Vous pensez être infecté, des pubs s'affichent quand vous naviguez sur internet ?
Perte de données, ralentissement système, virus USB ?
Désinfectez votre ordinateur gratuitement !
  • Avatar du membre
Avatar du membre
par Seckynci
#213149
Bonjour,

j'ai récupéré un vieux pc parce que mon actuel est mort, celui ci est assez ancien et était très lent, j'ai donc effectué les contrôles de routines, antivirus ok, mbam a détecté plusieurs menaces et je me suis dis que de faire un usbfix ne serait pas de trop.

Voici le rapport:

############################## | UsbFix V 7.811 | [Nettoyage]

Utilisateur: Marsupio (Administrateur) # TANIERE
Mis à  jour le 20/01/2015 par El Desaparecido - SosVirus
Lancé à  20:47:04 | 25/01/2015

Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Assistance : http://www.sosvirus.net/forum-virus-securite.html
Détection en Live : http://comment-supprimer.fr/
Contact : http://www.usbfix.net/contact/

################## | System information |

MB: Hewlett-Packard (30C2)
CPU: Mobile AMD Sempron(tm) Processor 3500+
GC: ATI Radeon X1200 Series
RAM -> [Total : 1407 Mo | Free : 506 Mo]
Bios: Hewlett-Packard
Boot: Normal boot

OS: Microsoftâ„¢ Windows Vista (TM) Home Basic (6.0.6002 32-Bit) Service Pack 2
WB: Internet Explorer : 9.00.8112.16421
WB: Mozilla Firefox : 35.0

################## | Security Information |

AV: avast! Antivirus [Actif |A jour]
AS: Windows Defender [Actif |A jour]
AS: avast! Antivirus [Actif |A jour]
AS: Malwarebytes Anti-Malware : 2.0.4.1028
FW: Windows Firewall [Actif]
SC: Security Center [Actif]
WU: Windows Update [Actif]

################## | Disk Information |

C:\ (%SystemDrive%) -> Disque fixe # 75 Go (28 Go libre(s) - 37%) [] # NTFS

################## | Recherche générique |


(!) Fichiers temporaires supprimés. (230.027828216553 MB)

################## | Registre |


################## | Regedit Run |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
04 - HKLM\..\Run : [IFXSPMGT] C:\Windows\system32\ifxspmgt.exe /NotifyLogon
04 - HKLM\..\Run : [CognizanceTS] rundll32.exe C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
04 - HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
04 - HKU\S-1-5-19\..\Run : [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
04 - HKU\S-1-5-20\..\Run : [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
04 - HKU\S-1-5-21-3139695825-2709014530-1126645551-1012\..\Run : [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

################## | UsbFix - Information |

Info : Comment supprimer l'infection des raccourcis sur USB ? (Video)
Info : L'infection des raccourcis USB, c'est quoi ?
Détection en Live : http://comment-supprimer.fr/

################## | Hijack |


################## | C:\ %SystemDrive% - Disque Fixe (NTFS) |

[18/09/2006 - 22:43:37 | A | 0 Ko] - C:\config.sys
[06/03/2008 - 20:06:51 | RASH | 0 Ko] - C:\IO.SYS
[06/03/2008 - 20:06:51 | RASH | 0 Ko] - C:\MSDOS.SYS
[25/01/2015 - 14:52:49 | ASH | 1747488 Ko] - C:\pagefile.sys
[25/01/2015 - 14:52:55 | ASH | 1441080 Ko] - C:\hiberfil.sys
[25/01/2015 - 12:06:49 | D] - C:\SYSTEM.SAV
[24/01/2015 - 21:26:58 | N | 512 Ko] - C:\ntuser.dat{2257f125-a405-11e4-b0ae-001a73880f5c}.TMContainer00000000000000000001.regtrans-ms
[24/01/2015 - 21:26:58 | N | 512 Ko] - C:\ntuser.dat{2257f125-a405-11e4-b0ae-001a73880f5c}.TMContainer00000000000000000002.regtrans-ms
[25/01/2015 - 15:12:36 | D] - C:\Config.Msi
[24/01/2015 - 21:26:57 | N | 0 Ko] - C:\ntuser.dat.LOG2
[24/01/2015 - 21:26:58 | N | 5 Ko] - C:\ntuser.dat.LOG1
[24/01/2015 - 21:26:58 | A | 256 Ko] - C:\ntuser.dat
[24/01/2015 - 21:26:58 | N | 64 Ko] - C:\ntuser.dat{2257f125-a405-11e4-b0ae-001a73880f5c}.TM.blf
[25/01/2015 - 15:13:43 | SHD] - C:\$Recycle.Bin
[18/09/2006 - 22:43:36 | A | 0 Ko] - C:\autoexec.bat
[02/11/2006 - 13:59:44 | SHD] - C:\Documents and Settings
[17/06/2008 - 19:28:02 | D] - C:\PerfLogs
[11/04/2009 - 07:36:36 | RASH | 325 Ko] - C:\bootmgr
[08/10/2009 - 06:25:32 | RHD] - C:\MSOCache
[11/03/2010 - 20:55:11 | D] - C:\QUARANTINE
[29/05/2010 - 16:10:32 | D] - C:\Temp
[05/10/2010 - 19:23:40 | D] - C:\d1939f15e2a9ea260bd8
[02/03/2013 - 19:20:45 | SHD] - C:\Boot
[25/01/2015 - 11:37:04 | HD] - C:\ProgramData
[25/01/2015 - 11:37:05 | RD] - C:\Program Files
[25/01/2015 - 12:05:39 | D] - C:\ATI
[25/01/2015 - 13:06:49 | D] - C:\AdwCleaner
[25/01/2015 - 15:32:22 | RD] - C:\Users
[25/01/2015 - 15:42:34 | D] - C:\Windows
[25/01/2015 - 15:57:00 | D] - C:\UsbFix

################## | Vaccin |

C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.sosvirus.net/ | http://www.usbfix.net/ |


C'est bon signe docteur ?
Avatar du membre
par g3n-h@ckm@n
#213150
Salut possible de voir le rapport de malwarebytes ?
Avatar du membre
par Seckynci
#213151
Bonjour,

oui j'ai vu ce que vous demandiez pr tout nouveau cas je suis en train de faire le ZHPDiag. (j'ai changé entre temps le nom des utilisateurs et du PC qui n'étaient plus utilisés d'o๠la différence avec le nom sur le rapport USBfix)
Rapport Mbam :

Malwarebytes Anti-Malware
http://www.malwarebytes.org" onclick="window.open(this.href);return false;

Date de l'examen: 25/01/2015
Heure de l'examen: 11:09:58
Fichier journal:
Administrateur: Oui

Version: 2.00.4.1028
Base de données Malveillants: v2015.01.25.06
Base de données Rootkits: v2015.01.14.01
Licence: Essai
Protection contre les malveillants: Activé(e)
Protection contre les sites Web malveillants: Activé(e)
Auto-protection: Désactivé(e)

Système d'exploitation: Windows Vista Service Pack 2
Processeur: x86
Système de fichiers: NTFS
Utilisateur: Jean-Jacques

Type d'examen: Examen "Menaces"
Résultat: Terminé
Objets analysés: 448241
Temps écoulé: 1 h, 12 min, 41 sec

Mémoire: Activé(e)
Démarrage: Activé(e)
Système de fichiers: Activé(e)
Archives: Activé(e)
Rootkits: Désactivé(e)
Heuristique: Activé(e)
PUP: Activé(e)
PUM: Activé(e)

Processus: 0
(Aucun élément malicieux detecté)

Modules: 0
(Aucun élément malicieux detecté)

Clés du Registre: 3
PUP.Optional.Softonic.A, HKU\S-1-5-21-3139695825-2709014530-1126645551-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Softonic, Mis en quarantaine, [14864ab1d8b180b63edb3f419c6703fd],
PUP.Optional.Spigot.A, HKU\S-1-5-21-3139695825-2709014530-1126645551-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Search Settings, Mis en quarantaine, [940659a2b8d195a10879fef86d97a65a],
Trojan.Zlob, HKU\S-1-5-21-3139695825-2709014530-1126645551-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Web Technologies, Mis en quarantaine, [7c1e1be05c2d1125b9670d2eef15748c],

Valeurs du Registre: 0
(Aucun élément malicieux detecté)

Données du Registre: 0
(Aucun élément malicieux detecté)

Dossiers: 12
PUP.Optional.Spigot.A, C:\Users\Baptiste\AppData\LocalLow\Search Settings, Mis en quarantaine, [2872bd3e8ffae353401e92c630d3a060],
PUP.Optional.Spigot.A, C:\Users\Baptiste\AppData\LocalLow\Search Settings\kb130, Mis en quarantaine, [2872bd3e8ffae353401e92c630d3a060],
PUP.Optional.Spigot.A, C:\Users\Baptiste\AppData\LocalLow\Search Settings\kb130\temp, Mis en quarantaine, [2872bd3e8ffae353401e92c630d3a060],
PUP.Optional.Spigot.A, C:\Users\Baptiste\AppData\LocalLow\Search Settings\res, Mis en quarantaine, [2872bd3e8ffae353401e92c630d3a060],
PUP.Optional.Spigot.A, C:\Users\Baptiste\AppData\LocalLow\Search Settings\temp, Mis en quarantaine, [2872bd3e8ffae353401e92c630d3a060],
PUP.Optional.Spigot.A, C:\Users\InvitàƒÂ©\AppData\LocalLow\Search Settings, Mis en quarantaine, [a8f2fb00e6a3c6708ad4afa9fb08b24e],
PUP.Optional.Spigot.A, C:\Users\InvitàƒÂ©\AppData\LocalLow\Search Settings\kb130, Mis en quarantaine, [a8f2fb00e6a3c6708ad4afa9fb08b24e],
PUP.Optional.Spigot.A, C:\Users\InvitàƒÂ©\AppData\LocalLow\Search Settings\kb130\temp, Mis en quarantaine, [a8f2fb00e6a3c6708ad4afa9fb08b24e],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot, Mis en quarantaine, [52488d6e2d5c171fbc81a3c37a899070],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\wtxpcom, Mis en quarantaine, [52488d6e2d5c171fbc81a3c37a899070],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\wtxpcom\components, Mis en quarantaine, [52488d6e2d5c171fbc81a3c37a899070],
PUP.Optional.Yoono.A, C:\Users\Baptiste\AppData\Roaming\Mozilla\Firefox\Profiles\e58ere59.default\yoono, Mis en quarantaine, [a9f16497becbac8ab78199da1fe44fb1],

Fichiers: 9
PUP.Optional.Spigot.A, C:\Users\Baptiste\AppData\LocalLow\Search Settings\kb130\temp\ws-14755.log, Mis en quarantaine, [2872bd3e8ffae353401e92c630d3a060],
PUP.Optional.Spigot.A, C:\Users\Baptiste\AppData\LocalLow\Search Settings\kb130\temp\ws-14756.log, Mis en quarantaine, [2872bd3e8ffae353401e92c630d3a060],
PUP.Optional.Spigot.A, C:\Users\Baptiste\AppData\LocalLow\Search Settings\kb130\temp\ws-14757.log, Mis en quarantaine, [2872bd3e8ffae353401e92c630d3a060],
PUP.Optional.Spigot.A, C:\Users\Baptiste\AppData\LocalLow\Search Settings\kb130\temp\ws-14758.log, Mis en quarantaine, [2872bd3e8ffae353401e92c630d3a060],
PUP.Optional.Spigot.A, C:\Users\Baptiste\AppData\LocalLow\Search Settings\kb130\temp\ws-14759.log, Mis en quarantaine, [2872bd3e8ffae353401e92c630d3a060],
PUP.Optional.Spigot.A, C:\Users\InvitàƒÂ©\AppData\LocalLow\Search Settings\kb130\temp\ws-14813.log, Mis en quarantaine, [a8f2fb00e6a3c6708ad4afa9fb08b24e],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.5, Mis en quarantaine, [52488d6e2d5c171fbc81a3c37a899070],
PUP.Optional.Yoono.A, C:\Users\Baptiste\AppData\Roaming\Mozilla\Firefox\Profiles\e58ere59.default\yoono\cookies.sqlite, Mis en quarantaine, [a9f16497becbac8ab78199da1fe44fb1],
PUP.Optional.Yoono.A, C:\Users\Baptiste\AppData\Roaming\Mozilla\Firefox\Profiles\e58ere59.default\yoono\yoono.log, Mis en quarantaine, [a9f16497becbac8ab78199da1fe44fb1],

Secteurs physiques: 0
(Aucun élément malicieux detecté)


(end)
Avatar du membre
par Seckynci
#213152
Et voici le rapport de ZHPDiag.
Merci!

~ Rapport de ZHPDiag v2015.1.24.9 - Nicolas Coolman (24/01/2015)
~ Lancé par Marsupio (25/01/2015 21:20:17)
~ Facebook : https://www.facebook.com/nicolascoolman1" onclick="window.open(this.href);return false;
~ Adresse du Forum http://forum.nicolascoolman.fr" onclick="window.open(this.href);return false;
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à  jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 35.0 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Vista (TM) Home Basic, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Windows Operating System - Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 44MV3
Windows License : OK
Windows Automatic Updates : OK

---\\ Logiciels de protection du système
Avast Free Antivirus v10.0.2208
Malwarebytes Anti-Malware version 2.0.4.1028

---\\ Logiciels d'optimisation du système
CCleaner v5.01

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 16 NPAPI
Adobe Reader X
Java 7 Update 15

---\\ Informations sur le système
~ Processor: x86 Family 15 Model 76 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1406 MB (24% free)
System Restore: Activé (Enable)
System drive C: has 28 GB (37%) free of 75 GB

---\\ Mode de connexion au système
~ Computer Name: TANIERE
~ User Name: Marsupio
~ All Users Names: Marsupio, adminsav, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Marsupio\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Marsupio\AppData\Roaming\
~ %Desktop% : C:\Users\Marsupio\Desktop\
~ %Favorites% : C:\Users\Marsupio\Favorites\
~ %LocalAppData% : C:\Users\Marsupio\AppData\Local\
~ %StartMenu% : C:\Users\Marsupio\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 28 Go of 75 Go)
D: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
~ Security Center: 42 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.19/01/2008 - 08:33:37.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.AA680F0065A505118BDD9181BCE7C83D] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.24/11/2014 - 21:35:25.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.F5272A105F59A7B3B345D9D6D87DA7AD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:53:22.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.19/01/2008 - 06:28:02.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.19/01/2008 - 06:49:18.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.19/01/2008 - 06:56:28.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
[MD5.8A79FDF04A73428597E2CAF9D0D67850] - (.Microsoft Corporation - Pilote de port parallèle.) (.19/01/2008 - 06:49:33.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.19/01/2008 - 06:56:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10:03:00.) -- C:\Windows\system32\Drivers\rdpdr.sys [242688]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 03s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/16299
~ Mes Favoris (My Favorites) : 1/3
~ Mes Documents (My Documents) : 1/1401
~ Mon Bureau (My Desktop) : 1/5
~ Menu demarrer (Programs) : 1/23
~ Hidden Files: Scanned in 01mn 15s



---\\ Processus lancés
[MD5.E3F7EC811923F3F1A77B185F22638E5E] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344] [PID.1712]
[MD5.07AF92553C94A548C38BE54B6A668318] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [5225064] [PID.5828]
[MD5.9927E906D7997D22E67E476710127070] - (.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\MaConfigAgent.exe [2117448] [PID.1832]
[MD5.22A5AB0A62CFE32AA790C007E5BBBA63] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [338032] [PID.1408]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.2928]
[MD5.786840D3A66E08C99B617BEA4E30B5C0] - (.Adobe Systems, Inc. - Adobe Flash Player 16.0 r0.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe [1880752] [PID.2976]
[MD5.7BEDD051B53821B040EAD42DB0724848] - (.Microsoft Corporation - Rapports de problèmes Windows.) -- C:\Windows\system32\WerFault.exe [217088] [PID.5696]
[MD5.3C13F26A4766752314A5413038BD86B4] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe [7229752] [PID.5324]
[MD5.5F82D8188B370B0CF185D4AE2B9B4A0E] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016] [PID.5952]
[MD5.0BB29DE40C9D9529793DCDB59A43CF5B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160] [PID.2620]
[MD5.B2C418B16792E227BF6D18C7261ABCD9] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8161792] [PID.3948]
[MD5.30D24D69CAE9712D980410924102D376] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [243312] [PID.0]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.0]
~ Processes Running: Scanned in 00mn 04s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (12490)
~ Hosts File: Scanned in 00mn 14s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [IFXSPMGT] . (.Infineon Technologies AG - Security Platform Management Service.) -- C:\Windows\system32\ifxspmgt.exe
O4 - HKLM\..\Run: [CognizanceTS] . (.Cognizance Corporation - Terminal Services Virtual Channel Client.) -- C:\Program Files\Hewlett-Packard\IAM\Bin\ASTSVCC.dll
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
O4 - HKCU\..\Run: [StartCCC] . (...) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-21-3139695825-2709014530-1126645551-1012\..\Run: [StartCCC] . (...) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
~ Application: Scanned in 00mn 01s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} ((no name)) - http://messenger.zone.msn.com/binary/ms ... b56986.cab" onclick="window.open(this.href);return false;
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/s ... wflash.cab" onclick="window.open(this.href);return false;
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{E85E4D8B-C877-4825-A7FB-13D85314CD71}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{E85E4D8B-C877-4825-A7FB-13D85314CD71}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{E85E4D8B-C877-4825-A7FB-13D85314CD71}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{E85E4D8B-C877-4825-A7FB-13D85314CD71}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.Bioscrypt Inc. - Application Protection Hook.) - C:\Windows\System32\APSHook.dll
~ AppInit DLL: Scanned in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop General: WallPaper - .(...) - C:\Windows\Web\Wallpaper\img24.jpg
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk /p \??\C:) - File not found
~ BEX: 2 Legitimates Filtered in 00mn 00s



---\\ Tà¢ches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [{0BBAC53D-3D54-4B40-A679-601425120164}] (...) -- C:\Users\Marsupio\Autres\Desktop\dxb2game125.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{1033E394-75A5-4611-AA1B-6CB9E68BD444}] (...) -- C:\Users\Marsupio\Downloads\RegCleaner(2).exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{19D65D3A-AAD5-4B6D-BB4E-A3B72722D2D7}] (...) -- C:\Users\Marsupio\Pictures\RAG_SETUP0329_.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{216D18AC-1BA1-4B6D-8721-F3679AE067EE}] (...) -- D:\AOEINST.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{805D25F7-8287-4219-95DE-0F8F20462EFC}] (...) -- C:\Users\Marsupio\Documents\App\PVMsetup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{80BE76C5-1256-415A-B469-176D1CCEF909}] (...) -- C:\Users\Marsupio\Downloads\eMule0.50a-Installer.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{BE03CEFB-161D-4D34-BA48-4223394B87F4}] (...) -- C:\Users\Marsupio\Downloads\jeu-214-tim\INSTALL.PIF -d C:\Users\Marsupio\Downloads\jeu-214-tim (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{E53B5CA9-55FC-42AC-BA2A-3D10F7F80B84}] (...) -- C:\Users\Marsupio\Desktop\Xvid.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{EAC87943-0BA0-4037-B098-553310B33C3F}] (...) -- C:\Users\Marsupio\Downloads\jeu-214-tim\INSTALL.PIF -d C:\Users\Marsupio\Downloads\jeu-214-tim (.not file.) [0]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1052]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1056]
~ Scheduled Task: 29 Legitimates Filtered in 00mn 12s



---\\ HKCU & HKLM Software Keys
[HKLM\Software\685D6D1C-D73A-4F37-B7E5E53660311DDB]
[HKLM\Software\SOSVirus]
~ Key Software: 190 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 21/09/2008 - 09:36:51 - [] ----D C:\Program Files\RdDrv001
O43 - CFD: 02/09/2009 - 20:51:21 - [] ----D C:\Program Files\Reader
O43 - CFD: 02/09/2009 - 20:51:20 - [] ----D C:\Program Files\Resource
O43 - CFD: 02/03/2013 - 16:47:35 - [0] -SH-D C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
O43 - CFD: 07/04/2010 - 23:32:39 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Multi Virus Cleaner 2009
~ Program Folder: 199 Legitimates Filtered in 00mn 02s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.14D9A057A082E00116A7A4415051D07C] - 24/01/2015 - 19:31:57 ---A- . (...) -- C:\Windows\System32\WFP.TMF [218228]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 24/01/2015 - 21:26:57 ----- . (...) -- C:\ntuser.dat.LOG2 [0]
O44 - LFC:[MD5.D2CD870033DC7152505318B2CBEE15BA] - 24/01/2015 - 21:26:58 ----- . (...) -- C:\ntuser.dat.LOG1 [5120]
O44 - LFC:[MD5.CA16936EF259DE1ECB4AE7811C6BC2B6] - 24/01/2015 - 21:26:58 ----- . (...) -- C:\ntuser.dat{2257f125-a405-11e4-b0ae-001a73880f5c}.TM.blf [65536]
O44 - LFC:[MD5.9E4555F1C947508463B31755CFA53FC2] - 24/01/2015 - 21:26:58 ----- . (...) -- C:\ntuser.dat{2257f125-a405-11e4-b0ae-001a73880f5c}.TMContainer00000000000000000001.regtrans-ms [524288]
O44 - LFC:[MD5.59071590099D21DD439896592338BF95] - 24/01/2015 - 21:26:58 ----- . (...) -- C:\ntuser.dat{2257f125-a405-11e4-b0ae-001a73880f5c}.TMContainer00000000000000000002.regtrans-ms [524288]
O44 - LFC:[MD5.42D95FC1B8B3DF4F7EB42E88D1F29DEB] - 24/01/2015 - 21:26:58 ---A- . (...) -- C:\ntuser.dat [262144]
O44 - LFC:[MD5.9D23DE88C3B18BA87CD4587177CA6CEA] - 25/01/2015 - 09:44:36 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [24184]
O44 - LFC:[MD5.DB87ABB8E2A12663DE5AAD95D605C0DC] - 25/01/2015 - 11:59:43 ---A- . (...) -- C:\Windows\System32\oem48.inf [613308]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 25/01/2015 - 12:16:36 ---A- . (...) -- C:\Windows\ativpsrm.bin [0]
O44 - LFC:[MD5.A3338C3E9CD68C91653510FF17FFCD1D] - 25/01/2015 - 15:44:18 ---A- . (...) -- C:\Windows\SMinstall.log [5818]
~ Files: 161 Legitimates Filtered in 01mn 01s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Notification Packages . (...) -- C:\Windows\System32\SbHpNp.dll
~ LSA: 9 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ MWPS: 17 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:25/01/2015 - 09:44:36 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [24184] =>.ALWIL Software
O58 - SDL:25/01/2015 - 09:44:36 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [49944] =>.ALWIL Software
O58 - SDL:25/01/2015 - 09:44:36 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [206248] =>.ALWIL Software
O58 - SDL:02/11/2006 - 10:51:34 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [316520]
O58 - SDL:02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\System32\Drivers\iteatapi.sys [35944]
O58 - SDL:02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\System32\Drivers\iteraid.sys [35944]
O58 - SDL:02/01/1601 - 23:00:00 ---A- . (...) -- C:\Windows\System32\Drivers\SafeBoot.sys [100095]
O58 - SDL:09/10/2006 - 12:31:46 ---A- . (.SafeBoot N.V. - SafeBoot FIPS AES Algorithm (256 bit).) -- C:\Windows\System32\Drivers\SbAlg.sys [44720]
O58 - SDL:19/01/2007 - 16:14:50 ---A- . (.PixArt Imaging Inc. - SPC610NC.) -- C:\Windows\System32\Drivers\SPC610NC.SYS [409728]
O58 - SDL:02/11/2006 - 10:51:25 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\System32\Drivers\uliahci.sys [235112]
O58 - SDL:02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\System32\Drivers\ulsata.sys [98408]
O58 - SDL:02/11/2006 - 10:50:45 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\System32\Drivers\ulsata2.sys [115816]
O58 - SDL:02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 98 Legitimates Filtered in 00mn 29s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: UsbFix - (.El Desaparecido - http://www.usbfix.net" onclick="window.open(this.href);return false; - http://www.sosvirus.net" onclick="window.open(this.href);return false;.) [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 25/01/2015 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
~ Legacy: 89 Legitimates Filtered in 00mn 11s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <firefox.exe> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 27/07/2012 63960 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 25/01/2015 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 06/02/2007 69632 | (AEADIFilters) . (.Andrea Electronics Corporation.) - C:\Windows\System32\AEADISRV.exe
SS - | Auto 13/12/2006 9216 | (AgereModemAudio) . (.Agere Systems.) - C:\Windows\system32\agrsmsvc.exe
SS - | Auto 11/02/2010 733184 | (Ati External Event Utility) . (.ATI Technologies Inc..) - C:\Windows\System32\Ati2evxx.exe
SS - | Demand 12/01/2010 227896 | (Com4QLBEx) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
SS - | Auto 24/01/2015 107912 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 24/01/2015 107912 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Auto 22/04/2007 221184 | (HpFkCryptService) . (.SafeBoot International.) - C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
SS - | Demand 30/04/2009 229944 | (hpqwmiex) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
SS - | Auto 13/05/2011 26168 | (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe
SS - | Demand 04/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SS - | Auto 23/05/2007 677408 | (IFXSpMgtSrv) . (.Infineon Technologies AG.) - C:\Windows\system32\ifxspmgt.exe
SS - | Auto 23/05/2007 853536 | (IFXTCS) . (.Infineon Technologies AG.) - C:\Windows\system32\ifxtcs.exe
SS - | Demand 09/01/2015 114800 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 18/04/2007 140832 | (PersonalSecureDriveService) . (.Infineon Technologies AG.) - C:\Windows\system32\IfxPsdSv.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Auto 04/12/2006 292384 | (SWIHPWMI) . (.Sierra Wireless Inc..) - C:\Program Files\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe
SR - | Auto 19/01/2008 21504 | C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll (ASBroker) . (.Cognizance Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 19/01/2008 21504 | C:\Program Files\Hewlett-Packard\IAM\Bin\ASChnl.dll (ASChannel) . (.Cognizance Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 25/01/2015 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Auto 15/10/2014 2117448 | (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe
SR - | Auto 21/11/2014 1871160 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
SR - | Auto 21/11/2014 969016 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
SR - | Auto 19/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 19/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 27s



---\\ Scan Additionnel (O88)
Database Version : 13008 - (24/01/2015)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0

~ Additionnel Scan: 268761 Items scanned in 01mn 39s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-ex ... ment-iepm/" onclick="window.open(this.href);return false; =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o4-application ... -registre/" onclick="window.open(this.href);return false; =>.Applications lancées au démarrage du système (O4)
~ AMI: 2 Legitimates Filtered in 00mn 00s



~ 942 Legitimates filtered by white list
End of the scan (390 lines in 07mn 30s)(0)
Avatar du membre
par g3n-h@ckm@n
#213154
ca l'air propre à  priori

bonsoir oki pour la fermeture je m'en charge car[…]

how to clean junk files

Hello don't use this program , it's a bullshit :)

Bonjour https://www.aht.li/3213847/AdsFix.exe b[…]

De rien Bon WE :)