Répondre à : Rapport USB Fix 2016-09-08T13:41:33+00:00
Marin de Jenlis
Participant
Nombre d'articles : 8

:content32: Re-Bonsoir,
voici maintenant le rapport de ZHPdiag:

Spoiler for 35ldtr3f

Rapport de ZHPDiag v2013.5.29.157 par Nicolas Coolman, Update du 29/05/2013
Run by X at 29/05/2013 21:15:22
WebSite: http://nicolascoolman.webs.com” onclick=”window.open(this.href);return false;
State :
WhiteList : Enable
High Elevated Privileges : OK
UAC : Activate by user

—\ Web Browser
MSIE: Internet Explorer v10.0.9200.16576
MFIE: Mozilla Firefox 21.0 (Defaut)
GCIE: Google Chrome v27.0.1453.94

—\ Windows Product Information
~ Langage: Français
Windows 7 Business Edition, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 733WD
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

—\ System Protection
avast! Free Antivirus v8.0.1489.0
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7

—\ System Optimizer
CCleaner v3.11 =>Piriform Ltd

—\ Peer To Peer (P2P)

—\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader X

—\ System Information
~ Processor: x86 Family 15 Model 4 Stepping 1, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2046 MB (51% free)
System Restore: Activé (Enable)
System drive C: has 872 GB (93%) free of 931 GB

—\ Logged in mode
~ Computer Name: X-PC
~ User Name: X
~ All Users Names: X, HomeGroupUser$, Administrateur, admin,
~ Unselected Option: None
Logged in as Administrator

—\ Environnement Variables
~ System Unit : C:
~ %AppData% : C:UsersXAppDataRoaming
~ %Desktop% : C:UsersXDesktop
~ %Favorites% : C:UsersXFavorites
~ %LocalAppData% : C:UsersXAppDataLocal
~ %StartMenu% : C:UsersXAppDataRoamingMicrosoftWindowsStart Menu
~ %Windir% : C:Windows
~ %System% : C:WindowsSystem32

—\ DOS/Devices
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 872 Go of 931 Go)
D: CD-ROM drive (Not Inserted)
E: Floppy drive, Flash card reader, USB Key (Free 1 Go of 2 Go)

—\ Security Center & Tools Informations
~ Security Center: 35 Legitimates Filtered in 00mn 00s

—\ Recherche particulière de fichiers génériques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] – (.Microsoft Corporation – Explorateur Windows.) (.25/02/2011 – 06:30:54.) — C:WindowsExplorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] – (.Microsoft Corporation – Application de démarrage de Windows.) (.14/07/2009 – 02:14:45.) — C:WindowsSystem32Wininit.exe [96256]
[MD5.5ABB3F36AF17007F33FA275E96A2C95E] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.05/04/2013 – 06:28:24.) — C:WindowsSystem32wininet.dll [1767424]
[MD5.6D13E1406F50C66E2A95D97F22C47560] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.20/11/2010 – 13:17:54.) — C:WindowsSystem32Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] – (.Microsoft Corporation – Bibliothèque de licences.) (.20/11/2010 – 13:21:24.) — C:WindowsSystem32sppcomapi.dll [193536]
[MD5.9EBBBA55060F786F0FCAA3893BFA2806] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.25/04/2011 – 03:18:03.) — C:Windowssystem32DriversAFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.14/07/2009 – 02:26:15.) — C:Windowssystem32Driversatapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] – (.Microsoft Corporation – CD-ROM File System Driver.) (.14/07/2009 – 00:11:15.) — C:Windowssystem32DriversCdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.20/11/2010 – 09:38:10.) — C:Windowssystem32DriversCdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.20/11/2010 – 09:42:32.) — C:Windowssystem32DriversDfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.20/11/2010 – 10:59:29.) — C:Windowssystem32DriversHDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] – (.Microsoft Corporation – Pilote de port i8042.) (.14/07/2009 – 00:11:24.) — C:Windowssystem32Driversi8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] – (.Microsoft Corporation – IP Network Address Translator.) (.14/07/2009 – 00:54:29.) — C:Windowssystem32DriversIpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.27/04/2011 – 03:17:22.) — C:Windowssystem32DriversMRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] – (.Microsoft Corporation – MBT Transport driver.) (.20/11/2010 – 09:39:44.) — C:Windowssystem32DriversnetBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.12/04/2013 – 14:45:29.) — C:Windowssystem32Driversntfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] – (.Microsoft Corporation – Pilote de port parallèle.) (.14/07/2009 – 00:45:35.) — C:Windowssystem32DriversParport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.14/07/2009 – 00:54:34.) — C:Windowssystem32DriversRasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] – (.Microsoft Corporation – Microsoft RDP Device redirector.) (.20/11/2010 – 11:24:46.) — C:Windowssystem32Driversrdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] – (.Microsoft Corporation – SMB Transport driver.) (.14/07/2009 – 00:53:41.) — C:Windowssystem32Driverssmb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] – (.Microsoft Corporation – TDI Translation Driver.) (.20/11/2010 – 09:39:17.) — C:Windowssystem32Driverstdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.20/11/2010 – 13:30:16.) — C:Windowssystem32Driversvolsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s

—\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/4
~ Mes musiques (My Musics) : 1/217
~ Mes Videos (My Videos) : 2/6
~ Mes Favoris (My Favorites) : 1/27
~ Mes Documents (My Documents) : 2/2530
~ Mon Bureau (My Desktop) : 1/6
~ Menu demarrer (Programs) : 1/26
~ Hidden Files: Scanned in 00mn 05s

—\ Processus lancés
[MD5.D1D5DAB39DCB4BE0359943738D87409B] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program FilesMalwarebytes' Anti-Malwarembamgui.exe [532040] [PID.3052]
[MD5.3F11B20D12D89365D7721BDC860CE5F0] – (.AVAST Software – avast! Antivirus.) — C:Program FilesAVAST SoftwareAvastAvastUI.exe [4858968] [PID.3892]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] – (.Google Inc. – GoogleToolbarNotifier.) — C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [39408] [PID.3972]
[MD5.95110A1C5A1D228AC1DDF6AB67D00BEB] – (.Mozilla Corporation – Firefox.) — C:Program FilesMozilla Firefoxfirefox.exe [920472] [PID.2444]
[MD5.6FC79A950476A5F539EEB65F9097C0A8] – (.Mozilla Corporation – Plugin Container for Firefox.) — C:Program FilesMozilla Firefoxplugin-container.exe [17304] [PID.2824]
[MD5.23AA0FDCBDD87D0B78092798C68312D8] – (.Adobe Systems, Inc. – Adobe Flash Player 11.7 r700.) — C:Windowssystem32MacromedFlashFlashPlayerPlugin_11_7_700_202.exe [1855880] [PID.3280]
[MD5.51C392EC9DA1119EC86D562FF3E7344F] – (.Google Inc. – Google Chrome.) — C:UsersXAppDataLocalGoogleChromeApplicationchrome.exe [825808] [PID.2364]
[MD5.68B8D980999DC76367F23F390E8D9E35] – (.Nicolas Coolman – ZHPDiag.) — C:Program FilesZHPDiagZHPDiag.exe [7417344] [PID.3916]
~ Processes Running: Scanned in 00mn 00s

—\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:UsersXAppDataLocalGoogleChromeUser DataDefaultPreferences
~ Google Browser: 5 Legitimates Filtered in 00mn 00s

—\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:UsersXAppDataRoamingMozillaFirefoxProfilesfjtcda5g.defaultprefs.js
M2 – MFEP: prefs.js [X – fjtcda5g.default{377e5d4d-77e5-476a-8716-7e70a9272da0}] [] Search-Results Toolbar v1.2.0.0 (..)
~ Firefox Browser: 12 Legitimates Filtered in 00mn 00s

—\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R3 – URLSearchHook: Microsoft Url Search Hook – {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. – Google Update.) (No version) — (.not file.)
~ IE Browser: 13 Legitimates Filtered in 00mn 00s

—\ Internet Explorer, Proxy Management (R5)
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

—\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
F2 – REG:system.ini: USERINIT=C:Windowssystem32Userinit.exe,
F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

—\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21

—\ Internet Explorer Toolbars (O3)
O3 – Toolbar: avast! WebRep – [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software – IE Webrep plugin.) — C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll
O3 – Toolbar: Google Toolbar – [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. – Google Toolbar.) — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll
~ Toolbar: Scanned in 00mn 00s

—\ Applications démarrées par registre & par dossier (O4)
O4 – HKLM..Run: [avast] . (.AVAST Software – avast! Antivirus.) — C:Program FilesAVAST SoftwareAvastavastUI.exe
O4 – HKCU..Run: [swg] . (.Google Inc. – GoogleToolbarNotifier.) — C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 – HKCU..Run: [Google Update] . (.Google Inc. – Programme d'installation de Google.) — C:UsersXAppDataLocalGoogleUpdateGoogleUpdate.exe
O4 – HKUSS-1-5-19..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program FilesWindows SidebarSidebar.exe
O4 – HKUSS-1-5-20..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program FilesWindows SidebarSidebar.exe
O4 – HKUSS-1-5-18..RunOnce: [SPReview] . (.Microsoft Corporation – SP Reviewer.) — C:WindowsSystem32SPReviewSPReview.exe
O4 – HKUSS-1-5-19..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe
O4 – HKUSS-1-5-20..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe
O4 – HKUSS-1-5-21-3862933100-3330345726-1716122809-1000..Run: [swg] . (.Google Inc. – GoogleToolbarNotifier.) — C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 – HKUSS-1-5-21-3862933100-3330345726-1716122809-1000..Run: [Google Update] . (.Google Inc. – Programme d'installation de Google.) — C:UsersXAppDataLocalGoogleUpdateGoogleUpdate.exe
~ Application: Scanned in 00mn 00s

—\ Autres liens utilisateurs (O4)
O4 – GSTaskBar: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:UsersXAppDataLocalGoogleChromeApplicationchrome.exe
O4 – GSTaskBar: Mozilla Firefox.lnk . (.Mozilla Corporation – Firefox.) — C:Program FilesMozilla Firefoxfirefox.exe
O4 – GSTaskBar: Windows Explorer.lnk . (.Microsoft Corporation – Explorateur Windows.) — C:Windowsexplorer.exe
O4 – GSTaskBar: Windows Media Player.lnk . (.Microsoft Corporation – Lecteur Windows Media.) — C:Program FilesWindows Media Playerwmplayer.exe
O4 – GSPrograms: Gmail.lnk . (.Google Inc. – Google Chrome.) — C:UsersXAppDataLocalGoogleChromeApplicationchrome.exe http://mail.google.com” onclick=”window.open(this.href);return false;
O4 – GSPrograms: Internet Explorer.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
O4 – GSPrograms: Microsoft SkyDrive.lnk . (.Microsoft Corporation – Microsoft SkyDrive.) — C:UsersXAppDataLocalMicrosoftSkyDriveSkyDrive.exe
O4 – GSQuickLaunch: Belarc Advisor.lnk . (.Belarc, Inc. – Belarc Advisor Computer Inventory.) — C:Program FilesBelarcAdvisorBelarcAdvisor.exe
O4 – GSQuickLaunch: DeepBurner.lnk . (.Astonsoft – CD/DVD recording software.) — C:Program FilesAstonsoftDeepBurnerDeepBurner.exe
O4 – GSQuickLaunch: iLivid.lnk . (…) — C:UsersXAppDataLocaliLividiLivid.exe (.not file.) =>Adware.Bandoo
O4 – GSQuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
O4 – GSAccessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
O4 – GSAccessories: Private Character Editor.lnk . (.Microsoft Corporation – Éditeur de caractères privés.) — C:Windowssystem32eudcedit.exe
O4 – GSSendTo: Fax Recipient.lnk . (.Microsoft Corporation – Microsoft Windows Fax and Scan.) — C:Windowssystem32WFS.exe
O4 – GSDesktop: DeepBurner.lnk . (.Astonsoft – CD/DVD recording software.) — C:Program FilesAstonsoftDeepBurnerDeepBurner.exe
O4 – Global Startup: C:UsersXDesktopGmail.url . (.Astonsoft – CD/DVD recording software.) — C:UsersXDesktopGmail.url
O4 – GSDesktop: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:UsersXAppDataLocalGoogleChromeApplicationchrome.exe
O4 – GSDesktop: Internet Explorer.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
O4 – GSDesktop: PhotoFiltre.lnk . (.Antonio Da Cruz – PhotoFiltre.) — C:Program FilesPhotoFiltrephotofiltre.exe
O4 – GSTaskBar: Internet Explorer.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
O4 – GSDesktop: avast! Free Antivirus.lnk . (.AVAST Software – avast! Antivirus.) — C:Program FilesAVAST SoftwareAvastAvastUI.exe
~ Global Startup: Scanned in 00mn 00s

—\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 – Extra button: @C:Program FilesWindows LiveWriterWindowsLiveWriterShortcuts.dll,-1003 – {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation – Windows Live Writer Blog This Extension.) — C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
~ IE Extra Buttons: Scanned in 00mn 00s

—\ Objets ActiveX (Downloaded Program Files)(O16)
O16 – DPF: {166B1BCA-3F9C-11CF-8075-444553540000} ((no name)) – http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab” onclick=”window.open(this.href);return false;
~ Objets ActiveX: Scanned in 00mn 00s

—\ Modification Domaine/Adresses DNS (O17)
O17 – HKLMSystemCCSServicesTcpip..{2E71E04A-8E2B-4694-8AB1-A574541862FA}: DhcpNameServer = 192.168.1.1
O17 – HKLMSystemCS2ServicesTcpip..{2E71E04A-8E2B-4694-8AB1-A574541862FA}: DhcpNameServer = 192.168.1.1
O17 – HKLMSystemCS3ServicesTcpip..{2E71E04A-8E2B-4694-8AB1-A574541862FA}: DhcpNameServer = 192.168.1.1
O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s

—\ Protocole additionnel (O18)
O18 – Handler: wlpg – {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation – Photo Gallery Album Download Protocol Handl.) — C:Program FilesWindows LivePhoto GalleryAlbumDownloadProtocolHandler.dll
O18 – Filter: application/x-msdownload – {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation – Microsoft .NET Runtime Execution Engine.) — C:WindowsSystem32mscoree.dll
~ Protocole Additionnel: Scanned in 00mn 00s

—\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 – AppInit_DLLs: . (…) – C:Program FilesWincertWIN32C~1.dll (.not file.)
~ AppInit DLL: Scanned in 00mn 00s

—\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [{12399717-9D93-4B23-9124-24458ACDC472}] (…) — D:AUTORUN.exe (.not file.) [0]
~ Scheduled Task: 14 Legitimates Filtered in 00mn 05s

—\ Logiciels installés (O42)
O42 – Logiciel: Search-Results Toolbar – (.APN LLC.) [HKLM] — ilividtoolbargaw =>Adware.Bandoo
~ Logic: 51 Legitimates Filtered in 00mn 00s

—\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 – CFD: 22/05/2013 – 18:14:15 – [0,008] —-D C:ProgramDataDatamngr =>PUP.Datamngr
~ Program Folder: 103 Legitimates Filtered in 00mn 23s

—\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 – LFC:[MD5.55B24A60565E8AB49954F8F0AC5E4161] – 29/05/2013 – 20:03:11 —A- . (…) — C:WindowsDeleteOnReboot.bat [471]
O44 – LFC:[MD5.1450FA1E7F856B6628E66DF32BE57E75] – 24/05/2013 – 20:29:24 —A- . (…) — C:Windowsntbtlog.txt [69880]
O44 – LFC:[MD5.C519EF6094DF803F67BA98409DD65BA9] – 24/05/2013 – 20:21:27 —A- . (…) — C:UsbFix [Clean 3] X-PC.txt [4945]
O44 – LFC:[MD5.EB8406893BD99CE870EDD849C3E9F216] – 23/05/2013 – 20:49:12


. (…) — C:UsbFix [Clean 2] X-PC.txt [3257]
O44 – LFC:[MD5.C71A614E1A1CA5BC9850BC41F4162AB0] – 23/05/2013 – 20:15:14


. (…) — C:UsbFix [Clean 1] X-PC.txt [3561]
O44 – LFC:[MD5.03989CEF0574D5D0BF8B9E486FE2943C] – 23/05/2013 – 20:12:16


. (…) — C:UsbFix [Scan 1] X-PC.txt [4894]
~ Files: 51 Legitimates Filtered in 00mn 25s

—\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 – LFCP:[MD5.8DB52C8562899C9F0CAAB30F9AFE2B41] – 21/05/2013 – 17:58:43 —A- – C:WindowsPrefetchNSED4D.TMP-74744ED8.pf
O45 – LFCP:[MD5.B6E716F3807FF514B489BDD35E4402F7] – 22/05/2013 – 14:34:01 —A- – C:WindowsPrefetchDATAMNGRCOORDINATOR.EXE-504738C9.pf =>PUP.Datamngr
O45 – LFCP:[MD5.4D00ADC83B973B47F0449823FCE52A49] – 22/05/2013 – 16:48:38 —A- – C:WindowsPrefetchDATAMNGRUI.EXE-62AADE7B.pf =>PUP.Datamngr
O45 – LFCP:[MD5.AAA6F07D8B1EC54925C779AF7B65579C] – 22/05/2013 – 20:25:38 —A- – C:WindowsPrefetch27.0.1453.93_26.0.1410.64_CHR-EB7061D8.pf
O45 – LFCP:[MD5.229B9A7AA69D43ADCFDA69195B5179A2] – 24/05/2013 – 20:10:58 —A- – C:WindowsPrefetchUSBFIX(1).EXE-2A35F54B.pf
O45 – LFCP:[MD5.5AAEC362C04637B5C92F71AB022B21D0] – 24/05/2013 – 20:11:13 —A- – C:WindowsPrefetchGO.EXE-0A7DE786.pf
O45 – LFCP:[MD5.65A2AB4DF7FF50C34A453438E320DA4B] – 26/05/2013 – 12:17:56 —A- – C:WindowsPrefetch27.0.1453.94_27.0.1453.93_CHR-47552E5C.pf
~ Prefetcher: 140 Legitimates Filtered in 00mn 01s

—\ Microsoft Windows Policies System (O55)
O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s

—\ Liste des Drivers Système (O58)
O58 – SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] – 14/07/2009 – 02:26:15 —A- . (.Adaptec, Inc. – Adaptec Windows SAS/SATA Storport Driver.) — C:WindowsSystem32Driversadp94xx.sys [422976]
O58 – SDL:[MD5.8AAD333C876590293F72B315E162BCC7] – 13/07/2009 – 22:40:41 —A- . (…) — C:WindowsSystem32ANSI.SYS [9029]
~ Drivers: Scanned in 00mn 00s

—\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 – LFC: 29/05/2013 – 19:43:59 -SHA- C:UsersXDocumentsFilm 1000 oiseauxSupprimerThumbs.db [774144]
O61 – LFC: 29/05/2013 – 19:44:24 -SHA- C:UsersXDocumentsNoces d'or au Mont Saint-MichelTofThumbs.db [1562624]
O61 – LFC: 29/05/2013 – 19:44:25 -SHA- C:UsersXDocumentsNoces d'or au Mont Saint-MichelVidéosThumbs.db [1269760]
O61 – LFC: 29/05/2013 – 19:44:28 -SHA- C:UsersXDocumentsNoces d'or au Mont Saint-MichelThumbs.db [18432]
O61 – LFC: 29/05/2013 – 20:15:26 —A- C:UsersXAppDataLocalGoogleChromeUser DataLocal State [42721]
~ Files: 70 Legitimates Filtered in 01mn 18s

—\ Liste des outils de nettoyage (O63)
O63 – Logiciel: UsbFix By El Desaparecido – (.El Desaparecido – SosVirus.org.) [HKLM] — Usbfix
O63 – Logiciel: ZHPDiag 2013 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1
~ ADS: Scanned in 00mn 00s

—\ Start Menu Internet (O68)
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Mozilla Corporation – Firefox.) — C:Program FilesMozilla Firefoxfirefox.exe
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Google Inc. – Google Chrome.) — C:UsersXAppDataLocalGoogleChromeApplicationchrome.exe
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (…) — C:UsersXAppDataLocalGoogleChromeApplicationold_chrome.exe (.not file.)
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
~ Keys: Scanned in 00mn 00s

—\ Search Browser Infection (O69)
O69 – SBI: SearchScopes [HKCU] ${searchCLSID} – (@ieframe.dll,-12512) – http://search.live.com” onclick=”window.open(this.href);return false;
O69 – SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} – (Bing) – http://www.bing.com” onclick=”window.open(this.href);return false;
O69 – SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] – (Google) – http://www.google.com” onclick=”window.open(this.href);return false;
~ Keys: Scanned in 00mn 00s

—\ Firewall Active Exception List (FirewallRules) (O87)
O87 – FAEL: “{587863B1-E6DD-4922-B105-E51B53C26DBC}” |In – Private – P6 – TRUE | .(…) — C:Program FilesSearch Results ToolbarDatamngrSRTOOL~1dtUser.exe (.not file.) =>Adware.IMBooster
O87 – FAEL: “{A5F73054-A221-414E-8D15-9CCA61038DEB}” |In – Private – P17 – TRUE | .(…) — C:Program FilesSearch Results ToolbarDatamngrSRTOOL~1dtUser.exe (.not file.) =>Adware.IMBooster
~ Firewall: 208 Legitimates Filtered in 00mn 03s

—\ Scan Additionnel (O88)
Database Version : v2.12362 – (29/05/2013)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0

~ Additionnel Scan: 147036 Items scanned in 00mn 55s

—\ Product Upgrade Codes (O90)
O90 – PUC: “8E0A474D12440C34EBE84F459FE1E2A2” . (.Race Driver 2.) — C:WindowsInstaller{D474A0E8-4421-43C0-BE8E-F454F91E2E2A}ARPPRODUCTICON.exe
~ Update Products: 47 Legitimates Filtered in 00mn 00s

—\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR – | Auto 06/06/2011 64952 | (AdobeARMservice) . (.Adobe Systems Incorporated.) – C:Program FilesCommon FilesAdobeARM1.0armsvc.exe
SS – | Demand 20/05/2013 256904 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) – C:Windowssystem32MacromedFlashFlashPlayerUpdateService.exe
SR – | Auto 09/05/2013 46808 | (avast! Antivirus) . (.AVAST Software.) – C:Program FilesAVAST SoftwareAvastAvastSvc.exe
SS – | Auto 19/10/2011 136176 | (gupdate) . (.Google Inc..) – C:Program FilesGoogleUpdateGoogleUpdate.exe
SS – | Demand 19/10/2011 136176 | (gupdatem) . (.Google Inc..) – C:Program FilesGoogleUpdateGoogleUpdate.exe
SS – | Demand 26/08/2012 194032 | (gusvc) . (.Google.) – C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
SR – | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) – C:Program FilesMalwarebytes' Anti-Malwarembamscheduler.exe
SR – | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) – C:Program FilesMalwarebytes' Anti-Malwarembamservice.exe
SS – | Demand 21/05/2013 117144 | (MozillaMaintenance) . (.Mozilla Foundation.) – C:Program FilesMozilla Maintenance Servicemaintenanceservice.exe
SR – | Auto 14/07/2009 20992 | C:Program FilesWindows Defendermpsvc.dll (WinDefend) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
SR – | Auto 14/07/2009 20992 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
~ Services: Scanned in 00mn 01s

—\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net” onclick=”window.open(this.href);return false;
~ MBR: 1 Legitimates Filtered in 00mn 02s

~ 1088 Legitimates filtered by white list
End of the scan (394 lines in 06mn 05s)(0)[/spoiler:35ldtr3f]