~ Rapport de ZHPDiag v2014.1.17.19 - Nicolas Coolman (17/01/2014)~ Lancé par Dell (09/12/2014 10:54:23)~ Adresse du Site Web http://nicolascoolman.webs.com~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/~ Traduit par Nicolas Coolman~ Etat de la version : ~ Liste blanche : Activée par le programme~ Elévation des Privilèges : OK~ User Account Control (UAC): Activate by user---\\ Navigateurs InternetMSIE: Internet Explorer v11.0.9600.17420MFIE: Mozilla Firefox 35.0 (Defaut)---\\ Informations sur les produits Windows~ Langage: Franà§aisWindows 7 Professional, 64-bit Service Pack 1 (Build 7601)Windows Server License Manager Script : OK~ Windows(R) 7, OEM_COA_SLP channelWindows ID Activation : OK~ Windows Partial Key : 43YG4Windows License : OK~ Windows Remaining Initializations Number : 3Software Protection Service (Protection logicielle) : OKWindows Automatic Updates : OKWindows Activation Technologies : OK---\\ Logiciels de protection du systèmeAvira Free Antivirus v14.0.7.468Malwarebytes Anti-Malware version 2.0.4.1028Microsoft Security Client v4.6.0305.0Spybot - Search & Destroy v2.4.40Windows Defender W7---\\ Logiciels d'optimisation du systèmeCCleaner v5.00 =>Piriform Ltd---\\ Logiciels de partage PeerToPeer---\\ Surveillance de LogicielsAdobe Flash Player 15 PluginAdobe Reader XI---\\ Informations sur le système~ Processor: AMD64 Family 16 Model 10 Stepping 0, AuthenticAMD~ Operating System: 64 BitsBoot mode: Normal (Normal boot)Total RAM: 4095 MB (67% free)System Restore: Activé (Enable)System drive C: has 233 GB (78%) free of 298 GB---\\ Mode de connexion au système~ Computer Name: DELL-PC~ User Name: Dell~ All Users Names: Dell, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89Logged in as Administrator---\\ Variables d'environnement~ System Unit : C:\~ %AppZHP% : C:\Users\Dell\AppData\Roaming\ZHP\~ %AppData% : C:\Users\Dell\AppData\Roaming\~ %Desktop% : C:\Users\Dell\Desktop\~ %Favorites% : C:\Users\Dell\Favorites\~ %LocalAppData% : C:\Users\Dell\AppData\Local\~ %StartMenu% : C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\~ %Windir% : C:\Windows\~ %System% : C:\Windows\System32\---\\ Enumération des unités disquesC: Hard drive, Flash drive, Thumb drive (Free 233 Go of 298 Go)D: CD-ROM drive (Not Inserted)E: Floppy drive, Flash card reader, USB Key (Not Inserted)F: Floppy drive, Flash card reader, USB Key (Not Inserted)G: Floppy drive, Flash card reader, USB Key (Not Inserted)H: Floppy drive, Flash card reader, USB Key (Not Inserted)---\\ Etat du Centre de Sécurité Windows[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date~ Security Center: 46 Legitimates Filtered in 00mn 00s---\\ Recherche particulière de fichiers génériques[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808][MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024][MD5.6FC2819A4F80AAB2DADEDFC1EFEE3C3F] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.06/11/2014 - 03:17:24.) -- C:\Windows\System32\wininet.dll [2365440][MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.17/07/2014 - 03:07:24.) -- C:\Windows\System32\Winlogon.exe [455168][MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448][MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152][MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128][MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160][MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456][MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400][MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368][MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472][MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224][MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208][MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\DriversetBT.sys [261632][MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Driverstfs.sys [1684928][MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280][MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536][MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 04:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888][MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184][MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296][MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]~ Generic Processes: Scanned in 00mn 00s---\\ Etat des fichiers cachés (Caché/Total)~ Mes images (My Pictures) : 2/498~ Mes musiques (My Musics) : 1/5~ Mes Videos (My Videos) : 1/16~ Mes Favoris (My Favorites) : 1/27~ Mes Documents (My Documents) : 1/2133~ Mon Bureau (My Desktop) : 1/377~ Menu demarrer (Programs) : 1/42~ Hidden Files: Scanned in 00mn 01s---\\ Processus lancés[MD5.5909C378DF9132FC91F50AF70A53455A] - (.Avira Operations GmbH & Co. KG - Avira.) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124208] [PID.1328][MD5.A162B967A88BF374A81E01EF6E7A2655] - (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768] [PID.2084][MD5.B93A8FCF64E164F3F05AA43767FA2BB8] - (.RaMMicHaeL - Unchecky Background Process.) -- C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe [399976] [PID.2916][MD5.77C980C97A17D31B21CCCD3F2ED823CB] - (.QFX Software Corporation - KeyScrambler.) -- C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe [508744] [PID.3744][MD5.52E90592686551E6DE08D42DF01ADBF6] - (.Glarysoft Ltd - Glary Utilities 5.) -- C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [846624] [PID.4092][MD5.8E5651B04BE775696B32F7F1F5DA8871] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8336896] [PID.1028][MD5.C2700D35AA42311A32DF7EA09630B401] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920] [PID.1704][MD5.C5679E5186B2FC95BC76A8A9870D5456] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [64704] [PID.2100][MD5.C2700D35AA42311A32DF7EA09630B401] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920] [PID.2148][MD5.58FBDA10FC403CF9F82ABD0A68129BA3] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576] [PID.2220][MD5.D777F1417D9BB9F66CD9D9C3B61F730F] - (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168] [PID.2340][MD5.68D6C7F99BC73B88954D844FCCBEB2A0] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408] [PID.2728][MD5.26E94DE72CE4B9B991D4DDCFF82D012A] - (.RaMMicHaeL - Unchecky Service.) -- C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [111208] [PID.2864][MD5.F21955927D1C99206A8B91DE2CCE85E1] - (.Avira Operations GmbH & Co. KG - Avira.OE.ServiceHost.) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [164656] [PID.2904][MD5.9B9B368A8FF5CAF91D7A333CF62CD2CC] - (.Safer-Networking Ltd. - Windows Security Center integration..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928] [PID.2184][MD5.027820FE847A7B4245234A4E6E825BE1] - (.Avira Operations GmbH & Co. KG - AntiVir WebGuard WFP Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [993584] [PID.3244]~ Processes Running: Scanned in 00mn 00s---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\a321e4to.default\prefs.jsM0 - MFSP: prefs.js [Dell - a321e4to.default] about:blank~ Firefox Browser: 5 Legitimates Filtered in 00mn 00s---\\ Internet Explorer, Proxy Management (R5)R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no keyR5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll~ Proxy management: Scanned in 00mn 00s---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programsF2 - REG:system.ini: USERINIT=C:\Windows\System32\Userinit.exe,F2 - REG:system.ini: Shell=C:\Windows\explorer.exeF2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe~ Keys: Scanned in 00mn 00s---\\ Hosts file redirection (O1)~ Le fichier hosts est sain (The hosts file is clean).~ Hosts File: Scanned in 00mn 02s~ Nombre de lignes (Lines number): 15554---\\ Autres liens utilisateurs (O4)O4 - GS\Desktop [Public]: Avira.lnk . (.Avira Operations GmbH & Co. KG - Avira.) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe O4 - GS\Desktop [Public]: Eraser.lnk . (...) -- C:\Program Files (x86)\Eraser\Eraser.exe (.not file.)O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O4 - GS\Program [Public]: Disk SpeedUp.lnk . (.Glarysoft Ltd - Glarysoft Defragmenter.) -- C:\Program Files (x86)\Glarysoft\Disk SpeedUp 5\DiskDefrag.exe =>PUP.DiskSpeedupO4 - GS\Program [Public]: Eraser.lnk . (...) -- C:\Program Files (x86)\Eraser\Eraser.exe (.not file.)O4 - GS\Program [Public]: FL Studio 11.lnk . (.Image-Line - FL Studio launcher.) -- C:\Program Files (x86)\Image-Line\FL Studio 11\FL.exe O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O4 - GS\Program [Public]: Spybot-S&D Start Center.lnk . (.Safer-Networking Ltd. - Start Center.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe O4 - GS\QuickLaunch [Dell]: a-squared Free.lnk . (.Emsi Software GmbH - a-squared Free.) -- C:\Program Files (x86)\a-squared Free\a2free.exe O4 - GS\QuickLaunch [Dell]: Disk SpeedUp.lnk . (.Glarysoft Ltd - Glarysoft Defragmenter.) -- C:\Program Files (x86)\Glarysoft\Disk SpeedUp 5\DiskDefrag.exe =>PUP.DiskSpeedupO4 - GS\QuickLaunch [Dell]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\QuickLaunch [Dell]: PhotoScape.lnk . (...) -- C:\Program Files (x86)\PhotoScape\PhotoScape.exeO4 - GS\QuickLaunch [Dell]: System Explorer.lnk . (.Mister Group - System Explorer.) -- C:\Program Files (x86)\System Explorer\SystemExplorer.exe O4 - GS\QuickLaunch [Dell]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Invité\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrentO4 - GS\TaskBar [Dell]: a-squared Free.lnk . (.Emsi Software GmbH - a-squared Free.) -- C:\Program Files (x86)\a-squared Free\a2free.exe O4 - GS\TaskBar [Dell]: FL Studio 11.lnk . (.Image-Line - FL Studio launcher.) -- C:\Program Files (x86)\Image-Line\FL Studio 11\FL.exe O4 - GS\TaskBar [Dell]: Linux MultiMedia Studio.lnk . (...) -- C:\Program Files (x86)\LMMS\lmms.exeO4 - GS\TaskBar [Dell]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O4 - GS\TaskBar [Dell]: PhotoScape.lnk . (...) -- C:\Program Files (x86)\PhotoScape\PhotoScape.exeO4 - GS\TaskBar [Dell]: System Explorer.lnk . (.Mister Group - System Explorer.) -- C:\Program Files (x86)\System Explorer\SystemExplorer.exe O4 - GS\TaskBar [Dell]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Dell\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrentO4 - GS\Program [Dell]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\SystemTools [Dell]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\Desktop [Dell]: Drakensang Online.lnk . (...) -- C:\Program Files (x86)\Drakensang Online\thinclient.exeO4 - GS\Desktop [Dell]: ExtractNow.lnk . (.Nathan Moinvaziri - ExtractNow.) -- C:\Program Files (x86)\ExtractNow\extractnow.exe O4 - GS\Desktop [Dell]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Invité\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent~ Global Startup: 76 Legitimates Filtered in 00mn 07s---\\ Applications lancées au démarrage du sytème (O4)O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor CorpO4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe O4 - HKLM\..\Run: [egui] . (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe O4 - HKLM\..\Run: [Eraser] C:\Program Files (x86)\Eraser\Eraser.exe (.not file.) O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>Piriform LtdO4 - HKCU\..\Run: [GUDelayStartup] . (.Glarysoft Ltd - Glary Utilities StartupManager.) -- C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe O4 - HKCU\..\RunOnce: [Report] . (...) -- C:\AdwCleaner\AdwCleaner[S11].txt O4 - HKLM\..\Wow6432Node\Run: [Avira Systray] . (.Avira Operations GmbH & Co. KG - Avira.) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe O4 - HKLM\..\Wow6432Node\Run: [KeyScrambler] . (.QFX Software Corporation - KeyScrambler.) -- C:\Program Files (x86)\KeyScrambler\keyscrambler.exe O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems IncorporatedO4 - HKUS\S-1-5-19\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (.not file.) O4 - HKUS\S-1-5-20\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (.not file.) O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft CorporationO4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft CorporationO4 - HKUS\S-1-5-21-3785833440-505199082-184621976-1000\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>Piriform LtdO4 - HKUS\S-1-5-21-3785833440-505199082-184621976-1000\..\Run: [GUDelayStartup] . (.Glarysoft Ltd - Glary Utilities StartupManager.) -- C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe O4 - HKUS\S-1-5-21-3785833440-505199082-184621976-1000\..\RunOnce: [Report] . (...) -- C:\AdwCleaner\AdwCleaner[S11].txt ~ Application: Scanned in 00mn 01s---\\ Modification Domaine/Adresses DNS (O17)O17 - HKLM\System\CCS\Services\Tcpip\..\{D278500C-8B64-456A-ABDB-4CE23A3B7702}: DhcpNameServer = 192.168.1.254O17 - HKLM\System\CS1\Services\Tcpip\..\{D278500C-8B64-456A-ABDB-4CE23A3B7702}: DhcpNameServer = 192.168.1.254O17 - HKLM\System\CS2\Services\Tcpip\..\{D278500C-8B64-456A-ABDB-4CE23A3B7702}: DhcpNameServer = 192.168.1.254O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254~ Domain: Scanned in 00mn 00s---\\ Protocole additionnel (O18)O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft CorporationO18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation~ Protocole Additionnel: Scanned in 00mn 00s---\\ Liste des services NT non Microsoft et non désactivés (O23)O23 - Service: Rsd Service (RsMgrSvc) . (...) - C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe (.not file.)O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd. - Windows Security Center integration..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exeO23 - Service: Unchecky (Unchecky) . (.RaMMicHaeL - Unchecky Service.) - C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe~ Services: 12 Legitimates Filtered in 00mn 03s---\\ Enumère les données de BootExecute (BEX) (O34)O34 - HKLM BootExecute: (autocheck autochk * ) - File not found~ BEX: 1 Legitimates Filtered in 00mn 00s---\\ Logiciels installés (O42)O42 - Logiciel: Drakensang Online - (...) [HKLM][64Bits] -- Drakensang OnlineO42 - Logiciel: Exedb Anti Malware Scanner - (.File Info.) [HKLM][64Bits] -- Exedb Anti Malware ScannerO42 - Logiciel: LMMS 0.4.15 - (.LMMS Developers.) [HKLM][64Bits] -- LMMSO42 - Logiciel: The Proxomitron Ver. Naoko-4.5 - (...) [HKLM][64Bits] -- The Proxomitron - Universal Web Filter_is1O42 - Logiciel: VSDC Free Video Editor version 1.4.0.38 - (.Flash-Integro LLC.) [HKLM][64Bits] -- VSDC Free Video Editor_is1~ Logic: 17 Legitimates Filtered in 00mn 00s---\\ HKCU & HKLM Software Keys[HKCU\Software\OB][HKLM\Software\Wow6432Node\LMMS Developers][HKLM\Software\Wow6432Node\exedb]~ Key Software: 249 Legitimates Filtered in 00mn 00s---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)O43 - CFD: 23/11/2014 - 20:07:46 - [25,605] ----D C:\Program Files (x86)\Drakensang OnlineO43 - CFD: 23/04/2014 - 15:45:37 - [80,929] ----D C:\Program Files (x86)\exedbO43 - CFD: 04/01/2014 - 09:35:36 - [70,574] ----D C:\Program Files (x86)\LMMSO43 - CFD: 23/12/2013 - 23:03:04 - [1,711] ----D C:\Program Files (x86)\Proxomitron Naoko-4O43 - CFD: 14/12/2013 - 15:52:20 - [0,078] ----D C:\Users\Dell\AppData\Roaming\BACS.exeO43 - CFD: 15/12/2013 - 14:19:24 - [0] ----D C:\Users\Dell\AppData\Roaming\RegO43 - CFD: 22/01/2014 - 19:40:52 - [0] ----D C:\Users\Dell\AppData\Roaming\ScreenRecorderO43 - CFD: 19/01/2014 - 20:46:26 - [0,006] ----D C:\Users\Dell\AppData\Roaming\VideoEditorO43 - CFD: 08/12/2014 - 13:59:59 - [0] -SH-D C:\Users\Dell\AppData\Local\EmieBrowserModeListO43 - CFD: 08/12/2014 - 13:59:59 - [0] -SH-D C:\Users\Dell\AppData\Local\EmieSiteListO43 - CFD: 08/12/2014 - 13:59:59 - [0] -SH-D C:\Users\Dell\AppData\Local\EmieUserListO43 - CFD: 23/11/2014 - 20:07:46 - [0,003] ----D C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Drakensang Online~ Program Folder: 152 Legitimates Filtered in 00mn 08s---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)O44 - LFC:[MD5.531121E7ED50084B493A69F8F8A7A927] - 09/12/2014 - 00:19:21 ---A- . (...) -- C:\Windows\System32\Drivers\TrueSight.sys [37624]O44 - LFC:[MD5.3C32FF010F869BC184DF71290477384E] - 30/11/2014 - 23:25:09 ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [40664]~ Files: 15 Legitimates Filtered in 00mn 42s---\\ Enumération des clés de registre StartupReg (SMSR) (O53)O53 - SMSR:HKLM\...\startupreg\Eraser [Key] . (...) -- C:\Program Files (x86)\Eraser\Eraser.exe (.not file.)~ SMSR Keys: 3 Legitimates Filtered in 00mn 00s---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0~ MWPS: 14 Legitimates Filtered in 00mn 00s---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s---\\ Liste des pilotes du système (SDL) (O58)O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]O58 - SDL:[MD5.DE7FCC77F4A503AF4CA6A47D49B3713D] - 01/03/2013 - 02:49:12 ---A- . (.Riverbed Technology, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\System32\Driverspf.sys [36600]O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]O58 - SDL:[MD5.3C32FF010F869BC184DF71290477384E] - 30/11/2014 - 23:25:09 ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [40664]O58 - SDL:[MD5.531121E7ED50084B493A69F8F8A7A927] - 09/12/2014 - 00:19:21 ---A- . (...) -- C:\Windows\System32\Drivers\TrueSight.sys [37624]~ Drivers: 14 Legitimates Filtered in 00mn 01s---\\ Liste des outils de désinfection (LATC) (O63)O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman~ ADS: Scanned in 00mn 00s---\\ Menu de démarrage Internet (SMI) (O68)O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exeO68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe~ Keys: Scanned in 00mn 00s---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)O69 - SBI: SearchScopes [HKCU] {0191A6B0-1154-4C22-9182-23A95BBE92D9} - (Google) - http://www.google.comO69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.comO69 - SBI: SearchScopes [HKUS\.DEFAULT] {0191A6B0-1154-4C22-9182-23A95BBE92D9} - (Google) - http://www.google.comO69 - SBI: SearchScopes [HKUS\S-1-5-18] {0191A6B0-1154-4C22-9182-23A95BBE92D9} - (Google) - http://www.google.comO69 - SBI: SearchScopes [HKUS\S-1-5-19] {0191A6B0-1154-4C22-9182-23A95BBE92D9} - (Google) - http://www.google.comO69 - SBI: SearchScopes [HKUS\S-1-5-20] {0191A6B0-1154-4C22-9182-23A95BBE92D9} - (Google) - http://www.google.com~ Keys: Scanned in 00mn 00s---\\ Recherche particulière à la racine du système (SPRF) (O84)[MD5.CD5F805EE8E53B4616D87DD41CE799E3] [SPRF][09/12/2014] (...) -- C:\Users\Dell\AppData\Local\Temp\~autoupdate.dat [184][MD5.D05F5ADAA1A8C921E4378D68B5DB50C5] [SPRF][09/12/2014] (...) -- C:\Users\Dell\AppData\Local\Temp\~gu3-ver.dat [110][MD5.CB92280B311DFE4CA4195EE6203606F5] [SPRF][09/12/2014] (...) -- C:\Users\Dell\AppData\Local\Temp\~upgrade.dat [1228][MD5.CBDDB6C4BCD895F8879FD6AC588007A0] [SPRF][04/12/2014] (.Pas de propriétaire - Aut2Exe.) -- C:\Users\Dell\Desktop\adwcleaner_4.103.exe [2154496][MD5.AF506E0B71016682293AC3814A7D62BA] [SPRF][08/12/2014] (.Pas de propriétaire - Aut2Exe.) -- C:\Users\Dell\Desktop\adwcleaner_4.104.exe [2153472][MD5.97FE6F7EBE5DBA6620C9A47B5151C447] [SPRF][09/12/2014] (...) -- C:\Users\Dell\Desktop\avira_free_antivirus_en.exe [154011912][MD5.8DCFD71E8016A93728AC0A8026763E56] [SPRF][09/12/2014] (...) -- C:\Users\Dell\Desktop\RogueKillerX64.exe [18315864][MD5.CCBD07ACEB6ADC4E4A238810A505F20D] [SPRF][17/05/2014] (.LoL Skin Installer - Skin Installer Ultimate.) -- C:\Users\Dell\Desktop\Skin Installer Ultimate.exe [5182976]~ Files: 11 Legitimates Filtered in 00mn 11s---\\ Liste des exceptions du parefeu (FirewallRules) (O87)O87 - FAEL: "{3651350E-770F-4F74-89E4-B431281C7AF2}" | In - Private - P6 - FALSE | .(.Flash-Integro LLC - VSDC Free Video Editor.) -- C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exeO87 - FAEL: "{5672931A-A375-419A-B238-E5212836FE7C}" | In - Private - P17 - FALSE | .(.Flash-Integro LLC - VSDC Free Video Editor.) -- C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exeO87 - FAEL: "{DDB0E9CB-BE85-4B22-8ED8-BAA408410E75}" | In - Private - P6 - FALSE | .(.Flash-Integro LLC - VSDC Updater.) -- C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exeO87 - FAEL: "{73E58B28-563B-42B2-B60A-61B29A9E6F4B}" | In - Private - P17 - FALSE | .(.Flash-Integro LLC - VSDC Updater.) -- C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe~ Firewall: 201 Legitimates Filtered in 00mn 01s---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)SS - | Disabled 15/04/2010 1872320 | (a2free) . (.Emsi Software GmbH.) - C:\Program Files (x86)\a-squared Free\a2service.exeSS - | Auto 25/11/2014 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeSS - | Demand 08/12/2014 114800 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exeSS - | Auto 10/07/1658 0 | (RsMgrSvc) . (...) - C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exeSS - | Demand 13/08/2014 821096 | (SystemExplorerHelpService) . (.Mister Group.) - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exeSS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exeSS - | Disabled 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft CorporationSR - | Auto 12/09/2014 64704 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeSR - | Auto 13/01/2010 202752 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exeSR - | Auto 24/11/2014 431920 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exeSR - | Auto 24/11/2014 431920 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exeSR - | Auto 24/11/2014 993584 | (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exeSR - | Auto 22/10/2014 164656 | (Avira.OE.ServiceHost) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exeSR - | Auto 01/10/2014 1349576 | (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exeSR - | Auto 22/08/2014 23784 | (MsMpSvc) . (.Microsoft Corporation.) - c:\Program Files\Microsoft Security Client\MsMpEng.exeSR - | Auto 24/06/2014 1738168 | (SDScannerService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exeSR - | Auto 27/06/2014 2088408 | (SDUpdateService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exeSR - | Auto 25/04/2014 171928 | (SDWSCService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exeSR - | Auto 24/11/2014 111208 | (Unchecky) . (.RaMMicHaeL.) - C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exeSR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe~ Services: Scanned in 00mn 04s---\\ Scan Additionnel (O88)Database Version : 13024 - (17/01/2014)Clés trouvées (Keys found) : 0Valeurs trouvées (Values found) : 5Dossiers trouvés (Folders found) : 0Fichiers trouvés (Files found) : 0~ Additionnel Scan: 209356 Items scanned in 00mn 16s---\\ Récapitulatif des détections trouvées sur votre station~ http://nicolascoolman.webs.com/apps/blo ... iskspeedup =>PUP.DiskSpeedup~ MSI: 1 link(s) detected in 00mn 17s~ 978 Legitimates filtered by white listEnd of the scan (427 lines in 02mn 00s)(0)
- Rend toi sur ce site technicland
- Clique sur Scan une fois le scan terminé
- Clique sur "Fix"
- Puis clique sur "Oui"
► Afficher le texte