Contrôle Virus USBFix 2015-01-25T19:56:42+00:00
  • Auteur
    Messages
  • Seckynci
    Nombre d'articles : 0

    Bonjour,

    j’ai récupéré un vieux pc parce que mon actuel est mort, celui ci est assez ancien et était très lent, j’ai donc effectué les contrôles de routines, antivirus ok, mbam a détecté plusieurs menaces et je me suis dis que de faire un usbfix ne serait pas de trop.

    Voici le rapport:

    ############################## | UsbFix V 7.811 | [Nettoyage]

    Utilisateur: Marsupio (Administrateur) # TANIERE
    Mis à jour le 20/01/2015 par El Desaparecido – SosVirus
    Lancé à 20:47:04 | 25/01/2015

    Site Web : http://www.usbfix.net/
    Changelog : http://www.usbfix.net/maj/
    Assistance : https://www.sosvirus.net/aide-nettoyage-pc/
    Détection en Live : http://comment-supprimer.fr/
    Contact : http://www.usbfix.net/contact/

    ################## | System information |

    MB: Hewlett-Packard (30C2)
    CPU: Mobile AMD Sempron(tm) Processor 3500+
    GC: ATI Radeon X1200 Series
    RAM -> [Total : 1407 Mo | Free : 506 Mo]
    Bios: Hewlett-Packard
    Boot: Normal boot

    OS: Microsoft™ Windows Vista (TM) Home Basic (6.0.6002 32-Bit) Service Pack 2
    WB: Internet Explorer : 9.00.8112.16421
    WB: Mozilla Firefox : 35.0

    ################## | Security Information |

    AV: avast! Antivirus [Actif |A jour]
    AS: Windows Defender [Actif |A jour]
    AS: avast! Antivirus [Actif |A jour]
    AS: Malwarebytes Anti-Malware : 2.0.4.1028
    FW: Windows Firewall [Actif]
    SC: Security Center [Actif]
    WU: Windows Update [Actif]

    ################## | Disk Information |

    C: (%SystemDrive%) -> Disque fixe # 75 Go (28 Go libre(s) – 37%) [] # NTFS

    ################## | Recherche générique |

    (!) Fichiers temporaires supprimés. (230.027828216553 MB)

    ################## | Registre |

    ################## | Regedit Run |

    F2 – HKLM..Winlogon : [Shell] explorer.exe
    F2 – HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
    04 – HKCU..Run : [StartCCC] C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe
    04 – HKLM..Run : [IFXSPMGT] C:Windowssystem32ifxspmgt.exe /NotifyLogon
    04 – HKLM..Run : [CognizanceTS] rundll32.exe C:PROGRA~1HEWLET~1IAMBinASTSVCC.dll,RegisterModule
    04 – HKLM..Run : [SynTPEnh] %ProgramFiles%SynapticsSynTPSynTPEnh.exe
    04 – HKLM..Run : [AvastUI.exe] “C:Program FilesAlwil SoftwareAvast5AvastUI.exe” /nogui
    04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem
    04 – HKUS-1-5-19..Run : [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
    04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem
    04 – HKUS-1-5-20..Run : [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
    04 – HKUS-1-5-21-3139695825-2709014530-1126645551-1012..Run : [StartCCC] C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe

    ################## | UsbFix – Information |

    Info : Comment supprimer l’infection des raccourcis sur USB ? (Video)
    Info : L’infection des raccourcis USB, c’est quoi ?
    Détection en Live : http://comment-supprimer.fr/

    ################## | Hijack |

    ################## | C: %SystemDrive% – Disque Fixe (NTFS) |

    [18/09/2006 – 22:43:37 | A | 0 Ko] – C:config.sys
    [06/03/2008 – 20:06:51 | RASH | 0 Ko] – C:IO.SYS
    [06/03/2008 – 20:06:51 | RASH | 0 Ko] – C:MSDOS.SYS
    [25/01/2015 – 14:52:49 | ASH | 1747488 Ko] – C:pagefile.sys
    [25/01/2015 – 14:52:55 | ASH | 1441080 Ko] – C:hiberfil.sys
    [25/01/2015 – 12:06:49 | D] – C:SYSTEM.SAV
    [24/01/2015 – 21:26:58 | N | 512 Ko] – C:ntuser.dat{2257f125-a405-11e4-b0ae-001a73880f5c}.TMContainer00000000000000000001.regtrans-ms
    [24/01/2015 – 21:26:58 | N | 512 Ko] – C:ntuser.dat{2257f125-a405-11e4-b0ae-001a73880f5c}.TMContainer00000000000000000002.regtrans-ms
    [25/01/2015 – 15:12:36 | D] – C:Config.Msi
    [24/01/2015 – 21:26:57 | N | 0 Ko] – C:ntuser.dat.LOG2
    [24/01/2015 – 21:26:58 | N | 5 Ko] – C:ntuser.dat.LOG1
    [24/01/2015 – 21:26:58 | A | 256 Ko] – C:ntuser.dat
    [24/01/2015 – 21:26:58 | N | 64 Ko] – C:ntuser.dat{2257f125-a405-11e4-b0ae-001a73880f5c}.TM.blf
    [25/01/2015 – 15:13:43 | SHD] – C:$Recycle.Bin
    [18/09/2006 – 22:43:36 | A | 0 Ko] – C:autoexec.bat
    [02/11/2006 – 13:59:44 | SHD] – C:Documents and Settings
    [17/06/2008 – 19:28:02 | D] – C:PerfLogs
    [11/04/2009 – 07:36:36 | RASH | 325 Ko] – C:bootmgr
    [08/10/2009 – 06:25:32 | RHD] – C:MSOCache
    [11/03/2010 – 20:55:11 | D] – C:QUARANTINE
    [29/05/2010 – 16:10:32 | D] – C:Temp
    [05/10/2010 – 19:23:40 | D] – C:d1939f15e2a9ea260bd8
    [02/03/2013 – 19:20:45 | SHD] – C:Boot
    [25/01/2015 – 11:37:04 | HD] – C:ProgramData
    [25/01/2015 – 11:37:05 | RD] – C:Program Files
    [25/01/2015 – 12:05:39 | D] – C:ATI
    [25/01/2015 – 13:06:49 | D] – C:AdwCleaner
    [25/01/2015 – 15:32:22 | RD] – C:Users
    [25/01/2015 – 15:42:34 | D] – C:Windows
    [25/01/2015 – 15:57:00 | D] – C:UsbFix

    ################## | Vaccin |

    C:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

    ################## | E.O.F | https://www.sosvirus.net/ | http://www.usbfix.net/ |

    C’est bon signe docteur ?

  • g3n-h@ckm@n
    Admin bbPress
    Nombre d'articles : 8323

    Salut possible de voir le rapport de malwarebytes ?

  • Seckynci
    Nombre d'articles : 0

    Bonjour,

    oui j’ai vu ce que vous demandiez pr tout nouveau cas je suis en train de faire le ZHPDiag. (j’ai changé entre temps le nom des utilisateurs et du PC qui n’étaient plus utilisés d’où la différence avec le nom sur le rapport USBfix)
    Rapport Mbam :

    Malwarebytes Anti-Malware
    http://www.malwarebytes.org

    Date de l’examen: 25/01/2015
    Heure de l’examen: 11:09:58
    Fichier journal:
    Administrateur: Oui

    Version: 2.00.4.1028
    Base de données Malveillants: v2015.01.25.06
    Base de données Rootkits: v2015.01.14.01
    Licence: Essai
    Protection contre les malveillants: Activé(e)
    Protection contre les sites Web malveillants: Activé(e)
    Auto-protection: Désactivé(e)

    Système d’exploitation: Windows Vista Service Pack 2
    Processeur: x86
    Système de fichiers: NTFS
    Utilisateur: Jean-Jacques

    Type d’examen: Examen “Menaces”
    Résultat: Terminé
    Objets analysés: 448241
    Temps écoulé: 1 h, 12 min, 41 sec

    Mémoire: Activé(e)
    Démarrage: Activé(e)
    Système de fichiers: Activé(e)
    Archives: Activé(e)
    Rootkits: Désactivé(e)
    Heuristique: Activé(e)
    PUP: Activé(e)
    PUM: Activé(e)

    Processus: 0
    (Aucun élément malicieux detecté)

    Modules: 0
    (Aucun élément malicieux detecté)

    Clés du Registre: 3
    PUP.Optional.Softonic.A, HKUS-1-5-21-3139695825-2709014530-1126645551-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWARESoftonic, Mis en quarantaine, [14864ab1d8b180b63edb3f419c6703fd],
    PUP.Optional.Spigot.A, HKUS-1-5-21-3139695825-2709014530-1126645551-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWAREAPPDATALOWSOFTWARESearch Settings, Mis en quarantaine, [940659a2b8d195a10879fef86d97a65a],
    Trojan.Zlob, HKUS-1-5-21-3139695825-2709014530-1126645551-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWAREWeb Technologies, Mis en quarantaine, [7c1e1be05c2d1125b9670d2eef15748c],

    Valeurs du Registre: 0
    (Aucun élément malicieux detecté)

    Données du Registre: 0
    (Aucun élément malicieux detecté)

    Dossiers: 12
    PUP.Optional.Spigot.A, C:UsersBaptisteAppDataLocalLowSearch Settings, Mis en quarantaine, [2872bd3e8ffae353401e92c630d3a060],
    PUP.Optional.Spigot.A, C:UsersBaptisteAppDataLocalLowSearch Settingskb130, Mis en quarantaine, [2872bd3e8ffae353401e92c630d3a060],
    PUP.Optional.Spigot.A, C:UsersBaptisteAppDataLocalLowSearch Settingskb130temp, Mis en quarantaine, [2872bd3e8ffae353401e92c630d3a060],
    PUP.Optional.Spigot.A, C:UsersBaptisteAppDataLocalLowSearch Settingsres, Mis en quarantaine, [2872bd3e8ffae353401e92c630d3a060],
    PUP.Optional.Spigot.A, C:UsersBaptisteAppDataLocalLowSearch Settingstemp, Mis en quarantaine, [2872bd3e8ffae353401e92c630d3a060],
    PUP.Optional.Spigot.A, C:UsersInvitéAppDataLocalLowSearch Settings, Mis en quarantaine, [a8f2fb00e6a3c6708ad4afa9fb08b24e],
    PUP.Optional.Spigot.A, C:UsersInvitéAppDataLocalLowSearch Settingskb130, Mis en quarantaine, [a8f2fb00e6a3c6708ad4afa9fb08b24e],
    PUP.Optional.Spigot.A, C:UsersInvitéAppDataLocalLowSearch Settingskb130temp, Mis en quarantaine, [a8f2fb00e6a3c6708ad4afa9fb08b24e],
    PUP.Optional.Spigot.A, C:Program FilesCommon FilesSpigot, Mis en quarantaine, [52488d6e2d5c171fbc81a3c37a899070],
    PUP.Optional.Spigot.A, C:Program FilesCommon FilesSpigotwtxpcom, Mis en quarantaine, [52488d6e2d5c171fbc81a3c37a899070],
    PUP.Optional.Spigot.A, C:Program FilesCommon FilesSpigotwtxpcomcomponents, Mis en quarantaine, [52488d6e2d5c171fbc81a3c37a899070],
    PUP.Optional.Yoono.A, C:UsersBaptisteAppDataRoamingMozillaFirefoxProfilese58ere59.defaultyoono, Mis en quarantaine, [a9f16497becbac8ab78199da1fe44fb1],

    Fichiers: 9
    PUP.Optional.Spigot.A, C:UsersBaptisteAppDataLocalLowSearch Settingskb130tempws-14755.log, Mis en quarantaine, [2872bd3e8ffae353401e92c630d3a060],
    PUP.Optional.Spigot.A, C:UsersBaptisteAppDataLocalLowSearch Settingskb130tempws-14756.log, Mis en quarantaine, [2872bd3e8ffae353401e92c630d3a060],
    PUP.Optional.Spigot.A, C:UsersBaptisteAppDataLocalLowSearch Settingskb130tempws-14757.log, Mis en quarantaine, [2872bd3e8ffae353401e92c630d3a060],
    PUP.Optional.Spigot.A, C:UsersBaptisteAppDataLocalLowSearch Settingskb130tempws-14758.log, Mis en quarantaine, [2872bd3e8ffae353401e92c630d3a060],
    PUP.Optional.Spigot.A, C:UsersBaptisteAppDataLocalLowSearch Settingskb130tempws-14759.log, Mis en quarantaine, [2872bd3e8ffae353401e92c630d3a060],
    PUP.Optional.Spigot.A, C:UsersInvitéAppDataLocalLowSearch Settingskb130tempws-14813.log, Mis en quarantaine, [a8f2fb00e6a3c6708ad4afa9fb08b24e],
    PUP.Optional.Spigot.A, C:Program FilesCommon FilesSpigotwtxpcomcomponentsWidgiToolbarFF.dll.5, Mis en quarantaine, [52488d6e2d5c171fbc81a3c37a899070],
    PUP.Optional.Yoono.A, C:UsersBaptisteAppDataRoamingMozillaFirefoxProfilese58ere59.defaultyoonocookies.sqlite, Mis en quarantaine, [a9f16497becbac8ab78199da1fe44fb1],
    PUP.Optional.Yoono.A, C:UsersBaptisteAppDataRoamingMozillaFirefoxProfilese58ere59.defaultyoonoyoono.log, Mis en quarantaine, [a9f16497becbac8ab78199da1fe44fb1],

    Secteurs physiques: 0
    (Aucun élément malicieux detecté)

    (end)

  • Seckynci
    Nombre d'articles : 0

    Et voici le rapport de ZHPDiag.
    Merci!

    ~ Rapport de ZHPDiag v2015.1.24.9 – Nicolas Coolman (24/01/2015)
    ~ Lancé par Marsupio (25/01/2015 21:20:17)
    ~ Facebook : https://www.facebook.com/nicolascoolman1” onclick=”window.open(this.href);return false;
    ~ Adresse du Forum http://forum.nicolascoolman.fr” onclick=”window.open(this.href);return false;
    ~ Traduit par Nicolas Coolman
    ~ Etat de la version : Version à jour.
    ~ Liste blanche : Activée par le programme
    ~ Elévation des Privilèges : OK
    ~ User Account Control (UAC): Activate by user

    —\ Navigateurs Internet
    MSIE: Internet Explorer v9.0.8112.16421
    MFIE: Mozilla Firefox 35.0 (Defaut)

    —\ Informations sur les produits Windows
    ~ Langage: Français
    Windows Vista (TM) Home Basic, 32-bit Service Pack 2 (Build 6002)
    Windows Server License Manager Script : OK
    ~ Windows Operating System – Vista, OEM_SLP channel
    System Locked Preinstallation (OEM_SLP) : OK
    Windows ID Activation : OK
    ~ Windows Partial Key : 44MV3
    Windows License : OK
    Windows Automatic Updates : OK

    —\ Logiciels de protection du système
    Avast Free Antivirus v10.0.2208
    Malwarebytes Anti-Malware version 2.0.4.1028

    —\ Logiciels d’optimisation du système
    CCleaner v5.01

    —\ Logiciels de partage PeerToPeer

    —\ Surveillance de Logiciels
    Adobe Flash Player 16 NPAPI
    Adobe Reader X
    Java 7 Update 15

    —\ Informations sur le système
    ~ Processor: x86 Family 15 Model 76 Stepping 2, AuthenticAMD
    ~ Operating System: 32 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 1406 MB (24% free)
    System Restore: Activé (Enable)
    System drive C: has 28 GB (37%) free of 75 GB

    —\ Mode de connexion au système
    ~ Computer Name: TANIERE
    ~ User Name: Marsupio
    ~ All Users Names: Marsupio, adminsav, Administrateur,
    ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
    Logged in as Administrator

    —\ Variables d’environnement
    ~ System Unit : C:
    ~ %AppZHP% : C:UsersMarsupioAppDataRoamingZHP
    ~ %AppData% : C:UsersMarsupioAppDataRoaming
    ~ %Desktop% : C:UsersMarsupioDesktop
    ~ %Favorites% : C:UsersMarsupioFavorites
    ~ %LocalAppData% : C:UsersMarsupioAppDataLocal
    ~ %StartMenu% : C:UsersMarsupioAppDataRoamingMicrosoftWindowsStart Menu
    ~ %Windir% : C:Windows
    ~ %System% : C:WindowsSystem32

    —\ Enumération des unités disques
    C: Hard drive, Flash drive, Thumb drive (Free 28 Go of 75 Go)
    D: CD-ROM drive (Not Inserted)

    —\ Etat du Centre de Sécurité Windows
    ~ Security Center: 42 Legitimates Filtered in 00mn 00s

    —\ Recherche particulière de fichiers génériques
    [MD5.D07D4C3038F3578FFCE1C0237F2A1253] – (.Microsoft Corporation – Explorateur Windows.) (.11/04/2009 – 07:27:36.) — C:WindowsExplorer.exe [2926592]
    [MD5.101BA3EA053480BB5D957EF37C06B5ED] – (.Microsoft Corporation – Application de démarrage de Windows.) (.19/01/2008 – 08:33:37.) — C:WindowsSystem32Wininit.exe [96768]
    [MD5.AA680F0065A505118BDD9181BCE7C83D] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.24/11/2014 – 21:35:25.) — C:WindowsSystem32wininet.dll [1129472]
    [MD5.898E7C06A350D4A1A64A9EA264D55452] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.11/04/2009 – 07:28:13.) — C:WindowsSystem32Winlogon.exe [314368]
    [MD5.F5272A105F59A7B3B345D9D6D87DA7AD] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.30/05/2014 – 07:53:22.) — C:Windowssystem32DriversAFD.sys [273408]
    [MD5.1F05B78AB91C9075565A9D8A4B880BC4] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.11/04/2009 – 07:32:26.) — C:Windowssystem32Driversatapi.sys [19944]
    [MD5.7ADD03E75BEB9E6DD102C3081D29840A] – (.Microsoft Corporation – CD-ROM File System Driver.) (.19/01/2008 – 06:28:02.) — C:Windowssystem32DriversCdfs.sys [70144]
    [MD5.6B4BFFB9BECD728097024276430DB314] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.11/04/2009 – 05:39:17.) — C:Windowssystem32DriversCdrom.sys [67072]
    [MD5.622C41A07CA7E6DD91770F50D532CB6C] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.14/04/2011 – 15:59:03.) — C:Windowssystem32DriversDfsC.sys [75264]
    [MD5.062452B7FFD68C8C042A6261FE8DFF4A] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.11/04/2009 – 05:42:42.) — C:Windowssystem32DriversHDAudBus.sys [561152]
    [MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] – (.Microsoft Corporation – Pilote de port i8042.) (.19/01/2008 – 06:49:18.) — C:Windowssystem32Driversi8042prt.sys [54784]
    [MD5.8793643A67B42CEC66490B2A0CF92D68] – (.Microsoft Corporation – IP Network Address Translator.) (.19/01/2008 – 06:56:28.) — C:Windowssystem32DriversIpNat.sys [100864]
    [MD5.1E94971C4B446AB2290DEB71D01CF0C2] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.29/04/2011 – 14:24:40.) — C:Windowssystem32DriversMRxSmb.sys [106496]
    [MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] – (.Microsoft Corporation – MBT Transport driver.) (.11/04/2009 – 05:45:37.) — C:Windowssystem32DriversnetBT.sys [185856]
    [MD5.2C1121F2B87E9A6B12485DF53CD848C7] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.03/03/2013 – 20:07:52.) — C:Windowssystem32Driversntfs.sys [1082232]
    [MD5.8A79FDF04A73428597E2CAF9D0D67850] – (.Microsoft Corporation – Pilote de port parallèle.) (.19/01/2008 – 06:49:33.) — C:Windowssystem32DriversParport.sys [79360]
    [MD5.A214ADBAF4CB47DD2728859EF31F26B0] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.19/01/2008 – 06:56:34.) — C:Windowssystem32DriversRasl2tp.sys [76288]
    [MD5.E8BD98D46F2ED77132BA927FCCB47D8B] – (.Microsoft Corporation – Microsoft RDP Device redirector.) (.02/11/2006 – 10:03:00.) — C:Windowssystem32Driversrdpdr.sys [242688]
    [MD5.7B75299A4D201D6A6533603D6914AB04] – (.Microsoft Corporation – SMB Transport driver.) (.11/04/2009 – 05:45:22.) — C:Windowssystem32Driverssmb.sys [66560]
    [MD5.76B06EB8A01FC8624D699E7045303E54] – (.Microsoft Corporation – TDI Translation Driver.) (.11/04/2009 – 05:45:56.) — C:Windowssystem32Driverstdx.sys [72192]
    [MD5.786DB5771F05EF300390399F626BF30A] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.21/08/2012 – 12:47:42.) — C:Windowssystem32Driversvolsnap.sys [224640]
    ~ Generic Processes: Scanned in 00mn 03s

    —\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 1/16299
    ~ Mes Favoris (My Favorites) : 1/3
    ~ Mes Documents (My Documents) : 1/1401
    ~ Mon Bureau (My Desktop) : 1/5
    ~ Menu demarrer (Programs) : 1/23
    ~ Hidden Files: Scanned in 01mn 15s

    —\ Processus lancés
    [MD5.E3F7EC811923F3F1A77B185F22638E5E] – (.AVAST Software – avast! Service.) — C:Program FilesAlwil SoftwareAvast5AvastSvc.exe [50344] [PID.1712]
    [MD5.07AF92553C94A548C38BE54B6A668318] – (.AVAST Software – avast! Antivirus.) — C:Program FilesAlwil SoftwareAvast5AvastUI.exe [5225064] [PID.5828]
    [MD5.9927E906D7997D22E67E476710127070] – (.CybelSoft – Service de détection matériel.) — C:Program Filesma-config.comMaConfigAgent.exe [2117448] [PID.1832]
    [MD5.22A5AB0A62CFE32AA790C007E5BBBA63] – (.Mozilla Corporation – Firefox.) — C:Program FilesMozilla Firefoxfirefox.exe [338032] [PID.1408]
    [MD5.862BB4CBC05D80C5B45BE430E5EF872F] – (.Microsoft Corporation – Service de gestion des licences Microsoft.) — C:Windowssystem32SLsvc.exe [3408896] [PID.2928]
    [MD5.786840D3A66E08C99B617BEA4E30B5C0] – (.Adobe Systems, Inc. – Adobe Flash Player 16.0 r0.) — C:Windowssystem32MacromedFlashFlashPlayerPlugin_16_0_0_296.exe [1880752] [PID.2976]
    [MD5.7BEDD051B53821B040EAD42DB0724848] – (.Microsoft Corporation – Rapports de problèmes Windows.) — C:Windowssystem32WerFault.exe [217088] [PID.5696]
    [MD5.3C13F26A4766752314A5413038BD86B4] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program FilesMalwarebytes Anti-Malwarembam.exe [7229752] [PID.5324]
    [MD5.5F82D8188B370B0CF185D4AE2B9B4A0E] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program FilesMalwarebytes Anti-Malwarembamservice.exe [969016] [PID.5952]
    [MD5.0BB29DE40C9D9529793DCDB59A43CF5B] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program FilesMalwarebytes Anti-Malwarembamscheduler.exe [1871160] [PID.2620]
    [MD5.B2C418B16792E227BF6D18C7261ABCD9] – (.Nicolas Coolman – ZHPDiag.) — C:Program FilesZHPDiagZHPDiag.exe [8161792] [PID.3948]
    [MD5.30D24D69CAE9712D980410924102D376] – (.Mozilla Corporation – Plugin Container for Firefox.) — C:Program FilesMozilla Firefoxplugin-container.exe [243312] [PID.0]
    [MD5.6080A176D09435FC8E6E800996656E18] – (.Microsoft Corporation – Console IME.) — C:Windowssystem32conime.exe [69120] [PID.0]
    ~ Processes Running: Scanned in 00mn 04s

    —\ Internet Explorer, Proxy Management (R5)
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s

    —\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
    F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
    F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
    F2 – REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL “sysdm.cpl”
    ~ Keys: Scanned in 00mn 00s

    —\ Hosts file redirection (O1)
    ~ Le fichier hôte est sain (The hosts file is clean) (12490)
    ~ Hosts File: Scanned in 00mn 14s

    —\ Applications lancées au démarrage du système (O4)
    O4 – HKLM..Run: [IFXSPMGT] . (.Infineon Technologies AG – Security Platform Management Service.) — C:Windowssystem32ifxspmgt.exe
    O4 – HKLM..Run: [CognizanceTS] . (.Cognizance Corporation – Terminal Services Virtual Channel Client.) — C:Program FilesHewlett-PackardIAMBinASTSVCC.dll
    O4 – HKLM..Run: [SynTPEnh] . (.Synaptics Incorporated – Synaptics TouchPad Enhancements.) — C:Program FilesSynapticsSynTPSynTPEnh.exe
    O4 – HKLM..Run: [AvastUI.exe] . (.AVAST Software – avast! Antivirus.) — C:Program FilesAlwil SoftwareAvast5AvastUI.exe
    O4 – HKCU..Run: [StartCCC] . (…) — C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe
    O4 – HKUSS-1-5-19..Run: [Sidebar] . (.Microsoft Corporation – Volet Windows.) — C:Program FilesWindows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
    O4 – HKUSS-1-5-20..Run: [Sidebar] . (.Microsoft Corporation – Volet Windows.) — C:Program FilesWindows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-20..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
    O4 – HKUSS-1-5-21-3139695825-2709014530-1126645551-1012..Run: [StartCCC] . (…) — C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe
    ~ Application: Scanned in 00mn 01s

    —\ Boutons situés sur la barre d’outils principale d’Internet Explorer (O9)
    O9 – Extra button: Research – {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (…) — C:Program FilesMicrosoft OfficeOffice12REFBARH.ICO
    ~ IE Extra Buttons: Scanned in 00mn 00s

    —\ Objets ActiveX (Downloaded Program Files)(O16)
    O16 – DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} ((no name)) – http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab” onclick=”window.open(this.href);return false;
    O16 – DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) – http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab” onclick=”window.open(this.href);return false;
    ~ Objets ActiveX: Scanned in 00mn 00s

    —\ Modification Domaine/Adresses DNS (O17)
    O17 – HKLMSystemCCSServicesTcpip..{E85E4D8B-C877-4825-A7FB-13D85314CD71}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 – HKLMSystemCS1ServicesTcpip..{E85E4D8B-C877-4825-A7FB-13D85314CD71}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 – HKLMSystemCS2ServicesTcpip..{E85E4D8B-C877-4825-A7FB-13D85314CD71}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCS3ServicesTcpip..{E85E4D8B-C877-4825-A7FB-13D85314CD71}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.1 192.168.1.1
    ~ Domain: Scanned in 00mn 00s

    —\ Protocole additionnel (O18)
    O18 – Handler: vbscript – {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation – Visionneuse HTML Microsoft (R).) — C:Windowssystem32mshtml.dll =>.Microsoft Corporation
    O18 – Filter: text/xml – {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesCommon Filesmicrosoft sharedOFFICE12MSOXMLMF.dll =>.Microsoft Corporation
    ~ Protocole Additionnel: Scanned in 00mn 00s

    —\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
    O20 – AppInit_DLLs: . (.Bioscrypt Inc. – Application Protection Hook.) – C:WindowsSystem32APSHook.dll
    ~ AppInit DLL: Scanned in 00mn 00s

    —\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
    O22 – SharedTaskScheduler: Component Categories cache daemon – {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation – Bibliothèque de l’interface utilisateur du.) — C:WindowsSystem32browseui.dll
    ~ STS/SSO: Scanned in 00mn 00s

    —\ Enumération Active Desktop & MHTML Editor (O24)
    O24 – Desktop General: BackupWallPaper – .(…) – C:WindowsWebWallpaperimg24.jpg
    O24 – Desktop General: WallPaper – .(…) – C:WindowsWebWallpaperimg24.jpg
    ~ Desktop Component: 4 Legitimates Filtered in 00mn 00s

    —\ Enumère les données de BootExecute (BEX) (O34)
    O34 – HKLM BootExecute: (autocheck autochk /p ??C:) – File not found
    ~ BEX: 2 Legitimates Filtered in 00mn 00s

    —\ Tâches planifiées en automatique (O39)
    [MD5.00000000000000000000000000000000] [APT] [{0BBAC53D-3D54-4B40-A679-601425120164}] (…) — C:UsersMarsupioAutresDesktopdxb2game125.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{1033E394-75A5-4611-AA1B-6CB9E68BD444}] (…) — C:UsersMarsupioDownloadsRegCleaner(2).exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{19D65D3A-AAD5-4B6D-BB4E-A3B72722D2D7}] (…) — C:UsersMarsupioPicturesRAG_SETUP0329_.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{216D18AC-1BA1-4B6D-8721-F3679AE067EE}] (…) — D:AOEINST.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{805D25F7-8287-4219-95DE-0F8F20462EFC}] (…) — C:UsersMarsupioDocumentsAppPVMsetup.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{80BE76C5-1256-415A-B469-176D1CCEF909}] (…) — C:UsersMarsupioDownloadseMule0.50a-Installer.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{BE03CEFB-161D-4D34-BA48-4223394B87F4}] (…) — C:UsersMarsupioDownloadsjeu-214-timINSTALL.PIF -d C:UsersMarsupioDownloadsjeu-214-tim (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{E53B5CA9-55FC-42AC-BA2A-3D10F7F80B84}] (…) — C:UsersMarsupioDesktopXvid.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{EAC87943-0BA0-4037-B098-553310B33C3F}] (…) — C:UsersMarsupioDownloadsjeu-214-timINSTALL.PIF -d C:UsersMarsupioDownloadsjeu-214-tim (.not file.) [0]
    O39 – APT: – (..) — C:WindowsSystem32TasksAdobe Flash Player Updater [1002]
    O39 – APT: – (..) — C:WindowsSystem32TasksGoogleUpdateTaskMachineCore [1052]
    O39 – APT: – (..) — C:WindowsSystem32TasksGoogleUpdateTaskMachineUA [1056]
    ~ Scheduled Task: 29 Legitimates Filtered in 00mn 12s

    —\ HKCU & HKLM Software Keys
    [HKLMSoftware685D6D1C-D73A-4F37-B7E5E53660311DDB]
    [HKLMSoftwareSOSVirus]
    ~ Key Software: 190 Legitimates Filtered in 00mn 01s

    —\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 – CFD: 21/09/2008 – 09:36:51 – [] —-D C:Program FilesRdDrv001
    O43 – CFD: 02/09/2009 – 20:51:21 – [] —-D C:Program FilesReader
    O43 – CFD: 02/09/2009 – 20:51:20 – [] —-D C:Program FilesResource
    O43 – CFD: 02/03/2013 – 16:47:35 – [0] -SH-D C:ProgramData{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
    O43 – CFD: 07/04/2010 – 23:32:39 – [0] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsMulti Virus Cleaner 2009
    ~ Program Folder: 199 Legitimates Filtered in 00mn 02s

    —\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 – LFC:[MD5.14D9A057A082E00116A7A4415051D07C] – 24/01/2015 – 19:31:57 —A- . (…) — C:WindowsSystem32WFP.TMF [218228]
    O44 – LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] – 24/01/2015 – 21:26:57


    . (…) — C:ntuser.dat.LOG2 [0]
    O44 – LFC:[MD5.D2CD870033DC7152505318B2CBEE15BA] – 24/01/2015 – 21:26:58


    . (…) — C:ntuser.dat.LOG1 [5120]
    O44 – LFC:[MD5.CA16936EF259DE1ECB4AE7811C6BC2B6] – 24/01/2015 – 21:26:58


    . (…) — C:ntuser.dat{2257f125-a405-11e4-b0ae-001a73880f5c}.TM.blf [65536]
    O44 – LFC:[MD5.9E4555F1C947508463B31755CFA53FC2] – 24/01/2015 – 21:26:58


    . (…) — C:ntuser.dat{2257f125-a405-11e4-b0ae-001a73880f5c}.TMContainer00000000000000000001.regtrans-ms [524288]
    O44 – LFC:[MD5.59071590099D21DD439896592338BF95] – 24/01/2015 – 21:26:58


    . (…) — C:ntuser.dat{2257f125-a405-11e4-b0ae-001a73880f5c}.TMContainer00000000000000000002.regtrans-ms [524288]
    O44 – LFC:[MD5.42D95FC1B8B3DF4F7EB42E88D1F29DEB] – 24/01/2015 – 21:26:58 —A- . (…) — C:ntuser.dat [262144]
    O44 – LFC:[MD5.9D23DE88C3B18BA87CD4587177CA6CEA] – 25/01/2015 – 09:44:36 —A- . (…) — C:WindowsSystem32DriversaswHwid.sys [24184]
    O44 – LFC:[MD5.DB87ABB8E2A12663DE5AAD95D605C0DC] – 25/01/2015 – 11:59:43 —A- . (…) — C:WindowsSystem32oem48.inf [613308]
    O44 – LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] – 25/01/2015 – 12:16:36 —A- . (…) — C:Windowsativpsrm.bin [0]
    O44 – LFC:[MD5.A3338C3E9CD68C91653510FF17FFCD1D] – 25/01/2015 – 15:44:18 —A- . (…) — C:WindowsSMinstall.log [5818]
    ~ Files: 161 Legitimates Filtered in 01mn 01s

    —\ Déni du service (Local Security Authority) (O48)
    O48 – LSA:Local Security Authority Notification Packages . (…) — C:WindowsSystem32SbHpNp.dll
    ~ LSA: 9 Legitimates Filtered in 00mn 00s

    —\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
    O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
    ~ MWPS: 17 Legitimates Filtered in 00mn 00s

    —\ Liste des pilotes du système (SDL) (O58)
    O58 – SDL:25/01/2015 – 09:44:36 —A- . (…) — C:WindowsSystem32DriversaswHwid.sys [24184] =>.ALWIL Software
    O58 – SDL:25/01/2015 – 09:44:36 —A- . (…) — C:WindowsSystem32DriversaswRvrt.sys [49944] =>.ALWIL Software
    O58 – SDL:25/01/2015 – 09:44:36 —A- . (…) — C:WindowsSystem32DriversaswVmm.sys [206248] =>.ALWIL Software
    O58 – SDL:02/11/2006 – 10:51:34 —A- . (.Emulex – Storport Miniport Driver for LightPulse HBAs.) — C:WindowsSystem32Driverselxstor.sys [316520]
    O58 – SDL:02/11/2006 – 10:50:07 —A- . (.Integrated Technology Express, Inc. – ITE IT8211 ATA/ATAPI SCSI miniport.) — C:WindowsSystem32Driversiteatapi.sys [35944]
    O58 – SDL:02/11/2006 – 10:50:09 —A- . (.Integrated Technology Express, Inc. – ITE IT8212 ATA RAID SCSI miniport.) — C:WindowsSystem32Driversiteraid.sys [35944]
    O58 – SDL:02/01/1601 – 23:00:00 —A- . (…) — C:WindowsSystem32DriversSafeBoot.sys [100095]
    O58 – SDL:09/10/2006 – 12:31:46 —A- . (.SafeBoot N.V. – SafeBoot FIPS AES Algorithm (256 bit).) — C:WindowsSystem32DriversSbAlg.sys [44720]
    O58 – SDL:19/01/2007 – 16:14:50 —A- . (.PixArt Imaging Inc. – SPC610NC.) — C:WindowsSystem32DriversSPC610NC.SYS [409728]
    O58 – SDL:02/11/2006 – 10:51:25 —A- . (.ULi Electronics Inc. – ULi SATA Controller Driver.) — C:WindowsSystem32Driversuliahci.sys [235112]
    O58 – SDL:02/11/2006 – 10:50:35 —A- . (.Promise Technology, Inc. – Promise Ultra/Sata Series Driver for Win2003.) — C:WindowsSystem32Driversulsata.sys [98408]
    O58 – SDL:02/11/2006 – 10:50:45 —A- . (.Promise Technology, Inc. – Promise SATAII150 Series Windows Drivers.) — C:WindowsSystem32Driversulsata2.sys [115816]
    O58 – SDL:02/11/2006 – 08:09:42 —A- . (…) — C:WindowsSystem32ANSI.SYS [9029]
    O58 – SDL:02/11/2006 – 08:09:45 —A- . (…) — C:WindowsSystem32country.sys [27097]
    O58 – SDL:02/11/2006 – 08:09:41 —A- . (…) — C:WindowsSystem32HIMEM.SYS [4768]
    O58 – SDL:02/11/2006 – 08:09:44 —A- . (…) — C:WindowsSystem32KEY01.SYS [42809]
    O58 – SDL:02/11/2006 – 08:09:44 —A- . (…) — C:WindowsSystem32KEYBOARD.SYS [42537]
    O58 – SDL:02/11/2006 – 08:09:29 —A- . (…) — C:WindowsSystem32NTDOS.SYS [27866]
    O58 – SDL:02/11/2006 – 08:09:35 —A- . (…) — C:WindowsSystem32NTDOS404.SYS [29146]
    O58 – SDL:02/11/2006 – 08:09:38 —A- . (…) — C:WindowsSystem32NTDOS411.SYS [29370]
    O58 – SDL:02/11/2006 – 08:09:40 —A- . (…) — C:WindowsSystem32NTDOS412.SYS [29274]
    O58 – SDL:02/11/2006 – 08:09:31 —A- . (…) — C:WindowsSystem32NTDOS804.SYS [29146]
    O58 – SDL:02/11/2006 – 08:09:20 —A- . (…) — C:WindowsSystem32NTIO.SYS [33952]
    O58 – SDL:02/11/2006 – 08:09:23 —A- . (…) — C:WindowsSystem32NTIO404.SYS [34672]
    O58 – SDL:02/11/2006 – 08:09:24 —A- . (…) — C:WindowsSystem32NTIO411.SYS [35776]
    O58 – SDL:02/11/2006 – 08:09:26 —A- . (…) — C:WindowsSystem32NTIO412.SYS [35536]
    O58 – SDL:02/11/2006 – 08:09:22 —A- . (…) — C:WindowsSystem32NTIO804.SYS [34672]
    ~ Drivers: 98 Legitimates Filtered in 00mn 29s

    —\ Liste des outils de désinfection (LATC) (O63)
    O63 – Logiciel: UsbFix – (.El Desaparecido – http://www.usbfix.nethttp://www.sosvirus.net.) [HKLM] — Usbfix
    O63 – Logiciel: ZHPDiag 2015 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
    ~ ADS: Scanned in 00mn 00s

    —\ Liste les services legacy du registre (LALS) (O64)
    O64 – Services: CurCS – 25/01/2015 – C:Windowssystem32driversaswHwid.sys (aswHwid) .(…) – LEGACY_ASWHWID
    ~ Legacy: 89 Legitimates Filtered in 00mn 11s

    —\ Menu de démarrage Internet (SMI) (O68)
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Mozilla Corporation – Firefox.) — C:Program FilesMozilla Firefoxfirefox.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
    SS – | Auto 27/07/2012 63960 | (AdobeARMservice) . (.Adobe Systems Incorporated.) – C:Program FilesCommon FilesAdobeARM1.0armsvc.exe
    SS – | Demand 25/01/2015 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) – C:Windowssystem32MacromedFlashFlashPlayerUpdateService.exe
    SS – | Auto 06/02/2007 69632 | (AEADIFilters) . (.Andrea Electronics Corporation.) – C:WindowsSystem32AEADISRV.exe
    SS – | Auto 13/12/2006 9216 | (AgereModemAudio) . (.Agere Systems.) – C:Windowssystem32agrsmsvc.exe
    SS – | Auto 11/02/2010 733184 | (Ati External Event Utility) . (.ATI Technologies Inc..) – C:WindowsSystem32Ati2evxx.exe
    SS – | Demand 12/01/2010 227896 | (Com4QLBEx) . (.Hewlett-Packard Development Company, L.P..) – C:Program FilesHewlett-PackardHP Quick Launch ButtonsCom4QLBEx.exe
    SS – | Auto 24/01/2015 107912 | (gupdate) . (.Google Inc..) – C:Program FilesGoogleUpdateGoogleUpdate.exe
    SS – | Demand 24/01/2015 107912 | (gupdatem) . (.Google Inc..) – C:Program FilesGoogleUpdateGoogleUpdate.exe
    SS – | Auto 22/04/2007 221184 | (HpFkCryptService) . (.SafeBoot International.) – C:Program FilesHewlett-PackardDrive EncryptionHpFkCrypt.exe
    SS – | Demand 30/04/2009 229944 | (hpqwmiex) . (.Hewlett-Packard Development Company, L.P..) – C:Program FilesHewlett-PackardSharedhpqwmiex.exe
    SS – | Auto 13/05/2011 26168 | (hpsrv) . (.Hewlett-Packard Company.) – C:WindowsSystem32Hpservice.exe
    SS – | Demand 04/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) – C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
    SS – | Auto 23/05/2007 677408 | (IFXSpMgtSrv) . (.Infineon Technologies AG.) – C:Windowssystem32ifxspmgt.exe
    SS – | Auto 23/05/2007 853536 | (IFXTCS) . (.Infineon Technologies AG.) – C:Windowssystem32ifxtcs.exe
    SS – | Demand 09/01/2015 114800 | (MozillaMaintenance) . (.Mozilla Foundation.) – C:Program FilesMozilla Maintenance Servicemaintenanceservice.exe
    SS – | Auto 18/04/2007 140832 | (PersonalSecureDriveService) . (.Infineon Technologies AG.) – C:Windowssystem32IfxPsdSv.exe
    SS – | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) – C:Program FilesSkypeUpdaterUpdater.exe
    SS – | Auto 04/12/2006 292384 | (SWIHPWMI) . (.Sierra Wireless Inc..) – C:Program FilesHPQSharedSierra WirelessWin32UnicodeSWIHPWMI.exe
    SR – | Auto 19/01/2008 21504 | C:Program FilesHewlett-PackardIAMBinASWLNPkg.dll (ASBroker) . (.Cognizance Corporation.) – C:WindowsSystem32svchost.exe
    SR – | Auto 19/01/2008 21504 | C:Program FilesHewlett-PackardIAMBinASChnl.dll (ASChannel) . (.Cognizance Corporation.) – C:WindowsSystem32svchost.exe
    SR – | Auto 25/01/2015 50344 | (avast! Antivirus) . (.AVAST Software.) – C:Program FilesAlwil SoftwareAvast5AvastSvc.exe
    SR – | Auto 15/10/2014 2117448 | (MaConfigAgent) . (.CybelSoft.) – C:Program Filesma-config.comMaConfigAgent.exe
    SR – | Auto 21/11/2014 1871160 | (MBAMScheduler) . (.Malwarebytes Corporation.) – C:Program FilesMalwarebytes Anti-Malwarembamscheduler.exe
    SR – | Auto 21/11/2014 969016 | (MBAMService) . (.Malwarebytes Corporation.) – C:Program FilesMalwarebytes Anti-Malwarembamservice.exe
    SR – | Auto 19/01/2008 21504 | C:Program FilesWindows Defendermpsvc.dll (WinDefend) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    SR – | Auto 19/01/2008 21504 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    ~ Services: Scanned in 00mn 27s

    —\ Scan Additionnel (O88)
    Database Version : 13008 – (24/01/2015)
    Clés trouvées (Keys found) : 0
    Valeurs trouvées (Values found) : 0
    Dossiers trouvés (Folders found) : 0
    Fichiers trouvés (Files found) : 0

    ~ Additionnel Scan: 268761 Items scanned in 01mn 39s

    —\ Informations complémentaires sur les modules
    ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/” onclick=”window.open(this.href);return false; =>.Internet Explorer, Proxy Management (R5)
    ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/” onclick=”window.open(this.href);return false; =>.Applications lancées au démarrage du système (O4)
    ~ AMI: 2 Legitimates Filtered in 00mn 00s

    ~ 942 Legitimates filtered by white list
    End of the scan (390 lines in 07mn 30s)(0)

  • g3n-h@ckm@n
    Admin bbPress
    Nombre d'articles : 8323

    ca l’air propre à priori

Le sujet ‘Contrôle Virus USBFix’ est fermé à de nouvelles réponses.