de CD/DVD (MBR Hook)
O58 - SDL:02/01/1601 - 23:00:00 ---A- . (...) -- C:\Windows\System32\Drivers\sptd.sys [503352]
~ Emulateurs: Scanned in 00mn 08s
---\\ Scan Additionnel (O88)
Database Version : 13045 - (14/05/2014)
Clés trouvées (Keys found) : 70
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 8
Fichiers trouvés (Files found) : 5
[HKLM\SYSTEM\CurrentControlSet\Services\KMService] =>Hijacker.Office^
[HKLM\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.1.0] =>Toolbar.AVGSearch^
[HKLM\Software\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}] =>PUP.Funmoods
[HKLM\Software\Classes\Interface\{3f607e46-0d3c-4442-b1de-de7fa4768f5c}] =>Adware.RecordNRip
[HKLM\Software\Wow6432Node\Classes\Interface\{3f607e46-0d3c-4442-b1de-de7fa4768f5c}] =>Adware.RecordNRip
[HKLM\Software\Classes\TypeLib\{93e3d79c-0786-48ff-9329-93bc9f6dc2b3}] =>Adware.RecordNRip
[HKLM\Software\Classes\Interface\{fe0273d1-99df-4ac0-87d5-1371c6271785}] =>Adware.RecordNRip
[HKLM\Software\Wow6432Node\Classes\Interface\{fe0273d1-99df-4ac0-87d5-1371c6271785}] =>Adware.RecordNRip
[HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}] =>Adware.Yontoo
[HKLM\Software\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}] =>Adware.Agent
[HKLM\Software\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{4897bba6-48d9-468c-8efa-846275d7701b}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{4897bba6-48d9-468c-8efa-846275d7701b}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}] =>Adware.Agent
[HKLM\Software\Wow6432Node\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}] =>Adware.Agent
[HKLM\Software\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}] =>Toolbar.Ask
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}] =>Adware.Bandoo
[HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits
[HKLM\Software\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits
[HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] =>Toolbar.AVGSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Adware.Yontoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Adware.Yontoo
[HKLM\Software\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}] =>Adware.BullseyeToolbar
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi] =>Toolbar.AVGSearch
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi.1] =>Toolbar.AVGSearch
[HKLM\Software\Classes\URLSearchHook.ToolbarURLSearchHook] =>Toolbar.Agent
[HKLM\Software\Classes\urlsearchhook.toolbarurlsearchhook.1] =>Adware.Agent
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE] =>Toolbar.AVGSearch
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE.1] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\AedgePerformanceBCN] =>Adware.SPointer
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Prod.cap] =>PUP.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Classes\Installer\Features\6207E55EA2FE71A4AA7ABD89AEF31D1B] =>PUP.DealPly
[HKLM\Software\Classes\Installer\Products\6207E55EA2FE71A4AA7ABD89AEF31D1B] =>PUP.DealPly
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6207E55EA2FE71A4AA7ABD89AEF31D1B] =>PUP.DealPly
[HKLM\Software\Wow6432Node\Classes\Installer\Features\6207E55EA2FE71A4AA7ABD89AEF31D1B] =>PUP.DealPly
[HKLM\Software\Wow6432Node\Classes\Installer\Products\6207E55EA2FE71A4AA7ABD89AEF31D1B] =>PUP.DealPly
[HKCU\AppEvents\Schemes\Apps\Explorer\Navigating\Old_Current] =>PUP.MediaFinder
[HKLM\Software\Wow6432Node\OfficialVideoConverter] =>PUP.OfficialVideoConverter
[HKLM\Software\Classes\Installer\Products\95FA1DD41215F1249BD2EEFBF30243A5] =>PUP.OfficialVideoConverter
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\95FA1DD41215F1249BD2EEFBF30243A5] =>PUP.OfficialVideoConverter
[HKLM\Software\Wow6432Node\Classes\Installer\Products\95FA1DD41215F1249BD2EEFBF30243A5] =>PUP.OfficialVideoConverter
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4DD1AF59-5121-421F-B92D-EEBF3F20345A}] =>PUP.OfficialVideoConverter
[HKLM\Software\Wow6432Node\Microsoft\Tracing\boxore_RASAPI32] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Microsoft\Tracing\boxore_RASMANCS] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\ddjobbmbkpnhmiloopddfpnedcmhcdpg] =>Hijacker.Proxy
[HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASAPI32] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASMANCS] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\askpartnercobrandingtool_rasapi32] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\askpartnercobrandingtool_rasmancs] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:vProt =>Toolbar.AVGSearch^
C:\Program Files (x86)\OfficialVideoConverter =>PUP.OfficialVideoConverter^
C:\Program Files (x86)\Search Results Toolbar =>PUP.SearchResults^
C:\Users\Claire et Baptiste\AppData\Local\PutLockerDownloader =>Spyware.PutLocker^
C:\Program Files (x86)\AVG Secure Search =>Toolbar.AVGSearch
C:\Program Files (x86)\Common Files\AVG Secure Search =>Toolbar.AVGSearch
C:\ProgramData\AVG Secure Search =>Toolbar.AVGSearch
C:\Users\Claire et Baptiste\AppData\Local\AVG Secure Search =>Toolbar.AVGSearch
C:\Users\Claire et Baptiste\AppData\LocalLow\AVG Secure Search =>Toolbar.AVGSearch
C:\Program Files (x86)\AVG Secure Search\vprot.exe =>Toolbar.AVGSearch^
[HKCU\Software\Conduit] =>Toolbar.Conduit^
C:\Windows\Installer\c2983f.msi =>PUP.OfficialVideoConverter^
C:\Windows\Installer\db1563.msi =>PUP.Babylon^
C:\Windows\Installer\db1571.msi =>Adware.Boxore^
~ Additionnel Scan: 404293 Items scanned in 01mn 14s
---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.webs.com/apps/blog/show/29626487-hijacker-office =>Hijacker.Office
http://nicolascoolman.byethost7.com/pup-datamngr =>PUP.Datamngr
http://nicolascoolman.byethost7.com/toolbar-conduit =>Toolbar.Conduit
http://nicolascoolman.byethost7.com/pup-tarma =>PUP.Tarma
http://nicolascoolman.byethost7.com/adware-spointer =>Adware.SPointer
http://nicolascoolman.webs.com/apps/blog/show/29286660-pup-officialvideoconverter =>PUP.OfficialVideoConverter
http://nicolascoolman.byethost7.com/pup-searchresults =>PUP.SearchResults
http://nicolascoolman.byethost7.com/spyware-putlocker =>Spyware.PutLocker
http://nicolascoolman.byethost7.com/pup-babylon =>PUP.Babylon
http://nicolascoolman.byethost7.com/adware-boxore =>Adware.Boxore
http://nicolascoolman.byethost7.com/pup-bubbledock =>PUP.BubbleDock
http://nicolascoolman.byethost7.com/adware-downware =>Adware.Downware
http://nicolascoolman.byethost7.com/adware-imbooster =>Adware.IMBooster
http://nicolascoolman.byethost7.com/pup-sweetim =>PUP.SweetIM
http://nicolascoolman.byethost7.com/pup-wajam =>PUP.Wajam
http://nicolascoolman.byethost7.com/adware-yontoo =>Adware.Yontoo
http://nicolascoolman.byethost7.com/pup-funmoods =>PUP.Funmoods
http://nicolascoolman.webs.com/apps/blog/show/27350807-adware-recordnrip =>Adware.RecordNRip
http://nicolascoolman.byethost7.com/adware-socialskinz =>Adware.SocialSkinz
http://nicolascoolman.byethost7.com/toolbar-ask =>Toolbar.Ask
http://nicolascoolman.byethost7.com/adware-bandoo =>Adware.Bandoo
http://nicolascoolman.byethost7.com/pup-toparcadehits =>PUP.ToparcadeHits
http://nicolascoolman.webs.com/apps/blog/show/27674245-adware-bullseyetoolbar =>Adware.BullseyeToolbar
http://nicolascoolman.byethost7.com/pup-dealply =>PUP.DealPly
http://nicolascoolman.webs.com/apps/blog/show/28445531-pup-mediafinder =>PUP.MediaFinder
http://nicolascoolman.byethost7.com/hijacker-proxy =>Hijacker.Proxy
~ MSI: 26 link(s) detected in 00mn 00s
~ 888 Legitimates filtered by white list
End of the scan (596 lines in 06mn 10s)(0)
A voir également:
- Nettoyage PC...
- Nettoyage pc lent - Guide
- Nettoyage pc gratuit - Guide
- Nettoyage mac - Guide
- Test performance pc - Guide
- Reinitialiser pc - Guide
4 réponses
Pantera66
Messages postés
20
Date d'inscription
jeudi 15 mai 2014
Statut
Membre
Dernière intervention
12 janvier 2015
15 mai 2014 à 10:07
15 mai 2014 à 10:07
Bonjour, c'est quoi ton problème ?
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 651
15 mai 2014 à 10:09
15 mai 2014 à 10:09
Salut,
Les éléments détectés sont des clefs dans le registre, une partie provienne d'AVG....
Pas vraiment infecté.
Les éléments détectés sont des clefs dans le registre, une partie provienne d'AVG....
Pas vraiment infecté.
bapt1510
Messages postés
44
Date d'inscription
lundi 12 octobre 2009
Statut
Membre
Dernière intervention
15 mai 2014
6
15 mai 2014 à 10:14
15 mai 2014 à 10:14
Ok... Tant mieux alors !!
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 651
15 mai 2014 à 10:36
15 mai 2014 à 10:36
:)