Problème virus
Fermé
Redbubulle
Messages postés
13
Date d'inscription
mercredi 2 avril 2014
Statut
Membre
Dernière intervention
11 avril 2014
-
2 avril 2014 à 02:55
Redbubulle Messages postés 13 Date d'inscription mercredi 2 avril 2014 Statut Membre Dernière intervention 11 avril 2014 - 11 avril 2014 à 09:18
Redbubulle Messages postés 13 Date d'inscription mercredi 2 avril 2014 Statut Membre Dernière intervention 11 avril 2014 - 11 avril 2014 à 09:18
A voir également:
- Problème virus
- Svchost.exe virus - Guide
- Faux message virus iphone - Forum iPhone
- Operagxsetup virus ✓ - Forum Virus
- Produkey virus ✓ - Forum Windows 10
- Vérificateur de lien virus - Guide
19 réponses
AlexElectrics
Messages postés
10
Date d'inscription
mercredi 2 avril 2014
Statut
Membre
Dernière intervention
3 avril 2014
2
2 avril 2014 à 12:13
2 avril 2014 à 12:13
Bonjour
Pour commencer je te conseille ce logiciel : https://fr.malwarebytes.com/
télécharge la version gratuite puis installe le , fait ensuite un scan rapide puis ensuite supprime les menaces qu'il a trouvé (si il y en a).
merci de dire si ton problème a disparu après la suppression des éventuel menace.
@+
Pour commencer je te conseille ce logiciel : https://fr.malwarebytes.com/
télécharge la version gratuite puis installe le , fait ensuite un scan rapide puis ensuite supprime les menaces qu'il a trouvé (si il y en a).
merci de dire si ton problème a disparu après la suppression des éventuel menace.
@+
Redbubulle
Messages postés
13
Date d'inscription
mercredi 2 avril 2014
Statut
Membre
Dernière intervention
11 avril 2014
2 avril 2014 à 02:57
2 avril 2014 à 02:57
J'ai oublié de préciser que j'ai même essayé durant une periode de défragmenter mon disque dur mais mon pc freeze avant même d'avoir terminer
lilidurhone
Messages postés
43343
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
18 septembre 2023
3 804
2 avril 2014 à 12:18
2 avril 2014 à 12:18
Hello
Tu pourrais poster le rapport zhpdiag
Regarde aussi côté dépoussiérage car un pc peut planter à cause de ça ;)
+1 pour Alex mais on attend le rapport zhpdiag
Tu pourrais poster le rapport zhpdiag
Regarde aussi côté dépoussiérage car un pc peut planter à cause de ça ;)
+1 pour Alex mais on attend le rapport zhpdiag
Redbubulle
Messages postés
13
Date d'inscription
mercredi 2 avril 2014
Statut
Membre
Dernière intervention
11 avril 2014
2 avril 2014 à 13:12
2 avril 2014 à 13:12
Salut lilidurhone, je t'envoie le rapport ( je le poste sur le forum ) des que je rentre de cours soit aux alentours de 16h 17h :/ Je n'avais pas vu vos réponses avant malheureusement, mais en tout cas je vous remercie a toi et alex de votre attention
Redbubulle
Messages postés
13
Date d'inscription
mercredi 2 avril 2014
Statut
Membre
Dernière intervention
11 avril 2014
2 avril 2014 à 18:06
2 avril 2014 à 18:06
Comme dit voici le rapport de zhp diag
~ Rapport de ZHPDiag v2014.3.30.36 - Nicolas Coolman (30/03/2014)
~ Lancé par DANIEL (02/04/2014 18:00:34)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16521
MFIE: Mozilla Firefox 13.0.1
GCIE: Google Chrome v33.0.1750.154 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 9YQTR
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
avast! Free Antivirus v8.0.1489.0
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7
---\\ Logiciels d'optimisation du système
CCleaner v3.26 =>.Piriform Ltd
---\\ Logiciels de partage PeerToPeer
Pando Media Booster v2.6.0.8
---\\ Surveillance de Logiciels
Adobe Flash Player 10 Plugin
Adobe Reader 9.3 MUI
Java 7 Update 21
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4095 MB (54% free)
System Restore: Activé (Enable)
System drive C: has 23 GB (19%) free of 116 GB
---\\ Mode de connexion au système
~ Computer Name: DANIEL-PC
~ User Name: DANIEL
~ All Users Names: HomeGroupUser$, DANIEL, ASPNET, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\DANIEL\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\DANIEL\AppData\Roaming\
~ %Desktop% : C:\Users\DANIEL\Desktop\
~ %Favorites% : C:\Users\DANIEL\Favorites\
~ %LocalAppData% : C:\Users\DANIEL\AppData\Local\
~ %StartMenu% : C:\Users\DANIEL\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 23 Go of 116 Go)
D: Hard drive, Flash drive, Thumb drive (Free 313 Go of 335 Go)
E: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 46 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.DF79CE9B950C62677D232154E93A81C7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.01/03/2014 - 04:10:28.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 01s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/13
~ Mes Favoris (My Favorites) : 1/50
~ Mes Documents (My Documents) : 1/70
~ Mon Bureau (My Desktop) : 3/1030
~ Menu demarrer (Programs) : 1/61
~ Hidden Files: Scanned in 00mn 03s
---\\ Processus lancés
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.3116]
[MD5.DFB13D3470844B6770FFB87DFC9FD340] - (.Orange - MailNotifier.) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe [884744] [PID.3328]
[MD5.042DF65D6B851406DDF0B2F95B986FC2] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336] [PID.3520]
[MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] - (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016] [PID.4224]
[MD5.29B129E019D5935C55541629677C2A69] - (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [159744] [PID.4268]
[MD5.EBA7FEB924D04E718870B6E1E07D2465] - (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [8493624] [PID.4428]
[MD5.73BB442A717B9BB0097C243374C14A3E] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672] [PID.4444]
[MD5.8B350218236268F883F76A69216B322F] - (...) -- C:\Program Files (x86)\Spyome\maagtspe.exe [2654292] [PID.4532]
[MD5.8B350218236268F883F76A69216B322F] - (...) -- C:\Program Files (x86)\Spyome\maspyome.exe [2654292] [PID.4588]
[MD5.3F11B20D12D89365D7721BDC860CE5F0] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968] [PID.4632]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816] [PID.4668]
[MD5.6105AFCB022541D34206741185D2EC72] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2387968] [PID.2252]
[MD5.3ECCDD3FE310DD8F82D085447089ADB0] - (.ASUSTek Computer Inc. - ADSMTray.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [272952] [PID.5068]
[MD5.07E56F90546052D0574355E16AB48A6F] - (.ASUS - AsScrPro.) -- C:\Windows\AsScrPro.exe [3058304] [PID.4680]
[MD5.74EF10CD035DE51171C98E60E53AE221] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [104936] [PID.4804]
[MD5.A2CB714DCF8F0E134F2429AF673C7C08] - (.Oracle Corporation - Java(TM) Update Checker.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe [506744] [PID.4840]
[MD5.70F81D6EEFCA1E1943828306F57EA55C] - (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\DANIEL\AppData\Local\Akamai\netsession_win.exe [4672920] [PID.5372]
[MD5.3A924B200D86590D2C83214CEBFA9742] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859976] [PID.4844]
[MD5.4414FD10083ABCAEE2F66982BE0B4F3C] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8179712] [PID.3032]
[MD5.18E5C2F937F9DEB8C282DF66A3761925] - (.ASUS - ASLDR Service.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [84536] [PID.1304]
[MD5.7C157574A181B19B9DCF5F339E25337E] - (.Pas de propriétaire - GFNEXSrv.) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208] [PID.1436]
[MD5.28D6701C710AD7BA3CB95E75F8F1A9AA] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808] [PID.1468]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.1936]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.1984]
[MD5.A434FB7C05F244E8E46C23F8075082ED] - (.ASUS - HControl.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe [178744] [PID.1164]
[MD5.D62088F1C4E7B3477AD2A5F8F5C6DEF3] - (.Pas de propriétaire - Atouch64.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe [301624] [PID.3036]
[MD5.149126216A694E6BA84E92ECA77AAE3B] - (.ASUS - ATKOSD.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe [2488888] [PID.2120]
[MD5.AA11E1368EEB237DD100BAC6AFFE1C57] - (.ASUS - KBFiltr.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe [113208] [PID.2756]
[MD5.4A7C441D99D86704D194E7678873B95D] - (.ASUS - WDC.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe [174648] [PID.1396]
[MD5.C0BF554D2277F7A4C735D475ADE2E3B2] - (.ASUSTek Computer Inc. - ADSMSrv.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280] [PID.5016]
[MD5.9188D073CD14F886790D6037D1986063] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.4684]
[MD5.7CCAEBCAB6FC1ED0206C07E083E79207] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152] [PID.4792]
~ Processes Running: Scanned in 00mn 03s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://search.conduit.com
G2 - GCE: Preference [User Data\Default] [booedmolknjekdopkepjjeckmjkdpfgl] Extutil v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.5.2 (Désactivé) =>Toolbar.DeltaSearch
G2 - GCE: Preference [User Data\Default] [flpcjncodpafbgdpnkljologafpionhb] Managera v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [jcdgjdiieiljkfkdcloehkohchhpekkn] SweetIM for Facebook v.1.2.0.0 (Désactivé) =>PUP.SweetIM
G2 - GCE: Preference [User Data\Default] [licjnkifamhpbaefhdpacpmihicfbomb] PricePeep v.2.2.0.10 (Activé) =>Adware.PricePeep
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ombmmloebnfnpehgjnmkcgoegfachobp] Widget context v.3.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pflphaooapbgpeakohlggbpidpppgdff] MySearchDial Nouvel onglet v.9.4.4 (Désactivé) =>Adware.MyWebSearch
---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 18 Legitimates Filtered in 00mn 18s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\DANIEL\AppData\Roaming\Mozilla\Firefox\Profiles\v97ertad.default\prefs.js
P2 - FPN:Firefox Plugin Navigator . (.BitComet - BitCometAgent v1.30 for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npBitCometAgent.dll =>P2P.BitComet
~ Firefox Browser: 14 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R3 - URLSearchHook: (no name) [64Bits] - {AEEC3B59-CA98-4EBA-A140-57B94E283583} . (.Pando Networks - Pando Web Plugin.) (No version) -- (.not file.)
~ IE Browser: 20 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! WebRep - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D3028143-6145-4318-99D3-3EDCE54A95A9} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: .lnk . (...) -- C:\Program Files\QuickMediaConverter\Audio Codec.txt
O4 - GS\Desktop [Public]: AI Recovery Burner.lnk . (...) -- C:\Windows\Installer\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}\_CA687698538FE21FF77D3A.exe
O4 - GS\Desktop [Public]: ASUS MultiFrame.lnk . (.ASUSTek Computer Inc. - ASUS MultiFrame.) -- C:\Program Files (x86)\ASUS\Asus MultiFrame\MultiFrame.exe
O4 - GS\Desktop [Public]: Asus WebStorage.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\Desktop [Public]: ControlDeck.lnk . (...) -- C:\Windows\Installer\{5B65EF64-1DFA-414A-8C94-7BB726158E21}\_6924E4672453D00BFBA198.exe
O4 - GS\Desktop [Public]: DJUCED.lnk . (.Guillemot Corporation - DJUCED.) -- C:\Program Files (x86)\DJUCED\DJUCED.exe
O4 - GS\Desktop [Public]: eManual.Lnk . (.ASUSTek Computer Inc. - EManual Application.) -- C:\eSupport\Manual\eManual.exe
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: LifeFrame.lnk . (.ASUS - LifeFrame3.) -- C:\Program Files (x86)\ASUS\ASUS LifeFrame3\LifeFrame.exe
O4 - GS\Desktop [Public]: OpenOffice 4.0.1.lnk . (.Apache Software Foundation - OpenOffice 4.0.1.) -- C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
O4 - GS\Desktop [Public]: Quick Media Converter.lnk . (.Cocoon Software - Quick Media Converter Next Generation HD.) -- C:\Program Files\QuickMediaConverter\QuickMediaConverter.exe
O4 - GS\Desktop [Public]: SmartLogon Manager.lnk . (.ASUS - SmartLogon Application.) -- C:\Program Files (x86)\ASUS\SmartLogon\logonmgr.exe
O4 - GS\Desktop [Public]: Splendid Utility.Lnk . (...) -- C:\Program Files (x86)\ASUS\Splendid\Backbone.exe
O4 - GS\Desktop [Public]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) -- C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
O4 - GS\Desktop [Public]: Trend Micro Internet Security.lnk . (...) -- C:\Program Files (x86)\Trend Micro\Internet Security\UfNavi.exe (.not file.)
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (...) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (.not file.)
O4 - GS\QuickLaunch [DANIEL]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [DANIEL]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [DANIEL]: Quick Media Converter.lnk . (.Cocoon Software - Quick Media Converter Next Generation HD.) -- C:\Program Files\QuickMediaConverter\QuickMediaConverter.exe
O4 - GS\TaskBar [DANIEL]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Program [DANIEL]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [DANIEL]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [DANIEL]: Audio Performer.lnk . (.PerformerSoft LLC - Audio Performer.) -- C:\Program Files (x86)\AudioPerformer\AudioPerformer.exe
O4 - GS\Desktop [DANIEL]: PC Speed Maximizer.lnk . (...) -- C:\Program Files (x86)\PC Speed Maximizer\PCSpeedMaximizer.exe (.not file.) =>Rogue.PCSpeedMaximizer
O4 - GS\Desktop [DANIEL]: SyllabiK.lnk . (.mIRC Co. Ltd. - mIRC.) -- C:\Program Files (x86)\SyllabiK\mirc.exe
O4 - GS\Desktop [DANIEL]: Video Performer.lnk . (...) -- C:\Program Files (x86)\VideoPerformer\VideoPerformer.exe (.not file.) =>PUP.VideoPerformer
~ Global Startup: 83 Legitimates Filtered in 00mn 05s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: FancyStart daemon.lnk . (...) -- C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe
O4 - GS\Startup [Public]: SRS Premium Sound.lnk . (.Acresso Software Inc. - InstallShield.) -- C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
O4 - HKLM\..\Run: [UfSeAgnt.exe] . (.Trend Micro Inc. - Trend Micro Server Agent.) -- C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
O4 - HKLM\..\Run: [EeeStorageBackup] . (.ECAREME - BackupService.) -- C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll =>.NVIDIA Corporation
O4 - HKLM\..\Run: [AmIcoSinglun64] . (.AlcorMicro Co., Ltd. - Single LUN Icon Utility for VID 058F PID 63.) -- C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
O4 - HKLM\..\Run: [ETDWare] . (.ELAN Microelectronic Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [Pando Media Booster] . (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\DANIEL\AppData\Local\Akamai\netsession_win.exe
O4 - HKCU\..\Run: [Orange Installer] . (...) -- C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe
O4 - HKCU\..\Run: [OrangeInside] . (.Orange - Executable Orange Inside.) -- C:\Users\DANIEL\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [MailNotifier] . (.Orange - MailNotifier.) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
O4 - HKCU\..\Run: [SURVIVAL] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O4 - HKLM\..\Wow6432Node\Run: [MDS_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdatePDRShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Cyberlink\PowerDirector\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl9] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe
O4 - HKLM\..\Wow6432Node\Run: [PDVD9LanguageShortcut] . (.CyberLink Corp. - PowerDVD Language Application.) -- C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdatePSTShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateLBPShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateP2GoShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [HControlUser] . (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKMEDIA] . (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKOSD2] . (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [MASpyome] . (...) -- C:\Program Files (x86)\Spyome\maagtspe.exe
O4 - HKLM\..\Wow6432Node\Run: [MASpyomeWebServ] . (...) -- C:\Program Files (x86)\Spyome\maspyome.exe
O4 - HKLM\..\Wow6432Node\Run: [Hercules DJ Series] . (.Hercules® - DJ Series Control Panel.) -- C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [Pando Media Booster] . (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\DANIEL\AppData\Local\Akamai\netsession_win.exe
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [Orange Installer] . (...) -- C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [OrangeInside] . (.Orange - Executable Orange Inside.) -- C:\Users\DANIEL\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [MailNotifier] . (.Orange - MailNotifier.) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [SURVIVAL] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
~ Application: Scanned in 00mn 01s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{DED66B84-3656-4445-A8F7-BCD6CAEBA843}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{DED66B84-3656-4445-A8F7-BCD6CAEBA843}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{DED66B84-3656-4445-A8F7-BCD6CAEBA843}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: Akamai NetSession Interface Service - (...) [HKLM][64Bits] -- Akamai
O42 - Logiciel: CacaoWeb Packages - (...) [HKCU][64Bits] -- CacaoWeb Packages =>PUP.CacaoWeb
O42 - Logiciel: DJUCED - (.Guillemot.) [HKLM][64Bits] -- {1BE0813F-4110-4B1C-B96D-EB7278199DDC}
O42 - Logiciel: Spyome 1.01 - (.Morillon Alain.) [HKLM][64Bits] -- Spyome_is1
~ Logic: 33 Legitimates Filtered in 00mn 02s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\BitComet] =>P2P.BitComet
[HKCU\Software\Pando Networks]
[HKLM\Software\Wow6432Node\Pando Networks]
[HKLM\Software\Wow6432Node\Spyome]
~ Key Software: 345 Legitimates Filtered in 00mn 02s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 28/12/2012 - 23:54:58 - [34,846] ----D C:\Program Files (x86)\DJUCED
O43 - CFD: 18/01/2013 - 01:28:33 - [0,004] ----D C:\Program Files (x86)\FK_Monitor
O43 - CFD: 19/01/2014 - 19:04:05 - [0,131] ----D C:\Program Files (x86)\LyricSearch =>Adware.AddLyrics
O43 - CFD: 07/11/2010 - 12:37:00 - [7,234] ----D C:\Program Files (x86)\Pando Networks
O43 - CFD: 01/09/2012 - 10:55:51 - [0,938] ----D C:\Program Files (x86)\Slayers Online
O43 - CFD: 13/05/2011 - 13:50:57 - [5,809] ----D C:\Program Files (x86)\Spyome
O43 - CFD: 31/12/2011 - 23:12:08 - [9,308] ----D C:\Program Files (x86)\SyllabiK
O43 - CFD: 30/01/2011 - 02:02:51 - [4,509] --H-D C:\ProgramData\{16996CC6-7043-45AD-9C8D-A784409115E4}
O43 - CFD: 31/10/2013 - 20:55:18 - [1,063] ----D C:\Users\DANIEL\AppData\Roaming\0T1N1C1T1Q2Y1L2Z
O43 - CFD: 10/01/2013 - 18:06:56 - [0,534] ----D C:\Users\DANIEL\AppData\Roaming\BitComet =>P2P.BitComet
O43 - CFD: 16/06/2012 - 23:23:24 - [0] ----D C:\Users\DANIEL\AppData\Roaming\FK_Monitor
O43 - CFD: 31/12/2011 - 23:12:09 - [0] ----D C:\Users\DANIEL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SyllabiK
~ Program Folder: 199 Legitimates Filtered in 00mn 51s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.06921EF52FF92F76888768B841D78D95] - 01/04/2014 - 02:21:22 ---A- . (...) -- C:\Windows\System32\ServiceFilter.ini [1901]
O44 - LFC:[MD5.DDC0B6672AB7862A3C2D7AA2ADB6B645] - 01/04/2014 - 23:57:22 ---A- . (.Pas de propriétaire - Setup/Uninstall.) -- C:\Windows\unins000.exe [715038]
O44 - LFC:[MD5.EE6407670B4CA47CCC9AF5ED41A19150] - 01/04/2014 - 23:57:31 ---A- . (.Pas de propriétaire - Lagarith.) -- C:\Windows\System32\lagarith.dll [148992]
O44 - LFC:[MD5.21909EFB1C47E3FC5AA37A783F4DB099] - 01/04/2014 - 23:57:32 ---A- . (...) -- C:\Windows\unins000.dat [1992]
O44 - LFC:[MD5.4B0C00AEC836FEF9F0E3BDDD20DFE794] - 18/03/2014 - 23:37:13 ---A- . (...) -- C:\Windows\win.ini [833]
O44 - LFC:[MD5.F862CD08F1AD4EE39BD506853F3C6103] - 31/03/2014 - 02:03:34 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [16284]
O44 - LFC:[MD5.AE7935A0E610CCFA2C2CE4E42A3DA24A] - 31/03/2014 - 02:15:08 ---A- . (...) -- C:\Windows\IE11_main.log [127223]
~ Files: 73 Legitimates Filtered in 00mn 42s
---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.5573AA70993A2BB81525B1C704B88763] - 09/05/2013 - 09:59:07 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65336]
O58 - SDL:[MD5.2E83D2621E87C493AB45DC6655BA77D4] - 27/06/2013 - 23:02:33 ---A- . (...) -- C:\Windows\System32\Drivers\aswSnx.sys.sum [175]
O58 - SDL:[MD5.A5F29AC2F0ADE8B995B49D7350CE3AC0] - 27/06/2013 - 23:02:33 ---A- . (...) -- C:\Windows\System32\Drivers\aswSP.sys.sum [175]
O58 - SDL:[MD5.22F521108881DC59837F6FC614E0568F] - 27/06/2013 - 23:02:33 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [189936]
O58 - SDL:[MD5.E86C64478D9A90D62255FE9EB0150C6E] - 27/06/2013 - 23:02:33 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys.sum [175]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.1299D1EA00B7A4BF69C5869DCA31E0F6] - 09/07/2009 - 04:11:41 ---A- . (.ELAN Microelectronic Corp. - ETD Control Center.) -- C:\Windows\System32\Drivers\ETD.sys [140800]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.8DCA93290E92CEE3EF9E72ECEC7AC8F8] - 30/10/2012 - 15:49:34 ---A- . (.© Guillemot R&D, 2012. All rights reserved. - DJ Series ASIO kernel driver.) -- C:\Windows\System32\Drivers\HDJAsioK.sys [306032]
O58 - SDL:[MD5.1B322533FB8E24F16FCB08121CB3617F] - 30/10/2012 - 15:49:32 ---A- . (.© Guillemot R&D, 2012. All rights reserved. - DJ Series Bulk driver.) -- C:\Windows\System32\Drivers\HDJBulk.sys [238960]
O58 - SDL:[MD5.63516E4EB26EF321E51FA0016E9DA464] - 30/10/2012 - 15:49:32 ---A- . (.© Guillemot R&D, 2012. All rights reserved. - Hercules DJ Control MP3 Filter Driver.) -- C:\Windows\System32\Drivers\HDJCtrl.sys [37744]
O58 - SDL:[MD5.D9A9DDDE1E3E4F04E89BDD5FBDF2DCC7] - 30/10/2012 - 15:49:30 ---A- . (.© Guillemot R&D, 2012. All rights reserved. - DJ Series MIDI kernel driver.) -- C:\Windows\System32\Drivers\HDJMidi.sys [271216]
O58 - SDL:[MD5.E63EF8C3271D014F14E2469CE75FECB4] - 20/07/2009 - 10:29:39 ---A- . (.Pas de propriétaire - Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\kbfiltr.sys [15416]
O58 - SDL:[MD5.0B9A1212258D8AA3FFC0FA41393E7BEC] - 05/06/2009 - 11:16:29 ---A- . (.Pas de propriétaire - USBCAMD for Sonix UVC.) -- C:\Windows\System32\Drivers\sncduvc.sys [42176]
O58 - SDL:[MD5.7AEC460DBDD193680F0E77724E40E7B6] - 05/06/2009 - 11:16:29 ---A- . (.Pas de propriétaire - UVC Camera Streaming Driver.) -- C:\Windows\System32\Drivers\snp2uvc.sys [1806400]
O58 - SDL:[MD5.0B3F6C8F93C5C25977EA5A8B2E656357] - 04/06/2013 - 08:15:02 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [103448]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
~ Drivers: 16 Legitimates Filtered in 01mn 10s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (.not file.)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {045B249D-4B29-1D8D-1AFC-01D008D36072} - ({045B249D-4B29-1D8D-1AFC-01D008D36072}) - http://search.babylon.com =>PUP.Babylon
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - http://r.orange.fr
O69 - SBI: SearchScopes [HKCU] {D9B4DC3B-8951-4d37-B98B-F732DB805E77} - (Booksbario Customized Web Search) - http://search.conduit.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.1FE339E72FE03A27DD9D5A9A357CFE7D] [SPRF][10/09/2009] (...) -- C:\ProgramData\FullRemove.exe [131368]
[MD5.D59F24B86431EEB25281BCE7817783F1] [SPRF][17/01/2011] (.Pas de propriétaire - Audacity Setup.) -- C:\Users\DANIEL\Desktop\audacity-win-1.2.6.exe [2228534]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][11/11/2010] (...) -- C:\Users\DANIEL\Desktop\client_sound.dat [2771386368]
[MD5.A2B25C4A2E886789FEB5EE4006E64D5C] [SPRF][23/03/2010] (...) -- C:\Users\DANIEL\Desktop\lame.exe [581120]
[MD5.563B98D6048E32CDE756935F299BBEAC] [SPRF][23/03/2010] (...) -- C:\Users\DANIEL\Desktop\lame_enc.dll [495104]
[MD5.B63CCB43F2779CBEA5D8D3CE2E3D90FB] [SPRF][02/04/2013] (...) -- C:\Users\DANIEL\Desktop\Minecraft.exe [263186]
[MD5.B3B121CCAC92A71152D3AA6A783927D4] [SPRF][11/11/2010] (...) -- C:\Users\DANIEL\Desktop\wrar393.exe [1364522]
~ Files: 10 Legitimates Filtered in 00mn 02s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{8AE3F4F2-0E3F-483D-B15E-CC16272113A7}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Spyome\maspyome.exe
O87 - FAEL: "{2C920793-6E4C-47FA-A9A0-3EB3D8CC650D}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Spyome\maspyome.exe
O87 - FAEL: "{A0A0BF19-35A8-43BA-B680-4631FB414D77}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Spyome\maagtspe.exe
O87 - FAEL: "{94CE22DB-9C88-41B2-B86A-8E86D062274A}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Spyome\maagtspe.exe
O87 - FAEL: "{811A15B3-B375-4246-847A-E1C59DFF2D9A}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "{F6D59F2D-A016-44C2-932F-9C5A3C2F1455}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "TCP Query User{D57AD8AC-18AD-4B32-B738-434CC246F123}C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
O87 - FAEL: "UDP Query User{3EA8D1BE-28BD-420F-8B06-07D48DFC8180}C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
O87 - FAEL: "TCP Query User{F1C30047-1B85-4935-82E6-F98079067F16}C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P6 - TRUE | .(...) -- C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
O87 - FAEL: "UDP Query User{966CB1A0-D992-4AD7-B7EB-9CF0275D8B2B}C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P17 - TRUE | .(...) -- C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
~ Firewall: 236 Legitimates Filtered in 00mn 04s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.B67811645C5A3B8E4E4B1A1DB1EE271C] [WIS][19/09/2012] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\396b93a.msi [45056] =>Adware.Boxore
~ WIS: 118 Legitimates Filtered in 00mn 31s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 13/03/2013 253656 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 23/04/2012 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 23/04/2012 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 10/07/1658 0 | (Orange update Core Service) . (...) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 22/08/2009 570632 | (TMBMServer) . (.Trend Micro Inc..) - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
SS - | Demand 22/08/2009 917768 | (TmProxy) . (.Trend Micro Inc..) - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
SR - | Demand 31/03/2008 225280 | (ADSMService) . (.ASUSTek Computer Inc..) - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
SR - | Auto 17/09/2009 359552 | (AFBAgent) . (.ASUSTeK Computer Inc..) - C:\Windows\system32\FBAgent.exe
SR - | Auto 14/07/2009 27136 | c:\program files (x86)\common files\akamai\netsession_win_8fa3539.dll (Akamai) . (.Akamai Technologies, Inc..) - C:\Windows\System32\svchost.exe
SR - | Auto 16/06/2009 84536 | (ASLDRService) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
SR - | Auto 08/08/2007 94208 | (ATKGFNEXSrv) . (...) - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
SR - | Auto 09/05/2013 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 06/09/2012 18944 | (HerculesDJControlMP3) . (.Hercules®.) - C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.exe
SR - | Demand 28/01/2009 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 02/07/2009 382496 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Demand 21/01/2009 247152 | (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
SR - | Auto 22/08/2009 838528 | (SfCtlCom) . (.Trend Micro Inc..) - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 34s
---\\ Scan Additionnel (O88)
Database Version : 13031 - (30/03/2014)
Clés trouvées (Keys found) : 49
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 9
Fichiers trouvés (Files found) : 5
[HKLM\Software\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde] =>Toolbar.DeltaSearch^
[HKLM\Software\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn] =>PUP.SweetIM^
[HKLM\Software\Google\Chrome\Extensions\licjnkifamhpbaefhdpacpmihicfbomb] =>Adware.PricePeep^
[HKLM\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff] =>Adware.MyWebSearch^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\CacaoWeb Packages] =>PUP.CacaoWeb^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Orange
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\BA086F2D38A8E1A47912955A68B3AD24] =>Adware.PredictAd
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKCU\Software\AppDataLow\Software\SingAlong] =>Adware.Singalng
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\cjkpeelhbaipjkogeledgpkllepmkdmc] =>Adware.AddLyrics
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836] =>PUP.SweetIM^
C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde =>Toolbar.DeltaSearch^
C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn =>PUP.SweetIM^
C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb =>Adware.PricePeep^
C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff =>Adware.MyWebSearch^
C:\Program Files (x86)\LyricSearch =>Adware.AddLyrics^
C:\Users\DANIEL\AppData\Roaming\BitComet =>P2P.BitComet^
C:\Program Files (x86)\FK_Monitor =>Keylogger.FreeKeylogger
C:\Users\DANIEL\AppData\Roaming\FK_Monitor =>Keylogger.FreeKeylogger
C:\Users\DANIEL\AppData\Local\Software =>Adware.Boxore
[HKCU\Software\BitComet] =>P2P.BitComet^
C:\Windows\Installer\396b93a.msi =>Adware.Boxore^
C:\Users\DANIEL\Downloads\cacaoweb.exe =>PUP.CacaoWeb
C:\Users\DANIEL\AppData\Local\Temp\uninst1.exe =>PUP.Babylon
~ Additionnel Scan: 347320 Items scanned in 01mn 42s
---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch
http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch =>Adware.MyWebSearch
http://nicolascoolman.webs.com/apps/blog/show/33449013-rogue-pcspeedmaximizer =>Rogue.PCSpeedMaximizer
http://nicolascoolman.webs.com/apps/blog/show/29895028-pup-videoperformer =>PUP.VideoPerformer
http://nicolascoolman.webs.com/apps/blog/show/27566847-pup-cacaoweb =>PUP.CacaoWeb
http://nicolascoolman.webs.com/apps/blog/show/26601058-adware-addlyrics =>Adware.AddLyrics
http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
http://nicolascoolman.webs.com/apps/blog/show/27229962-adware-predictad =>Adware.PredictAd
http://nicolascoolman.webs.com/apps/blog/show/27423721-adware-singalng =>Adware.Singalng
http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma
~ MSI: 12 link(s) detected in 00mn 00s
~ 1247 Legitimates filtered by white list
End of the scan (605 lines in 06mn 44s)(0)
~ Rapport de ZHPDiag v2014.3.30.36 - Nicolas Coolman (30/03/2014)
~ Lancé par DANIEL (02/04/2014 18:00:34)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16521
MFIE: Mozilla Firefox 13.0.1
GCIE: Google Chrome v33.0.1750.154 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 9YQTR
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
avast! Free Antivirus v8.0.1489.0
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7
---\\ Logiciels d'optimisation du système
CCleaner v3.26 =>.Piriform Ltd
---\\ Logiciels de partage PeerToPeer
Pando Media Booster v2.6.0.8
---\\ Surveillance de Logiciels
Adobe Flash Player 10 Plugin
Adobe Reader 9.3 MUI
Java 7 Update 21
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4095 MB (54% free)
System Restore: Activé (Enable)
System drive C: has 23 GB (19%) free of 116 GB
---\\ Mode de connexion au système
~ Computer Name: DANIEL-PC
~ User Name: DANIEL
~ All Users Names: HomeGroupUser$, DANIEL, ASPNET, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\DANIEL\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\DANIEL\AppData\Roaming\
~ %Desktop% : C:\Users\DANIEL\Desktop\
~ %Favorites% : C:\Users\DANIEL\Favorites\
~ %LocalAppData% : C:\Users\DANIEL\AppData\Local\
~ %StartMenu% : C:\Users\DANIEL\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 23 Go of 116 Go)
D: Hard drive, Flash drive, Thumb drive (Free 313 Go of 335 Go)
E: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 46 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.DF79CE9B950C62677D232154E93A81C7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.01/03/2014 - 04:10:28.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 01s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/13
~ Mes Favoris (My Favorites) : 1/50
~ Mes Documents (My Documents) : 1/70
~ Mon Bureau (My Desktop) : 3/1030
~ Menu demarrer (Programs) : 1/61
~ Hidden Files: Scanned in 00mn 03s
---\\ Processus lancés
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.3116]
[MD5.DFB13D3470844B6770FFB87DFC9FD340] - (.Orange - MailNotifier.) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe [884744] [PID.3328]
[MD5.042DF65D6B851406DDF0B2F95B986FC2] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336] [PID.3520]
[MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] - (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016] [PID.4224]
[MD5.29B129E019D5935C55541629677C2A69] - (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [159744] [PID.4268]
[MD5.EBA7FEB924D04E718870B6E1E07D2465] - (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [8493624] [PID.4428]
[MD5.73BB442A717B9BB0097C243374C14A3E] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672] [PID.4444]
[MD5.8B350218236268F883F76A69216B322F] - (...) -- C:\Program Files (x86)\Spyome\maagtspe.exe [2654292] [PID.4532]
[MD5.8B350218236268F883F76A69216B322F] - (...) -- C:\Program Files (x86)\Spyome\maspyome.exe [2654292] [PID.4588]
[MD5.3F11B20D12D89365D7721BDC860CE5F0] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968] [PID.4632]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816] [PID.4668]
[MD5.6105AFCB022541D34206741185D2EC72] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2387968] [PID.2252]
[MD5.3ECCDD3FE310DD8F82D085447089ADB0] - (.ASUSTek Computer Inc. - ADSMTray.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [272952] [PID.5068]
[MD5.07E56F90546052D0574355E16AB48A6F] - (.ASUS - AsScrPro.) -- C:\Windows\AsScrPro.exe [3058304] [PID.4680]
[MD5.74EF10CD035DE51171C98E60E53AE221] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [104936] [PID.4804]
[MD5.A2CB714DCF8F0E134F2429AF673C7C08] - (.Oracle Corporation - Java(TM) Update Checker.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe [506744] [PID.4840]
[MD5.70F81D6EEFCA1E1943828306F57EA55C] - (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\DANIEL\AppData\Local\Akamai\netsession_win.exe [4672920] [PID.5372]
[MD5.3A924B200D86590D2C83214CEBFA9742] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859976] [PID.4844]
[MD5.4414FD10083ABCAEE2F66982BE0B4F3C] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8179712] [PID.3032]
[MD5.18E5C2F937F9DEB8C282DF66A3761925] - (.ASUS - ASLDR Service.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [84536] [PID.1304]
[MD5.7C157574A181B19B9DCF5F339E25337E] - (.Pas de propriétaire - GFNEXSrv.) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208] [PID.1436]
[MD5.28D6701C710AD7BA3CB95E75F8F1A9AA] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808] [PID.1468]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.1936]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.1984]
[MD5.A434FB7C05F244E8E46C23F8075082ED] - (.ASUS - HControl.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe [178744] [PID.1164]
[MD5.D62088F1C4E7B3477AD2A5F8F5C6DEF3] - (.Pas de propriétaire - Atouch64.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe [301624] [PID.3036]
[MD5.149126216A694E6BA84E92ECA77AAE3B] - (.ASUS - ATKOSD.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe [2488888] [PID.2120]
[MD5.AA11E1368EEB237DD100BAC6AFFE1C57] - (.ASUS - KBFiltr.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe [113208] [PID.2756]
[MD5.4A7C441D99D86704D194E7678873B95D] - (.ASUS - WDC.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe [174648] [PID.1396]
[MD5.C0BF554D2277F7A4C735D475ADE2E3B2] - (.ASUSTek Computer Inc. - ADSMSrv.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280] [PID.5016]
[MD5.9188D073CD14F886790D6037D1986063] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.4684]
[MD5.7CCAEBCAB6FC1ED0206C07E083E79207] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152] [PID.4792]
~ Processes Running: Scanned in 00mn 03s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://search.conduit.com
G2 - GCE: Preference [User Data\Default] [booedmolknjekdopkepjjeckmjkdpfgl] Extutil v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.5.2 (Désactivé) =>Toolbar.DeltaSearch
G2 - GCE: Preference [User Data\Default] [flpcjncodpafbgdpnkljologafpionhb] Managera v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [jcdgjdiieiljkfkdcloehkohchhpekkn] SweetIM for Facebook v.1.2.0.0 (Désactivé) =>PUP.SweetIM
G2 - GCE: Preference [User Data\Default] [licjnkifamhpbaefhdpacpmihicfbomb] PricePeep v.2.2.0.10 (Activé) =>Adware.PricePeep
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ombmmloebnfnpehgjnmkcgoegfachobp] Widget context v.3.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pflphaooapbgpeakohlggbpidpppgdff] MySearchDial Nouvel onglet v.9.4.4 (Désactivé) =>Adware.MyWebSearch
---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 18 Legitimates Filtered in 00mn 18s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\DANIEL\AppData\Roaming\Mozilla\Firefox\Profiles\v97ertad.default\prefs.js
P2 - FPN:Firefox Plugin Navigator . (.BitComet - BitCometAgent v1.30 for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npBitCometAgent.dll =>P2P.BitComet
~ Firefox Browser: 14 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R3 - URLSearchHook: (no name) [64Bits] - {AEEC3B59-CA98-4EBA-A140-57B94E283583} . (.Pando Networks - Pando Web Plugin.) (No version) -- (.not file.)
~ IE Browser: 20 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! WebRep - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D3028143-6145-4318-99D3-3EDCE54A95A9} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: .lnk . (...) -- C:\Program Files\QuickMediaConverter\Audio Codec.txt
O4 - GS\Desktop [Public]: AI Recovery Burner.lnk . (...) -- C:\Windows\Installer\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}\_CA687698538FE21FF77D3A.exe
O4 - GS\Desktop [Public]: ASUS MultiFrame.lnk . (.ASUSTek Computer Inc. - ASUS MultiFrame.) -- C:\Program Files (x86)\ASUS\Asus MultiFrame\MultiFrame.exe
O4 - GS\Desktop [Public]: Asus WebStorage.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\Desktop [Public]: ControlDeck.lnk . (...) -- C:\Windows\Installer\{5B65EF64-1DFA-414A-8C94-7BB726158E21}\_6924E4672453D00BFBA198.exe
O4 - GS\Desktop [Public]: DJUCED.lnk . (.Guillemot Corporation - DJUCED.) -- C:\Program Files (x86)\DJUCED\DJUCED.exe
O4 - GS\Desktop [Public]: eManual.Lnk . (.ASUSTek Computer Inc. - EManual Application.) -- C:\eSupport\Manual\eManual.exe
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: LifeFrame.lnk . (.ASUS - LifeFrame3.) -- C:\Program Files (x86)\ASUS\ASUS LifeFrame3\LifeFrame.exe
O4 - GS\Desktop [Public]: OpenOffice 4.0.1.lnk . (.Apache Software Foundation - OpenOffice 4.0.1.) -- C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
O4 - GS\Desktop [Public]: Quick Media Converter.lnk . (.Cocoon Software - Quick Media Converter Next Generation HD.) -- C:\Program Files\QuickMediaConverter\QuickMediaConverter.exe
O4 - GS\Desktop [Public]: SmartLogon Manager.lnk . (.ASUS - SmartLogon Application.) -- C:\Program Files (x86)\ASUS\SmartLogon\logonmgr.exe
O4 - GS\Desktop [Public]: Splendid Utility.Lnk . (...) -- C:\Program Files (x86)\ASUS\Splendid\Backbone.exe
O4 - GS\Desktop [Public]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) -- C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
O4 - GS\Desktop [Public]: Trend Micro Internet Security.lnk . (...) -- C:\Program Files (x86)\Trend Micro\Internet Security\UfNavi.exe (.not file.)
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (...) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (.not file.)
O4 - GS\QuickLaunch [DANIEL]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [DANIEL]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [DANIEL]: Quick Media Converter.lnk . (.Cocoon Software - Quick Media Converter Next Generation HD.) -- C:\Program Files\QuickMediaConverter\QuickMediaConverter.exe
O4 - GS\TaskBar [DANIEL]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Program [DANIEL]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [DANIEL]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [DANIEL]: Audio Performer.lnk . (.PerformerSoft LLC - Audio Performer.) -- C:\Program Files (x86)\AudioPerformer\AudioPerformer.exe
O4 - GS\Desktop [DANIEL]: PC Speed Maximizer.lnk . (...) -- C:\Program Files (x86)\PC Speed Maximizer\PCSpeedMaximizer.exe (.not file.) =>Rogue.PCSpeedMaximizer
O4 - GS\Desktop [DANIEL]: SyllabiK.lnk . (.mIRC Co. Ltd. - mIRC.) -- C:\Program Files (x86)\SyllabiK\mirc.exe
O4 - GS\Desktop [DANIEL]: Video Performer.lnk . (...) -- C:\Program Files (x86)\VideoPerformer\VideoPerformer.exe (.not file.) =>PUP.VideoPerformer
~ Global Startup: 83 Legitimates Filtered in 00mn 05s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: FancyStart daemon.lnk . (...) -- C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe
O4 - GS\Startup [Public]: SRS Premium Sound.lnk . (.Acresso Software Inc. - InstallShield.) -- C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
O4 - HKLM\..\Run: [UfSeAgnt.exe] . (.Trend Micro Inc. - Trend Micro Server Agent.) -- C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
O4 - HKLM\..\Run: [EeeStorageBackup] . (.ECAREME - BackupService.) -- C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll =>.NVIDIA Corporation
O4 - HKLM\..\Run: [AmIcoSinglun64] . (.AlcorMicro Co., Ltd. - Single LUN Icon Utility for VID 058F PID 63.) -- C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
O4 - HKLM\..\Run: [ETDWare] . (.ELAN Microelectronic Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [Pando Media Booster] . (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\DANIEL\AppData\Local\Akamai\netsession_win.exe
O4 - HKCU\..\Run: [Orange Installer] . (...) -- C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe
O4 - HKCU\..\Run: [OrangeInside] . (.Orange - Executable Orange Inside.) -- C:\Users\DANIEL\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [MailNotifier] . (.Orange - MailNotifier.) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
O4 - HKCU\..\Run: [SURVIVAL] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O4 - HKLM\..\Wow6432Node\Run: [MDS_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdatePDRShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Cyberlink\PowerDirector\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl9] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe
O4 - HKLM\..\Wow6432Node\Run: [PDVD9LanguageShortcut] . (.CyberLink Corp. - PowerDVD Language Application.) -- C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdatePSTShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateLBPShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateP2GoShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [HControlUser] . (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKMEDIA] . (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKOSD2] . (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [MASpyome] . (...) -- C:\Program Files (x86)\Spyome\maagtspe.exe
O4 - HKLM\..\Wow6432Node\Run: [MASpyomeWebServ] . (...) -- C:\Program Files (x86)\Spyome\maspyome.exe
O4 - HKLM\..\Wow6432Node\Run: [Hercules DJ Series] . (.Hercules® - DJ Series Control Panel.) -- C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [Pando Media Booster] . (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\DANIEL\AppData\Local\Akamai\netsession_win.exe
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [Orange Installer] . (...) -- C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [OrangeInside] . (.Orange - Executable Orange Inside.) -- C:\Users\DANIEL\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [MailNotifier] . (.Orange - MailNotifier.) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [SURVIVAL] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
~ Application: Scanned in 00mn 01s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{DED66B84-3656-4445-A8F7-BCD6CAEBA843}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{DED66B84-3656-4445-A8F7-BCD6CAEBA843}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{DED66B84-3656-4445-A8F7-BCD6CAEBA843}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: Akamai NetSession Interface Service - (...) [HKLM][64Bits] -- Akamai
O42 - Logiciel: CacaoWeb Packages - (...) [HKCU][64Bits] -- CacaoWeb Packages =>PUP.CacaoWeb
O42 - Logiciel: DJUCED - (.Guillemot.) [HKLM][64Bits] -- {1BE0813F-4110-4B1C-B96D-EB7278199DDC}
O42 - Logiciel: Spyome 1.01 - (.Morillon Alain.) [HKLM][64Bits] -- Spyome_is1
~ Logic: 33 Legitimates Filtered in 00mn 02s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\BitComet] =>P2P.BitComet
[HKCU\Software\Pando Networks]
[HKLM\Software\Wow6432Node\Pando Networks]
[HKLM\Software\Wow6432Node\Spyome]
~ Key Software: 345 Legitimates Filtered in 00mn 02s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 28/12/2012 - 23:54:58 - [34,846] ----D C:\Program Files (x86)\DJUCED
O43 - CFD: 18/01/2013 - 01:28:33 - [0,004] ----D C:\Program Files (x86)\FK_Monitor
O43 - CFD: 19/01/2014 - 19:04:05 - [0,131] ----D C:\Program Files (x86)\LyricSearch =>Adware.AddLyrics
O43 - CFD: 07/11/2010 - 12:37:00 - [7,234] ----D C:\Program Files (x86)\Pando Networks
O43 - CFD: 01/09/2012 - 10:55:51 - [0,938] ----D C:\Program Files (x86)\Slayers Online
O43 - CFD: 13/05/2011 - 13:50:57 - [5,809] ----D C:\Program Files (x86)\Spyome
O43 - CFD: 31/12/2011 - 23:12:08 - [9,308] ----D C:\Program Files (x86)\SyllabiK
O43 - CFD: 30/01/2011 - 02:02:51 - [4,509] --H-D C:\ProgramData\{16996CC6-7043-45AD-9C8D-A784409115E4}
O43 - CFD: 31/10/2013 - 20:55:18 - [1,063] ----D C:\Users\DANIEL\AppData\Roaming\0T1N1C1T1Q2Y1L2Z
O43 - CFD: 10/01/2013 - 18:06:56 - [0,534] ----D C:\Users\DANIEL\AppData\Roaming\BitComet =>P2P.BitComet
O43 - CFD: 16/06/2012 - 23:23:24 - [0] ----D C:\Users\DANIEL\AppData\Roaming\FK_Monitor
O43 - CFD: 31/12/2011 - 23:12:09 - [0] ----D C:\Users\DANIEL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SyllabiK
~ Program Folder: 199 Legitimates Filtered in 00mn 51s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.06921EF52FF92F76888768B841D78D95] - 01/04/2014 - 02:21:22 ---A- . (...) -- C:\Windows\System32\ServiceFilter.ini [1901]
O44 - LFC:[MD5.DDC0B6672AB7862A3C2D7AA2ADB6B645] - 01/04/2014 - 23:57:22 ---A- . (.Pas de propriétaire - Setup/Uninstall.) -- C:\Windows\unins000.exe [715038]
O44 - LFC:[MD5.EE6407670B4CA47CCC9AF5ED41A19150] - 01/04/2014 - 23:57:31 ---A- . (.Pas de propriétaire - Lagarith.) -- C:\Windows\System32\lagarith.dll [148992]
O44 - LFC:[MD5.21909EFB1C47E3FC5AA37A783F4DB099] - 01/04/2014 - 23:57:32 ---A- . (...) -- C:\Windows\unins000.dat [1992]
O44 - LFC:[MD5.4B0C00AEC836FEF9F0E3BDDD20DFE794] - 18/03/2014 - 23:37:13 ---A- . (...) -- C:\Windows\win.ini [833]
O44 - LFC:[MD5.F862CD08F1AD4EE39BD506853F3C6103] - 31/03/2014 - 02:03:34 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [16284]
O44 - LFC:[MD5.AE7935A0E610CCFA2C2CE4E42A3DA24A] - 31/03/2014 - 02:15:08 ---A- . (...) -- C:\Windows\IE11_main.log [127223]
~ Files: 73 Legitimates Filtered in 00mn 42s
---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.5573AA70993A2BB81525B1C704B88763] - 09/05/2013 - 09:59:07 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65336]
O58 - SDL:[MD5.2E83D2621E87C493AB45DC6655BA77D4] - 27/06/2013 - 23:02:33 ---A- . (...) -- C:\Windows\System32\Drivers\aswSnx.sys.sum [175]
O58 - SDL:[MD5.A5F29AC2F0ADE8B995B49D7350CE3AC0] - 27/06/2013 - 23:02:33 ---A- . (...) -- C:\Windows\System32\Drivers\aswSP.sys.sum [175]
O58 - SDL:[MD5.22F521108881DC59837F6FC614E0568F] - 27/06/2013 - 23:02:33 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [189936]
O58 - SDL:[MD5.E86C64478D9A90D62255FE9EB0150C6E] - 27/06/2013 - 23:02:33 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys.sum [175]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.1299D1EA00B7A4BF69C5869DCA31E0F6] - 09/07/2009 - 04:11:41 ---A- . (.ELAN Microelectronic Corp. - ETD Control Center.) -- C:\Windows\System32\Drivers\ETD.sys [140800]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.8DCA93290E92CEE3EF9E72ECEC7AC8F8] - 30/10/2012 - 15:49:34 ---A- . (.© Guillemot R&D, 2012. All rights reserved. - DJ Series ASIO kernel driver.) -- C:\Windows\System32\Drivers\HDJAsioK.sys [306032]
O58 - SDL:[MD5.1B322533FB8E24F16FCB08121CB3617F] - 30/10/2012 - 15:49:32 ---A- . (.© Guillemot R&D, 2012. All rights reserved. - DJ Series Bulk driver.) -- C:\Windows\System32\Drivers\HDJBulk.sys [238960]
O58 - SDL:[MD5.63516E4EB26EF321E51FA0016E9DA464] - 30/10/2012 - 15:49:32 ---A- . (.© Guillemot R&D, 2012. All rights reserved. - Hercules DJ Control MP3 Filter Driver.) -- C:\Windows\System32\Drivers\HDJCtrl.sys [37744]
O58 - SDL:[MD5.D9A9DDDE1E3E4F04E89BDD5FBDF2DCC7] - 30/10/2012 - 15:49:30 ---A- . (.© Guillemot R&D, 2012. All rights reserved. - DJ Series MIDI kernel driver.) -- C:\Windows\System32\Drivers\HDJMidi.sys [271216]
O58 - SDL:[MD5.E63EF8C3271D014F14E2469CE75FECB4] - 20/07/2009 - 10:29:39 ---A- . (.Pas de propriétaire - Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\kbfiltr.sys [15416]
O58 - SDL:[MD5.0B9A1212258D8AA3FFC0FA41393E7BEC] - 05/06/2009 - 11:16:29 ---A- . (.Pas de propriétaire - USBCAMD for Sonix UVC.) -- C:\Windows\System32\Drivers\sncduvc.sys [42176]
O58 - SDL:[MD5.7AEC460DBDD193680F0E77724E40E7B6] - 05/06/2009 - 11:16:29 ---A- . (.Pas de propriétaire - UVC Camera Streaming Driver.) -- C:\Windows\System32\Drivers\snp2uvc.sys [1806400]
O58 - SDL:[MD5.0B3F6C8F93C5C25977EA5A8B2E656357] - 04/06/2013 - 08:15:02 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [103448]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
~ Drivers: 16 Legitimates Filtered in 01mn 10s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (.not file.)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {045B249D-4B29-1D8D-1AFC-01D008D36072} - ({045B249D-4B29-1D8D-1AFC-01D008D36072}) - http://search.babylon.com =>PUP.Babylon
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - http://r.orange.fr
O69 - SBI: SearchScopes [HKCU] {D9B4DC3B-8951-4d37-B98B-F732DB805E77} - (Booksbario Customized Web Search) - http://search.conduit.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.1FE339E72FE03A27DD9D5A9A357CFE7D] [SPRF][10/09/2009] (...) -- C:\ProgramData\FullRemove.exe [131368]
[MD5.D59F24B86431EEB25281BCE7817783F1] [SPRF][17/01/2011] (.Pas de propriétaire - Audacity Setup.) -- C:\Users\DANIEL\Desktop\audacity-win-1.2.6.exe [2228534]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][11/11/2010] (...) -- C:\Users\DANIEL\Desktop\client_sound.dat [2771386368]
[MD5.A2B25C4A2E886789FEB5EE4006E64D5C] [SPRF][23/03/2010] (...) -- C:\Users\DANIEL\Desktop\lame.exe [581120]
[MD5.563B98D6048E32CDE756935F299BBEAC] [SPRF][23/03/2010] (...) -- C:\Users\DANIEL\Desktop\lame_enc.dll [495104]
[MD5.B63CCB43F2779CBEA5D8D3CE2E3D90FB] [SPRF][02/04/2013] (...) -- C:\Users\DANIEL\Desktop\Minecraft.exe [263186]
[MD5.B3B121CCAC92A71152D3AA6A783927D4] [SPRF][11/11/2010] (...) -- C:\Users\DANIEL\Desktop\wrar393.exe [1364522]
~ Files: 10 Legitimates Filtered in 00mn 02s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{8AE3F4F2-0E3F-483D-B15E-CC16272113A7}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Spyome\maspyome.exe
O87 - FAEL: "{2C920793-6E4C-47FA-A9A0-3EB3D8CC650D}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Spyome\maspyome.exe
O87 - FAEL: "{A0A0BF19-35A8-43BA-B680-4631FB414D77}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Spyome\maagtspe.exe
O87 - FAEL: "{94CE22DB-9C88-41B2-B86A-8E86D062274A}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Spyome\maagtspe.exe
O87 - FAEL: "{811A15B3-B375-4246-847A-E1C59DFF2D9A}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "{F6D59F2D-A016-44C2-932F-9C5A3C2F1455}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "TCP Query User{D57AD8AC-18AD-4B32-B738-434CC246F123}C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
O87 - FAEL: "UDP Query User{3EA8D1BE-28BD-420F-8B06-07D48DFC8180}C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
O87 - FAEL: "TCP Query User{F1C30047-1B85-4935-82E6-F98079067F16}C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P6 - TRUE | .(...) -- C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
O87 - FAEL: "UDP Query User{966CB1A0-D992-4AD7-B7EB-9CF0275D8B2B}C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P17 - TRUE | .(...) -- C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
~ Firewall: 236 Legitimates Filtered in 00mn 04s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.B67811645C5A3B8E4E4B1A1DB1EE271C] [WIS][19/09/2012] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\396b93a.msi [45056] =>Adware.Boxore
~ WIS: 118 Legitimates Filtered in 00mn 31s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 13/03/2013 253656 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 23/04/2012 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 23/04/2012 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 10/07/1658 0 | (Orange update Core Service) . (...) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 22/08/2009 570632 | (TMBMServer) . (.Trend Micro Inc..) - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
SS - | Demand 22/08/2009 917768 | (TmProxy) . (.Trend Micro Inc..) - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
SR - | Demand 31/03/2008 225280 | (ADSMService) . (.ASUSTek Computer Inc..) - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
SR - | Auto 17/09/2009 359552 | (AFBAgent) . (.ASUSTeK Computer Inc..) - C:\Windows\system32\FBAgent.exe
SR - | Auto 14/07/2009 27136 | c:\program files (x86)\common files\akamai\netsession_win_8fa3539.dll (Akamai) . (.Akamai Technologies, Inc..) - C:\Windows\System32\svchost.exe
SR - | Auto 16/06/2009 84536 | (ASLDRService) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
SR - | Auto 08/08/2007 94208 | (ATKGFNEXSrv) . (...) - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
SR - | Auto 09/05/2013 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 06/09/2012 18944 | (HerculesDJControlMP3) . (.Hercules®.) - C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.exe
SR - | Demand 28/01/2009 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 02/07/2009 382496 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Demand 21/01/2009 247152 | (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
SR - | Auto 22/08/2009 838528 | (SfCtlCom) . (.Trend Micro Inc..) - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 34s
---\\ Scan Additionnel (O88)
Database Version : 13031 - (30/03/2014)
Clés trouvées (Keys found) : 49
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 9
Fichiers trouvés (Files found) : 5
[HKLM\Software\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde] =>Toolbar.DeltaSearch^
[HKLM\Software\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn] =>PUP.SweetIM^
[HKLM\Software\Google\Chrome\Extensions\licjnkifamhpbaefhdpacpmihicfbomb] =>Adware.PricePeep^
[HKLM\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff] =>Adware.MyWebSearch^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\CacaoWeb Packages] =>PUP.CacaoWeb^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Orange
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\BA086F2D38A8E1A47912955A68B3AD24] =>Adware.PredictAd
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKCU\Software\AppDataLow\Software\SingAlong] =>Adware.Singalng
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\cjkpeelhbaipjkogeledgpkllepmkdmc] =>Adware.AddLyrics
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836] =>PUP.SweetIM^
C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde =>Toolbar.DeltaSearch^
C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn =>PUP.SweetIM^
C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb =>Adware.PricePeep^
C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff =>Adware.MyWebSearch^
C:\Program Files (x86)\LyricSearch =>Adware.AddLyrics^
C:\Users\DANIEL\AppData\Roaming\BitComet =>P2P.BitComet^
C:\Program Files (x86)\FK_Monitor =>Keylogger.FreeKeylogger
C:\Users\DANIEL\AppData\Roaming\FK_Monitor =>Keylogger.FreeKeylogger
C:\Users\DANIEL\AppData\Local\Software =>Adware.Boxore
[HKCU\Software\BitComet] =>P2P.BitComet^
C:\Windows\Installer\396b93a.msi =>Adware.Boxore^
C:\Users\DANIEL\Downloads\cacaoweb.exe =>PUP.CacaoWeb
C:\Users\DANIEL\AppData\Local\Temp\uninst1.exe =>PUP.Babylon
~ Additionnel Scan: 347320 Items scanned in 01mn 42s
---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch
http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch =>Adware.MyWebSearch
http://nicolascoolman.webs.com/apps/blog/show/33449013-rogue-pcspeedmaximizer =>Rogue.PCSpeedMaximizer
http://nicolascoolman.webs.com/apps/blog/show/29895028-pup-videoperformer =>PUP.VideoPerformer
http://nicolascoolman.webs.com/apps/blog/show/27566847-pup-cacaoweb =>PUP.CacaoWeb
http://nicolascoolman.webs.com/apps/blog/show/26601058-adware-addlyrics =>Adware.AddLyrics
http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
http://nicolascoolman.webs.com/apps/blog/show/27229962-adware-predictad =>Adware.PredictAd
http://nicolascoolman.webs.com/apps/blog/show/27423721-adware-singalng =>Adware.Singalng
http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma
~ MSI: 12 link(s) detected in 00mn 00s
~ 1247 Legitimates filtered by white list
End of the scan (605 lines in 06mn 44s)(0)
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
lilidurhone
Messages postés
43343
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
18 septembre 2023
3 804
2 avril 2014 à 18:57
2 avril 2014 à 18:57
###########| Canned Recherche
# Télécharge UsbFix par El Desaparecido sur ton Bureau.
# Si ton antivirus affiche une alerte, ignore-la et désactive l'antivirus temporairement.
# Branche toutes tes sources de données externes à ton PC (clé USB, disque dur externe, etc...) sans les ouvrir.
# Double clique sur UsbFix.exe.
# Clique sur Recherche.
# Laisse travailler l'outil.
# À la fin du scan, un rapport va s'afficher, poste-le dans ta prochaine réponse sur le forum.
# Le rapport est aussi sauvegardé à la racine du disque système ( C:\UsbFix [Scan ?] Nom de l'ordinateur.txt ).
( CTRL+A pour sélectionner, CTRL+C pour copier et CTRL+V pour coller )
# Tutoriel (aide) en images
# Télécharge UsbFix par El Desaparecido sur ton Bureau.
# Si ton antivirus affiche une alerte, ignore-la et désactive l'antivirus temporairement.
# Branche toutes tes sources de données externes à ton PC (clé USB, disque dur externe, etc...) sans les ouvrir.
# Double clique sur UsbFix.exe.
# Clique sur Recherche.
# Laisse travailler l'outil.
# À la fin du scan, un rapport va s'afficher, poste-le dans ta prochaine réponse sur le forum.
# Le rapport est aussi sauvegardé à la racine du disque système ( C:\UsbFix [Scan ?] Nom de l'ordinateur.txt ).
( CTRL+A pour sélectionner, CTRL+C pour copier et CTRL+V pour coller )
# Tutoriel (aide) en images
Redbubulle
Messages postés
13
Date d'inscription
mercredi 2 avril 2014
Statut
Membre
Dernière intervention
11 avril 2014
Modifié par Redbubulle le 2/04/2014 à 20:05
Modifié par Redbubulle le 2/04/2014 à 20:05
Voici le rapport
############################## | UsbFix V 7.169 | [Recherche]
Utilisateur: DANIEL (Administrateur) # DANIEL-PC
Mis à jour le 31/03/2014 par El Desaparecido - Team SosVirus
Lancé à 19:56:31 | 02/04/2014
Site Web : https://www.usbfix.net/
Changelog : https://www.usb-antivirus.com/fr/maj/
Support : https://depannageinformatique.org/acheter/reservation/?f=6
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : https://www.usb-antivirus.com/fr/contact/
PC: ASUSTeK Computer Inc. (N71Vg )
CPU: Intel(R) Core(TM)2 Duo CPU P7450 @ 2.13GHz
RAM -> [Total : 4095 Mo| Free : 1625 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot
OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16521
WB: Google Chrome : 33.0.1750.154
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: avast! Antivirus [Enabled | Updated]
AV: Trend Micro Internet Security [(!) Disabled | (!) Outdated]
AS: avast! Antivirus [Enabled | Updated]
AS: Trend Micro Internet Security [(!) Disabled | Updated]
AS: Windows Defender [Enabled | Updated]
FW: avast! Internet Security [(!) Disabled]
FW: Windows FireWall [Enabled]
AS: Malwarebytes' Anti-Malware : 1.75.0001
C:\ (%systemdrive%) -> Disque fixe # 116 Go (23 Go libre(s) - 20%) [OS] # NTFS
D:\ -> Disque fixe # 335 Go (313 Go libre(s) - 94%) [DATA] # NTFS
E:\ -> CD-ROM
F:\ -> Disque amovible # 2 Go (2 Go libre(s) - 94%) [] # FAT
################## | Processus Actif |
C:\Windows\system32\csrss.exe (ID: 448 |ParentID: 440)
C:\Windows\system32\wininit.exe (ID: 496 |ParentID: 440)
C:\Windows\system32\csrss.exe (ID: 512 |ParentID: 488)
C:\Windows\system32\services.exe (ID: 552 |ParentID: 496)
C:\Windows\system32\lsass.exe (ID: 560 |ParentID: 496)
C:\Windows\system32\lsm.exe (ID: 568 |ParentID: 496)
C:\Windows\system32\svchost.exe (ID: 688 |ParentID: 552)
C:\Windows\system32\nvvsvc.exe (ID: 764 |ParentID: 552)
C:\Windows\system32\svchost.exe (ID: 804 |ParentID: 552)
C:\Windows\System32\svchost.exe (ID: 864 |ParentID: 552)
C:\Windows\System32\svchost.exe (ID: 896 |ParentID: 552)
C:\Windows\system32\svchost.exe (ID: 924 |ParentID: 552)
C:\Windows\system32\svchost.exe (ID: 956 |ParentID: 552)
C:\Windows\system32\winlogon.exe (ID: 340 |ParentID: 488)
C:\Windows\system32\svchost.exe (ID: 1092 |ParentID: 552)
C:\Windows\system32\FBAgent.exe (ID: 1224 |ParentID: 552)
C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe (ID: 1292 |ParentID: 552)
C:\Windows\system32\nvvsvc.exe (ID: 1360 |ParentID: 764)
C:\Program Files\ATKGFNEX\GFNEXSrv.exe (ID: 1456 |ParentID: 552)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1480 |ParentID: 552)
C:\Windows\System32\spoolsv.exe (ID: 1640 |ParentID: 552)
C:\Windows\system32\svchost.exe (ID: 1676 |ParentID: 552)
C:\Windows\SysWOW64\svchost.exe (ID: 1764 |ParentID: 552)
C:\Windows\system32\svchost.exe (ID: 1804 |ParentID: 552)
C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE (ID: 1844 |ParentID: 552)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (ID: 1872 |ParentID: 552)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (ID: 1920 |ParentID: 552)
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe (ID: 1984 |ParentID: 552)
C:\Windows\system32\svchost.exe (ID: 1124 |ParentID: 552)
C:\Windows\system32\svchost.exe (ID: 2148 |ParentID: 552)
C:\Windows\system32\taskhost.exe (ID: 1852 |ParentID: 552)
C:\Windows\system32\Dwm.exe (ID: 2736 |ParentID: 896)
C:\Windows\Explorer.EXE (ID: 2748 |ParentID: 1944)
C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe (ID: 2936 |ParentID: 1292)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (ID: 1884 |ParentID: 1920)
C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe (ID: 2188 |ParentID: 2936)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 612 |ParentID: 688)
C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe (ID: 2980 |ParentID: 2936)
C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe (ID: 2996 |ParentID: 2936)
C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe (ID: 1336 |ParentID: 2936)
C:\Windows\system32\taskeng.exe (ID: 368 |ParentID: 956)
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (ID: 1856 |ParentID: 2748)
C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe (ID: 640 |ParentID: 2748)
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (ID: 2072 |ParentID: 2748)
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (ID: 652 |ParentID: 1224)
C:\Windows\system32\wuauclt.exe (ID: 3372 |ParentID: 956)
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe (ID: 3432 |ParentID: 1224)
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ID: 3532 |ParentID: 552)
C:\Windows\system32\SearchIndexer.exe (ID: 3560 |ParentID: 552)
C:\Windows\AsScrPro.exe (ID: 3568 |ParentID: 1224)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 3592 |ParentID: 552)
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (ID: 3676 |ParentID: 1224)
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (ID: 3684 |ParentID: 552)
C:\Windows\system32\sppsvc.exe (ID: 3780 |ParentID: 552)
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ID: 4092 |ParentID: 1224)
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (ID: 3180 |ParentID: 552)
C:\Program Files\Elantech\ETDCtrl.exe (ID: 2820 |ParentID: 2748)
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe (ID: 3476 |ParentID: 2748)
C:\Windows\System32\svchost.exe (ID: 3812 |ParentID: 552)
C:\Users\DANIEL\AppData\Local\Akamai\netsession_win.exe (ID: 2240 |ParentID: 2748)
C:\Users\DANIEL\AppData\Local\Akamai\netsession_win.exe (ID: 4168 |ParentID: 2240)
C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe (ID: 4324 |ParentID: 2748)
C:\Windows\System32\wscript.exe (ID: 4332 |ParentID: 2748)
C:\Windows\System32\svchost.exe (ID: 4476 |ParentID: 552)
C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe (ID: 4500 |ParentID: 2748)
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (ID: 4740 |ParentID: 4344)
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ID: 5064 |ParentID: 4344)
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ID: 5108 |ParentID: 4344)
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ID: 4232 |ParentID: 4344)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (ID: 1784 |ParentID: 4344)
C:\Program Files (x86)\Spyome\maagtspe.exe (ID: 1164 |ParentID: 4344)
C:\Program Files (x86)\Spyome\maspyome.exe (ID: 1976 |ParentID: 4344)
C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe (ID: 2520 |ParentID: 4344)
C:\Program Files\AVAST Software\Avast\AvastUI.exe (ID: 2016 |ParentID: 4344)
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (ID: 4920 |ParentID: 4344)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 5380 |ParentID: 688)
C:\Windows\servicing\TrustedInstaller.exe (ID: 5344 |ParentID: 552)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 6088 |ParentID: 2748)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 4076 |ParentID: 6088)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 1372 |ParentID: 6088)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 3112 |ParentID: 6088)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 4584 |ParentID: 6088)
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (ID: 4080 |ParentID: 4920)
C:\Windows\system32\SearchProtocolHost.exe (ID: 5728 |ParentID: 3560)
C:\Windows\System32\WUDFHost.exe (ID: 4304 |ParentID: 896)
C:\Windows\System32\WUDFHost.exe (ID: 4520 |ParentID: 896)
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
04 - HKCU\..\Run : [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
04 - HKCU\..\Run : [Akamai NetSession Interface] "C:\Users\DANIEL\AppData\Local\Akamai\netsession_win.exe"
04 - HKCU\..\Run : [Orange Installer] "C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe"
04 - HKCU\..\Run : [OrangeInside] C:\Users\DANIEL\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
04 - HKCU\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKCU\..\Run : [MailNotifier] C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
04 - HKCU\..\Run : [SURVIVAL] wscript.exe //B "C:\Users\DANIEL\AppData\Local\Temp\SURVIVAL.vbe"
04 - HKLM\..\Run : [MDS_Menu] "C:\Program Files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\MediaShowEspresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.0"
04 - HKLM\..\Run : [UpdatePDRShortCut] "C:\Program Files (x86)\Cyberlink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0"
04 - HKLM\..\Run : [RemoteControl9] "C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe"
04 - HKLM\..\Run : [PDVD9LanguageShortcut] "C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.exe"
04 - HKLM\..\Run : [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
04 - HKLM\..\Run : [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
04 - HKLM\..\Run : [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
04 - HKLM\..\Run : [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
04 - HKLM\..\Run : [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
04 - HKLM\..\Run : [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
04 - HKLM\..\Run : [MASpyome] C:\Program Files (x86)\Spyome\maagtspe.exe --server
04 - HKLM\..\Run : [MASpyomeWebServ] C:\Program Files (x86)\Spyome\maspyome.exe --webserver
04 - HKLM\..\Run : [Hercules DJ Series] C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe /boot
04 - HKLM\..\Run : [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
04 - HKLM\..\RunOnce : []
04 - [x64] HKLM\..\Run : [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
04 - [x64] HKLM\..\Run : [EeeStorageBackup] C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe
04 - [x64] HKLM\..\Run : [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
04 - [x64] HKLM\..\Run : [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
04 - [x64] HKLM\..\Run : [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
04 - [x64] HKLM\..\Run : [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run : [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
04 - HKU\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run : [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
04 - HKU\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run : [Akamai NetSession Interface] "C:\Users\DANIEL\AppData\Local\Akamai\netsession_win.exe"
04 - HKU\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run : [Orange Installer] "C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe"
04 - HKU\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run : [OrangeInside] C:\Users\DANIEL\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
04 - HKU\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run : [MailNotifier] C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
04 - HKU\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run : [SURVIVAL] wscript.exe //B "C:\Users\DANIEL\AppData\Local\Temp\SURVIVAL.vbe"
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-18\..\RunOnce : [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"https://support.microsoft.com/en-us/windows/install-windows-7-service-pack-1-sp1-b3da2c0f-cdb6-0572-8596-bab972897f61" /build:7601
################## | Recherche générique |
Présent! C:\Users\DANIEL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SURVIVAL.vbe
Présent! C:\Users\DANIEL\AppData\Local\Temp\SURVIVAL.vbe
Présent! F:\SURVIVAL.vbe
Présent! C:\Users\DANIEL\Cegelec - Affaires Exercices IC.lnk
Présent! C:\Users\DANIEL\Cegelec - Affaires IC.lnk
Présent! C:\Users\DANIEL\Cegelec - Affaires.lnk
Présent! C:\Users\DANIEL\Cegelec - Budget.lnk
Présent! C:\Users\DANIEL\Cegelec - Entreprise Exercices IC.lnk
Présent! C:\Users\DANIEL\Cegelec - Entreprise IC.lnk
Présent! C:\Users\DANIEL\Cegelec - Entreprise.lnk
Présent! C:\Users\DANIEL\Exercices Affaires.lnk
Présent! C:\Users\DANIEL\Exercices Budget.lnk
Présent! C:\Users\DANIEL\Exercices Entreprise.lnk
Présent! C:\Users\DANIEL\Instructions FD.lnk
Présent! C:\Users\DANIEL\Office Professionnel Plus Finale FR 32 BITS + Activation à vie.lnk
Présent! C:\Users\DANIEL\Presentation ASF Bis .lnk
Présent! F:\Projet Nathan uc 1 3 (1).lnk
Présent! F:\.lnk
Présent! F:\HPSCANS.lnk
Présent! C:\Users\Public\sdelevURL.tmp
################## | Registre |
Présent! HKCU\Software\OrangeInside
Présent! HKU\S-1-5-21-497810484-3197988957-2704761873-1001\Software\OrangeInside
Présent! HKU\S-1-5-21-497810484-3197988957-2704761873-1001\Software\Microsoft\Windows\CurrentVersion\Run|SURVIVAL
Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|SURVIVAL
Présent! HKU\S-1-5-21-497810484-3197988957-2704761873-1001\Software\Microsoft\Windows\CurrentVersion\Run|OrangeInside
Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|OrangeInside
################## | E.O.F | https://www.usbfix.net/ - https://www.sosvirus.net/ |
############################## | UsbFix V 7.169 | [Recherche]
Utilisateur: DANIEL (Administrateur) # DANIEL-PC
Mis à jour le 31/03/2014 par El Desaparecido - Team SosVirus
Lancé à 19:56:31 | 02/04/2014
Site Web : https://www.usbfix.net/
Changelog : https://www.usb-antivirus.com/fr/maj/
Support : https://depannageinformatique.org/acheter/reservation/?f=6
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : https://www.usb-antivirus.com/fr/contact/
PC: ASUSTeK Computer Inc. (N71Vg )
CPU: Intel(R) Core(TM)2 Duo CPU P7450 @ 2.13GHz
RAM -> [Total : 4095 Mo| Free : 1625 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot
OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16521
WB: Google Chrome : 33.0.1750.154
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: avast! Antivirus [Enabled | Updated]
AV: Trend Micro Internet Security [(!) Disabled | (!) Outdated]
AS: avast! Antivirus [Enabled | Updated]
AS: Trend Micro Internet Security [(!) Disabled | Updated]
AS: Windows Defender [Enabled | Updated]
FW: avast! Internet Security [(!) Disabled]
FW: Windows FireWall [Enabled]
AS: Malwarebytes' Anti-Malware : 1.75.0001
C:\ (%systemdrive%) -> Disque fixe # 116 Go (23 Go libre(s) - 20%) [OS] # NTFS
D:\ -> Disque fixe # 335 Go (313 Go libre(s) - 94%) [DATA] # NTFS
E:\ -> CD-ROM
F:\ -> Disque amovible # 2 Go (2 Go libre(s) - 94%) [] # FAT
################## | Processus Actif |
C:\Windows\system32\csrss.exe (ID: 448 |ParentID: 440)
C:\Windows\system32\wininit.exe (ID: 496 |ParentID: 440)
C:\Windows\system32\csrss.exe (ID: 512 |ParentID: 488)
C:\Windows\system32\services.exe (ID: 552 |ParentID: 496)
C:\Windows\system32\lsass.exe (ID: 560 |ParentID: 496)
C:\Windows\system32\lsm.exe (ID: 568 |ParentID: 496)
C:\Windows\system32\svchost.exe (ID: 688 |ParentID: 552)
C:\Windows\system32\nvvsvc.exe (ID: 764 |ParentID: 552)
C:\Windows\system32\svchost.exe (ID: 804 |ParentID: 552)
C:\Windows\System32\svchost.exe (ID: 864 |ParentID: 552)
C:\Windows\System32\svchost.exe (ID: 896 |ParentID: 552)
C:\Windows\system32\svchost.exe (ID: 924 |ParentID: 552)
C:\Windows\system32\svchost.exe (ID: 956 |ParentID: 552)
C:\Windows\system32\winlogon.exe (ID: 340 |ParentID: 488)
C:\Windows\system32\svchost.exe (ID: 1092 |ParentID: 552)
C:\Windows\system32\FBAgent.exe (ID: 1224 |ParentID: 552)
C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe (ID: 1292 |ParentID: 552)
C:\Windows\system32\nvvsvc.exe (ID: 1360 |ParentID: 764)
C:\Program Files\ATKGFNEX\GFNEXSrv.exe (ID: 1456 |ParentID: 552)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1480 |ParentID: 552)
C:\Windows\System32\spoolsv.exe (ID: 1640 |ParentID: 552)
C:\Windows\system32\svchost.exe (ID: 1676 |ParentID: 552)
C:\Windows\SysWOW64\svchost.exe (ID: 1764 |ParentID: 552)
C:\Windows\system32\svchost.exe (ID: 1804 |ParentID: 552)
C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE (ID: 1844 |ParentID: 552)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (ID: 1872 |ParentID: 552)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (ID: 1920 |ParentID: 552)
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe (ID: 1984 |ParentID: 552)
C:\Windows\system32\svchost.exe (ID: 1124 |ParentID: 552)
C:\Windows\system32\svchost.exe (ID: 2148 |ParentID: 552)
C:\Windows\system32\taskhost.exe (ID: 1852 |ParentID: 552)
C:\Windows\system32\Dwm.exe (ID: 2736 |ParentID: 896)
C:\Windows\Explorer.EXE (ID: 2748 |ParentID: 1944)
C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe (ID: 2936 |ParentID: 1292)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (ID: 1884 |ParentID: 1920)
C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe (ID: 2188 |ParentID: 2936)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 612 |ParentID: 688)
C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe (ID: 2980 |ParentID: 2936)
C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe (ID: 2996 |ParentID: 2936)
C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe (ID: 1336 |ParentID: 2936)
C:\Windows\system32\taskeng.exe (ID: 368 |ParentID: 956)
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (ID: 1856 |ParentID: 2748)
C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe (ID: 640 |ParentID: 2748)
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (ID: 2072 |ParentID: 2748)
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (ID: 652 |ParentID: 1224)
C:\Windows\system32\wuauclt.exe (ID: 3372 |ParentID: 956)
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe (ID: 3432 |ParentID: 1224)
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ID: 3532 |ParentID: 552)
C:\Windows\system32\SearchIndexer.exe (ID: 3560 |ParentID: 552)
C:\Windows\AsScrPro.exe (ID: 3568 |ParentID: 1224)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 3592 |ParentID: 552)
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (ID: 3676 |ParentID: 1224)
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (ID: 3684 |ParentID: 552)
C:\Windows\system32\sppsvc.exe (ID: 3780 |ParentID: 552)
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ID: 4092 |ParentID: 1224)
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (ID: 3180 |ParentID: 552)
C:\Program Files\Elantech\ETDCtrl.exe (ID: 2820 |ParentID: 2748)
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe (ID: 3476 |ParentID: 2748)
C:\Windows\System32\svchost.exe (ID: 3812 |ParentID: 552)
C:\Users\DANIEL\AppData\Local\Akamai\netsession_win.exe (ID: 2240 |ParentID: 2748)
C:\Users\DANIEL\AppData\Local\Akamai\netsession_win.exe (ID: 4168 |ParentID: 2240)
C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe (ID: 4324 |ParentID: 2748)
C:\Windows\System32\wscript.exe (ID: 4332 |ParentID: 2748)
C:\Windows\System32\svchost.exe (ID: 4476 |ParentID: 552)
C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe (ID: 4500 |ParentID: 2748)
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (ID: 4740 |ParentID: 4344)
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ID: 5064 |ParentID: 4344)
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ID: 5108 |ParentID: 4344)
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ID: 4232 |ParentID: 4344)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (ID: 1784 |ParentID: 4344)
C:\Program Files (x86)\Spyome\maagtspe.exe (ID: 1164 |ParentID: 4344)
C:\Program Files (x86)\Spyome\maspyome.exe (ID: 1976 |ParentID: 4344)
C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe (ID: 2520 |ParentID: 4344)
C:\Program Files\AVAST Software\Avast\AvastUI.exe (ID: 2016 |ParentID: 4344)
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (ID: 4920 |ParentID: 4344)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 5380 |ParentID: 688)
C:\Windows\servicing\TrustedInstaller.exe (ID: 5344 |ParentID: 552)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 6088 |ParentID: 2748)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 4076 |ParentID: 6088)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 1372 |ParentID: 6088)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 3112 |ParentID: 6088)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 4584 |ParentID: 6088)
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (ID: 4080 |ParentID: 4920)
C:\Windows\system32\SearchProtocolHost.exe (ID: 5728 |ParentID: 3560)
C:\Windows\System32\WUDFHost.exe (ID: 4304 |ParentID: 896)
C:\Windows\System32\WUDFHost.exe (ID: 4520 |ParentID: 896)
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
04 - HKCU\..\Run : [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
04 - HKCU\..\Run : [Akamai NetSession Interface] "C:\Users\DANIEL\AppData\Local\Akamai\netsession_win.exe"
04 - HKCU\..\Run : [Orange Installer] "C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe"
04 - HKCU\..\Run : [OrangeInside] C:\Users\DANIEL\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
04 - HKCU\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKCU\..\Run : [MailNotifier] C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
04 - HKCU\..\Run : [SURVIVAL] wscript.exe //B "C:\Users\DANIEL\AppData\Local\Temp\SURVIVAL.vbe"
04 - HKLM\..\Run : [MDS_Menu] "C:\Program Files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\MediaShowEspresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.0"
04 - HKLM\..\Run : [UpdatePDRShortCut] "C:\Program Files (x86)\Cyberlink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0"
04 - HKLM\..\Run : [RemoteControl9] "C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe"
04 - HKLM\..\Run : [PDVD9LanguageShortcut] "C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.exe"
04 - HKLM\..\Run : [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
04 - HKLM\..\Run : [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
04 - HKLM\..\Run : [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
04 - HKLM\..\Run : [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
04 - HKLM\..\Run : [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
04 - HKLM\..\Run : [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
04 - HKLM\..\Run : [MASpyome] C:\Program Files (x86)\Spyome\maagtspe.exe --server
04 - HKLM\..\Run : [MASpyomeWebServ] C:\Program Files (x86)\Spyome\maspyome.exe --webserver
04 - HKLM\..\Run : [Hercules DJ Series] C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe /boot
04 - HKLM\..\Run : [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
04 - HKLM\..\RunOnce : []
04 - [x64] HKLM\..\Run : [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
04 - [x64] HKLM\..\Run : [EeeStorageBackup] C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe
04 - [x64] HKLM\..\Run : [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
04 - [x64] HKLM\..\Run : [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
04 - [x64] HKLM\..\Run : [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
04 - [x64] HKLM\..\Run : [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run : [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
04 - HKU\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run : [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
04 - HKU\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run : [Akamai NetSession Interface] "C:\Users\DANIEL\AppData\Local\Akamai\netsession_win.exe"
04 - HKU\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run : [Orange Installer] "C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe"
04 - HKU\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run : [OrangeInside] C:\Users\DANIEL\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
04 - HKU\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run : [MailNotifier] C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
04 - HKU\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run : [SURVIVAL] wscript.exe //B "C:\Users\DANIEL\AppData\Local\Temp\SURVIVAL.vbe"
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-18\..\RunOnce : [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"https://support.microsoft.com/en-us/windows/install-windows-7-service-pack-1-sp1-b3da2c0f-cdb6-0572-8596-bab972897f61" /build:7601
################## | Recherche générique |
Présent! C:\Users\DANIEL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SURVIVAL.vbe
Présent! C:\Users\DANIEL\AppData\Local\Temp\SURVIVAL.vbe
Présent! F:\SURVIVAL.vbe
Présent! C:\Users\DANIEL\Cegelec - Affaires Exercices IC.lnk
Présent! C:\Users\DANIEL\Cegelec - Affaires IC.lnk
Présent! C:\Users\DANIEL\Cegelec - Affaires.lnk
Présent! C:\Users\DANIEL\Cegelec - Budget.lnk
Présent! C:\Users\DANIEL\Cegelec - Entreprise Exercices IC.lnk
Présent! C:\Users\DANIEL\Cegelec - Entreprise IC.lnk
Présent! C:\Users\DANIEL\Cegelec - Entreprise.lnk
Présent! C:\Users\DANIEL\Exercices Affaires.lnk
Présent! C:\Users\DANIEL\Exercices Budget.lnk
Présent! C:\Users\DANIEL\Exercices Entreprise.lnk
Présent! C:\Users\DANIEL\Instructions FD.lnk
Présent! C:\Users\DANIEL\Office Professionnel Plus Finale FR 32 BITS + Activation à vie.lnk
Présent! C:\Users\DANIEL\Presentation ASF Bis .lnk
Présent! F:\Projet Nathan uc 1 3 (1).lnk
Présent! F:\.lnk
Présent! F:\HPSCANS.lnk
Présent! C:\Users\Public\sdelevURL.tmp
################## | Registre |
Présent! HKCU\Software\OrangeInside
Présent! HKU\S-1-5-21-497810484-3197988957-2704761873-1001\Software\OrangeInside
Présent! HKU\S-1-5-21-497810484-3197988957-2704761873-1001\Software\Microsoft\Windows\CurrentVersion\Run|SURVIVAL
Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|SURVIVAL
Présent! HKU\S-1-5-21-497810484-3197988957-2704761873-1001\Software\Microsoft\Windows\CurrentVersion\Run|OrangeInside
Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|OrangeInside
################## | E.O.F | https://www.usbfix.net/ - https://www.sosvirus.net/ |
lilidurhone
Messages postés
43343
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
18 septembre 2023
3 804
2 avril 2014 à 20:16
2 avril 2014 à 20:16
Fais suppression
Redbubulle
Messages postés
13
Date d'inscription
mercredi 2 avril 2014
Statut
Membre
Dernière intervention
11 avril 2014
2 avril 2014 à 23:11
2 avril 2014 à 23:11
La suppression a été effectuée voici le rapport
############################## | UsbFix V 7.169 | [Suppression]
Utilisateur: DANIEL (Administrateur) # DANIEL-PC
Mis à jour le 31/03/2014 par El Desaparecido - Team SosVirus
Lancé à 23:02:52 | 02/04/2014
Site Web : https://www.usbfix.net/
Changelog : https://www.usb-antivirus.com/fr/maj/
Support : https://depannageinformatique.org/acheter/reservation/?f=6
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : https://www.usb-antivirus.com/fr/contact/
PC: ASUSTeK Computer Inc. (N71Vg )
CPU: Intel(R) Core(TM)2 Duo CPU P7450 @ 2.13GHz
RAM -> [Total : 4095 Mo| Free : 2216 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot
OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16521
WB: Google Chrome : 33.0.1750.154
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: avast! Antivirus [Enabled | Updated]
AV: Trend Micro Internet Security [(!) Disabled | (!) Outdated]
AS: avast! Antivirus [Enabled | Updated]
AS: Trend Micro Internet Security [(!) Disabled | Updated]
AS: Windows Defender [(!) Disabled | Updated]
FW: avast! Internet Security [(!) Disabled]
FW: Windows FireWall [Enabled]
AS: Malwarebytes' Anti-Malware : 1.75.0001
C:\ (%systemdrive%) -> Disque fixe # 116 Go (23 Go libre(s) - 20%) [OS] # NTFS
D:\ -> Disque fixe # 335 Go (313 Go libre(s) - 94%) [DATA] # NTFS
E:\ -> CD-ROM
F:\ -> Disque amovible # 2 Go (2 Go libre(s) - 94%) [] # FAT
################## | Processus Actif |
C:\Windows\system32\csrss.exe (ID: 452 |ParentID: 392)
C:\Windows\system32\wininit.exe (ID: 508 |ParentID: 392)
C:\Windows\system32\csrss.exe (ID: 520 |ParentID: 500)
C:\Windows\system32\services.exe (ID: 560 |ParentID: 508)
C:\Windows\system32\lsass.exe (ID: 568 |ParentID: 508)
C:\Windows\system32\lsm.exe (ID: 576 |ParentID: 508)
C:\Windows\system32\svchost.exe (ID: 700 |ParentID: 560)
C:\Windows\system32\nvvsvc.exe (ID: 776 |ParentID: 560)
C:\Windows\system32\svchost.exe (ID: 816 |ParentID: 560)
C:\Windows\System32\svchost.exe (ID: 876 |ParentID: 560)
C:\Windows\System32\svchost.exe (ID: 908 |ParentID: 560)
C:\Windows\system32\svchost.exe (ID: 944 |ParentID: 560)
C:\Windows\system32\svchost.exe (ID: 976 |ParentID: 560)
C:\Windows\system32\winlogon.exe (ID: 456 |ParentID: 500)
C:\Windows\system32\svchost.exe (ID: 1104 |ParentID: 560)
C:\Windows\system32\FBAgent.exe (ID: 1268 |ParentID: 560)
C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe (ID: 1316 |ParentID: 560)
C:\Windows\system32\nvvsvc.exe (ID: 1332 |ParentID: 776)
C:\Program Files\ATKGFNEX\GFNEXSrv.exe (ID: 1424 |ParentID: 560)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1460 |ParentID: 560)
C:\Windows\System32\spoolsv.exe (ID: 1616 |ParentID: 560)
C:\Windows\system32\svchost.exe (ID: 1648 |ParentID: 560)
C:\Windows\SysWOW64\svchost.exe (ID: 1732 |ParentID: 560)
C:\Windows\system32\svchost.exe (ID: 1796 |ParentID: 560)
C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE (ID: 1828 |ParentID: 560)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (ID: 1852 |ParentID: 560)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (ID: 1896 |ParentID: 560)
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe (ID: 1976 |ParentID: 560)
C:\Windows\system32\svchost.exe (ID: 1076 |ParentID: 560)
C:\Windows\system32\svchost.exe (ID: 2156 |ParentID: 560)
C:\Windows\system32\DrvInst.exe (ID: 2228 |ParentID: 700)
C:\Windows\system32\taskhost.exe (ID: 2704 |ParentID: 560)
C:\Windows\system32\Dwm.exe (ID: 2732 |ParentID: 908)
C:\Windows\Explorer.EXE (ID: 2752 |ParentID: 2724)
C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe (ID: 3056 |ParentID: 1316)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (ID: 2188 |ParentID: 1896)
C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe (ID: 2124 |ParentID: 3056)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 3096 |ParentID: 700)
C:\Windows\system32\taskeng.exe (ID: 3172 |ParentID: 976)
C:\Windows\system32\taskeng.exe (ID: 3200 |ParentID: 976)
C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe (ID: 3284 |ParentID: 3056)
C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe (ID: 3352 |ParentID: 3056)
C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe (ID: 3368 |ParentID: 3056)
C:\Windows\System32\dinotify.exe (ID: 3496 |ParentID: 2820)
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ID: 3512 |ParentID: 560)
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (ID: 3548 |ParentID: 1268)
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (ID: 3596 |ParentID: 560)
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (ID: 3620 |ParentID: 1268)
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (ID: 3676 |ParentID: 560)
C:\Windows\AsScrPro.exe (ID: 3772 |ParentID: 1268)
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (ID: 3804 |ParentID: 1268)
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ID: 3852 |ParentID: 1268)
C:\Windows\system32\runonce.exe (ID: 3920 |ParentID: 2752)
C:\Windows\SysWOW64\runonce.exe (ID: 3968 |ParentID: 3920)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 3560 |ParentID: 700)
C:\Windows\servicing\TrustedInstaller.exe (ID: 2052 |ParentID: 560)
C:\Windows\system32\sppsvc.exe (ID: 3524 |ParentID: 560)
C:\Windows\System32\svchost.exe (ID: 2092 |ParentID: 560)
C:\Program Files\AVAST Software\Avast\setup\avast.setup (ID: 3168 |ParentID: 1460)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 3796 |ParentID: 560)
C:\Windows\system32\SearchIndexer.exe (ID: 3588 |ParentID: 560)
################## | Recherche générique |
Supprimé! C:\Users\DANIEL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SURVIVAL.vbe
Supprimé! C:\Users\DANIEL\AppData\Local\Temp\SURVIVAL.vbe
Supprimé! F:\SURVIVAL.vbe
Supprimé! C:\Users\DANIEL\Cegelec - Affaires Exercices IC.lnk
Supprimé! C:\Users\DANIEL\Cegelec - Affaires IC.lnk
Supprimé! C:\Users\DANIEL\Cegelec - Affaires.lnk
Supprimé! C:\Users\DANIEL\Cegelec - Budget.lnk
Supprimé! C:\Users\DANIEL\Cegelec - Entreprise Exercices IC.lnk
Supprimé! C:\Users\DANIEL\Cegelec - Entreprise IC.lnk
Supprimé! C:\Users\DANIEL\Cegelec - Entreprise.lnk
Supprimé! C:\Users\DANIEL\Exercices Affaires.lnk
Supprimé! C:\Users\DANIEL\Exercices Budget.lnk
Supprimé! C:\Users\DANIEL\Exercices Entreprise.lnk
Supprimé! C:\Users\DANIEL\Instructions FD.lnk
Supprimé! C:\Users\DANIEL\Office Professionnel Plus Finale FR 32 BITS + Activation à vie.lnk
Supprimé! C:\Users\DANIEL\Presentation ASF Bis .lnk
Supprimé! F:\Projet Nathan uc 1 3 (1).lnk
Supprimé! F:\.lnk
Supprimé! F:\HPSCANS.lnk
Supprimé! C:\Users\Public\sdelevURL.tmp
(!) Fichiers temporaires supprimés.
################## | Registre |
Supprimé! HKCU\Software\OrangeInside
Supprimé! HKU\S-1-5-21-497810484-3197988957-2704761873-1001\Software\Microsoft\Windows\CurrentVersion\Run|SURVIVAL
Supprimé! HKU\S-1-5-21-497810484-3197988957-2704761873-1001\Software\Microsoft\Windows\CurrentVersion\Run|OrangeInside
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
04 - HKCU\..\Run : [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
04 - HKCU\..\Run : [Akamai NetSession Interface] "C:\Users\DANIEL\AppData\Local\Akamai\netsession_win.exe"
04 - HKCU\..\Run : [Orange Installer] "C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe"
04 - HKCU\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKCU\..\Run : [MailNotifier] C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
04 - HKLM\..\Run : [MDS_Menu] "C:\Program Files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\MediaShowEspresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.0"
04 - HKLM\..\Run : [UpdatePDRShortCut] "C:\Program Files (x86)\Cyberlink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0"
04 - HKLM\..\Run : [RemoteControl9] "C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe"
04 - HKLM\..\Run : [PDVD9LanguageShortcut] "C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.exe"
04 - HKLM\..\Run : [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
04 - HKLM\..\Run : [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
04 - HKLM\..\Run : [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
04 - HKLM\..\Run : [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
04 - HKLM\..\Run : [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
04 - HKLM\..\Run : [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
04 - HKLM\..\Run : [MASpyome] C:\Program Files (x86)\Spyome\maagtspe.exe --server
04 - HKLM\..\Run : [MASpyomeWebServ] C:\Program Files (x86)\Spyome\maspyome.exe --webserver
04 - HKLM\..\Run : [Hercules DJ Series] C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe /boot
04 - HKLM\..\Run : [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
04 - [x64] HKLM\..\Run : [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
04 - [x64] HKLM\..\Run : [EeeStorageBackup] C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe
04 - [x64] HKLM\..\Run : [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
04 - [x64] HKLM\..\Run : [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
04 - [x64] HKLM\..\Run : [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
04 - [x64] HKLM\..\Run : [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run : [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
04 - HKU\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run : [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
04 - HKU\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run : [Akamai NetSession Interface] "C:\Users\DANIEL\AppData\Local\Akamai\netsession_win.exe"
04 - HKU\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run : [Orange Installer] "C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe"
04 - HKU\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run : [MailNotifier] C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-18\..\RunOnce : [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"https://support.microsoft.com/en-us/windows/install-windows-7-service-pack-1-sp1-b3da2c0f-cdb6-0572-8596-bab972897f61" /build:7601
################## | Listing |
[25/12/2009 - 12:37:26 | SHD] - C:\$Recycle.Bin
[02/04/2014 - 01:57:07 | D] - C:\AdwCleaner
[25/12/2009 - 12:38:17 | D] - C:\asus.dat
[12/11/2009 - 04:58:48 | D] - C:\ASUS.SYS
[28/03/2013 - 14:32:03 | SHD] - C:\Boot
[20/11/2010 - 14:40:07 | RASH | 375 Ko] - C:\bootmgr
[29/07/2009 - 08:03:37 | RASH | 8 Ko] - C:\BOOTSECT.BAK
[14/07/2011 - 10:37:05 | N | 10 Ko] - C:\bootsqm.dat
[11/03/2010 - 03:20:52 | N | 781 Ko] - C:\D2XP_IX86_112a_113c.mpq
[12/11/2009 - 05:08:18 | N | 14 Ko | ABE30D49145398A21A44262045B8CC41] - C:\devlist.txt
[05/12/2011 - 14:04:47 | D] - C:\Diablo II
[14/07/2009 - 07:08:56 | SHD] - C:\Documents and Settings
[13/11/2012 - 18:00:57 | D] - C:\Downloads
[12/11/2009 - 05:05:33 | D] - C:\eSupport
[14/07/2011 - 10:34:27 | D] - C:\found.000
[02/04/2014 - 22:58:32 | ASH | 3145044 Ko] - C:\hiberfil.sys
[12/11/2009 - 03:59:48 | RHD] - C:\MSOCache
[10/02/2013 - 21:42:17 | D] - C:\musique
[09/09/2009 - 03:28:39 | N | 1024 Ko] - C:\N71V.BIN
[13/09/2009 - 12:16:06 | N | 0 Ko] - C:\N71VN_N71VG_WIN7.10
[10/01/2013 - 20:27:05 | D] - C:\NVIDIA
[12/06/2009 - 03:32:00 | N | 0 Ko | 8CD6F9A641615165B2D14D3BDF4474A7] - C:\OFFICE2007_L.TXT
[02/04/2014 - 22:58:38 | ASH | 4193396 Ko] - C:\pagefile.sys
[11/11/2009 - 14:29:10 | N | 0 Ko | 669C4EC2283FE6034619F95E8030533A] - C:\Pass.txt
[14/07/2009 - 05:20:08 | D] - C:\PerfLogs
[02/04/2014 - 00:27:37 | D] - C:\Program Files
[02/04/2014 - 01:33:18 | D] - C:\Program Files (x86)
[02/04/2014 - 01:43:09 | HD] - C:\ProgramData
[25/12/2009 - 19:25:40 | SHD] - C:\Recovery
[13/09/2009 - 12:16:06 | N | 0 Ko] - C:\RECOVERY.DAT
[31/03/2014 - 15:38:23 | D] - C:\Riot Games
[12/11/2009 - 04:18:27 | N | 0 Ko | B0E8912AD3E30FE31C2731C8AF20741F] - C:\SumHidd.txt
[12/11/2009 - 04:17:02 | N | 0 Ko | 0BC6F5DFF7B504CD0EB24C3FC34E0DBB] - C:\SumOS.txt
[02/04/2014 - 06:23:29 | SHD] - C:\System Volume Information
[04/01/2014 - 00:15:34 | D] - C:\Temp
[02/04/2014 - 19:56:10 | D] - C:\UsbFix
[02/04/2014 - 23:12:20 | A | 14 Ko | 71AE6818E1BA3273E5324B7287EAD3E5] - C:\UsbFix [Clean 2] DANIEL-PC.txt
[02/04/2014 - 20:06:28 | N | 15 Ko | 1B084600890DF3FFE0C829F65283F177] - C:\UsbFix [Scan 1] DANIEL-PC.txt
[24/08/2013 - 04:30:23 | D] - C:\Users
[16/09/2009 - 20:04:46 | N | 0 Ko | CCF44D40BCF94A3CFBC8B2827C99B1AC] - C:\v82.txt
[02/04/2014 - 00:57:31 | D] - C:\Windows
[25/12/2009 - 12:37:26 | SHD] - D:\$RECYCLE.BIN
[04/03/2014 - 19:36:08 | D] - D:\8f531dafd9dc1dc15ceb36ad6fa6f160
[11/01/2013 - 01:22:51 | D] - D:\Adobe CS5
[07/11/2007 - 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - D:\eula.1028.txt
[07/11/2007 - 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - D:\eula.1031.txt
[07/11/2007 - 08:00:40 | N | 10 Ko | 99C22D4A31F4EAD4351B71D6F4E5F6A1] - D:\eula.1033.txt
[07/11/2007 - 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - D:\eula.1036.txt
[07/11/2007 - 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - D:\eula.1040.txt
[07/11/2007 - 08:00:40 | N | 0 Ko | 9B15A3A055CC6E67EA191A1B7885649A] - D:\eula.1041.txt
[07/11/2007 - 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - D:\eula.1042.txt
[07/11/2007 - 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - D:\eula.2052.txt
[07/11/2007 - 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - D:\eula.3082.txt
[07/11/2007 - 08:00:40 | N | 1 Ko] - D:\globdata.ini
[07/11/2007 - 08:03:18 | N | 550 Ko | 520A6D1CBCC9CF642C625FE814C93C58] - D:\install.exe
[07/11/2007 - 08:00:40 | N | 1 Ko] - D:\install.ini
[07/11/2007 - 08:03:18 | N | 75 Ko | 4151A4D07640863783F837E588235837] - D:\install.res.1028.dll
[07/11/2007 - 08:03:18 | N | 94 Ko | 3B8A82E04238655EAEF97E074FB29911] - D:\install.res.1031.dll
[07/11/2007 - 08:03:18 | N | 89 Ko | 9EDEB8B1C5C0A4CD3A3016B85108127D] - D:\install.res.1033.dll
[07/11/2007 - 08:03:18 | N | 95 Ko | 5B6FF470CFA7087690E61F87E81EF78A] - D:\install.res.1036.dll
[07/11/2007 - 08:03:18 | N | 93 Ko | 6310AB8FC9E3DBEE80592FC453A34FEE] - D:\install.res.1040.dll
[07/11/2007 - 08:03:18 | N | 80 Ko | 13ED4517152203DE4BC52ACC0255D952] - D:\install.res.1041.dll
[07/11/2007 - 08:03:18 | N | 78 Ko | 0D4FB4095EA49C1EC89B9E8DB0B936A3] - D:\install.res.1042.dll
[07/11/2007 - 08:03:18 | N | 74 Ko | D7366B34E8AFB605C39EF56E2201FE85] - D:\install.res.2052.dll
[07/11/2007 - 08:03:18 | N | 94 Ko | 41BB37A347121F3E5E88D85100638B79] - D:\install.res.3082.dll
[07/04/2010 - 14:38:28 | N | 84 Ko] - D:\Lees mij voor Photoshop CS5.pdf
[07/04/2010 - 14:38:28 | N | 83 Ko] - D:\Leggimi di Photoshop CS5.pdf
[07/04/2010 - 14:38:28 | N | 95 Ko] - D:\Leia-me do Photoshop CS5.pdf
[07/04/2010 - 14:38:28 | N | 84 Ko] - D:\Léame de Photoshop CS5.pdf
[28/04/2013 - 17:59:57 | D] - D:\Nouveau dossier
[07/04/2010 - 14:38:28 | N | 91 Ko] - D:\Photoshop CS5 - Bitte lesen.pdf
[07/04/2010 - 14:38:28 | N | 77 Ko] - D:\Photoshop CS5 - Lueminut.pdf
[07/04/2010 - 14:38:28 | N | 84 Ko] - D:\Photoshop CS5 -- Lisez-moi.pdf
[12/11/2009 - 03:48:42 | SHD] - D:\System Volume Information
[07/11/2007 - 08:00:40 | N | 6 Ko] - D:\vcredist.bmp
[07/11/2007 - 08:09:22 | N | 1409 Ko] - D:\VC_RED.cab
[07/11/2007 - 08:12:28 | N | 228 Ko] - D:\VC_RED.MSI
[07/04/2010 - 14:38:28 | N | 77 Ko] - D:\Vigtigt-fil til Photoshop CS5.pdf
[07/04/2010 - 14:38:28 | N | 77 Ko] - D:\Viktig om Photoshop CS5.pdf
[07/04/2010 - 14:38:28 | N | 94 Ko] - D:\Viktigt om Photoshop CS5.pdf
[25/03/2014 - 15:49:46 | N | 3180 Ko] - F:\Projet Nathan uc 1 3 (1).docx
[25/03/2014 - 15:48:08 | D] - F:\HPSCANS
[25/03/2014 - 15:47:04 | N | 38240 Ko] - F:\.HPIMAGE.VFS
################## | Vaccin |
D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
################## | E.O.F | https://www.usbfix.net/ - https://www.sosvirus.net/ |
############################## | UsbFix V 7.169 | [Suppression]
Utilisateur: DANIEL (Administrateur) # DANIEL-PC
Mis à jour le 31/03/2014 par El Desaparecido - Team SosVirus
Lancé à 23:02:52 | 02/04/2014
Site Web : https://www.usbfix.net/
Changelog : https://www.usb-antivirus.com/fr/maj/
Support : https://depannageinformatique.org/acheter/reservation/?f=6
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : https://www.usb-antivirus.com/fr/contact/
PC: ASUSTeK Computer Inc. (N71Vg )
CPU: Intel(R) Core(TM)2 Duo CPU P7450 @ 2.13GHz
RAM -> [Total : 4095 Mo| Free : 2216 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot
OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16521
WB: Google Chrome : 33.0.1750.154
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: avast! Antivirus [Enabled | Updated]
AV: Trend Micro Internet Security [(!) Disabled | (!) Outdated]
AS: avast! Antivirus [Enabled | Updated]
AS: Trend Micro Internet Security [(!) Disabled | Updated]
AS: Windows Defender [(!) Disabled | Updated]
FW: avast! Internet Security [(!) Disabled]
FW: Windows FireWall [Enabled]
AS: Malwarebytes' Anti-Malware : 1.75.0001
C:\ (%systemdrive%) -> Disque fixe # 116 Go (23 Go libre(s) - 20%) [OS] # NTFS
D:\ -> Disque fixe # 335 Go (313 Go libre(s) - 94%) [DATA] # NTFS
E:\ -> CD-ROM
F:\ -> Disque amovible # 2 Go (2 Go libre(s) - 94%) [] # FAT
################## | Processus Actif |
C:\Windows\system32\csrss.exe (ID: 452 |ParentID: 392)
C:\Windows\system32\wininit.exe (ID: 508 |ParentID: 392)
C:\Windows\system32\csrss.exe (ID: 520 |ParentID: 500)
C:\Windows\system32\services.exe (ID: 560 |ParentID: 508)
C:\Windows\system32\lsass.exe (ID: 568 |ParentID: 508)
C:\Windows\system32\lsm.exe (ID: 576 |ParentID: 508)
C:\Windows\system32\svchost.exe (ID: 700 |ParentID: 560)
C:\Windows\system32\nvvsvc.exe (ID: 776 |ParentID: 560)
C:\Windows\system32\svchost.exe (ID: 816 |ParentID: 560)
C:\Windows\System32\svchost.exe (ID: 876 |ParentID: 560)
C:\Windows\System32\svchost.exe (ID: 908 |ParentID: 560)
C:\Windows\system32\svchost.exe (ID: 944 |ParentID: 560)
C:\Windows\system32\svchost.exe (ID: 976 |ParentID: 560)
C:\Windows\system32\winlogon.exe (ID: 456 |ParentID: 500)
C:\Windows\system32\svchost.exe (ID: 1104 |ParentID: 560)
C:\Windows\system32\FBAgent.exe (ID: 1268 |ParentID: 560)
C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe (ID: 1316 |ParentID: 560)
C:\Windows\system32\nvvsvc.exe (ID: 1332 |ParentID: 776)
C:\Program Files\ATKGFNEX\GFNEXSrv.exe (ID: 1424 |ParentID: 560)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1460 |ParentID: 560)
C:\Windows\System32\spoolsv.exe (ID: 1616 |ParentID: 560)
C:\Windows\system32\svchost.exe (ID: 1648 |ParentID: 560)
C:\Windows\SysWOW64\svchost.exe (ID: 1732 |ParentID: 560)
C:\Windows\system32\svchost.exe (ID: 1796 |ParentID: 560)
C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE (ID: 1828 |ParentID: 560)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (ID: 1852 |ParentID: 560)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (ID: 1896 |ParentID: 560)
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe (ID: 1976 |ParentID: 560)
C:\Windows\system32\svchost.exe (ID: 1076 |ParentID: 560)
C:\Windows\system32\svchost.exe (ID: 2156 |ParentID: 560)
C:\Windows\system32\DrvInst.exe (ID: 2228 |ParentID: 700)
C:\Windows\system32\taskhost.exe (ID: 2704 |ParentID: 560)
C:\Windows\system32\Dwm.exe (ID: 2732 |ParentID: 908)
C:\Windows\Explorer.EXE (ID: 2752 |ParentID: 2724)
C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe (ID: 3056 |ParentID: 1316)
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (ID: 2188 |ParentID: 1896)
C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe (ID: 2124 |ParentID: 3056)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 3096 |ParentID: 700)
C:\Windows\system32\taskeng.exe (ID: 3172 |ParentID: 976)
C:\Windows\system32\taskeng.exe (ID: 3200 |ParentID: 976)
C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe (ID: 3284 |ParentID: 3056)
C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe (ID: 3352 |ParentID: 3056)
C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe (ID: 3368 |ParentID: 3056)
C:\Windows\System32\dinotify.exe (ID: 3496 |ParentID: 2820)
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ID: 3512 |ParentID: 560)
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (ID: 3548 |ParentID: 1268)
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (ID: 3596 |ParentID: 560)
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (ID: 3620 |ParentID: 1268)
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (ID: 3676 |ParentID: 560)
C:\Windows\AsScrPro.exe (ID: 3772 |ParentID: 1268)
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (ID: 3804 |ParentID: 1268)
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ID: 3852 |ParentID: 1268)
C:\Windows\system32\runonce.exe (ID: 3920 |ParentID: 2752)
C:\Windows\SysWOW64\runonce.exe (ID: 3968 |ParentID: 3920)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 3560 |ParentID: 700)
C:\Windows\servicing\TrustedInstaller.exe (ID: 2052 |ParentID: 560)
C:\Windows\system32\sppsvc.exe (ID: 3524 |ParentID: 560)
C:\Windows\System32\svchost.exe (ID: 2092 |ParentID: 560)
C:\Program Files\AVAST Software\Avast\setup\avast.setup (ID: 3168 |ParentID: 1460)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 3796 |ParentID: 560)
C:\Windows\system32\SearchIndexer.exe (ID: 3588 |ParentID: 560)
################## | Recherche générique |
Supprimé! C:\Users\DANIEL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SURVIVAL.vbe
Supprimé! C:\Users\DANIEL\AppData\Local\Temp\SURVIVAL.vbe
Supprimé! F:\SURVIVAL.vbe
Supprimé! C:\Users\DANIEL\Cegelec - Affaires Exercices IC.lnk
Supprimé! C:\Users\DANIEL\Cegelec - Affaires IC.lnk
Supprimé! C:\Users\DANIEL\Cegelec - Affaires.lnk
Supprimé! C:\Users\DANIEL\Cegelec - Budget.lnk
Supprimé! C:\Users\DANIEL\Cegelec - Entreprise Exercices IC.lnk
Supprimé! C:\Users\DANIEL\Cegelec - Entreprise IC.lnk
Supprimé! C:\Users\DANIEL\Cegelec - Entreprise.lnk
Supprimé! C:\Users\DANIEL\Exercices Affaires.lnk
Supprimé! C:\Users\DANIEL\Exercices Budget.lnk
Supprimé! C:\Users\DANIEL\Exercices Entreprise.lnk
Supprimé! C:\Users\DANIEL\Instructions FD.lnk
Supprimé! C:\Users\DANIEL\Office Professionnel Plus Finale FR 32 BITS + Activation à vie.lnk
Supprimé! C:\Users\DANIEL\Presentation ASF Bis .lnk
Supprimé! F:\Projet Nathan uc 1 3 (1).lnk
Supprimé! F:\.lnk
Supprimé! F:\HPSCANS.lnk
Supprimé! C:\Users\Public\sdelevURL.tmp
(!) Fichiers temporaires supprimés.
################## | Registre |
Supprimé! HKCU\Software\OrangeInside
Supprimé! HKU\S-1-5-21-497810484-3197988957-2704761873-1001\Software\Microsoft\Windows\CurrentVersion\Run|SURVIVAL
Supprimé! HKU\S-1-5-21-497810484-3197988957-2704761873-1001\Software\Microsoft\Windows\CurrentVersion\Run|OrangeInside
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
04 - HKCU\..\Run : [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
04 - HKCU\..\Run : [Akamai NetSession Interface] "C:\Users\DANIEL\AppData\Local\Akamai\netsession_win.exe"
04 - HKCU\..\Run : [Orange Installer] "C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe"
04 - HKCU\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKCU\..\Run : [MailNotifier] C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
04 - HKLM\..\Run : [MDS_Menu] "C:\Program Files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\MediaShowEspresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.0"
04 - HKLM\..\Run : [UpdatePDRShortCut] "C:\Program Files (x86)\Cyberlink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0"
04 - HKLM\..\Run : [RemoteControl9] "C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe"
04 - HKLM\..\Run : [PDVD9LanguageShortcut] "C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.exe"
04 - HKLM\..\Run : [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
04 - HKLM\..\Run : [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
04 - HKLM\..\Run : [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
04 - HKLM\..\Run : [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
04 - HKLM\..\Run : [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
04 - HKLM\..\Run : [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
04 - HKLM\..\Run : [MASpyome] C:\Program Files (x86)\Spyome\maagtspe.exe --server
04 - HKLM\..\Run : [MASpyomeWebServ] C:\Program Files (x86)\Spyome\maspyome.exe --webserver
04 - HKLM\..\Run : [Hercules DJ Series] C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe /boot
04 - HKLM\..\Run : [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
04 - [x64] HKLM\..\Run : [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
04 - [x64] HKLM\..\Run : [EeeStorageBackup] C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe
04 - [x64] HKLM\..\Run : [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
04 - [x64] HKLM\..\Run : [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
04 - [x64] HKLM\..\Run : [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
04 - [x64] HKLM\..\Run : [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run : [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
04 - HKU\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run : [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
04 - HKU\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run : [Akamai NetSession Interface] "C:\Users\DANIEL\AppData\Local\Akamai\netsession_win.exe"
04 - HKU\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run : [Orange Installer] "C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe"
04 - HKU\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run : [MailNotifier] C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-18\..\RunOnce : [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"https://support.microsoft.com/en-us/windows/install-windows-7-service-pack-1-sp1-b3da2c0f-cdb6-0572-8596-bab972897f61" /build:7601
################## | Listing |
[25/12/2009 - 12:37:26 | SHD] - C:\$Recycle.Bin
[02/04/2014 - 01:57:07 | D] - C:\AdwCleaner
[25/12/2009 - 12:38:17 | D] - C:\asus.dat
[12/11/2009 - 04:58:48 | D] - C:\ASUS.SYS
[28/03/2013 - 14:32:03 | SHD] - C:\Boot
[20/11/2010 - 14:40:07 | RASH | 375 Ko] - C:\bootmgr
[29/07/2009 - 08:03:37 | RASH | 8 Ko] - C:\BOOTSECT.BAK
[14/07/2011 - 10:37:05 | N | 10 Ko] - C:\bootsqm.dat
[11/03/2010 - 03:20:52 | N | 781 Ko] - C:\D2XP_IX86_112a_113c.mpq
[12/11/2009 - 05:08:18 | N | 14 Ko | ABE30D49145398A21A44262045B8CC41] - C:\devlist.txt
[05/12/2011 - 14:04:47 | D] - C:\Diablo II
[14/07/2009 - 07:08:56 | SHD] - C:\Documents and Settings
[13/11/2012 - 18:00:57 | D] - C:\Downloads
[12/11/2009 - 05:05:33 | D] - C:\eSupport
[14/07/2011 - 10:34:27 | D] - C:\found.000
[02/04/2014 - 22:58:32 | ASH | 3145044 Ko] - C:\hiberfil.sys
[12/11/2009 - 03:59:48 | RHD] - C:\MSOCache
[10/02/2013 - 21:42:17 | D] - C:\musique
[09/09/2009 - 03:28:39 | N | 1024 Ko] - C:\N71V.BIN
[13/09/2009 - 12:16:06 | N | 0 Ko] - C:\N71VN_N71VG_WIN7.10
[10/01/2013 - 20:27:05 | D] - C:\NVIDIA
[12/06/2009 - 03:32:00 | N | 0 Ko | 8CD6F9A641615165B2D14D3BDF4474A7] - C:\OFFICE2007_L.TXT
[02/04/2014 - 22:58:38 | ASH | 4193396 Ko] - C:\pagefile.sys
[11/11/2009 - 14:29:10 | N | 0 Ko | 669C4EC2283FE6034619F95E8030533A] - C:\Pass.txt
[14/07/2009 - 05:20:08 | D] - C:\PerfLogs
[02/04/2014 - 00:27:37 | D] - C:\Program Files
[02/04/2014 - 01:33:18 | D] - C:\Program Files (x86)
[02/04/2014 - 01:43:09 | HD] - C:\ProgramData
[25/12/2009 - 19:25:40 | SHD] - C:\Recovery
[13/09/2009 - 12:16:06 | N | 0 Ko] - C:\RECOVERY.DAT
[31/03/2014 - 15:38:23 | D] - C:\Riot Games
[12/11/2009 - 04:18:27 | N | 0 Ko | B0E8912AD3E30FE31C2731C8AF20741F] - C:\SumHidd.txt
[12/11/2009 - 04:17:02 | N | 0 Ko | 0BC6F5DFF7B504CD0EB24C3FC34E0DBB] - C:\SumOS.txt
[02/04/2014 - 06:23:29 | SHD] - C:\System Volume Information
[04/01/2014 - 00:15:34 | D] - C:\Temp
[02/04/2014 - 19:56:10 | D] - C:\UsbFix
[02/04/2014 - 23:12:20 | A | 14 Ko | 71AE6818E1BA3273E5324B7287EAD3E5] - C:\UsbFix [Clean 2] DANIEL-PC.txt
[02/04/2014 - 20:06:28 | N | 15 Ko | 1B084600890DF3FFE0C829F65283F177] - C:\UsbFix [Scan 1] DANIEL-PC.txt
[24/08/2013 - 04:30:23 | D] - C:\Users
[16/09/2009 - 20:04:46 | N | 0 Ko | CCF44D40BCF94A3CFBC8B2827C99B1AC] - C:\v82.txt
[02/04/2014 - 00:57:31 | D] - C:\Windows
[25/12/2009 - 12:37:26 | SHD] - D:\$RECYCLE.BIN
[04/03/2014 - 19:36:08 | D] - D:\8f531dafd9dc1dc15ceb36ad6fa6f160
[11/01/2013 - 01:22:51 | D] - D:\Adobe CS5
[07/11/2007 - 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - D:\eula.1028.txt
[07/11/2007 - 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - D:\eula.1031.txt
[07/11/2007 - 08:00:40 | N | 10 Ko | 99C22D4A31F4EAD4351B71D6F4E5F6A1] - D:\eula.1033.txt
[07/11/2007 - 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - D:\eula.1036.txt
[07/11/2007 - 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - D:\eula.1040.txt
[07/11/2007 - 08:00:40 | N | 0 Ko | 9B15A3A055CC6E67EA191A1B7885649A] - D:\eula.1041.txt
[07/11/2007 - 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - D:\eula.1042.txt
[07/11/2007 - 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - D:\eula.2052.txt
[07/11/2007 - 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - D:\eula.3082.txt
[07/11/2007 - 08:00:40 | N | 1 Ko] - D:\globdata.ini
[07/11/2007 - 08:03:18 | N | 550 Ko | 520A6D1CBCC9CF642C625FE814C93C58] - D:\install.exe
[07/11/2007 - 08:00:40 | N | 1 Ko] - D:\install.ini
[07/11/2007 - 08:03:18 | N | 75 Ko | 4151A4D07640863783F837E588235837] - D:\install.res.1028.dll
[07/11/2007 - 08:03:18 | N | 94 Ko | 3B8A82E04238655EAEF97E074FB29911] - D:\install.res.1031.dll
[07/11/2007 - 08:03:18 | N | 89 Ko | 9EDEB8B1C5C0A4CD3A3016B85108127D] - D:\install.res.1033.dll
[07/11/2007 - 08:03:18 | N | 95 Ko | 5B6FF470CFA7087690E61F87E81EF78A] - D:\install.res.1036.dll
[07/11/2007 - 08:03:18 | N | 93 Ko | 6310AB8FC9E3DBEE80592FC453A34FEE] - D:\install.res.1040.dll
[07/11/2007 - 08:03:18 | N | 80 Ko | 13ED4517152203DE4BC52ACC0255D952] - D:\install.res.1041.dll
[07/11/2007 - 08:03:18 | N | 78 Ko | 0D4FB4095EA49C1EC89B9E8DB0B936A3] - D:\install.res.1042.dll
[07/11/2007 - 08:03:18 | N | 74 Ko | D7366B34E8AFB605C39EF56E2201FE85] - D:\install.res.2052.dll
[07/11/2007 - 08:03:18 | N | 94 Ko | 41BB37A347121F3E5E88D85100638B79] - D:\install.res.3082.dll
[07/04/2010 - 14:38:28 | N | 84 Ko] - D:\Lees mij voor Photoshop CS5.pdf
[07/04/2010 - 14:38:28 | N | 83 Ko] - D:\Leggimi di Photoshop CS5.pdf
[07/04/2010 - 14:38:28 | N | 95 Ko] - D:\Leia-me do Photoshop CS5.pdf
[07/04/2010 - 14:38:28 | N | 84 Ko] - D:\Léame de Photoshop CS5.pdf
[28/04/2013 - 17:59:57 | D] - D:\Nouveau dossier
[07/04/2010 - 14:38:28 | N | 91 Ko] - D:\Photoshop CS5 - Bitte lesen.pdf
[07/04/2010 - 14:38:28 | N | 77 Ko] - D:\Photoshop CS5 - Lueminut.pdf
[07/04/2010 - 14:38:28 | N | 84 Ko] - D:\Photoshop CS5 -- Lisez-moi.pdf
[12/11/2009 - 03:48:42 | SHD] - D:\System Volume Information
[07/11/2007 - 08:00:40 | N | 6 Ko] - D:\vcredist.bmp
[07/11/2007 - 08:09:22 | N | 1409 Ko] - D:\VC_RED.cab
[07/11/2007 - 08:12:28 | N | 228 Ko] - D:\VC_RED.MSI
[07/04/2010 - 14:38:28 | N | 77 Ko] - D:\Vigtigt-fil til Photoshop CS5.pdf
[07/04/2010 - 14:38:28 | N | 77 Ko] - D:\Viktig om Photoshop CS5.pdf
[07/04/2010 - 14:38:28 | N | 94 Ko] - D:\Viktigt om Photoshop CS5.pdf
[25/03/2014 - 15:49:46 | N | 3180 Ko] - F:\Projet Nathan uc 1 3 (1).docx
[25/03/2014 - 15:48:08 | D] - F:\HPSCANS
[25/03/2014 - 15:47:04 | N | 38240 Ko] - F:\.HPIMAGE.VFS
################## | Vaccin |
D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
################## | E.O.F | https://www.usbfix.net/ - https://www.sosvirus.net/ |
lilidurhone
Messages postés
43343
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
18 septembre 2023
3 804
3 avril 2014 à 07:17
3 avril 2014 à 07:17
Bien
Attention tu as 2 antivirus
Désinstalles trend micro
Refais un zhpdiag
Attention tu as 2 antivirus
Désinstalles trend micro
Refais un zhpdiag
Redbubulle
Messages postés
13
Date d'inscription
mercredi 2 avril 2014
Statut
Membre
Dernière intervention
11 avril 2014
3 avril 2014 à 14:33
3 avril 2014 à 14:33
Voici le rapport après la désinstallation du deuxieme antivirus :
~ Rapport de ZHPDiag v2014.3.30.36 - Nicolas Coolman (30/03/2014)
~ Lancé par DANIEL (03/04/2014 14:28:34)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16521
MFIE: Mozilla Firefox 13.0.1
GCIE: Google Chrome v33.0.1750.154 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 9YQTR
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
avast! Free Antivirus v8.0.1489.0
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7
---\\ Logiciels d'optimisation du système
CCleaner v3.26 =>.Piriform Ltd
---\\ Logiciels de partage PeerToPeer
Pando Media Booster v2.6.0.8
---\\ Surveillance de Logiciels
Adobe Flash Player 10 Plugin
Adobe Reader 9.3 MUI
Java 7 Update 21
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4095 MB (53% free)
System Restore: Activé (Enable)
System drive C: has 24 GB (20%) free of 116 GB
---\\ Mode de connexion au système
~ Computer Name: DANIEL-PC
~ User Name: DANIEL
~ All Users Names: HomeGroupUser$, DANIEL, ASPNET, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\DANIEL\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\DANIEL\AppData\Roaming\
~ %Desktop% : C:\Users\DANIEL\Desktop\
~ %Favorites% : C:\Users\DANIEL\Favorites\
~ %LocalAppData% : C:\Users\DANIEL\AppData\Local\
~ %StartMenu% : C:\Users\DANIEL\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 24 Go of 116 Go)
D: Hard drive, Flash drive, Thumb drive (Free 313 Go of 335 Go)
E: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 46 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.DF79CE9B950C62677D232154E93A81C7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.01/03/2014 - 04:10:28.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/13
~ Mes Favoris (My Favorites) : 1/50
~ Mes Documents (My Documents) : 1/71
~ Mon Bureau (My Desktop) : 3/1032
~ Menu demarrer (Programs) : 1/60
~ Hidden Files: Scanned in 00mn 02s
---\\ Processus lancés
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.2300]
[MD5.6105AFCB022541D34206741185D2EC72] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2387968] [PID.1884]
[MD5.466CE40EAA865752F4930A472563E4E1] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760] [PID.1984]
[MD5.07E56F90546052D0574355E16AB48A6F] - (.ASUS - AsScrPro.) -- C:\Windows\AsScrPro.exe [3058304] [PID.3148]
[MD5.74EF10CD035DE51171C98E60E53AE221] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [104936] [PID.3168]
[MD5.4458989C34FA84B5A75DD3ABCFBE786A] - (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624] [PID.3896]
[MD5.70F81D6EEFCA1E1943828306F57EA55C] - (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\DANIEL\AppData\Local\Akamai\netsession_win.exe [4672920] [PID.384]
[MD5.DFB13D3470844B6770FFB87DFC9FD340] - (.Orange - MailNotifier.) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe [884744] [PID.1500]
[MD5.042DF65D6B851406DDF0B2F95B986FC2] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336] [PID.4224]
[MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] - (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016] [PID.4588]
[MD5.29B129E019D5935C55541629677C2A69] - (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [159744] [PID.4636]
[MD5.EBA7FEB924D04E718870B6E1E07D2465] - (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [8493624] [PID.4684]
[MD5.73BB442A717B9BB0097C243374C14A3E] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672] [PID.4704]
[MD5.8B350218236268F883F76A69216B322F] - (...) -- C:\Program Files (x86)\Spyome\maagtspe.exe [2654292] [PID.4864]
[MD5.8B350218236268F883F76A69216B322F] - (...) -- C:\Program Files (x86)\Spyome\maspyome.exe [2654292] [PID.4896]
[MD5.3F11B20D12D89365D7721BDC860CE5F0] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968] [PID.5008]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816] [PID.5104]
[MD5.4414FD10083ABCAEE2F66982BE0B4F3C] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8179712] [PID.4540]
[MD5.18E5C2F937F9DEB8C282DF66A3761925] - (.ASUS - ASLDR Service.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [84536] [PID.1384]
[MD5.7C157574A181B19B9DCF5F339E25337E] - (.Pas de propriétaire - GFNEXSrv.) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208] [PID.1436]
[MD5.28D6701C710AD7BA3CB95E75F8F1A9AA] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808] [PID.1468]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.1844]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.1896]
[MD5.A434FB7C05F244E8E46C23F8075082ED] - (.ASUS - HControl.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe [178744] [PID.2448]
[MD5.D62088F1C4E7B3477AD2A5F8F5C6DEF3] - (.Pas de propriétaire - Atouch64.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe [301624] [PID.2480]
[MD5.C0BF554D2277F7A4C735D475ADE2E3B2] - (.ASUSTek Computer Inc. - ADSMSrv.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280] [PID.1148]
[MD5.149126216A694E6BA84E92ECA77AAE3B] - (.ASUS - ATKOSD.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe [2488888] [PID.1032]
[MD5.AA11E1368EEB237DD100BAC6AFFE1C57] - (.ASUS - KBFiltr.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe [113208] [PID.2432]
[MD5.4A7C441D99D86704D194E7678873B95D] - (.ASUS - WDC.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe [174648] [PID.3084]
[MD5.9188D073CD14F886790D6037D1986063] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.3308]
[MD5.7CCAEBCAB6FC1ED0206C07E083E79207] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152] [PID.3500]
~ Processes Running: Scanned in 00mn 03s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://search.conduit.com
G2 - GCE: Preference [User Data\Default] [booedmolknjekdopkepjjeckmjkdpfgl] Extutil v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.5.2 (Désactivé) =>Toolbar.DeltaSearch
G2 - GCE: Preference [User Data\Default] [flpcjncodpafbgdpnkljologafpionhb] Managera v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [jcdgjdiieiljkfkdcloehkohchhpekkn] SweetIM for Facebook v.1.2.0.0 (Désactivé) =>PUP.SweetIM
G2 - GCE: Preference [User Data\Default] [licjnkifamhpbaefhdpacpmihicfbomb] PricePeep v.2.2.0.10 (Activé) =>Adware.PricePeep
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ombmmloebnfnpehgjnmkcgoegfachobp] Widget context v.3.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pflphaooapbgpeakohlggbpidpppgdff] MySearchDial Nouvel onglet v.9.4.4 (Désactivé) =>Adware.MyWebSearch
---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 18 Legitimates Filtered in 00mn 19s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\DANIEL\AppData\Roaming\Mozilla\Firefox\Profiles\v97ertad.default\prefs.js
P2 - FPN:Firefox Plugin Navigator . (.BitComet - BitCometAgent v1.30 for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npBitCometAgent.dll =>P2P.BitComet
~ Firefox Browser: 14 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R3 - URLSearchHook: (no name) [64Bits] - {AEEC3B59-CA98-4EBA-A140-57B94E283583} . (.Pando Networks - Pando Web Plugin.) (No version) -- (.not file.)
~ IE Browser: 20 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! WebRep - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D3028143-6145-4318-99D3-3EDCE54A95A9} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: .lnk . (...) -- C:\Program Files\QuickMediaConverter\Audio Codec.txt
O4 - GS\Desktop [Public]: AI Recovery Burner.lnk . (...) -- C:\Windows\Installer\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}\_CA687698538FE21FF77D3A.exe
O4 - GS\Desktop [Public]: ASUS MultiFrame.lnk . (.ASUSTek Computer Inc. - ASUS MultiFrame.) -- C:\Program Files (x86)\ASUS\Asus MultiFrame\MultiFrame.exe
O4 - GS\Desktop [Public]: Asus WebStorage.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\Desktop [Public]: ControlDeck.lnk . (...) -- C:\Windows\Installer\{5B65EF64-1DFA-414A-8C94-7BB726158E21}\_6924E4672453D00BFBA198.exe
O4 - GS\Desktop [Public]: DJUCED.lnk . (.Guillemot Corporation - DJUCED.) -- C:\Program Files (x86)\DJUCED\DJUCED.exe
O4 - GS\Desktop [Public]: eManual.Lnk . (.ASUSTek Computer Inc. - EManual Application.) -- C:\eSupport\Manual\eManual.exe
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: LifeFrame.lnk . (.ASUS - LifeFrame3.) -- C:\Program Files (x86)\ASUS\ASUS LifeFrame3\LifeFrame.exe
O4 - GS\Desktop [Public]: OpenOffice 4.0.1.lnk . (.Apache Software Foundation - OpenOffice 4.0.1.) -- C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
O4 - GS\Desktop [Public]: Quick Media Converter.lnk . (.Cocoon Software - Quick Media Converter Next Generation HD.) -- C:\Program Files\QuickMediaConverter\QuickMediaConverter.exe
O4 - GS\Desktop [Public]: SmartLogon Manager.lnk . (.ASUS - SmartLogon Application.) -- C:\Program Files (x86)\ASUS\SmartLogon\logonmgr.exe
O4 - GS\Desktop [Public]: Splendid Utility.Lnk . (...) -- C:\Program Files (x86)\ASUS\Splendid\Backbone.exe
O4 - GS\Desktop [Public]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) -- C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (...) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (.not file.)
O4 - GS\QuickLaunch [DANIEL]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [DANIEL]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [DANIEL]: Quick Media Converter.lnk . (.Cocoon Software - Quick Media Converter Next Generation HD.) -- C:\Program Files\QuickMediaConverter\QuickMediaConverter.exe
O4 - GS\TaskBar [DANIEL]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Program [DANIEL]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [DANIEL]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [DANIEL]: Audio Performer.lnk . (.PerformerSoft LLC - Audio Performer.) -- C:\Program Files (x86)\AudioPerformer\AudioPerformer.exe
O4 - GS\Desktop [DANIEL]: PC Speed Maximizer.lnk . (...) -- C:\Program Files (x86)\PC Speed Maximizer\PCSpeedMaximizer.exe (.not file.) =>Rogue.PCSpeedMaximizer
O4 - GS\Desktop [DANIEL]: SyllabiK.lnk . (.mIRC Co. Ltd. - mIRC.) -- C:\Program Files (x86)\SyllabiK\mirc.exe
O4 - GS\Desktop [DANIEL]: Video Performer.lnk . (...) -- C:\Program Files (x86)\VideoPerformer\VideoPerformer.exe (.not file.) =>PUP.VideoPerformer
~ Global Startup: 83 Legitimates Filtered in 00mn 02s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: FancyStart daemon.lnk . (...) -- C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe
O4 - GS\Startup [Public]: SRS Premium Sound.lnk . (.Acresso Software Inc. - InstallShield.) -- C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
O4 - HKLM\..\Run: [EeeStorageBackup] . (.ECAREME - BackupService.) -- C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll =>.NVIDIA Corporation
O4 - HKLM\..\Run: [AmIcoSinglun64] . (.AlcorMicro Co., Ltd. - Single LUN Icon Utility for VID 058F PID 63.) -- C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
O4 - HKLM\..\Run: [ETDWare] . (.ELAN Microelectronic Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [Pando Media Booster] . (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\DANIEL\AppData\Local\Akamai\netsession_win.exe
O4 - HKCU\..\Run: [Orange Installer] . (...) -- C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [MailNotifier] . (.Orange - MailNotifier.) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
O4 - HKLM\..\Wow6432Node\Run: [MDS_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdatePDRShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Cyberlink\PowerDirector\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl9] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe
O4 - HKLM\..\Wow6432Node\Run: [PDVD9LanguageShortcut] . (.CyberLink Corp. - PowerDVD Language Application.) -- C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdatePSTShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateLBPShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateP2GoShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [HControlUser] . (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKMEDIA] . (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKOSD2] . (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [MASpyome] . (...) -- C:\Program Files (x86)\Spyome\maagtspe.exe
O4 - HKLM\..\Wow6432Node\Run: [MASpyomeWebServ] . (...) -- C:\Program Files (x86)\Spyome\maspyome.exe
O4 - HKLM\..\Wow6432Node\Run: [Hercules DJ Series] . (.Hercules® - DJ Series Control Panel.) -- C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [Pando Media Booster] . (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\DANIEL\AppData\Local\Akamai\netsession_win.exe
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [Orange Installer] . (...) -- C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [MailNotifier] . (.Orange - MailNotifier.) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{DED66B84-3656-4445-A8F7-BCD6CAEBA843}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{DED66B84-3656-4445-A8F7-BCD6CAEBA843}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{DED66B84-3656-4445-A8F7-BCD6CAEBA843}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: Akamai NetSession Interface Service - (...) [HKLM][64Bits] -- Akamai
O42 - Logiciel: CacaoWeb Packages - (...) [HKCU][64Bits] -- CacaoWeb Packages =>PUP.CacaoWeb
O42 - Logiciel: DJUCED - (.Guillemot.) [HKLM][64Bits] -- {1BE0813F-4110-4B1C-B96D-EB7278199DDC}
O42 - Logiciel: Spyome 1.01 - (.Morillon Alain.) [HKLM][64Bits] -- Spyome_is1
~ Logic: 33 Legitimates Filtered in 00mn 02s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\BitComet] =>P2P.BitComet
[HKCU\Software\Pando Networks]
[HKLM\Software\Wow6432Node\Pando Networks]
[HKLM\Software\Wow6432Node\Spyome]
~ Key Software: 343 Legitimates Filtered in 00mn 02s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 28/12/2012 - 23:54:58 - [34,846] ----D C:\Program Files (x86)\DJUCED
O43 - CFD: 18/01/2013 - 01:28:33 - [0,004] ----D C:\Program Files (x86)\FK_Monitor
O43 - CFD: 19/01/2014 - 19:04:05 - [0,131] ----D C:\Program Files (x86)\LyricSearch =>Adware.AddLyrics
O43 - CFD: 07/11/2010 - 12:37:00 - [7,234] ----D C:\Program Files (x86)\Pando Networks
O43 - CFD: 01/09/2012 - 10:55:51 - [0,938] ----D C:\Program Files (x86)\Slayers Online
O43 - CFD: 13/05/2011 - 13:50:57 - [5,809] ----D C:\Program Files (x86)\Spyome
O43 - CFD: 31/12/2011 - 23:12:08 - [9,308] ----D C:\Program Files (x86)\SyllabiK
O43 - CFD: 30/01/2011 - 02:02:51 - [4,509] --H-D C:\ProgramData\{16996CC6-7043-45AD-9C8D-A784409115E4}
O43 - CFD: 31/10/2013 - 20:55:18 - [1,063] ----D C:\Users\DANIEL\AppData\Roaming\0T1N1C1T1Q2Y1L2Z
O43 - CFD: 10/01/2013 - 18:06:56 - [0,534] ----D C:\Users\DANIEL\AppData\Roaming\BitComet =>P2P.BitComet
O43 - CFD: 16/06/2012 - 23:23:24 - [0] ----D C:\Users\DANIEL\AppData\Roaming\FK_Monitor
O43 - CFD: 31/12/2011 - 23:12:09 - [0] ----D C:\Users\DANIEL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SyllabiK
~ Program Folder: 198 Legitimates Filtered in 00mn 29s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.06921EF52FF92F76888768B841D78D95] - 01/04/2014 - 02:21:22 ---A- . (...) -- C:\Windows\System32\ServiceFilter.ini [1901]
O44 - LFC:[MD5.DDC0B6672AB7862A3C2D7AA2ADB6B645] - 01/04/2014 - 23:57:22 ---A- . (.Pas de propriétaire - Setup/Uninstall.) -- C:\Windows\unins000.exe [715038]
O44 - LFC:[MD5.EE6407670B4CA47CCC9AF5ED41A19150] - 01/04/2014 - 23:57:31 ---A- . (.Pas de propriétaire - Lagarith.) -- C:\Windows\System32\lagarith.dll [148992]
O44 - LFC:[MD5.21909EFB1C47E3FC5AA37A783F4DB099] - 01/04/2014 - 23:57:32 ---A- . (...) -- C:\Windows\unins000.dat [1992]
O44 - LFC:[MD5.1B084600890DF3FFE0C829F65283F177] - 02/04/2014 - 19:06:28 ----- . (...) -- C:\UsbFix [Scan 1] DANIEL-PC.txt [15253]
O44 - LFC:[MD5.F048CA7BD90BFE0C8B379F853962CFA4] - 02/04/2014 - 22:12:21 ---A- . (...) -- C:\UsbFix [Clean 2] DANIEL-PC.txt [18214]
O44 - LFC:[MD5.F862CD08F1AD4EE39BD506853F3C6103] - 31/03/2014 - 02:03:34 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [16284]
O44 - LFC:[MD5.AE7935A0E610CCFA2C2CE4E42A3DA24A] - 31/03/2014 - 02:15:08 ---A- . (...) -- C:\Windows\IE11_main.log [127223]
~ Files: 74 Legitimates Filtered in 00mn 39s
---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.5573AA70993A2BB81525B1C704B88763] - 09/05/2013 - 09:59:07 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65336]
O58 - SDL:[MD5.2E83D2621E87C493AB45DC6655BA77D4] - 27/06/2013 - 23:02:33 ---A- . (...) -- C:\Windows\System32\Drivers\aswSnx.sys.sum [175]
O58 - SDL:[MD5.A5F29AC2F0ADE8B995B49D7350CE3AC0] - 27/06/2013 - 23:02:33 ---A- . (...) -- C:\Windows\System32\Drivers\aswSP.sys.sum [175]
O58 - SDL:[MD5.22F521108881DC59837F6FC614E0568F] - 27/06/2013 - 23:02:33 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [189936]
O58 - SDL:[MD5.E86C64478D9A90D62255FE9EB0150C6E] - 27/06/2013 - 23:02:33 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys.sum [175]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.1299D1EA00B7A4BF69C5869DCA31E0F6] - 09/07/2009 - 04:11:41 ---A- . (.ELAN Microelectronic Corp. - ETD Control Center.) -- C:\Windows\System32\Drivers\ETD.sys [140800]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.8DCA93290E92CEE3EF9E72ECEC7AC8F8] - 30/10/2012 - 15:49:34 ---A- . (.© Guillemot R&D, 2012. All rights reserved. - DJ Series ASIO kernel driver.) -- C:\Windows\System32\Drivers\HDJAsioK.sys [306032]
O58 - SDL:[MD5.1B322533FB8E24F16FCB08121CB3617F] - 30/10/2012 - 15:49:32 ---A- . (.© Guillemot R&D, 2012. All rights reserved. - DJ Series Bulk driver.) -- C:\Windows\System32\Drivers\HDJBulk.sys [238960]
O58 - SDL:[MD5.63516E4EB26EF321E51FA0016E9DA464] - 30/10/2012 - 15:49:32 ---A- . (.© Guillemot R&D, 2012. All rights reserved. - Hercules DJ Control MP3 Filter Driver.) -- C:\Windows\System32\Drivers\HDJCtrl.sys [37744]
O58 - SDL:[MD5.D9A9DDDE1E3E4F04E89BDD5FBDF2DCC7] - 30/10/2012 - 15:49:30 ---A- . (.© Guillemot R&D, 2012. All rights reserved. - DJ Series MIDI kernel driver.) -- C:\Windows\System32\Drivers\HDJMidi.sys [271216]
O58 - SDL:[MD5.E63EF8C3271D014F14E2469CE75FECB4] - 20/07/2009 - 10:29:39 ---A- . (.Pas de propriétaire - Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\kbfiltr.sys [15416]
O58 - SDL:[MD5.0B9A1212258D8AA3FFC0FA41393E7BEC] - 05/06/2009 - 11:16:29 ---A- . (.Pas de propriétaire - USBCAMD for Sonix UVC.) -- C:\Windows\System32\Drivers\sncduvc.sys [42176]
O58 - SDL:[MD5.7AEC460DBDD193680F0E77724E40E7B6] - 05/06/2009 - 11:16:29 ---A- . (.Pas de propriétaire - UVC Camera Streaming Driver.) -- C:\Windows\System32\Drivers\snp2uvc.sys [1806400]
O58 - SDL:[MD5.0B3F6C8F93C5C25977EA5A8B2E656357] - 04/06/2013 - 08:15:02 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [103448]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
~ Drivers: 16 Legitimates Filtered in 00mn 22s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: UsbFix - (.El Desaparecido - www.usbfix.net - www.sosvirus.net.) [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (.not file.)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {045B249D-4B29-1D8D-1AFC-01D008D36072} - ({045B249D-4B29-1D8D-1AFC-01D008D36072}) - http://search.babylon.com =>PUP.Babylon
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - http://r.orange.fr
O69 - SBI: SearchScopes [HKCU] {D9B4DC3B-8951-4d37-B98B-F732DB805E77} - (Booksbario Customized Web Search) - http://search.conduit.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.1FE339E72FE03A27DD9D5A9A357CFE7D] [SPRF][10/09/2009] (...) -- C:\ProgramData\FullRemove.exe [131368]
[MD5.D59F24B86431EEB25281BCE7817783F1] [SPRF][17/01/2011] (.Pas de propriétaire - Audacity Setup.) -- C:\Users\DANIEL\Desktop\audacity-win-1.2.6.exe [2228534]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][11/11/2010] (...) -- C:\Users\DANIEL\Desktop\client_sound.dat [2771386368]
[MD5.A2B25C4A2E886789FEB5EE4006E64D5C] [SPRF][23/03/2010] (...) -- C:\Users\DANIEL\Desktop\lame.exe [581120]
[MD5.563B98D6048E32CDE756935F299BBEAC] [SPRF][23/03/2010] (...) -- C:\Users\DANIEL\Desktop\lame_enc.dll [495104]
[MD5.B63CCB43F2779CBEA5D8D3CE2E3D90FB] [SPRF][02/04/2013] (...) -- C:\Users\DANIEL\Desktop\Minecraft.exe [263186]
[MD5.B3B121CCAC92A71152D3AA6A783927D4] [SPRF][11/11/2010] (...) -- C:\Users\DANIEL\Desktop\wrar393.exe [1364522]
~ Files: 10 Legitimates Filtered in 00mn 02s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{8AE3F4F2-0E3F-483D-B15E-CC16272113A7}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Spyome\maspyome.exe
O87 - FAEL: "{2C920793-6E4C-47FA-A9A0-3EB3D8CC650D}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Spyome\maspyome.exe
O87 - FAEL: "{A0A0BF19-35A8-43BA-B680-4631FB414D77}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Spyome\maagtspe.exe
O87 - FAEL: "{94CE22DB-9C88-41B2-B86A-8E86D062274A}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Spyome\maagtspe.exe
O87 - FAEL: "{811A15B3-B375-4246-847A-E1C59DFF2D9A}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "{F6D59F2D-A016-44C2-932F-9C5A3C2F1455}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "TCP Query User{D57AD8AC-18AD-4B32-B738-434CC246F123}C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
O87 - FAEL: "UDP Query User{3EA8D1BE-28BD-420F-8B06-07D48DFC8180}C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
O87 - FAEL: "TCP Query User{F1C30047-1B85-4935-82E6-F98079067F16}C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P6 - TRUE | .(...) -- C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
O87 - FAEL: "UDP Query User{966CB1A0-D992-4AD7-B7EB-9CF0275D8B2B}C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P17 - TRUE | .(...) -- C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
~ Firewall: 236 Legitimates Filtered in 00mn 03s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.B67811645C5A3B8E4E4B1A1DB1EE271C] [WIS][19/09/2012] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\396b93a.msi [45056] =>Adware.Boxore
~ WIS: 117 Legitimates Filtered in 00mn 27s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 13/03/2013 253656 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 23/04/2012 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 23/04/2012 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 10/07/1658 0 | (Orange update Core Service) . (...) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Demand 31/03/2008 225280 | (ADSMService) . (.ASUSTek Computer Inc..) - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
SR - | Auto 17/09/2009 359552 | (AFBAgent) . (.ASUSTeK Computer Inc..) - C:\Windows\system32\FBAgent.exe
SR - | Auto 14/07/2009 27136 | c:\program files (x86)\common files\akamai\netsession_win_8fa3539.dll (Akamai) . (.Akamai Technologies, Inc..) - C:\Windows\System32\svchost.exe
SR - | Auto 16/06/2009 84536 | (ASLDRService) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
SR - | Auto 08/08/2007 94208 | (ATKGFNEXSrv) . (...) - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
SR - | Auto 09/05/2013 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 06/09/2012 18944 | (HerculesDJControlMP3) . (.Hercules®.) - C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.exe
SR - | Demand 28/01/2009 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 02/07/2009 382496 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Demand 21/01/2009 247152 | (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 30s
---\\ Scan Additionnel (O88)
Database Version : 13031 - (30/03/2014)
Clés trouvées (Keys found) : 49
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 9
Fichiers trouvés (Files found) : 3
[HKLM\Software\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde] =>Toolbar.DeltaSearch^
[HKLM\Software\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn] =>PUP.SweetIM^
[HKLM\Software\Google\Chrome\Extensions\licjnkifamhpbaefhdpacpmihicfbomb] =>Adware.PricePeep^
[HKLM\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff] =>Adware.MyWebSearch^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\CacaoWeb Packages] =>PUP.CacaoWeb^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Orange
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\BA086F2D38A8E1A47912955A68B3AD24] =>Adware.PredictAd
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKCU\Software\AppDataLow\Software\SingAlong] =>Adware.Singalng
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\cjkpeelhbaipjkogeledgpkllepmkdmc] =>Adware.AddLyrics
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836] =>PUP.SweetIM^
C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde =>Toolbar.DeltaSearch^
C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn =>PUP.SweetIM^
C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb =>Adware.PricePeep^
C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff =>Adware.MyWebSearch^
C:\Program Files (x86)\LyricSearch =>Adware.AddLyrics^
C:\Users\DANIEL\AppData\Roaming\BitComet =>P2P.BitComet^
C:\Program Files (x86)\FK_Monitor =>Keylogger.FreeKeylogger
C:\Users\DANIEL\AppData\Roaming\FK_Monitor =>Keylogger.FreeKeylogger
C:\Users\DANIEL\AppData\Local\Software =>Adware.Boxore
[HKCU\Software\BitComet] =>P2P.BitComet^
C:\Windows\Installer\396b93a.msi =>Adware.Boxore^
C:\Users\DANIEL\Downloads\cacaoweb.exe =>PUP.CacaoWeb
~ Additionnel Scan: 335332 Items scanned in 01mn 42s
---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch
http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch =>Adware.MyWebSearch
http://nicolascoolman.webs.com/apps/blog/show/33449013-rogue-pcspeedmaximizer =>Rogue.PCSpeedMaximizer
http://nicolascoolman.webs.com/apps/blog/show/29895028-pup-videoperformer =>PUP.VideoPerformer
http://nicolascoolman.webs.com/apps/blog/show/27566847-pup-cacaoweb =>PUP.CacaoWeb
http://nicolascoolman.webs.com/apps/blog/show/26601058-adware-addlyrics =>Adware.AddLyrics
http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
http://nicolascoolman.webs.com/apps/blog/show/27229962-adware-predictad =>Adware.PredictAd
http://nicolascoolman.webs.com/apps/blog/show/27423721-adware-singalng =>Adware.Singalng
http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma
~ MSI: 12 link(s) detected in 00mn 00s
~ 1242 Legitimates filtered by white list
End of the scan (597 lines in 05mn 17s)(0)
~ Rapport de ZHPDiag v2014.3.30.36 - Nicolas Coolman (30/03/2014)
~ Lancé par DANIEL (03/04/2014 14:28:34)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16521
MFIE: Mozilla Firefox 13.0.1
GCIE: Google Chrome v33.0.1750.154 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 9YQTR
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
avast! Free Antivirus v8.0.1489.0
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7
---\\ Logiciels d'optimisation du système
CCleaner v3.26 =>.Piriform Ltd
---\\ Logiciels de partage PeerToPeer
Pando Media Booster v2.6.0.8
---\\ Surveillance de Logiciels
Adobe Flash Player 10 Plugin
Adobe Reader 9.3 MUI
Java 7 Update 21
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4095 MB (53% free)
System Restore: Activé (Enable)
System drive C: has 24 GB (20%) free of 116 GB
---\\ Mode de connexion au système
~ Computer Name: DANIEL-PC
~ User Name: DANIEL
~ All Users Names: HomeGroupUser$, DANIEL, ASPNET, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\DANIEL\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\DANIEL\AppData\Roaming\
~ %Desktop% : C:\Users\DANIEL\Desktop\
~ %Favorites% : C:\Users\DANIEL\Favorites\
~ %LocalAppData% : C:\Users\DANIEL\AppData\Local\
~ %StartMenu% : C:\Users\DANIEL\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 24 Go of 116 Go)
D: Hard drive, Flash drive, Thumb drive (Free 313 Go of 335 Go)
E: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 46 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.DF79CE9B950C62677D232154E93A81C7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.01/03/2014 - 04:10:28.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/13
~ Mes Favoris (My Favorites) : 1/50
~ Mes Documents (My Documents) : 1/71
~ Mon Bureau (My Desktop) : 3/1032
~ Menu demarrer (Programs) : 1/60
~ Hidden Files: Scanned in 00mn 02s
---\\ Processus lancés
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.2300]
[MD5.6105AFCB022541D34206741185D2EC72] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2387968] [PID.1884]
[MD5.466CE40EAA865752F4930A472563E4E1] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760] [PID.1984]
[MD5.07E56F90546052D0574355E16AB48A6F] - (.ASUS - AsScrPro.) -- C:\Windows\AsScrPro.exe [3058304] [PID.3148]
[MD5.74EF10CD035DE51171C98E60E53AE221] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [104936] [PID.3168]
[MD5.4458989C34FA84B5A75DD3ABCFBE786A] - (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624] [PID.3896]
[MD5.70F81D6EEFCA1E1943828306F57EA55C] - (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\DANIEL\AppData\Local\Akamai\netsession_win.exe [4672920] [PID.384]
[MD5.DFB13D3470844B6770FFB87DFC9FD340] - (.Orange - MailNotifier.) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe [884744] [PID.1500]
[MD5.042DF65D6B851406DDF0B2F95B986FC2] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336] [PID.4224]
[MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] - (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016] [PID.4588]
[MD5.29B129E019D5935C55541629677C2A69] - (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [159744] [PID.4636]
[MD5.EBA7FEB924D04E718870B6E1E07D2465] - (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [8493624] [PID.4684]
[MD5.73BB442A717B9BB0097C243374C14A3E] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672] [PID.4704]
[MD5.8B350218236268F883F76A69216B322F] - (...) -- C:\Program Files (x86)\Spyome\maagtspe.exe [2654292] [PID.4864]
[MD5.8B350218236268F883F76A69216B322F] - (...) -- C:\Program Files (x86)\Spyome\maspyome.exe [2654292] [PID.4896]
[MD5.3F11B20D12D89365D7721BDC860CE5F0] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968] [PID.5008]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816] [PID.5104]
[MD5.4414FD10083ABCAEE2F66982BE0B4F3C] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8179712] [PID.4540]
[MD5.18E5C2F937F9DEB8C282DF66A3761925] - (.ASUS - ASLDR Service.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [84536] [PID.1384]
[MD5.7C157574A181B19B9DCF5F339E25337E] - (.Pas de propriétaire - GFNEXSrv.) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208] [PID.1436]
[MD5.28D6701C710AD7BA3CB95E75F8F1A9AA] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808] [PID.1468]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.1844]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.1896]
[MD5.A434FB7C05F244E8E46C23F8075082ED] - (.ASUS - HControl.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe [178744] [PID.2448]
[MD5.D62088F1C4E7B3477AD2A5F8F5C6DEF3] - (.Pas de propriétaire - Atouch64.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe [301624] [PID.2480]
[MD5.C0BF554D2277F7A4C735D475ADE2E3B2] - (.ASUSTek Computer Inc. - ADSMSrv.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280] [PID.1148]
[MD5.149126216A694E6BA84E92ECA77AAE3B] - (.ASUS - ATKOSD.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe [2488888] [PID.1032]
[MD5.AA11E1368EEB237DD100BAC6AFFE1C57] - (.ASUS - KBFiltr.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe [113208] [PID.2432]
[MD5.4A7C441D99D86704D194E7678873B95D] - (.ASUS - WDC.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe [174648] [PID.3084]
[MD5.9188D073CD14F886790D6037D1986063] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.3308]
[MD5.7CCAEBCAB6FC1ED0206C07E083E79207] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152] [PID.3500]
~ Processes Running: Scanned in 00mn 03s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://search.conduit.com
G2 - GCE: Preference [User Data\Default] [booedmolknjekdopkepjjeckmjkdpfgl] Extutil v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.5.2 (Désactivé) =>Toolbar.DeltaSearch
G2 - GCE: Preference [User Data\Default] [flpcjncodpafbgdpnkljologafpionhb] Managera v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [jcdgjdiieiljkfkdcloehkohchhpekkn] SweetIM for Facebook v.1.2.0.0 (Désactivé) =>PUP.SweetIM
G2 - GCE: Preference [User Data\Default] [licjnkifamhpbaefhdpacpmihicfbomb] PricePeep v.2.2.0.10 (Activé) =>Adware.PricePeep
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ombmmloebnfnpehgjnmkcgoegfachobp] Widget context v.3.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pflphaooapbgpeakohlggbpidpppgdff] MySearchDial Nouvel onglet v.9.4.4 (Désactivé) =>Adware.MyWebSearch
---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 18 Legitimates Filtered in 00mn 19s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\DANIEL\AppData\Roaming\Mozilla\Firefox\Profiles\v97ertad.default\prefs.js
P2 - FPN:Firefox Plugin Navigator . (.BitComet - BitCometAgent v1.30 for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npBitCometAgent.dll =>P2P.BitComet
~ Firefox Browser: 14 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R3 - URLSearchHook: (no name) [64Bits] - {AEEC3B59-CA98-4EBA-A140-57B94E283583} . (.Pando Networks - Pando Web Plugin.) (No version) -- (.not file.)
~ IE Browser: 20 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! WebRep - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D3028143-6145-4318-99D3-3EDCE54A95A9} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: .lnk . (...) -- C:\Program Files\QuickMediaConverter\Audio Codec.txt
O4 - GS\Desktop [Public]: AI Recovery Burner.lnk . (...) -- C:\Windows\Installer\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}\_CA687698538FE21FF77D3A.exe
O4 - GS\Desktop [Public]: ASUS MultiFrame.lnk . (.ASUSTek Computer Inc. - ASUS MultiFrame.) -- C:\Program Files (x86)\ASUS\Asus MultiFrame\MultiFrame.exe
O4 - GS\Desktop [Public]: Asus WebStorage.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\Desktop [Public]: ControlDeck.lnk . (...) -- C:\Windows\Installer\{5B65EF64-1DFA-414A-8C94-7BB726158E21}\_6924E4672453D00BFBA198.exe
O4 - GS\Desktop [Public]: DJUCED.lnk . (.Guillemot Corporation - DJUCED.) -- C:\Program Files (x86)\DJUCED\DJUCED.exe
O4 - GS\Desktop [Public]: eManual.Lnk . (.ASUSTek Computer Inc. - EManual Application.) -- C:\eSupport\Manual\eManual.exe
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: LifeFrame.lnk . (.ASUS - LifeFrame3.) -- C:\Program Files (x86)\ASUS\ASUS LifeFrame3\LifeFrame.exe
O4 - GS\Desktop [Public]: OpenOffice 4.0.1.lnk . (.Apache Software Foundation - OpenOffice 4.0.1.) -- C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
O4 - GS\Desktop [Public]: Quick Media Converter.lnk . (.Cocoon Software - Quick Media Converter Next Generation HD.) -- C:\Program Files\QuickMediaConverter\QuickMediaConverter.exe
O4 - GS\Desktop [Public]: SmartLogon Manager.lnk . (.ASUS - SmartLogon Application.) -- C:\Program Files (x86)\ASUS\SmartLogon\logonmgr.exe
O4 - GS\Desktop [Public]: Splendid Utility.Lnk . (...) -- C:\Program Files (x86)\ASUS\Splendid\Backbone.exe
O4 - GS\Desktop [Public]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) -- C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (...) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (.not file.)
O4 - GS\QuickLaunch [DANIEL]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [DANIEL]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [DANIEL]: Quick Media Converter.lnk . (.Cocoon Software - Quick Media Converter Next Generation HD.) -- C:\Program Files\QuickMediaConverter\QuickMediaConverter.exe
O4 - GS\TaskBar [DANIEL]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Program [DANIEL]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [DANIEL]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [DANIEL]: Audio Performer.lnk . (.PerformerSoft LLC - Audio Performer.) -- C:\Program Files (x86)\AudioPerformer\AudioPerformer.exe
O4 - GS\Desktop [DANIEL]: PC Speed Maximizer.lnk . (...) -- C:\Program Files (x86)\PC Speed Maximizer\PCSpeedMaximizer.exe (.not file.) =>Rogue.PCSpeedMaximizer
O4 - GS\Desktop [DANIEL]: SyllabiK.lnk . (.mIRC Co. Ltd. - mIRC.) -- C:\Program Files (x86)\SyllabiK\mirc.exe
O4 - GS\Desktop [DANIEL]: Video Performer.lnk . (...) -- C:\Program Files (x86)\VideoPerformer\VideoPerformer.exe (.not file.) =>PUP.VideoPerformer
~ Global Startup: 83 Legitimates Filtered in 00mn 02s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: FancyStart daemon.lnk . (...) -- C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe
O4 - GS\Startup [Public]: SRS Premium Sound.lnk . (.Acresso Software Inc. - InstallShield.) -- C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
O4 - HKLM\..\Run: [EeeStorageBackup] . (.ECAREME - BackupService.) -- C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll =>.NVIDIA Corporation
O4 - HKLM\..\Run: [AmIcoSinglun64] . (.AlcorMicro Co., Ltd. - Single LUN Icon Utility for VID 058F PID 63.) -- C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
O4 - HKLM\..\Run: [ETDWare] . (.ELAN Microelectronic Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [Pando Media Booster] . (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\DANIEL\AppData\Local\Akamai\netsession_win.exe
O4 - HKCU\..\Run: [Orange Installer] . (...) -- C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [MailNotifier] . (.Orange - MailNotifier.) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
O4 - HKLM\..\Wow6432Node\Run: [MDS_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdatePDRShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Cyberlink\PowerDirector\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl9] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe
O4 - HKLM\..\Wow6432Node\Run: [PDVD9LanguageShortcut] . (.CyberLink Corp. - PowerDVD Language Application.) -- C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdatePSTShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateLBPShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateP2GoShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [HControlUser] . (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKMEDIA] . (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKOSD2] . (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [MASpyome] . (...) -- C:\Program Files (x86)\Spyome\maagtspe.exe
O4 - HKLM\..\Wow6432Node\Run: [MASpyomeWebServ] . (...) -- C:\Program Files (x86)\Spyome\maspyome.exe
O4 - HKLM\..\Wow6432Node\Run: [Hercules DJ Series] . (.Hercules® - DJ Series Control Panel.) -- C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [Pando Media Booster] . (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\DANIEL\AppData\Local\Akamai\netsession_win.exe
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [Orange Installer] . (...) -- C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [MailNotifier] . (.Orange - MailNotifier.) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{DED66B84-3656-4445-A8F7-BCD6CAEBA843}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{DED66B84-3656-4445-A8F7-BCD6CAEBA843}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{DED66B84-3656-4445-A8F7-BCD6CAEBA843}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: Akamai NetSession Interface Service - (...) [HKLM][64Bits] -- Akamai
O42 - Logiciel: CacaoWeb Packages - (...) [HKCU][64Bits] -- CacaoWeb Packages =>PUP.CacaoWeb
O42 - Logiciel: DJUCED - (.Guillemot.) [HKLM][64Bits] -- {1BE0813F-4110-4B1C-B96D-EB7278199DDC}
O42 - Logiciel: Spyome 1.01 - (.Morillon Alain.) [HKLM][64Bits] -- Spyome_is1
~ Logic: 33 Legitimates Filtered in 00mn 02s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\BitComet] =>P2P.BitComet
[HKCU\Software\Pando Networks]
[HKLM\Software\Wow6432Node\Pando Networks]
[HKLM\Software\Wow6432Node\Spyome]
~ Key Software: 343 Legitimates Filtered in 00mn 02s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 28/12/2012 - 23:54:58 - [34,846] ----D C:\Program Files (x86)\DJUCED
O43 - CFD: 18/01/2013 - 01:28:33 - [0,004] ----D C:\Program Files (x86)\FK_Monitor
O43 - CFD: 19/01/2014 - 19:04:05 - [0,131] ----D C:\Program Files (x86)\LyricSearch =>Adware.AddLyrics
O43 - CFD: 07/11/2010 - 12:37:00 - [7,234] ----D C:\Program Files (x86)\Pando Networks
O43 - CFD: 01/09/2012 - 10:55:51 - [0,938] ----D C:\Program Files (x86)\Slayers Online
O43 - CFD: 13/05/2011 - 13:50:57 - [5,809] ----D C:\Program Files (x86)\Spyome
O43 - CFD: 31/12/2011 - 23:12:08 - [9,308] ----D C:\Program Files (x86)\SyllabiK
O43 - CFD: 30/01/2011 - 02:02:51 - [4,509] --H-D C:\ProgramData\{16996CC6-7043-45AD-9C8D-A784409115E4}
O43 - CFD: 31/10/2013 - 20:55:18 - [1,063] ----D C:\Users\DANIEL\AppData\Roaming\0T1N1C1T1Q2Y1L2Z
O43 - CFD: 10/01/2013 - 18:06:56 - [0,534] ----D C:\Users\DANIEL\AppData\Roaming\BitComet =>P2P.BitComet
O43 - CFD: 16/06/2012 - 23:23:24 - [0] ----D C:\Users\DANIEL\AppData\Roaming\FK_Monitor
O43 - CFD: 31/12/2011 - 23:12:09 - [0] ----D C:\Users\DANIEL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SyllabiK
~ Program Folder: 198 Legitimates Filtered in 00mn 29s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.06921EF52FF92F76888768B841D78D95] - 01/04/2014 - 02:21:22 ---A- . (...) -- C:\Windows\System32\ServiceFilter.ini [1901]
O44 - LFC:[MD5.DDC0B6672AB7862A3C2D7AA2ADB6B645] - 01/04/2014 - 23:57:22 ---A- . (.Pas de propriétaire - Setup/Uninstall.) -- C:\Windows\unins000.exe [715038]
O44 - LFC:[MD5.EE6407670B4CA47CCC9AF5ED41A19150] - 01/04/2014 - 23:57:31 ---A- . (.Pas de propriétaire - Lagarith.) -- C:\Windows\System32\lagarith.dll [148992]
O44 - LFC:[MD5.21909EFB1C47E3FC5AA37A783F4DB099] - 01/04/2014 - 23:57:32 ---A- . (...) -- C:\Windows\unins000.dat [1992]
O44 - LFC:[MD5.1B084600890DF3FFE0C829F65283F177] - 02/04/2014 - 19:06:28 ----- . (...) -- C:\UsbFix [Scan 1] DANIEL-PC.txt [15253]
O44 - LFC:[MD5.F048CA7BD90BFE0C8B379F853962CFA4] - 02/04/2014 - 22:12:21 ---A- . (...) -- C:\UsbFix [Clean 2] DANIEL-PC.txt [18214]
O44 - LFC:[MD5.F862CD08F1AD4EE39BD506853F3C6103] - 31/03/2014 - 02:03:34 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [16284]
O44 - LFC:[MD5.AE7935A0E610CCFA2C2CE4E42A3DA24A] - 31/03/2014 - 02:15:08 ---A- . (...) -- C:\Windows\IE11_main.log [127223]
~ Files: 74 Legitimates Filtered in 00mn 39s
---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.5573AA70993A2BB81525B1C704B88763] - 09/05/2013 - 09:59:07 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65336]
O58 - SDL:[MD5.2E83D2621E87C493AB45DC6655BA77D4] - 27/06/2013 - 23:02:33 ---A- . (...) -- C:\Windows\System32\Drivers\aswSnx.sys.sum [175]
O58 - SDL:[MD5.A5F29AC2F0ADE8B995B49D7350CE3AC0] - 27/06/2013 - 23:02:33 ---A- . (...) -- C:\Windows\System32\Drivers\aswSP.sys.sum [175]
O58 - SDL:[MD5.22F521108881DC59837F6FC614E0568F] - 27/06/2013 - 23:02:33 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [189936]
O58 - SDL:[MD5.E86C64478D9A90D62255FE9EB0150C6E] - 27/06/2013 - 23:02:33 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys.sum [175]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.1299D1EA00B7A4BF69C5869DCA31E0F6] - 09/07/2009 - 04:11:41 ---A- . (.ELAN Microelectronic Corp. - ETD Control Center.) -- C:\Windows\System32\Drivers\ETD.sys [140800]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.8DCA93290E92CEE3EF9E72ECEC7AC8F8] - 30/10/2012 - 15:49:34 ---A- . (.© Guillemot R&D, 2012. All rights reserved. - DJ Series ASIO kernel driver.) -- C:\Windows\System32\Drivers\HDJAsioK.sys [306032]
O58 - SDL:[MD5.1B322533FB8E24F16FCB08121CB3617F] - 30/10/2012 - 15:49:32 ---A- . (.© Guillemot R&D, 2012. All rights reserved. - DJ Series Bulk driver.) -- C:\Windows\System32\Drivers\HDJBulk.sys [238960]
O58 - SDL:[MD5.63516E4EB26EF321E51FA0016E9DA464] - 30/10/2012 - 15:49:32 ---A- . (.© Guillemot R&D, 2012. All rights reserved. - Hercules DJ Control MP3 Filter Driver.) -- C:\Windows\System32\Drivers\HDJCtrl.sys [37744]
O58 - SDL:[MD5.D9A9DDDE1E3E4F04E89BDD5FBDF2DCC7] - 30/10/2012 - 15:49:30 ---A- . (.© Guillemot R&D, 2012. All rights reserved. - DJ Series MIDI kernel driver.) -- C:\Windows\System32\Drivers\HDJMidi.sys [271216]
O58 - SDL:[MD5.E63EF8C3271D014F14E2469CE75FECB4] - 20/07/2009 - 10:29:39 ---A- . (.Pas de propriétaire - Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\kbfiltr.sys [15416]
O58 - SDL:[MD5.0B9A1212258D8AA3FFC0FA41393E7BEC] - 05/06/2009 - 11:16:29 ---A- . (.Pas de propriétaire - USBCAMD for Sonix UVC.) -- C:\Windows\System32\Drivers\sncduvc.sys [42176]
O58 - SDL:[MD5.7AEC460DBDD193680F0E77724E40E7B6] - 05/06/2009 - 11:16:29 ---A- . (.Pas de propriétaire - UVC Camera Streaming Driver.) -- C:\Windows\System32\Drivers\snp2uvc.sys [1806400]
O58 - SDL:[MD5.0B3F6C8F93C5C25977EA5A8B2E656357] - 04/06/2013 - 08:15:02 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [103448]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
~ Drivers: 16 Legitimates Filtered in 00mn 22s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: UsbFix - (.El Desaparecido - www.usbfix.net - www.sosvirus.net.) [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (.not file.)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {045B249D-4B29-1D8D-1AFC-01D008D36072} - ({045B249D-4B29-1D8D-1AFC-01D008D36072}) - http://search.babylon.com =>PUP.Babylon
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - http://r.orange.fr
O69 - SBI: SearchScopes [HKCU] {D9B4DC3B-8951-4d37-B98B-F732DB805E77} - (Booksbario Customized Web Search) - http://search.conduit.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.1FE339E72FE03A27DD9D5A9A357CFE7D] [SPRF][10/09/2009] (...) -- C:\ProgramData\FullRemove.exe [131368]
[MD5.D59F24B86431EEB25281BCE7817783F1] [SPRF][17/01/2011] (.Pas de propriétaire - Audacity Setup.) -- C:\Users\DANIEL\Desktop\audacity-win-1.2.6.exe [2228534]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][11/11/2010] (...) -- C:\Users\DANIEL\Desktop\client_sound.dat [2771386368]
[MD5.A2B25C4A2E886789FEB5EE4006E64D5C] [SPRF][23/03/2010] (...) -- C:\Users\DANIEL\Desktop\lame.exe [581120]
[MD5.563B98D6048E32CDE756935F299BBEAC] [SPRF][23/03/2010] (...) -- C:\Users\DANIEL\Desktop\lame_enc.dll [495104]
[MD5.B63CCB43F2779CBEA5D8D3CE2E3D90FB] [SPRF][02/04/2013] (...) -- C:\Users\DANIEL\Desktop\Minecraft.exe [263186]
[MD5.B3B121CCAC92A71152D3AA6A783927D4] [SPRF][11/11/2010] (...) -- C:\Users\DANIEL\Desktop\wrar393.exe [1364522]
~ Files: 10 Legitimates Filtered in 00mn 02s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{8AE3F4F2-0E3F-483D-B15E-CC16272113A7}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Spyome\maspyome.exe
O87 - FAEL: "{2C920793-6E4C-47FA-A9A0-3EB3D8CC650D}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Spyome\maspyome.exe
O87 - FAEL: "{A0A0BF19-35A8-43BA-B680-4631FB414D77}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Spyome\maagtspe.exe
O87 - FAEL: "{94CE22DB-9C88-41B2-B86A-8E86D062274A}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Spyome\maagtspe.exe
O87 - FAEL: "{811A15B3-B375-4246-847A-E1C59DFF2D9A}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "{F6D59F2D-A016-44C2-932F-9C5A3C2F1455}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "TCP Query User{D57AD8AC-18AD-4B32-B738-434CC246F123}C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
O87 - FAEL: "UDP Query User{3EA8D1BE-28BD-420F-8B06-07D48DFC8180}C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
O87 - FAEL: "TCP Query User{F1C30047-1B85-4935-82E6-F98079067F16}C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P6 - TRUE | .(...) -- C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
O87 - FAEL: "UDP Query User{966CB1A0-D992-4AD7-B7EB-9CF0275D8B2B}C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P17 - TRUE | .(...) -- C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
~ Firewall: 236 Legitimates Filtered in 00mn 03s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.B67811645C5A3B8E4E4B1A1DB1EE271C] [WIS][19/09/2012] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\396b93a.msi [45056] =>Adware.Boxore
~ WIS: 117 Legitimates Filtered in 00mn 27s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 13/03/2013 253656 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 23/04/2012 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 23/04/2012 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 10/07/1658 0 | (Orange update Core Service) . (...) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Demand 31/03/2008 225280 | (ADSMService) . (.ASUSTek Computer Inc..) - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
SR - | Auto 17/09/2009 359552 | (AFBAgent) . (.ASUSTeK Computer Inc..) - C:\Windows\system32\FBAgent.exe
SR - | Auto 14/07/2009 27136 | c:\program files (x86)\common files\akamai\netsession_win_8fa3539.dll (Akamai) . (.Akamai Technologies, Inc..) - C:\Windows\System32\svchost.exe
SR - | Auto 16/06/2009 84536 | (ASLDRService) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
SR - | Auto 08/08/2007 94208 | (ATKGFNEXSrv) . (...) - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
SR - | Auto 09/05/2013 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 06/09/2012 18944 | (HerculesDJControlMP3) . (.Hercules®.) - C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.exe
SR - | Demand 28/01/2009 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 02/07/2009 382496 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Demand 21/01/2009 247152 | (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 30s
---\\ Scan Additionnel (O88)
Database Version : 13031 - (30/03/2014)
Clés trouvées (Keys found) : 49
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 9
Fichiers trouvés (Files found) : 3
[HKLM\Software\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde] =>Toolbar.DeltaSearch^
[HKLM\Software\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn] =>PUP.SweetIM^
[HKLM\Software\Google\Chrome\Extensions\licjnkifamhpbaefhdpacpmihicfbomb] =>Adware.PricePeep^
[HKLM\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff] =>Adware.MyWebSearch^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\CacaoWeb Packages] =>PUP.CacaoWeb^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Orange
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\BA086F2D38A8E1A47912955A68B3AD24] =>Adware.PredictAd
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKCU\Software\AppDataLow\Software\SingAlong] =>Adware.Singalng
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\cjkpeelhbaipjkogeledgpkllepmkdmc] =>Adware.AddLyrics
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836] =>PUP.SweetIM^
C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde =>Toolbar.DeltaSearch^
C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn =>PUP.SweetIM^
C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb =>Adware.PricePeep^
C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff =>Adware.MyWebSearch^
C:\Program Files (x86)\LyricSearch =>Adware.AddLyrics^
C:\Users\DANIEL\AppData\Roaming\BitComet =>P2P.BitComet^
C:\Program Files (x86)\FK_Monitor =>Keylogger.FreeKeylogger
C:\Users\DANIEL\AppData\Roaming\FK_Monitor =>Keylogger.FreeKeylogger
C:\Users\DANIEL\AppData\Local\Software =>Adware.Boxore
[HKCU\Software\BitComet] =>P2P.BitComet^
C:\Windows\Installer\396b93a.msi =>Adware.Boxore^
C:\Users\DANIEL\Downloads\cacaoweb.exe =>PUP.CacaoWeb
~ Additionnel Scan: 335332 Items scanned in 01mn 42s
---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch
http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch =>Adware.MyWebSearch
http://nicolascoolman.webs.com/apps/blog/show/33449013-rogue-pcspeedmaximizer =>Rogue.PCSpeedMaximizer
http://nicolascoolman.webs.com/apps/blog/show/29895028-pup-videoperformer =>PUP.VideoPerformer
http://nicolascoolman.webs.com/apps/blog/show/27566847-pup-cacaoweb =>PUP.CacaoWeb
http://nicolascoolman.webs.com/apps/blog/show/26601058-adware-addlyrics =>Adware.AddLyrics
http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
http://nicolascoolman.webs.com/apps/blog/show/27229962-adware-predictad =>Adware.PredictAd
http://nicolascoolman.webs.com/apps/blog/show/27423721-adware-singalng =>Adware.Singalng
http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma
~ MSI: 12 link(s) detected in 00mn 00s
~ 1242 Legitimates filtered by white list
End of the scan (597 lines in 05mn 17s)(0)
lilidurhone
Messages postés
43343
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
18 septembre 2023
3 804
3 avril 2014 à 16:39
3 avril 2014 à 16:39
Tu as dû installer des logiciels potentiellement indésirables
Pour éviter ce genre de problème :
- Ne télécharge aucun programme proposé dans des publicités ou sur des sites suspects. A noter que certains sites connus comme O1net, Softronic, Tuto4PC, etc modifient parfois les programmes proposés au téléchargement pour y ajouter des logiciels publicitaires ==> Préfère toujours le téléchargement directement sur le site de l'éditeur.
- Au cours de l'installation d'un programme gratuit, lis bien attentivement et décoche tous les programmes additionnels qui sont proposés, en particulier les barres d'outils.
Pour ton information lis ces dossier sur les Programmes Potentiellement Indésirables et Les Barres d'Outils ce n'est pas obligatoires
* Télécharge cet outil simple d'utilisation
https://toolslib.net (de Xplode) sur ton bureau.
* Si problème avec le 1er lien prends le ici https://www.commentcamarche.net/telecharger/securite/2759-adwcleaner/
* Lance le (Sous vista/seven/8 clic droit dessus,et sur exécuter en tant qu'administrateur)si tu es sous xp double cliques dessus
* Cliques sur scanner
* Poste le rapport de recherche C:\Adwcleaner[R]
* Note le rapport de recherche est également sauvegardé sous C:\Adwcleaner[R1]
Pour éviter ce genre de problème :
- Ne télécharge aucun programme proposé dans des publicités ou sur des sites suspects. A noter que certains sites connus comme O1net, Softronic, Tuto4PC, etc modifient parfois les programmes proposés au téléchargement pour y ajouter des logiciels publicitaires ==> Préfère toujours le téléchargement directement sur le site de l'éditeur.
- Au cours de l'installation d'un programme gratuit, lis bien attentivement et décoche tous les programmes additionnels qui sont proposés, en particulier les barres d'outils.
Pour ton information lis ces dossier sur les Programmes Potentiellement Indésirables et Les Barres d'Outils ce n'est pas obligatoires
* Télécharge cet outil simple d'utilisation
https://toolslib.net (de Xplode) sur ton bureau.
* Si problème avec le 1er lien prends le ici https://www.commentcamarche.net/telecharger/securite/2759-adwcleaner/
* Lance le (Sous vista/seven/8 clic droit dessus,et sur exécuter en tant qu'administrateur)si tu es sous xp double cliques dessus
* Cliques sur scanner
* Poste le rapport de recherche C:\Adwcleaner[R]
* Note le rapport de recherche est également sauvegardé sous C:\Adwcleaner[R1]
Redbubulle
Messages postés
13
Date d'inscription
mercredi 2 avril 2014
Statut
Membre
Dernière intervention
11 avril 2014
3 avril 2014 à 21:45
3 avril 2014 à 21:45
Voici le rapport :
# AdwCleaner v3.023 - Rapport créé le 03/04/2014 à 21:45:25
# Mis à jour le 01/04/2014 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : DANIEL - DANIEL-PC
# Exécuté depuis : C:\Users\DANIEL\Downloads\adwcleaner.exe
# Option : Scanner
***** [ Services ] *****
***** [ Fichiers / Dossiers ] *****
***** [ Raccourcis ] *****
***** [ Registre ] *****
***** [ Navigateurs ] *****
-\\ Internet Explorer v11.0.9600.16521
-\\ Mozilla Firefox v13.0.1 (fr)
[ Fichier : C:\Users\DANIEL\AppData\Roaming\Mozilla\Firefox\Profiles\v97ertad.default\prefs.js ]
-\\ Google Chrome v33.0.1750.154
[ Fichier : C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Trouvée : search_url
Trouvée : keyword
Trouvée : search_url
Trouvée : search_url
*************************
AdwCleaner[R0].txt - [49278 octets] - [02/04/2014 01:07:18]
AdwCleaner[R1].txt - [1318 octets] - [02/04/2014 01:24:34]
AdwCleaner[R2].txt - [1272 octets] - [02/04/2014 01:49:49]
AdwCleaner[R3].txt - [1071 octets] - [03/04/2014 21:45:25]
AdwCleaner[S0].txt - [46958 octets] - [02/04/2014 01:14:50]
AdwCleaner[S1].txt - [1343 octets] - [02/04/2014 01:43:09]
AdwCleaner[S2].txt - [1293 octets] - [02/04/2014 01:56:50]
########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [1312 octets] ##########
# AdwCleaner v3.023 - Rapport créé le 03/04/2014 à 21:45:25
# Mis à jour le 01/04/2014 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : DANIEL - DANIEL-PC
# Exécuté depuis : C:\Users\DANIEL\Downloads\adwcleaner.exe
# Option : Scanner
***** [ Services ] *****
***** [ Fichiers / Dossiers ] *****
***** [ Raccourcis ] *****
***** [ Registre ] *****
***** [ Navigateurs ] *****
-\\ Internet Explorer v11.0.9600.16521
-\\ Mozilla Firefox v13.0.1 (fr)
[ Fichier : C:\Users\DANIEL\AppData\Roaming\Mozilla\Firefox\Profiles\v97ertad.default\prefs.js ]
-\\ Google Chrome v33.0.1750.154
[ Fichier : C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Trouvée : search_url
Trouvée : keyword
Trouvée : search_url
Trouvée : search_url
*************************
AdwCleaner[R0].txt - [49278 octets] - [02/04/2014 01:07:18]
AdwCleaner[R1].txt - [1318 octets] - [02/04/2014 01:24:34]
AdwCleaner[R2].txt - [1272 octets] - [02/04/2014 01:49:49]
AdwCleaner[R3].txt - [1071 octets] - [03/04/2014 21:45:25]
AdwCleaner[S0].txt - [46958 octets] - [02/04/2014 01:14:50]
AdwCleaner[S1].txt - [1343 octets] - [02/04/2014 01:43:09]
AdwCleaner[S2].txt - [1293 octets] - [02/04/2014 01:56:50]
########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [1312 octets] ##########
lilidurhone
Messages postés
43343
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
18 septembre 2023
3 804
4 avril 2014 à 18:19
4 avril 2014 à 18:19
Refais un zhpdiag
Redbubulle
Messages postés
13
Date d'inscription
mercredi 2 avril 2014
Statut
Membre
Dernière intervention
11 avril 2014
7 avril 2014 à 17:28
7 avril 2014 à 17:28
Je ne comprenais pas pourquoi je n'avais plus de réponse depuis 3 jours en allant sur le forum je n'arrivais pas à voir ta réponse jusqu'à aujourd'hui ( je me sens un peu bête ) Je m'excuse donc de l'attente et voici le rapport de ZHPdiag :
~ Rapport de ZHPDiag v2014.3.30.36 - Nicolas Coolman (30/03/2014)
~ Lancé par DANIEL (07/04/2014 17:16:46)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16521
MFIE: Mozilla Firefox 13.0.1
GCIE: Google Chrome v33.0.1750.154 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 9YQTR
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
avast! Free Antivirus v8.0.1489.0
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7
---\\ Logiciels d'optimisation du système
CCleaner v3.26 =>.Piriform Ltd
---\\ Logiciels de partage PeerToPeer
Pando Media Booster v2.6.0.8
---\\ Surveillance de Logiciels
Adobe Flash Player 10 Plugin
Adobe Reader 9.3 MUI
Java 7 Update 21
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4095 MB (40% free)
System Restore: Activé (Enable)
System drive C: has 24 GB (20%) free of 116 GB
---\\ Mode de connexion au système
~ Computer Name: DANIEL-PC
~ User Name: DANIEL
~ All Users Names: HomeGroupUser$, DANIEL, ASPNET, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\DANIEL\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\DANIEL\AppData\Roaming\
~ %Desktop% : C:\Users\DANIEL\Desktop\
~ %Favorites% : C:\Users\DANIEL\Favorites\
~ %LocalAppData% : C:\Users\DANIEL\AppData\Local\
~ %StartMenu% : C:\Users\DANIEL\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 24 Go of 116 Go)
D: Hard drive, Flash drive, Thumb drive (Free 313 Go of 335 Go)
E: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 46 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.DF79CE9B950C62677D232154E93A81C7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.01/03/2014 - 04:10:28.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 04s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/13
~ Mes Favoris (My Favorites) : 1/50
~ Mes Documents (My Documents) : 1/71
~ Mon Bureau (My Desktop) : 3/1033
~ Menu demarrer (Programs) : 1/60
~ Hidden Files: Scanned in 00mn 12s
---\\ Processus lancés
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.2412]
[MD5.6105AFCB022541D34206741185D2EC72] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2387968] [PID.3496]
[MD5.466CE40EAA865752F4930A472563E4E1] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760] [PID.3552]
[MD5.07E56F90546052D0574355E16AB48A6F] - (.ASUS - AsScrPro.) -- C:\Windows\AsScrPro.exe [3058304] [PID.3700]
[MD5.74EF10CD035DE51171C98E60E53AE221] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [104936] [PID.3744]
[MD5.4458989C34FA84B5A75DD3ABCFBE786A] - (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624] [PID.1492]
[MD5.70F81D6EEFCA1E1943828306F57EA55C] - (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\DANIEL\AppData\Local\Akamai\netsession_win.exe [4672920] [PID.2336]
[MD5.DFB13D3470844B6770FFB87DFC9FD340] - (.Orange - MailNotifier.) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe [884744] [PID.3268]
[MD5.177E24726F38D24B10532D7DDEE0DCC7] - (...) -- C:\Users\DANIEL\AppData\Roaming\cacaoweb\cacaoweb.exe [454656] [PID.3308] =>PUP.CacaoWeb
[MD5.042DF65D6B851406DDF0B2F95B986FC2] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336] [PID.4580]
[MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] - (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016] [PID.4688]
[MD5.29B129E019D5935C55541629677C2A69] - (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [159744] [PID.4724]
[MD5.EBA7FEB924D04E718870B6E1E07D2465] - (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [8493624] [PID.4760]
[MD5.73BB442A717B9BB0097C243374C14A3E] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672] [PID.4772]
[MD5.8B350218236268F883F76A69216B322F] - (...) -- C:\Program Files (x86)\Spyome\maagtspe.exe [2654292] [PID.4876]
[MD5.8B350218236268F883F76A69216B322F] - (...) -- C:\Program Files (x86)\Spyome\maspyome.exe [2654292] [PID.4984]
[MD5.3F11B20D12D89365D7721BDC860CE5F0] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968] [PID.5100]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816] [PID.3892]
[MD5.3A924B200D86590D2C83214CEBFA9742] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859976] [PID.4448]
[MD5.4414FD10083ABCAEE2F66982BE0B4F3C] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8179712] [PID.4952]
[MD5.18E5C2F937F9DEB8C282DF66A3761925] - (.ASUS - ASLDR Service.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [84536] [PID.1388]
[MD5.7C157574A181B19B9DCF5F339E25337E] - (.Pas de propriétaire - GFNEXSrv.) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208] [PID.1472]
[MD5.28D6701C710AD7BA3CB95E75F8F1A9AA] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808] [PID.1512]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.1944]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.1996]
[MD5.A434FB7C05F244E8E46C23F8075082ED] - (.ASUS - HControl.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe [178744] [PID.2540]
[MD5.D62088F1C4E7B3477AD2A5F8F5C6DEF3] - (.Pas de propriétaire - Atouch64.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe [301624] [PID.2548]
[MD5.149126216A694E6BA84E92ECA77AAE3B] - (.ASUS - ATKOSD.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe [2488888] [PID.2816]
[MD5.AA11E1368EEB237DD100BAC6AFFE1C57] - (.ASUS - KBFiltr.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe [113208] [PID.2844]
[MD5.4A7C441D99D86704D194E7678873B95D] - (.ASUS - WDC.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe [174648] [PID.2852]
[MD5.C0BF554D2277F7A4C735D475ADE2E3B2] - (.ASUSTek Computer Inc. - ADSMSrv.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280] [PID.3420]
[MD5.9188D073CD14F886790D6037D1986063] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.3560]
[MD5.7CCAEBCAB6FC1ED0206C07E083E79207] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152] [PID.3664]
~ Processes Running: Scanned in 00mn 07s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://search.conduit.com
G2 - GCE: Preference [User Data\Default] [booedmolknjekdopkepjjeckmjkdpfgl] Extutil v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.5.2 (Désactivé) =>Toolbar.DeltaSearch
G2 - GCE: Preference [User Data\Default] [flpcjncodpafbgdpnkljologafpionhb] Managera v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [jcdgjdiieiljkfkdcloehkohchhpekkn] SweetIM for Facebook v.1.2.0.0 (Désactivé) =>PUP.SweetIM
G2 - GCE: Preference [User Data\Default] [licjnkifamhpbaefhdpacpmihicfbomb] PricePeep v.2.2.0.10 (Activé) =>Adware.PricePeep
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ombmmloebnfnpehgjnmkcgoegfachobp] Widget context v.3.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pflphaooapbgpeakohlggbpidpppgdff] MySearchDial Nouvel onglet v.9.4.4 (Désactivé) =>Adware.MyWebSearch
---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 18 Legitimates Filtered in 00mn 41s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\DANIEL\AppData\Roaming\Mozilla\Firefox\Profiles\v97ertad.default\prefs.js
M2 - MFEP: prefs.js [DANIEL - v97ertad.default\cacaoweb@cacaoweb.org] [] cacaoweb v1.0.34 (..) =>PUP.CacaoWeb
P2 - FPN:Firefox Plugin Navigator . (.BitComet - BitCometAgent v1.30 for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npBitCometAgent.dll =>P2P.BitComet
~ Firefox Browser: 15 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R3 - URLSearchHook: (no name) [64Bits] - {AEEC3B59-CA98-4EBA-A140-57B94E283583} . (.Pando Networks - Pando Web Plugin.) (No version) -- (.not file.)
~ IE Browser: 20 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! WebRep - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D3028143-6145-4318-99D3-3EDCE54A95A9} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: .lnk . (...) -- C:\Program Files\QuickMediaConverter\Audio Codec.txt
O4 - GS\Desktop [Public]: AI Recovery Burner.lnk . (...) -- C:\Windows\Installer\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}\_CA687698538FE21FF77D3A.exe
O4 - GS\Desktop [Public]: ASUS MultiFrame.lnk . (.ASUSTek Computer Inc. - ASUS MultiFrame.) -- C:\Program Files (x86)\ASUS\Asus MultiFrame\MultiFrame.exe
O4 - GS\Desktop [Public]: Asus WebStorage.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\Desktop [Public]: ControlDeck.lnk . (...) -- C:\Windows\Installer\{5B65EF64-1DFA-414A-8C94-7BB726158E21}\_6924E4672453D00BFBA198.exe
O4 - GS\Desktop [Public]: DJUCED.lnk . (.Guillemot Corporation - DJUCED.) -- C:\Program Files (x86)\DJUCED\DJUCED.exe
O4 - GS\Desktop [Public]: eManual.Lnk . (.ASUSTek Computer Inc. - EManual Application.) -- C:\eSupport\Manual\eManual.exe
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: LifeFrame.lnk . (.ASUS - LifeFrame3.) -- C:\Program Files (x86)\ASUS\ASUS LifeFrame3\LifeFrame.exe
O4 - GS\Desktop [Public]: OpenOffice 4.0.1.lnk . (.Apache Software Foundation - OpenOffice 4.0.1.) -- C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
O4 - GS\Desktop [Public]: Quick Media Converter.lnk . (.Cocoon Software - Quick Media Converter Next Generation HD.) -- C:\Program Files\QuickMediaConverter\QuickMediaConverter.exe
O4 - GS\Desktop [Public]: SmartLogon Manager.lnk . (.ASUS - SmartLogon Application.) -- C:\Program Files (x86)\ASUS\SmartLogon\logonmgr.exe
O4 - GS\Desktop [Public]: Splendid Utility.Lnk . (...) -- C:\Program Files (x86)\ASUS\Splendid\Backbone.exe
O4 - GS\Desktop [Public]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) -- C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (...) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (.not file.)
O4 - GS\QuickLaunch [DANIEL]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [DANIEL]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [DANIEL]: Quick Media Converter.lnk . (.Cocoon Software - Quick Media Converter Next Generation HD.) -- C:\Program Files\QuickMediaConverter\QuickMediaConverter.exe
O4 - GS\TaskBar [DANIEL]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Program [DANIEL]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [DANIEL]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [DANIEL]: Audio Performer.lnk . (.PerformerSoft LLC - Audio Performer.) -- C:\Program Files (x86)\AudioPerformer\AudioPerformer.exe
O4 - GS\Desktop [DANIEL]: PC Speed Maximizer.lnk . (...) -- C:\Program Files (x86)\PC Speed Maximizer\PCSpeedMaximizer.exe (.not file.) =>Rogue.PCSpeedMaximizer
O4 - GS\Desktop [DANIEL]: SyllabiK.lnk . (.mIRC Co. Ltd. - mIRC.) -- C:\Program Files (x86)\SyllabiK\mirc.exe
O4 - GS\Desktop [DANIEL]: Video Performer.lnk . (...) -- C:\Program Files (x86)\VideoPerformer\VideoPerformer.exe (.not file.) =>PUP.VideoPerformer
~ Global Startup: 84 Legitimates Filtered in 00mn 05s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: FancyStart daemon.lnk . (...) -- C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe
O4 - GS\Startup [Public]: SRS Premium Sound.lnk . (.Acresso Software Inc. - InstallShield.) -- C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
O4 - HKLM\..\Run: [EeeStorageBackup] . (.ECAREME - BackupService.) -- C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll =>.NVIDIA Corporation
O4 - HKLM\..\Run: [AmIcoSinglun64] . (.AlcorMicro Co., Ltd. - Single LUN Icon Utility for VID 058F PID 63.) -- C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
O4 - HKLM\..\Run: [ETDWare] . (.ELAN Microelectronic Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [Pando Media Booster] . (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\DANIEL\AppData\Local\Akamai\netsession_win.exe
O4 - HKCU\..\Run: [Orange Installer] . (...) -- C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [MailNotifier] . (.Orange - MailNotifier.) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
O4 - HKCU\..\Run: [cacaoweb] . (...) -- C:\Users\DANIEL\AppData\Roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
O4 - HKLM\..\Wow6432Node\Run: [MDS_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdatePDRShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Cyberlink\PowerDirector\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl9] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe
O4 - HKLM\..\Wow6432Node\Run: [PDVD9LanguageShortcut] . (.CyberLink Corp. - PowerDVD Language Application.) -- C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdatePSTShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateLBPShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateP2GoShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [HControlUser] . (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKMEDIA] . (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKOSD2] . (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [MASpyome] . (...) -- C:\Program Files (x86)\Spyome\maagtspe.exe
O4 - HKLM\..\Wow6432Node\Run: [MASpyomeWebServ] . (...) -- C:\Program Files (x86)\Spyome\maspyome.exe
O4 - HKLM\..\Wow6432Node\Run: [Hercules DJ Series] . (.Hercules® - DJ Series Control Panel.) -- C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [Pando Media Booster] . (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\DANIEL\AppData\Local\Akamai\netsession_win.exe
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [Orange Installer] . (...) -- C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [MailNotifier] . (.Orange - MailNotifier.) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [cacaoweb] . (...) -- C:\Users\DANIEL\AppData\Roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
~ Application: Scanned in 00mn 01s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{DED66B84-3656-4445-A8F7-BCD6CAEBA843}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{DED66B84-3656-4445-A8F7-BCD6CAEBA843}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{DED66B84-3656-4445-A8F7-BCD6CAEBA843}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: Akamai NetSession Interface Service - (...) [HKLM][64Bits] -- Akamai
O42 - Logiciel: CacaoWeb Packages - (...) [HKCU][64Bits] -- CacaoWeb Packages =>PUP.CacaoWeb
O42 - Logiciel: DJUCED - (.Guillemot.) [HKLM][64Bits] -- {1BE0813F-4110-4B1C-B96D-EB7278199DDC}
O42 - Logiciel: Spyome 1.01 - (.Morillon Alain.) [HKLM][64Bits] -- Spyome_is1
~ Logic: 33 Legitimates Filtered in 00mn 02s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\BitComet] =>P2P.BitComet
[HKCU\Software\Pando Networks]
[HKCU\Software\cacaoweb] =>PUP.CacaoWeb
[HKLM\Software\Wow6432Node\Pando Networks]
[HKLM\Software\Wow6432Node\Spyome]
~ Key Software: 344 Legitimates Filtered in 00mn 02s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 28/12/2012 - 23:54:58 - [34,846] ----D C:\Program Files (x86)\DJUCED
O43 - CFD: 18/01/2013 - 01:28:33 - [0,004] ----D C:\Program Files (x86)\FK_Monitor
O43 - CFD: 19/01/2014 - 19:04:05 - [0,131] ----D C:\Program Files (x86)\LyricSearch =>Adware.AddLyrics
O43 - CFD: 07/11/2010 - 12:37:00 - [7,234] ----D C:\Program Files (x86)\Pando Networks
O43 - CFD: 01/09/2012 - 10:55:51 - [0,938] ----D C:\Program Files (x86)\Slayers Online
O43 - CFD: 13/05/2011 - 13:50:57 - [5,809] ----D C:\Program Files (x86)\Spyome
O43 - CFD: 31/12/2011 - 23:12:08 - [9,308] ----D C:\Program Files (x86)\SyllabiK
O43 - CFD: 30/01/2011 - 02:02:51 - [4,509] --H-D C:\ProgramData\{16996CC6-7043-45AD-9C8D-A784409115E4}
O43 - CFD: 31/10/2013 - 20:55:18 - [1,063] ----D C:\Users\DANIEL\AppData\Roaming\0T1N1C1T1Q2Y1L2Z
O43 - CFD: 10/01/2013 - 18:06:56 - [0,534] ----D C:\Users\DANIEL\AppData\Roaming\BitComet =>P2P.BitComet
O43 - CFD: 07/04/2014 - 17:14:59 - [0,434] ----D C:\Users\DANIEL\AppData\Roaming\cacaoweb =>PUP.CacaoWeb
O43 - CFD: 16/06/2012 - 23:23:24 - [0] ----D C:\Users\DANIEL\AppData\Roaming\FK_Monitor
O43 - CFD: 31/12/2011 - 23:12:09 - [0] ----D C:\Users\DANIEL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SyllabiK
~ Program Folder: 199 Legitimates Filtered in 00mn 46s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.06921EF52FF92F76888768B841D78D95] - 01/04/2014 - 02:21:22 ---A- . (...) -- C:\Windows\System32\ServiceFilter.ini [1901]
O44 - LFC:[MD5.DDC0B6672AB7862A3C2D7AA2ADB6B645] - 01/04/2014 - 23:57:22 ---A- . (.Pas de propriétaire - Setup/Uninstall.) -- C:\Windows\unins000.exe [715038]
O44 - LFC:[MD5.EE6407670B4CA47CCC9AF5ED41A19150] - 01/04/2014 - 23:57:31 ---A- . (.Pas de propriétaire - Lagarith.) -- C:\Windows\System32\lagarith.dll [148992]
O44 - LFC:[MD5.21909EFB1C47E3FC5AA37A783F4DB099] - 01/04/2014 - 23:57:32 ---A- . (...) -- C:\Windows\unins000.dat [1992]
O44 - LFC:[MD5.1B084600890DF3FFE0C829F65283F177] - 02/04/2014 - 19:06:28 ----- . (...) -- C:\UsbFix [Scan 1] DANIEL-PC.txt [15253]
O44 - LFC:[MD5.F048CA7BD90BFE0C8B379F853962CFA4] - 02/04/2014 - 22:12:21 ---A- . (...) -- C:\UsbFix [Clean 2] DANIEL-PC.txt [18214]
O44 - LFC:[MD5.F862CD08F1AD4EE39BD506853F3C6103] - 31/03/2014 - 02:03:34 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [16284]
O44 - LFC:[MD5.AE7935A0E610CCFA2C2CE4E42A3DA24A] - 31/03/2014 - 02:15:08 ---A- . (...) -- C:\Windows\IE11_main.log [127223]
~ Files: 74 Legitimates Filtered in 00mn 38s
---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.5573AA70993A2BB81525B1C704B88763] - 09/05/2013 - 09:59:07 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65336]
O58 - SDL:[MD5.2E83D2621E87C493AB45DC6655BA77D4] - 27/06/2013 - 23:02:33 ---A- . (...) -- C:\Windows\System32\Drivers\aswSnx.sys.sum [175]
O58 - SDL:[MD5.A5F29AC2F0ADE8B995B49D7350CE3AC0] - 27/06/2013 - 23:02:33 ---A- . (...) -- C:\Windows\System32\Drivers\aswSP.sys.sum [175]
O58 - SDL:[MD5.22F521108881DC59837F6FC614E0568F] - 27/06/2013 - 23:02:33 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [189936]
O58 - SDL:[MD5.E86C64478D9A90D62255FE9EB0150C6E] - 27/06/2013 - 23:02:33 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys.sum [175]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.1299D1EA00B7A4BF69C5869DCA31E0F6] - 09/07/2009 - 04:11:41 ---A- . (.ELAN Microelectronic Corp. - ETD Control Center.) -- C:\Windows\System32\Drivers\ETD.sys [140800]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.8DCA93290E92CEE3EF9E72ECEC7AC8F8] - 30/10/2012 - 15:49:34 ---A- . (.© Guillemot R&D, 2012. All rights reserved. - DJ Series ASIO kernel driver.) -- C:\Windows\System32\Drivers\HDJAsioK.sys [306032]
O58 - SDL:[MD5.1B322533FB8E24F16FCB08121CB3617F] - 30/10/2012 - 15:49:32 ---A- . (.© Guillemot R&D, 2012. All rights reserved. - DJ Series Bulk driver.) -- C:\Windows\System32\Drivers\HDJBulk.sys [238960]
O58 - SDL:[MD5.63516E4EB26EF321E51FA0016E9DA464] - 30/10/2012 - 15:49:32 ---A- . (.© Guillemot R&D, 2012. All rights reserved. - Hercules DJ Control MP3 Filter Driver.) -- C:\Windows\System32\Drivers\HDJCtrl.sys [37744]
O58 - SDL:[MD5.D9A9DDDE1E3E4F04E89BDD5FBDF2DCC7] - 30/10/2012 - 15:49:30 ---A- . (.© Guillemot R&D, 2012. All rights reserved. - DJ Series MIDI kernel driver.) -- C:\Windows\System32\Drivers\HDJMidi.sys [271216]
O58 - SDL:[MD5.E63EF8C3271D014F14E2469CE75FECB4] - 20/07/2009 - 10:29:39 ---A- . (.Pas de propriétaire - Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\kbfiltr.sys [15416]
O58 - SDL:[MD5.0B9A1212258D8AA3FFC0FA41393E7BEC] - 05/06/2009 - 11:16:29 ---A- . (.Pas de propriétaire - USBCAMD for Sonix UVC.) -- C:\Windows\System32\Drivers\sncduvc.sys [42176]
O58 - SDL:[MD5.7AEC460DBDD193680F0E77724E40E7B6] - 05/06/2009 - 11:16:29 ---A- . (.Pas de propriétaire - UVC Camera Streaming Driver.) -- C:\Windows\System32\Drivers\snp2uvc.sys [1806400]
O58 - SDL:[MD5.0B3F6C8F93C5C25977EA5A8B2E656357] - 04/06/2013 - 08:15:02 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [103448]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
~ Drivers: 16 Legitimates Filtered in 00mn 03s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: UsbFix - (.El Desaparecido - www.usbfix.net - www.sosvirus.net.) [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (.not file.)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {045B249D-4B29-1D8D-1AFC-01D008D36072} - ({045B249D-4B29-1D8D-1AFC-01D008D36072}) - http://search.babylon.com =>PUP.Babylon
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - http://r.orange.fr
O69 - SBI: SearchScopes [HKCU] {D9B4DC3B-8951-4d37-B98B-F732DB805E77} - (Booksbario Customized Web Search) - http://search.conduit.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.1FE339E72FE03A27DD9D5A9A357CFE7D] [SPRF][10/09/2009] (...) -- C:\ProgramData\FullRemove.exe [131368]
[MD5.D59F24B86431EEB25281BCE7817783F1] [SPRF][17/01/2011] (.Pas de propriétaire - Audacity Setup.) -- C:\Users\DANIEL\Desktop\audacity-win-1.2.6.exe [2228534]
[MD5.177E24726F38D24B10532D7DDEE0DCC7] [SPRF][07/04/2014] (...) -- C:\Users\DANIEL\Desktop\cacaoweb.exe [454656] =>PUP.CacaoWeb
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][11/11/2010] (...) -- C:\Users\DANIEL\Desktop\client_sound.dat [2771386368]
[MD5.A2B25C4A2E886789FEB5EE4006E64D5C] [SPRF][23/03/2010] (...) -- C:\Users\DANIEL\Desktop\lame.exe [581120]
[MD5.563B98D6048E32CDE756935F299BBEAC] [SPRF][23/03/2010] (...) -- C:\Users\DANIEL\Desktop\lame_enc.dll [495104]
[MD5.B63CCB43F2779CBEA5D8D3CE2E3D90FB] [SPRF][02/04/2013] (...) -- C:\Users\DANIEL\Desktop\Minecraft.exe [263186]
[MD5.B3B121CCAC92A71152D3AA6A783927D4] [SPRF][11/11/2010] (...) -- C:\Users\DANIEL\Desktop\wrar393.exe [1364522]
~ Files: 11 Legitimates Filtered in 00mn 02s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{8AE3F4F2-0E3F-483D-B15E-CC16272113A7}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Spyome\maspyome.exe
O87 - FAEL: "{2C920793-6E4C-47FA-A9A0-3EB3D8CC650D}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Spyome\maspyome.exe
O87 - FAEL: "{A0A0BF19-35A8-43BA-B680-4631FB414D77}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Spyome\maagtspe.exe
O87 - FAEL: "{94CE22DB-9C88-41B2-B86A-8E86D062274A}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Spyome\maagtspe.exe
O87 - FAEL: "{811A15B3-B375-4246-847A-E1C59DFF2D9A}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "{F6D59F2D-A016-44C2-932F-9C5A3C2F1455}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "TCP Query User{D57AD8AC-18AD-4B32-B738-434CC246F123}C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe" | In - Private - P6 - TRUE | .(...) -- C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
O87 - FAEL: "UDP Query User{3EA8D1BE-28BD-420F-8B06-07D48DFC8180}C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe" | In - Private - P17 - TRUE | .(...) -- C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
O87 - FAEL: "TCP Query User{F1C30047-1B85-4935-82E6-F98079067F16}C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe" | In - Public - P6 - TRUE | .(...) -- C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
O87 - FAEL: "UDP Query User{966CB1A0-D992-4AD7-B7EB-9CF0275D8B2B}C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe" | In - Public - P17 - TRUE | .(...) -- C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
~ Firewall: 236 Legitimates Filtered in 00mn 03s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.B67811645C5A3B8E4E4B1A1DB1EE271C] [WIS][19/09/2012] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\396b93a.msi [45056] =>Adware.Boxore
~ WIS: 117 Legitimates Filtered in 00mn 27s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 13/03/2013 253656 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 23/04/2012 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 23/04/2012 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 10/07/1658 0 | (Orange update Core Service) . (...) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Demand 31/03/2008 225280 | (ADSMService) . (.ASUSTek Computer Inc..) - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
SR - | Auto 17/09/2009 359552 | (AFBAgent) . (.ASUSTeK Computer Inc..) - C:\Windows\system32\FBAgent.exe
SR - | Auto 14/07/2009 27136 | c:\program files (x86)\common files\akamai\netsession_win_8fa3539.dll (Akamai) . (.Akamai Technologies, Inc..) - C:\Windows\System32\svchost.exe
SR - | Auto 16/06/2009 84536 | (ASLDRService) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
SR - | Auto 08/08/2007 94208 | (ATKGFNEXSrv) . (...) - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
SR - | Auto 09/05/2013 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 06/09/2012 18944 | (HerculesDJControlMP3) . (.Hercules®.) - C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.exe
SR - | Demand 28/01/2009 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 02/07/2009 382496 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Demand 21/01/2009 247152 | (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 29s
---\\ Scan Additionnel (O88)
Database Version : 13031 - (30/03/2014)
Clés trouvées (Keys found) : 50
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 11
Fichiers trouvés (Files found) : 5
[HKLM\Software\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde] =>Toolbar.DeltaSearch^
[HKLM\Software\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn] =>PUP.SweetIM^
[HKLM\Software\Google\Chrome\Extensions\licjnkifamhpbaefhdpacpmihicfbomb] =>Adware.PricePeep^
[HKLM\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff] =>Adware.MyWebSearch^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\CacaoWeb Packages] =>PUP.CacaoWeb^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Orange
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\BA086F2D38A8E1A47912955A68B3AD24] =>Adware.PredictAd
[HKCU\Software\cacaoweb] =>PUP.CacaoWeb
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKCU\Software\AppDataLow\Software\SingAlong] =>Adware.Singalng
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\cjkpeelhbaipjkogeledgpkllepmkdmc] =>Adware.AddLyrics
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836] =>PUP.SweetIM^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:cacaoweb =>PUP.CacaoWeb^
C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde =>Toolbar.DeltaSearch^
C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn =>PUP.SweetIM^
C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb =>Adware.PricePeep^
C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff =>Adware.MyWebSearch^
C:\Users\DANIEL\AppData\Roaming\Mozilla\Firefox\Profiles\v97ertad.default\extensions\cacaoweb@cacaoweb.org =>PUP.CacaoWeb^
C:\Program Files (x86)\LyricSearch =>Adware.AddLyrics^
C:\Users\DANIEL\AppData\Roaming\BitComet =>P2P.BitComet^
C:\Users\DANIEL\AppData\Roaming\cacaoweb =>PUP.CacaoWeb^
C:\Program Files (x86)\FK_Monitor =>Keylogger.FreeKeylogger
C:\Users\DANIEL\AppData\Roaming\FK_Monitor =>Keylogger.FreeKeylogger
C:\Users\DANIEL\AppData\Local\Software =>Adware.Boxore
C:\Users\DANIEL\AppData\Roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb^
[HKCU\Software\BitComet] =>P2P.BitComet^
C:\Users\DANIEL\Desktop\cacaoweb.exe =>PUP.CacaoWeb^
C:\Windows\Installer\396b93a.msi =>Adware.Boxore^
C:\Users\DANIEL\Downloads\cacaoweb.exe =>PUP.CacaoWeb
~ Additionnel Scan: 335821 Items scanned in 01mn 44s
---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.webs.com/apps/blog/show/27566847-pup-cacaoweb =>PUP.CacaoWeb
http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch
http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch =>Adware.MyWebSearch
http://nicolascoolman.webs.com/apps/blog/show/33449013-rogue-pcspeedmaximizer =>Rogue.PCSpeedMaximizer
http://nicolascoolman.webs.com/apps/blog/show/29895028-pup-videoperformer =>PUP.VideoPerformer
http://nicolascoolman.webs.com/apps/blog/show/26601058-adware-addlyrics =>Adware.AddLyrics
http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
http://nicolascoolman.webs.com/apps/blog/show/27229962-adware-predictad =>Adware.PredictAd
http://nicolascoolman.webs.com/apps/blog/show/27423721-adware-singalng =>Adware.Singalng
http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma
~ MSI: 12 link(s) detected in 00mn 00s
~ 1242 Legitimates filtered by white list
End of the scan (611 lines in 06mn 22s)(0)
~ Rapport de ZHPDiag v2014.3.30.36 - Nicolas Coolman (30/03/2014)
~ Lancé par DANIEL (07/04/2014 17:16:46)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16521
MFIE: Mozilla Firefox 13.0.1
GCIE: Google Chrome v33.0.1750.154 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 9YQTR
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
avast! Free Antivirus v8.0.1489.0
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7
---\\ Logiciels d'optimisation du système
CCleaner v3.26 =>.Piriform Ltd
---\\ Logiciels de partage PeerToPeer
Pando Media Booster v2.6.0.8
---\\ Surveillance de Logiciels
Adobe Flash Player 10 Plugin
Adobe Reader 9.3 MUI
Java 7 Update 21
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4095 MB (40% free)
System Restore: Activé (Enable)
System drive C: has 24 GB (20%) free of 116 GB
---\\ Mode de connexion au système
~ Computer Name: DANIEL-PC
~ User Name: DANIEL
~ All Users Names: HomeGroupUser$, DANIEL, ASPNET, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\DANIEL\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\DANIEL\AppData\Roaming\
~ %Desktop% : C:\Users\DANIEL\Desktop\
~ %Favorites% : C:\Users\DANIEL\Favorites\
~ %LocalAppData% : C:\Users\DANIEL\AppData\Local\
~ %StartMenu% : C:\Users\DANIEL\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 24 Go of 116 Go)
D: Hard drive, Flash drive, Thumb drive (Free 313 Go of 335 Go)
E: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 46 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.DF79CE9B950C62677D232154E93A81C7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.01/03/2014 - 04:10:28.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 04s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/13
~ Mes Favoris (My Favorites) : 1/50
~ Mes Documents (My Documents) : 1/71
~ Mon Bureau (My Desktop) : 3/1033
~ Menu demarrer (Programs) : 1/60
~ Hidden Files: Scanned in 00mn 12s
---\\ Processus lancés
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.2412]
[MD5.6105AFCB022541D34206741185D2EC72] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2387968] [PID.3496]
[MD5.466CE40EAA865752F4930A472563E4E1] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760] [PID.3552]
[MD5.07E56F90546052D0574355E16AB48A6F] - (.ASUS - AsScrPro.) -- C:\Windows\AsScrPro.exe [3058304] [PID.3700]
[MD5.74EF10CD035DE51171C98E60E53AE221] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [104936] [PID.3744]
[MD5.4458989C34FA84B5A75DD3ABCFBE786A] - (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624] [PID.1492]
[MD5.70F81D6EEFCA1E1943828306F57EA55C] - (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\DANIEL\AppData\Local\Akamai\netsession_win.exe [4672920] [PID.2336]
[MD5.DFB13D3470844B6770FFB87DFC9FD340] - (.Orange - MailNotifier.) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe [884744] [PID.3268]
[MD5.177E24726F38D24B10532D7DDEE0DCC7] - (...) -- C:\Users\DANIEL\AppData\Roaming\cacaoweb\cacaoweb.exe [454656] [PID.3308] =>PUP.CacaoWeb
[MD5.042DF65D6B851406DDF0B2F95B986FC2] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336] [PID.4580]
[MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] - (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016] [PID.4688]
[MD5.29B129E019D5935C55541629677C2A69] - (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [159744] [PID.4724]
[MD5.EBA7FEB924D04E718870B6E1E07D2465] - (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [8493624] [PID.4760]
[MD5.73BB442A717B9BB0097C243374C14A3E] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672] [PID.4772]
[MD5.8B350218236268F883F76A69216B322F] - (...) -- C:\Program Files (x86)\Spyome\maagtspe.exe [2654292] [PID.4876]
[MD5.8B350218236268F883F76A69216B322F] - (...) -- C:\Program Files (x86)\Spyome\maspyome.exe [2654292] [PID.4984]
[MD5.3F11B20D12D89365D7721BDC860CE5F0] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968] [PID.5100]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816] [PID.3892]
[MD5.3A924B200D86590D2C83214CEBFA9742] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859976] [PID.4448]
[MD5.4414FD10083ABCAEE2F66982BE0B4F3C] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8179712] [PID.4952]
[MD5.18E5C2F937F9DEB8C282DF66A3761925] - (.ASUS - ASLDR Service.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [84536] [PID.1388]
[MD5.7C157574A181B19B9DCF5F339E25337E] - (.Pas de propriétaire - GFNEXSrv.) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208] [PID.1472]
[MD5.28D6701C710AD7BA3CB95E75F8F1A9AA] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808] [PID.1512]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.1944]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.1996]
[MD5.A434FB7C05F244E8E46C23F8075082ED] - (.ASUS - HControl.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe [178744] [PID.2540]
[MD5.D62088F1C4E7B3477AD2A5F8F5C6DEF3] - (.Pas de propriétaire - Atouch64.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe [301624] [PID.2548]
[MD5.149126216A694E6BA84E92ECA77AAE3B] - (.ASUS - ATKOSD.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe [2488888] [PID.2816]
[MD5.AA11E1368EEB237DD100BAC6AFFE1C57] - (.ASUS - KBFiltr.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe [113208] [PID.2844]
[MD5.4A7C441D99D86704D194E7678873B95D] - (.ASUS - WDC.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe [174648] [PID.2852]
[MD5.C0BF554D2277F7A4C735D475ADE2E3B2] - (.ASUSTek Computer Inc. - ADSMSrv.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280] [PID.3420]
[MD5.9188D073CD14F886790D6037D1986063] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.3560]
[MD5.7CCAEBCAB6FC1ED0206C07E083E79207] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152] [PID.3664]
~ Processes Running: Scanned in 00mn 07s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://search.conduit.com
G2 - GCE: Preference [User Data\Default] [booedmolknjekdopkepjjeckmjkdpfgl] Extutil v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.5.2 (Désactivé) =>Toolbar.DeltaSearch
G2 - GCE: Preference [User Data\Default] [flpcjncodpafbgdpnkljologafpionhb] Managera v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [jcdgjdiieiljkfkdcloehkohchhpekkn] SweetIM for Facebook v.1.2.0.0 (Désactivé) =>PUP.SweetIM
G2 - GCE: Preference [User Data\Default] [licjnkifamhpbaefhdpacpmihicfbomb] PricePeep v.2.2.0.10 (Activé) =>Adware.PricePeep
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ombmmloebnfnpehgjnmkcgoegfachobp] Widget context v.3.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pflphaooapbgpeakohlggbpidpppgdff] MySearchDial Nouvel onglet v.9.4.4 (Désactivé) =>Adware.MyWebSearch
---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 18 Legitimates Filtered in 00mn 41s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\DANIEL\AppData\Roaming\Mozilla\Firefox\Profiles\v97ertad.default\prefs.js
M2 - MFEP: prefs.js [DANIEL - v97ertad.default\cacaoweb@cacaoweb.org] [] cacaoweb v1.0.34 (..) =>PUP.CacaoWeb
P2 - FPN:Firefox Plugin Navigator . (.BitComet - BitCometAgent v1.30 for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npBitCometAgent.dll =>P2P.BitComet
~ Firefox Browser: 15 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R3 - URLSearchHook: (no name) [64Bits] - {AEEC3B59-CA98-4EBA-A140-57B94E283583} . (.Pando Networks - Pando Web Plugin.) (No version) -- (.not file.)
~ IE Browser: 20 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! WebRep - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D3028143-6145-4318-99D3-3EDCE54A95A9} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: .lnk . (...) -- C:\Program Files\QuickMediaConverter\Audio Codec.txt
O4 - GS\Desktop [Public]: AI Recovery Burner.lnk . (...) -- C:\Windows\Installer\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}\_CA687698538FE21FF77D3A.exe
O4 - GS\Desktop [Public]: ASUS MultiFrame.lnk . (.ASUSTek Computer Inc. - ASUS MultiFrame.) -- C:\Program Files (x86)\ASUS\Asus MultiFrame\MultiFrame.exe
O4 - GS\Desktop [Public]: Asus WebStorage.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\Desktop [Public]: ControlDeck.lnk . (...) -- C:\Windows\Installer\{5B65EF64-1DFA-414A-8C94-7BB726158E21}\_6924E4672453D00BFBA198.exe
O4 - GS\Desktop [Public]: DJUCED.lnk . (.Guillemot Corporation - DJUCED.) -- C:\Program Files (x86)\DJUCED\DJUCED.exe
O4 - GS\Desktop [Public]: eManual.Lnk . (.ASUSTek Computer Inc. - EManual Application.) -- C:\eSupport\Manual\eManual.exe
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: LifeFrame.lnk . (.ASUS - LifeFrame3.) -- C:\Program Files (x86)\ASUS\ASUS LifeFrame3\LifeFrame.exe
O4 - GS\Desktop [Public]: OpenOffice 4.0.1.lnk . (.Apache Software Foundation - OpenOffice 4.0.1.) -- C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
O4 - GS\Desktop [Public]: Quick Media Converter.lnk . (.Cocoon Software - Quick Media Converter Next Generation HD.) -- C:\Program Files\QuickMediaConverter\QuickMediaConverter.exe
O4 - GS\Desktop [Public]: SmartLogon Manager.lnk . (.ASUS - SmartLogon Application.) -- C:\Program Files (x86)\ASUS\SmartLogon\logonmgr.exe
O4 - GS\Desktop [Public]: Splendid Utility.Lnk . (...) -- C:\Program Files (x86)\ASUS\Splendid\Backbone.exe
O4 - GS\Desktop [Public]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) -- C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (...) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (.not file.)
O4 - GS\QuickLaunch [DANIEL]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [DANIEL]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [DANIEL]: Quick Media Converter.lnk . (.Cocoon Software - Quick Media Converter Next Generation HD.) -- C:\Program Files\QuickMediaConverter\QuickMediaConverter.exe
O4 - GS\TaskBar [DANIEL]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Program [DANIEL]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [DANIEL]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [DANIEL]: Audio Performer.lnk . (.PerformerSoft LLC - Audio Performer.) -- C:\Program Files (x86)\AudioPerformer\AudioPerformer.exe
O4 - GS\Desktop [DANIEL]: PC Speed Maximizer.lnk . (...) -- C:\Program Files (x86)\PC Speed Maximizer\PCSpeedMaximizer.exe (.not file.) =>Rogue.PCSpeedMaximizer
O4 - GS\Desktop [DANIEL]: SyllabiK.lnk . (.mIRC Co. Ltd. - mIRC.) -- C:\Program Files (x86)\SyllabiK\mirc.exe
O4 - GS\Desktop [DANIEL]: Video Performer.lnk . (...) -- C:\Program Files (x86)\VideoPerformer\VideoPerformer.exe (.not file.) =>PUP.VideoPerformer
~ Global Startup: 84 Legitimates Filtered in 00mn 05s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: FancyStart daemon.lnk . (...) -- C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe
O4 - GS\Startup [Public]: SRS Premium Sound.lnk . (.Acresso Software Inc. - InstallShield.) -- C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
O4 - HKLM\..\Run: [EeeStorageBackup] . (.ECAREME - BackupService.) -- C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll =>.NVIDIA Corporation
O4 - HKLM\..\Run: [AmIcoSinglun64] . (.AlcorMicro Co., Ltd. - Single LUN Icon Utility for VID 058F PID 63.) -- C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
O4 - HKLM\..\Run: [ETDWare] . (.ELAN Microelectronic Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [Pando Media Booster] . (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\DANIEL\AppData\Local\Akamai\netsession_win.exe
O4 - HKCU\..\Run: [Orange Installer] . (...) -- C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [MailNotifier] . (.Orange - MailNotifier.) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
O4 - HKCU\..\Run: [cacaoweb] . (...) -- C:\Users\DANIEL\AppData\Roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
O4 - HKLM\..\Wow6432Node\Run: [MDS_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdatePDRShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Cyberlink\PowerDirector\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl9] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe
O4 - HKLM\..\Wow6432Node\Run: [PDVD9LanguageShortcut] . (.CyberLink Corp. - PowerDVD Language Application.) -- C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdatePSTShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateLBPShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateP2GoShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [HControlUser] . (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKMEDIA] . (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKOSD2] . (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [MASpyome] . (...) -- C:\Program Files (x86)\Spyome\maagtspe.exe
O4 - HKLM\..\Wow6432Node\Run: [MASpyomeWebServ] . (...) -- C:\Program Files (x86)\Spyome\maspyome.exe
O4 - HKLM\..\Wow6432Node\Run: [Hercules DJ Series] . (.Hercules® - DJ Series Control Panel.) -- C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [Pando Media Booster] . (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\DANIEL\AppData\Local\Akamai\netsession_win.exe
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [Orange Installer] . (...) -- C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [MailNotifier] . (.Orange - MailNotifier.) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
O4 - HKUS\S-1-5-21-497810484-3197988957-2704761873-1001\..\Run: [cacaoweb] . (...) -- C:\Users\DANIEL\AppData\Roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
~ Application: Scanned in 00mn 01s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{DED66B84-3656-4445-A8F7-BCD6CAEBA843}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{DED66B84-3656-4445-A8F7-BCD6CAEBA843}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{DED66B84-3656-4445-A8F7-BCD6CAEBA843}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: Akamai NetSession Interface Service - (...) [HKLM][64Bits] -- Akamai
O42 - Logiciel: CacaoWeb Packages - (...) [HKCU][64Bits] -- CacaoWeb Packages =>PUP.CacaoWeb
O42 - Logiciel: DJUCED - (.Guillemot.) [HKLM][64Bits] -- {1BE0813F-4110-4B1C-B96D-EB7278199DDC}
O42 - Logiciel: Spyome 1.01 - (.Morillon Alain.) [HKLM][64Bits] -- Spyome_is1
~ Logic: 33 Legitimates Filtered in 00mn 02s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\BitComet] =>P2P.BitComet
[HKCU\Software\Pando Networks]
[HKCU\Software\cacaoweb] =>PUP.CacaoWeb
[HKLM\Software\Wow6432Node\Pando Networks]
[HKLM\Software\Wow6432Node\Spyome]
~ Key Software: 344 Legitimates Filtered in 00mn 02s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 28/12/2012 - 23:54:58 - [34,846] ----D C:\Program Files (x86)\DJUCED
O43 - CFD: 18/01/2013 - 01:28:33 - [0,004] ----D C:\Program Files (x86)\FK_Monitor
O43 - CFD: 19/01/2014 - 19:04:05 - [0,131] ----D C:\Program Files (x86)\LyricSearch =>Adware.AddLyrics
O43 - CFD: 07/11/2010 - 12:37:00 - [7,234] ----D C:\Program Files (x86)\Pando Networks
O43 - CFD: 01/09/2012 - 10:55:51 - [0,938] ----D C:\Program Files (x86)\Slayers Online
O43 - CFD: 13/05/2011 - 13:50:57 - [5,809] ----D C:\Program Files (x86)\Spyome
O43 - CFD: 31/12/2011 - 23:12:08 - [9,308] ----D C:\Program Files (x86)\SyllabiK
O43 - CFD: 30/01/2011 - 02:02:51 - [4,509] --H-D C:\ProgramData\{16996CC6-7043-45AD-9C8D-A784409115E4}
O43 - CFD: 31/10/2013 - 20:55:18 - [1,063] ----D C:\Users\DANIEL\AppData\Roaming\0T1N1C1T1Q2Y1L2Z
O43 - CFD: 10/01/2013 - 18:06:56 - [0,534] ----D C:\Users\DANIEL\AppData\Roaming\BitComet =>P2P.BitComet
O43 - CFD: 07/04/2014 - 17:14:59 - [0,434] ----D C:\Users\DANIEL\AppData\Roaming\cacaoweb =>PUP.CacaoWeb
O43 - CFD: 16/06/2012 - 23:23:24 - [0] ----D C:\Users\DANIEL\AppData\Roaming\FK_Monitor
O43 - CFD: 31/12/2011 - 23:12:09 - [0] ----D C:\Users\DANIEL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SyllabiK
~ Program Folder: 199 Legitimates Filtered in 00mn 46s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.06921EF52FF92F76888768B841D78D95] - 01/04/2014 - 02:21:22 ---A- . (...) -- C:\Windows\System32\ServiceFilter.ini [1901]
O44 - LFC:[MD5.DDC0B6672AB7862A3C2D7AA2ADB6B645] - 01/04/2014 - 23:57:22 ---A- . (.Pas de propriétaire - Setup/Uninstall.) -- C:\Windows\unins000.exe [715038]
O44 - LFC:[MD5.EE6407670B4CA47CCC9AF5ED41A19150] - 01/04/2014 - 23:57:31 ---A- . (.Pas de propriétaire - Lagarith.) -- C:\Windows\System32\lagarith.dll [148992]
O44 - LFC:[MD5.21909EFB1C47E3FC5AA37A783F4DB099] - 01/04/2014 - 23:57:32 ---A- . (...) -- C:\Windows\unins000.dat [1992]
O44 - LFC:[MD5.1B084600890DF3FFE0C829F65283F177] - 02/04/2014 - 19:06:28 ----- . (...) -- C:\UsbFix [Scan 1] DANIEL-PC.txt [15253]
O44 - LFC:[MD5.F048CA7BD90BFE0C8B379F853962CFA4] - 02/04/2014 - 22:12:21 ---A- . (...) -- C:\UsbFix [Clean 2] DANIEL-PC.txt [18214]
O44 - LFC:[MD5.F862CD08F1AD4EE39BD506853F3C6103] - 31/03/2014 - 02:03:34 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [16284]
O44 - LFC:[MD5.AE7935A0E610CCFA2C2CE4E42A3DA24A] - 31/03/2014 - 02:15:08 ---A- . (...) -- C:\Windows\IE11_main.log [127223]
~ Files: 74 Legitimates Filtered in 00mn 38s
---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.5573AA70993A2BB81525B1C704B88763] - 09/05/2013 - 09:59:07 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65336]
O58 - SDL:[MD5.2E83D2621E87C493AB45DC6655BA77D4] - 27/06/2013 - 23:02:33 ---A- . (...) -- C:\Windows\System32\Drivers\aswSnx.sys.sum [175]
O58 - SDL:[MD5.A5F29AC2F0ADE8B995B49D7350CE3AC0] - 27/06/2013 - 23:02:33 ---A- . (...) -- C:\Windows\System32\Drivers\aswSP.sys.sum [175]
O58 - SDL:[MD5.22F521108881DC59837F6FC614E0568F] - 27/06/2013 - 23:02:33 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [189936]
O58 - SDL:[MD5.E86C64478D9A90D62255FE9EB0150C6E] - 27/06/2013 - 23:02:33 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys.sum [175]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.1299D1EA00B7A4BF69C5869DCA31E0F6] - 09/07/2009 - 04:11:41 ---A- . (.ELAN Microelectronic Corp. - ETD Control Center.) -- C:\Windows\System32\Drivers\ETD.sys [140800]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.8DCA93290E92CEE3EF9E72ECEC7AC8F8] - 30/10/2012 - 15:49:34 ---A- . (.© Guillemot R&D, 2012. All rights reserved. - DJ Series ASIO kernel driver.) -- C:\Windows\System32\Drivers\HDJAsioK.sys [306032]
O58 - SDL:[MD5.1B322533FB8E24F16FCB08121CB3617F] - 30/10/2012 - 15:49:32 ---A- . (.© Guillemot R&D, 2012. All rights reserved. - DJ Series Bulk driver.) -- C:\Windows\System32\Drivers\HDJBulk.sys [238960]
O58 - SDL:[MD5.63516E4EB26EF321E51FA0016E9DA464] - 30/10/2012 - 15:49:32 ---A- . (.© Guillemot R&D, 2012. All rights reserved. - Hercules DJ Control MP3 Filter Driver.) -- C:\Windows\System32\Drivers\HDJCtrl.sys [37744]
O58 - SDL:[MD5.D9A9DDDE1E3E4F04E89BDD5FBDF2DCC7] - 30/10/2012 - 15:49:30 ---A- . (.© Guillemot R&D, 2012. All rights reserved. - DJ Series MIDI kernel driver.) -- C:\Windows\System32\Drivers\HDJMidi.sys [271216]
O58 - SDL:[MD5.E63EF8C3271D014F14E2469CE75FECB4] - 20/07/2009 - 10:29:39 ---A- . (.Pas de propriétaire - Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\kbfiltr.sys [15416]
O58 - SDL:[MD5.0B9A1212258D8AA3FFC0FA41393E7BEC] - 05/06/2009 - 11:16:29 ---A- . (.Pas de propriétaire - USBCAMD for Sonix UVC.) -- C:\Windows\System32\Drivers\sncduvc.sys [42176]
O58 - SDL:[MD5.7AEC460DBDD193680F0E77724E40E7B6] - 05/06/2009 - 11:16:29 ---A- . (.Pas de propriétaire - UVC Camera Streaming Driver.) -- C:\Windows\System32\Drivers\snp2uvc.sys [1806400]
O58 - SDL:[MD5.0B3F6C8F93C5C25977EA5A8B2E656357] - 04/06/2013 - 08:15:02 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [103448]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
~ Drivers: 16 Legitimates Filtered in 00mn 03s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: UsbFix - (.El Desaparecido - www.usbfix.net - www.sosvirus.net.) [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (.not file.)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {045B249D-4B29-1D8D-1AFC-01D008D36072} - ({045B249D-4B29-1D8D-1AFC-01D008D36072}) - http://search.babylon.com =>PUP.Babylon
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - http://r.orange.fr
O69 - SBI: SearchScopes [HKCU] {D9B4DC3B-8951-4d37-B98B-F732DB805E77} - (Booksbario Customized Web Search) - http://search.conduit.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.1FE339E72FE03A27DD9D5A9A357CFE7D] [SPRF][10/09/2009] (...) -- C:\ProgramData\FullRemove.exe [131368]
[MD5.D59F24B86431EEB25281BCE7817783F1] [SPRF][17/01/2011] (.Pas de propriétaire - Audacity Setup.) -- C:\Users\DANIEL\Desktop\audacity-win-1.2.6.exe [2228534]
[MD5.177E24726F38D24B10532D7DDEE0DCC7] [SPRF][07/04/2014] (...) -- C:\Users\DANIEL\Desktop\cacaoweb.exe [454656] =>PUP.CacaoWeb
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][11/11/2010] (...) -- C:\Users\DANIEL\Desktop\client_sound.dat [2771386368]
[MD5.A2B25C4A2E886789FEB5EE4006E64D5C] [SPRF][23/03/2010] (...) -- C:\Users\DANIEL\Desktop\lame.exe [581120]
[MD5.563B98D6048E32CDE756935F299BBEAC] [SPRF][23/03/2010] (...) -- C:\Users\DANIEL\Desktop\lame_enc.dll [495104]
[MD5.B63CCB43F2779CBEA5D8D3CE2E3D90FB] [SPRF][02/04/2013] (...) -- C:\Users\DANIEL\Desktop\Minecraft.exe [263186]
[MD5.B3B121CCAC92A71152D3AA6A783927D4] [SPRF][11/11/2010] (...) -- C:\Users\DANIEL\Desktop\wrar393.exe [1364522]
~ Files: 11 Legitimates Filtered in 00mn 02s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{8AE3F4F2-0E3F-483D-B15E-CC16272113A7}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Spyome\maspyome.exe
O87 - FAEL: "{2C920793-6E4C-47FA-A9A0-3EB3D8CC650D}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Spyome\maspyome.exe
O87 - FAEL: "{A0A0BF19-35A8-43BA-B680-4631FB414D77}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Spyome\maagtspe.exe
O87 - FAEL: "{94CE22DB-9C88-41B2-B86A-8E86D062274A}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Spyome\maagtspe.exe
O87 - FAEL: "{811A15B3-B375-4246-847A-E1C59DFF2D9A}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "{F6D59F2D-A016-44C2-932F-9C5A3C2F1455}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "TCP Query User{D57AD8AC-18AD-4B32-B738-434CC246F123}C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe" | In - Private - P6 - TRUE | .(...) -- C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
O87 - FAEL: "UDP Query User{3EA8D1BE-28BD-420F-8B06-07D48DFC8180}C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe" | In - Private - P17 - TRUE | .(...) -- C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
O87 - FAEL: "TCP Query User{F1C30047-1B85-4935-82E6-F98079067F16}C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe" | In - Public - P6 - TRUE | .(...) -- C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
O87 - FAEL: "UDP Query User{966CB1A0-D992-4AD7-B7EB-9CF0275D8B2B}C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe" | In - Public - P17 - TRUE | .(...) -- C:\users\daniel\appdata\roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
~ Firewall: 236 Legitimates Filtered in 00mn 03s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.B67811645C5A3B8E4E4B1A1DB1EE271C] [WIS][19/09/2012] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\396b93a.msi [45056] =>Adware.Boxore
~ WIS: 117 Legitimates Filtered in 00mn 27s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 13/03/2013 253656 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 23/04/2012 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 23/04/2012 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 10/07/1658 0 | (Orange update Core Service) . (...) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Demand 31/03/2008 225280 | (ADSMService) . (.ASUSTek Computer Inc..) - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
SR - | Auto 17/09/2009 359552 | (AFBAgent) . (.ASUSTeK Computer Inc..) - C:\Windows\system32\FBAgent.exe
SR - | Auto 14/07/2009 27136 | c:\program files (x86)\common files\akamai\netsession_win_8fa3539.dll (Akamai) . (.Akamai Technologies, Inc..) - C:\Windows\System32\svchost.exe
SR - | Auto 16/06/2009 84536 | (ASLDRService) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
SR - | Auto 08/08/2007 94208 | (ATKGFNEXSrv) . (...) - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
SR - | Auto 09/05/2013 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 06/09/2012 18944 | (HerculesDJControlMP3) . (.Hercules®.) - C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.exe
SR - | Demand 28/01/2009 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 02/07/2009 382496 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Demand 21/01/2009 247152 | (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 29s
---\\ Scan Additionnel (O88)
Database Version : 13031 - (30/03/2014)
Clés trouvées (Keys found) : 50
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 11
Fichiers trouvés (Files found) : 5
[HKLM\Software\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde] =>Toolbar.DeltaSearch^
[HKLM\Software\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn] =>PUP.SweetIM^
[HKLM\Software\Google\Chrome\Extensions\licjnkifamhpbaefhdpacpmihicfbomb] =>Adware.PricePeep^
[HKLM\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff] =>Adware.MyWebSearch^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\CacaoWeb Packages] =>PUP.CacaoWeb^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Orange
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\BA086F2D38A8E1A47912955A68B3AD24] =>Adware.PredictAd
[HKCU\Software\cacaoweb] =>PUP.CacaoWeb
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKCU\Software\AppDataLow\Software\SingAlong] =>Adware.Singalng
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\cjkpeelhbaipjkogeledgpkllepmkdmc] =>Adware.AddLyrics
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836] =>PUP.SweetIM^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:cacaoweb =>PUP.CacaoWeb^
C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde =>Toolbar.DeltaSearch^
C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn =>PUP.SweetIM^
C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb =>Adware.PricePeep^
C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff =>Adware.MyWebSearch^
C:\Users\DANIEL\AppData\Roaming\Mozilla\Firefox\Profiles\v97ertad.default\extensions\cacaoweb@cacaoweb.org =>PUP.CacaoWeb^
C:\Program Files (x86)\LyricSearch =>Adware.AddLyrics^
C:\Users\DANIEL\AppData\Roaming\BitComet =>P2P.BitComet^
C:\Users\DANIEL\AppData\Roaming\cacaoweb =>PUP.CacaoWeb^
C:\Program Files (x86)\FK_Monitor =>Keylogger.FreeKeylogger
C:\Users\DANIEL\AppData\Roaming\FK_Monitor =>Keylogger.FreeKeylogger
C:\Users\DANIEL\AppData\Local\Software =>Adware.Boxore
C:\Users\DANIEL\AppData\Roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb^
[HKCU\Software\BitComet] =>P2P.BitComet^
C:\Users\DANIEL\Desktop\cacaoweb.exe =>PUP.CacaoWeb^
C:\Windows\Installer\396b93a.msi =>Adware.Boxore^
C:\Users\DANIEL\Downloads\cacaoweb.exe =>PUP.CacaoWeb
~ Additionnel Scan: 335821 Items scanned in 01mn 44s
---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.webs.com/apps/blog/show/27566847-pup-cacaoweb =>PUP.CacaoWeb
http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch
http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch =>Adware.MyWebSearch
http://nicolascoolman.webs.com/apps/blog/show/33449013-rogue-pcspeedmaximizer =>Rogue.PCSpeedMaximizer
http://nicolascoolman.webs.com/apps/blog/show/29895028-pup-videoperformer =>PUP.VideoPerformer
http://nicolascoolman.webs.com/apps/blog/show/26601058-adware-addlyrics =>Adware.AddLyrics
http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
http://nicolascoolman.webs.com/apps/blog/show/27229962-adware-predictad =>Adware.PredictAd
http://nicolascoolman.webs.com/apps/blog/show/27423721-adware-singalng =>Adware.Singalng
http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma
~ MSI: 12 link(s) detected in 00mn 00s
~ 1242 Legitimates filtered by white list
End of the scan (611 lines in 06mn 22s)(0)
lilidurhone
Messages postés
43343
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
18 septembre 2023
3 804
7 avril 2014 à 21:00
7 avril 2014 à 21:00
Tu as dû installer des logiciels potentiellement indésirables
Pour éviter ce genre de problème :
- Ne télécharge aucun programme proposé dans des publicités ou sur des sites suspects. A noter que certains sites connus comme O1net, Softronic, Tuto4PC, etc modifient parfois les programmes proposés au téléchargement pour y ajouter des logiciels publicitaires ==> Préfère toujours le téléchargement directement sur le site de l'éditeur.
- Au cours de l'installation d'un programme gratuit, lis bien attentivement et décoche tous les programmes additionnels qui sont proposés, en particulier les barres d'outils.
Pour ton information lis ces dossier sur les Programmes Potentiellement Indésirables et Les Barres d'Outils ce n'est pas obligatoires
* Télécharge cet outil simple d'utilisation
http://general-changelog-team.fr/fr/downloads/viewdownload/20-outils-de-xplode/2-adwcleaner (de Xplode) sur ton bureau.
* Si problème avec le 1er lien prends le ici https://www.commentcamarche.net/telecharger/securite/2759-adwcleaner/
* Lance le (Sous vista/seven/8 clic droit dessus,et sur exécuter en tant qu'administrateur)si tu es sous xp double cliques dessus
* Cliques sur scanner
* Poste le rapport de recherche C:\Adwcleaner[R]
* Note le rapport de recherche est également sauvegardé sous C:\Adwcleaner[R1]
Pour éviter ce genre de problème :
- Ne télécharge aucun programme proposé dans des publicités ou sur des sites suspects. A noter que certains sites connus comme O1net, Softronic, Tuto4PC, etc modifient parfois les programmes proposés au téléchargement pour y ajouter des logiciels publicitaires ==> Préfère toujours le téléchargement directement sur le site de l'éditeur.
- Au cours de l'installation d'un programme gratuit, lis bien attentivement et décoche tous les programmes additionnels qui sont proposés, en particulier les barres d'outils.
Pour ton information lis ces dossier sur les Programmes Potentiellement Indésirables et Les Barres d'Outils ce n'est pas obligatoires
* Télécharge cet outil simple d'utilisation
http://general-changelog-team.fr/fr/downloads/viewdownload/20-outils-de-xplode/2-adwcleaner (de Xplode) sur ton bureau.
* Si problème avec le 1er lien prends le ici https://www.commentcamarche.net/telecharger/securite/2759-adwcleaner/
* Lance le (Sous vista/seven/8 clic droit dessus,et sur exécuter en tant qu'administrateur)si tu es sous xp double cliques dessus
* Cliques sur scanner
* Poste le rapport de recherche C:\Adwcleaner[R]
* Note le rapport de recherche est également sauvegardé sous C:\Adwcleaner[R1]
Redbubulle
Messages postés
13
Date d'inscription
mercredi 2 avril 2014
Statut
Membre
Dernière intervention
11 avril 2014
8 avril 2014 à 12:50
8 avril 2014 à 12:50
Voila le rapport :
# AdwCleaner v3.023 - Rapport créé le 08/04/2014 à 12:49:30
# Mis à jour le 01/04/2014 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : DANIEL - DANIEL-PC
# Exécuté depuis : C:\Users\DANIEL\Downloads\adwcleaner.exe
# Option : Scanner
***** [ Services ] *****
***** [ Fichiers / Dossiers ] *****
Dossier Présent : C:\Users\DANIEL\AppData\Roaming\Mozilla\Firefox\Profiles\v97ertad.default\Extensions\cacaoweb@cacaoweb.org
Dossier Présent C:\Users\DANIEL\AppData\Roaming\cacaoweb
Fichier Présent : C:\Users\DANIEL\Desktop\cacaoweb.exe
***** [ Raccourcis ] *****
***** [ Registre ] *****
Clé Présente : HKCU\Software\cacaoweb
Clé Présente : [x64] HKCU\Software\cacaoweb
Valeur Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [cacaoweb]
***** [ Navigateurs ] *****
-\\ Internet Explorer v11.0.9600.16521
-\\ Mozilla Firefox v13.0.1 (fr)
[ Fichier : C:\Users\DANIEL\AppData\Roaming\Mozilla\Firefox\Profiles\v97ertad.default\prefs.js ]
-\\ Google Chrome v33.0.1750.154
[ Fichier : C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Trouvée : search_url
Trouvée : keyword
Trouvée : search_url
Trouvée : search_url
*************************
AdwCleaner[R0].txt - [49278 octets] - [02/04/2014 01:07:18]
AdwCleaner[R1].txt - [1318 octets] - [02/04/2014 01:24:34]
AdwCleaner[R2].txt - [1272 octets] - [02/04/2014 01:49:49]
AdwCleaner[R3].txt - [1392 octets] - [03/04/2014 21:45:25]
AdwCleaner[R4].txt - [1532 octets] - [08/04/2014 12:49:30]
AdwCleaner[S0].txt - [46958 octets] - [02/04/2014 01:14:50]
AdwCleaner[S1].txt - [1343 octets] - [02/04/2014 01:43:09]
AdwCleaner[S2].txt - [1293 octets] - [02/04/2014 01:56:50]
AdwCleaner[S3].txt - [1413 octets] - [07/04/2014 17:08:51]
########## EOF - C:\AdwCleaner\AdwCleaner[R4].txt - [1833 octets] ##########
# AdwCleaner v3.023 - Rapport créé le 08/04/2014 à 12:49:30
# Mis à jour le 01/04/2014 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : DANIEL - DANIEL-PC
# Exécuté depuis : C:\Users\DANIEL\Downloads\adwcleaner.exe
# Option : Scanner
***** [ Services ] *****
***** [ Fichiers / Dossiers ] *****
Dossier Présent : C:\Users\DANIEL\AppData\Roaming\Mozilla\Firefox\Profiles\v97ertad.default\Extensions\cacaoweb@cacaoweb.org
Dossier Présent C:\Users\DANIEL\AppData\Roaming\cacaoweb
Fichier Présent : C:\Users\DANIEL\Desktop\cacaoweb.exe
***** [ Raccourcis ] *****
***** [ Registre ] *****
Clé Présente : HKCU\Software\cacaoweb
Clé Présente : [x64] HKCU\Software\cacaoweb
Valeur Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [cacaoweb]
***** [ Navigateurs ] *****
-\\ Internet Explorer v11.0.9600.16521
-\\ Mozilla Firefox v13.0.1 (fr)
[ Fichier : C:\Users\DANIEL\AppData\Roaming\Mozilla\Firefox\Profiles\v97ertad.default\prefs.js ]
-\\ Google Chrome v33.0.1750.154
[ Fichier : C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Trouvée : search_url
Trouvée : keyword
Trouvée : search_url
Trouvée : search_url
*************************
AdwCleaner[R0].txt - [49278 octets] - [02/04/2014 01:07:18]
AdwCleaner[R1].txt - [1318 octets] - [02/04/2014 01:24:34]
AdwCleaner[R2].txt - [1272 octets] - [02/04/2014 01:49:49]
AdwCleaner[R3].txt - [1392 octets] - [03/04/2014 21:45:25]
AdwCleaner[R4].txt - [1532 octets] - [08/04/2014 12:49:30]
AdwCleaner[S0].txt - [46958 octets] - [02/04/2014 01:14:50]
AdwCleaner[S1].txt - [1343 octets] - [02/04/2014 01:43:09]
AdwCleaner[S2].txt - [1293 octets] - [02/04/2014 01:56:50]
AdwCleaner[S3].txt - [1413 octets] - [07/04/2014 17:08:51]
########## EOF - C:\AdwCleaner\AdwCleaner[R4].txt - [1833 octets] ##########
Redbubulle
Messages postés
13
Date d'inscription
mercredi 2 avril 2014
Statut
Membre
Dernière intervention
11 avril 2014
10 avril 2014 à 22:01
10 avril 2014 à 22:01
Plus de nouvelle :/
lilidurhone
Messages postés
43343
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
18 septembre 2023
3 804
10 avril 2014 à 22:10
10 avril 2014 à 22:10
Fais nettoyer
Redbubulle
Messages postés
13
Date d'inscription
mercredi 2 avril 2014
Statut
Membre
Dernière intervention
11 avril 2014
11 avril 2014 à 09:18
11 avril 2014 à 09:18
# AdwCleaner v3.023 - Rapport créé le 11/04/2014 à 09:11:00
# Mis à jour le 01/04/2014 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : DANIEL - DANIEL-PC
# Exécuté depuis : C:\Users\DANIEL\Downloads\adwcleaner.exe
# Option : Nettoyer
***** [ Services ] *****
***** [ Fichiers / Dossiers ] *****
Dossier Supprimé : C:\Users\DANIEL\AppData\Roaming\cacaoweb
Dossier Supprimé : C:\Users\DANIEL\AppData\Roaming\Mozilla\Firefox\Profiles\v97ertad.default\Extensions\cacaoweb@cacaoweb.org
Fichier Supprimé : C:\Users\DANIEL\Desktop\cacaoweb.exe
***** [ Raccourcis ] *****
***** [ Registre ] *****
Valeur Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [cacaoweb]
Clé Supprimée : HKCU\Software\cacaoweb
***** [ Navigateurs ] *****
-\\ Internet Explorer v11.0.9600.16521
-\\ Mozilla Firefox v13.0.1 (fr)
[ Fichier : C:\Users\DANIEL\AppData\Roaming\Mozilla\Firefox\Profiles\v97ertad.default\prefs.js ]
-\\ Google Chrome v33.0.1750.154
[ Fichier : C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Supprimée : search_url
Supprimée : keyword
*************************
AdwCleaner[R0].txt - [49278 octets] - [02/04/2014 01:07:18]
AdwCleaner[R1].txt - [1318 octets] - [02/04/2014 01:24:34]
AdwCleaner[R2].txt - [1272 octets] - [02/04/2014 01:49:49]
AdwCleaner[R3].txt - [1392 octets] - [03/04/2014 21:45:25]
AdwCleaner[R4].txt - [1917 octets] - [08/04/2014 12:49:30]
AdwCleaner[S0].txt - [46958 octets] - [02/04/2014 01:14:50]
AdwCleaner[S1].txt - [1343 octets] - [02/04/2014 01:43:09]
AdwCleaner[S2].txt - [1293 octets] - [02/04/2014 01:56:50]
AdwCleaner[S3].txt - [1413 octets] - [07/04/2014 17:08:51]
AdwCleaner[S4].txt - [1760 octets] - [11/04/2014 09:11:01]
########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1820 octets] ##########
# Mis à jour le 01/04/2014 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : DANIEL - DANIEL-PC
# Exécuté depuis : C:\Users\DANIEL\Downloads\adwcleaner.exe
# Option : Nettoyer
***** [ Services ] *****
***** [ Fichiers / Dossiers ] *****
Dossier Supprimé : C:\Users\DANIEL\AppData\Roaming\cacaoweb
Dossier Supprimé : C:\Users\DANIEL\AppData\Roaming\Mozilla\Firefox\Profiles\v97ertad.default\Extensions\cacaoweb@cacaoweb.org
Fichier Supprimé : C:\Users\DANIEL\Desktop\cacaoweb.exe
***** [ Raccourcis ] *****
***** [ Registre ] *****
Valeur Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [cacaoweb]
Clé Supprimée : HKCU\Software\cacaoweb
***** [ Navigateurs ] *****
-\\ Internet Explorer v11.0.9600.16521
-\\ Mozilla Firefox v13.0.1 (fr)
[ Fichier : C:\Users\DANIEL\AppData\Roaming\Mozilla\Firefox\Profiles\v97ertad.default\prefs.js ]
-\\ Google Chrome v33.0.1750.154
[ Fichier : C:\Users\DANIEL\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Supprimée : search_url
Supprimée : keyword
*************************
AdwCleaner[R0].txt - [49278 octets] - [02/04/2014 01:07:18]
AdwCleaner[R1].txt - [1318 octets] - [02/04/2014 01:24:34]
AdwCleaner[R2].txt - [1272 octets] - [02/04/2014 01:49:49]
AdwCleaner[R3].txt - [1392 octets] - [03/04/2014 21:45:25]
AdwCleaner[R4].txt - [1917 octets] - [08/04/2014 12:49:30]
AdwCleaner[S0].txt - [46958 octets] - [02/04/2014 01:14:50]
AdwCleaner[S1].txt - [1343 octets] - [02/04/2014 01:43:09]
AdwCleaner[S2].txt - [1293 octets] - [02/04/2014 01:56:50]
AdwCleaner[S3].txt - [1413 octets] - [07/04/2014 17:08:51]
AdwCleaner[S4].txt - [1760 octets] - [11/04/2014 09:11:01]
########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1820 octets] ##########
2 avril 2014 à 13:10